MCPcopy
hub / github.com/urllib3/urllib3 / create_urllib3_context

Function create_urllib3_context

src/urllib3/util/ssl_.py:180–324  ·  view source on GitHub ↗

Creates and configures an :class:`ssl.SSLContext` instance for use with urllib3. :param ssl_version: The desired protocol version to use. This will default to PROTOCOL_SSLv23 which will negotiate the highest protocol that both the server and your installation of OpenSSL

(
    ssl_version: int | None = None,
    cert_reqs: int | None = None,
    options: int | None = None,
    ciphers: str | None = None,
    ssl_minimum_version: int | None = None,
    ssl_maximum_version: int | None = None,
    verify_flags: int | None = None,
)

Source from the content-addressed store, hash-verified

178
179
180def create_urllib3_context(
181 ssl_version: int | None = None,
182 cert_reqs: int | None = None,
183 options: int | None = None,
184 ciphers: str | None = None,
185 ssl_minimum_version: int | None = None,
186 ssl_maximum_version: int | None = None,
187 verify_flags: int | None = None,
188) -> ssl.SSLContext:
189 """Creates and configures an :class:`ssl.SSLContext` instance for use with urllib3.
190
191 :param ssl_version:
192 The desired protocol version to use. This will default to
193 PROTOCOL_SSLv23 which will negotiate the highest protocol that both
194 the server and your installation of OpenSSL support.
195
196 This parameter is deprecated instead use 'ssl_minimum_version'.
197 :param ssl_minimum_version:
198 The minimum version of TLS to be used. Use the 'ssl.TLSVersion' enum for specifying the value.
199 :param ssl_maximum_version:
200 The maximum version of TLS to be used. Use the 'ssl.TLSVersion' enum for specifying the value.
201 Not recommended to set to anything other than 'ssl.TLSVersion.MAXIMUM_SUPPORTED' which is the
202 default value.
203 :param cert_reqs:
204 Whether to require the certificate verification. This defaults to
205 ``ssl.CERT_REQUIRED``.
206 :param options:
207 Specific OpenSSL options. These default to ``ssl.OP_NO_SSLv2``,
208 ``ssl.OP_NO_SSLv3``, ``ssl.OP_NO_COMPRESSION``, and ``ssl.OP_NO_TICKET``.
209 :param ciphers:
210 Which cipher suites to allow the server to select. Defaults to either system configured
211 ciphers if OpenSSL 1.1.1+, otherwise uses a secure default set of ciphers.
212 :param verify_flags:
213 The flags for certificate verification operations. These default to
214 ``ssl.VERIFY_X509_PARTIAL_CHAIN`` and ``ssl.VERIFY_X509_STRICT`` for Python 3.13+.
215 :returns:
216 Constructed SSLContext object with specified options
217 :rtype: SSLContext
218 """
219 if SSLContext is None:
220 raise TypeError("Can't create an SSLContext object without an ssl module")
221
222 # This means 'ssl_version' was specified as an exact value.
223 if ssl_version not in (None, PROTOCOL_TLS, PROTOCOL_TLS_CLIENT):
224 # Disallow setting 'ssl_version' and 'ssl_minimum|maximum_version'
225 # to avoid conflicts.
226 if ssl_minimum_version is not None or ssl_maximum_version is not None:
227 raise ValueError(
228 "Can't specify both 'ssl_version' and either "
229 "'ssl_minimum_version' or 'ssl_maximum_version'"
230 )
231
232 # 'ssl_version' is deprecated and will be removed in the future.
233 else:
234 # Use 'ssl_minimum_version' and 'ssl_maximum_version' instead.
235 ssl_minimum_version = _SSL_VERSION_TO_TLS_VERSION.get(
236 ssl_version, TLSVersion.MINIMUM_SUPPORTED
237 )

Calls 2

getMethod · 0.80
set_ciphersMethod · 0.80