diff --git a/src/mcp/client/__main__.py b/src/mcp/client/__main__.py index 39b4f45c..3332e34a 100644 --- a/src/mcp/client/__main__.py +++ b/src/mcp/client/__main__.py @@ -47,12 +47,17 @@ async def run_session( logger.info("Initialized") -async def main(command_or_url: str, args: list[str], env: list[tuple[str, str]]): +async def main( + command_or_url: str, + args: list[str], + env: list[tuple[str, str]], + verify_ssl: bool, +): env_dict = dict(env) if urlparse(command_or_url).scheme in ("http", "https"): # Use SSE client for HTTP(S) URLs - async with sse_client(command_or_url) as streams: + async with sse_client(command_or_url, verify_ssl=verify_ssl) as streams: await run_session(*streams) else: # Use stdio client for commands @@ -76,9 +81,24 @@ def cli(): help="Environment variables to set. Can be used multiple times.", default=[], ) + parser.add_argument( + "--disable-ssl-verification", + action='store_true', + default=False, + help="Disable SSL verification on HTTPS. SSL verification by default.", + ) args = parser.parse_args() - anyio.run(partial(main, args.command_or_url, args.args, args.env), backend="trio") + anyio.run( + partial( + main, + args.command_or_url, + args.args, + args.env, + not args.disable_ssl_verification, + ), + backend="trio", + ) if __name__ == "__main__": diff --git a/src/mcp/client/sse.py b/src/mcp/client/sse.py index 4f6241a7..6dade1bb 100644 --- a/src/mcp/client/sse.py +++ b/src/mcp/client/sse.py @@ -24,6 +24,7 @@ async def sse_client( headers: dict[str, Any] | None = None, timeout: float = 5, sse_read_timeout: float = 60 * 5, + verify_ssl: bool = True, ): """ Client transport for SSE. @@ -43,7 +44,7 @@ async def sse_client( async with anyio.create_task_group() as tg: try: logger.info(f"Connecting to SSE endpoint: {remove_request_params(url)}") - async with httpx.AsyncClient(headers=headers) as client: + async with httpx.AsyncClient(headers=headers, verify=verify_ssl) as client: async with aconnect_sse( client, "GET",