Return an equivalent SSLContext based on ssl.wrap_socket args.
( # type: ignore[no-untyped-def]
keyfile=None,
certfile=None,
server_side=None,
cert_reqs=None,
ssl_version: str | int | None = None,
ca_certs=None,
do_handshake_on_connect=None,
suppress_ragged_eofs=None,
ciphers=None,
alpn_protocols=None,
)
| 144 | |
| 145 | |
| 146 | def ssl_options_to_context( # type: ignore[no-untyped-def] |
| 147 | keyfile=None, |
| 148 | certfile=None, |
| 149 | server_side=None, |
| 150 | cert_reqs=None, |
| 151 | ssl_version: str | int | None = None, |
| 152 | ca_certs=None, |
| 153 | do_handshake_on_connect=None, |
| 154 | suppress_ragged_eofs=None, |
| 155 | ciphers=None, |
| 156 | alpn_protocols=None, |
| 157 | ) -> ssl.SSLContext: |
| 158 | """Return an equivalent SSLContext based on ssl.wrap_socket args.""" |
| 159 | ssl_version = resolve_ssl_version(ssl_version) |
| 160 | cert_none = resolve_cert_reqs("CERT_NONE") |
| 161 | if cert_reqs is None: |
| 162 | cert_reqs = cert_none |
| 163 | else: |
| 164 | cert_reqs = resolve_cert_reqs(cert_reqs) |
| 165 | |
| 166 | ctx = ssl.SSLContext(ssl_version) |
| 167 | ctx.load_cert_chain(certfile, keyfile) |
| 168 | ctx.verify_mode = cert_reqs |
| 169 | if ctx.verify_mode != cert_none: |
| 170 | ctx.load_verify_locations(cafile=ca_certs) |
| 171 | if alpn_protocols: |
| 172 | ctx.set_alpn_protocols(alpn_protocols) |
| 173 | return ctx |
| 174 | |
| 175 | |
| 176 | def get_unreachable_address() -> tuple[str, int]: |
nothing calls this directly
no test coverage detected