| 38 | |
| 39 | |
| 40 | class HTTPieHTTPSAdapter(HTTPAdapter): |
| 41 | def __init__( |
| 42 | self, |
| 43 | verify: bool, |
| 44 | ssl_version: str = None, |
| 45 | ciphers: str = None, |
| 46 | **kwargs |
| 47 | ): |
| 48 | self._ssl_context = self._create_ssl_context( |
| 49 | verify=verify, |
| 50 | ssl_version=ssl_version, |
| 51 | ciphers=ciphers, |
| 52 | ) |
| 53 | super().__init__(**kwargs) |
| 54 | |
| 55 | def init_poolmanager(self, *args, **kwargs): |
| 56 | kwargs['ssl_context'] = self._ssl_context |
| 57 | return super().init_poolmanager(*args, **kwargs) |
| 58 | |
| 59 | def proxy_manager_for(self, *args, **kwargs): |
| 60 | kwargs['ssl_context'] = self._ssl_context |
| 61 | return super().proxy_manager_for(*args, **kwargs) |
| 62 | |
| 63 | def cert_verify(self, conn, url, verify, cert): |
| 64 | if isinstance(cert, HTTPieCertificate): |
| 65 | conn.key_password = cert.key_password |
| 66 | cert = cert.to_raw_cert() |
| 67 | |
| 68 | return super().cert_verify(conn, url, verify, cert) |
| 69 | |
| 70 | @staticmethod |
| 71 | def _create_ssl_context( |
| 72 | verify: bool, |
| 73 | ssl_version: str = None, |
| 74 | ciphers: str = None, |
| 75 | ) -> 'ssl.SSLContext': |
| 76 | ssl_context = create_urllib3_context( |
| 77 | ciphers=ciphers, |
| 78 | ssl_version=resolve_ssl_version(ssl_version), |
| 79 | # Since we are using a custom SSL context, we need to pass this |
| 80 | # here manually, even though it’s also passed to the connection |
| 81 | # in `super().cert_verify()`. |
| 82 | cert_reqs=ssl.CERT_REQUIRED if verify else ssl.CERT_NONE |
| 83 | ) |
| 84 | ensure_default_certs_loaded(ssl_context) |
| 85 | return ssl_context |
| 86 | |
| 87 | @classmethod |
| 88 | def get_default_ciphers_names(cls): |
| 89 | return [cipher['name'] for cipher in cls._create_ssl_context(verify=False).get_ciphers()] |
| 90 | |
| 91 | |
| 92 | def _is_key_file_encrypted(key_file): |
no outgoing calls
no test coverage detected