Merge 65afc26 into e7a8502

diyan · Jun 13, 2019 · 068e8ea · 068e8ea
2 parents e7a8502 + 65afc26
commit 068e8ea
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 10 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,8 +1,10 @@
 # Changelog
 
 ### Version 0.3.1
-- Ensure server_cert_validation=ignore supersedes ca_trust_path/env overrides
+- Ensure `server_cert_validation=ignore` supersedes ca_trust_path/env overrides
 - Set minimum version of requests-credssp to support Kerberos auth over CredSSP and other changes
+- Added `proxy` support where it can be defined within the application.
+- Added a toggle for the ability to read proxy information from environment variables via `proxy_ignore_env`
 
 ### Version 0.3.0
 - Added support for message encryption over HTTP when using NTLM/Kerberos/CredSSP

diff --git a/winrm/protocol.py b/winrm/protocol.py
@@ -39,7 +39,10 @@ def __init__(
             kerberos_hostname_override=None,
             message_encryption='auto',
             credssp_disable_tlsv1_2=False,
-            send_cbt=True):
+            send_cbt=True,
+            proxy=None,
+            proxy_ignore_env=False,
+        ):
         """
         @param string endpoint: the WinRM webservice endpoint
         @param string transport: transport type, one of 'plaintext' (default), 'kerberos', 'ssl', 'ntlm', 'credssp'  # NOQA
@@ -57,6 +60,8 @@ def __init__(
         @param int operation_timeout_sec: maximum allowed time in seconds for any single wsman HTTP operation (default 20). Note that operation timeouts while receiving output (the only wsman operation that should take any significant time, and where these timeouts are expected) will be silently retried indefinitely. # NOQA
         @param string kerberos_hostname_override: the hostname to use for the kerberos exchange (defaults to the hostname in the endpoint URL)
         @param bool message_encryption_enabled: Will encrypt the WinRM messages if set to True and the transport auth supports message encryption (Default True).
+        @param string proxy: Specify a proxy for the WinRM connection to use. The proxy specified here takes precedence over environment varaiables.
+        @param bool proxy_ignore_env: Ignore environment variables when determining if the WinRM connection should use a proxy (default False)
         """
 
         try:
@@ -88,7 +93,9 @@ def __init__(
             auth_method=transport,
             message_encryption=message_encryption,
             credssp_disable_tlsv1_2=credssp_disable_tlsv1_2,
-            send_cbt=send_cbt
+            send_cbt=send_cbt,
+            proxy=proxy,
+            proxy_ignore_env=proxy_ignore_env
         )
 
         self.username = username

diff --git a/winrm/transport.py b/winrm/transport.py
@@ -62,7 +62,9 @@ def __init__(
             credssp_disable_tlsv1_2=False,
             credssp_auth_mechanism='auto',
             credssp_minimum_version=2,
-            send_cbt=True):
+            send_cbt=True,
+            proxy=None,
+            proxy_ignore_env=False):
         self.endpoint = endpoint
         self.username = username
         self.password = password
@@ -80,6 +82,8 @@ def __init__(
         self.credssp_auth_mechanism = credssp_auth_mechanism
         self.credssp_minimum_version = credssp_minimum_version
         self.send_cbt = send_cbt
+        self.proxy = proxy
+        self.proxy_use_env = not proxy_ignore_env
 
         if self.server_cert_validation not in [None, 'validate', 'ignore']:
             raise WinRMError('invalid server_cert_validation mode: %s' % self.server_cert_validation)
@@ -151,13 +155,19 @@ def __init__(
     def build_session(self):
         session = requests.Session()
 
-        # allow some settings to be merged from env
-        session.trust_env = True
-        settings = session.merge_environment_settings(url=self.endpoint, proxies={}, stream=None,
-                                                      verify=None, cert=None)
+        proxies = dict()
+        if self.proxy is not None:      # pragma: no cover
+            # If there was a proxy specified then use it
+            proxies = {
+                'http': self.proxy,
+                'https': self.proxy
+            }
+
+        # Merge proxy environment variables
+        session.trust_env = self.proxy_use_env
+        settings = session.merge_environment_settings(url=self.endpoint,
+                      proxies=proxies, stream=None, verify=None, cert=None)
 
-        # get proxy settings from env
-        # FUTURE: allow proxy to be passed in directly to supersede this value
         session.proxies = settings['proxies']
 
         # specified validation mode takes precedence