Skip to content

Commit e204af8

Browse files
author
Dennis van Zuijlekom
committed
SSL validation of the IBA certificate should be optional instead of disabled by default
1 parent 174110d commit e204af8

File tree

1 file changed

+37
-35
lines changed

1 file changed

+37
-35
lines changed

infoblox.py

Lines changed: 37 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -54,21 +54,23 @@ class Infoblox(object):
5454
delete_network_extattrs
5555
"""
5656

57-
def __init__(self, iba_ipaddr, iba_user, iba_password, iba_wapi_version, iba_dns_view, iba_network_view):
57+
def __init__(self, iba_ipaddr, iba_user, iba_password, iba_wapi_version, iba_dns_view, iba_network_view, iba_verify_ssl):
5858
""" Class initialization method
5959
:param iba_ipaddr: IBA IP address of management interface
6060
:param iba_user: IBA user name
6161
:param iba_password: IBA user password
6262
:param iba_wapi_version: IBA WAPI version (example: 1.0)
6363
:param iba_dns_view: IBA default view
6464
:param iba_network_view: IBA default network view
65+
:param iba_verify_ssl: IBA SSL certificate validation (example: False)
6566
"""
6667
self.iba_host = iba_ipaddr
6768
self.iba_user = iba_user
6869
self.iba_password = iba_password
6970
self.iba_wapi_version = iba_wapi_version
7071
self.iba_dns_view = iba_dns_view
7172
self.iba_network_view = iba_network_view
73+
self.iba_verify_ssl = iba_verify_ssl
7274

7375
def get_next_available_ip(self, network):
7476
""" Implements IBA next_available_ip REST API call
@@ -77,13 +79,13 @@ def get_next_available_ip(self, network):
7779
"""
7880
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/network?network=' + network + '&network_view=' + self.iba_network_view
7981
try:
80-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
82+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
8183
r_json = r.json()
8284
if r.status_code == 200:
8385
if len(r_json) > 0:
8486
net_ref = r_json[0]['_ref']
8587
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + net_ref + '?_function=next_available_ip&num=1'
86-
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
88+
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
8789
r_json = r.json()
8890
if r.status_code == 200:
8991
ip_v4 = r_json['ips'][0]
@@ -111,7 +113,7 @@ def create_host_record(self, ip_v4, fqdn):
111113
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:host'
112114
payload = '{"ipv4addrs": [{"configure_for_dhcp": false,"ipv4addr": "' + ip_v4 + '"}],"name": "' + fqdn + '","view": "' + self.iba_dns_view + '"}'
113115
try:
114-
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
116+
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
115117
r_json = r.json()
116118
if r.status_code == 200 or r.status_code == 201:
117119
return
@@ -129,14 +131,14 @@ def delete_host_record(self, fqdn):
129131
"""
130132
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:host?name=' + fqdn + '&view=' + self.iba_dns_view
131133
try:
132-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
134+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
133135
r_json = r.json()
134136
if r.status_code == 200:
135137
if len(r_json) > 0:
136138
host_ref = r_json[0]['_ref']
137139
if host_ref and re.match("record:host\/[^:]+:([^\/]+)\/", host_ref).group(1) == fqdn:
138140
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + host_ref
139-
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
141+
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
140142
if r.status_code == 200:
141143
return
142144
else:
@@ -163,7 +165,7 @@ def add_host_alias(self, host_fqdn, alias_fqdn):
163165
"""
164166
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:host?name=' + host_fqdn + '&view=' + self.iba_dns_view + '&_return_fields=name,aliases'
165167
try:
166-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
168+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
167169
r_json = r.json()
168170
if r.status_code == 200:
169171
if len(r_json) > 0:
@@ -176,7 +178,7 @@ def add_host_alias(self, host_fqdn, alias_fqdn):
176178
else:
177179
payload = '{"aliases": ["' + alias_fqdn + '"]}'
178180
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + host_ref
179-
r = requests.put(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
181+
r = requests.put(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
180182
if r.status_code == 200:
181183
return
182184
else:
@@ -203,7 +205,7 @@ def delete_host_alias(self, host_fqdn, alias_fqdn):
203205
"""
204206
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:host?name=' + host_fqdn + '&view=' + self.iba_dns_view + '&_return_fields=name,aliases'
205207
try:
206-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
208+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
207209
r_json = r.json()
208210
if r.status_code == 200:
209211
if len(r_json) > 0:
@@ -214,7 +216,7 @@ def delete_host_alias(self, host_fqdn, alias_fqdn):
214216
aliases.remove(alias_fqdn)
215217
payload = '{"aliases": ' + json.JSONEncoder().encode(aliases) + '}'
216218
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + host_ref
217-
r = requests.put(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
219+
r = requests.put(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
218220
if r.status_code == 200:
219221
return
220222
else:
@@ -244,7 +246,7 @@ def create_cname_record(self, canonical, name):
244246
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:cname'
245247
payload = '{"canonical": "' + canonical + '","name": "' + name + '","view": "' + self.iba_dns_view + '"}'
246248
try:
247-
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
249+
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
248250
r_json = r.json()
249251
if r.status_code == 200 or r.status_code == 201:
250252
return
@@ -262,14 +264,14 @@ def delete_cname_record(self, fqdn):
262264
"""
263265
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:cname?name=' + fqdn + '&view=' + self.iba_dns_view
264266
try:
265-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
267+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
266268
r_json = r.json()
267269
if r.status_code == 200:
268270
if len(r_json) > 0:
269271
cname_ref = r_json[0]['_ref']
270272
if cname_ref and re.match("record:cname\/[^:]+:([^\/]+)\/", cname_ref).group(1) == fqdn:
271273
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + cname_ref
272-
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
274+
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
273275
if r.status_code == 200:
274276
return
275277
else:
@@ -297,7 +299,7 @@ def create_dhcp_range(self, start_ip_v4, end_ip_v4):
297299
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/range'
298300
payload = '{"start_addr": "' + start_ip_v4 + '","end_addr": "' + end_ip_v4 + '"}'
299301
try:
300-
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
302+
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
301303
r_json = r.json()
302304
if r.status_code == 200 or r.status_code == 201:
303305
return
@@ -316,14 +318,14 @@ def delete_dhcp_range(self, start_ip_v4, end_ip_v4):
316318
"""
317319
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/range?start_addr=' + start_ip_v4 + '?end_addr=' + end_ip_v4 + '&network_view=' + self.iba_network_view
318320
try:
319-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
321+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
320322
r_json = r.json()
321323
if r.status_code == 200:
322324
if len(r_json) > 0:
323325
range_ref = r_json[0]['_ref']
324326
if range_ref:
325327
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + range_ref
326-
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
328+
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
327329
if r.status_code == 200:
328330
return
329331
else:
@@ -354,7 +356,7 @@ def get_host(self, fqdn, fields=None):
354356
else:
355357
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:host?name=' + fqdn + '&view=' + self.iba_dns_view
356358
try:
357-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
359+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
358360
r_json = r.json()
359361
if r.status_code == 200:
360362
if len(r_json) > 0:
@@ -376,7 +378,7 @@ def get_host_by_ip(self, ip_v4):
376378
"""
377379
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/ipv4address?ip_address=' + ip_v4 + '&network_view=' + self.iba_network_view
378380
try:
379-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
381+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
380382
r_json = r.json()
381383
if r.status_code == 200:
382384
if len(r_json) > 0:
@@ -402,7 +404,7 @@ def get_ip_by_host(self, fqdn):
402404
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:host?name=' + fqdn + '&view=' + self.iba_dns_view
403405
ipv4addrs = []
404406
try:
405-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
407+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
406408
r_json = r.json()
407409
if r.status_code == 200:
408410
if len(r_json) > 0:
@@ -430,7 +432,7 @@ def get_host_extattrs(self, fqdn, attributes=None):
430432
"""
431433
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:host?name=' + fqdn + '&view=' + self.iba_dns_view + '&_return_fields=name,extensible_attributes'
432434
try:
433-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
435+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
434436
r_json = r.json()
435437
if r.status_code == 200:
436438
if len(r_json) > 0:
@@ -465,7 +467,7 @@ def get_network(self, network, fields=None):
465467
fields = 'network,netmask'
466468
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/network?network=' + network + '&network_view=' + self.iba_network_view + '&_return_fields=' + fields
467469
try:
468-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
470+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
469471
r_json = r.json()
470472
if r.status_code == 200:
471473
if len(r_json) > 0:
@@ -487,7 +489,7 @@ def get_network_by_ip(self, ip_v4):
487489
"""
488490
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/ipv4address?ip_address=' + ip_v4 + '&network_view=' + self.iba_network_view
489491
try:
490-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
492+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
491493
r_json = r.json()
492494
if r.status_code == 200:
493495
if len(r_json) > 0:
@@ -519,7 +521,7 @@ def get_network_by_extattrs(self, attributes):
519521
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/network?*' + "&*".join(attributes.split(",")) + '&network_view=' + self.iba_network_view
520522
networks = []
521523
try:
522-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
524+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
523525
r_json = r.json()
524526
if r.status_code == 200:
525527
if len(r_json) > 0:
@@ -551,7 +553,7 @@ def get_host_by_extattrs(self, attributes):
551553
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/record:host?*' + "&*".join(attributes.split(",")) + '&view=' + self.iba_dns_view
552554
hosts = []
553555
try:
554-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
556+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
555557
r_json = r.json()
556558
if r.status_code == 200:
557559
if len(r_json) > 0:
@@ -577,7 +579,7 @@ def get_network_extattrs(self, network, attributes=None):
577579
"""
578580
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/network?network=' + network + '&network_view=' + self.iba_network_view + '&_return_fields=network,extensible_attributes'
579581
try:
580-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
582+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
581583
r_json = r.json()
582584
if r.status_code == 200:
583585
if len(r_json) > 0:
@@ -609,7 +611,7 @@ def update_network_extattrs(self, network, attributes):
609611
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/network?network=' + network + '&network_view=' + self.iba_network_view + '&_return_fields=network,extensible_attributes'
610612
extattrs = {}
611613
try:
612-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
614+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
613615
r_json = r.json()
614616
if r.status_code == 200:
615617
if len(r_json) > 0:
@@ -620,7 +622,7 @@ def update_network_extattrs(self, network, attributes):
620622
extattrs[attr_name] = attr_value
621623
payload = '{"extensible_attributes": ' + json.JSONEncoder().encode(extattrs) + '}'
622624
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + network_ref
623-
r = requests.put(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
625+
r = requests.put(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
624626
if r.status_code == 200:
625627
return
626628
else:
@@ -647,7 +649,7 @@ def delete_network_extattrs(self, network, attributes):
647649
"""
648650
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/network?network=' + network + '&network_view=' + self.iba_network_view + '&_return_fields=network,extensible_attributes'
649651
try:
650-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
652+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
651653
r_json = r.json()
652654
if r.status_code == 200:
653655
if len(r_json) > 0:
@@ -659,7 +661,7 @@ def delete_network_extattrs(self, network, attributes):
659661
del extattrs[attribute]
660662
payload = '{"extensible_attributes": ' + json.JSONEncoder().encode(extattrs) + '}'
661663
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + network_ref
662-
r = requests.put(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
664+
r = requests.put(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
663665
if r.status_code == 200:
664666
return
665667
else:
@@ -686,7 +688,7 @@ def create_network(self, network):
686688
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/network'
687689
payload = '{"network": "' + network + '","network_view": "' + self.iba_network_view + '"}'
688690
try:
689-
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
691+
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
690692
r_json = r.json()
691693
if r.status_code == 200 or r.status_code == 201:
692694
return
@@ -704,14 +706,14 @@ def delete_network(self, network):
704706
"""
705707
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/network?network=' + network + '&network_view=' + self.iba_network_view
706708
try:
707-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
709+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
708710
r_json = r.json()
709711
if r.status_code == 200:
710712
if len(r_json) > 0:
711713
network_ref = r_json[0]['_ref']
712714
if network_ref:
713715
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + network_ref
714-
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
716+
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
715717
if r.status_code == 200:
716718
return
717719
else:
@@ -738,7 +740,7 @@ def create_networkcontainer(self, networkcontainer):
738740
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/networkcontainer'
739741
payload = '{"network": "' + networkcontainer + '","network_view": "' + self.iba_network_view + '"}'
740742
try:
741-
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False, data=payload)
743+
r = requests.post(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl, data=payload)
742744
r_json = r.json()
743745
if r.status_code == 200 or r.status_code == 201:
744746
return
@@ -756,14 +758,14 @@ def delete_networkcontainer(self, networkcontainer):
756758
"""
757759
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/networkcontainer?network=' + networkcontainer + '&network_view=' + self.iba_network_view
758760
try:
759-
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
761+
r = requests.get(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
760762
r_json = r.json()
761763
if r.status_code == 200:
762764
if len(r_json) > 0:
763765
network_ref = r_json[0]['_ref']
764766
if network_ref:
765767
rest_url = 'https://' + self.iba_host + '/wapi/v' + self.iba_wapi_version + '/' + network_ref
766-
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=False)
768+
r = requests.delete(url=rest_url, auth=(self.iba_user, self.iba_password), verify=self.iba_verify_ssl)
767769
if r.status_code == 200:
768770
return
769771
else:

0 commit comments

Comments
 (0)