mirror of
https://github.com/astral-sh/uv.git
synced 2025-11-01 20:31:12 +00:00
d86075fc1e
## Summary This PR revives https://github.com/astral-sh/uv/pull/4944, which I think was a good start towards adding `--trusted-host`. Last night, I tried to add `--trusted-host` with a custom verifier, but we had to vendor a lot of `reqwest` code and I eventually hit some private APIs. I'm not confident that I can implement it correctly with that mechanism, and since this is security, correctness is the priority. So, instead, we now use two clients and multiplex between them. Closes https://github.com/astral-sh/uv/issues/1339. ## Test Plan Created self-signed certificate, and ran `python3 -m http.server --bind 127.0.0.1 4443 --directory . --certfile cert.pem --keyfile key.pem` from the packse index directory. Verified that `cargo run pip install transitive-yanked-and-unyanked-dependency-a-0abad3b6 --index-url https://127.0.0.1:8443/simple-html` failed with: ``` error: Request failed after 3 retries Caused by: error sending request for url (https://127.0.0.1:8443/simple-html/transitive-yanked-and-unyanked-dependency-a-0abad3b6/) Caused by: client error (Connect) Caused by: invalid peer certificate: Other(OtherError(CaUsedAsEndEntity)) ``` Verified that `cargo run pip install transitive-yanked-and-unyanked-dependency-a-0abad3b6 --index-url 'https://127.0.0.1:8443/simple-html' --trusted-host '127.0.0.1:8443'` failed with the expected error (invalid resolution) and made valid requests. Verified that `cargo run pip install transitive-yanked-and-unyanked-dependency-a-0abad3b6 --index-url 'https://127.0.0.1:8443/simple-html' --trusted-host '127.0.0.2' -n` also failed. |
||
|---|---|---|
| .. | ||
| authentication.rs | ||
| build_options.rs | ||
| concurrency.rs | ||
| config_settings.rs | ||
| constraints.rs | ||
| extras.rs | ||
| hash.rs | ||
| install_options.rs | ||
| lib.rs | ||
| name_specifiers.rs | ||
| overrides.rs | ||
| package_options.rs | ||
| preview.rs | ||
| sources.rs | ||
| target_triple.rs | ||
| trusted_host.rs | ||