Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff --git a/salt/cloud/clouds/ec2.py b/salt/cloud/clouds/ec2.py
- index 2b2e258231..9a534d97d2 100644
- --- a/salt/cloud/clouds/ec2.py
- +++ b/salt/cloud/clouds/ec2.py
- @@ -2224,6 +2224,9 @@ def wait_for_instance(
- use_winrm = config.get_cloud_config_value(
- 'use_winrm', vm_, __opts__, default=False
- )
- + winrm_verify_ssl = config.get_cloud_config_value(
- + 'winrm_verify_ssl', vm_, __opts__, default=True
- + )
- if win_passwd and win_passwd == 'auto':
- log.debug('Waiting for auto-generated Windows EC2 password')
- @@ -2295,7 +2298,8 @@ def wait_for_instance(
- winrm_port,
- username,
- win_passwd,
- - timeout=ssh_connect_timeout):
- + timeout=ssh_connect_timeout,
- + verify=winrm_verify_ssl):
- raise SaltCloudSystemExit(
- 'Failed to authenticate against remote windows host'
- )
- diff --git a/salt/utils/cloud.py b/salt/utils/cloud.py
- index 0485a7476a..886dbcdd28 100644
- --- a/salt/utils/cloud.py
- +++ b/salt/utils/cloud.py
- @@ -499,6 +499,9 @@ def bootstrap(vm_, opts):
- deploy_kwargs['winrm_port'] = salt.config.get_cloud_config_value(
- 'winrm_port', vm_, opts, default=5986
- )
- + deploy_kwargs['winrm_verify_ssl'] = salt.config.get_cloud_config_value(
- + 'winrm_verify_ssl', vm_, opts, default=True
- + )
- # Store what was used to the deploy the VM
- event_kwargs = copy.deepcopy(deploy_kwargs)
- @@ -823,7 +826,7 @@ def wait_for_winexesvc(host, port, username, password, timeout=900):
- )
- -def wait_for_winrm(host, port, username, password, timeout=900):
- +def wait_for_winrm(host, port, username, password, timeout=900, verify=True):
- '''
- Wait until WinRM connection can be established.
- '''
- @@ -834,10 +837,13 @@ def wait_for_winrm(host, port, username, password, timeout=900):
- )
- )
- trycount = 0
- + if not verify:
- + log.warn("SSL validation for WinRM disabled.")
- while True:
- trycount += 1
- try:
- - s = winrm.Session(host, auth=(username, password), transport='ssl')
- + s = winrm.Session(host, auth=(username, password), transport='ssl',
- + server_cert_validation=((verify and 'validate') or 'ignore'))
- if hasattr(s.protocol, 'set_timeout'):
- s.protocol.set_timeout(15)
- log.trace('WinRM endpoint url: {0}'.format(s.url))
- @@ -984,6 +990,7 @@ def deploy_windows(host,
- master_sign_pub_file=None,
- use_winrm=False,
- winrm_port=5986,
- + winrm_verify_ssl=True,
- **kwargs):
- '''
- Copy the install files to a remote Windows box, and execute them
- @@ -1009,8 +1016,10 @@ def deploy_windows(host,
- if HAS_WINRM and use_winrm:
- winrm_session = wait_for_winrm(host=host, port=winrm_port,
- - username=username, password=password,
- - timeout=port_timeout * 60)
- + username=username, password=password,
- + timeout=port_timeout * 60,
- + verify=winrm_verify_ssl
- + )
- if winrm_session is not None:
- service_available = True
- else:
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement