search

requests / toolbelt

A toolbelt of useful classes and functions to be used with python-requests
https://toolbelt.readthedocs.org
Other
998 stars 186 forks source link

HostHeaderSSLAdapter with a Host header that includes port #288

Open dsimmsatsquare opened 4 years ago

dsimmsatsquare commented 4 years ago

Hello! Love your library!

I recently tried to use HostHeaderSSLAdapter with a connection not on port 443, so the Host header includes the port, and I was surprised to see the exception include the port:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/dsimms/Development/turtle-store/venv/lib/python3.7/site-packages/requests/sessions.py", line 546, in get
    return self.request('GET', url, **kwargs)
  File "/Users/dsimms/Development/turtle-store/venv/lib/python3.7/site-packages/requests/sessions.py", line 533, in request
    resp = self.send(prep, **send_kwargs)
  File "/Users/dsimms/Development/turtle-store/venv/lib/python3.7/site-packages/requests/sessions.py", line 646, in send
    r = adapter.send(request, **kwargs)
  File "/Users/dsimms/Development/turtle-store/venv/lib/python3.7/site-packages/requests_toolbelt/adapters/host_header_ssl.py", line 43, in send
    return super(HostHeaderSSLAdapter, self).send(request, **kwargs)
  File "/Users/dsimms/Development/turtle-store/venv/lib/python3.7/site-packages/requests/adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='turtle-development-dsimms.turtle-neptune-development.squarecloudservices.com', port=8182): Max retries exceeded with url: /status (Caused by SSLError(SSLCertVerificationError("hostname 'turtle-development-dsimms.cluster-csu5lgylajda.us-west-2.neptune.amazonaws.com:8182' doesn't match either of '*.csu5lgylajda.us-west-2.neptune.amazonaws.com', '*.cluster-csu5lgylajda.us-west-2.neptune.amazonaws.com', '*.cluster-ro-csu5lgylajda.us-west-2.neptune.amazonaws.com', '*.cluster-custom-csu5lgylajda.us-west-2.neptune.amazonaws.com'")))

...and lo, HostHeaderSSLAdapter drops the host header it finds straight in to connection_pool_kwargs["assert_hostname"]. How about making that

        if host_header:
            # host header can include port, but we should not include it in the assert hostname
            host_header = host_header.split(':')[0]
            connection_pool_kwargs["assert_hostname"] = host_header
        elif "assert_hostname" in connection_pool_kwargs:
            # an assert_hostname from a previous request may have been left
            connection_pool_kwargs.pop("assert_hostname", None)

?

dsimmsatsquare commented 4 years ago

(that fixes the issue locally for me)

dsimmsatsquare commented 4 years ago

ok, ok, I guess I should just send a PR. How's that?