diff options
author | SVN-Git Migration <python-modules-team@lists.alioth.debian.org> | 2015-10-08 13:19:43 -0700 |
---|---|---|
committer | SVN-Git Migration <python-modules-team@lists.alioth.debian.org> | 2015-10-08 13:19:43 -0700 |
commit | e6838673bda9af1e9bf7c4f71b25cf3e3dfc1253 (patch) | |
tree | 9b3a790337eee838225caa031f8051123157e6f0 /urllib3/connection.py | |
parent | c9df3d807f7134f58f4a84dc8b80e9dc98c62f3a (diff) | |
download | python-urllib3-e6838673bda9af1e9bf7c4f71b25cf3e3dfc1253.tar python-urllib3-e6838673bda9af1e9bf7c4f71b25cf3e3dfc1253.tar.gz |
Imported Upstream version 1.11
Diffstat (limited to 'urllib3/connection.py')
-rw-r--r-- | urllib3/connection.py | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/urllib3/connection.py b/urllib3/connection.py index 2a8c359..f64dd1a 100644 --- a/urllib3/connection.py +++ b/urllib3/connection.py @@ -38,7 +38,7 @@ except NameError: # Python 2: from .exceptions import ( ConnectTimeoutError, SystemTimeWarning, - SecurityWarning, + SubjectAltNameWarning, ) from .packages.ssl_match_hostname import match_hostname @@ -192,6 +192,9 @@ class VerifiedHTTPSConnection(HTTPSConnection): cert_reqs=None, ca_certs=None, assert_hostname=None, assert_fingerprint=None): + if ca_certs and cert_reqs is None: + cert_reqs = 'CERT_REQUIRED' + self.key_file = key_file self.cert_file = cert_file self.cert_reqs = cert_reqs @@ -245,10 +248,11 @@ class VerifiedHTTPSConnection(HTTPSConnection): cert = self.sock.getpeercert() if not cert.get('subjectAltName', ()): warnings.warn(( - 'Certificate has no `subjectAltName`, falling back to check for a `commonName` for now. ' - 'This feature is being removed by major browsers and deprecated by RFC 2818. ' - '(See https://github.com/shazow/urllib3/issues/497 for details.)'), - SecurityWarning + 'Certificate for {0} has no `subjectAltName`, falling back to check for a ' + '`commonName` for now. This feature is being removed by major browsers and ' + 'deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 ' + 'for details.)'.format(hostname)), + SubjectAltNameWarning ) match_hostname(cert, self.assert_hostname or hostname) |