Enable Custom Cipher Selection for Redfish Modules (#8533)

* Enable custom cipher selection for redfish modules

Signed-off-by: David Ehrman <dlehrman@liberty.edu>

* Add changelog fragment

Signed-off-by: David Ehrman <dlehrman@liberty.edu>

* Added version_added to the ciphers option in redfish modules

Signed-off-by: David Ehrman <dlehrman@liberty.edu>

---------

Signed-off-by: David Ehrman <dlehrman@liberty.edu>
This commit is contained in:
dlehrman 2024-06-20 15:03:28 -04:00 committed by GitHub
parent 60ba7cab93
commit 0d50131d5e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 63 additions and 10 deletions

View file

@ -302,6 +302,17 @@ options:
type: int
default: 120
version_added: 9.1.0
ciphers:
required: false
description:
- SSL/TLS Ciphers to use for the request.
- 'When a list is provided, all ciphers are joined in order with V(:).'
- See the L(OpenSSL Cipher List Format,https://www.openssl.org/docs/manmaster/man1/openssl-ciphers.html#CIPHER-LIST-FORMAT)
for more details.
- The available ciphers is dependent on the Python and OpenSSL/LibreSSL versions.
type: list
elements: str
version_added: 9.2.0
author:
- "Jose Delarosa (@jose-delarosa)"
@ -868,6 +879,7 @@ def main():
bios_attributes=dict(type="dict"),
wait=dict(type='bool', default=False),
wait_timeout=dict(type='int', default=120),
ciphers=dict(type='list', elements='str'),
),
required_together=[
('username', 'password'),
@ -936,10 +948,14 @@ def main():
# BIOS Attributes options
bios_attributes = module.params['bios_attributes']
# ciphers
ciphers = module.params['ciphers']
# Build root URI
root_uri = "https://" + module.params['baseuri']
rf_utils = RedfishUtils(creds, root_uri, timeout, module,
resource_id=resource_id, data_modification=True, strip_etag_quotes=strip_etag_quotes)
resource_id=resource_id, data_modification=True, strip_etag_quotes=strip_etag_quotes,
ciphers=ciphers)
# Check that Category is valid
if category not in CATEGORY_COMMANDS_ALL:

View file

@ -167,6 +167,18 @@ options:
type: dict
default: {}
version_added: '7.5.0'
ciphers:
required: false
description:
- SSL/TLS Ciphers to use for the request.
- 'When a list is provided, all ciphers are joined in order with V(:).'
- See the L(OpenSSL Cipher List Format,https://www.openssl.org/docs/manmaster/man1/openssl-ciphers.html#CIPHER-LIST-FORMAT)
for more details.
- The available ciphers is dependent on the Python and OpenSSL/LibreSSL versions.
type: list
elements: str
version_added: 9.2.0
author:
- "Jose Delarosa (@jose-delarosa)"
- "T S Kushal (@TSKushal)"
@ -405,7 +417,8 @@ def main():
storage_subsystem_id=dict(type='str', default=''),
volume_ids=dict(type='list', default=[], elements='str'),
secure_boot_enable=dict(type='bool', default=True),
volume_details=dict(type='dict', default={})
volume_details=dict(type='dict', default={}),
ciphers=dict(type='list', elements='str'),
),
required_together=[
('username', 'password'),
@ -469,10 +482,14 @@ def main():
volume_details = module.params['volume_details']
storage_subsystem_id = module.params['storage_subsystem_id']
# ciphers
ciphers = module.params['ciphers']
# Build root URI
root_uri = "https://" + module.params['baseuri']
rf_utils = RedfishUtils(creds, root_uri, timeout, module,
resource_id=resource_id, data_modification=True, strip_etag_quotes=strip_etag_quotes)
resource_id=resource_id, data_modification=True, strip_etag_quotes=strip_etag_quotes,
ciphers=ciphers)
# Check that Category is valid
if category not in CATEGORY_COMMANDS_ALL:

View file

@ -73,6 +73,17 @@ options:
- Handle to check the status of an update in progress.
type: str
version_added: '6.1.0'
ciphers:
required: false
description:
- SSL/TLS Ciphers to use for the request.
- 'When a list is provided, all ciphers are joined in order with V(:).'
- See the L(OpenSSL Cipher List Format,https://www.openssl.org/docs/manmaster/man1/openssl-ciphers.html#CIPHER-LIST-FORMAT)
for more details.
- The available ciphers is dependent on the Python and OpenSSL/LibreSSL versions.
type: list
elements: str
version_added: 9.2.0
author: "Jose Delarosa (@jose-delarosa)"
'''
@ -423,6 +434,7 @@ def main():
timeout=dict(type='int', default=60),
update_handle=dict(),
manager=dict(),
ciphers=dict(type='list', elements='str'),
),
required_together=[
('username', 'password'),
@ -450,9 +462,12 @@ def main():
# manager
manager = module.params['manager']
# ciphers
ciphers = module.params['ciphers']
# Build root URI
root_uri = "https://" + module.params['baseuri']
rf_utils = RedfishUtils(creds, root_uri, timeout, module)
rf_utils = RedfishUtils(creds, root_uri, timeout, module, ciphers=ciphers)
# Build Category list
if "all" in module.params['category']: