[tor-commits] [torflow/master] Ignore SSL Cert Errors

mikeperry at torproject.org mikeperry at torproject.org
Mon Jun 1 05:37:43 UTC 2015 

commit a26bf21bb8fe417a708bccf62f3f2de3a5267f82
Author: Tom Ritter <tom at ritter.vg>
Date:   Thu May 21 13:00:41 2015 -0500

    Ignore SSL Cert Errors
    
     A point release in python turned on cert validation (yay). This broke the script (boo). Ignore cert validation, as the only point of SSL here is to prevent caching, not confidentiality.
---
 NetworkScanners/BwAuthority/bwauthority_child.py |   17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/NetworkScanners/BwAuthority/bwauthority_child.py b/NetworkScanners/BwAuthority/bwauthority_child.py
index 4b4ac6f..13d4080 100755
--- a/NetworkScanners/BwAuthority/bwauthority_child.py
+++ b/NetworkScanners/BwAuthority/bwauthority_child.py
@@ -23,6 +23,7 @@ import ConfigParser
 import sqlalchemy
 import sets
 import re
+import ssl
 import random
 
 sys.path.append("../../")
@@ -134,23 +135,31 @@ def http_request(address):
   ''' perform an http GET-request and return 1 for success or 0 for failure '''
 
   request = urllib2.Request(address)
+  try:
+    context = ssl._create_unverified_context()
+  except:
+    context = None
   request.add_header('User-Agent', user_agent)
 
   try:
-    reply = urllib2.urlopen(request)
+    if context:
+      reply = urllib2.urlopen(request, context=context)
+    else:
+      reply = urllib2.urlopen(request)
     decl_length = reply.info().get("Content-Length")
     read_len = len(reply.read())
     plog("DEBUG", "Read: "+str(read_len)+" of declared "+str(decl_length))
     return 1
-  except (ValueError, urllib2.URLError):
+  except (ValueError, urllib2.URLError) as e:
     plog('ERROR', 'The http-request address ' + address + ' is malformed')
+    plog('ERROR', str(e))
     return 0
-  except (IndexError, TypeError):
+  except (IndexError, TypeError) as e:
     plog('ERROR', 'An error occured while negotiating socks5 with Tor')
     return 0
   except KeyboardInterrupt:
     raise KeyboardInterrupt
-  except socks.Socks5Error, e:
+  except socks.Socks5Error as e:
     if e.value[0] == 6:
       plog("NOTICE", "Tor timed out our SOCKS stream request.")
     else:

More information about the tor-commits mailing list