diff --git a/changelogs/fragments/11078-py2-ssl.yml b/changelogs/fragments/11078-py2-ssl.yml new file mode 100644 index 0000000000..e5c82ec3a1 --- /dev/null +++ b/changelogs/fragments/11078-py2-ssl.yml @@ -0,0 +1,4 @@ +minor_changes: + - cobbler_sync - remove conditional code handling SSL for unsupported versions of Python (https://github.com/ansible-collections/community.general/pull/11078). + - cobbler_system - remove conditional code handling SSL for unsupported versions of Python (https://github.com/ansible-collections/community.general/pull/11078). + - jenkins_job_info - remove conditional code handling SSL for unsupported versions of Python (https://github.com/ansible-collections/community.general/pull/11078). diff --git a/plugins/modules/cobbler_sync.py b/plugins/modules/cobbler_sync.py index d30f610636..7e2e9a72a4 100644 --- a/plugins/modules/cobbler_sync.py +++ b/plugins/modules/cobbler_sync.py @@ -110,22 +110,10 @@ def main(): start = now() - ssl_context = None - if not validate_certs: - try: - ssl_context = ssl._create_unverified_context() - except AttributeError: - # Legacy Python that doesn't verify HTTPS certificates by default - pass - else: - # Handle target environment that doesn't support HTTPS verification - ssl._create_default_https_context = ssl._create_unverified_context + ssl_context = None if validate_certs or not use_ssl else ssl._create_unverified_context() url = "{proto}://{host}:{port}/cobbler_api".format(**module.params) - if ssl_context: - conn = xmlrpc_client.ServerProxy(url, context=ssl_context) - else: - conn = xmlrpc_client.Server(url) + conn = xmlrpc_client.ServerProxy(url, context=ssl_context) try: token = conn.login(username, password) diff --git a/plugins/modules/cobbler_system.py b/plugins/modules/cobbler_system.py index f6d8466089..a889d09058 100644 --- a/plugins/modules/cobbler_system.py +++ b/plugins/modules/cobbler_system.py @@ -232,22 +232,10 @@ def main(): start = now() - ssl_context = None - if not validate_certs: - try: - ssl_context = ssl._create_unverified_context() - except AttributeError: - # Legacy Python that doesn't verify HTTPS certificates by default - pass - else: - # Handle target environment that doesn't support HTTPS verification - ssl._create_default_https_context = ssl._create_unverified_context + ssl_context = None if validate_certs or not use_ssl else ssl._create_unverified_context() url = "{proto}://{host}:{port}/cobbler_api".format(**module.params) - if ssl_context: - conn = xmlrpc_client.ServerProxy(url, context=ssl_context) - else: - conn = xmlrpc_client.Server(url) + conn = xmlrpc_client.ServerProxy(url, context=ssl_context) try: token = conn.login(username, password) diff --git a/plugins/modules/jenkins_job_info.py b/plugins/modules/jenkins_job_info.py index 08ffdc11cc..4c42b62949 100644 --- a/plugins/modules/jenkins_job_info.py +++ b/plugins/modules/jenkins_job_info.py @@ -160,13 +160,8 @@ def get_jenkins_connection(module): token = module.params.get("token") validate_certs = module.params.get("validate_certs") - if not validate_certs and hasattr(ssl, "SSLContext"): + if not validate_certs: ssl._create_default_https_context = ssl._create_unverified_context - if validate_certs and not hasattr(ssl, "SSLContext"): - module.fail_json( - msg="Module does not support changing verification mode with python < 2.7.9." - " Either update Python or use validate_certs=false." - ) if username and (password or token): return jenkins.Jenkins(url, username, password or token) diff --git a/tests/integration/targets/mail/files/smtpserver.py b/tests/integration/targets/mail/files/smtpserver.py index 1ea2951cfc..07c78acf54 100644 --- a/tests/integration/targets/mail/files/smtpserver.py +++ b/tests/integration/targets/mail/files/smtpserver.py @@ -41,13 +41,7 @@ keyfile = basename + '.key' if len(sys.argv) > 3: keyfile = sys.argv[3] -try: - ssl_ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) -except AttributeError: - ssl_ctx = None - if HAS_TLS: - print('Python ssl library does not support SSLContext, hence starttls and TLS are not supported.') - import smtpd +ssl_ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) if HAS_TLS and ssl_ctx is not None: print('Using %s and %s' % (certfile, keyfile))