From 0f4e995ab46fa278fd7eed5e82f17a2c2b7f9981 Mon Sep 17 00:00:00 2001 From: Alexandre Flament Date: Wed, 5 May 2021 20:06:40 +0200 Subject: [PATCH] [mod] searx.network.client: the same configuration reuses the same ssl.SSLContext before there was one ssl.SSLContext per client. see https://github.com/encode/httpx/issues/978 --- searx/network/client.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/searx/network/client.py b/searx/network/client.py index b377e010f..aeedf5a1b 100644 --- a/searx/network/client.py +++ b/searx/network/client.py @@ -23,6 +23,7 @@ else: logger = logger.getChild('searx.http.client') LOOP = None +SSLCONTEXTS = {} TRANSPORT_KWARGS = { 'backend': 'asyncio', 'trust_env': False, @@ -41,6 +42,14 @@ async def close_connections_for_url(connection_pool: httpcore.AsyncConnectionPoo logger.warning('Error closing an existing connection', exc_info=e) +def get_sslcontexts(proxy_url=None, cert=None, verify=True, trust_env=True, http2=False): + global SSLCONTEXTS + key = (proxy_url, cert, verify, trust_env, http2) + if key not in SSLCONTEXTS: + SSLCONTEXTS[key] = httpx.create_ssl_context(cert, verify, trust_env, http2) + return SSLCONTEXTS[key] + + class AsyncHTTPTransportNoHttp(httpcore.AsyncHTTPTransport): """Block HTTP request""" @@ -131,7 +140,7 @@ def get_transport_for_socks_proxy(verify, http2, local_address, proxy_url, limit rdns = True proxy_type, proxy_host, proxy_port, proxy_username, proxy_password = parse_proxy_url(proxy_url) - + verify = get_sslcontexts(proxy_url, None, True, False, http2) if verify is True else verify return AsyncProxyTransportFixed(proxy_type=proxy_type, proxy_host=proxy_host, proxy_port=proxy_port, username=proxy_username, password=proxy_password, rdns=rdns, @@ -147,6 +156,7 @@ def get_transport_for_socks_proxy(verify, http2, local_address, proxy_url, limit def get_transport(verify, http2, local_address, proxy_url, limit, retries): + verify = get_sslcontexts(None, None, True, False, http2) if verify is True else verify return AsyncHTTPTransportFixed(verify=verify, http2=http2, local_address=local_address,