Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable InsecureRequestWarning if ssl_verify is false in nxos driver #1510

Merged
merged 2 commits into from
Oct 13, 2021
Merged

Disable InsecureRequestWarning if ssl_verify is false in nxos driver #1510

merged 2 commits into from
Oct 13, 2021

Conversation

floatingstatic
Copy link
Contributor

I see many examples where NAPALM users utilizing the nxos driver are doing something like this in their code to work around cert warnings that are displayed:

import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

One example blog post

This is well and fine but I believe that the intent of the ssl_verify optional_arg for the nxos driver is that we should not verify the certificate in addition to hiding any InsecureRequestWarning warnings that are displayed. This change disables InsecureRequestWarning when ssl_verify is false or none which is the default for this driver.

An explicit example setting ssl_verify=False (implicit by default) with the current master branch:

>>> import napalm
>>> driver = napalm.get_network_driver("nxos")
>>> device = driver(hostname="10.10.0.60", username="admin", password="admin", optional_args={"ssl_verify": False})
>>> device.open()
/Users/jmillay/.venvs/napalm/lib/python3.8/site-packages/urllib3/connectionpool.py:1013: InsecureRequestWarning: Unverified HTTPS request is being made to host '10.10.0.60'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings
  warnings.warn(

With my proposed changes:

>>> import napalm
>>> driver = napalm.get_network_driver('nxos')
>>> device = driver(hostname="10.10.0.60", username="admin", password="admin", optional_args={"ssl_verify": False})
>>> device.open()

@floatingstatic floatingstatic mentioned this pull request Oct 13, 2021
Closed
@mirceaulinic mirceaulinic merged commit c320023 into napalm-automation:develop Oct 13, 2021
@mirceaulinic mirceaulinic added this to the 3.4.0 milestone Oct 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mirceaulinic mirceaulinic mirceaulinic approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
3.4.0
Development

Successfully merging this pull request may close these issues.
2 participants
@floatingstatic @mirceaulinic