|
OpenQuizz
Une application de gestion des contenus pédagogiques
|
Data Structures | |
| class | SSLContext |
Functions | |
| def | assert_fingerprint (cert, fingerprint) |
| def | resolve_cert_reqs (candidate) |
| def | resolve_ssl_version (candidate) |
| def | create_urllib3_context (ssl_version=None, cert_reqs=None, options=None, ciphers=None) |
| def | ssl_wrap_socket (sock, keyfile=None, certfile=None, cert_reqs=None, ca_certs=None, server_hostname=None, ssl_version=None, ciphers=None, ssl_context=None, ca_cert_dir=None, key_password=None, ca_cert_data=None, tls_in_tls=False) |
| def | is_ipaddress (hostname) |
| def pip._vendor.urllib3.util.ssl_.assert_fingerprint | ( | cert, | |
| fingerprint | |||
| ) |
Checks if given fingerprint matches the supplied certificate.
:param cert:
Certificate as bytes object.
:param fingerprint:
Fingerprint as string of hexdigits, can be interspersed by colons.
| def pip._vendor.urllib3.util.ssl_.create_urllib3_context | ( | ssl_version = None, |
|
cert_reqs = None, |
|||
options = None, |
|||
ciphers = None |
|||
| ) |
All arguments have the same meaning as ``ssl_wrap_socket``.
By default, this function does a lot of the same work that
``ssl.create_default_context`` does on Python 3.4+. It:
- Disables SSLv2, SSLv3, and compression
- Sets a restricted set of server ciphers
If you wish to enable SSLv3, you can do::
from pip._vendor.urllib3.util import ssl_
context = ssl_.create_urllib3_context()
context.options &= ~ssl_.OP_NO_SSLv3
You can do the same to enable compression (substituting ``COMPRESSION``
for ``SSLv3`` in the last line above).
:param ssl_version:
The desired protocol version to use. This will default to
PROTOCOL_SSLv23 which will negotiate the highest protocol that both
the server and your installation of OpenSSL support.
:param cert_reqs:
Whether to require the certificate verification. This defaults to
``ssl.CERT_REQUIRED``.
:param options:
Specific OpenSSL options. These default to ``ssl.OP_NO_SSLv2``,
``ssl.OP_NO_SSLv3``, ``ssl.OP_NO_COMPRESSION``, and ``ssl.OP_NO_TICKET``.
:param ciphers:
Which cipher suites to allow the server to select.
:returns:
Constructed SSLContext object with specified options
:rtype: SSLContext
| def pip._vendor.urllib3.util.ssl_.is_ipaddress | ( | hostname | ) |
Detects whether the hostname given is an IPv4 or IPv6 address. Also detects IPv6 addresses with Zone IDs. :param str hostname: Hostname to examine. :return: True if the hostname is an IP address, False otherwise.
| def pip._vendor.urllib3.util.ssl_.resolve_cert_reqs | ( | candidate | ) |
Resolves the argument to a numeric constant, which can be passed to the wrap_socket function/method from the ssl module. Defaults to :data:`ssl.CERT_REQUIRED`. If given a string it is assumed to be the name of the constant in the :mod:`ssl` module or its abbreviation. (So you can specify `REQUIRED` instead of `CERT_REQUIRED`. If it's neither `None` nor a string we assume it is already the numeric constant which can directly be passed to wrap_socket.
| def pip._vendor.urllib3.util.ssl_.resolve_ssl_version | ( | candidate | ) |
like resolve_cert_reqs
| def pip._vendor.urllib3.util.ssl_.ssl_wrap_socket | ( | sock, | |
keyfile = None, |
|||
certfile = None, |
|||
cert_reqs = None, |
|||
ca_certs = None, |
|||
server_hostname = None, |
|||
ssl_version = None, |
|||
ciphers = None, |
|||
ssl_context = None, |
|||
ca_cert_dir = None, |
|||
key_password = None, |
|||
ca_cert_data = None, |
|||
tls_in_tls = False |
|||
| ) |
All arguments except for server_hostname, ssl_context, and ca_cert_dir have
the same meaning as they do when using :func:`ssl.wrap_socket`.
:param server_hostname:
When SNI is supported, the expected hostname of the certificate
:param ssl_context:
A pre-made :class:`SSLContext` object. If none is provided, one will
be created using :func:`create_urllib3_context`.
:param ciphers:
A string of ciphers we wish the client to support.
:param ca_cert_dir:
A directory containing CA certificates in multiple separate files, as
supported by OpenSSL's -CApath flag or the capath argument to
SSLContext.load_verify_locations().
:param key_password:
Optional password if the keyfile is encrypted.
:param ca_cert_data:
Optional string containing CA certificates in PEM format suitable for
passing as the cadata parameter to SSLContext.load_verify_locations()
:param tls_in_tls:
Use SSLTransport to wrap the existing socket.
| ALPN_PROTOCOLS |
| DEFAULT_CIPHERS |
| HAS_SNI |
| HASHFUNC_MAP |
| IS_PYOPENSSL |
| IS_SECURETRANSPORT |
| OP_NO_COMPRESSION |
| OP_NO_SSLv2 |
| OP_NO_SSLv3 |
| OP_NO_TICKET |
| PROTOCOL_SSLv23 |
| PROTOCOL_TLS |