wordswords/gist:429a76025866db4a347fbef7fa29fa54

## gistfile1.txt
From e78519a6b01c326a7d9b563ad07188358ecce699 Mon Sep 17 00:00:00 2001
From: David Craddock <contact@davidcraddock.net>
Date: Tue, 2 Feb 2021 12:23:10 +0000
Subject: [PATCH] Workaround for no-cert-verify issue with python2.7

This skips the verification of the supplied server certificate.
It enables the plugin to be used again but creates a security
issue in that the server cert is not verified.
---
 rplugin/python/floobits/common/api.py                  | 6 +++++-
 rplugin/python/floobits/common/protocols/floo_proto.py | 3 ++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/rplugin/python/floobits/common/api.py b/rplugin/python/floobits/common/api.py
index f78b8b6..6b6a67a 100644
--- a/rplugin/python/floobits/common/api.py
+++ b/rplugin/python/floobits/common/api.py
@@ -4,6 +4,7 @@ import json
 import subprocess
 import traceback
 import os.path
+import ssl
 from functools import wraps

 try:
@@ -125,7 +126,10 @@ def hit_url(host, url, data, method):
     cafile = os.path.join(G.BASE_DIR, 'floobits.pem')
     with open(cafile, 'wb') as cert_fd:
         cert_fd.write(cert.CA_CERT.encode('utf-8'))
-    return urlopen(r, timeout=10, cafile=cafile)
+    ctx = ssl.create_default_context()
+    ctx.check_hostname = False
+    ctx.verify_mode = ssl.CERT_NONE
+    return urlopen(r, timeout=10, context=ctx)


 def api_request(host, url, data=None, method=None):
diff --git a/rplugin/python/floobits/common/protocols/floo_proto.py b/rplugin/python/floobits/common/protocols/floo_proto.py
index 53662e1..00a53a3 100644
--- a/rplugin/python/floobits/common/protocols/floo_proto.py
+++ b/rplugin/python/floobits/common/protocols/floo_proto.py
@@ -148,7 +148,8 @@ class FlooProtocol(base.BaseProtocol):
                 return self.reconnect()
         if self._secure:
             sock_debug('SSL-wrapping socket')
-            self._sock = ssl.wrap_socket(self._sock, ca_certs=self._cert_path, cert_reqs=ssl.CERT_REQUIRED, do_handshake_on_connect=False)
+            self._sock = ssl.wrap_socket(self._sock, ca_certs=self._cert_path,
+                    cert_reqs=ssl.CERT_NONE, do_handshake_on_connect=False)

         self._q.clear()
         self._buf_out = bytes()
--
2.27.0
	From e78519a6b01c326a7d9b563ad07188358ecce699 Mon Sep 17 00:00:00 2001
	From: David Craddock <contact@davidcraddock.net>
	Date: Tue, 2 Feb 2021 12:23:10 +0000
	Subject: [PATCH] Workaround for no-cert-verify issue with python2.7

	This skips the verification of the supplied server certificate.
	It enables the plugin to be used again but creates a security
	issue in that the server cert is not verified.
	---
	rplugin/python/floobits/common/api.py \| 6 +++++-
	rplugin/python/floobits/common/protocols/floo_proto.py \| 3 ++-
	2 files changed, 7 insertions(+), 2 deletions(-)

	diff --git a/rplugin/python/floobits/common/api.py b/rplugin/python/floobits/common/api.py
	index f78b8b6..6b6a67a 100644
	--- a/rplugin/python/floobits/common/api.py
	+++ b/rplugin/python/floobits/common/api.py
	@@ -4,6 +4,7 @@ import json
	import subprocess
	import traceback
	import os.path
	+import ssl
	from functools import wraps

	try:
	@@ -125,7 +126,10 @@ def hit_url(host, url, data, method):
	cafile = os.path.join(G.BASE_DIR, 'floobits.pem')
	with open(cafile, 'wb') as cert_fd:
	cert_fd.write(cert.CA_CERT.encode('utf-8'))
	- return urlopen(r, timeout=10, cafile=cafile)
	+ ctx = ssl.create_default_context()
	+ ctx.check_hostname = False
	+ ctx.verify_mode = ssl.CERT_NONE
	+ return urlopen(r, timeout=10, context=ctx)


	def api_request(host, url, data=None, method=None):
	diff --git a/rplugin/python/floobits/common/protocols/floo_proto.py b/rplugin/python/floobits/common/protocols/floo_proto.py
	index 53662e1..00a53a3 100644
	--- a/rplugin/python/floobits/common/protocols/floo_proto.py
	+++ b/rplugin/python/floobits/common/protocols/floo_proto.py
	@@ -148,7 +148,8 @@ class FlooProtocol(base.BaseProtocol):
	return self.reconnect()
	if self._secure:
	sock_debug('SSL-wrapping socket')
	- self._sock = ssl.wrap_socket(self._sock, ca_certs=self._cert_path, cert_reqs=ssl.CERT_REQUIRED, do_handshake_on_connect=False)
	+ self._sock = ssl.wrap_socket(self._sock, ca_certs=self._cert_path,
	+ cert_reqs=ssl.CERT_NONE, do_handshake_on_connect=False)

	self._q.clear()
	self._buf_out = bytes()
	--
	2.27.0