Skip to content
This repository was archived by the owner on Jan 13, 2021. It is now read-only.

Commit 2872fde

Browse files
jdecuyperjdecuyper
committed
Support external certicate and document init_context
Allow user to provide their own certification file. Add description of the init_context method to the API documentation.
1 parent 907d292 commit 2872fde

File tree

8 files changed

+23
-10
lines changed

8 files changed

+23
-10
lines changed

docs/source/api.rst

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,11 @@ Headers
4040
.. autoclass:: hyper.common.headers.HTTPHeaderMap
4141
:inherited-members:
4242

43+
SSLContext
44+
----------
45+
46+
.. automethod:: hyper.tls.init_context
47+
4348
Requests Transport Adapter
4449
--------------------------
4550

hyper/common/connection.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ class HTTPConnection(object):
4040
resources to the client (see
4141
:meth:`get_pushes() <hyper.HTTP20Connection.get_pushes>`).
4242
:param ssl_context: (optional) A class with custom certificate settings.
43-
If not provided then hyper's default SSLContext is used instead.
43+
If not provided then hyper's default ``SSLContext`` is used instead.
4444
"""
4545
def __init__(self,
4646
host,

hyper/http11/connection.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ class HTTP11Connection(object):
4444
``False`` for most requests, but to ``True`` for any request issued to
4545
port 443.
4646
:param ssl_context: (optional) A class with custom certificate settings.
47-
If not provided then hyper's default SSLContext is used instead.
47+
If not provided then hyper's default ``SSLContext`` is used instead.
4848
"""
4949
def __init__(self, host, port=None, secure=None, ssl_context=None,
5050
**kwargs):

hyper/http20/connection.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ class HTTP20Connection(object):
5252
resources to the client (see
5353
:meth:`get_pushes() <hyper.HTTP20Connection.get_pushes>`).
5454
:param ssl_context: (optional) A class with custom certificate settings.
55-
If not provided then hyper's default SSLContext is used instead.
55+
If not provided then hyper's default ``SSLContext`` is used instead.
5656
"""
5757
def __init__(self, host, port=None, window_manager=None, enable_push=False,
5858
ssl_context=None, **kwargs):

hyper/tls.py

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ def wrap_socket(sock, server_hostname, ssl_context=None):
3232

3333
# create the singleton SSLContext we use
3434
if _context is None: # pragma: no cover
35-
_context = _init_context()
35+
_context = init_context()
3636

3737
# if an SSLContext is provided then use it instead of default context
3838
_ssl_context = ssl_context or _context
@@ -62,13 +62,21 @@ def wrap_socket(sock, server_hostname, ssl_context=None):
6262
return (ssl_sock, proto)
6363

6464

65-
def _init_context():
65+
def init_context(cert_path=None):
6666
"""
67-
Create a pre-configured SSLContext.
67+
Create a new ``SSLContext`` that is correctly set up for an HTTP/2 connection.
68+
This SSL context object can be customized and passed as a parameter to the
69+
:class:`HTTPConnection <hyper.HTTPConnection>` class. Provide your
70+
own certificate file in case you don’t want to use hyper’s default
71+
certificate. The path to the certificate can be absolute or relative
72+
to your working directory.
73+
74+
:param cert_path: (optional) The path to the certificate file.
75+
:returns: An ``SSLContext`` correctly set up for HTTP/2.
6876
"""
6977
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
7078
context.set_default_verify_paths()
71-
context.load_verify_locations(cafile=cert_loc)
79+
context.load_verify_locations(cafile=cert_path or cert_loc)
7280
context.verify_mode = ssl.CERT_REQUIRED
7381
context.check_hostname = True
7482

test/test_SSLContext.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ class TestSSLContext(object):
1313
"""
1414
def test_default_context(self):
1515
# Create default SSLContext
16-
hyper.tls._context = hyper.tls._init_context()
16+
hyper.tls._context = hyper.tls.init_context()
1717
assert hyper.tls._context.check_hostname == True
1818
assert hyper.tls._context.verify_mode == ssl.CERT_REQUIRED
1919
assert hyper.tls._context.options & ssl.OP_NO_COMPRESSION != 0

test/test_integration.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727

2828
# Turn off certificate verification for the tests.
2929
if ssl is not None:
30-
hyper.tls._context = hyper.tls._init_context()
30+
hyper.tls._context = hyper.tls.init_context()
3131
hyper.tls._context.check_hostname = False
3232
hyper.tls._context.verify_mode = ssl.CERT_NONE
3333

test/test_integration_http11.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414

1515
# Turn off certificate verification for the tests.
1616
if ssl is not None:
17-
hyper.tls._context = hyper.tls._init_context()
17+
hyper.tls._context = hyper.tls.init_context()
1818
hyper.tls._context.check_hostname = False
1919
hyper.tls._context.verify_mode = ssl.CERT_NONE
2020

0 commit comments

Comments
 (0)