ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity

Guard creating HTTPSClientAuthHandler behind HTTPS checks (#50523)

Browse source 
* Guard creating HTTPSClientAuthHandler behind HTTPS checks. Fixes #50339

* linting fixup
This commit is contained in:
Matt Martz 2019-01-10 09:41:13 -06:00 committed by GitHub
parent 4790d77a58
commit 8a2d39bcb2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
changelogs/fragments/urls-https-guard.yaml Normal file
View file

@ -0,0 +1,2 @@
bugfixes:
- Guard ``HTTPSClientAuthHandler`` under HTTPS checks, to avoid tracebacks when python is compiled without SSL support (https://github.com/ansible/ansible/issues/50339)

47
lib/ansible/module_utils/urls.py
View file

@ -298,7 +298,9 @@ class NoSSLError(SSLValidationError):
# Some environments (Google Compute Engine's CoreOS deploys) do not compile # Some environments (Google Compute Engine's CoreOS deploys) do not compile
# against openssl and thus do not have any HTTPS support. # against openssl and thus do not have any HTTPS support.
CustomHTTPSConnection = CustomHTTPSHandler = None CustomHTTPSConnection = None
CustomHTTPSHandler = None
HTTPSClientAuthHandler = None
if hasattr(httplib, 'HTTPSConnection') and hasattr(urllib_request, 'HTTPSHandler'): if hasattr(httplib, 'HTTPSConnection') and hasattr(urllib_request, 'HTTPSHandler'):
class CustomHTTPSConnection(httplib.HTTPSConnection): class CustomHTTPSConnection(httplib.HTTPSConnection):
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
@ -342,32 +344,31 @@ if hasattr(httplib, 'HTTPSConnection') and hasattr(urllib_request, 'HTTPSHandler
https_request = AbstractHTTPHandler.do_request_ https_request = AbstractHTTPHandler.do_request_
class HTTPSClientAuthHandler(urllib_request.HTTPSHandler):
'''Handles client authentication via cert/key
class HTTPSClientAuthHandler(urllib_request.HTTPSHandler): This is a fairly lightweight extension on HTTPSHandler, and can be used
'''Handles client authentication via cert/key in place of HTTPSHandler
'''
This is a fairly lightweight extension on HTTPSHandler, and can be used def __init__(self, client_cert=None, client_key=None, **kwargs):
in place of HTTPSHandler urllib_request.HTTPSHandler.__init__(self, **kwargs)
''' self.client_cert = client_cert
self.client_key = client_key
def __init__(self, client_cert=None, client_key=None, **kwargs): def https_open(self, req):
urllib_request.HTTPSHandler.__init__(self, **kwargs) return self.do_open(self._build_https_connection, req)
self.client_cert = client_cert
self.client_key = client_key
def https_open(self, req): def _build_https_connection(self, host, **kwargs):
return self.do_open(self._build_https_connection, req) kwargs.update({
'cert_file': self.client_cert,
def _build_https_connection(self, host, **kwargs): 'key_file': self.client_key,
kwargs.update({ })
'cert_file': self.client_cert, try:
'key_file': self.client_key, kwargs['context'] = self._context
}) except AttributeError:
try: pass
kwargs['context'] = self._context return httplib.HTTPSConnection(host, **kwargs)
except AttributeError:
pass
return httplib.HTTPSConnection(host, **kwargs)
class ParseResultDottedDict(dict): class ParseResultDottedDict(dict):