Use truststore

This commit is contained in:
grossmj 2023-08-07 18:40:03 +10:00
parent 958865e919
commit e616b09028
4 changed files with 13 additions and 21 deletions

View File

@ -16,14 +16,12 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import os
import sys
import json
import uuid
import asyncio
import aiohttp
import shutil
import ssl
import certifi
try:
import importlib_resources
@ -48,11 +46,6 @@ class ApplianceManager:
self._appliances = {}
self._appliances_etag = None
self._ssl_context = None
if hasattr(sys, "frozen"):
cacert = certifi.where()
self._ssl_context = ssl.create_default_context(cafile=cacert)
log.info("Using certificate authority (CA) bundle: {}".format(cacert))
@property
def appliances_etag(self):
@ -181,7 +174,7 @@ class ApplianceManager:
symbol_url = "https://raw.githubusercontent.com/GNS3/gns3-registry/master/symbols/{}".format(symbol)
async with aiohttp.ClientSession() as session:
async with session.get(symbol_url, ssl=self._ssl_context) as response:
async with session.get(symbol_url) as response:
if response.status != 200:
log.warning("Could not retrieve appliance symbol {} from GitHub due to HTTP error code {}".format(symbol, response.status))
else:
@ -209,7 +202,6 @@ class ApplianceManager:
async with aiohttp.ClientSession() as session:
async with session.get(
'https://api.github.com/repos/GNS3/gns3-registry/contents/appliances',
ssl=self._ssl_context,
headers=headers
) as response:
if response.status == 304:

View File

@ -29,7 +29,6 @@ import struct
import platform
import locale
import distro
import certifi
from .version import __version__, __version_info__
from .config import Config
@ -73,14 +72,9 @@ class CrashReport:
if SENTRY_SDK_AVAILABLE:
# Don't send log records as events.
sentry_logging = LoggingIntegration(level=logging.INFO, event_level=None)
cacert = None
if hasattr(sys, "frozen"):
cacert = certifi.where()
try:
sentry_sdk.init(dsn=CrashReport.DSN,
release=__version__,
ca_certs=cacert,
default_integrations=False,
integrations=[sentry_logging])
except Exception as e:

View File

@ -28,6 +28,16 @@ import locale
import argparse
import psutil
import logging
log = logging.getLogger(__name__)
try:
import truststore
truststore.inject_into_ssl()
log.info("Using system certificate store for SSL connections")
except ImportError:
pass
from gns3server.web.web_server import WebServer
from gns3server.web.logger import init_logger
@ -36,10 +46,6 @@ from gns3server.config import Config
from gns3server.crash_report import CrashReport
import logging
log = logging.getLogger(__name__)
def locale_check():
"""
Checks if this application runs with a correct locale (i.e. supports UTF-8 encoding) and attempt to fix

View File

@ -1,4 +1,3 @@
certifi>=2023.7.22
jsonschema>=4.17.3,<4.18; python_version >= '3.7'
jsonschema==3.2.0; python_version < '3.7' # v3.2.0 is the last version to support Python 3.6
aiohttp>=3.8.4,<3.9
@ -13,5 +12,6 @@ async-timeout>=4.0.2,<4.1
distro>=1.8.0
py-cpuinfo>=9.0.0,<10.0
importlib-resources>=1.3; python_version <= '3.9'
truststore>=0.7.0; python_version >= '3.10'
setuptools>=60.8.1; python_version >= '3.7'
setuptools==59.6.0; python_version < '3.7' # v59.6.0 is the last version to support Python 3.6