def connect(self):
"""Overrides HTTPSConnection.connect to specify TLS version"""
# Standard implementation from HTTPSConnection, which is not
# designed for extension, unfortunately
if sys.version_info >= (2, 7):
sock = socket.create_connection((self.host, self.port),
self.timeout, self.source_address)
elif sys.version_info >= (2, 6):
sock = socket.create_connection((self.host, self.port),
self.timeout)
else:
sock = socket.create_connection((self.host, self.port))
if getattr(self, '_tunnel_host', None):
self.sock = sock
self._tunnel()
if hasattr(ssl, 'SSLContext'):
# Since python 2.7.9, tls 1.1 and 1.2 are supported via
# SSLContext
ssl_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
ssl_context.options |= ssl.OP_NO_SSLv2
ssl_context.options |= ssl.OP_NO_SSLv3
if self.key_file and self.cert_file:
ssl_context.load_cert_chain(keyfile=self.key_file,
certfile=self.cert_file)
self.sock = ssl_context.wrap_socket(sock)
else:
# This is the only difference; default wrap_socket uses SSLv23
self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file,
ssl_version=ssl.PROTOCOL_TLSv1)
评论列表
文章目录
