1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Don't pass context to urlopen, instead add it to the handlers. Fixes https://github.com/ansible/ansible-modules-core/issues/3437

This commit is contained in:
Matt Martz 2016-04-15 16:10:54 -05:00
parent 7062e086d4
commit a985bf6a31
2 changed files with 10 additions and 10 deletions

View file

@ -778,6 +778,15 @@ def open_url(url, data=None, headers=None, method=None, use_proxy=True,
proxyhandler = urllib2.ProxyHandler({})
handlers.append(proxyhandler)
if HAS_SSLCONTEXT and not validate_certs:
# In 2.7.9, the default context validates certificates
context = SSLContext(ssl.PROTOCOL_SSLv23)
context.options |= ssl.OP_NO_SSLv2
context.options |= ssl.OP_NO_SSLv3
context.verify_mode = ssl.CERT_NONE
context.check_hostname = False
handlers.append(urllib2.HTTPSHandler(context=context))
# pre-2.6 versions of python cannot use the custom https
# handler, since the socket class is lacking create_connection.
# Some python builds lack HTTPS support.
@ -821,15 +830,6 @@ def open_url(url, data=None, headers=None, method=None, use_proxy=True,
# have a timeout parameter
urlopen_args.append(timeout)
if HAS_SSLCONTEXT and not validate_certs:
# In 2.7.9, the default context validates certificates
context = SSLContext(ssl.PROTOCOL_SSLv23)
context.options |= ssl.OP_NO_SSLv2
context.options |= ssl.OP_NO_SSLv3
context.verify_mode = ssl.CERT_NONE
context.check_hostname = False
urlopen_args += (None, None, None, context)
r = urllib2.urlopen(*urlopen_args)
return r

View file

@ -122,7 +122,7 @@
state: absent
- name: test https fetch to a site with mismatched hostname and certificate and validate_certs=no
get_url:
uri:
url: "https://www.kennethreitz.org/"
dest: "{{ output_dir }}/kreitz.html"
validate_certs: no