Blob Blame History Raw
@@ -, +, @@ 
---
 Lib/ssl.py | 53 ++++++++++++++++++++++++++++++++++++++---------------
 1 file changed, 38 insertions(+), 15 deletions(-)
--- a/Lib/ssl.py	
+++ a/Lib/ssl.py	
@@ -466,24 +466,47 @@ def _create_unverified_context(protocol=PROTOCOL_SSLv23, cert_reqs=None,
 
     return context
 
+_https_verify_envvar = 'PYTHONHTTPSVERIFY'
 _cert_verification_config = '/etc/python/cert-verification.cfg'
 
-def _get_verify_status(protocol):
-   context_factory = {
-       'platform_default': _create_unverified_context,
-       'enable': create_default_context,
-       'disable': _create_unverified_context
-   }
-   import ConfigParser
-   try:
-       config = ConfigParser.RawConfigParser()
-       config.read(_cert_verification_config)
-       status = config.get(protocol, 'verify')
-   except (ConfigParser.NoSectionError, ConfigParser.NoOptionError):
-       status = 'platform_default'
-   default = context_factory.get('platform_default')
-   return context_factory.get(status, default)
+# To provide same function name as specified in PEP493 with keeping
+# the old name as defined in our previous patch
+_get_https_context_factory = lambda: _get_verify_status('https')
 
+def _get_verify_status(protocol):
+    # See https://www.python.org/dev/peps/pep-0493/#recommendation-for-combined-feature-backports
+    # Check for an environmental override of the default behaviour
+    if not sys.flags.ignore_environment:
+        config_setting = os.environ.get(_https_verify_envvar)
+        if config_setting is not None:
+            if config_setting == '0':
+                return _create_unverified_context
+            return create_default_context
+
+    # Check for a system-wide override of the default behaviour
+    context_factory = {
+        'platform_default': create_default_context,
+        'enable': create_default_context,
+        'disable': _create_unverified_context
+    }
+    import ConfigParser
+    try:
+        config = ConfigParser.RawConfigParser()
+        config.read(_cert_verification_config)
+        status = config.get(protocol, 'verify')
+    except (ConfigParser.NoSectionError, ConfigParser.NoOptionError):
+        status = 'platform_default'
+    default = context_factory.get('platform_default')
+    return context_factory.get(status, default)
+
+# See https://www.python.org/dev/peps/pep-0493/#feature-configuration-api
+def _https_verify_certificates(enable=True):
+    """Verify server HTTPS certificates by default?"""
+    global _create_default_https_context
+    if enable:
+        _create_default_https_context = create_default_context
+    else:
+        _create_default_https_context = _create_unverified_context
 
 # Used by http.client if no context is explicitly passed.
 _create_default_https_context = _get_verify_status('https')
--- a/Lib/test/test_ssl.py	Thu Jan 14 21:57:57 2016 -0800
+++ a/Lib/test/test_ssl.py	Fri Jan 15 17:41:37 2016 +1000
@@ -4,6 +4,7 @@
 import sys
 import unittest
 from test import test_support as support
+from test.script_helper import assert_python_ok
 import asyncore
 import socket
 import select
@@ -1149,6 +1149,57 @@
         self.assertEqual(ctx.verify_mode, ssl.CERT_NONE)
         self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2)
 
+    def test__https_verify_certificates(self):
+        # Unit test to check the contect factory mapping
+        # The factories themselves are tested above
+        # This test will fail by design if run under PYTHONHTTPSVERIFY=0
+        # (as will various test_httplib tests)
+
+        # Uses a fresh SSL module to avoid affecting the real one
+        local_ssl = support.import_fresh_module("ssl")
+        # Certificate verification is enabled by default
+        self.assertIs(local_ssl._create_default_https_context,
+                      local_ssl.create_default_context)
+        # Turn default verification off
+        local_ssl._https_verify_certificates(enable=False)
+        self.assertIs(local_ssl._create_default_https_context,
+                      local_ssl._create_unverified_context)
+        # And back on
+        local_ssl._https_verify_certificates(enable=True)
+        self.assertIs(local_ssl._create_default_https_context,
+                      local_ssl.create_default_context)
+        # The default behaviour is to enable
+        local_ssl._https_verify_certificates(enable=False)
+        local_ssl._https_verify_certificates()
+        self.assertIs(local_ssl._create_default_https_context,
+                      local_ssl.create_default_context)
+
+    def test__https_verify_envvar(self):
+        # Unit test to check the PYTHONHTTPSVERIFY handling
+        # Need to use a subprocess so it can still be run under -E
+        https_is_verified = """import ssl, sys; \
+            status = "Error: _create_default_https_context does not verify certs" \
+                       if ssl._create_default_https_context is \
+                          ssl._create_unverified_context \
+                     else None; \
+            sys.exit(status)"""
+        https_is_not_verified = """import ssl, sys; \
+            status = "Error: _create_default_https_context verifies certs" \
+                       if ssl._create_default_https_context is \
+                          ssl.create_default_context \
+                     else None; \
+            sys.exit(status)"""
+        extra_env = {}
+        # Omitting it leaves verification on
+        assert_python_ok("-c", https_is_verified, **extra_env)
+        # Setting it to zero turns verification off
+        extra_env[ssl._https_verify_envvar] = "0"
+        assert_python_ok("-c", https_is_not_verified, **extra_env)
+        # Any other value should also leave it on
+        for setting in ("", "1", "enabled", "foo"):
+            extra_env[ssl._https_verify_envvar] = setting
+            assert_python_ok("-c", https_is_verified, **extra_env)
+
     def test_check_hostname(self):
         ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
         self.assertFalse(ctx.check_hostname)