NeoAnd/transcrevezap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4430a2ec2799e96ec03bf894c5562a91ebc2134c
transcrevezap/.venv/Lib/site-packages/pip_system_certs/wrapt_requests.py
Impacte AI 449d6cffe4 primeira versão transcreve audio
2024-11-29 13:51:10 -03:00

82 lines
3.7 KiB
Python
Raw Blame History

from __future__ import absolute_import
import warnings
import wrapt
## Enable the import to enable type hinting / code navigation below
# import pip._vendor.requests.adapters
# pip master has most commands moved into _internal folder
@wrapt.when_imported('requests')
@wrapt.when_imported('pip._vendor.requests')
# Support for pipenv v2022.8.5
@wrapt.when_imported('pipenv.patched.pip._vendor.requests')
# Support for pipenv older than v2022.8.5
@wrapt.when_imported('pipenv.patched.notpip._vendor.requests')
def apply_patches(requests):
override_ssl_handler(requests.adapters.HTTPAdapter)
def override_ssl_handler(adapter):
# type: (pip._vendor.requests.adapters.HTTPAdapter) -> None
def init_poolmanager(wrapped, _instance, args, kwargs):
# type: (pip._vendor.requests.adapters.HTTPAdapter.init_poolmanager, None, list, dict) -> None
import ssl
ssl_context = ssl.create_default_context()
ssl_context.load_default_certs()
kwargs['ssl_context'] = ssl_context
wrapped(*args, **kwargs)
def cert_verify(wrapped, _instance, args, kwargs):
# type: (pip._vendor.requests.adapters.HTTPAdapter.cert_verify, None, list, dict) -> None
wrapped(*args, **kwargs)
# By default Python requests uses the ca_certs from the certifi module
# But we want to use the certificate store instead.
# By clearing the ca_certs variable we force it to fall back on that behaviour (handled in urllib3)
if "conn" in kwargs:
conn = kwargs["conn"]
else:
conn = args[0]
# our default ssl_context we created from init_poolmanager() has these attributes set:
# - check_hostname == True
# - verify_mode == VerifyMode.CERT_REQUIRED
# this ssl_context gets passed all the way down to the HTTPSConnection object from urllib3
# and urllib3 wants to set ssl_context.verify_mode depending on the verify parameter
# (verify is either a bool where False becomes CERT_NONE; or a string pointing to ca bundle)
# However, the SSLContext class doesnt allow this while check_hostname is True
# Therefore, we reset check_hostname in case cert_verify() got called with verify == False
if "verify" in kwargs:
verify = kwargs["verify"]
elif len(args) > 2:
verify = args[2]
else:
# this is not reachable because there is no default for this parameter
# but it prepares us in case urllib3 might add a default one day
verify = True
warnings.warn(
"Mandatory verify parameter not given, falling back to True.\n"
"This may or may not be intended behavior and is probably related to an unsupported version of urllib3\n"
"Please report an issue at https://gitlab.com/alelec/pip-system-certs with your\n"
"python version included in the description\n"
)
if not verify:
try:
conn.conn_kw["ssl_context"].check_hostname = False
except (AttributeError, TypeError, KeyError):
warnings.warn(
"Failed to patch SSL settings for unverified requests (unsupported version of urllib3?)\n"
"This may lead to errors when urllib3 tries to modify verify_mode.\n"
"Please report an issue at https://gitlab.com/alelec/pip-system-certs with your\n"
"python version included in the description\n"
)
conn.ca_certs = None
wrapt.wrap_function_wrapper(adapter, 'init_poolmanager', init_poolmanager)
wrapt.wrap_function_wrapper(adapter, 'cert_verify', cert_verify)
Reference in New Issue View Git Blame Copy Permalink