When _just_ using an SSL context we don't want breaking behavior (#673)

Also don't want to break backwards compat. So when chcking for depreicated values ignore
the check on verify_certs. Since it's True. the verify certs will be default true
in the ssl_context. And can be turned off in the SSL context when using it.
This commit is contained in:
Nick Lang
2017-11-28 14:01:20 -07:00
committed by Honza Král
parent 2a96ce14f1
commit 37490e223f
2 changed files with 2 additions and 3 deletions
+2 -2
View File
@@ -80,8 +80,8 @@ class Urllib3HttpConnection(Connection):
kw = {}
# if providing an SSL context, raise error if any other SSL related flag is used
if ssl_context and (verify_certs or ca_certs or ssl_version):
raise ImproperlyConfigured("When using `ssl_context`, `use_ssl`, `verify_certs`, `ca_certs` and `ssl_version` are not permitted")
if ssl_context and (ca_certs or ssl_version or use_ssl):
raise ImproperlyConfigured("When using `ssl_context`, `use_ssl`, `ca_certs` and `ssl_version` are not permitted")
# if ssl_context provided use SSL by default
if use_ssl or ssl_context:
-1
View File
@@ -68,7 +68,6 @@ class TestUrllib3Connection(TestCase):
except AttributeError:
raise SkipTest("SSL Context not supported in this version of python")
self.assertRaises(ImproperlyConfigured, Urllib3HttpConnection, ssl_context=ctx, use_ssl=True)
self.assertRaises(ImproperlyConfigured, Urllib3HttpConnection, ssl_context=ctx, verify_certs=True)
self.assertRaises(ImproperlyConfigured, Urllib3HttpConnection, ssl_context=ctx, ca_certs="/some/path/to/cert.crt")
self.assertRaises(ImproperlyConfigured, Urllib3HttpConnection, ssl_context=ctx, ssl_version=ssl.PROTOCOL_SSLv23)