Establish a TLS connection to the proxy using the provided SSL context.
(self, hostname: str, sock: socket.socket)
| 859 | self.proxy_is_verified = sock_and_verified.is_verified |
| 860 | |
| 861 | def _connect_tls_proxy(self, hostname: str, sock: socket.socket) -> ssl.SSLSocket: |
| 862 | """ |
| 863 | Establish a TLS connection to the proxy using the provided SSL context. |
| 864 | """ |
| 865 | # `_connect_tls_proxy` is called when self._tunnel_host is truthy. |
| 866 | proxy_config = typing.cast(ProxyConfig, self.proxy_config) |
| 867 | ssl_context = proxy_config.ssl_context |
| 868 | sock_and_verified = _ssl_wrap_socket_and_match_hostname( |
| 869 | sock, |
| 870 | cert_reqs=self.cert_reqs, |
| 871 | ssl_version=self.ssl_version, |
| 872 | ssl_minimum_version=self.ssl_minimum_version, |
| 873 | ssl_maximum_version=self.ssl_maximum_version, |
| 874 | ca_certs=self.ca_certs, |
| 875 | ca_cert_dir=self.ca_cert_dir, |
| 876 | ca_cert_data=self.ca_cert_data, |
| 877 | server_hostname=hostname, |
| 878 | ssl_context=ssl_context, |
| 879 | assert_hostname=proxy_config.assert_hostname, |
| 880 | assert_fingerprint=proxy_config.assert_fingerprint, |
| 881 | # Features that aren't implemented for proxies yet: |
| 882 | cert_file=None, |
| 883 | key_file=None, |
| 884 | key_password=None, |
| 885 | tls_in_tls=False, |
| 886 | ) |
| 887 | self.proxy_is_verified = sock_and_verified.is_verified |
| 888 | return sock_and_verified.socket # type: ignore[return-value] |
| 889 | |
| 890 | |
| 891 | class _WrappedAndVerifiedSocket(typing.NamedTuple): |
no test coverage detected