Add ssl_contex parameter to the HTTP and HTTP11 constructors

Update the abstraction and SSLContext tests to take the new ssl_context parameter into account.

Author: jdecuyper

hyper/common/connection.py

@@ -39,20 +39,24 @@ class HTTPConnection(object):
     :param enable_push: (optional) Whether the server is allowed to push
         resources to the client (see
         :meth:`get_pushes() <hyper.HTTP20Connection.get_pushes>`).
+    :param ssl_context: (optional) A class with custom certificate settings.
+        If not provided then hyper's default SSLContext is used instead.
     """
     def __init__(self,
                  host,
                  port=None,
                  secure=None,
                  window_manager=None,
                  enable_push=False,
+                 ssl_context=None,
                  **kwargs):
 
         self._host = host
         self._port = port
-        self._h1_kwargs = {'secure': secure}
+        self._h1_kwargs = {'secure': secure, 'ssl_context': ssl_context}
         self._h2_kwargs = {
-            'window_manager': window_manager, 'enable_push': enable_push
+            'window_manager': window_manager, 'enable_push': enable_push,
+            'ssl_context': ssl_context
         }
 
         # Add any unexpected kwargs to both dictionaries.

hyper/http11/connection.py

@@ -43,8 +43,11 @@ class HTTP11Connection(object):
     :param secure: (optional) Whether the request should use TLS. Defaults to
         ``False`` for most requests, but to ``True`` for any request issued to
         port 443.
+    :param ssl_context: (optional) A class with custom certificate settings.
+        If not provided then hyper's default SSLContext is used instead.
     """
-    def __init__(self, host, port=None, secure=None, **kwargs):
+    def __init__(self, host, port=None, secure=None, ssl_context=None,
+                 **kwargs):
         if port is None:
             try:
                 self.host, self.port = host.split(':')
@@ -64,6 +67,7 @@ def __init__(self, host, port=None, secure=None, **kwargs):
         else:
             self.secure = False
 
+        self.ssl_context = ssl_context
         self._sock = None
 
         #: The size of the in-memory buffer used to store data from the
@@ -88,7 +92,7 @@ def connect(self):
             proto = None
 
             if self.secure:
-                sock, proto = wrap_socket(sock, self.host)
+                sock, proto = wrap_socket(sock, self.host, self.ssl_context)
 
             log.debug("Selected NPN protocol: %s", proto)
             sock = BufferedSocket(sock, self.network_buffer_size)

hyper/tls.py

@@ -30,6 +30,7 @@ def wrap_socket(sock, server_hostname, ssl_context=None):
     """
     global _context
 
+    # create the singleton SSLContext we use
     if _context is None:  # pragma: no cover
         _context = _init_context()
 
@@ -63,7 +64,7 @@ def wrap_socket(sock, server_hostname, ssl_context=None):
 
 def _init_context():
     """
-    Creates the singleton SSLContext we use.
+    Create a pre-configured SSLContext.
     """
     context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
     context.set_default_verify_paths()

test/test_SSLContext.py

@@ -3,7 +3,7 @@
 Tests the hyper SSLContext.
 """
 import hyper
-from hyper import HTTP20Connection
+from hyper.common.connection import HTTPConnection
 from hyper.compat import ssl
 import pytest
 
@@ -34,16 +34,16 @@ def test_custom_context(self):
         assert hyper.tls._context.options & ssl.OP_NO_COMPRESSION == 0
 
 
-    def test_http20Connection_with_custom_context(self):
+    def test_HTTPConnection_with_custom_context(self):
         context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
         context.set_default_verify_paths()
         context.verify_mode = ssl.CERT_REQUIRED
         context.check_hostname = True
         context.set_npn_protocols(['h2', 'h2-15'])
         context.options |= ssl.OP_NO_COMPRESSION
-        
-        conn = HTTP20Connection('http2bin.org:443', ssl_context=context)
-        
+
+        conn = HTTPConnection('http2bin.org', 443, ssl_context=context)
+
         assert conn.ssl_context.check_hostname == True
         assert conn.ssl_context.verify_mode == ssl.CERT_REQUIRED
         assert conn.ssl_context.options & ssl.OP_NO_COMPRESSION != 0

test/test_abstraction.py

@@ -8,23 +8,25 @@ class TestHTTPConnection(object):
     def test_h1_kwargs(self):
         c = HTTPConnection(
             'test', 443, secure=False, window_manager=True, enable_push=True,
-            other_kwarg=True
+            ssl_context=False, other_kwarg=True
         )
 
         assert c._h1_kwargs == {
             'secure': False,
+            'ssl_context': False,
             'other_kwarg': True,
         }
 
     def test_h2_kwargs(self):
         c = HTTPConnection(
             'test', 443, secure=False, window_manager=True, enable_push=True,
-            other_kwarg=True
+            ssl_context=True, other_kwarg=True
         )
 
         assert c._h2_kwargs == {
             'window_manager': True,
             'enable_push': True,
+            'ssl_context': True,
             'other_kwarg': True,
         }