Revert back to ssl._create_unverified_context() #188

C0D3D3V · Mar 28, 2023 · 2c582d8 · 2c582d8
1 parent 1b0c7c4
commit 2c582d8
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 18 deletions.
diff --git a/moodle_dl/moodle/request_helper.py b/moodle_dl/moodle/request_helper.py
@@ -71,6 +71,7 @@ def post_URL(self, url: str, data: Dict[str, str] = None, cookie_jar_path: str =
         try:
             response = session.post(url, data=data_urlencoded, headers=self.RQ_HEADER, timeout=60)
         except RequestException as error:
+            self.log_failed_request(url, data)
             raise ConnectionError(f"Connection error: {str(error)}") from None
 
         if cookie_jar_path is not None:
@@ -100,6 +101,7 @@ def get_URL(self, url: str, cookie_jar_path: str = None):
         try:
             response = session.get(url, headers=self.RQ_HEADER, timeout=60)
         except RequestException as error:
+            self.log_failed_request(url, None)
             raise ConnectionError(f"Connection error: {str(error)}") from None
 
         if cookie_jar_path is not None:
@@ -289,10 +291,13 @@ def _initial_parse(self, response, url: str, data: Dict) -> object:
         self.check_json_for_moodle_error(resp_json, url, data)
         return resp_json
 
+    def log_failed_request(self, url: str, data: Dict):
+        logging.debug('Details about the failed request:\nURL: %s\nBody: %s', url, data)
+
     def check_json_for_moodle_error(self, resp_json: Dict, url: str, data: Dict):
         # Check for known errors
         if 'error' in resp_json:
-            logging.debug('Details about the failed request:\nURL: %s\nBody: %s', url, data)
+            self.log_failed_request(url, data)
             raise RequestRejectedError(
                 'The Moodle System rejected the Request.'
                 + f" Details: {resp_json.get('error', '')} (Errorcode: {resp_json.get('errorcode', '')},"
@@ -301,7 +306,7 @@ def check_json_for_moodle_error(self, resp_json: Dict, url: str, data: Dict):
             )
 
         if 'exception' in resp_json:
-            logging.debug('Details about the failed request:\nURL: %s\nBody: %s', url, data)
+            self.log_failed_request(url, data)
             errorcode = resp_json.get('errorcode', '')
 
             if errorcode == 'invalidtoken':

diff --git a/moodle_dl/utils.py b/moodle_dl/utils.py
@@ -788,21 +788,7 @@ def get_ssl_context(cls, skip_cert_verify: bool, allow_insecure_ssl: bool):
             ssl_context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
             cls.load_default_certs(ssl_context)
         else:
-            ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
-            ssl_context.options |= ssl.OP_NO_SSLv2
-            ssl_context.options |= ssl.OP_NO_SSLv3
-            ssl_context.check_hostname = False
-            ssl_context.verify_mode = ssl.CERT_NONE
-            try:
-                ssl_context.options |= ssl.OP_NO_COMPRESSION
-            except AttributeError as attr_err:
-                Log.warning(
-                    f"{attr_err!s}: The Python interpreter is compiled "
-                    "against OpenSSL < 1.0.0. Ref: "
-                    "https://docs.python.org/3/library/ssl.html"
-                    "#ssl.OP_NO_COMPRESSION",
-                )
-            ssl_context.load_default_certs()
+            ssl_context = ssl._create_unverified_context()  # pylint: disable=protected-access
 
         if allow_insecure_ssl:
             # This allows connections to legacy insecure servers
@@ -836,6 +822,7 @@ def custom_requests_session(cls, skip_cert_verify: bool, allow_insecure_ssl: boo
         session = requests.Session()
         ssl_context = cls.get_ssl_context(skip_cert_verify, allow_insecure_ssl)
         session.mount('https://', cls.CustomHttpAdapter(ssl_context))
+        session.verify = not skip_cert_verify
         return session
 
 

diff --git a/moodle_dl/version.py b/moodle_dl/version.py
@@ -1 +1 @@
-__version__ = '2.3.1.5'
+__version__ = '2.3.1.6'