@@ -56,9 +56,7 @@ class ChefAPI(object):
56
56
env_value_re = re .compile (r'ENV\[(.+)\]' )
57
57
ruby_string_re = re .compile (r'^\s*(["\'])(.*?)\1\s*$' )
58
58
59
- verify_ssl = True
60
-
61
- def __init__ (self , url , key , client , version = '0.10.8' , headers = {}):
59
+ def __init__ (self , url , key , client , version = '0.10.8' , headers = {}, ssl_verify = True ):
62
60
self .url = url .rstrip ('/' )
63
61
self .parsed_url = six .moves .urllib .parse .urlparse (self .url )
64
62
if not isinstance (key , Key ):
@@ -71,6 +69,7 @@ def __init__(self, url, key, client, version='0.10.8', headers={}):
71
69
self .headers = dict ((k .lower (), v ) for k , v in six .iteritems (headers ))
72
70
self .version_parsed = pkg_resources .parse_version (self .version )
73
71
self .platform = self .parsed_url .hostname == 'api.opscode.com'
72
+ self .ssl_verify = ssl_verify
74
73
if not api_stack_value ():
75
74
self .set_default ()
76
75
@@ -85,6 +84,7 @@ def from_config_file(cls, path):
85
84
log .debug ('Unable to read config file "%s"' , path )
86
85
return
87
86
url = key_path = client_name = None
87
+ ssl_verify = True
88
88
for line in open (path ):
89
89
if not line .strip () or line .startswith ('#' ):
90
90
continue # Skip blanks and comments
@@ -95,6 +95,10 @@ def from_config_file(cls, path):
95
95
md = cls .ruby_string_re .search (value )
96
96
if md :
97
97
value = md .group (2 )
98
+ elif key == 'ssl_verify_mode' :
99
+ log .debug ('Found ssl_verify_mode: %r' , value )
100
+ ssl_verify = (value .strip () != ':verify_none' )
101
+ log .debug ('ssl_verify = %s' , ssl_verify )
98
102
else :
99
103
# Not a string, don't even try
100
104
log .debug ('Value for {0} does not look like a string: {1}' .format (key , value ))
@@ -125,6 +129,7 @@ def _ruby_value(match):
125
129
if not os .path .isabs (key_path ):
126
130
# Relative paths are relative to the config file
127
131
key_path = os .path .abspath (os .path .join (os .path .dirname (path ), key_path ))
132
+
128
133
if not (url and client_name and key_path ):
129
134
# No URL, no chance this was valid, try running Ruby
130
135
log .debug ('No Chef server config found, trying Ruby parse' )
@@ -153,7 +158,7 @@ def _ruby_value(match):
153
158
return
154
159
if not client_name :
155
160
client_name = socket .getfqdn ()
156
- return cls (url , key_path , client_name )
161
+ return cls (url , key_path , client_name , ssl_verify = ssl_verify )
157
162
158
163
@staticmethod
159
164
def get_global ():
@@ -180,7 +185,7 @@ def __exit__(self, type, value, traceback):
180
185
del api_stack_value ()[- 1 ]
181
186
182
187
def _request (self , method , url , data , headers ):
183
- request = requests .api .request (method , url , headers = headers , data = data , verify = self .verify_ssl )
188
+ request = requests .api .request (method , url , headers = headers , data = data , verify = self .ssl_verify )
184
189
return request
185
190
186
191
def request (self , method , path , headers = {}, data = None ):
@@ -219,7 +224,7 @@ def __getitem__(self, path):
219
224
return self .api_request ('GET' , path )
220
225
221
226
222
- def autoconfigure (base_path = None , verify_ssl = True ):
227
+ def autoconfigure (base_path = None ):
223
228
"""Try to find a knife or chef-client config file to load parameters from,
224
229
starting from either the given base path or the current working directory.
225
230
@@ -238,19 +243,16 @@ def autoconfigure(base_path=None, verify_ssl=True):
238
243
config_path = os .path .join (path , '.chef' , 'knife.rb' )
239
244
api = ChefAPI .from_config_file (config_path )
240
245
if api is not None :
241
- api .verify_ssl = verify_ssl
242
246
return api
243
247
244
248
# The walk didn't work, try ~/.chef/knife.rb
245
249
config_path = os .path .expanduser (os .path .join ('~' , '.chef' , 'knife.rb' ))
246
250
api = ChefAPI .from_config_file (config_path )
247
251
if api is not None :
248
- api .verify_ssl = verify_ssl
249
252
return api
250
253
251
254
# Nothing in the home dir, try /etc/chef/client.rb
252
255
config_path = os .path .join (os .path .sep , 'etc' , 'chef' , 'client.rb' )
253
256
api = ChefAPI .from_config_file (config_path )
254
257
if api is not None :
255
- api .verify_ssl = verify_ssl
256
258
return api
0 commit comments