5 files changed, 28 insertions, 17 deletions

diff --git a/cloudinit/config/cc_phone_home.py b/cloudinit/config/cc_phone_home.py
index 90834080..5a4332ef 100644
--- a/cloudinit/config/cc_phone_home.py
+++ b/cloudinit/config/cc_phone_home.py
@@ -112,7 +112,8 @@ def handle(name, cfg, cloud, log, args):
     url = templater.render_string(url, url_params)
     try:
         util.read_file_or_url(url, data=real_submit_keys,
-                              retries=tries, sec_between=3)
+                              retries=tries, sec_between=3,
+                              ssl_details=util.fetch_ssl_details(cloud.paths))
     except:
         util.logexc(log, ("Failed to post phone home data to"
                           " %s in %s tries"), url, tries)
diff --git a/cloudinit/ec2_utils.py b/cloudinit/ec2_utils.py
index c422eea9..026ee178 100644
--- a/cloudinit/ec2_utils.py
+++ b/cloudinit/ec2_utils.py
@@ -38,11 +38,16 @@ def combine_url(base, add_on):
 
 
 # See: http://bit.ly/TyoUQs
+#
+# Since boto metadata reader uses the old urllib which does not
+# support ssl, we need to ahead and create our own reader which
+# works the same as the boto one (for now).
 class MetadataMaterializer(object):
-    def __init__(self, blob, base_url):
+    def __init__(self, blob, base_url, ssl_details):
         self._blob = blob
         self._md = None
         self._base_url = base_url
+        self._ssl_details = ssl_details
 
     def _parse(self, blob):
         leaves = {}
@@ -89,7 +94,7 @@ class MetadataMaterializer(object):
         return self._md
 
     def _fetch_url(self, url):
-        response = util.read_file_or_url(url)
+        response = util.read_file_or_url(url, ssl_details=self._ssl_details)
         return str(response)
 
     def _decode_leaf_blob(self, blob):
@@ -134,19 +139,19 @@ def get_instance_userdata(url, version='latest', ssl_details=None):
     ud_url = combine_url(url, version)
     ud_url = combine_url(ud_url, 'user-data')
     try:
-        response = util.read_file_or_url(ud_url)
+        response = util.read_file_or_url(ud_url, ssl_details=ssl_details)
         return str(response)
     except Exception:
         util.logexc(LOG, "Failed fetching userdata from url %s", ud_url)
         return None
 
 
-def get_instance_metadata(url, version='latest'):
+def get_instance_metadata(url, version='latest', ssl_details=None):
     md_url = combine_url(url, version)
     md_url = combine_url(md_url, 'meta-data')
     try:
-        response = util.read_file_or_url(md_url)
-        materializer = MetadataMaterializer(str(response), md_url)
+        response = util.read_file_or_url(md_url, ssl_details=ssl_details)
+        materializer = MetadataMaterializer(str(response), md_url, ssl_details)
         return materializer.materialize()
     except Exception:
         util.logexc(LOG, "Failed fetching metadata from url %s", md_url)
diff --git a/cloudinit/sources/DataSourceEc2.py b/cloudinit/sources/DataSourceEc2.py
index 47f677d4..eee4e6bc 100644
--- a/cloudinit/sources/DataSourceEc2.py
+++ b/cloudinit/sources/DataSourceEc2.py
@@ -64,8 +64,10 @@ class DataSourceEc2(sources.DataSource):
             if not self.wait_for_metadata_service():
                 return False
             start_time = time.time()
-            self.userdata_raw = ec2_utils.get_instance_userdata(self.metadata_address, self.api_ver)
-            self.metadata = ec2_utils.get_instance_metadata(self.metadata_address, self.api_ver)
+            self.userdata_raw = ec2_utils.get_instance_userdata(self.metadata_address, self.api_ver,
+                                                                ssl_details=util.fetch_ssl_details(self.paths))
+            self.metadata = ec2_utils.get_instance_metadata(self.metadata_address, self.api_ver,
+                                                            ssl_details=util.fetch_ssl_details(self.paths))
             LOG.debug("Crawl of metadata service took %s seconds",
                        int(time.time() - start_time))
             return True
diff --git a/cloudinit/sources/DataSourceMAAS.py b/cloudinit/sources/DataSourceMAAS.py
index 2de31305..dc048943 100644
--- a/cloudinit/sources/DataSourceMAAS.py
+++ b/cloudinit/sources/DataSourceMAAS.py
@@ -81,7 +81,8 @@ class DataSourceMAAS(sources.DataSource):
             self.base_url = url
 
             (userdata, metadata) = read_maas_seed_url(self.base_url,
-                                                      self.md_headers)
+                                                      self.md_headers,
+                                                      paths=self.paths)
             self.userdata_raw = userdata
             self.metadata = metadata
             return True
@@ -141,7 +142,7 @@ class DataSourceMAAS(sources.DataSource):
             LOG.debug("Using metadata source: '%s'", url)
         else:
             LOG.critical("Giving up on md from %s after %i seconds",
-                            urls, int(time.time() - starttime))
+                         urls, int(time.time() - starttime))
 
         return bool(url)
 
@@ -190,7 +191,7 @@ def read_maas_seed_dir(seed_d):
 
 
 def read_maas_seed_url(seed_url, header_cb=None, timeout=None,
-    version=MD_VERSION):
+                       version=MD_VERSION, paths=None):
     """
     Read the maas datasource at seed_url.
       - header_cb is a method that should return a headers dictionary for
@@ -222,12 +223,13 @@ def read_maas_seed_url(seed_url, header_cb=None, timeout=None,
         else:
             headers = {}
         try:
-            resp = util.read_file_or_url(url, headers=headers, timeout=timeout)
+            resp = util.read_file_or_url(url, headers=headers, timeout=timeout,
+                                         ssl_details=util.fetch_ssl_details(paths))
             if resp.ok:
                 md[name] = str(resp)
             else:
                 LOG.warn(("Fetching from %s resulted in"
-                          " an invalid http code %s"), url, resp.status_code)
+                          " an invalid http code %s"), url, resp.code)
         except url_helper.UrlError as e:
             if e.code != 404:
                 raise
@@ -372,7 +374,8 @@ if __name__ == "__main__":
         if args.subcmd == "check-seed":
             if args.url.startswith("http"):
                 (userdata, metadata) = read_maas_seed_url(args.url,
-                    header_cb=my_headers, version=args.apiver)
+                                                          header_cb=my_headers,
+                                                          version=args.apiver)
             else:
                 (userdata, metadata) = read_maas_seed_url(args.url)
             print "=== userdata ==="
diff --git a/cloudinit/util.py b/cloudinit/util.py
index da2cdeda..307ed613 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -673,7 +673,7 @@ def fetch_ssl_details(paths=None):
 
 
 def read_file_or_url(url, timeout=5, retries=10,
-                     headers=None, data=None, sec_between=1, paths=None):
+                     headers=None, data=None, sec_between=1, ssl_details=None):
     if url.startswith("/"):
         url = "file://%s" % url
     if url.lower().startswith("file://"):
@@ -686,7 +686,7 @@ def read_file_or_url(url, timeout=5, retries=10,
                                   headers=headers,
                                   data=data,
                                   sec_between=sec_between,
-                                  ssl_details=fetch_ssl_details(paths))
+                                  ssl_details=ssl_details)
 
 
 def load_yaml(blob, default=None, allowed=(dict,)):