pyopenssl module¶
|
Buffered I/O implementation using an in-memory bytes buffer. |
|
I am a wrapper class for the PyOpenSSL |
|
|
|
API-compatibility wrapper for Python OpenSSL's Connection-class. |
|
alias of |
|
SSL with SNI-support for Python 2. Follow these instructions if you would like to verify SSL certificates in Python 2. Note, the default libraries do not do certificate checking; you need to do additional work to validate certificates yourself.
This needs the following packages installed:
pyOpenSSL (tested with 16.0.0)
cryptography (minimum 1.3.4, from pyopenssl)
idna (minimum 2.0, from cryptography)
However, pyopenssl depends on cryptography, which depends on idna, so while we use all three directly here we end up having relatively few packages required.
You can install them with the following command:
pip install pyopenssl cryptography idna
To activate certificate checking, call
inject_into_urllib3 from your Python code
before you begin making HTTP requests. This can be done in a sitecustomize
module, or at any other time before your application begins using urllib3,
like this:
try:
import urllib3.contrib.pyopenssl
urllib3.contrib.pyopenssl.inject_into_urllib3()
except ImportError:
pass
Now you can use urllib3 as you normally would, and it will support SNI
when the required modules are installed.
Activating this module also has the positive side effect of disabling SSL/TLS compression in Python 2 (see CRIME attack).
If you want to configure the default list of supported cipher suites, you can
set the urllib3.contrib.pyopenssl.DEFAULT_SSL_CIPHER_LIST variable.
- extract_from_urllib3()[source]¶
Undo monkey-patching by
inject_into_urllib3.