Skip to content

Commit

Permalink
fix: updated ssl context to fix deprecation error
Browse files Browse the repository at this point in the history
  • Loading branch information
tsutterley committed Nov 17, 2023
1 parent f021e5e commit c609b5f
Showing 1 changed file with 38 additions and 7 deletions.
45 changes: 38 additions & 7 deletions pyTMD/utilities.py
Original file line number Diff line number Diff line change
@@ -1,14 +1,15 @@
#!/usr/bin/env python
u"""
utilities.py
Written by Tyler Sutterley (06/2023)
Written by Tyler Sutterley (11/2023)
Download and management utilities for syncing time and auxiliary files
PYTHON DEPENDENCIES:
lxml: processing XML and HTML in Python
https://pypi.python.org/pypi/lxml
UPDATE HISTORY:
Updated 11/2023: updated ssl context to fix deprecation error
Updated 06/2023: add functions to retrieve and revoke Earthdata tokens
Updated 05/2023: add reify decorator for evaluation of properties
make urs a keyword argument in CCDIS list and download functions
Expand Down Expand Up @@ -604,11 +605,41 @@ def from_ftp(
remote_buffer.seek(0)
return remote_buffer

def _create_default_ssl_context() -> ssl.SSLContext:
"""Creates the default SSL context
"""
context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
_set_ssl_context_options(context)
context.options |= ssl.OP_NO_COMPRESSION
return context

def _create_ssl_context_no_verify() -> ssl.SSLContext:
"""Creates an SSL context for unverified connections
"""
context = _create_default_ssl_context()
context.check_hostname = False
context.verify_mode = ssl.CERT_NONE
return context

def _set_ssl_context_options(context: ssl.SSLContext) -> None:
"""Sets the default options for the SSL context
"""
if sys.version_info >= (3, 10) or ssl.OPENSSL_VERSION_INFO >= (1, 1, 0, 7):
context.minimum_version = ssl.TLSVersion.TLSv1_2
else:
context.options |= ssl.OP_NO_SSLv2
context.options |= ssl.OP_NO_SSLv3
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1

Check warning on line 633 in pyTMD/utilities.py

View check run for this annotation

Codecov / codecov/patch

pyTMD/utilities.py#L630-L633

Added lines #L630 - L633 were not covered by tests

# default ssl context
_default_ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
_default_ssl_context = _create_ssl_context_no_verify()

# PURPOSE: check internet connection
def check_connection(HOST: str, context=_default_ssl_context):
def check_connection(
HOST: str,
context: ssl.SSLContext = _default_ssl_context,
):
"""
Check internet connection with http host
Expand All @@ -635,7 +666,7 @@ def check_connection(HOST: str, context=_default_ssl_context):
def http_list(
HOST: str | list,
timeout: int | None = None,
context = _default_ssl_context,
context: ssl.SSLContext = _default_ssl_context,
parser = lxml.etree.HTMLParser(),
format: str = '%Y-%m-%d %H:%M',
pattern: str = '',
Expand Down Expand Up @@ -709,7 +740,7 @@ def http_list(
def from_http(
HOST: str | list,
timeout: int | None = None,
context = _default_ssl_context,
context: ssl.SSLContext = _default_ssl_context,
local: str | pathlib.Path | None = None,
hash: str = '',
chunk: int = 16384,
Expand Down Expand Up @@ -1319,7 +1350,7 @@ def from_cddis(
def iers_list(
HOST: str | list,
timeout: int | None = None,
context = _default_ssl_context,
context: ssl.SSLContext = _default_ssl_context,
parser = lxml.etree.HTMLParser()
):
"""
Expand Down Expand Up @@ -1372,7 +1403,7 @@ def iers_list(
def from_jpl_ssd(
kernel='de440s.bsp',
timeout: int | None = None,
context = _default_ssl_context,
context: ssl.SSLContext = _default_ssl_context,
local: str | pathlib.Path | None = None,
hash: str = '',
chunk: int = 16384,
Expand Down

0 comments on commit c609b5f

Please sign in to comment.