mirror/netbox-sync
1
0
Fork 0
mirror of https://github.com/bb-Ricardo/netbox-sync.git synced 2026-01-27 19:39:13 -06:00
Code Issues Packages Projects Releases Wiki Activity

adds 'validate_tls_certs' setting to VMware source #106

Browse Source
This commit is contained in:
ricardo.bartels@telekom.de
2021-10-19 00:09:28 +02:00
parent b5fd52cd0c
commit 03ddfff44e
2 changed files with 18 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
module/sources/vmware/connection.py
View File

@@ -10,13 +10,14 @@
import atexit
import pprint
import re
import ssl
from ipaddress import ip_address, ip_network, ip_interface
from socket import gaierror
from urllib.parse import unquote
import urllib3
import requests
from pyVim.connect import SmartConnectNoSSL, Disconnect
from pyVim.connect import SmartConnect, Disconnect
from pyVmomi import vim
from module.sources.common.source_base import SourceBase
@@ -90,6 +91,7 @@ class VMWareHandler(SourceBase):
"port": 443,
"username": None,
"password": None,
"validate_tls_certs": False,
"cluster_exclude_filter": None,
"cluster_include_filter": None,
"host_exclude_filter": None,
@@ -319,12 +321,18 @@ class VMWareHandler(SourceBase):
log.debug(f"Starting vCenter SDK connection to '{self.host_fqdn}'")
ssl_context = ssl.create_default_context()
if bool(self.validate_tls_certs) is False:
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
try:
instance = SmartConnectNoSSL(
instance = SmartConnect(
host=self.host_fqdn,
port=self.port,
user=self.username,
pwd=self.password
pwd=self.password,
sslContext=ssl_context
)
atexit.register(Disconnect, instance)
self.session = instance.RetrieveContent()
@@ -367,10 +375,11 @@ class VMWareHandler(SourceBase):
# create a requests session to enable/disable TLS verification
session = requests.session()
session.verify = False
session.verify = bool(self.validate_tls_certs)
# disable TLS insecure warnings if user explicitly switched off validation
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
if bool(self.validate_tls_certs) is False:
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
try:
self.tag_session = create_vsphere_client(

4
settings-example.ini
View File

@@ -108,6 +108,10 @@ host_fqdn = vcenter.example.com
# TCP port to connect to
#port = 443
# Enforces TLS certificate validation. If vCenter uses a valid TLS certificate then
# this option should be set to 'true' to ensure a secure connection.
#validate_tls_certs = false
# username and password to use to log into vCenter
username = vcenteruser
password = supersecret