)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"30c9732b7dd5cf5b4add571dc62367d8e1101569","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"9a399b5f_e7e3219a","updated":"2024-06-28 00:28:02.000000000","message":"Thanks for looking at this! Good call, though FWIW the `ssl.wrap_socket` we\u0027re using is actually coming from eventlet. Once or twice I saw some errors like\n```\nTraceback (most recent call last):\n  File \"/usr/local/bin/swift-proxy-server\", line 7, in \u003cmodule\u003e\n    exec(compile(f.read(), __file__, \u0027exec\u0027))\n  File \"/vagrant/swift/bin/swift-proxy-server\", line 23, in \u003cmodule\u003e\n    sys.exit(run_wsgi(conf_file, \u0027proxy-server\u0027, **options))\n             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n  File \"/vagrant/swift/swift/common/wsgi.py\", line 914, in run_wsgi\n    for sock, sock_info in strategy.new_worker_socks():\n  File \"/vagrant/swift/swift/common/wsgi.py\", line 599, in new_worker_socks\n    yield get_socket(self.conf), None\n          ^^^^^^^^^^^^^^^^^^^^^\n  File \"/vagrant/swift/swift/common/wsgi.py\", line 202, in get_socket\n    context.verify_mode \u003d ssl.CERT_NONE\n    ^^^^^^^^^^^^^^^^^^^\n  File \"/usr/local/lib/python3.12/dist-packages/eventlet/green/ssl.py\", line 456, in verify_mode\n    super(_original_sslcontext, _original_sslcontext).verify_mode.__set__(self, value)\nValueError: Cannot set verify_mode to CERT_NONE when check_hostname is enabled.\n```\nwhen I was restarting processes, but I can\u0027t seem to reproduce them now... maybe it was to do with some odd/missing args?","commit_id":"ef5201ce522b4250433671ec33c8bd7d01dc7f36"},{"author":{"_account_id":597,"name":"Pete Zaitcev","email":"zaitcev@kotori.zaitcev.us","username":"zaitcev"},"change_message_id":"388988280e27ffb051e3c26b8dcb9aabca42d59e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"81e20efe_e45a856f","updated":"2024-06-28 17:23:11.000000000","message":"Oops, I screwed up. I assumed that PROTOCOL_TLS_SERVER worked in py27 too. Maybe it\u0027s better if I don\u0027t try to land this.","commit_id":"64086c30915349b1b6440aa2de36f753bbb0741c"}],"swift/common/wsgi.py":[{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"30c9732b7dd5cf5b4add571dc62367d8e1101569","unresolved":true,"context_lines":[{"line_number":198,"context_line":"            sock \u003d listen(bind_addr, backlog\u003dint(conf.get(\u0027backlog\u0027, 4096)),"},{"line_number":199,"context_line":"                          family\u003daddress_family)"},{"line_number":200,"context_line":"            if \u0027cert_file\u0027 in conf:"},{"line_number":201,"context_line":"                context \u003d ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)"},{"line_number":202,"context_line":"                context.verify_mode \u003d ssl.CERT_NONE"},{"line_number":203,"context_line":"                context.load_cert_chain(conf[\u0027cert_file\u0027], conf[\u0027key_file\u0027])"},{"line_number":204,"context_line":"                warn_ssl \u003d True"}],"source_content_type":"text/x-python","patch_set":1,"id":"c9bfaff7_22247fee","line":201,"range":{"start_line":201,"start_character":45,"end_line":201,"end_character":64},"updated":"2024-06-28 00:28:02.000000000","message":"Not `PROTOCOL_TLS_SERVER`? It\u0027s a listen socket...","commit_id":"ef5201ce522b4250433671ec33c8bd7d01dc7f36"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"53fd2ac8225dca87db5f37152d37bb9f4c03c002","unresolved":false,"context_lines":[{"line_number":198,"context_line":"            sock \u003d listen(bind_addr, backlog\u003dint(conf.get(\u0027backlog\u0027, 4096)),"},{"line_number":199,"context_line":"                          family\u003daddress_family)"},{"line_number":200,"context_line":"            if \u0027cert_file\u0027 in conf:"},{"line_number":201,"context_line":"                context \u003d ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)"},{"line_number":202,"context_line":"                context.verify_mode \u003d ssl.CERT_NONE"},{"line_number":203,"context_line":"                context.load_cert_chain(conf[\u0027cert_file\u0027], conf[\u0027key_file\u0027])"},{"line_number":204,"context_line":"                warn_ssl \u003d True"}],"source_content_type":"text/x-python","patch_set":1,"id":"2e0fc809_8368184a","line":201,"range":{"start_line":201,"start_character":45,"end_line":201,"end_character":64},"in_reply_to":"c9bfaff7_22247fee","updated":"2024-06-28 16:27:26.000000000","message":"I think what I did should satisfy the (sadly still limping along) py2 job.","commit_id":"ef5201ce522b4250433671ec33c8bd7d01dc7f36"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"30c9732b7dd5cf5b4add571dc62367d8e1101569","unresolved":true,"context_lines":[{"line_number":202,"context_line":"                context.verify_mode \u003d ssl.CERT_NONE"},{"line_number":203,"context_line":"                context.load_cert_chain(conf[\u0027cert_file\u0027], conf[\u0027key_file\u0027])"},{"line_number":204,"context_line":"                warn_ssl \u003d True"},{"line_number":205,"context_line":"                sock \u003d context.wrap_socket(sock)"},{"line_number":206,"context_line":"        except socket.error as err:"},{"line_number":207,"context_line":"            if err.args[0] !\u003d errno.EADDRINUSE:"},{"line_number":208,"context_line":"                raise"}],"source_content_type":"text/x-python","patch_set":1,"id":"9cf225e4_347a0c6c","line":205,"updated":"2024-06-28 00:28:02.000000000","message":"Should we pass `server_side\u003dTrue` here?","commit_id":"ef5201ce522b4250433671ec33c8bd7d01dc7f36"},{"author":{"_account_id":15343,"name":"Tim Burke","email":"tburke@nvidia.com","username":"tburke"},"change_message_id":"53fd2ac8225dca87db5f37152d37bb9f4c03c002","unresolved":false,"context_lines":[{"line_number":202,"context_line":"                context.verify_mode \u003d ssl.CERT_NONE"},{"line_number":203,"context_line":"                context.load_cert_chain(conf[\u0027cert_file\u0027], conf[\u0027key_file\u0027])"},{"line_number":204,"context_line":"                warn_ssl \u003d True"},{"line_number":205,"context_line":"                sock \u003d context.wrap_socket(sock)"},{"line_number":206,"context_line":"        except socket.error as err:"},{"line_number":207,"context_line":"            if err.args[0] !\u003d errno.EADDRINUSE:"},{"line_number":208,"context_line":"                raise"}],"source_content_type":"text/x-python","patch_set":1,"id":"c3662ca7_56b5c15e","line":205,"in_reply_to":"9cf225e4_347a0c6c","updated":"2024-06-28 16:27:26.000000000","message":"Might not matter much, since they [always include it as part of `accept()`](https://github.com/python/cpython/blob/v3.12.4/Lib/ssl.py#L1369), but figured it couldn\u0027t hurt.","commit_id":"ef5201ce522b4250433671ec33c8bd7d01dc7f36"}]}