From 54a48e3256ffc18f47e51fc23a5a3e1488d2b57e Mon Sep 17 00:00:00 2001 From: Victor Date: Wed, 9 Sep 2020 18:27:43 +0200 Subject: [PATCH] Feature/http ssl verify configuration (#4547) * add test for http ssl_verify configuration * add ssl_verify flag to HTTPTree --- dvc/config.py | 1 + dvc/tree/http.py | 3 +++ tests/unit/remote/test_http.py | 23 +++++++++++++++++++++++ 3 files changed, 27 insertions(+) diff --git a/dvc/config.py b/dvc/config.py index 0f1bafac67..3fac939593 100644 --- a/dvc/config.py +++ b/dvc/config.py @@ -118,6 +118,7 @@ class RelPath(str): "user": str, "password": str, "ask_password": Bool, + "ssl_verify": Bool, } WEBDAV_COMMON = { "user": str, diff --git a/dvc/tree/http.py b/dvc/tree/http.py index 18d793cf37..39fa85deb7 100644 --- a/dvc/tree/http.py +++ b/dvc/tree/http.py @@ -53,6 +53,7 @@ def __init__(self, repo, config): self.password = config.get("password", None) self.ask_password = config.get("ask_password", False) self.headers = {} + self.ssl_verify = config.get("ssl_verify", True) def _auth_method(self, path_info=None): from requests.auth import HTTPBasicAuth, HTTPDigestAuth @@ -81,6 +82,8 @@ def _session(self): session = requests.Session() + session.verify = self.ssl_verify + retries = Retry( total=self.SESSION_RETRIES, backoff_factor=self.SESSION_BACKOFF_FACTOR, diff --git a/tests/unit/remote/test_http.py b/tests/unit/remote/test_http.py index 8a761a242d..a82d236429 100644 --- a/tests/unit/remote/test_http.py +++ b/tests/unit/remote/test_http.py @@ -80,3 +80,26 @@ def test_custom_auth_method(dvc): assert tree._auth_method() is None assert header in tree.headers assert tree.headers[header] == password + + +def test_ssl_verify_is_enabled_by_default(dvc): + config = { + "url": "http://example.com/", + "path_info": "file.html", + } + + tree = HTTPTree(dvc, config) + + assert tree._session.verify is True + + +def test_ssl_verify_disable(dvc): + config = { + "url": "http://example.com/", + "path_info": "file.html", + "ssl_verify": False, + } + + tree = HTTPTree(dvc, config) + + assert tree._session.verify is False