diff options
author | Alexandre Flament <alex@al-f.net> | 2022-07-19 23:40:11 +0200 |
---|---|---|
committer | Alexandre FLAMENT <alexandre.flament@hesge.ch> | 2022-10-14 13:59:22 +0000 |
commit | 32e8c2cf098ae59baae5672e70436e47299bec82 (patch) | |
tree | 2b70a212b2ccc5e26e77690f8a766f6e573c3c77 /searx/network/client.py | |
parent | 72f6367e2323b2c57b2bb479dbadccd5b690a986 (diff) |
searx.network: add "verify" option to the networks
Each network can define a verify option:
* false to disable certificate verification
* a path to existing certificate.
SearXNG uses SSL_CERT_FILE and SSL_CERT_DIR when they are defined
see https://www.python-httpx.org/environment_variables/#ssl_cert_file
Diffstat (limited to 'searx/network/client.py')
-rw-r--r-- | searx/network/client.py | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/searx/network/client.py b/searx/network/client.py index 11086dd3..f25aaf9a 100644 --- a/searx/network/client.py +++ b/searx/network/client.py @@ -26,9 +26,6 @@ else: logger = logger.getChild('searx.network.client') LOOP = None SSLCONTEXTS: Dict[Any, SSLContext] = {} -TRANSPORT_KWARGS = { - 'trust_env': False, -} def get_sslcontexts(proxy_url=None, cert=None, verify=True, trust_env=True, http2=False): @@ -74,7 +71,7 @@ def get_transport_for_socks_proxy(verify, http2, local_address, proxy_url, limit rdns = True proxy_type, proxy_host, proxy_port, proxy_username, proxy_password = parse_proxy_url(proxy_url) - verify = get_sslcontexts(proxy_url, None, True, False, http2) if verify is True else verify + verify = get_sslcontexts(proxy_url, None, verify, True, http2) if verify is True else verify return AsyncProxyTransportFixed( proxy_type=proxy_type, proxy_host=proxy_host, @@ -88,12 +85,11 @@ def get_transport_for_socks_proxy(verify, http2, local_address, proxy_url, limit local_address=local_address, limits=limit, retries=retries, - **TRANSPORT_KWARGS, ) def get_transport(verify, http2, local_address, proxy_url, limit, retries): - verify = get_sslcontexts(None, None, True, False, http2) if verify is True else verify + verify = get_sslcontexts(None, None, verify, True, http2) if verify is True else verify return httpx.AsyncHTTPTransport( # pylint: disable=protected-access verify=verify, @@ -102,7 +98,6 @@ def get_transport(verify, http2, local_address, proxy_url, limit, retries): proxy=httpx._config.Proxy(proxy_url) if proxy_url else None, local_address=local_address, retries=retries, - **TRANSPORT_KWARGS, ) |