mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-08-04 17:08:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

Issue #14780: urllib.request.urlopen() now has a cadefault argument to use the default certificate store.

Browse source 
Initial patch by James Oakley.
This commit is contained in:
Antoine Pitrou 2012-05-16 21:40:01 +02:00
parent 5d953184a6
commit de9ac6c2e5
5 changed files with 30 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

11
Lib/urllib/request.py
View file

@ -135,16 +135,19 @@ __version__ = sys.version[:3]
_opener = None
def urlopen(url, data=None, timeout=socket._GLOBAL_DEFAULT_TIMEOUT,
*, cafile=None, capath=None):
*, cafile=None, capath=None, cadefault=False):
global _opener
if cafile or capath:
if cafile or capath or cadefault:
if not _have_ssl:
raise ValueError('SSL support not available')
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
context.options |= ssl.OP_NO_SSLv2
if cafile or capath:
if cafile or capath or cadefault:
context.verify_mode = ssl.CERT_REQUIRED
context.load_verify_locations(cafile, capath)
if cafile or capath:
context.load_verify_locations(cafile, capath)
else:
context.set_default_verify_paths()
check_hostname = True
else:
check_hostname = False