win_iis_webbinding: Fix bug with ipaddress * returning multiple bindings (#34721)

* win_iis_webbinding: Fix bug with ipaddress * returning multiple bindings instead of only the ones defined as *. Address possible future issues around hostheader * by just disallowing it. Resolves 25473. Added new test for this case. Removed all validation for https binding collisions due to difficulty in validating all cases in which they could or could not collide. As a result, also removed return values relating to certificate data. Updated testing and docs appropriately * win_iis_webbinding: added break to remove binding loops
2025-07-22 12:50:22 -07:00 · 2018-01-18 19:00:35 -05:00 · 2018-01-18 19:00:35 -05:00 · beb0fd9b8b
commit beb0fd9b8b
parent 389f4ef1fb
6 changed files with 134 additions and 296 deletions
--- a/test/integration/targets/win_iis_webbinding/library/test_get_webbindings.ps1
+++ b/test/integration/targets/win_iis_webbinding/library/test_get_webbindings.ps1
@ -4,24 +4,18 @@
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)

 #Requires -Module Ansible.ModuleUtils.Legacy
-#
+
 $params = Parse-Args -arguments $args -supports_check_mode $true
-$check_mode = Get-AnsibleParam -obj $params -name "_ansible_check_mode" -type "bool" -default $false

 $name = Get-AnsibleParam $params -name "name" -type str -failifempty $true -aliases 'website'
-#$state = Get-AnsibleParam $params "state" -default "present" -validateSet "present","absent"
 $host_header = Get-AnsibleParam $params -name "host_header" -type str
 $protocol = Get-AnsibleParam $params -name "protocol" -type str -default 'http'
 $port = Get-AnsibleParam $params -name "port" -type int -default '80'
 $ip = Get-AnsibleParam $params -name "ip" -default '*'
-$certificateHash = Get-AnsibleParam $params -name "certificate_hash" -type str
-$certificateStoreName = Get-AnsibleParam $params -name "certificate_store_name" -type str
-$sslFlags = Get-AnsibleParam $params -name "ssl_flags" -type int -default '0' -ValidateSet '0','1','2','3'

 $result = @{
  changed = $false
 }
-
 function Create-BindingInfo {
    $ht = @{
        'bindingInformation' = $args[0].bindingInformation
@ -50,48 +44,41 @@ function Create-BindingInfo {
 # Used instead of get-webbinding to ensure we always return a single binding
 # pass it $binding_parameters hashtable
 function Get-SingleWebBinding {
-    $bind_search_splat = @{
-        'name' = $args[0].name
-        'protocol' = $args[0].protocol
-        'port' = $args[0].port
-        'ip' = $args[0].ip
-        'hostheader' = $args[0].hostheader
+
+    Try {
+        $site_bindings = get-webbinding -name $args[0].name
+    }
+    Catch {
+        # 2k8r2 throws this error when you run get-webbinding with no bindings in iis
+        If (-not $_.Exception.Message.CompareTo('Cannot process argument because the value of argument "obj" is null. Change the value of argument "obj" to a non-null value'))
+        {
+            Throw $_.Exception.Message
+        }
+        Else { return }
    }

-    # if no bindings exist, get-webbinding fails with an error that can't be ignored via error actions on older systems
-    # let's ignore that specific error
-    If (-not $bind_search_splat['hostheader'])
+    Foreach ($binding in $site_bindings)
    {
-        Try {
-            Get-WebBinding @bind_search_splat | Where-Object {$_.BindingInformation.Split(':')[-1] -eq [string]::Empty}
-        }
-        Catch {
-            If (-not $_.Exception.Message.CompareTo('Cannot process argument because the value of argument "obj" is null. Change the value of argument "obj" to a non-null value'))
-            {
-                Throw $_.Exception.Message
-            }
-        }
-    }
-    Else
-    {
-        Try {
-            Get-WebBinding @bind_search_splat
-        }
-        Catch {
-            If (-not $_.Exception.Message.CompareTo('Cannot process argument because the value of argument "obj" is null. Change the value of argument "obj" to a non-null value'))
-            {
-                Throw $_.Exception.Message
-            }
+        $splits = $binding.bindingInformation -split ':'
+
+        if (
+            $args[0].protocol -eq $binding.protocol -and
+            $args[0].ipaddress -eq $splits[0] -and
+            $args[0].port -eq $splits[1] -and
+            $args[0].hostheader -eq $splits[2]
+        )
+        {
+            Return $binding
        }
    }
 }

 # create binding search splat
 $binding_parameters = @{
-  Name = $name
-  Protocol = $protocol
-  Port = $port
-  IPAddress = $ip
+    Name = $name
+    Protocol = $protocol
+    Port = $port
+    IPAddress = $ip
 }

 # insert host header to search if specified, otherwise it will return * (all bindings matching protocol/ip)
@ -99,6 +86,10 @@ If ($host_header)
 {
    $binding_parameters.HostHeader = $host_header
 }
+Else
+{
+    $binding_parameters.HostHeader = [string]::Empty
+}

 # Get bindings matching parameters
 Try {
@ -119,4 +110,4 @@ If ($current_bindings)

    $result.binding = $binding_info
 }
-exit-json -obj $result
+exit-json -obj $result