search

python-hyper / hyper

HTTP/2 for Python.
http://hyper.rtfd.org/en/latest/
MIT License
1.05k stars 191 forks source link

How to control ssl context in a HTTP20Adapter #417

Open VeNoMouS opened 5 years ago

VeNoMouS commented 5 years ago 
class CipherSuiteAdapter(HTTP20Adapter):

    def __init__(self, cipherSuite=None, **kwargs):

        self.ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
        self.ssl_context.set_ciphers(cipherSuite)
        pprint(self.ssl_context.get_ciphers())
        self.ssl_context.options |= (ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3 | ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1)

        super(CipherSuiteAdapter, self).__init__(**kwargs)

    # ------------------------------------------------------------------------------- #

    def init_poolmanager(self, *args, **kwargs):
        kwargs['ssl_context'] = self.ssl_context
        return super(CipherSuiteAdapter, self).init_poolmanager(*args, **kwargs)

    # ------------------------------------------------------------------------------- #

    def proxy_manager_for(self, *args, **kwargs):
        kwargs['ssl_context'] = self.ssl_context
        return super(CipherSuiteAdapter, self).proxy_manager_for(*args, **kwargs)

# ------------------------------------------------------------------------------- #

because calling self.ssl_context.get_ciphers() is not the same what is being provided to the remote server...

VeNoMouS commented 5 years ago

Looking at the https://github.com/python-hyper/hyper/blob/development/hyper/contrib.py#L36 , its not possible ... not without changing some things and doing a PR