mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Default fetch_url to use TLSv1 instead of SSLv2/3
This commit is contained in:
parent
90a42bb15a
commit
7fbdbcdec7
1 changed files with 20 additions and 0 deletions
|
@ -50,6 +50,7 @@ try:
|
|||
except:
|
||||
HAS_SSL=False
|
||||
|
||||
import httplib
|
||||
import os
|
||||
import re
|
||||
import socket
|
||||
|
@ -79,6 +80,23 @@ zKPZsZ2miVGclicJHzm5q080b1p/sZtuKIEZk6vZqEg=
|
|||
-----END CERTIFICATE-----
|
||||
"""
|
||||
|
||||
class CustomHTTPSConnection(httplib.HTTPSConnection):
|
||||
def connect(self):
|
||||
"Connect to a host on a given (SSL) port."
|
||||
|
||||
sock = socket.create_connection((self.host, self.port), self.timeout, self.source_address)
|
||||
if self._tunnel_host:
|
||||
self.sock = sock
|
||||
self._tunnel()
|
||||
self.sock = ssl.wrap_socket(sock, keyfile=self.key_file, certfile=self.cert_file, ssl_version=ssl.PROTOCOL_TLSv1)
|
||||
|
||||
class CustomHTTPSHandler(urllib2.HTTPSHandler):
|
||||
|
||||
def https_open(self, req):
|
||||
return self.do_open(CustomHTTPSConnection, req)
|
||||
|
||||
https_request = urllib2.AbstractHTTPHandler.do_request_
|
||||
|
||||
def generic_urlparse(parts):
|
||||
'''
|
||||
Returns a dictionary of url parts as parsed by urlparse,
|
||||
|
@ -373,6 +391,8 @@ def fetch_url(module, url, data=None, headers=None, method=None,
|
|||
proxyhandler = urllib2.ProxyHandler({})
|
||||
handlers.append(proxyhandler)
|
||||
|
||||
handlers.append(CustomHTTPSHandler)
|
||||
|
||||
opener = urllib2.build_opener(*handlers)
|
||||
urllib2.install_opener(opener)
|
||||
|
||||
|
|
Loading…
Reference in a new issue