1 changed files with 102 additions and 1 deletions
--- a/app.py
+++ b/app.py
@ -94,7 +94,101 @@ def download_mpta(url: str, dest_path: str) -> str:
    try:
        logger.info(f"Starting download of model from {url} to {dest_path}")
        os.makedirs(os.path.dirname(dest_path), exist_ok=True)
-        response = requests.get(url, stream=True)
+        
+        # Configure session with headers and SSL settings for compatibility
+        session = requests.Session()
+        
+        # Add headers to mimic browser request
+        headers = {
+            'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
+            'Accept': '*/*',
+            'Accept-Encoding': 'gzip, deflate',
+            'Connection': 'keep-alive',
+            'Cache-Control': 'no-cache',
+        }
+        
+        session.headers.update(headers)
+        
+        # Disable SSL verification warnings
+        urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
+        
+        # Try multiple approaches for SSL compatibility
+        ssl_success = False
+        response = None
+        
+        # Approach 1: Standard request with verify=False and updated TLS
+        try:
+            # Create a custom SSL context with modern settings
+            ssl_context = ssl.create_default_context()
+            ssl_context.check_hostname = False
+            ssl_context.verify_mode = ssl.CERT_NONE
+            ssl_context.set_ciphers('DEFAULT:@SECLEVEL=1')
+            
+            # Create adapter with custom SSL context
+            class SSLContextAdapter(HTTPAdapter):
+                def __init__(self, ssl_context=None):
+                    self.ssl_context = ssl_context
+                    super().__init__()
+                
+                def init_poolmanager(self, *args, **kwargs):
+                    kwargs['ssl_context'] = self.ssl_context
+                    return super().init_poolmanager(*args, **kwargs)
+            
+            session.mount('https://', SSLContextAdapter(ssl_context))
+            response = session.get(url, stream=True, verify=False, timeout=30)
+            ssl_success = True
+        except Exception as e1:
+            logger.debug(f"First SSL approach failed: {e1}")
+            
+            # Approach 2: Fallback to basic request without custom SSL
+            try:
+                response = session.get(url, stream=True, verify=False, timeout=30)
+                ssl_success = True
+            except Exception as e2:
+                logger.debug(f"Second SSL approach failed: {e2}")
+                
+                # Approach 3: Last resort - use system curl if available
+                try:
+                    with tempfile.NamedTemporaryFile(delete=False) as tmp_file:
+                        tmp_path = tmp_file.name
+                    
+                    curl_cmd = [
+                        'curl', '-L', '-k', '--silent', '--show-error',
+                        '-H', f'User-Agent: {headers["User-Agent"]}',
+                        '-o', tmp_path, url
+                    ]
+                    result = subprocess.run(curl_cmd, capture_output=True, text=True, timeout=60)
+                    if result.returncode == 0:
+                        # Create a fake response object
+                        class FakeResponse:
+                            def __init__(self, file_path):
+                                self.status_code = 200
+                                self.headers = {'content-length': str(os.path.getsize(file_path))}
+                                self._file_path = file_path
+                            
+                            def iter_content(self, chunk_size=8192):
+                                with open(self._file_path, 'rb') as f:
+                                    while True:
+                                        chunk = f.read(chunk_size)
+                                        if not chunk:
+                                            break
+                                        yield chunk
+                                os.unlink(self._file_path)  # Clean up temp file
+                        
+                        response = FakeResponse(tmp_path)
+                        ssl_success = True
+                        logger.info("Successfully downloaded using system curl as fallback")
+                    else:
+                        logger.error(f"curl fallback failed: {result.stderr}")
+                        if os.path.exists(tmp_path):
+                            os.unlink(tmp_path)
+                except Exception as e3:
+                    logger.debug(f"curl fallback failed: {e3}")
+                    if 'tmp_path' in locals() and os.path.exists(tmp_path):
+                        os.unlink(tmp_path)
+        
+        if not ssl_success or not response:
+            raise Exception("All SSL approaches failed - unable to establish secure connection")
        if response.status_code == 200:
            file_size = int(response.headers.get('content-length', 0))
            logger.info(f"Model file size: {file_size/1024/1024:.2f} MB")
@ -113,6 +207,13 @@ def download_mpta(url: str, dest_path: str) -> str:
    except Exception as e:
        logger.error(f"Exception downloading mpta file from {url}: {str(e)}", exc_info=True)
        return None
+    finally:
+        # Clean up session resources
+        try:
+            if 'session' in locals():
+                session.close()
+        except:
+            pass

 # Add helper to fetch snapshot image from HTTP/HTTPS URL
 def fetch_snapshot(url: str):