1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Default fetch_url to use TLSv1 instead of SSLv2/3

This commit is contained in:
James Cammarata 2014-08-28 08:20:11 -05:00
parent 90a42bb15a
commit 7fbdbcdec7

View file

@ -50,6 +50,7 @@ try:
except: except:
HAS_SSL=False HAS_SSL=False
import httplib
import os import os
import re import re
import socket import socket
@ -79,6 +80,23 @@ zKPZsZ2miVGclicJHzm5q080b1p/sZtuKIEZk6vZqEg=
-----END CERTIFICATE----- -----END CERTIFICATE-----
""" """
class CustomHTTPSConnection(httplib.HTTPSConnection):
def connect(self):
"Connect to a host on a given (SSL) port."
sock = socket.create_connection((self.host, self.port), self.timeout, self.source_address)
if self._tunnel_host:
self.sock = sock
self._tunnel()
self.sock = ssl.wrap_socket(sock, keyfile=self.key_file, certfile=self.cert_file, ssl_version=ssl.PROTOCOL_TLSv1)
class CustomHTTPSHandler(urllib2.HTTPSHandler):
def https_open(self, req):
return self.do_open(CustomHTTPSConnection, req)
https_request = urllib2.AbstractHTTPHandler.do_request_
def generic_urlparse(parts): def generic_urlparse(parts):
''' '''
Returns a dictionary of url parts as parsed by urlparse, Returns a dictionary of url parts as parsed by urlparse,
@ -373,6 +391,8 @@ def fetch_url(module, url, data=None, headers=None, method=None,
proxyhandler = urllib2.ProxyHandler({}) proxyhandler = urllib2.ProxyHandler({})
handlers.append(proxyhandler) handlers.append(proxyhandler)
handlers.append(CustomHTTPSHandler)
opener = urllib2.build_opener(*handlers) opener = urllib2.build_opener(*handlers)
urllib2.install_opener(opener) urllib2.install_opener(opener)