@@ -431,6 +431,8 @@ class Context(object):
431431 :type port: ``integer``
432432 :param scheme: The scheme for accessing the service (the default is "https").
433433 :type scheme: "https" or "http"
434+ :param verify: Enable (True) or disable (False) SSL verrification for https connections.
435+ :type verify: ``Boolean``
434436 :param sharing: The sharing mode for the namespace (the default is "user").
435437 :type sharing: "global", "system", "app", or "user"
436438 :param owner: The owner context of the namespace (optional, the default is "None").
@@ -463,7 +465,7 @@ class Context(object):
463465 c = binding.Context(cookie="splunkd_8089=...")
464466 """
465467 def __init__ (self , handler = None , ** kwargs ):
466- self .http = HttpLib (handler )
468+ self .http = HttpLib (handler , kwargs . get ( "verify" , True ) )
467469 self .token = kwargs .get ("token" , _NoAuthenticationToken )
468470 if self .token is None : # In case someone explicitly passes token=None
469471 self .token = _NoAuthenticationToken
@@ -1103,9 +1105,11 @@ class HttpLib(object):
11031105 The response dictionary is returned directly by ``HttpLib``'s methods with
11041106 no further processing. By default, ``HttpLib`` calls the :func:`handler` function
11051107 to get a handler function.
1108+
1109+ If using the default handler, SSL verification can be disabled by passing verify=False.
11061110 """
1107- def __init__ (self , custom_handler = None ):
1108- self .handler = handler () if custom_handler is None else custom_handler
1111+ def __init__ (self , custom_handler = None , verify = True ):
1112+ self .handler = handler (verify = verify ) if custom_handler is None else custom_handler
11091113 self ._cookies = {}
11101114
11111115 def delete (self , url , headers = None , ** kwargs ):
@@ -1313,7 +1317,7 @@ def readinto(self, byte_array):
13131317 return bytes_read
13141318
13151319
1316- def handler (key_file = None , cert_file = None , timeout = None ):
1320+ def handler (key_file = None , cert_file = None , timeout = None , verify = True ):
13171321 """This class returns an instance of the default HTTP request handler using
13181322 the values you provide.
13191323
@@ -1323,6 +1327,8 @@ def handler(key_file=None, cert_file=None, timeout=None):
13231327 :type cert_file: ``string``
13241328 :param `timeout`: The request time-out period, in seconds (optional).
13251329 :type timeout: ``integer`` or "None"
1330+ :param `verify`: Set to False to disable SSL verification on https connections.
1331+ :type verify: ``Boolean``
13261332 """
13271333
13281334 def connect (scheme , host , port ):
@@ -1335,7 +1341,7 @@ def connect(scheme, host, port):
13351341 if cert_file is not None : kwargs ['cert_file' ] = cert_file
13361342
13371343 # If running Python 2.7.9+, disable SSL certificate validation
1338- if sys .version_info >= (2 ,7 ,9 ) and key_file is None and cert_file is None :
1344+ if ( sys .version_info >= (2 ,7 ,9 ) and key_file is None and cert_file is None ) or not verify :
13391345 kwargs ['context' ] = ssl ._create_unverified_context ()
13401346 return six .moves .http_client .HTTPSConnection (host , port , ** kwargs )
13411347 raise ValueError ("unsupported scheme: %s" % scheme )
0 commit comments