Feature/http ssl verify configuration (#4547)

* add test for http ssl_verify configuration * add ssl_verify flag to HTTPTree
iterative · Sep 9, 2020 · 54a48e3 · 54a48e3
1 parent 1ca2dc1
commit 54a48e3
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 0 deletions.
diff --git a/dvc/config.py b/dvc/config.py
@@ -118,6 +118,7 @@ class RelPath(str):
     "user": str,
     "password": str,
     "ask_password": Bool,
+    "ssl_verify": Bool,
 }
 WEBDAV_COMMON = {
     "user": str,

diff --git a/dvc/tree/http.py b/dvc/tree/http.py
@@ -53,6 +53,7 @@ def __init__(self, repo, config):
         self.password = config.get("password", None)
         self.ask_password = config.get("ask_password", False)
         self.headers = {}
+        self.ssl_verify = config.get("ssl_verify", True)
 
     def _auth_method(self, path_info=None):
         from requests.auth import HTTPBasicAuth, HTTPDigestAuth
@@ -81,6 +82,8 @@ def _session(self):
 
         session = requests.Session()
 
+        session.verify = self.ssl_verify
+
         retries = Retry(
             total=self.SESSION_RETRIES,
             backoff_factor=self.SESSION_BACKOFF_FACTOR,

diff --git a/tests/unit/remote/test_http.py b/tests/unit/remote/test_http.py
@@ -80,3 +80,26 @@ def test_custom_auth_method(dvc):
     assert tree._auth_method() is None
     assert header in tree.headers
     assert tree.headers[header] == password
+
+
+def test_ssl_verify_is_enabled_by_default(dvc):
+    config = {
+        "url": "http://example.com/",
+        "path_info": "file.html",
+    }
+
+    tree = HTTPTree(dvc, config)
+
+    assert tree._session.verify is True
+
+
+def test_ssl_verify_disable(dvc):
+    config = {
+        "url": "http://example.com/",
+        "path_info": "file.html",
+        "ssl_verify": False,
+    }
+
+    tree = HTTPTree(dvc, config)
+
+    assert tree._session.verify is False