vmware_inventory: do not ignore validate_certs
Python 2.7.9 < does not have the `ssl.SSLContext` attribute. If `validate_certs` is `True`, we cannot validate the SSL connection, and we need to raise an error.
This commit is contained in:
parent
d82446652f
commit
06c7b87613
1 changed files with 13 additions and 1 deletions
|
@ -344,10 +344,22 @@ class VMWareInventory(object):
|
||||||
'pwd': self.password,
|
'pwd': self.password,
|
||||||
'port': int(self.port)}
|
'port': int(self.port)}
|
||||||
|
|
||||||
if hasattr(ssl, 'SSLContext') and not self.validate_certs:
|
if self.validate_certs and hasattr(ssl, 'SSLContext'):
|
||||||
|
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||||
|
context.verify_mode = ssl.CERT_REQUIRED
|
||||||
|
context.check_hostname = True
|
||||||
|
kwargs['sslContext'] = context
|
||||||
|
elif self.validate_certs and not hasattr(ssl, 'SSLContext'):
|
||||||
|
sys.exit('pyVim does not support changing verification mode with python < 2.7.9. Either update '
|
||||||
|
'python or use validate_certs=false.')
|
||||||
|
elif not self.validate_certs and hasattr(ssl, 'SSLContext'):
|
||||||
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||||
context.verify_mode = ssl.CERT_NONE
|
context.verify_mode = ssl.CERT_NONE
|
||||||
|
context.check_hostname = False
|
||||||
kwargs['sslContext'] = context
|
kwargs['sslContext'] = context
|
||||||
|
elif not self.validate_certs and not hasattr(ssl, 'SSLContext'):
|
||||||
|
# Python 2.7.9 < or RHEL/CentOS 7.4 <
|
||||||
|
pass
|
||||||
|
|
||||||
return self._get_instances(kwargs)
|
return self._get_instances(kwargs)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue