From 79d5f7ba9ee9d7e98921ce1a1b09520da21de696 Mon Sep 17 00:00:00 2001
From: Michele Tessaro <michele.tessaro.tex@gmail.com>
Date: Sun, 29 Jan 2023 08:26:37 +0100
Subject: [PATCH] new: usr: added option for disabling SSL checks (refs #83)

Added the `insecure` configuration option for disabling HTTPS SSL
certificate validation.
Set it to `True` when the PlantUML server uses self-signed certificates.
---
 README.md            | 6 +++++-
 plantuml_markdown.py | 6 ++++--
 setup.py             | 2 +-
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 097fad9..8e82c35 100644
--- a/README.md
+++ b/README.md
@@ -181,6 +181,7 @@ In either cases you need to specify the URL of the server in a configuration fil
 plantuml_markdown:
   server: http://www.plantuml.com/plantuml  # PlantUML server, for remote rendering
   # other global options
+  insecure: False                           # set to True if the server uses self-signed certificates
   cachedir: /tmp                            # set a non-empty value to enable caching
   base_dir: .                               # where to search for diagrams to include
   format: png                               # default diagram image format
@@ -188,6 +189,7 @@ plantuml_markdown:
   encoding: utf-8                           # character encoding for external files (default utf-8)
   title: UML diagram                        # default title (tooltip) for diagram images
   alt: UML diagram image                    # default `alt` attribute for diagram images
+  image_maps: True                          # generate image maps when the format is png and there are hyperlinks
   priority: 30                              # plugin priority; the higher, the sooner will be applied (default 30)
   http_method: GET                          # GET or POST  - note that plantuml.com only supports GET (default GET)       
   fallback_to_get: True                     # When using POST, should GET be used as fallback (POST will fail if @startuml/@enduml tags not used) (default True)
@@ -247,8 +249,10 @@ The plugin has several configuration option:
 * `remove_inline_svg_size`: When `format` is `svg_inline`, remove the `width` and `height` attributes of the generated
   SVG. Defaults to True
 * `http_method`: Http Method for server - `GET` or `POST`. "Defaults to `GET`
-* `image_maps`: generate image maps if format is `png` and the diagram has hyperlinks; `true`, `on`, `yes` or `1` 
+* `image_maps`: generate image maps if format is `png` and the diagram has hyperlinks; `true`, `on`, `yes` or `1`
   activates image maps, everything else disables it. Defaults to `true`
+* `insecure`: if `True` do not validate SSL certificate of the PlantUML server; set to `True` when using a custom 
+  PlantUML installation with self-signed certificates. Defaults to `False`
 * `kroki_server`: Kroki server url, as alternative to `server` for remote rendering (image maps mus be disabled 
   manually). Defaults to `''`, use PlantUML server if defined
 * `priority`: extension priority. Higher values means the extension is applied sooner than others. Defaults to `30`
diff --git a/plantuml_markdown.py b/plantuml_markdown.py
index 3948766..7335055 100644
--- a/plantuml_markdown.py
+++ b/plantuml_markdown.py
@@ -452,7 +452,8 @@ def _render_remote_uml_image(
             # image_url for POST attempt first
             image_url = "%s/%s/" % (self._server, img_format)
             # download manually the image to be able to continue in case of errors
-            r = session.post(image_url, data=temp_file, headers={"Content-Type": 'text/plain; charset=utf-8'})
+            r = session.post(image_url, data=temp_file, headers={"Content-Type": 'text/plain; charset=utf-8'},
+                             verify=not self.config['insecure'])
 
             if r.ok:
                 return r.content, None
@@ -468,7 +469,7 @@ def _render_remote_uml_image(
         else:
             image_url = self._server+"/"+img_format+"/"+self._deflate_and_encode(temp_file)
 
-        return self._handle_response(session.get(image_url))
+        return self._handle_response(session.get(image_url, verify=not self.config['insecure']))
 
     def _handle_response(self, resp: Response) -> Tuple[Optional[bytes], Optional[str]]:
         if not resp.ok and self._kroki_server:
@@ -607,6 +608,7 @@ def __init__(self, **kwargs):
             'server_include_whitelist': [[r'^[Cc]4.*$'],
                                          "List of regular expressions defining which include files are supported by "
                                          "the server. Defaults to [r'^c4.*$']"],
+            'insecure': ["False", "Disable SSL certificates verification; set to True if you server uses self-signed certificates. Defaults to False"],
             'cachedir': ["", "Directory for caching of diagrams. Defaults to '', no caching"],
             'image_maps': ["true", "Enable generation of PNG image maps, allowing to use hyperlinks with PNG images."
                                    "Defaults to true"],
diff --git a/setup.py b/setup.py
index bca83ec..8adba8d 100644
--- a/setup.py
+++ b/setup.py
@@ -15,7 +15,7 @@
 
 setuptools.setup(
     name="plantuml-markdown",
-    version="3.8.0",
+    version="3.8.1",
     author="Michele Tessaro",
     author_email="michele.tessaro@email.it",
     description="A PlantUML plugin for Markdown",