implemented #3499 - Add to Webhook model to support user supplied CA certificate verrification of webhook requests

2024-05-10 07:54:54 +00:00 · 2019-10-13 01:43:08 -04:00
parent b25faec159
commit 09d7d38b04
4 changed files with 45 additions and 0 deletions
--- a/docs/release-notes/version-2.6.md
+++ b/docs/release-notes/version-2.6.md
@ -1,3 +1,15 @@
+# v2.6.7 (FUTURE)
+
+## Enhancements
+
+* [#3499](https://github.com/netbox-community/netbox/issues/3499) - Add `ca_file_path` to Webhook model to support user supplied CA certificate verrification of webhook requests
+
+## Bug Fixes
+
+
+
+---
+
 # v2.6.6 (2019-10-10)

 ## Notes
--- a/netbox/extras/migrations/0026_webhook_ca_file_path.py
+++ b/netbox/extras/migrations/0026_webhook_ca_file_path.py
@ -0,0 +1,18 @@
+# Generated by Django 2.2 on 2019-10-13 05:22
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('extras', '0025_objectchange_time_index'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='webhook',
+            name='ca_file_path',
+            field=models.CharField(blank=True, max_length=4096, null=True),
+        ),
+    ]
--- a/netbox/extras/models.py
+++ b/netbox/extras/models.py
@ -86,6 +86,14 @@ class Webhook(models.Model):
        verbose_name='SSL verification',
        help_text="Enable SSL certificate verification. Disable with caution!"
    )
+    ca_file_path = models.CharField(
+        max_length=4096,
+        null=True,
+        blank=True,
+        verbose_name='CA File Path',
+        help_text='The specific CA certificate file to use for SSL verification. '
+                  'Leave blank to use the system defaults.'
+    )

    class Meta:
        unique_together = ('payload_url', 'type_create', 'type_update', 'type_delete',)
@ -102,6 +110,11 @@ class Webhook(models.Model):
                "You must select at least one type: create, update, and/or delete."
            )

+        if not self.ssl_verification and self.ca_file_path:
+            raise ValidationError({
+                'ca_file_path': 'Do not specify a CA certificate file if SSL verification is dissabled.'
+            })
+

 #
 # Custom fields
--- a/netbox/extras/webhooks_worker.py
+++ b/netbox/extras/webhooks_worker.py
@ -49,6 +49,8 @@ def process_webhook(webhook, data, model_name, event, timestamp, username, reque

    with requests.Session() as session:
        session.verify = webhook.ssl_verification
+        if webhook.ca_file_path:
+            session.verify = webhook.ca_file_path
        response = session.send(prepared_request)

    if response.status_code >= 200 and response.status_code <= 299: