diff options
| -rw-r--r-- | lib/ansible/module_utils/urls.py | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/lib/ansible/module_utils/urls.py b/lib/ansible/module_utils/urls.py index 92ebf5a0a6..38c2007611 100644 --- a/lib/ansible/module_utils/urls.py +++ b/lib/ansible/module_utils/urls.py @@ -680,10 +680,13 @@ class SSLValidationHandler(urllib_request.BaseHandler): return True def _make_context(self, to_add_ca_cert_path): - if HAS_URLLIB3_PYOPENSSLCONTEXT: + if HAS_SSLCONTEXT: + context = create_default_context() + elif HAS_URLLIB3_PYOPENSSLCONTEXT: context = PyOpenSSLContext(PROTOCOL) else: - context = create_default_context() + raise NotImplementedError('Host libraries are too old to support creating an sslcontext') + if to_add_ca_cert_path: context.load_verify_locations(to_add_ca_cert_path) return context @@ -692,8 +695,11 @@ class SSLValidationHandler(urllib_request.BaseHandler): tmp_ca_cert_path, to_add_ca_cert_path, paths_checked = self.get_ca_certs() https_proxy = os.environ.get('https_proxy') context = None - if HAS_SSLCONTEXT or HAS_URLLIB3_PYOPENSSLCONTEXT: + try: context = self._make_context(to_add_ca_cert_path) + except Exception: + # We'll make do with no context below + pass # Detect if 'no_proxy' environment variable is set and if our URL is included use_proxy = self.detect_no_proxy(req.get_full_url()) |