Last active
August 29, 2015 14:10
-
-
Save neuroticnerd/75007aa8b54446e4ae26 to your computer and use it in GitHub Desktop.
SSL and Requests workarounds for some annoying SSL/HTTPS errors
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# NOTE: these workarounds are collected here, but are NOT my work, | |
# credit goes to the original authors for finding the workarounds! | |
# TODO: add links to articles crediting original authors | |
try: | |
""" | |
if you don't want to patch the ssl library and are just using | |
requests, then you can use an adapter to force TLS on HTTPS; | |
""" | |
import requests | |
from requests.adapters import HTTPAdapter | |
from requests.packages.urllib3.poolmanager import PoolManager | |
class TLSAdapter(HTTPAdapter): | |
"""adapter allowing default TLS connections""" | |
def init_poolmanager(self, connections, maxsize, block=False): | |
self.poolmanager = PoolManager( | |
num_pools=connections, | |
maxsize=maxsize, | |
block=block, | |
ssl_version=ssl.PROTOCOL_TLSv1) | |
def no_warnings(): | |
"""disables urllib3 warnings (for verify=False on dev scripts)""" | |
requests.packages.urllib3.disable_warnings() | |
except: | |
print "requests library required" | |
def inject_urllib3(): | |
""" | |
requires urllib3, pyopenssl, ndg-httpsclient, pyasn1 | |
!note: pyopenssl is currently bugged for HTTPS requests! | |
""" | |
try: | |
import urllib3, OpenSSL, ndg, pyasn1 | |
from urllib3.contrib import pyopenssl | |
pyopenssl.inject_into_urllib3() | |
except: | |
print "SSL fix libraries are missing" | |
def ignore_broken_chunked_encoding(): | |
""" | |
when a server sends an improper response for chunked encoding, | |
terminates the connection early, or shouldn't be using chunked | |
transfer encoding in the first place, it causes exceptions | |
when using the requests library; this essentially suppresses | |
the exceptions, but the server is what really needs to be fixed | |
""" | |
try: | |
import httplib | |
def patch_read(func): | |
def inner(*args): | |
try: | |
return func(*args) | |
except httplib.IncompleteRead, e: | |
return e.partial | |
return inner | |
# prevents broken chunked encoding to raise stupid errors | |
httplib.HTTPResponse.read = patch_read(httplib.HTTPResponse.read) | |
except: | |
print "httplib cannot be found" | |
def forceSSLversion(ssl_version=None): | |
""" | |
this will force TLS for all SSL connections, which can fix | |
some pesky EOF exceptions and SSLv3 exceptions | |
!note: you must NOT have pyopenssl installed! | |
""" | |
try: | |
import ssl | |
from functools import wraps | |
if ssl_version is None: | |
ssl_version = ssl.PROTOCOL_TLSv1 | |
def sslwrap(func): | |
@wraps(func) | |
def wrapped_socket(*args, **kwargs): | |
kwargs['ssl_version'] = ssl_version | |
return func(*args, **kwargs) | |
return wrapped_socket | |
ssl.wrap_socket = sslwrap(ssl.wrap_socket) | |
except: | |
print "error patching SSL library" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment