From 7fedda4c1d7642595011859a70a80a0a62026017 Mon Sep 17 00:00:00 2001 From: Charles Date: Mon, 23 Jul 2018 17:02:05 -0400 Subject: [PATCH] move the TLS detection block of win_uri before creating WebRequest (#43168) * move the TLS detection block of win_url before creating WebRequest * fix typo security_protocols --- lib/ansible/modules/windows/win_uri.ps1 | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/lib/ansible/modules/windows/win_uri.ps1 b/lib/ansible/modules/windows/win_uri.ps1 index 7d04055d610..951cfbd9bfe 100644 --- a/lib/ansible/modules/windows/win_uri.ps1 +++ b/lib/ansible/modules/windows/win_uri.ps1 @@ -67,6 +67,16 @@ if ($status_code) { } } +# Enable TLS1.1/TLS1.2 if they're available but disabled (eg. .NET 4.5) +$security_protocols = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::SystemDefault +if ([Net.SecurityProtocolType].GetMember("Tls11").Count -gt 0) { + $security_protocols = $security_protocols -bor [Net.SecurityProtocolType]::Tls11 +} +if ([Net.SecurityProtocolType].GetMember("Tls12").Count -gt 0) { + $security_protocols = $security_protocols -bor [Net.SecurityProtocolType]::Tls12 +} +[Net.ServicePointManager]::SecurityProtocol = $security_protocols + $client = [System.Net.WebRequest]::Create($url) $client.Method = $method $client.Timeout = $timeout * 1000 @@ -98,17 +108,6 @@ if (-not $validate_certs) { [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { $true } } -# Enable TLS1.1/TLS1.2 if they're available but disabled (eg. .NET 4.5) -$security_protcols = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::SystemDefault -if ([Net.SecurityProtocolType].GetMember("Tls11").Count -gt 0) { - $security_protcols = $security_protcols -bor [Net.SecurityProtocolType]::Tls11 -} -if ([Net.SecurityProtocolType].GetMember("Tls12").Count -gt 0) { - $security_protcols = $security_protcols -bor [Net.SecurityProtocolType]::Tls12 -} -[Net.ServicePointManager]::SecurityProtocol = $security_protcols - - if ($null -ne $content_type) { $client.ContentType = $content_type }