diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 17b939d3..035ee506 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -1331,7 +1331,7 @@ class vcs_gitsvn(vcs): # git-svn sucks at certificate validation, this throws useful errors: try: import requests - r = requests.head(remote) + r = requests.head(remote, timeout=300) r.raise_for_status() except Exception as e: raise VCSException('SVN certificate pre-validation failed: ' + str(e)) from e diff --git a/fdroidserver/deploy.py b/fdroidserver/deploy.py index 953c6f71..cecf8c65 100644 --- a/fdroidserver/deploy.py +++ b/fdroidserver/deploy.py @@ -506,7 +506,7 @@ def upload_apk_to_android_observatory(path): apkfilename = os.path.basename(path) r = requests.post('https://androidobservatory.org/', data={'q': update.sha256sum(path), 'searchby': 'hash'}, - headers=net.HEADERS) + headers=net.HEADERS, timeout=300) if r.status_code == 200: # from now on XPath will be used to retrieve the message in the HTML # androidobservatory doesn't have a nice API to talk with @@ -534,7 +534,7 @@ def upload_apk_to_android_observatory(path): r = requests.post('https://androidobservatory.org/upload', files={'apk': (apkfilename, open(path, 'rb'))}, headers=net.HEADERS, - allow_redirects=False) + allow_redirects=False, timeout=300) def upload_to_virustotal(repo_section, virustotal_apikey): @@ -586,7 +586,7 @@ def upload_apk_to_virustotal(virustotal_apikey, packageName, apkName, hash, needs_file_upload = False while True: r = requests.get('https://www.virustotal.com/vtapi/v2/file/report?' - + urllib.parse.urlencode(data), headers=headers) + + urllib.parse.urlencode(data), headers=headers, timeout=300) if r.status_code == 200: response = r.json() if response['response_code'] == 0: @@ -620,7 +620,7 @@ def upload_apk_to_virustotal(virustotal_apikey, packageName, apkName, hash, elif size > 32000000: # VirusTotal API requires fetching a URL to upload bigger files r = requests.get('https://www.virustotal.com/vtapi/v2/file/scan/upload_url?' - + urllib.parse.urlencode(data), headers=headers) + + urllib.parse.urlencode(data), headers=headers, timeout=300) if r.status_code == 200: upload_url = r.json().get('upload_url') elif r.status_code == 403: @@ -638,7 +638,7 @@ def upload_apk_to_virustotal(virustotal_apikey, packageName, apkName, hash, files = { 'file': (apkName, open(repofilename, 'rb')) } - r = requests.post(upload_url, data=data, headers=headers, files=files) + r = requests.post(upload_url, data=data, headers=headers, files=files, timeout=300) logging.debug(_('If this upload fails, try manually uploading to {url}') .format(url=manual_url)) r.raise_for_status() diff --git a/fdroidserver/net.py b/fdroidserver/net.py index da88df29..688eda68 100644 --- a/fdroidserver/net.py +++ b/fdroidserver/net.py @@ -28,7 +28,9 @@ def download_file(url, local_filename=None, dldir='tmp'): if local_filename is None: local_filename = os.path.join(dldir, filename) # the stream=True parameter keeps memory usage low - r = requests.get(url, stream=True, allow_redirects=True, headers=HEADERS) + r = requests.get( + url, stream=True, allow_redirects=True, headers=HEADERS, timeout=300 + ) r.raise_for_status() with open(local_filename, 'wb') as f: for chunk in r.iter_content(chunk_size=1024): diff --git a/fdroidserver/scanner.py b/fdroidserver/scanner.py index c6cdf0cf..d4f14c05 100644 --- a/fdroidserver/scanner.py +++ b/fdroidserver/scanner.py @@ -174,7 +174,7 @@ def load_exodus_trackers_signatures(): """ signatures = [] exodus_url = "https://reports.exodus-privacy.eu.org/api/trackers" - r = requests.get(exodus_url) + r = requests.get(exodus_url, timeout=300) data = r.json() for e in data['trackers']: signatures.append( diff --git a/tests/gradle-release-checksums.py b/tests/gradle-release-checksums.py index 1fca803c..38784052 100755 --- a/tests/gradle-release-checksums.py +++ b/tests/gradle-release-checksums.py @@ -14,7 +14,10 @@ checksums = None versions = dict() while not checksums: - r = requests.get('https://gitlab.com/fdroid/gradle-transparency-log/-/raw/master/checksums.json') + r = requests.get( + 'https://gitlab.com/fdroid/gradle-transparency-log/-/raw/master/checksums.json', + timeout=300, + ) if r.status_code == 200: checksums = r.json() diff --git a/tests/import_subcommand.TestCase b/tests/import_subcommand.TestCase index 8c2d7792..8b871ee3 100755 --- a/tests/import_subcommand.TestCase +++ b/tests/import_subcommand.TestCase @@ -45,7 +45,7 @@ class ImportTest(unittest.TestCase): fdroidserver.common.config = config url = 'https://gitlab.com/fdroid/ci-test-app' - r = requests.head(url) + r = requests.head(url, timeout=300) if r.status_code != 200: print("ERROR", url, 'unreachable (', r.status_code, ')') print('Skipping ImportTest!') diff --git a/tests/ndk-release-checksums.py b/tests/ndk-release-checksums.py index b948abf0..2f39bc68 100755 --- a/tests/ndk-release-checksums.py +++ b/tests/ndk-release-checksums.py @@ -15,7 +15,8 @@ versions = dict() while not checksums: r = requests.get( - 'https://gitlab.com/fdroid/android-sdk-transparency-log/-/raw/master/checksums.json' + 'https://gitlab.com/fdroid/android-sdk-transparency-log/-/raw/master/checksums.json', + timeout=300, ) if r.status_code == 200: checksums = r.json() diff --git a/tests/net.TestCase b/tests/net.TestCase index 3f2d51a1..e5ea6b24 100755 --- a/tests/net.TestCase +++ b/tests/net.TestCase @@ -35,7 +35,7 @@ class NetTest(unittest.TestCase): @patch('requests.get') def test_download_file_url_parsing(self, requests_get): - def _get(url, stream, allow_redirects, headers): # pylint: disable=W0613 + def _get(url, stream, allow_redirects, headers, timeout): # pylint: disable=W0613 return MagicMock() requests_get.side_effect = _get diff --git a/tests/nightly.TestCase b/tests/nightly.TestCase index afe34752..cf3ccf8b 100755 --- a/tests/nightly.TestCase +++ b/tests/nightly.TestCase @@ -33,7 +33,7 @@ class NightlyTest(unittest.TestCase): ]: url = nightly.get_repo_base_url(clone_url, repo_git_base) self.assertEqual(result, url) - r = requests.head(os.path.join(url, 'repo/index-v1.jar')) + r = requests.head(os.path.join(url, 'repo/index-v1.jar'), timeout=300) # gitlab.com often returns 403 Forbidden from their cloudflare restrictions self.assertTrue(r.status_code in (200, 403), 'should not be a redirect') diff --git a/tests/openssl-version-check-test.py b/tests/openssl-version-check-test.py index 69d4d1ce..d4022126 100755 --- a/tests/openssl-version-check-test.py +++ b/tests/openssl-version-check-test.py @@ -13,7 +13,7 @@ import requests versions = [ ] -r = requests.get('https://www.openssl.org/news/changelog.html') +r = requests.get('https://www.openssl.org/news/changelog.html', timeout=300) safe = set() bad = set() diff --git a/tests/scanner.TestCase b/tests/scanner.TestCase index ac27d0b3..9455f6cd 100755 --- a/tests/scanner.TestCase +++ b/tests/scanner.TestCase @@ -428,7 +428,9 @@ class Test_load_exodus_trackers_signatures(unittest.TestCase): "fdroidserver.scanner._exodus_compile_signatures", self.compilesig_func ): result_sigs, result_regex = fdroidserver.scanner.load_exodus_trackers_signatures() - self.requests_func.assert_called_once_with("https://reports.exodus-privacy.eu.org/api/trackers") + self.requests_func.assert_called_once_with( + "https://reports.exodus-privacy.eu.org/api/trackers", timeout=300 + ) self.assertEqual(len(result_sigs), 2) self.assertListEqual([1, 2], sorted([x.id for x in result_sigs]))