Ability to disable SSL cert verification

Adds a --no-ssl-verify argument. Adds a no_ssl_verify boolean config option.
2017-05-05 17:09:17 -07:00 · 2017-05-05 17:09:17 -07:00 · 6f2176741d
commit 6f2176741d
parent df7bf5cddb
9 changed files with 70 additions and 6 deletions
--- a/tests/samples/configs/has_everything.cfg
+++ b/tests/samples/configs/has_everything.cfg
@ -12,6 +12,7 @@ include =
    .*
 offline = false
 proxy = https://user:pass@localhost:8080
+no_ssl_verify = false
 timeout = abc
 api_url = https://localhost:0/api/v1/heartbeats
 hostname = fromcfgfile
--- a/tests/samples/output/configs_test_config_file_not_passed_in_command_line_args
+++ b/tests/samples/output/configs_test_config_file_not_passed_in_command_line_args
@ -1,6 +1,6 @@
 usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
                [--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
-                [--entity-type ENTITY_TYPE] [--proxy PROXY]
+                [--entity-type ENTITY_TYPE] [--proxy PROXY] [--no-ssl-verify]
                [--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
                [--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
                [--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
--- a/tests/samples/output/configs_test_missing_config_file
+++ b/tests/samples/output/configs_test_missing_config_file
@ -1,6 +1,6 @@
 usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
                [--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
-                [--entity-type ENTITY_TYPE] [--proxy PROXY]
+                [--entity-type ENTITY_TYPE] [--proxy PROXY] [--no-ssl-verify]
                [--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
                [--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
                [--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
--- a/tests/samples/output/main_test_timeout_passed_via_command_line
+++ b/tests/samples/output/main_test_timeout_passed_via_command_line
@ -1,6 +1,6 @@
 usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
                [--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
-                [--entity-type ENTITY_TYPE] [--proxy PROXY]
+                [--entity-type ENTITY_TYPE] [--proxy PROXY] [--no-ssl-verify]
                [--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
                [--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
                [--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
--- a/tests/samples/output/test_help_contents
+++ b/tests/samples/output/test_help_contents
@ -1,6 +1,6 @@
 usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
                [--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
-                [--entity-type ENTITY_TYPE] [--proxy PROXY]
+                [--entity-type ENTITY_TYPE] [--proxy PROXY] [--no-ssl-verify]
                [--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
                [--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
                [--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
@ -30,6 +30,8 @@ optional arguments:
  --proxy PROXY         optional proxy configuration. Supports HTTPS and SOCKS
                        proxies. For example: https://user:pass@host:port or
                        socks5://user:pass@host:port or domain\user:pass
+  --no-ssl-verify       disables SSL certificate verification for HTTPS
+                        requests. By default, SSL certificates are verified.
  --project PROJECT     optional project name
  --alternate-project ALTERNATE_PROJECT
                        optional alternate project name; auto-discovered
--- a/tests/test_arguments.py
+++ b/tests/test_arguments.py
@ -351,6 +351,32 @@ class MainTestCase(utils.TestCase):

            self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].assert_called_once_with(ANY, cert=None, proxies={'https': proxy}, stream=False, timeout=60, verify=True)

+    def test_disable_ssl_verify_argument(self):
+        response = Response()
+        response.status_code = 201
+        self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].return_value = response
+
+        with utils.TemporaryDirectory() as tempdir:
+            entity = 'tests/samples/codefiles/emptyfile.txt'
+            shutil.copy(entity, os.path.join(tempdir, 'emptyfile.txt'))
+            entity = os.path.realpath(os.path.join(tempdir, 'emptyfile.txt'))
+
+            config = 'tests/samples/configs/good_config.cfg'
+            args = ['--file', entity, '--config', config, '--no-ssl-verify']
+            retval = execute(args)
+            self.assertEquals(retval, SUCCESS)
+            self.assertEquals(sys.stdout.getvalue(), '')
+            self.assertEquals(sys.stderr.getvalue(), '')
+
+            self.patched['wakatime.session_cache.SessionCache.get'].assert_called_once_with()
+            self.patched['wakatime.session_cache.SessionCache.delete'].assert_not_called()
+            self.patched['wakatime.session_cache.SessionCache.save'].assert_called_once_with(ANY)
+
+            self.patched['wakatime.offlinequeue.Queue.push'].assert_not_called()
+            self.patched['wakatime.offlinequeue.Queue.pop'].assert_called_once_with()
+
+            self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].assert_called_once_with(ANY, cert=None, proxies=ANY, stream=False, timeout=60, verify=False)
+
    def test_write_argument(self):
        response = Response()
        response.status_code = 0
--- a/tests/test_configs.py
+++ b/tests/test_configs.py
@ -551,3 +551,29 @@ class MainTestCase(utils.TestCase):

            headers = self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].call_args[0][0].headers
            self.assertEquals(headers.get('X-Machine-Name'), hostname.encode('utf-8') if is_py3 else hostname)
+
+    def test_no_ssl_verify_from_config_file(self):
+        response = Response()
+        response.status_code = 201
+        self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].return_value = response
+
+        with utils.TemporaryDirectory() as tempdir:
+            entity = 'tests/samples/codefiles/emptyfile.txt'
+            shutil.copy(entity, os.path.join(tempdir, 'emptyfile.txt'))
+            entity = os.path.realpath(os.path.join(tempdir, 'emptyfile.txt'))
+
+            config = 'tests/samples/configs/has_ssl_verify_disabled.cfg'
+            args = ['--file', entity, '--config', config, '--timeout', '15']
+            retval = execute(args)
+            self.assertEquals(retval, SUCCESS)
+            self.assertEquals(sys.stdout.getvalue(), '')
+            self.assertEquals(sys.stderr.getvalue(), '')
+
+            self.patched['wakatime.session_cache.SessionCache.get'].assert_called_once_with()
+            self.patched['wakatime.session_cache.SessionCache.delete'].assert_not_called()
+            self.patched['wakatime.session_cache.SessionCache.save'].assert_called_once_with(ANY)
+
+            self.patched['wakatime.offlinequeue.Queue.push'].assert_not_called()
+            self.patched['wakatime.offlinequeue.Queue.pop'].assert_called_once_with()
+
+            self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].assert_called_once_with(ANY, cert=None, proxies=ANY, stream=False, timeout=15, verify=False)