You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "David Adrian (JIRA)" <ji...@apache.org> on 2018/05/04 14:27:00 UTC
[jira] [Created] (AIRFLOW-2421) HTTPHook and SimpleHTTPOperator do
not verify certificates by default
David Adrian created AIRFLOW-2421:
-------------------------------------
Summary: HTTPHook and SimpleHTTPOperator do not verify certificates by default
Key: AIRFLOW-2421
URL: https://issues.apache.org/jira/browse/AIRFLOW-2421
Project: Apache Airflow
Issue Type: Bug
Components: hooks
Affects Versions: Airflow 1.8
Reporter: David Adrian
To verify HTTPS certificates when using anything built with an HTTP hook, you have to explicitly pass the undocumented {{extra_options = \{"verify": True} }}. The offending line is at https://github.com/apache/incubator-airflow/blob/master/airflow/hooks/http_hook.py#L103.
{code}
response = session.send(
<snip>
verify=extra_options.get("verify", False),
<snip>
)
{code}
Not only is this the opposite default of what is expected, the necessary requirements to verify certificates (e.g certifi), are already installed as part of Airflow. I haven't dug through all of the code yet, but I'm concerned that any other connections, operators or hooks built using HTTP hook don't pass this option in.
Instead, the HTTP hook should default to {{verify=True}}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)