Fix trusted-host passthru

- Fix marker cleaning
- Fixes #2979

Signed-off-by: Dan Ryan <dan@danryan.co>

news/2979.bugfix

@@ -0,0 +1 @@
+Fixed a bug which caused ``verify_ssl`` to fail to drop through to ``pip install`` correctly as ``trusted-host``.

pipenv/core.py

@@ -780,6 +780,7 @@ def do_install_dependencies(
                 requirements_dir=requirements_dir,
                 extra_indexes=extra_indexes,
                 pypi_mirror=pypi_mirror,
+                trusted_hosts=trusted_hosts
             )
             c.dep = dep
             c.ignore_hash = ignore_hash
@@ -1307,10 +1308,13 @@ def pip_install(
     requirements_dir=None,
     extra_indexes=None,
     pypi_mirror=None,
+    trusted_hosts=None
 ):
     from notpip._internal import logger as piplogger
 
     src = []
+    if not trusted_hosts:
+        trusted_hosts = []
 
     if environments.is_verbose():
         piplogger.setLevel(logging.INFO)
@@ -1335,23 +1339,28 @@ def pip_install(
 
     # Try installing for each source in project.sources.
     if index:
-        if not is_valid_url(index):
-            index = project.find_source(index).get("url")
-        sources = [{"url": index}]
+        try:
+            index_source = project.find_source(index)
+            index_source = index_source.copy()
+        except SourceNotFound:
+            src_name = project.src_name_from_url(index)
+            index_source = {"url": index, "verify_ssl": True, "name": src_name}
+        sources = [index_source.copy(),]
         if extra_indexes:
             if isinstance(extra_indexes, six.string_types):
                 extra_indexes = [extra_indexes]
             for idx in extra_indexes:
                 try:
-                    extra_src = project.find_source(idx).get("url")
+                    extra_src = project.find_source(idx)
                 except SourceNotFound:
                     extra_src = idx
                 if extra_src != index:
-                    sources.append({"url": extra_src})
+                    src_name = project.src_name_from_url(idx)
+                    sources.append({"url": extra_src, "verify_ssl": True, "name": src_name})
         else:
             for idx in project.pipfile_sources:
                 if idx["url"] != sources[0]["url"]:
-                    sources.append({"url": idx["url"]})
+                    sources.append(idx)
     else:
         sources = project.pipfile_sources
     if pypi_mirror:
@@ -1372,6 +1381,10 @@ def pip_install(
         with open(r) as f:
             if "--hash" not in f.read():
                 ignore_hashes = True
+    # trusted_hosts = [
+    #     "--trusted-host={0}".format(source.get("url")) for source in sources
+    #     if not source.get("verify_ssl", True)
+    # ]
     pip_command = [which_pip(allow_global=allow_global), "install"]
     if pre:
         pip_command.append("--pre")

pipenv/project.py

@@ -823,6 +823,20 @@ class Project(object):
         # Write Pipfile.
         self.write_toml(p)
 
+    def src_name_from_url(self, index_url):
+        name, _, tld_guess = six.moves.urllib.parse.urlsplit(index).netloc.rpartition(
+            "."
+        )
+        src_name = name.replace(".", "")
+        try:
+            self.get_source(name=src_name)
+        except SourceNotFound:
+            name = src_name
+        else:
+            from random import randint
+            name = "{0}-{1}".format(src_name, randint(1, 1000))
+        return name
+
     def add_index_to_pipfile(self, index, verify_ssl=True):
         """Adds a given index to the Pipfile."""
         # Read and append Pipfile.
@@ -833,18 +847,7 @@ class Project(object):
             source = {"url": index, "verify_ssl": verify_ssl}
         else:
             return
-        name, _, tld_guess = six.moves.urllib.parse.urlsplit(index).netloc.rpartition(
-            "."
-        )
-        src_name = name.replace(".", "")
-        try:
-            self.get_source(name=src_name)
-        except SourceNotFound:
-            source[name] = src_name
-        else:
-            from random import randint
-
-            source[name] = "{0}-{1}".format(src_name, randint(1, 1000))
+        source["name"] = self.src_name_from_url(index)
         # Add the package to the group.
         if "source" not in p:
             p["source"] = [source]