From e6249455a380fed0b960889a1c0e79c4ab2d1d9c Mon Sep 17 00:00:00 2001
From: NimishaS <nimisha.sharad@clogeny.com>
Date: Tue, 3 Nov 2015 17:29:28 +0530
Subject: [PATCH] Passing node_ssl_verify_mode to client.rb

---
 lib/chef/azure/commands/enable.rb        |  1 +
 lib/chef/azure/core/bootstrap_context.rb | 23 +++++++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/lib/chef/azure/commands/enable.rb b/lib/chef/azure/commands/enable.rb
index 130c18fb..fc7c5f23 100644
--- a/lib/chef/azure/commands/enable.rb
+++ b/lib/chef/azure/commands/enable.rb
@@ -136,6 +136,7 @@ def configure_chef_only_once
         template_file = File.expand_path(File.dirname(File.dirname(__FILE__)))
         config[:secret] =  bootstrap_options['secret'] || bootstrap_options['encrypted_data_bag_secret']
         config[:node_verify_api_cert] =  bootstrap_options['node_verify_api_cert'] if bootstrap_options['node_verify_api_cert']
+        config[:node_ssl_verify_mode] =  bootstrap_options['node_ssl_verify_mode'] if bootstrap_options['node_ssl_verify_mode']
         runlist = @run_list.empty? ? [] : escape_runlist(@run_list)
        # load_cloud_attributes_in_hints
         if windows?
diff --git a/lib/chef/azure/core/bootstrap_context.rb b/lib/chef/azure/core/bootstrap_context.rb
index 14cca5f6..77578812 100644
--- a/lib/chef/azure/core/bootstrap_context.rb
+++ b/lib/chef/azure/core/bootstrap_context.rb
@@ -50,6 +50,29 @@ def config_content
             client_rb << %Q{verify_api_cert #{value}\n}
           end
 
+          # We configure :ssl_verify_mode only when it's overridden on the CLI
+          # or when specified in the knife config.
+          if @config[:node_ssl_verify_mode] || knife_config.has_key?(:ssl_verify_mode)
+            value = case @config[:node_ssl_verify_mode]
+            when "peer"
+              :verify_peer
+            when "none"
+              :verify_none
+            when nil
+              knife_config[:ssl_verify_mode]
+            else
+              nil
+            end
+
+            if value
+              client_rb << %Q{ssl_verify_mode :#{value}\n}
+            end
+          end
+
+          if @config[:ssl_verify_mode]
+            client_rb << %Q{ssl_verify_mode :#{knife_config[:ssl_verify_mode]}\n}
+          end
+
           client_rb <<  %Q{log_location       "#{@config[:log_location]}/chef-client.log"\n}
           client_rb <<  %Q{chef_server_url       "#{@config[:chef_server_url]}"\n} if @config[:chef_server_url]
           client_rb <<  %Q{validation_client_name       "#{@config[:validation_client_name]}"\n} if @config[:validation_client_name]