diff options
author | Edwin Hermans <edwin@madtech.cx> | 2020-08-17 12:21:15 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-08-17 12:21:15 -0400 |
commit | eb8b3a8479ec82ad622f86ac46f3e9cc083952b8 (patch) | |
tree | b5d7529af857c500d9855429a8a94b90264eda5a /lib/ansible/modules/get_url.py | |
parent | a1a50bb3cd0c2d6f2f4cb260a43553c23e806d8a (diff) | |
download | ansible-eb8b3a8479ec82ad622f86ac46f3e9cc083952b8.tar.gz |
get_url - Allow checksum file to be local file:// url (#71205)
This would be a partial solution for #69364 in that the SHASUMS file can be downloaded and gpg verified but then used from the downloaded location to verify the get_url's file.
* Make checksum url parsing more explicit
Use urlsplit to test if the checksum string has a (currently tested and) supported url scheme.
* Fix whitespace
* Changelog fragment
* Added tests
* Fix typo in test setup
Diffstat (limited to 'lib/ansible/modules/get_url.py')
-rw-r--r-- | lib/ansible/modules/get_url.py | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/ansible/modules/get_url.py b/lib/ansible/modules/get_url.py index c5f3411d35..b031a43b55 100644 --- a/lib/ansible/modules/get_url.py +++ b/lib/ansible/modules/get_url.py @@ -416,6 +416,14 @@ def extract_filename_from_headers(headers): return res +def is_url(checksum): + """ + Returns True if checksum value has supported URL scheme, else False.""" + supported_schemes = ('http', 'https', 'ftp', 'file') + + return urlsplit(checksum).scheme in supported_schemes + + # ============================================================== # main @@ -487,7 +495,7 @@ def main(): except ValueError: module.fail_json(msg="The checksum parameter has to be in format <algorithm>:<checksum>", **result) - if checksum.startswith('http://') or checksum.startswith('https://') or checksum.startswith('ftp://'): + if is_url(checksum): checksum_url = checksum # download checksum file to checksum_tmpsrc checksum_tmpsrc, checksum_info = url_get(module, checksum_url, dest, use_proxy, last_mod_time, force, timeout, headers, tmp_dest) |