diff options
author | Daniele Tricoli <eriol@mornie.org> | 2015-10-09 23:07:31 +0200 |
---|---|---|
committer | Daniele Tricoli <eriol@mornie.org> | 2015-10-09 23:07:31 +0200 |
commit | 2b3d330a120a16e97cecd5163b5d454dcfe38a2b (patch) | |
tree | 18760addd0640c90d4e2b6e867fa504e1f14d237 /urllib3/util | |
parent | e6838673bda9af1e9bf7c4f71b25cf3e3dfc1253 (diff) | |
download | python-urllib3-2b3d330a120a16e97cecd5163b5d454dcfe38a2b.tar python-urllib3-2b3d330a120a16e97cecd5163b5d454dcfe38a2b.tar.gz |
Import python-urllib3_1.12.orig.tar.gz
Diffstat (limited to 'urllib3/util')
-rw-r--r-- | urllib3/util/connection.py | 8 | ||||
-rw-r--r-- | urllib3/util/response.py | 5 | ||||
-rw-r--r-- | urllib3/util/ssl_.py | 23 |
3 files changed, 21 insertions, 15 deletions
diff --git a/urllib3/util/connection.py b/urllib3/util/connection.py index 9ed5a64..4f2f0f1 100644 --- a/urllib3/util/connection.py +++ b/urllib3/util/connection.py @@ -80,16 +80,16 @@ def create_connection(address, timeout=socket._GLOBAL_DEFAULT_TIMEOUT, sock.connect(sa) return sock - except socket.error as _: - err = _ + except socket.error as e: + err = e if sock is not None: sock.close() sock = None if err is not None: raise err - else: - raise socket.error("getaddrinfo returns an empty list") + + raise socket.error("getaddrinfo returns an empty list") def _set_socket_options(sock, options): diff --git a/urllib3/util/response.py b/urllib3/util/response.py index 767ee15..2c1de15 100644 --- a/urllib3/util/response.py +++ b/urllib3/util/response.py @@ -1,7 +1,4 @@ -try: - import http.client as httplib -except ImportError: - import httplib +from ..packages.six.moves import http_client as httplib from ..exceptions import HeaderParsingError diff --git a/urllib3/util/ssl_.py b/urllib3/util/ssl_.py index 311378b..47b817e 100644 --- a/urllib3/util/ssl_.py +++ b/urllib3/util/ssl_.py @@ -75,8 +75,11 @@ except ImportError: self.certfile = certfile self.keyfile = keyfile - def load_verify_locations(self, location): - self.ca_certs = location + def load_verify_locations(self, cafile=None, capath=None): + self.ca_certs = cafile + + if capath is not None: + raise SSLError("CA directories not supported in older Pythons") def set_ciphers(self, cipher_suite): if not self.supports_set_ciphers: @@ -240,10 +243,11 @@ def create_urllib3_context(ssl_version=None, cert_reqs=None, def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None, ca_certs=None, server_hostname=None, - ssl_version=None, ciphers=None, ssl_context=None): + ssl_version=None, ciphers=None, ssl_context=None, + ca_cert_dir=None): """ - All arguments except for server_hostname and ssl_context have the same - meaning as they do when using :func:`ssl.wrap_socket`. + All arguments except for server_hostname, ssl_context, and ca_cert_dir have + the same meaning as they do when using :func:`ssl.wrap_socket`. :param server_hostname: When SNI is supported, the expected hostname of the certificate @@ -253,15 +257,19 @@ def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None, :param ciphers: A string of ciphers we wish the client to support. This is not supported on Python 2.6 as the ssl module does not support it. + :param ca_cert_dir: + A directory containing CA certificates in multiple separate files, as + supported by OpenSSL's -CApath flag or the capath argument to + SSLContext.load_verify_locations(). """ context = ssl_context if context is None: context = create_urllib3_context(ssl_version, cert_reqs, ciphers=ciphers) - if ca_certs: + if ca_certs or ca_cert_dir: try: - context.load_verify_locations(ca_certs) + context.load_verify_locations(ca_certs, ca_cert_dir) except IOError as e: # Platform-specific: Python 2.6, 2.7, 3.2 raise SSLError(e) # Py33 raises FileNotFoundError which subclasses OSError @@ -270,6 +278,7 @@ def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None, if e.errno == errno.ENOENT: raise SSLError(e) raise + if certfile: context.load_cert_chain(certfile, keyfile) if HAS_SNI: # Platform-specific: OpenSSL with enabled SNI |