extern/httpie-cli
1
0
Fork 1
mirror of https://github.com/httpie/cli.git synced 2025-06-24 19:41:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix/refactor default cert loading

Browse Source
This commit is contained in:
Jakub Roztocil 2024-11-01 17:47:27 +01:00
parent ff742581f4
commit 2ef4a57d8c
2 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
httpie/compat.py
View File

@ -1,4 +1,5 @@
import sys import sys
from ssl import SSLContext
from typing import Any, Optional, Iterable from typing import Any, Optional, Iterable
from httpie.cookies import HTTPieCookiePolicy from httpie.cookies import HTTPieCookiePolicy
@ -10,7 +11,6 @@ from http import cookiejar # noqa
# policy. <https://github.com/psf/requests/issues/5449> # policy. <https://github.com/psf/requests/issues/5449>
cookiejar.DefaultCookiePolicy = HTTPieCookiePolicy cookiejar.DefaultCookiePolicy = HTTPieCookiePolicy
is_windows = 'win32' in str(sys.platform).lower() is_windows = 'win32' in str(sys.platform).lower()
is_frozen = getattr(sys, 'frozen', False) is_frozen = getattr(sys, 'frozen', False)
@ -66,7 +66,6 @@ except ImportError:
res = instance.__dict__[self.name] = self.func(instance) res = instance.__dict__[self.name] = self.func(instance)
return res return res
# importlib_metadata was a provisional module, so the APIs changed quite a few times # importlib_metadata was a provisional module, so the APIs changed quite a few times
# between 3.8-3.10. It was also not included in the standard library until 3.8, so # between 3.8-3.10. It was also not included in the standard library until 3.8, so
# we install the backport for <3.8. # we install the backport for <3.8.
@ -100,3 +99,15 @@ def get_dist_name(entry_point: importlib_metadata.EntryPoint) -> Optional[str]:
return None return None
else: else:
return metadata.get('name') return metadata.get('name')
def ensure_default_certs_loaded(ssl_context: SSLContext) -> None:
"""
Workaround for a bug in Requests 2.32.3
See <https://github.com/httpie/cli/issues/1583>
"""
if hasattr(ssl_context, 'load_default_certs'):
if not ssl_context.get_ca_certs():
ssl_context.load_default_certs()

13
httpie/ssl_.py
View File

@ -1,13 +1,15 @@
import ssl import ssl
from typing import NamedTuple, Optional from typing import NamedTuple, Optional
from httpie.adapters import HTTPAdapter
# noinspection PyPackageRequirements # noinspection PyPackageRequirements
from urllib3.util.ssl_ import ( from urllib3.util.ssl_ import (
create_urllib3_context, create_urllib3_context,
resolve_ssl_version, resolve_ssl_version,
) )
from .adapters import HTTPAdapter
from .compat import ensure_default_certs_loaded
SSL_VERSION_ARG_MAPPING = { SSL_VERSION_ARG_MAPPING = {
'ssl2.3': 'PROTOCOL_SSLv23', 'ssl2.3': 'PROTOCOL_SSLv23',
@ -71,7 +73,7 @@ class HTTPieHTTPSAdapter(HTTPAdapter):
ssl_version: str = None, ssl_version: str = None,
ciphers: str = None, ciphers: str = None,
) -> 'ssl.SSLContext': ) -> 'ssl.SSLContext':
context = create_urllib3_context( ssl_context = create_urllib3_context(
ciphers=ciphers, ciphers=ciphers,
ssl_version=resolve_ssl_version(ssl_version), ssl_version=resolve_ssl_version(ssl_version),
# Since we are using a custom SSL context, we need to pass this # Since we are using a custom SSL context, we need to pass this
@ -79,11 +81,8 @@ class HTTPieHTTPSAdapter(HTTPAdapter):
# in `super().cert_verify()`. # in `super().cert_verify()`.
cert_reqs=ssl.CERT_REQUIRED if verify else ssl.CERT_NONE cert_reqs=ssl.CERT_REQUIRED if verify else ssl.CERT_NONE
) )
if not context.get_ca_certs(): ensure_default_certs_loaded(ssl_context)
# Workaround for a bug in requests 2.32.3 return ssl_context
# See <https://github.com/httpie/cli/issues/1583>
context.load_default_certs()
return context
@classmethod @classmethod
def get_default_ciphers_names(cls): def get_default_ciphers_names(cls):