aboutsummaryrefslogtreecommitdiff
path: root/urllib3/util
diff options
context:
space:
mode:
authorDaniele Tricoli <eriol@mornie.org>2015-10-09 23:07:31 +0200
committerDaniele Tricoli <eriol@mornie.org>2015-10-09 23:07:31 +0200
commit2b3d330a120a16e97cecd5163b5d454dcfe38a2b (patch)
tree18760addd0640c90d4e2b6e867fa504e1f14d237 /urllib3/util
parente6838673bda9af1e9bf7c4f71b25cf3e3dfc1253 (diff)
downloadpython-urllib3-2b3d330a120a16e97cecd5163b5d454dcfe38a2b.tar
python-urllib3-2b3d330a120a16e97cecd5163b5d454dcfe38a2b.tar.gz
Import python-urllib3_1.12.orig.tar.gz
Diffstat (limited to 'urllib3/util')
-rw-r--r--urllib3/util/connection.py8
-rw-r--r--urllib3/util/response.py5
-rw-r--r--urllib3/util/ssl_.py23
3 files changed, 21 insertions, 15 deletions
diff --git a/urllib3/util/connection.py b/urllib3/util/connection.py
index 9ed5a64..4f2f0f1 100644
--- a/urllib3/util/connection.py
+++ b/urllib3/util/connection.py
@@ -80,16 +80,16 @@ def create_connection(address, timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
sock.connect(sa)
return sock
- except socket.error as _:
- err = _
+ except socket.error as e:
+ err = e
if sock is not None:
sock.close()
sock = None
if err is not None:
raise err
- else:
- raise socket.error("getaddrinfo returns an empty list")
+
+ raise socket.error("getaddrinfo returns an empty list")
def _set_socket_options(sock, options):
diff --git a/urllib3/util/response.py b/urllib3/util/response.py
index 767ee15..2c1de15 100644
--- a/urllib3/util/response.py
+++ b/urllib3/util/response.py
@@ -1,7 +1,4 @@
-try:
- import http.client as httplib
-except ImportError:
- import httplib
+from ..packages.six.moves import http_client as httplib
from ..exceptions import HeaderParsingError
diff --git a/urllib3/util/ssl_.py b/urllib3/util/ssl_.py
index 311378b..47b817e 100644
--- a/urllib3/util/ssl_.py
+++ b/urllib3/util/ssl_.py
@@ -75,8 +75,11 @@ except ImportError:
self.certfile = certfile
self.keyfile = keyfile
- def load_verify_locations(self, location):
- self.ca_certs = location
+ def load_verify_locations(self, cafile=None, capath=None):
+ self.ca_certs = cafile
+
+ if capath is not None:
+ raise SSLError("CA directories not supported in older Pythons")
def set_ciphers(self, cipher_suite):
if not self.supports_set_ciphers:
@@ -240,10 +243,11 @@ def create_urllib3_context(ssl_version=None, cert_reqs=None,
def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None,
ca_certs=None, server_hostname=None,
- ssl_version=None, ciphers=None, ssl_context=None):
+ ssl_version=None, ciphers=None, ssl_context=None,
+ ca_cert_dir=None):
"""
- All arguments except for server_hostname and ssl_context have the same
- meaning as they do when using :func:`ssl.wrap_socket`.
+ All arguments except for server_hostname, ssl_context, and ca_cert_dir have
+ the same meaning as they do when using :func:`ssl.wrap_socket`.
:param server_hostname:
When SNI is supported, the expected hostname of the certificate
@@ -253,15 +257,19 @@ def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None,
:param ciphers:
A string of ciphers we wish the client to support. This is not
supported on Python 2.6 as the ssl module does not support it.
+ :param ca_cert_dir:
+ A directory containing CA certificates in multiple separate files, as
+ supported by OpenSSL's -CApath flag or the capath argument to
+ SSLContext.load_verify_locations().
"""
context = ssl_context
if context is None:
context = create_urllib3_context(ssl_version, cert_reqs,
ciphers=ciphers)
- if ca_certs:
+ if ca_certs or ca_cert_dir:
try:
- context.load_verify_locations(ca_certs)
+ context.load_verify_locations(ca_certs, ca_cert_dir)
except IOError as e: # Platform-specific: Python 2.6, 2.7, 3.2
raise SSLError(e)
# Py33 raises FileNotFoundError which subclasses OSError
@@ -270,6 +278,7 @@ def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None,
if e.errno == errno.ENOENT:
raise SSLError(e)
raise
+
if certfile:
context.load_cert_chain(certfile, keyfile)
if HAS_SNI: # Platform-specific: OpenSSL with enabled SNI