Switch etcd and url lookup plugins to verify ssl certificates

lib/ansible/plugins/lookup/url.py

@@ -17,30 +17,36 @@
 from __future__ import (absolute_import, division, print_function)
 __metaclass__ = type
 
-from ansible.plugins.lookup import LookupBase
 import urllib2
 
+from ansible.errors import AnsibleError
+from ansible.plugins.lookup import LookupBase
+from ansible.module_utils.urls import open_url, ConnectionError, SSLValidationError
+from ansible.utils.unicode import to_unicode
+
 class LookupModule(LookupBase):
 
 
-    def run(self, terms, inject=None, **kwargs):
+    def run(self, terms, variables=None, **kwargs):
 
         if isinstance(terms, basestring):
             terms = [ terms ]
 
+        validate_certs = kwargs.get('validate_certs', True)
+
         ret = []
         for term in terms:
             try:
-                r = urllib2.Request(term)
-                response = urllib2.urlopen(r)
-            except URLError as e:
-                utils.warnings("Failed lookup url for %s : %s" % (term, str(e)))
-                continue
-            except HTTPError as e:
-                utils.warnings("Received HTTP error for %s : %s" % (term, str(e)))
-                continue
+                response = open_url(term, validate_certs=validate_certs)
+            except urllib2.URLError as e:
+                raise AnsibleError("Failed lookup url for %s : %s" % (term, str(e)))
+            except urllib2.HTTPError as e:
+                raise AnsibleError("Received HTTP error for %s : %s" % (term, str(e)))
+            except SSLValidationError as e:
+                raise AnsibleError("Error validating the server's certificate for %s: %s" % (term, str(e)))
+            except ConnectionError as e:
+                raise AnsibleError("Error connecting to %s: %s" % (term, str(e)))
 
             for line in response.read().splitlines():
-                ret.append(line)
-
+                ret.append(to_unicode(line))
         return ret