MCPcopy Index your code
hub / github.com/mitmproxy/mitmproxy / _create_ssl_context

Function _create_ssl_context

mitmproxy/net/tls.py:149–188  ·  view source on GitHub ↗
(
    *,
    method: Method,
    min_version: Version,
    max_version: Version,
    cipher_list: Iterable[str] | None,
    ecdh_curve: EllipticCurve | None,
)

Source from the content-addressed store, hash-verified

147
148
149def _create_ssl_context(
150 *,
151 method: Method,
152 min_version: Version,
153 max_version: Version,
154 cipher_list: Iterable[str] | None,
155 ecdh_curve: EllipticCurve | None,
156) -> SSL.Context:
157 context = SSL.Context(method.value)
158
159 ok = SSL._lib.SSL_CTX_set_min_proto_version(context._context, min_version.value) # type: ignore
160 ok += SSL._lib.SSL_CTX_set_max_proto_version(context._context, max_version.value) # type: ignore
161 if ok != 2:
162 raise RuntimeError(
163 f"Error setting TLS versions ({min_version=}, {max_version=}). "
164 "The version you specified may be unavailable in your libssl."
165 )
166
167 # Options
168 context.set_options(DEFAULT_OPTIONS)
169
170 # ECDHE for Key exchange
171 if ecdh_curve is not None:
172 try:
173 context.set_tmp_ecdh(ecdh_curve)
174 except ValueError as e:
175 raise RuntimeError(f"Elliptic curve specification error: {e}") from e
176
177 # Cipher List
178 if cipher_list is not None:
179 try:
180 context.set_cipher_list(b":".join(x.encode() for x in cipher_list))
181 except SSL.Error as e:
182 raise RuntimeError(f"SSL cipher specification error: {e}") from e
183
184 # SSLKEYLOGFILE
185 if log_master_secret:
186 context.set_keylog_callback(log_master_secret)
187
188 return context
189
190
191@lru_cache(256)

Callers 2

Calls 2

joinMethod · 0.45
encodeMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…