1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Default fetch_url to use TLSv1 instead of SSLv2/3

This commit is contained in:
James Cammarata 2014-08-28 08:20:11 -05:00
parent 90a42bb15a
commit 7fbdbcdec7

View file

@ -50,6 +50,7 @@ try:
except:
HAS_SSL=False
import httplib
import os
import re
import socket
@ -79,6 +80,23 @@ zKPZsZ2miVGclicJHzm5q080b1p/sZtuKIEZk6vZqEg=
-----END CERTIFICATE-----
"""
class CustomHTTPSConnection(httplib.HTTPSConnection):
def connect(self):
"Connect to a host on a given (SSL) port."
sock = socket.create_connection((self.host, self.port), self.timeout, self.source_address)
if self._tunnel_host:
self.sock = sock
self._tunnel()
self.sock = ssl.wrap_socket(sock, keyfile=self.key_file, certfile=self.cert_file, ssl_version=ssl.PROTOCOL_TLSv1)
class CustomHTTPSHandler(urllib2.HTTPSHandler):
def https_open(self, req):
return self.do_open(CustomHTTPSConnection, req)
https_request = urllib2.AbstractHTTPHandler.do_request_
def generic_urlparse(parts):
'''
Returns a dictionary of url parts as parsed by urlparse,
@ -373,6 +391,8 @@ def fetch_url(module, url, data=None, headers=None, method=None,
proxyhandler = urllib2.ProxyHandler({})
handlers.append(proxyhandler)
handlers.append(CustomHTTPSHandler)
opener = urllib2.build_opener(*handlers)
urllib2.install_opener(opener)