[Kimchi-devel] [PATCH] issue #475: Properly set cert and key variables when starting nginx proxy

Royce Lv lvroyce at linux.vnet.ibm.com
Fri Dec 5 08:38:16 UTC 2014


On 2014年12月05日 02:05, Aline Manera wrote:
> When specifying a custom SSL certificate and key, Kimchi did not start
> up due the error:
I'm wondering the user scenario of this bug, when do we specify a custom 
certificate and key?
AFAK, we used self signed certificate and key, why does a user want to 
specify one?
Shall we just ignore user provided one?
>
> Traceback (most recent call last):
> File "/usr/bin/kimchid", line 95, in sys.exit(main(sys.argv[1:]))
> File "/usr/bin/kimchid", line 92, in main kimchi.server.main(options)
> File "/usr/lib/python2.6/site-packages/kimchi/server.py", line 183, in main
> srv = Server(options)
> File "/usr/lib/python2.6/site-packages/kimchi/server.py", line 62, in init
> start_proxy(options)
> File "/usr/lib/python2.6/site-packages/kimchi/proxy.py", line 89, in start_proxy
> _create_proxy_config(options)
> File "/usr/lib/python2.6/site-packages/kimchi/proxy.py", line 78, in _create_proxy_config
> cert_pem=cert, cert_key=key,
> UnboundLocalError: local variable 'cert' referenced before assignment
>
> Signed-off-by: Aline Manera <alinefm at linux.vnet.ibm.com>
> ---
>   src/kimchi/proxy.py | 6 ++++--
>   1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/src/kimchi/proxy.py b/src/kimchi/proxy.py
> index 9238147..fafa5bc 100644
> --- a/src/kimchi/proxy.py
> +++ b/src/kimchi/proxy.py
> @@ -43,7 +43,6 @@ def _create_proxy_config(options):
>       Arguments:
>       options - OptionParser object with Kimchi config options
>       """
> -
>       # User that will run the worker process of the proxy. Fedora,
>       # RHEL and Suse creates an user called 'nginx' when installing
>       # the proxy. Ubuntu creates an user 'www-data' for it.
> @@ -54,8 +53,11 @@ def _create_proxy_config(options):
>           user_proxy = 'www-data'
>
>       config_dir = paths.conf_dir
> +    cert = options.ssl_cert
> +    key = options.ssl_key
> +
>       # No certificates specified by the user
> -    if not options.ssl_cert or not options.ssl_key:
> +    if not cert or not key:
>           cert = '%s/kimchi-cert.pem' % config_dir
>           key = '%s/kimchi-key.pem' % config_dir
>           # create cert files if they don't exist




More information about the Kimchi-devel mailing list