Fix trusted-host passthru

- Fix marker cleaning - Fixes #2979 Signed-off-by: Dan Ryan <dan@danryan.co>
pypa · Oct 10, 2018 · a31f0c3 · a31f0c3
1 parent 4a8086d
commit a31f0c3
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 18 deletions.
diff --git a/news/2979.bugfix b/news/2979.bugfix
@@ -0,0 +1 @@
+Fixed a bug which caused ``verify_ssl`` to fail to drop through to ``pip install`` correctly as ``trusted-host``.
diff --git a/pipenv/core.py b/pipenv/core.py
@@ -780,6 +780,7 @@ def cleanup_procs(procs, concurrent):
                 requirements_dir=requirements_dir,
                 extra_indexes=extra_indexes,
                 pypi_mirror=pypi_mirror,
+                trusted_hosts=trusted_hosts
             )
             c.dep = dep
             c.ignore_hash = ignore_hash
@@ -1307,10 +1308,13 @@ def pip_install(
     requirements_dir=None,
     extra_indexes=None,
     pypi_mirror=None,
+    trusted_hosts=None
 ):
     from notpip._internal import logger as piplogger
 
     src = []
+    if not trusted_hosts:
+        trusted_hosts = []
 
     if environments.is_verbose():
         piplogger.setLevel(logging.INFO)
@@ -1335,23 +1339,28 @@ def pip_install(
 
     # Try installing for each source in project.sources.
     if index:
-        if not is_valid_url(index):
-            index = project.find_source(index).get("url")
-        sources = [{"url": index}]
+        try:
+            index_source = project.find_source(index)
+            index_source = index_source.copy()
+        except SourceNotFound:
+            src_name = project.src_name_from_url(index)
+            index_source = {"url": index, "verify_ssl": True, "name": src_name}
+        sources = [index_source.copy(),]
         if extra_indexes:
             if isinstance(extra_indexes, six.string_types):
                 extra_indexes = [extra_indexes]
             for idx in extra_indexes:
                 try:
-                    extra_src = project.find_source(idx).get("url")
+                    extra_src = project.find_source(idx)
                 except SourceNotFound:
                     extra_src = idx
                 if extra_src != index:
-                    sources.append({"url": extra_src})
+                    src_name = project.src_name_from_url(idx)
+                    sources.append({"url": extra_src, "verify_ssl": True, "name": src_name})
         else:
             for idx in project.pipfile_sources:
                 if idx["url"] != sources[0]["url"]:
-                    sources.append({"url": idx["url"]})
+                    sources.append(idx)
     else:
         sources = project.pipfile_sources
     if pypi_mirror:
@@ -1372,6 +1381,10 @@ def pip_install(
         with open(r) as f:
             if "--hash" not in f.read():
                 ignore_hashes = True
+    # trusted_hosts = [
+    #     "--trusted-host={0}".format(source.get("url")) for source in sources
+    #     if not source.get("verify_ssl", True)
+    # ]
     pip_command = [which_pip(allow_global=allow_global), "install"]
     if pre:
         pip_command.append("--pre")

diff --git a/pipenv/project.py b/pipenv/project.py
@@ -823,28 +823,31 @@ def add_package_to_pipfile(self, package, dev=False):
         # Write Pipfile.
         self.write_toml(p)
 
-    def add_index_to_pipfile(self, index, verify_ssl=True):
-        """Adds a given index to the Pipfile."""
-        # Read and append Pipfile.
-        p = self.parsed_pipfile
-        try:
-            self.get_source(url=index)
-        except SourceNotFound:
-            source = {"url": index, "verify_ssl": verify_ssl}
-        else:
-            return
+    def src_name_from_url(self, index_url):
         name, _, tld_guess = six.moves.urllib.parse.urlsplit(index).netloc.rpartition(
             "."
         )
         src_name = name.replace(".", "")
         try:
             self.get_source(name=src_name)
         except SourceNotFound:
-            source[name] = src_name
+            name = src_name
         else:
             from random import randint
+            name = "{0}-{1}".format(src_name, randint(1, 1000))
+        return name
 
-            source[name] = "{0}-{1}".format(src_name, randint(1, 1000))
+    def add_index_to_pipfile(self, index, verify_ssl=True):
+        """Adds a given index to the Pipfile."""
+        # Read and append Pipfile.
+        p = self.parsed_pipfile
+        try:
+            self.get_source(url=index)
+        except SourceNotFound:
+            source = {"url": index, "verify_ssl": verify_ssl}
+        else:
+            return
+        source["name"] = self.src_name_from_url(index)
         # Add the package to the group.
         if "source" not in p:
             p["source"] = [source]