diff options
| author | Toshio Kuratomi <toshio@fedoraproject.org> | 2015-05-28 15:02:28 -0700 |
|---|---|---|
| committer | Toshio Kuratomi <toshio@fedoraproject.org> | 2015-05-29 08:50:04 -0700 |
| commit | 02edb2e87774fe3178228b9329af82ce755f6a12 (patch) | |
| tree | ca0dd215e39b1174641d9ee63069db99c59bda90 | |
| parent | 9fd634396b22fb0967a15cb056d3ec153a58029c (diff) | |
| download | ansible-modules-core-02edb2e87774fe3178228b9329af82ce755f6a12.tar.gz | |
Change uri module to validate ssl certs by default
| -rw-r--r-- | network/basics/uri.py | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/network/basics/uri.py b/network/basics/uri.py index 41efe66b..5396a0a5 100644 --- a/network/basics/uri.py +++ b/network/basics/uri.py @@ -132,6 +132,15 @@ options: description: - all arguments accepted by the M(file) module also work here required: false + validate_certs: + description: + - If C(no), SSL certificates will not be validated. This should only + set to C(no) used on personally controlled sites using self-signed + certificates. Prior to 1.9.2 the code defaulted to C(no). + required: false + default: 'yes' + choices: ['yes', 'no'] + version_added: '1.9.2' # informational: requirements for nodes requirements: [ urlparse, httplib2 ] @@ -163,20 +172,21 @@ EXAMPLES = ''' # Login to a form based webpage, then use the returned cookie to # access the app in later tasks + - uri: url: https://your.form.based.auth.examle.com/index.php method: POST body: "name=your_username&password=your_password&enter=Sign%20in" status_code: 302 HEADER_Content-Type: "application/x-www-form-urlencoded" - register: login + register: login - uri: url: https://your.form.based.auth.example.com/dashboard.php method: GET return_content: yes HEADER_Cookie: "{{login.set_cookie}}" - + # Queue build of a project in Jenkins: - uri: url: "http://{{ jenkins.host }}/job/{{ jenkins.job }}/build?token={{ jenkins.token }}" @@ -257,7 +267,7 @@ def url_filename(url): return fn -def uri(module, url, dest, user, password, body, body_format, method, headers, redirects, socket_timeout): +def uri(module, url, dest, user, password, body, body_format, method, headers, redirects, socket_timeout, validate_certs): # To debug #httplib2.debug = 4 @@ -273,7 +283,8 @@ def uri(module, url, dest, user, password, body, body_format, method, headers, r follow_all_redirects = False # Create a Http object and set some default options. - h = httplib2.Http(disable_ssl_certificate_validation=True, timeout=socket_timeout) + disable_validation = not validate_certs + h = httplib2.Http(disable_ssl_certificate_validation=disable_validation, timeout=socket_timeout) h.follow_all_redirects = follow_all_redirects h.follow_redirects = follow_redirects h.forward_authorization_headers = True @@ -360,6 +371,7 @@ def main(): removes = dict(required=False, default=None), status_code = dict(required=False, default=[200], type='list'), timeout = dict(required=False, default=30, type='int'), + validate_certs = dict(required=False, default=False, type='bool'), ), check_invalid_arguments=False, add_file_common_args=True @@ -384,6 +396,7 @@ def main(): removes = module.params['removes'] status_code = [int(x) for x in list(module.params['status_code'])] socket_timeout = module.params['timeout'] + validate_certs = module.params['validate_certs'] dict_headers = {} @@ -425,7 +438,7 @@ def main(): # Make the request - resp, content, dest = uri(module, url, dest, user, password, body, body_format, method, dict_headers, redirects, socket_timeout) + resp, content, dest = uri(module, url, dest, user, password, body, body_format, method, dict_headers, redirects, socket_timeout, validate_certs) resp['status'] = int(resp['status']) # Write the file out if requested |