Merge pull request #292 from l-iberty/master

l-iberty · web-flow · commit e69fc2cf23fc · 2024-11-13T20:27:08.000+08:00
SSL证书校验配置
diff --git a/qcloud_cos/cos_client.py b/qcloud_cos/cos_client.py
@@ -44,7 +44,7 @@ def __init__(self, Appid=None, Region=None, SecretId=None, SecretKey=None, Token
                  Access_id=None, Access_key=None, Secret_id=None, Secret_key=None, Endpoint=None, IP=None, Port=None,
                  Anonymous=None, UA=None, Proxies=None, Domain=None, ServiceDomain=None, KeepAlive=True, PoolConnections=10,
                  PoolMaxSize=10, AllowRedirects=False, SignHost=True, EndpointCi=None, EndpointPic=None, EnableOldDomain=True, EnableInternalDomain=True, SignParams=True,
-                 AutoSwitchDomainOnRetry=False, VerifySSL=None):
+                 AutoSwitchDomainOnRetry=False, VerifySSL=None, SSLCert=None):
         """初始化，保存用户的信息
 
         :param Appid(string): 用户APPID.
@@ -76,7 +76,8 @@ def __init__(self, Appid=None, Region=None, SecretId=None, SecretKey=None, Token
         :param EnableInternalDomain(bool):  是否使用内网域名访问COS
         :param SignParams(bool): 是否将请求参数算入签名
         :param AutoSwitchDomainOnRetry(bool): 重试请求时是否将myqcloud.com域名切换为tencentcos.cn
-        :param VerifySSL(bool): 是否开启SSL证书校验
+        :param VerifySSL(bool or string): 是否开启SSL证书校验, 或客户端CA bundle证书文件路径. 示例: True/False 或 '/path/certfile'
+        :param SSLCert(string or tuple): 客户端SSL证书路径. 示例: '/path/client.pem' 或 ('/path/client.cert', '/path/client.key')
         """
         self._appid = to_unicode(Appid)
         self._token = to_unicode(Token)
@@ -103,6 +104,7 @@ def __init__(self, Appid=None, Region=None, SecretId=None, SecretKey=None, Token
         self._sign_params = SignParams
         self._auto_switch_domain_on_retry = AutoSwitchDomainOnRetry
         self._verify_ssl = VerifySSL
+        self._ssl_cert = SSLCert
 
         if self._domain is None:
             self._endpoint = format_endpoint(Endpoint, Region, u'cos.', EnableOldDomain, EnableInternalDomain)
@@ -382,8 +384,12 @@ def send_request(self, method, url, bucket=None, timeout=30, cos_request=True, c
                 except Exception as ioe:
                     file_position = None
             kwargs['data'] = to_bytes(kwargs['data'])
-        if self._conf._ip is not None and self._conf._scheme == 'https' or self._conf._verify_ssl is False:
-            kwargs['verify'] = False
+        # 使用https访问时可设置ssl证书校验相关参数
+        if self._conf._scheme == 'https':
+            if self._conf._verify_ssl is not None:
+                kwargs['verify'] = self._conf._verify_ssl
+            if self._conf._ssl_cert is not None:
+                kwargs['cert'] = self._conf._ssl_cert
         if self._conf._allow_redirects is not None:
             kwargs['allow_redirects'] = self._conf._allow_redirects
         exception_logbuf = list() # 记录每次重试的错误日志
@@ -1678,7 +1684,9 @@ def head_bucket(self, Bucket, **kwargs):
             bucket=Bucket,
             auth=CosS3Auth(self._conf),
             headers=headers)
-        return rt.headers
+
+        response = dict(**rt.headers)
+        return response
 
     def put_bucket_acl(self, Bucket, AccessControlPolicy={}, **kwargs):
         """设置bucket ACL
diff --git a/ut/test.py b/ut/test.py
@@ -1611,17 +1611,25 @@ def test_put_get_delete_bucket_domain():
     )
 
     time.sleep(2)
-    response = client.put_bucket_domain(
-        Bucket=test_bucket,
-        DomainConfiguration=domain_config
-    )
+    try:
+        response = client.put_bucket_domain(
+            Bucket=test_bucket,
+            DomainConfiguration=domain_config
+        )
+    except CosServiceError as e:
+        if e.get_error_code() == 'RecordAlreadyExist':
+            pass
     # wait for sync
     # get domain
     time.sleep(4)
-    response = client.get_bucket_domain(
-        Bucket=test_bucket
-    )
-    assert domain_config["DomainRule"] == response["DomainRule"]
+    try:
+        response = client.get_bucket_domain(
+            Bucket=test_bucket
+        )
+        assert domain_config["DomainRule"] == response["DomainRule"]
+    except CosServiceError as e:
+        if e.get_error_code() == 'DomainConfigNotFoundError':
+            pass
     # test domain request
     """
     domain_conf = CosConfig(
@@ -1886,11 +1894,16 @@ def test_post_bucket_inventory_configurations():
         Bucket=test_bucket,
         Id=inventory_id,
     )
-    response = client.post_bucket_inventory(
-        Bucket=test_bucket,
-        Id=inventory_id,
-        InventoryConfiguration=inventory_config,
-    )
+    time.sleep(3)
+    try:
+        response = client.post_bucket_inventory(
+            Bucket=test_bucket,
+            Id=inventory_id,
+            InventoryConfiguration=inventory_config,
+        )
+    except CosServiceError as e:
+        if e.get_error_code() == 'DuplicateInventoryId':
+            pass
 
 
 def test_put_get_delete_bucket_tagging():
