server_cert_validation 'ignore' no longer works in 0.3.0

[kcd83]

The following no longer works against a self-signed certificate, has server_cert_validation changed?

from winrm.protocol import Protocol

p = Protocol(
    endpoint='https://somewindows:5986/wsman',
    transport='ntlm',
    username=r'\Admin',
    password='ThePassword1',
    server_cert_validation='ignore')
shell_id = p.open_shell()
command_id = p.run_command(shell_id, 'ipconfig', ['/all'])
std_out, std_err, status_code = p.get_command_output(shell_id, command_id)
print std_out
p.cleanup_command(shell_id, command_id)
p.close_shell(shell_id)

Traceback (most recent call last):
File "winrmtest.py", line 9, in
shell_id = p.open_shell()
File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 157, in open_shell
res = self.send_message(xmltodict.unparse(req))
File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 234, in send_message
resp = self.transport.send_message(message)
File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 256, in send_message
response = self._send_message_request(prepared_request, message)
File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 261, in _send_message_request
response = self.session.send(prepared_request, timeout=self.read_timeout_sec)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 618, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 506, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='123.45.67.89', port=5986): Max retries exceeded with url: /wsman (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))

With:

pip show pywinrm
---
Metadata-Version: 2.0
Name: pywinrm
Version: 0.3.0
Summary: Python library for Windows Remote Management
Home-page: http://github.com/diyan/pywinrm/
Author: Alexey Diyan
Author-email: alexey.diyan@gmail.com
Installer: pip
License: MIT license
Location: /usr/lib/python2.7/site-packages
Requires: six, requests-ntlm, requests, xmltodict
Classifiers:
  Development Status :: 4 - Beta
  Environment :: Console
  Intended Audience :: Developers
  Intended Audience :: System Administrators
  Natural Language :: English
  License :: OSI Approved :: MIT License
  Programming Language :: Python
  Programming Language :: Python :: 2
  Programming Language :: Python :: 2.6
  Programming Language :: Python :: 2.7
  Programming Language :: Python :: 3
  Programming Language :: Python :: 3.3
  Programming Language :: Python :: 3.4
  Programming Language :: Python :: 3.5
  Programming Language :: Python :: 3.6
  Programming Language :: Python :: Implementation :: PyPy
  Topic :: Software Development :: Libraries :: Python Modules
  Topic :: System :: Clustering
  Topic :: System :: Distributed Computing
  Topic :: System :: Systems Administration

However this previous release does work

pip show pywinrm
---
Metadata-Version: 2.0
Name: pywinrm
Version: 0.2.2
Summary: Python library for Windows Remote Management
Home-page: http://github.com/diyan/pywinrm/
Author: Alexey Diyan
Author-email: alexey.diyan@gmail.com
Installer: pip
License: MIT license
Location: /usr/lib/python2.7/site-packages
Requires: six, requests-ntlm, requests, xmltodict
Classifiers:
  Development Status :: 4 - Beta
  Environment :: Console
  Intended Audience :: Developers
  Intended Audience :: System Administrators
  Natural Language :: English
  License :: OSI Approved :: MIT License
  Programming Language :: Python
  Programming Language :: Python :: 2
  Programming Language :: Python :: 2.6
  Programming Language :: Python :: 2.7
  Programming Language :: Python :: 3
  Programming Language :: Python :: 3.3
  Programming Language :: Python :: 3.4
  Programming Language :: Python :: 3.5
  Programming Language :: Python :: 3.6
  Programming Language :: Python :: Implementation :: PyPy
  Topic :: Software Development :: Libraries :: Python Modules
  Topic :: System :: Clustering
  Topic :: System :: Distributed Computing
  Topic :: System :: Systems Administration

[jborean93]

The traceback does not seem to match the example script you gave us, are you able to verify you are running the correct script as it seems like you are calling Session in __init__.py and not the Protocol object directory. I can confirm this parameter works in 0.3.0 for me.

[nitzmahone]

I'm also unable to reproduce this- cert validation behavior is working fine for me on 0.3.0 as well (though it does bring up the fact that the pywinrm test suite is very minimal and doesn't exercise most of these code paths).

[kcd83]

Sorry that was the wrong trace! I reproduced it and updated the above.

I can reproduce this every time. Are you using a self-signed certificate?

# python winrmtest.py
Traceback (most recent call last):
  File "winrmtest.py", line 9, in <module>
    shell_id = p.open_shell()
  File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 157, in open_shell
    res = self.send_message(xmltodict.unparse(req))
  File "/usr/lib/python2.7/site-packages/winrm/protocol.py", line 234, in send_message
    resp = self.transport.send_message(message)
  File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 256, in send_message
    response = self._send_message_request(prepared_request, message)
  File "/usr/lib/python2.7/site-packages/winrm/transport.py", line 261, in _send_message_request
    response = self.session.send(prepared_request, timeout=self.read_timeout_sec)
  File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 618, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 506, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='12.34.56.106', port=5986): Max retries exceeded with url: /wsman (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
[root@95d63427a6ac lss-perftest-wlg]# pip install pywinrm==0.2.2
Collecting pywinrm==0.2.2
  Downloading pywinrm-0.2.2-py2.py3-none-any.whl
Requirement already satisfied (use --upgrade to upgrade): six in /usr/lib/python2.7/site-packages (from pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): requests-ntlm>=0.3.0 in /usr/lib/python2.7/site-packages (from pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): requests>=2.9.1 in /usr/lib/python2.7/site-packages (from pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): xmltodict in /usr/lib/python2.7/site-packages (from pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): cryptography>=1.3 in /usr/lib64/python2.7/site-packages (from requests-ntlm>=0.3.0->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): ntlm-auth>=1.0.2 in /usr/lib/python2.7/site-packages (from requests-ntlm>=0.3.0->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): certifi>=2017.4.17 in /usr/lib/python2.7/site-packages (from requests>=2.9.1->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): chardet<3.1.0,>=3.0.2 in /usr/lib/python2.7/site-packages (from requests>=2.9.1->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): idna<2.7,>=2.5 in /usr/lib/python2.7/site-packages (from requests>=2.9.1->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): urllib3<1.23,>=1.21.1 in /usr/lib/python2.7/site-packages (from requests>=2.9.1->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): asn1crypto>=0.21.0 in /usr/lib/python2.7/site-packages (from cryptography>=1.3->requests-ntlm>=0.3.0->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): cffi>=1.7 in /usr/lib64/python2.7/site-packages (from cryptography>=1.3->requests-ntlm>=0.3.0->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): enum34 in /usr/lib/python2.7/site-packages (from cryptography>=1.3->requests-ntlm>=0.3.0->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): ipaddress in /usr/lib/python2.7/site-packages (from cryptography>=1.3->requests-ntlm>=0.3.0->pywinrm==0.2.2)
Requirement already satisfied (use --upgrade to upgrade): pycparser in /usr/lib/python2.7/site-packages (from cffi>=1.7->cryptography>=1.3->requests-ntlm>=0.3.0->pywinrm==0.2.2)
Installing collected packages: pywinrm
  Found existing installation: pywinrm 0.3.0
    Uninstalling pywinrm-0.3.0:
      Successfully uninstalled pywinrm-0.3.0
Successfully installed pywinrm-0.2.2
You are using pip version 8.1.2, however version 9.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

# python winrmtest.py

Windows IP Configuration

   Host Name . . . . . . . . . . . . : kdyer-perftestl

This is the self-signed cert

 openssl s_client -connect 12.34.56.106:5986
CONNECTED(00000003)
depth=0 CN = Cloudbase-Init WinRM
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = Cloudbase-Init WinRM
verify return:1
---
Certificate chain
 0 s:/CN=Cloudbase-Init WinRM
   i:/CN=Cloudbase-Init WinRM
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICxjCCAa6gAwIBAgIQIyHpO+P2P7BFhR7rV6xr6TANBgkqhkiG9w0BAQUFADAf
MR0wGwYDVQQDExRDbG91ZGJhc2UtSW5pdCBXaW5STTAeFw0xODAxMDMwNzQ1NDha
Fw0yODAxMDMwNzQ1NDhaMB8xHTAbBgNVBAMTFENsb3VkYmFzZS1Jbml0IFdpblJN
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGcV28lX1ukojB7hC9iz
dOKEGd+Ua6I/R9J+2ZhB8XEx9bv5HgcuGNrkJBF3u4vqqhRQxTZFeodje15TKVp+
sNKHTl7bf9wBM26nmoONDZIxgl5xFQqQZ5bg4ETpcwwvwOa033aFNrn25IVzFmCA
ug3BcZkHFfiuBNJmCyrYLlxaKzFO0fJFMxjWV2mVlRSgMJ82GQ4ukv5QhO+VWs5J
9YEyF/9DV65KNGsHv6JIL51ymTXj/GNlKG1q5ao4UHl8WtkQADtxLzX5Otq/zPZu
ma//twVwKs9sHcPslh1ZBlRPg++/dggcUGeVZX6nufkBKOkC7lEyYJQ/JSjPFIzb
7wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA55uCNYGJU6wjs/02Q4dcSf+zoR8i/
/Q9th5GidgxLrUNtdx2UBVCrySEQtfqiuK9N5rJIiPkzdroa/eDbF+O8cU3Ydy7E
zNJ+fgGmE3C3g5jV70DhVV2EuZLNgf0s8XZI6ZRgr+6uIQxiFG7zjZe9wj7PxnLu
sMOliyUwygY1pDDQHB8UkZlbhiGhORPfh7zP6JwGfkqJstpu/nWMVuAHXYh088/I
2N52iclo+LaQZhD8dtWIEdChqrCIh2ecOTMtIa939IP8CsMoIgT+2lqtG2NXTsk+
YJzno1xZ2uCMW1ffTS62JffcWHoI95IboCyxfLtNm/R80ZhaWuS2RBdF
-----END CERTIFICATE-----
subject=/CN=Cloudbase-Init WinRM
issuer=/CN=Cloudbase-Init WinRM
---
No client certificate CA names sent
Peer signing digest: SHA1
Server Temp Key: ECDH, P-521, 521 bits
---
SSL handshake has read 1322 bytes and written 539 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-SHA384
    Session-ID: 762A00002BBFD14B0BA7F911E24540E2D76807D1FFA86110D2E220F545F5F925
    Session-ID-ctx:
    Master-Key: C36F7C479D5BAE1E5C339FB7E7589FB5621FE123FDB5564A647848A800335D653FED4141D6447AB4D25556BDF23AE48C
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1515013617
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---

Is there anything else I can provide?

[jborean93]

Thanks for that, I think the issue may be some incompatibility with python 2.7.5 that the Ansible issue showed you were using. Will have to find out why it no longer works on that version but it would be good to know if you can try out a newer Python version and tell us if that has the same issue.

[mcassaniti]

@nitzmahone In regards to lack of tests, #198 should hopefully assist.

[kcd83]

Sure can.

I get the same on python 3 (centos 3.4.5-5.el7)

# pip3 show pywinrm
Name: pywinrm
Version: 0.2.2
Summary: Python library for Windows Remote Management
Home-page: http://github.com/diyan/pywinrm/
Author: Alexey Diyan
Author-email: alexey.diyan@gmail.com
License: MIT license
Location: /usr/lib/python3.4/site-packages
Requires: xmltodict, requests, six, requests-ntlm

# python3 winrmtest3.py
b'\r\nWindows IP Configuration\

# pip3 install pywinrm==0.3.0
Collecting pywinrm==0.3.0
  Using cached pywinrm-0.3.0-py2.py3-none-any.whl
Requirement already satisfied: six in /usr/lib/python3.4/site-packages (from pywinrm==0.3.0)
Requirement already satisfied: xmltodict in /usr/lib/python3.4/site-packages (from pywinrm==0.3.0)
Requirement already satisfied: requests>=2.9.1 in /usr/lib/python3.4/site-packages (from pywinrm==0.3.0)
Requirement already satisfied: requests-ntlm>=0.3.0 in /usr/lib/python3.4/site-packages (from pywinrm==0.3.0)
Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/lib/python3.4/site-packages (from requests>=2.9.1->pywinrm==0.3.0)
Requirement already satisfied: idna<2.7,>=2.5 in /usr/lib/python3.4/site-packages (from requests>=2.9.1->pywinrm==0.3.0)
Requirement already satisfied: certifi>=2017.4.17 in /usr/lib/python3.4/site-packages (from requests>=2.9.1->pywinrm==0.3.0)
Requirement already satisfied: urllib3<1.23,>=1.21.1 in /usr/lib/python3.4/site-packages (from requests>=2.9.1->pywinrm==0.3.0)
Requirement already satisfied: cryptography>=1.3 in /usr/lib64/python3.4/site-packages (from requests-ntlm>=0.3.0->pywinrm==0.3.0)
Requirement already satisfied: ntlm-auth>=1.0.2 in /usr/lib/python3.4/site-packages (from requests-ntlm>=0.3.0->pywinrm==0.3.0)
Requirement already satisfied: asn1crypto>=0.21.0 in /usr/lib/python3.4/site-packages (from cryptography>=1.3->requests-ntlm>=0.3.0->pywinrm==0.3.0)
Requirement already satisfied: cffi>=1.7; platform_python_implementation != "PyPy" in /usr/lib64/python3.4/site-packages (from cryptography>=1.3->requests-ntlm>=0.3.0->pywinrm==0.3.0)
Requirement already satisfied: pycparser in /usr/lib/python3.4/site-packages (from cffi>=1.7; platform_python_implementation != "PyPy"->cryptography>=1.3->requests-ntlm>=0.3.0->pywinrm==0.3.0)
Installing collected packages: pywinrm
  Found existing installation: pywinrm 0.2.2
    Uninstalling pywinrm-0.2.2:
      Successfully uninstalled pywinrm-0.2.2
Successfully installed pywinrm-0.3.0

# python3 winrmtest3.py
Traceback (most recent call last):
  File "/usr/lib/python3.4/site-packages/urllib3/connectionpool.py", line 601, in urlopen
    chunked=chunked)
  File "/usr/lib/python3.4/site-packages/urllib3/connectionpool.py", line 346, in _make_request
    self._validate_conn(conn)
  File "/usr/lib/python3.4/site-packages/urllib3/connectionpool.py", line 850, in _validate_conn
    conn.connect()
  File "/usr/lib/python3.4/site-packages/urllib3/connection.py", line 326, in connect
    ssl_context=context)
  File "/usr/lib/python3.4/site-packages/urllib3/util/ssl_.py", line 329, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/usr/lib64/python3.4/ssl.py", line 362, in wrap_socket
    _context=self)
  File "/usr/lib64/python3.4/ssl.py", line 580, in __init__
    self.do_handshake()
  File "/usr/lib64/python3.4/ssl.py", line 807, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.4/site-packages/requests/adapters.py", line 440, in send
    timeout=timeout
  File "/usr/lib/python3.4/site-packages/urllib3/connectionpool.py", line 639, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/lib/python3.4/site-packages/urllib3/util/retry.py", line 388, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='12.34.56.106', port=5986): Max retries exceeded with url: /wsman (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)'),))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "winrmtest3.py", line 9, in <module>
    shell_id = p.open_shell()
  File "/usr/lib/python3.4/site-packages/winrm/protocol.py", line 157, in open_shell
    res = self.send_message(xmltodict.unparse(req))
  File "/usr/lib/python3.4/site-packages/winrm/protocol.py", line 234, in send_message
    resp = self.transport.send_message(message)
  File "/usr/lib/python3.4/site-packages/winrm/transport.py", line 256, in send_message
    response = self._send_message_request(prepared_request, message)
  File "/usr/lib/python3.4/site-packages/winrm/transport.py", line 261, in _send_message_request
    response = self.session.send(prepared_request, timeout=self.read_timeout_sec)
  File "/usr/lib/python3.4/site-packages/requests/sessions.py", line 618, in send
    r = adapter.send(request, **kwargs)
  File "/usr/lib/python3.4/site-packages/requests/adapters.py", line 506, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='12.34.56.106', port=5986): Max retries exceeded with url: /wsman (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)'),))

[nitzmahone]

Yep, self-signed cert... Something really weird going on there, because your test works fine for me with 0.3.0 on CentOS7.4 under both python 2.7.5 and 3.4.5. At this point, I'd start being a little suspicious of your OpenSSL installation maybe? Some other nonstandard bits? I'm running off a brand-new container, and it works as expected:

[root@centos7 ~]# cat /etc/centos-release
CentOS Linux release 7.4.1708 (Core) 
[root@centos7 ~]# pip show pywinrm
Name: pywinrm
Version: 0.3.0
Summary: Python library for Windows Remote Management
Home-page: http://github.com/diyan/pywinrm/
Author: Alexey Diyan
Author-email: alexey.diyan@gmail.com
License: MIT license
Location: /usr/lib/python3.4/site-packages
Requires: xmltodict, requests-ntlm, requests, six
[root@centos7 ~]# python --version
Python 2.7.5
[root@centos7 ~]# pip list
DEPRECATION: The default format will switch to columns in the future. You can use --format=(legacy|columns) (or define a format=(legacy|columns) in your pip.conf under the [list] section) to disable this warning.
asn1crypto (0.24.0)
certifi (2017.11.5)
cffi (1.11.2)
chardet (3.0.4)
cryptography (2.1.4)
idna (2.6)
ntlm-auth (1.0.6)
pip (9.0.1)
pycparser (2.18)
pywinrm (0.3.0)
requests (2.18.4)
requests-ntlm (1.1.0)
setuptools (38.2.5)
six (1.11.0)
urllib3 (1.22)
wheel (0.30.0)
xmltodict (0.11.0)
[root@centos7 ~]# python test.py

Windows IP Configuration
...

and 3.4.5:

[root@centos7 ~]# pip3 show pywinrm
Name: pywinrm
Version: 0.3.0
Summary: Python library for Windows Remote Management
Home-page: http://github.com/diyan/pywinrm/
Author: Alexey Diyan
Author-email: alexey.diyan@gmail.com
License: MIT license
Location: /usr/lib/python3.4/site-packages
Requires: xmltodict, requests, requests-ntlm, six
[root@centos7 ~]# python3.4 --version
Python 3.4.5
[root@centos7 ~]# pip3 list
DEPRECATION: The default format will switch to columns in the future. You can use --format=(legacy|columns) (or define a format=(legacy|columns) in your pip.conf under the [list] section) to disable this warning.
asn1crypto (0.24.0)
certifi (2017.11.5)
cffi (1.11.2)
chardet (3.0.4)
cryptography (2.1.4)
idna (2.6)
ntlm-auth (1.0.6)
pip (9.0.1)
pycparser (2.18)
pywinrm (0.3.0)
requests (2.18.4)
requests-ntlm (1.1.0)
setuptools (38.2.5)
six (1.11.0)
urllib3 (1.22)
wheel (0.30.0)
xmltodict (0.11.0)
[root@centos7 ~]# python3.4 test.py  
b'\r\nWindows IP Configuration\r\n\r\n 
...

[nitzmahone]

Aha, @jborean93 and I were kicking this around- my psychic powers tell me you might have REQUESTS_CA_BUNDLE or CURL_CA_BUNDLE envvars set? There was a last-minute PR I merged for 0.3.0 (#160) that inadvertently makes the presence of that envvar force validation...

Can you confirm that (and make sure that things work as expected if you unset the envvar)? We'll move that around so that the validation setting still takes precedence for 0.3.1.

[kcd83]

Yes! I do set a CA bundle so this must be it On 5/01/2018 10:27 AM, "Matt Davis" <notifications@github.com> wrote: Aha, @jborean93 <https://github.com/jborean93> and I were kicking this around- my psychic powers tell me you might have REQUESTS_CA_BUNDLE or CURL_CA_BUNDLE envvars set? There was a last-minute PR I merged for 0.3.0 ( #160 <#160>) that inadvertently makes the presence of that envvar force validation... Can you confirm that (and make sure that things work as expected if you unset the envvar)? We'll move that around so that the validation setting still takes precedence for 0.3.1. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#201 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AArK8Izp3sJHfelciBLS7mEnNnG_1TL1ks5tHUJKgaJpZM4RROz8> .

[kcd83]

Thanks for turning this one around quickly! 🚤

[jkodroff]

@nitzmahone I appreciate that the bug was fixed so quickly, but any idea when the fix will be available in the published pip package (which, as of time of writing, still says 0.3.0)? This bug really bit me hard, and I'm guessing other folks provisioning Windows boxes with Ansible are similarly affected.

[nicolaibaralmueller]

@nitzmahone I appreciate that the bug was fixed so quickly, but any idea when the fix will be available in the published pip package (which, as of time of writing, still says 0.3.0)? This bug really bit me hard, and I'm guessing other folks provisioning Windows boxes with Ansible are similarly affected.

Same issue here. Python 2.7.5 with pywinrm 0.3.0 installed on the awx docker instance. For some reasion, upgrading python is not possible.

[spitfire55]

So for others like me who spent hours trying to figure out what was potentially wrong with Ansible, Vagrant, Packer, WinRM etc., the temporary solution to simply downgrade pywinrm back to 0.2.2 via pip3 install --user "pywinrm==0.2.2"

[sparky005]

hey @nitzmahone, any idea when this change might be released?

[dentarg]

https://github.com/diyan/pywinrm/releases/tag/v0.4.0 was released yesterday.