netconf - handle import error when running in FIPS mode (#73992) (#75706)

* Handle netconf plugin ncclient import error when running in FIPS mode

*  While running in FIPS mode importing ncclient result in
   InternalError raised by cryptography
*  Refer https://github.com/ansible/ansible/pull/65477

(cherry picked from commit d8bf4206e4)

Co-authored-by: Ganesh Nalawade <ganesh634@gmail.com>
pull/75864/head
Nathaniel Case 3 years ago committed by GitHub
parent 4967b8650c
commit a22fb928a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -0,0 +1,2 @@
bugfixes:
- netconf - catch and handle exception to prevent stack trace when running in FIPS mode

@ -32,7 +32,10 @@ try:
from ncclient.xml_ import to_xml, to_ele, NCElement from ncclient.xml_ import to_xml, to_ele, NCElement
HAS_NCCLIENT = True HAS_NCCLIENT = True
NCCLIENT_IMP_ERR = None NCCLIENT_IMP_ERR = None
except (ImportError, AttributeError) as err: # paramiko and gssapi are incompatible and raise AttributeError not ImportError # paramiko and gssapi are incompatible and raise AttributeError not ImportError
# When running in FIPS mode, cryptography raises InternalError
# https://bugzilla.redhat.com/show_bug.cgi?id=1778939
except Exception as err:
HAS_NCCLIENT = False HAS_NCCLIENT = False
NCCLIENT_IMP_ERR = err NCCLIENT_IMP_ERR = err

Loading…
Cancel
Save