)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"ffef73a44eba3ffea74fe068bb811c64fbd5e65b","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"4fa1d144_c5c56d5c","updated":"2024-07-09 17:25:22.000000000","message":"recheck timeout timing increased now","commit_id":"1c5974f44ad66e6eeda1ef421cf328867a284a0a"}],"glance/common/client.py":[{"author":{"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},"change_message_id":"22fefb2df9b3faeb5e6a2e0937e295d5e10b5a0d","unresolved":true,"context_lines":[{"line_number":118,"context_line":"        if self._tunnel_host:"},{"line_number":119,"context_line":"            self.sock \u003d sock"},{"line_number":120,"context_line":"            self._tunnel()"},{"line_number":121,"context_line":"        context \u003d ssl.SSLContext(ssl.PROTOCOL_TLS)"},{"line_number":122,"context_line":"        context.load_cert_chain(self.cert_file, self.key_file)"},{"line_number":123,"context_line":"        # Check CA file unless \u0027insecure\u0027 is specified"},{"line_number":124,"context_line":"        if self.insecure is True:"}],"source_content_type":"text/x-python","patch_set":1,"id":"b5320c18_c122eeab","line":121,"range":{"start_line":121,"start_character":37,"end_line":121,"end_character":49},"updated":"2024-06-27 16:00:52.000000000","message":"So ideally I would be using PROTOCOL_TLS_CLIENT here, since PROTOCOL_TLS has also been deprecated (though not removed yet)[1]. My issue with that is that by default it uses CERT_REQUIRED, which we could overwrite, but this makes me think we are not exactly meant to do that. Does anyone with a better understanding of SSL have any thought about this?\n\nAlso, this code path is untested. Do we ever use it these days?\n\n\n[1] https://docs.python.org/3.11/library/ssl.html#ssl.PROTOCOL_TLS_CLIENT","commit_id":"1c5974f44ad66e6eeda1ef421cf328867a284a0a"},{"author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"change_message_id":"84ed321719b8b359af91ba845d8faae078b4920e","unresolved":true,"context_lines":[{"line_number":118,"context_line":"        if self._tunnel_host:"},{"line_number":119,"context_line":"            self.sock \u003d sock"},{"line_number":120,"context_line":"            self._tunnel()"},{"line_number":121,"context_line":"        context \u003d ssl.SSLContext(ssl.PROTOCOL_TLS)"},{"line_number":122,"context_line":"        context.load_cert_chain(self.cert_file, self.key_file)"},{"line_number":123,"context_line":"        # Check CA file unless \u0027insecure\u0027 is specified"},{"line_number":124,"context_line":"        if self.insecure is True:"}],"source_content_type":"text/x-python","patch_set":1,"id":"f4a00c9b_765752f2","line":121,"range":{"start_line":121,"start_character":37,"end_line":121,"end_character":49},"in_reply_to":"b5320c18_c122eeab","updated":"2024-07-09 17:35:11.000000000","message":"This is used when ssl is enabled to initiate CacheClient which is called from cache_manage.py. I think anyway we have moved cache APIs under /V2/API and deprecated (have we?) cache_manage middleware and will be removed soon.\n\nSo I don\u0027t think this will have any impact/","commit_id":"1c5974f44ad66e6eeda1ef421cf328867a284a0a"}]}