diff options
author | Andrey Petrov <andrey.petrov@shazow.net> | 2012-08-03 23:30:34 -0700 |
---|---|---|
committer | Andrey Petrov <andrey.petrov@shazow.net> | 2012-08-03 23:30:34 -0700 |
commit | 21f131e1cbf40b3a0ab332a470325bf5a169a942 (patch) | |
tree | 355d6b5e55a406d4cb5c67eda4f6fb37bba5a144 | |
parent | 804a5365cb0f6ddf22f9e1eec56297205064e96b (diff) | |
download | urllib3-ssl_sni.tar.gz |
Cleanup for pull #89ssl_sni
-rw-r--r-- | urllib3/util.py | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/urllib3/util.py b/urllib3/util.py index 04b57d7e..45dd39cc 100644 --- a/urllib3/util.py +++ b/urllib3/util.py @@ -19,13 +19,14 @@ except ImportError: # `poll` doesn't exist on OSX and other platforms except ImportError: # `select` doesn't exist on AppEngine. select = False -try: +try: # Python 3.2+ from ssl import SSLContext, PROTOCOL_SSLv23 -except ImportError: # python < 3.2 +except ImportError: SSLContext = False -try: + +try: # OpenSSL with SNI from ssl import HAS_SNI -except ImportError: # openssl without SNI +except ImportError: HAS_SNI = False from .packages import six @@ -261,14 +262,16 @@ def is_connection_dropped(conn): # Either data is buffered (bad), or the connection is dropped. return True + def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=CERT_NONE, ca_certs=None, server_hostname=None): """ All arguments except `server_hostname` have the same meaning as for - :func:`ssl.wrap_socket` + :func:`ssl.wrap_socket`. If OpenSSL with SNI is available, then + `server_hostname` is used for SNI. :param server_hostname: - Hostname of the expected certificate + Hostname of the expected certificate. """ if SSLContext: # Platform-specific: Python >= 3.2 context = SSLContext(PROTOCOL_SSLv23) @@ -280,7 +283,7 @@ def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=CERT_NONE, raise SSLError(e) if certfile != None: context.load_cert_chain(certfile, keyfile) - if HAS_SNI: # Platform-specific: OpenSSL with enabled SNI + if HAS_SNI: # Platform-specific: OpenSSL with SNI return context.wrap_socket(sock, server_hostname=server_hostname) return context.wrap_socket(sock) |