| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 |
- from .ssl_ import create_urllib3_context, resolve_cert_reqs, resolve_ssl_version
- def connection_requires_http_tunnel(
- proxy_url=None, proxy_config=None, destination_scheme=None
- ):
- """
- Returns True if the connection requires an HTTP CONNECT through the proxy.
- :param URL proxy_url:
- URL of the proxy.
- :param ProxyConfig proxy_config:
- Proxy configuration from poolmanager.py
- :param str destination_scheme:
- The scheme of the destination. (i.e https, http, etc)
- """
- # If we're not using a proxy, no way to use a tunnel.
- if proxy_url is None:
- return False
- # HTTP destinations never require tunneling, we always forward.
- if destination_scheme == "http":
- return False
- # Support for forwarding with HTTPS proxies and HTTPS destinations.
- if (
- proxy_url.scheme == "https"
- and proxy_config
- and proxy_config.use_forwarding_for_https
- ):
- return False
- # Otherwise always use a tunnel.
- return True
- def create_proxy_ssl_context(
- ssl_version, cert_reqs, ca_certs=None, ca_cert_dir=None, ca_cert_data=None
- ):
- """
- Generates a default proxy ssl context if one hasn't been provided by the
- user.
- """
- ssl_context = create_urllib3_context(
- ssl_version=resolve_ssl_version(ssl_version),
- cert_reqs=resolve_cert_reqs(cert_reqs),
- )
- if (
- not ca_certs
- and not ca_cert_dir
- and not ca_cert_data
- and hasattr(ssl_context, "load_default_certs")
- ):
- ssl_context.load_default_certs()
- return ssl_context
|
