vmware_inventory: do not ignore validate_certs

Python 2.7.9 < does not have the `ssl.SSLContext` attribute. If
`validate_certs` is `True`, we cannot validate the SSL connection,
and we need to raise an error.
This commit is contained in:
Gonéri Le Bouder 2019-05-30 11:17:14 -04:00
parent d82446652f
commit 06c7b87613

View file

@ -344,10 +344,22 @@ class VMWareInventory(object):
'pwd': self.password, 'pwd': self.password,
'port': int(self.port)} 'port': int(self.port)}
if hasattr(ssl, 'SSLContext') and not self.validate_certs: if self.validate_certs and hasattr(ssl, 'SSLContext'):
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
context.verify_mode = ssl.CERT_REQUIRED
context.check_hostname = True
kwargs['sslContext'] = context
elif self.validate_certs and not hasattr(ssl, 'SSLContext'):
sys.exit('pyVim does not support changing verification mode with python < 2.7.9. Either update '
'python or use validate_certs=false.')
elif not self.validate_certs and hasattr(ssl, 'SSLContext'):
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
context.verify_mode = ssl.CERT_NONE context.verify_mode = ssl.CERT_NONE
context.check_hostname = False
kwargs['sslContext'] = context kwargs['sslContext'] = context
elif not self.validate_certs and not hasattr(ssl, 'SSLContext'):
# Python 2.7.9 < or RHEL/CentOS 7.4 <
pass
return self._get_instances(kwargs) return self._get_instances(kwargs)