mirror of https://github.com/searx/searx
[mod] upgrade requests to version 2.24.0. use ssl instead of pyopenssl.
requests 2.24.0 uses the ssl module except if it doesn't support SNI, in this case searx fallbacks to pyopenssl. searx logs a critical message and exit if the ssl modules doesn't support SNI and pyOpenSSL is not installed. searx logs a critical message and exit if the ssl version is older than 1.0.2. in requirements.txt, pyopenssl is still required to install searx as a fallback.
This commit is contained in:
parent
21dbc7e852
commit
93f7f7eee2
|
@ -1,12 +1,12 @@
|
||||||
certifi==2020.4.5.1
|
certifi==2020.6.20
|
||||||
babel==2.7.0
|
babel==2.7.0
|
||||||
flask-babel==1.0.0
|
flask-babel==1.0.0
|
||||||
flask==1.1.2
|
flask==1.1.2
|
||||||
idna==2.9
|
idna==2.10
|
||||||
jinja2==2.11.1
|
jinja2==2.11.1
|
||||||
lxml==4.5.0
|
lxml==4.5.0
|
||||||
pygments==2.1.3
|
pygments==2.1.3
|
||||||
pyopenssl==19.1.0
|
pyopenssl==19.1.0
|
||||||
python-dateutil==2.8.0
|
python-dateutil==2.8.0
|
||||||
pyyaml==5.3.1
|
pyyaml==5.3.1
|
||||||
requests[socks]==2.23.0
|
requests[socks]==2.24.0
|
||||||
|
|
|
@ -15,12 +15,10 @@ along with searx. If not, see < http://www.gnu.org/licenses/ >.
|
||||||
(C) 2013- by Adam Tauber, <asciimoo@gmail.com>
|
(C) 2013- by Adam Tauber, <asciimoo@gmail.com>
|
||||||
'''
|
'''
|
||||||
|
|
||||||
import certifi
|
|
||||||
import logging
|
import logging
|
||||||
from os import environ
|
from os import environ
|
||||||
from os.path import realpath, dirname, join, abspath, isfile
|
from os.path import realpath, dirname, join, abspath, isfile
|
||||||
from io import open
|
from io import open
|
||||||
from ssl import OPENSSL_VERSION_INFO, OPENSSL_VERSION
|
|
||||||
from yaml import safe_load
|
from yaml import safe_load
|
||||||
|
|
||||||
|
|
||||||
|
@ -81,13 +79,6 @@ else:
|
||||||
|
|
||||||
logger = logging.getLogger('searx')
|
logger = logging.getLogger('searx')
|
||||||
logger.debug('read configuration from %s', settings_path)
|
logger.debug('read configuration from %s', settings_path)
|
||||||
# Workaround for openssl versions <1.0.2
|
|
||||||
# https://github.com/certifi/python-certifi/issues/26
|
|
||||||
if OPENSSL_VERSION_INFO[0:3] < (1, 0, 2):
|
|
||||||
if hasattr(certifi, 'old_where'):
|
|
||||||
environ['REQUESTS_CA_BUNDLE'] = certifi.old_where()
|
|
||||||
logger.warning('You are using an old openssl version({0}), please upgrade above 1.0.2!'.format(OPENSSL_VERSION))
|
|
||||||
|
|
||||||
logger.info('Initialisation done')
|
logger.info('Initialisation done')
|
||||||
|
|
||||||
if 'SEARX_SECRET' in environ:
|
if 'SEARX_SECRET' in environ:
|
||||||
|
|
|
@ -1,9 +1,33 @@
|
||||||
import requests
|
import sys
|
||||||
|
from time import time
|
||||||
from itertools import cycle
|
from itertools import cycle
|
||||||
from threading import RLock, local
|
from threading import RLock, local
|
||||||
|
|
||||||
|
import requests
|
||||||
|
|
||||||
from searx import settings
|
from searx import settings
|
||||||
from time import time
|
from searx import logger
|
||||||
|
|
||||||
|
|
||||||
|
logger = logger.getChild('poolrequests')
|
||||||
|
|
||||||
|
|
||||||
|
try:
|
||||||
|
import ssl
|
||||||
|
if ssl.OPENSSL_VERSION_INFO[0:3] < (1, 0, 2):
|
||||||
|
# https://github.com/certifi/python-certifi#1024-bit-root-certificates
|
||||||
|
logger.critical('You are using an old openssl version({0}), please upgrade above 1.0.2!'
|
||||||
|
.format(ssl.OPENSSL_VERSION))
|
||||||
|
sys.exit(1)
|
||||||
|
except ImportError:
|
||||||
|
ssl = None
|
||||||
|
if not getattr(ssl, "HAS_SNI", False):
|
||||||
|
try:
|
||||||
|
import OpenSSL # pylint: disable=unused-import
|
||||||
|
except ImportError:
|
||||||
|
logger.critical("ssl doesn't support SNI and the pyopenssl module is not installed.\n"
|
||||||
|
"Some HTTPS connections will fail")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
class HTTPAdapterWithConnParams(requests.adapters.HTTPAdapter):
|
class HTTPAdapterWithConnParams(requests.adapters.HTTPAdapter):
|
||||||
|
|
|
@ -78,13 +78,6 @@ from searx.plugins.oa_doi_rewrite import get_doi_resolver
|
||||||
from searx.preferences import Preferences, ValidationException, LANGUAGE_CODES
|
from searx.preferences import Preferences, ValidationException, LANGUAGE_CODES
|
||||||
from searx.answerers import answerers
|
from searx.answerers import answerers
|
||||||
|
|
||||||
# check if the pyopenssl package is installed.
|
|
||||||
# It is needed for SSL connection without trouble, see #298
|
|
||||||
try:
|
|
||||||
import OpenSSL.SSL # NOQA
|
|
||||||
except ImportError:
|
|
||||||
logger.critical("The pyopenssl package has to be installed.\n"
|
|
||||||
"Some HTTPS connections will fail")
|
|
||||||
|
|
||||||
# serve pages with HTTP/1.1
|
# serve pages with HTTP/1.1
|
||||||
from werkzeug.serving import WSGIRequestHandler
|
from werkzeug.serving import WSGIRequestHandler
|
||||||
|
|
Loading…
Reference in New Issue