If Python 2.7.9+ skip SSL cert verification

Shakeel Mohamed · Shakeel Mohamed · commit fb18ca06a272 · 2015-02-26T16:53:40.000-08:00
diff --git a/splunklib/binding.py b/splunklib/binding.py
@@ -30,6 +30,7 @@
 import ssl
 import urllib
 import io
+import sys
 
 from datetime import datetime
 from functools import wraps
@@ -1204,6 +1205,10 @@ def connect(scheme, host, port):
         if scheme == "https":
             if key_file is not None: kwargs['key_file'] = key_file
             if cert_file is not None: kwargs['cert_file'] = cert_file
+
+            # If running Python 2.7.9+, disable SSL certificate validation
+            if sys.version_info >= (2,7,9) and key_file is None and cert_file is None:
+                kwargs['context'] = ssl._create_unverified_context()
             return httplib.HTTPSConnection(host, port, **kwargs)
         raise ValueError("unsupported scheme: %s" % scheme)
 
diff --git a/tests/test_binding.py b/tests/test_binding.py
@@ -24,6 +24,8 @@
 import testlib
 import unittest
 import socket
+import sys
+import ssl
 
 import splunklib.binding as binding
 from splunklib.binding import HTTPError, AuthenticationError, UrlEncoded
@@ -430,7 +432,11 @@ def urllib2_handler(url, message, **kwargs):
     headers = dict(message.get('headers', []))
     req = urllib2.Request(url, data, headers)
     try:
-        response = urllib2.urlopen(req)
+        # If running Python 2.7.9+, disable SSL certificate validation
+        if sys.version_info >= (2, 7, 9):
+            response = urllib2.urlopen(req, context=ssl._create_unverified_context())
+        else:
+            response = urllib2.urlopen(req)
     except urllib2.HTTPError, response:
         pass # Propagate HTTP errors via the returned response message
     return {
