Ability to disable SSL cert verification
Adds a --no-ssl-verify argument. Adds a no_ssl_verify boolean config option.
This commit is contained in:
parent
df7bf5cddb
commit
6f2176741d
9 changed files with 70 additions and 6 deletions
|
@ -12,6 +12,7 @@ include =
|
||||||
.*
|
.*
|
||||||
offline = false
|
offline = false
|
||||||
proxy = https://user:pass@localhost:8080
|
proxy = https://user:pass@localhost:8080
|
||||||
|
no_ssl_verify = false
|
||||||
timeout = abc
|
timeout = abc
|
||||||
api_url = https://localhost:0/api/v1/heartbeats
|
api_url = https://localhost:0/api/v1/heartbeats
|
||||||
hostname = fromcfgfile
|
hostname = fromcfgfile
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
|
usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
|
||||||
[--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
|
[--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
|
||||||
[--entity-type ENTITY_TYPE] [--proxy PROXY]
|
[--entity-type ENTITY_TYPE] [--proxy PROXY] [--no-ssl-verify]
|
||||||
[--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
|
[--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
|
||||||
[--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
|
[--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
|
||||||
[--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
|
[--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
|
usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
|
||||||
[--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
|
[--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
|
||||||
[--entity-type ENTITY_TYPE] [--proxy PROXY]
|
[--entity-type ENTITY_TYPE] [--proxy PROXY] [--no-ssl-verify]
|
||||||
[--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
|
[--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
|
||||||
[--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
|
[--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
|
||||||
[--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
|
[--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
|
usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
|
||||||
[--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
|
[--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
|
||||||
[--entity-type ENTITY_TYPE] [--proxy PROXY]
|
[--entity-type ENTITY_TYPE] [--proxy PROXY] [--no-ssl-verify]
|
||||||
[--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
|
[--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
|
||||||
[--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
|
[--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
|
||||||
[--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
|
[--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
|
usage: wakatime [-h] [--entity FILE] [--key KEY] [--write] [--plugin PLUGIN]
|
||||||
[--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
|
[--time time] [--lineno LINENO] [--cursorpos CURSORPOS]
|
||||||
[--entity-type ENTITY_TYPE] [--proxy PROXY]
|
[--entity-type ENTITY_TYPE] [--proxy PROXY] [--no-ssl-verify]
|
||||||
[--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
|
[--project PROJECT] [--alternate-project ALTERNATE_PROJECT]
|
||||||
[--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
|
[--language LANGUAGE] [--hostname HOSTNAME] [--disableoffline]
|
||||||
[--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
|
[--hidefilenames] [--exclude EXCLUDE] [--include INCLUDE]
|
||||||
|
@ -30,6 +30,8 @@ optional arguments:
|
||||||
--proxy PROXY optional proxy configuration. Supports HTTPS and SOCKS
|
--proxy PROXY optional proxy configuration. Supports HTTPS and SOCKS
|
||||||
proxies. For example: https://user:pass@host:port or
|
proxies. For example: https://user:pass@host:port or
|
||||||
socks5://user:pass@host:port or domain\user:pass
|
socks5://user:pass@host:port or domain\user:pass
|
||||||
|
--no-ssl-verify disables SSL certificate verification for HTTPS
|
||||||
|
requests. By default, SSL certificates are verified.
|
||||||
--project PROJECT optional project name
|
--project PROJECT optional project name
|
||||||
--alternate-project ALTERNATE_PROJECT
|
--alternate-project ALTERNATE_PROJECT
|
||||||
optional alternate project name; auto-discovered
|
optional alternate project name; auto-discovered
|
||||||
|
|
|
@ -351,6 +351,32 @@ class MainTestCase(utils.TestCase):
|
||||||
|
|
||||||
self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].assert_called_once_with(ANY, cert=None, proxies={'https': proxy}, stream=False, timeout=60, verify=True)
|
self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].assert_called_once_with(ANY, cert=None, proxies={'https': proxy}, stream=False, timeout=60, verify=True)
|
||||||
|
|
||||||
|
def test_disable_ssl_verify_argument(self):
|
||||||
|
response = Response()
|
||||||
|
response.status_code = 201
|
||||||
|
self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].return_value = response
|
||||||
|
|
||||||
|
with utils.TemporaryDirectory() as tempdir:
|
||||||
|
entity = 'tests/samples/codefiles/emptyfile.txt'
|
||||||
|
shutil.copy(entity, os.path.join(tempdir, 'emptyfile.txt'))
|
||||||
|
entity = os.path.realpath(os.path.join(tempdir, 'emptyfile.txt'))
|
||||||
|
|
||||||
|
config = 'tests/samples/configs/good_config.cfg'
|
||||||
|
args = ['--file', entity, '--config', config, '--no-ssl-verify']
|
||||||
|
retval = execute(args)
|
||||||
|
self.assertEquals(retval, SUCCESS)
|
||||||
|
self.assertEquals(sys.stdout.getvalue(), '')
|
||||||
|
self.assertEquals(sys.stderr.getvalue(), '')
|
||||||
|
|
||||||
|
self.patched['wakatime.session_cache.SessionCache.get'].assert_called_once_with()
|
||||||
|
self.patched['wakatime.session_cache.SessionCache.delete'].assert_not_called()
|
||||||
|
self.patched['wakatime.session_cache.SessionCache.save'].assert_called_once_with(ANY)
|
||||||
|
|
||||||
|
self.patched['wakatime.offlinequeue.Queue.push'].assert_not_called()
|
||||||
|
self.patched['wakatime.offlinequeue.Queue.pop'].assert_called_once_with()
|
||||||
|
|
||||||
|
self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].assert_called_once_with(ANY, cert=None, proxies=ANY, stream=False, timeout=60, verify=False)
|
||||||
|
|
||||||
def test_write_argument(self):
|
def test_write_argument(self):
|
||||||
response = Response()
|
response = Response()
|
||||||
response.status_code = 0
|
response.status_code = 0
|
||||||
|
|
|
@ -551,3 +551,29 @@ class MainTestCase(utils.TestCase):
|
||||||
|
|
||||||
headers = self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].call_args[0][0].headers
|
headers = self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].call_args[0][0].headers
|
||||||
self.assertEquals(headers.get('X-Machine-Name'), hostname.encode('utf-8') if is_py3 else hostname)
|
self.assertEquals(headers.get('X-Machine-Name'), hostname.encode('utf-8') if is_py3 else hostname)
|
||||||
|
|
||||||
|
def test_no_ssl_verify_from_config_file(self):
|
||||||
|
response = Response()
|
||||||
|
response.status_code = 201
|
||||||
|
self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].return_value = response
|
||||||
|
|
||||||
|
with utils.TemporaryDirectory() as tempdir:
|
||||||
|
entity = 'tests/samples/codefiles/emptyfile.txt'
|
||||||
|
shutil.copy(entity, os.path.join(tempdir, 'emptyfile.txt'))
|
||||||
|
entity = os.path.realpath(os.path.join(tempdir, 'emptyfile.txt'))
|
||||||
|
|
||||||
|
config = 'tests/samples/configs/has_ssl_verify_disabled.cfg'
|
||||||
|
args = ['--file', entity, '--config', config, '--timeout', '15']
|
||||||
|
retval = execute(args)
|
||||||
|
self.assertEquals(retval, SUCCESS)
|
||||||
|
self.assertEquals(sys.stdout.getvalue(), '')
|
||||||
|
self.assertEquals(sys.stderr.getvalue(), '')
|
||||||
|
|
||||||
|
self.patched['wakatime.session_cache.SessionCache.get'].assert_called_once_with()
|
||||||
|
self.patched['wakatime.session_cache.SessionCache.delete'].assert_not_called()
|
||||||
|
self.patched['wakatime.session_cache.SessionCache.save'].assert_called_once_with(ANY)
|
||||||
|
|
||||||
|
self.patched['wakatime.offlinequeue.Queue.push'].assert_not_called()
|
||||||
|
self.patched['wakatime.offlinequeue.Queue.pop'].assert_called_once_with()
|
||||||
|
|
||||||
|
self.patched['wakatime.packages.requests.adapters.HTTPAdapter.send'].assert_called_once_with(ANY, cert=None, proxies=ANY, stream=False, timeout=15, verify=False)
|
||||||
|
|
|
@ -76,6 +76,10 @@ def parseArguments():
|
||||||
'https://user:pass@host:port or '+
|
'https://user:pass@host:port or '+
|
||||||
'socks5://user:pass@host:port or ' +
|
'socks5://user:pass@host:port or ' +
|
||||||
'domain\\user:pass')
|
'domain\\user:pass')
|
||||||
|
parser.add_argument('--no-ssl-verify', dest='nosslverify',
|
||||||
|
action='store_true',
|
||||||
|
help='disables SSL certificate verification for HTTPS '+
|
||||||
|
'requests. By default, SSL certificates are verified.')
|
||||||
parser.add_argument('--project', dest='project',
|
parser.add_argument('--project', dest='project',
|
||||||
help='optional project name')
|
help='optional project name')
|
||||||
parser.add_argument('--alternate-project', dest='alternate_project',
|
parser.add_argument('--alternate-project', dest='alternate_project',
|
||||||
|
@ -214,6 +218,8 @@ def parseArguments():
|
||||||
'https://user:pass@host:port or ' +
|
'https://user:pass@host:port or ' +
|
||||||
'socks5://user:pass@host:port or ' +
|
'socks5://user:pass@host:port or ' +
|
||||||
'domain\\user:pass.')
|
'domain\\user:pass.')
|
||||||
|
if configs.has_option('settings', 'no_ssl_verify'):
|
||||||
|
args.nosslverify = configs.getboolean('settings', 'no_ssl_verify')
|
||||||
if not args.verbose and configs.has_option('settings', 'verbose'):
|
if not args.verbose and configs.has_option('settings', 'verbose'):
|
||||||
args.verbose = configs.getboolean('settings', 'verbose')
|
args.verbose = configs.getboolean('settings', 'verbose')
|
||||||
if not args.verbose and configs.has_option('settings', 'debug'):
|
if not args.verbose and configs.has_option('settings', 'debug'):
|
||||||
|
|
|
@ -62,7 +62,8 @@ from .packages import tzlocal
|
||||||
def send_heartbeat(project=None, branch=None, hostname=None, stats={}, key=None,
|
def send_heartbeat(project=None, branch=None, hostname=None, stats={}, key=None,
|
||||||
entity=None, timestamp=None, is_write=None, plugin=None,
|
entity=None, timestamp=None, is_write=None, plugin=None,
|
||||||
offline=None, entity_type='file', hidefilenames=None,
|
offline=None, entity_type='file', hidefilenames=None,
|
||||||
proxy=None, api_url=None, timeout=None, **kwargs):
|
proxy=None, nosslverify=None, api_url=None, timeout=None,
|
||||||
|
**kwargs):
|
||||||
"""Sends heartbeat as POST request to WakaTime api server.
|
"""Sends heartbeat as POST request to WakaTime api server.
|
||||||
|
|
||||||
Returns `SUCCESS` when heartbeat was sent, otherwise returns an
|
Returns `SUCCESS` when heartbeat was sent, otherwise returns an
|
||||||
|
@ -151,7 +152,8 @@ def send_heartbeat(project=None, branch=None, hostname=None, stats={}, key=None,
|
||||||
response = None
|
response = None
|
||||||
try:
|
try:
|
||||||
response = session.post(api_url, data=request_body, headers=headers,
|
response = session.post(api_url, data=request_body, headers=headers,
|
||||||
proxies=proxies, timeout=timeout)
|
proxies=proxies, timeout=timeout,
|
||||||
|
verify=not nosslverify)
|
||||||
except RequestException:
|
except RequestException:
|
||||||
exception_data = {
|
exception_data = {
|
||||||
sys.exc_info()[0].__name__: u(sys.exc_info()[1]),
|
sys.exc_info()[0].__name__: u(sys.exc_info()[1]),
|
||||||
|
@ -286,6 +288,7 @@ def process_heartbeat(args, configs, hostname, heartbeat):
|
||||||
heartbeat['offline'] = args.offline
|
heartbeat['offline'] = args.offline
|
||||||
heartbeat['hidefilenames'] = args.hidefilenames
|
heartbeat['hidefilenames'] = args.hidefilenames
|
||||||
heartbeat['proxy'] = args.proxy
|
heartbeat['proxy'] = args.proxy
|
||||||
|
heartbeat['nosslverify'] = args.nosslverify
|
||||||
heartbeat['api_url'] = args.api_url
|
heartbeat['api_url'] = args.api_url
|
||||||
|
|
||||||
return send_heartbeat(**heartbeat)
|
return send_heartbeat(**heartbeat)
|
||||||
|
|
Loading…
Reference in a new issue