mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
[PR #6034/f0529dcb backport][stable-6] lxd plugins and modules: fix TLS/SSL context creation (#6084)
lxd plugins and modules: fix TLS/SSL context creation (#6034)
Use correct purpose.
(cherry picked from commit f0529dcb0e
)
Co-authored-by: Felix Fontein <felix@fontein.de>
This commit is contained in:
parent
54025a2efc
commit
3d8049190c
2 changed files with 3 additions and 1 deletions
2
changelogs/fragments/6034-lxd-tls.yml
Normal file
2
changelogs/fragments/6034-lxd-tls.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
bugfixes:
|
||||||
|
- "lxd_* modules, lxd inventory plugin - fix TLS/SSL certificate validation problems by using the correct purpose when creating the TLS context (https://github.com/ansible-collections/community.general/issues/5616, https://github.com/ansible-collections/community.general/pull/6034)."
|
|
@ -60,7 +60,7 @@ class LXDClient(object):
|
||||||
self.cert_file = cert_file
|
self.cert_file = cert_file
|
||||||
self.key_file = key_file
|
self.key_file = key_file
|
||||||
parts = generic_urlparse(urlparse(self.url))
|
parts = generic_urlparse(urlparse(self.url))
|
||||||
ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
|
ctx = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
|
||||||
ctx.load_cert_chain(cert_file, keyfile=key_file)
|
ctx.load_cert_chain(cert_file, keyfile=key_file)
|
||||||
self.connection = HTTPSConnection(parts.get('netloc'), context=ctx)
|
self.connection = HTTPSConnection(parts.get('netloc'), context=ctx)
|
||||||
elif url.startswith('unix:'):
|
elif url.startswith('unix:'):
|
||||||
|
|
Loading…
Reference in a new issue