Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 93f7f7ee authored by Alexandre Flament's avatar Alexandre Flament
Browse files

[mod] upgrade requests to version 2.24.0. use ssl instead of pyopenssl. 

requests 2.24.0 uses the ssl module except if it doesn't support SNI, in this case searx fallbacks to pyopenssl.
searx logs a critical message and exit if the ssl modules doesn't support SNI and pyOpenSSL is not installed.
searx logs a critical message and exit if the ssl version is older than 1.0.2.
in requirements.txt, pyopenssl is still required to install searx as a fallback.
parent 21dbc7e8

requirements.txt

+3 −3
Original line number Diff line number Diff line 
certifi==2020.4.5.1

certifi==2020.6.20

babel==2.7.0

flask-babel==1.0.0

flask==1.1.2

idna==2.9

idna==2.10

jinja2==2.11.1

lxml==4.5.0

pygments==2.1.3

pyopenssl==19.1.0

python-dateutil==2.8.0

pyyaml==5.3.1

requests[socks]==2.23.0
 
requests[socks]==2.24.0

searx/__init__.py

+0 −9
Original line number Diff line number Diff line
@@ -15,12 +15,10 @@ along with searx. If not, see < http://www.gnu.org/licenses/ >. 
(C) 2013- by Adam Tauber, <asciimoo@gmail.com>

'''



import certifi

import logging

from os import environ

from os.path import realpath, dirname, join, abspath, isfile

from io import open

from ssl import OPENSSL_VERSION_INFO, OPENSSL_VERSION

from yaml import safe_load
@@ -81,13 +79,6 @@ else: 


logger = logging.getLogger('searx')

logger.debug('read configuration from %s', settings_path)

# Workaround for openssl versions <1.0.2

# https://github.com/certifi/python-certifi/issues/26

if OPENSSL_VERSION_INFO[0:3] < (1, 0, 2):

    if hasattr(certifi, 'old_where'):

        environ['REQUESTS_CA_BUNDLE'] = certifi.old_where()

    logger.warning('You are using an old openssl version({0}), please upgrade above 1.0.2!'.format(OPENSSL_VERSION))



logger.info('Initialisation done')



if 'SEARX_SECRET' in environ:

searx/poolrequests.py

+27 −3
Original line number Diff line number Diff line 
import requests



import sys

from time import time

from itertools import cycle

from threading import RLock, local



import requests



from searx import settings

from time import time

from searx import logger





logger = logger.getChild('poolrequests')





try:

    import ssl

    if ssl.OPENSSL_VERSION_INFO[0:3] < (1, 0, 2):

        # https://github.com/certifi/python-certifi#1024-bit-root-certificates

        logger.critical('You are using an old openssl version({0}), please upgrade above 1.0.2!'

                        .format(ssl.OPENSSL_VERSION))

        sys.exit(1)

except ImportError:

    ssl = None

if not getattr(ssl, "HAS_SNI", False):

    try:

        import OpenSSL  # pylint: disable=unused-import

    except ImportError:

        logger.critical("ssl doesn't support SNI and the pyopenssl module is not installed.\n"

                        "Some HTTPS connections will fail")

        sys.exit(1)





class HTTPAdapterWithConnParams(requests.adapters.HTTPAdapter):

searx/webapp.py

+0 −7
Original line number Diff line number Diff line
@@ -78,13 +78,6 @@ from searx.plugins.oa_doi_rewrite import get_doi_resolver 
from searx.preferences import Preferences, ValidationException, LANGUAGE_CODES

from searx.answerers import answerers



# check if the pyopenssl package is installed.

# It is needed for SSL connection without trouble, see #298

try:

    import OpenSSL.SSL  # NOQA

except ImportError:

    logger.critical("The pyopenssl package has to be installed.\n"

                    "Some HTTPS connections will fail")



# serve pages with HTTP/1.1

from werkzeug.serving import WSGIRequestHandler