MCPcopy Index your code
hub / github.com/RustPython/RustPython / _create_unverified_context

Function _create_unverified_context

Lib/ssl.py:730–782  ·  view source on GitHub ↗

Create a SSLContext object for Python stdlib modules All Python stdlib modules shall use this function to create SSLContext objects in order to keep common settings in one place. The configuration is less restrict than create_default_context()'s to increase backward compatibility.

(protocol=None, *, cert_reqs=CERT_NONE,
                           check_hostname=False, purpose=Purpose.SERVER_AUTH,
                           certfile=None, keyfile=None,
                           cafile=None, capath=None, cadata=None)

Source from the content-addressed store, hash-verified

728 return context
729
730def _create_unverified_context(protocol=None, *, cert_reqs=CERT_NONE,
731 check_hostname=False, purpose=Purpose.SERVER_AUTH,
732 certfile=None, keyfile=None,
733 cafile=None, capath=None, cadata=None):
734 """Create a SSLContext object for Python stdlib modules
735
736 All Python stdlib modules shall use this function to create SSLContext
737 objects in order to keep common settings in one place. The configuration
738 is less restrict than create_default_context()'s to increase backward
739 compatibility.
740 """
741 if not isinstance(purpose, _ASN1Object):
742 raise TypeError(purpose)
743
744 # SSLContext sets OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_COMPRESSION,
745 # OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE and OP_SINGLE_ECDH_USE
746 # by default.
747 if purpose == Purpose.SERVER_AUTH:
748 # verify certs and host name in client mode
749 if protocol is None:
750 protocol = PROTOCOL_TLS_CLIENT
751 elif purpose == Purpose.CLIENT_AUTH:
752 if protocol is None:
753 protocol = PROTOCOL_TLS_SERVER
754 else:
755 raise ValueError(purpose)
756
757 context = SSLContext(protocol)
758 context.check_hostname = check_hostname
759 if cert_reqs is not None:
760 context.verify_mode = cert_reqs
761 if check_hostname:
762 context.check_hostname = True
763
764 if keyfile and not certfile:
765 raise ValueError("certfile must be specified")
766 if certfile or keyfile:
767 context.load_cert_chain(certfile, keyfile)
768
769 # load CA root certs
770 if cafile or capath or cadata:
771 context.load_verify_locations(cafile, capath, cadata)
772 elif context.verify_mode != CERT_NONE:
773 # no explicit cafile, capath or cadata but the verify mode is
774 # CERT_OPTIONAL or CERT_REQUIRED. Let's try to load default system
775 # root CA certificates for the given purpose. This may fail silently.
776 context.load_default_certs(purpose)
777 # OpenSSL 1.1.1 keylog file
778 if hasattr(context, 'keylog_filename'):
779 keylogfile = os.environ.get('SSLKEYLOGFILE')
780 if keylogfile and not sys.flags.ignore_environment:
781 context.keylog_filename = keylogfile
782 return context
783
784# Used by http.client if no context is explicitly passed.
785_create_default_https_context = create_default_context

Callers

nothing calls this directly

Calls 7

load_default_certsMethod · 0.95
isinstanceFunction · 0.85
SSLContextClass · 0.85
hasattrFunction · 0.85
load_cert_chainMethod · 0.45
load_verify_locationsMethod · 0.45
getMethod · 0.45

Tested by

no test coverage detected