Commit Graph

55 Commits (05e3fdf5e9d9294fa0fbfbf4ac0b57024f75d00f)

Author SHA1 Message Date
Matt Clay 560d3af097
ansible-test - Update http-test-container (#83272)
* Disable cipher suite integration tests

When the client and server both support TLS 1.3, cipher suite selection is effectively a no-op.

Python provides no way to disable TLS 1.3 cipher suites, and no way to prefer user-selected cipher suites.
Since TLS 1.3 includes a mandatory cipher suite, this makes it impossible to induce a cipher suite related error when using TLS 1.3.

* Update multipart form-data integration test

* Fix netrc integration tests

* Update HTTP test host substring

* ansible-test - Update http-test-container
7 months ago
Brian Coca ddae41759c
Add FreeBSD 13.3 and 14.0 to ansible-test (#82530)
Co-authored-by: Matt Clay <matt@mystile.com>
9 months ago
Yacht Shaver c7334ea92c
Fix url encoded credentials in netloc (#82552)
Prior to this commit, it was impossible to use a module like dnf with a
URL that contains a username with an @ such as an email address
username, because:

  dnf:
    name: https://foo@example.com:bar@example.com/some.rpm

Would cause netloc parsing to fail. However, the following:

  dnf:
    name: https://foo%40example.com:bar@example.com/some.rpm

Would also fail because ansible would *not* URL-decode the credentials,
causing the following to be base64 encoded in the Authorization header:

  Zm9vJTQwZXhhbXBsZS5jb206YmFyCg==

Which decodes to:

  foo%40example.com:foo

Which is *not* the authorized username, and as such, *won't* pass basic
auth.

With this commit, Ansible's url lib behaves like curl, chromium, wget,
etc, and encodes the above to:

  Zm9vQGV4YW1wbGUuY29tOmJhcgo=

Which decodes to:

  foo@example.com:bar

Which will actually pass the HTTP Basic Auth, and is the same behaviour
that you will find ie. with:

  curl -vvI https://foo%40bar:test@example.com 2>&1 |grep Auth | awk '{ print $4 }'
11 months ago
Mike Bonnet 9c5d3060e5
uri: Handle the "force" parameter properly (#82187)
* uri: Two tests that demonstrate missing handling of the "force" parameter

Add unit and integration tests that demonstrate that the uri module is not
handling the "force" parameter.

The unit test demonstrates that when "force" is present in the module parameters,
it is not being passed through to fetch_url().

The integration test demonstrates that "force" does not disable caching as
documented, and calls with a "dest" parameter that points to an existing file
can result in a "304 Not Modified" response.

* uri: Handle the "force" parameter properly

The uri module documents a "force" parameter that can be used to disable caching.
The module accepted the parameter but didn't pass it through to the fetch_url() method
which implements the logic to handle setting the appropriate headers for disabling
caching. This change passes the "force" parameter through as expected, allowing caching
to be disabled when requested by the module caller.
11 months ago
Brian Coca 596c75c2bc
uri action plugin check_mode support update (#82484)
Also updated base action messages to be more specific
11 months ago
Matt Martz 92d2c66db2
Remove py2 support from urls.py (#81880) 1 year ago
Brent Barbachem 0c7361d9ac
URI Module find json sub type (#80745)
* uri: fixed search for json types to include strings in the format xxx/yyy+json
2 years ago
Matt Martz 060a27f28f
Do not use hardcoded httpbin.org in uri tests (#80101) 2 years ago
Matt Clay 61d5586c7c Use uri in uri test instead of get_url. 2 years ago
Matt Clay 6a73a5a480
Fixes for uri integration test. (#79688)
* Fix HTTP methods used in URI test.

* Fix urllib2 redirect tests on Python 3.11.

* Fix uri cookie testing on Python 3.11.
2 years ago
Artur a26c325bd8
uri: added use_netrc argument to allow ignoring netrc (#74397) (#78569) 2 years ago
Matt Martz b8025ac160
Allow selection of TLS/SSL ciphers (#78650)
* Allow selection of TLS/SSL ciphers. Fixes #78633
* Never pass None as the password. Fixes #53373
2 years ago
Matt Martz d58e69c82d
Add support for gzip decoding responses (#41925) 2 years ago
Matt Clay 4594c0c609 Fix HTTP tests on FreeBSD when running split. 3 years ago
h4rr21 1d9c68d27e
honor use_proxy parameter (#77312)
* honor use_proxy parameter
* fix uri test with "use_proxy: no"
* fix urls.py module

Co-authored-by: Carlos <Juan.Carlos.Cardenas.Viera@ibm.com>
3 years ago
Matt Martz eca97a19a3
Handle HTTPError being partially initialized due to the error. Fixes #76386 (#76421) 3 years ago
Matt Martz e40a0e5c90
Don't use output_dir in target tests (#76107)
* Don't use output_dir in user tests

* Move blockinfile tests from using output_dir to depending on setup_remote_tmp_dir

* Don't use output_dir in git tests

* Don't use output_dir in uri tests
3 years ago
Matt Martz 8510db4935
Allow ca_path to point to a bundle (#75894)
* Allow ca_path to point to a bundle. Fixes #75015
3 years ago
Matt Clay 4ea8d9a782
ansible-test - split controller/target testing (#75605) 3 years ago
Matt Martz 4dca539a29
Expose `unredirected_headers` to `uri` and `get_url` modules (#75308) 3 years ago
Jordan Borean 019452dda7
uri - fix traceback on multipart-form int value (#74302) 4 years ago
Florian Heiderich 8d6136eab9
uri - add ca_path parameter (#71979)
* add changelog fragment for #71979 (ca_path for uri)
* add integration tests for ca_path in the uri module
* return path of ca cert instead of its content
* connect to port 444 on self_signed_host
  and use quay.io/ansible/http-test-container:1.3.0
* state that the certificate in ca_path is used for validation
4 years ago
Jordan Borean caba47dd3f
Add support for GSSAPI/Kerberos to urls.py (#72113)
* Add support for GSSAPI/Kerberos to urls.py

* Test out changes with the latest test container

* Get remote hosts working

* Fix up httptester_krb5_password reader

* Fix tests for opensuse and macOS

* Hopefully last lot of testing changes

* Dont do CBT on macOS

* Fixes from review
4 years ago
Jack 80f09efd03
do not return the body even if it failed (#69706)
* do not return the body even if it failed

* add some tests for this and rebase

* import test task

* ignore_errors when fails

Co-authored-by: Jack Zhang <jack.zhang@aspiraconnect.com>
5 years ago
Matt Martz e0f25a2b1f
Strip no log values from module response keys. Fixes #68400 (#69653) 5 years ago
Matt Martz b748edea45
Add multipart/form-data functionality (#69376)
* Add multipart/form-data functionality

* Fix some linting issues

* Fix error message

* Allow filename to be provided with content

* Add integration test

* Update examples

* General improvements to multipart handling

* Use prepare_multipart for galaxy collection publish

* Properly account for py2 vs py3, ensuring no max header length

* Address test assumptions

* Add unit tests

* Add changelog

* Ensure to use CRLF instead of NL

* Ignore line-endings in fixture

* Consolidate code, add comment

* Bump fallaxy container version

* ci_complete
5 years ago
Matt Martz 8bd4e2a144 cert validation fixes - Attempt 2 (#55953)
* Attempt 2 of cert validation fixes

* Remove unused code

* Cleanup the tmp cert using atexit

* Fix linting issues

* Only add SSLValidationHandler when not HAS_SSLCONTEXT

* Catch value errors on non PEM certs

* Only catch NotImplementedError to avoid masking issues

* set self._context even with PyOpenSSLContext for conformity

* Fix error building

* normalize how we interact with the context we create

* Remove unused code

* Address test for py3.7 message difference

* open_url should pass the ca_path through

* Account for new error in url lookup test

* Guard some code behind whether or not we are validating certs

* Make _make_context public

* Move atexit.register up to where the tmp file is created
6 years ago
Sam Doran 8f4f3750fe
Ensure uri module always returns status even on failure (#56240)
- Also return url and update docs for other values to indicate they are only returned on success.
- Add integration tests
- Use info variable for common return values
- Use -1 as default status rather than None. This is lines up with with existing code in urls.py
- Add unit tests to ensure status and url are returned on failure
6 years ago
Martin Krizek c6b40f4d40
register: fail when invalid var name is specified (#56456) 6 years ago
Martin Krizek bafa291af9 uri: do not write the file after failure (#53515)
* uri: do not write the file after failure

Fixes #53491

* Add changelog
6 years ago
Matt Clay 17ed39a009
Fix uri integration test uninstall of urllib3. (#53834) 6 years ago
Matt Clay 34b928d283 Remove conflicting urllib3 from pip in uri test.
The uri test will fail on centos6 if run after a test that installs urllib3 via pip unless it is uninstalled.
6 years ago
Dag Wieers 4e6c113bf0 uri/win_uri: Make method a free text field (#49719)
* uri/win_uri: Make method a free text field

Since various interfaces introduce their own HTTP method (e.g. like
PROPFIND, LIST or TRACE) it's better to leave this up to the user.

* Fix HTTP method check in module_utils urls

* Add integration test for method UNKNOWN

* Clarify the change as requested during review
6 years ago
Pilou 7a3582d651 uri: check unexpected failure doesn't occur when file cannot be saved (#45824)
* uri: fix TypeError when file can't be saved

Fix the following exception (and others):

    Traceback (most recent call last):
      File "/home/lilou/debug_dir/__main__.py", line 604, in <module>
        main()
      File "/home/lilou/debug_dir/__main__.py", line 554, in main
        write_file(module, url, dest, content, resp)
      File "/home/lilou/debug_dir/__main__.py", line 320, in write_file
        module.fail_json(msg="Destination dir '%s' not writable" % os.path.dirname(dest), **resp)
    TypeError: fail_json() got multiple values for keyword argument 'msg'

I would rather remove **resp from returned values but this module is
flagged as stableinterface.

* Static imports are more straight forward and preferred unless dynamic inclusion is required.
6 years ago
Matt Clay d2a7cc0b9f Fix integration tests to support remote hosts. 6 years ago
Matt Clay d048785640 Update requirements for urllib3 for python 2.6. 6 years ago
Matt Martz 961484e00d
Add src parameter for uri module that can be used in place of body. Supports binary files (#33689)
* First pass at a src parameter that can be used in place of body. Supports binary files

* Add test for uri src body

* Bump version_added to 2.6

* Close the open file handle

* Add uri action plugin that handles src/remote_src

* Document remote_src

* Remove duplicate info about remote_src

* Bump version_added to 2.7
7 years ago
Dag Wieers 0fba72ce3c uri: Add form-urlencoded support to body_format (#37188)
* uri: Add form-urlencoded support to body_format

This PR adds form-urlencoded support so the user does not need to take
care of correctly encode input and have the same convenience as using
JSON.

This fixes #37182

* Various fixes

* Undo documentation improvements

No longer my problem

* Fix the remaining review comments
7 years ago
Matt Clay b92ef8e54a
Use HTTPS instead of HTTP for httpbin tests. (#39457)
The httpbin.org site is now redirecting HTTP to HTTPS.
7 years ago
Matt Martz 450cfa8776
Handle duplicate headers in the uri module (#33792)
* Handle duplicate headers, and make it easier for users to use cookies, by providing a pre-built string

* Ensure proper cookie ordering, make key plural

* Add note about cookie sort order

* Add tests for duplicate headers and cookies_string

* Extend tests, normalize headers between py2 and py3

* Add some notes in test code

* Don't use AttributeError, use six.PY3. Use better names.
7 years ago
Dag Wieers 800dad5bdf uri: Add redirect tests for none, safe, urllib2 and all (#37068)
This is required if we want to ensure that #36809 doesn't cause any
important behavioral changes.

This PR changes the uri module to support follow_redirects=urllib2

It also adds a better error message when the connection closes before
any data was returned.
7 years ago
Matt Clay 1fd9a616a4 Fix uri test on Python 2.6. 7 years ago
Matt Martz b762eb2d92
Fix some TODOs to use generic_urlparse which allows proper netrc selection. Fixes #34360 (#34372) 7 years ago
Matt Martz 4fe08441be Deprecate tests used as filters (#32361)
* Warn on tests used as filters

* Update docs, add aliases for tests that fit more gramatically with test syntax

* Fix rst formatting

* Add successful filter, alias of success

* Remove renamed_deprecation, it was overkill

* Make directory alias for is_dir

* Update tests to use proper jinja test syntax

* Update additional documentation, living outside of YAML files, to reflect proper jinja test syntax

* Add conversion script, porting guide updates, and changelog updates

* Update newly added uses of tests as filters

* No underscore variable

* Convert recent tests as filter changes to win_stat

* Fix some changes related to rebasing a few integration tests

* Make tests_as_filters_warning explicitly accept the name of the test, instead of inferring the name

* Add test for tests_as_filters_warning

* Update tests as filters in newly added/modified tests

* Address recent changes to several integration tests

* Address recent changes in cs_vpc
7 years ago
Matt Clay a7d5492ea3 Fix github_issue test and enable in CI. 7 years ago
Matt Martz 621e27b5dd Urls client cert auth (#18141)
* Build HTTPSClientAuthHandler more similarly to how HTTPSHandler works

* Add docs for new client cert authentication

* Support older versions of python

* Simplify logic

* Initial support for client certs in urls.py

* Add an extra test

* Add a get_url test for client cert auth

* Add additional test for client cert auth, with validation and ssl mismatch

* Skip assert when http tester not available

* Update version_added for new options
8 years ago
Matt Martz 13ac993d25 Fallback to old ssl_wrap_socket 8 years ago
Matt Martz b4b76bab14 Update install deps for SNI tests 8 years ago
Matt Clay 93d9b04f1d Fix uri options test to work again. 8 years ago
Matt Martz 6e8e90ceb4 Warn when using the deprecated HEADER_ arguments (#20236)
* Make sure the uri module warns about using the deprecated HEADER_ arguments, so that we can actually deprecate in a future version

* Use module.deprecate

* No need to de-dupe ourselves, looks like it is done somewhere I didn't initially see
8 years ago