diff options
author | Gonéri Le Bouder <goneri@lebouder.net> | 2019-06-12 13:02:18 -0400 |
---|---|---|
committer | Gonéri Le Bouder <goneri@lebouder.net> | 2019-06-12 13:02:18 -0400 |
commit | 747a81450700a7e508690a9ce9b57416c4857102 (patch) | |
tree | be3064dcf99773243000a6541f98ee858924660a | |
parent | 165b334b5f7e75a31a1b79242d72416ac3fc7879 (diff) | |
download | ansible-i42221.tar.gz |
vmware: fix sanity checki42221
-rw-r--r-- | lib/ansible/modules/cloud/vmware/vmware_host.py | 54 | ||||
-rw-r--r-- | lib/ansible/plugins/doc_fragments/vmware.py | 22 |
2 files changed, 38 insertions, 38 deletions
diff --git a/lib/ansible/modules/cloud/vmware/vmware_host.py b/lib/ansible/modules/cloud/vmware/vmware_host.py index def683ebbb..ede86fb598 100644 --- a/lib/ansible/modules/cloud/vmware/vmware_host.py +++ b/lib/ansible/modules/cloud/vmware/vmware_host.py @@ -497,36 +497,36 @@ class VMwareHost(PyVmomi): """ # Get the thumbprint of the SSL certificate if self.fetch_ssl_thumbprint and self.esxi_ssl_thumbprint == '': - sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - sock.settimeout(1) - if self.module.params['proxy_host']: - sock.connect(( - self.module.params['proxy_host'], - self.module.params['proxy_port'])) - sock.send("CONNECT %s:443 HTTP/1.0\r\n\r\n" % (self.esxi_hostname)) - buf = sock.recv(8192) - if buf.split()[1] != '200': - self.module.fail_json(msg="Failed to connect to the proxy") - ctx = ssl.create_default_context() - ctx.check_hostname = False - ctx.verify_mode = ssl.CERT_NONE - der_cert_bin = ctx.wrap_socket(sock, server_hostname = self.esxi_hostname).getpeercert(True) - sock.close() - else: - wrapped_socket = ssl.wrap_socket(sock) - try: - wrapped_socket.connect((self.esxi_hostname, 443)) - except socket.error as socket_error: - self.module.fail_json(msg="Cannot connect to host : %s" % socket_error) - else: - der_cert_bin = wrapped_socket.getpeercert(True) - wrapped_socket.close() - - thumb_sha1 = self.format_number(hashlib.sha1(der_cert_bin).hexdigest()) + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + sock.settimeout(1) + if self.module.params['proxy_host']: + sock.connect(( + self.module.params['proxy_host'], + self.module.params['proxy_port'])) + sock.send("CONNECT %s:443 HTTP/1.0\r\n\r\n" % (self.esxi_hostname)) + buf = sock.recv(8192) + if buf.split()[1] != '200': + self.module.fail_json(msg="Failed to connect to the proxy") + ctx = ssl.create_default_context() + ctx.check_hostname = False + ctx.verify_mode = ssl.CERT_NONE + der_cert_bin = ctx.wrap_socket(sock, server_hostname = self.esxi_hostname).getpeercert(True) + sock.close() + else: + wrapped_socket = ssl.wrap_socket(sock) + try: + wrapped_socket.connect((self.esxi_hostname, 443)) + except socket.error as socket_error: + self.module.fail_json(msg="Cannot connect to host : %s" % socket_error) + else: + der_cert_bin = wrapped_socket.getpeercert(True) + wrapped_socket.close() + + thumb_sha1 = self.format_number(hashlib.sha1(der_cert_bin).hexdigest()) # thumb_md5 = hashlib.md5(der_cert_bin).hexdigest() # thumb_sha256 = hashlib.sha256(der_cert_bin).hexdigest() - sslThumbprint = thumb_sha1 + sslThumbprint = thumb_sha1 else: sslThumbprint = self.esxi_ssl_thumbprint diff --git a/lib/ansible/plugins/doc_fragments/vmware.py b/lib/ansible/plugins/doc_fragments/vmware.py index c7693fb1a7..f77750238b 100644 --- a/lib/ansible/plugins/doc_fragments/vmware.py +++ b/lib/ansible/plugins/doc_fragments/vmware.py @@ -102,20 +102,20 @@ options: type: int default: 443 version_added: '2.5' - http_proxy: + proxy_host: description: - - Address of a proxy that will receive all HTTP requests and relay them. - - The format is a URL including a port number. For example, http://10.0.0.1:9090. - - If the value is not specified in the task, the value of environment variable C(http_proxy) will be used instead. + - Address of a proxy that will receive all HTTPS requests and relay them. + - The format is a hostname or a IP. + - If the value is not specified in the task, the value of environment variable C(VMWARE_PROXY_HOST) will be used instead. type: str - version_added: '2.8' + version_added: '2.9' required: False - https_proxy: + proxy_port: description: - - Address of a proxy that will receive all HTTPS requests and relay them. - - The format is a URL including a port number. For example, https://10.0.0.1:8443. - - If the value is not specified in the task, the value of environment variable C(https_proxy) will be used instead. - type: str - version_added: '2.8' + - Port of the HTTP proxy that will receive all HTTPS requests and relay them. + - If the value is not specified in the task, the value of environment variable C(VMWARE_PROXY_PORT) will be used instead. + type: int + default: 443 + version_added: '2.9' required: False ''' |