def init_poolmanager(self, connections, maxsize, block=DEFAULT_POOLBLOCK, **pool_kwargs):
if self._cbapi_force_tls_1_2:
# Force the use of TLS v1.2 when talking to this Cb Response server.
context = create_urllib3_context(ciphers=('TLSv1.2:!aNULL:!eNULL:!MD5'))
context.options |= ssl.OP_NO_SSLv2
context.options |= ssl.OP_NO_SSLv3
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1
pool_kwargs['ssl_context'] = context
if not self._cbapi_verify_hostname:
# Provide the ability to validate a Carbon Black server's SSL certificate without validating the hostname
# (by default Carbon Black certificates are "issued" as CN=Self-signed Carbon Black Enterprise Server
# HTTPS Certificate)
pool_kwargs["assert_hostname"] = False
return super(CbAPISessionAdapter, self).init_poolmanager(connections, maxsize, block, **pool_kwargs)
评论列表
文章目录
