From 4e013978173564c00a6b88a4f9eed97f361b2af6 Mon Sep 17 00:00:00 2001 From: Andreas Olsson Date: Tue, 18 Jul 2017 09:55:39 +0200 Subject: [PATCH] Add IPv6 support to module_utils.urls TLS validation (#26852) socket.create_connection is a higher-level function, which tries to establish a socket connection using both AF_INET and AF_INET6. It got introduced in Python 2.6, which ought to be fine with Ansible 2.4. Fixes #26740 --- lib/ansible/module_utils/urls.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/lib/ansible/module_utils/urls.py b/lib/ansible/module_utils/urls.py index 9934ba127a..ff5b84e42c 100644 --- a/lib/ansible/module_utils/urls.py +++ b/lib/ansible/module_utils/urls.py @@ -720,11 +720,10 @@ class SSLValidationHandler(urllib_request.BaseHandler): return req try: - s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if https_proxy: proxy_parts = generic_urlparse(urlparse(https_proxy)) port = proxy_parts.get('port') or 443 - s.connect((proxy_parts.get('hostname'), port)) + s = socket.create_connection((proxy_parts.get('hostname'), port)) if proxy_parts.get('scheme') == 'http': s.sendall(self.CONNECT_COMMAND % (self.hostname, self.port)) if proxy_parts.get('username'): @@ -748,7 +747,7 @@ class SSLValidationHandler(urllib_request.BaseHandler): else: raise ProxyError('Unsupported proxy scheme: %s. Currently ansible only supports HTTP proxies.' % proxy_parts.get('scheme')) else: - s.connect((self.hostname, self.port)) + s = socket.create_connection((self.hostname, self.port)) if context: ssl_s = context.wrap_socket(s, server_hostname=self.hostname) elif HAS_URLLIB3_SSL_WRAP_SOCKET: