valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-07 08:58:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

allow not verifying ssl winrm saltcloud

Browse Source 
Required for Self Signed Certs on pywinrm>=0.2.1
This commit is contained in:
Daniel Wallace 2017-07-07 10:41:37 -06:00 committed by Daniel A. Wozniak
parent ba5f11476c
commit 71858a709c
No known key found for this signature in database
GPG Key ID: 166B9D2C06C82D61
2 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
salt/cloud/clouds/ec2.py
View File

@ -2336,6 +2336,9 @@ def wait_for_instance(
use_winrm = config.get_cloud_config_value(
'use_winrm', vm_, __opts__, default=False
)
winrm_verify_ssl = config.get_cloud_config_value(
'winrm_verify_ssl', vm_, __opts__, default=True
)
if win_passwd and win_passwd == 'auto':
log.debug('Waiting for auto-generated Windows EC2 password')
@ -2407,7 +2410,8 @@ def wait_for_instance(
winrm_port,
username,
win_passwd,
timeout=ssh_connect_timeout):
timeout=ssh_connect_timeout,
verify=winrm_verify_ssl):
raise SaltCloudSystemExit(
'Failed to authenticate against remote windows host'
)

23
salt/utils/cloud.py
View File

@ -517,6 +517,9 @@ def bootstrap(vm_, opts=None):
deploy_kwargs['winrm_use_ssl'] = salt.config.get_cloud_config_value(
'winrm_use_ssl', vm_, opts, default=True
)
deploy_kwargs['winrm_verify_ssl'] = salt.config.get_cloud_config_value(
'winrm_verify_ssl', vm_, opts, default=True
)
if saltify_driver:
deploy_kwargs['port_timeout'] = 1 # No need to wait/retry with Saltify
@ -843,7 +846,7 @@ def wait_for_winexesvc(host, port, username, password, timeout=900):
time.sleep(1)
def wait_for_winrm(host, port, username, password, timeout=900, use_ssl=True):
def wait_for_winrm(host, port, username, password, timeout=900, use_ssl=True, verify=True):
'''
Wait until WinRM connection can be established.
'''
@ -853,14 +856,20 @@ def wait_for_winrm(host, port, username, password, timeout=900, use_ssl=True):
host, port
)
)
transport = 'ssl'
if not use_ssl:
transport = 'plaintext'
trycount = 0
while True:
trycount += 1
try:
transport = 'ssl'
if not use_ssl:
transport = 'plaintext'
s = winrm.Session(host, auth=(username, password), transport=transport)
winrm_kwargs = {'target': host,
'auth': (username, password),
'transport': transport}
if not verify:
log.debug("SSL validation for WinRM disabled.")
winrm_kwargs['server_cert_validation'] = 'ignore'
s = winrm.Session(**winrm_kwargs)
if hasattr(s.protocol, 'set_timeout'):
s.protocol.set_timeout(15)
log.trace('WinRM endpoint url: {0}'.format(s.url))
@ -1008,6 +1017,7 @@ def deploy_windows(host,
use_winrm=False,
winrm_port=5986,
winrm_use_ssl=True,
winrm_verify_ssl=True,
**kwargs):
'''
Copy the install files to a remote Windows box, and execute them
@ -1034,7 +1044,8 @@ def deploy_windows(host,
if HAS_WINRM and use_winrm:
winrm_session = wait_for_winrm(host=host, port=winrm_port,
username=username, password=password,
timeout=port_timeout * 60, use_ssl=winrm_use_ssl)
timeout=port_timeout * 60, use_ssl=winrm_use_ssl,
verify=winrm_verify_ssl)
if winrm_session is not None:
service_available = True
else: