def create_connection_noncompliant()

in src/python/detectors/improper_certificate_validation/improper_certificate_validation.py [0:0]

• 13 lines of code
• 1 McCabe index (conditional complexity)

def create_connection_noncompliant():
    import socket
    import ssl
    host, port = 'example.com', 443
    with socket.socket(socket.AF_INET) as sock:
        context = ssl.SSLContext()
        # Noncompliant: security certificate validation disabled.
        context.verify_mode = ssl.CERT_NONE
        conn = context.wrap_socket(sock, server_hostname=host)
        try:
            conn.connect((host, port))
            handle(conn)
        finally:
            conn.close()