diff options
| author | Jakub Roztocil <jakub@roztocil.co> | 2024-11-01 17:38:39 +0100 |
|---|---|---|
| committer | Jakub Roztocil <jakub@roztocil.co> | 2024-11-01 17:38:39 +0100 |
| commit | ff742581f49dbc370b3288dd53d35f843c564c66 (patch) | |
| tree | ed0975c33cb4aa31e4f56299ba92c57e48272f27 | |
| parent | fd30c4ef6230a927f9dcfad6301c40e8bf846156 (diff) | |
Cleanup default cert loading
| -rw-r--r-- | httpie/ssl_.py | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/httpie/ssl_.py b/httpie/ssl_.py index 33fde598..6df4ff45 100644 --- a/httpie/ssl_.py +++ b/httpie/ssl_.py @@ -32,7 +32,7 @@ class HTTPieCertificate(NamedTuple): def to_raw_cert(self): """Synthesize a requests-compatible (2-item tuple of cert and key file) object from HTTPie's internal representation of a certificate.""" - return (self.cert_file, self.key_file) + return self.cert_file, self.key_file class HTTPieHTTPSAdapter(HTTPAdapter): @@ -48,13 +48,6 @@ class HTTPieHTTPSAdapter(HTTPAdapter): ssl_version=ssl_version, ciphers=ciphers, ) - # workaround for a bug in requests 2.32.3, see: - # https://github.com/httpie/cli/issues/1583 - if getattr(self._ssl_context, 'load_default_certs', None) is not None: - # if load_default_certs is present, get_ca_certs must be - # also, no need for another getattr - if not self._ssl_context.get_ca_certs(): - self._ssl_context.load_default_certs() super().__init__(**kwargs) def init_poolmanager(self, *args, **kwargs): @@ -78,7 +71,7 @@ class HTTPieHTTPSAdapter(HTTPAdapter): ssl_version: str = None, ciphers: str = None, ) -> 'ssl.SSLContext': - return create_urllib3_context( + context = create_urllib3_context( ciphers=ciphers, ssl_version=resolve_ssl_version(ssl_version), # Since we are using a custom SSL context, we need to pass this @@ -86,6 +79,11 @@ class HTTPieHTTPSAdapter(HTTPAdapter): # in `super().cert_verify()`. cert_reqs=ssl.CERT_REQUIRED if verify else ssl.CERT_NONE ) + if not context.get_ca_certs(): + # Workaround for a bug in requests 2.32.3 + # See <https://github.com/httpie/cli/issues/1583> + context.load_default_certs() + return context @classmethod def get_default_ciphers_names(cls): |