1from .ssl_ import create_urllib3_context, resolve_cert_reqs, resolve_ssl_version 2 3 4def connection_requires_http_tunnel( 5 proxy_url=None, proxy_config=None, destination_scheme=None 6): 7 """ 8 Returns True if the connection requires an HTTP CONNECT through the proxy. 9 10 :param URL proxy_url: 11 URL of the proxy. 12 :param ProxyConfig proxy_config: 13 Proxy configuration from poolmanager.py 14 :param str destination_scheme: 15 The scheme of the destination. (i.e https, http, etc) 16 """ 17 # If we're not using a proxy, no way to use a tunnel. 18 if proxy_url is None: 19 return False 20 21 # HTTP destinations never require tunneling, we always forward. 22 if destination_scheme == "http": 23 return False 24 25 # Support for forwarding with HTTPS proxies and HTTPS destinations. 26 if ( 27 proxy_url.scheme == "https" 28 and proxy_config 29 and proxy_config.use_forwarding_for_https 30 ): 31 return False 32 33 # Otherwise always use a tunnel. 34 return True 35 36 37def create_proxy_ssl_context( 38 ssl_version, cert_reqs, ca_certs=None, ca_cert_dir=None, ca_cert_data=None 39): 40 """ 41 Generates a default proxy ssl context if one hasn't been provided by the 42 user. 43 """ 44 ssl_context = create_urllib3_context( 45 ssl_version=resolve_ssl_version(ssl_version), 46 cert_reqs=resolve_cert_reqs(cert_reqs), 47 ) 48 if ( 49 not ca_certs 50 and not ca_cert_dir 51 and not ca_cert_data 52 and hasattr(ssl_context, "load_default_certs") 53 ): 54 ssl_context.load_default_certs() 55 56 return ssl_context 57