[mod] upgrade requests to version 2.24.0. use ssl instead of pyopenssl.

requests 2.24.0 uses the ssl module except if it doesn't support SNI, in this case searx fallbacks to pyopenssl. searx logs a critical message and exit if the ssl modules doesn't support SNI and pyOpenSSL is not installed. searx logs a critical message and exit if the ssl version is older than 1.0.2. in requirements.txt, pyopenssl is still required to install searx as a fallback.
2025-07-24 13:49:26 +02:00 · 2020-09-15 10:54:31 +02:00 · 2020-09-15 10:54:31 +02:00 · 93f7f7eee2
commit 93f7f7eee2
parent 21dbc7e852
4 changed files with 30 additions and 22 deletions
--- a/searx/poolrequests.py
+++ b/searx/poolrequests.py
@ -1,9 +1,33 @@
-import requests
-
+import sys
+from time import time
 from itertools import cycle
 from threading import RLock, local
+
+import requests
+
 from searx import settings
-from time import time
+from searx import logger
+
+
+logger = logger.getChild('poolrequests')
+
+
+try:
+    import ssl
+    if ssl.OPENSSL_VERSION_INFO[0:3] < (1, 0, 2):
+        # https://github.com/certifi/python-certifi#1024-bit-root-certificates
+        logger.critical('You are using an old openssl version({0}), please upgrade above 1.0.2!'
+                        .format(ssl.OPENSSL_VERSION))
+        sys.exit(1)
+except ImportError:
+    ssl = None
+if not getattr(ssl, "HAS_SNI", False):
+    try:
+        import OpenSSL  # pylint: disable=unused-import
+    except ImportError:
+        logger.critical("ssl doesn't support SNI and the pyopenssl module is not installed.\n"
+                        "Some HTTPS connections will fail")
+        sys.exit(1)


 class HTTPAdapterWithConnParams(requests.adapters.HTTPAdapter):