def __init__(self, cipher_suite=None, **kwargs):
self.cipher_suite = cipher_suite
super(CipherSuiteAdapter, self).__init__(**kwargs)
if hasattr(ssl, 'PROTOCOL_TLS'):
self.ssl_context = create_urllib3_context(ssl_version=getattr(ssl, 'PROTOCOL_TLSv1_3', ssl.PROTOCOL_TLSv1_2), ciphers=self.cipher_suite)
else:
self.ssl_context = create_urllib3_context(ssl_version=ssl.PROTOCOL_TLSv1)
def __init__(self, url):
try:
self.url = url
create_urllib3_context()
self.parser = UrlParser(self.url)
self.response_arr = [
grequests.get(url) for url in self.parser.urls
]
self.res = []
except Exception as E:
raise E
def __init__(self, cipherSuite=None, **kwargs):
self.cipherSuite = cipherSuite
if hasattr(ssl, 'PROTOCOL_TLS'):
self.ssl_context = create_urllib3_context(
ssl_version=getattr(ssl, 'PROTOCOL_TLSv1_3', ssl.PROTOCOL_TLSv1_2),
ciphers=self.cipherSuite
)
else:
self.ssl_context = create_urllib3_context(ssl_version=ssl.PROTOCOL_TLSv1)
super(CipherSuiteAdapter, self).__init__(**kwargs)
def init_poolmanager(self, *args, **kwargs):
"""Overrides the parent method to include call to load_default_certs()"""
context = create_urllib3_context()
kwargs['ssl_context'] = context
context.load_default_certs(
) # this loads the OS default trusted CA certs
return super(SSLContextAdapter, self).init_poolmanager(*args, **kwargs)
def init_poolmanager(self, *args, **kwargs):
context = create_urllib3_context(
ciphers=
'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:!DH'
)
kwargs['ssl_context'] = context
return super(NODHAdapter, self).init_poolmanager(*args, **kwargs)
def init_poolmanager(self, connections, maxsize, block=DEFAULT_POOLBLOCK, **pool_kwargs):
"""
Initialize the connection pool manager.
Args:
connections (int): Initial number of connections to be used.
maxsize (int): Maximum size of the connection pool.
block (object): Blocking policy.
**pool_kwargs: Additional arguments for the connection pool.
Returns:
None
"""
if self._cbc_sdk_force_tls_1_2 and REQUESTS_HAS_URLLIB_SSL_CONTEXT:
# Force the use of TLS v1.2 when talking to this Cb Response server.
context = create_urllib3_context(ciphers=('TLSv1.2:!aNULL:!eNULL:!MD5'))
context.options |= ssl.OP_NO_SSLv2
context.options |= ssl.OP_NO_SSLv3
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1
pool_kwargs['ssl_context'] = context
if not self._cbc_sdk_verify_hostname:
# Provide the ability to validate a Carbon Black server's SSL certificate without validating the hostname
# (by default Carbon Black certificates are "issued" as CN=Self-signed Carbon Black Enterprise Server
# HTTPS Certificate)
pool_kwargs["assert_hostname"] = False
return super(CBCSDKSessionAdapter, self).init_poolmanager(connections, maxsize, block, **pool_kwargs)
def init_poolmanager(self, connections, maxsize, block=False):
context = create_urllib3_context(ciphers=CIPHERS)
self.poolmanager = PoolManager(num_pools=connections,
maxsize=maxsize,
block=block,
ssl_version=ssl.PROTOCOL_TLSv1,
ssl_context=context)
def proxy_manager_for(self, proxy, **proxy_kwargs):
"""Ensure cipher and Tlsv1"""
context = create_urllib3_context(ciphers=self.CIPHERS,
ssl_version=ssl.PROTOCOL_TLSv1)
proxy_kwargs['ssl_context'] = context
return super(TLSv1Adapter,
self).proxy_manager_for(proxy, **proxy_kwargs)
def __init__(self, cipher_suite=None, **kwargs):
self.cipher_suite = cipher_suite
self.ssl_context = create_urllib3_context(ssl_version=ssl.PROTOCOL_TLS,
ciphers=self.cipher_suite)
super(CipherSuiteAdapter, self).__init__(**kwargs)
def proxy_manager_for(self, *args, **kwargs):
context = create_urllib3_context()
if self.ctx_options is not None:
context._ctx.use_certificate(self.ctx_options.get('cert'))
context._ctx.use_privatekey(self.ctx_options.get('key'))
context._ctx.load_verify_locations(self.ctx_options.get('cafile'))
kwargs['ssl_context'] = context
return super(CustomHTTPSAdapter, self).proxy_manager_for(*args, **kwargs)
def init_poolmanager(self, *args, **kwargs):
context = create_urllib3_context()
if self.ctx_options is not None:
# Probably there is a better (pythonic) way to setting this up
context._ctx.use_certificate(self.ctx_options.get('cert'))
context._ctx.use_privatekey(self.ctx_options.get('key'))
context._ctx.load_verify_locations(self.ctx_options.get('cafile'))
kwargs['ssl_context'] = context
return super(CustomHTTPSAdapter, self).init_poolmanager(*args, **kwargs)
def init_poolmanager(self, *pool_args, **pool_kwargs):
ctx = ssl_.create_urllib3_context(ssl.PROTOCOL_TLS)
# extend the default context options, which is to disable SSL2, SSL3
# and SSL compression, see:
# https://github.com/shazow/urllib3/blob/6a6cfe9/urllib3/util/ssl_.py#L241
ctx.options |= self.ssl_options
self.poolmanager = PoolManager(*pool_args,
ssl_context=ctx,
**pool_kwargs)
def init_poolmanager(self, connections, maxsize,
block=requests.adapters.DEFAULT_POOLBLOCK,
**pool_kwargs):
"""Initialize poolmanager with cipher and Tlsv1"""
context = create_urllib3_context(ciphers=self.CIPHERS,
ssl_version=ssl.PROTOCOL_TLSv1)
pool_kwargs['ssl_context'] = context
return super(TLSv1Adapter, self).init_poolmanager(connections, maxsize,
block, **pool_kwargs)
def get_connection(self, *args, **kwargs):
from requests.packages.urllib3.util.ssl_ import create_urllib3_context, DEFAULT_CIPHERS####
DEFAULT_CIPHERS += ":!ECDHE+SHA:!AES128-SHA"######
conn = super(CloudflareAdapter, self).get_connection(*args, **kwargs)
if conn.conn_kw.get("ssl_context"):
conn.conn_kw["ssl_context"].set_ciphers(DEFAULT_CIPHERS)
else:
context = create_urllib3_context(ciphers=DEFAULT_CIPHERS)
conn.conn_kw["ssl_context"] = context
return conn
def new_connect(self, **httplib_request_kw):
# Add certificate verification
conn = self._new_conn()
import datetime
hostname = self.host
if getattr(self, '_tunnel_host', None):
# _tunnel_host was added in Python 2.6.3
# (See: http://hg.python.org/cpython/rev/0f57b30a152f)
self.sock = conn
# Calls self._set_hostport(), so self.host is
# self._tunnel_host below.
self._tunnel()
# Mark this connection as not reusable
self.auto_open = 0
# Override the host with the one we're requesting data from.
hostname = self._tunnel_host
if 'Host' in httplib_request_kw['headers']:
hostname = httplib_request_kw['headers']['Host']
# Wrap socket using verification with the root certs in
# trusted_root_certs
if self.ssl_context is None:
self.ssl_context = create_urllib3_context(
ssl_version=resolve_ssl_version(self.ssl_version),
cert_reqs=resolve_cert_reqs(self.cert_reqs),
)
context = self.ssl_context
context.verify_mode = resolve_cert_reqs(self.cert_reqs)
self.sock = ssl_wrap_socket(sock=conn,
keyfile=self.key_file,
certfile=self.cert_file,
ca_certs=self.ca_certs,
ca_cert_dir=self.ca_cert_dir,
server_hostname=hostname,
ssl_context=context)
if self.assert_fingerprint:
assert_fingerprint(self.sock.getpeercert(binary_form=True),
self.assert_fingerprint)
elif context.verify_mode != ssl.CERT_NONE \
and self.assert_hostname is not False:
cert = self.sock.getpeercert()
if not cert.get('subjectAltName', ()):
warnings.warn((
'Certificate for {0} has no `subjectAltName`, falling back to check for a '
'`commonName` for now. This feature is being removed by major browsers and '
'deprecated by RFC 2818. (See https://github.com/shazow/urllib3/issues/497 '
'for details.)'.format(hostname)), SubjectAltNameWarning)
_match_hostname(cert, self.assert_hostname or hostname)
self.is_verified = (context.verify_mode == ssl.CERT_REQUIRED
or self.assert_fingerprint is not None)
def loadCipherSuite(self):
if self.cipherSuite:
return self.cipherSuite
if hasattr(ssl, 'PROTOCOL_TLS') or hasattr(ssl, 'PROTOCOL_TLSv1_2'):
for cipher in self.user_agent.cipherSuite[:]:
try:
create_urllib3_context(
getattr(ssl, 'PROTOCOL_TLS', ssl.PROTOCOL_TLSv1_2),
ciphers=cipher
)
except (OpenSSL.SSL.Error, ssl.SSLError):
self.user_agent.cipherSuite.remove(cipher)
pass
if self.user_agent.cipherSuite:
self.cipherSuite = ':'.join(self.user_agent.cipherSuite)
return self.cipherSuite
raise RuntimeError("Your SSL compiled in python does not meet the minimum cipher suite requirements.")
def init_poolmanager(self, *pool_args, **pool_kwargs):
ctx = ssl_.create_urllib3_context(
ciphers=':'.join(self.CIPHERS),
cert_reqs=ssl.CERT_REQUIRED,
options=self.ssl_options
)
self.poolmanager = PoolManager(
*pool_args,
ssl_context=ctx,
**pool_kwargs
)
def __init__(self, cipherSuite=None, **kwargs):
self.cipherSuite = cipherSuite
self.ssl_context = create_urllib3_context(ssl_version=getattr(
ssl, 'PROTOCOL_TLS', ssl.PROTOCOL_TLSv1_2),
ciphers=self.cipherSuite)
self.ssl_context.options |= ssl.OP_NO_SSLv2
self.ssl_context.options |= ssl.OP_NO_SSLv3
self.ssl_context.options |= ssl.OP_NO_TLSv1
self.ssl_context.options |= ssl.OP_NO_TLSv1_1
super(CipherSuiteAdapter, self).__init__(**kwargs)
def __init__(self, cert, key):
import certifi
from OpenSSL import crypto
import urllib3.contrib.pyopenssl # type: ignore
urllib3.contrib.pyopenssl.inject_into_urllib3()
pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, key)
x509 = crypto.load_certificate(crypto.FILETYPE_PEM, cert)
ctx_poolmanager = create_urllib3_context()
ctx_poolmanager.load_verify_locations(cafile=certifi.where())
ctx_poolmanager._ctx.use_certificate(x509)
ctx_poolmanager._ctx.use_privatekey(pkey)
self._ctx_poolmanager = ctx_poolmanager
ctx_proxymanager = create_urllib3_context()
ctx_proxymanager.load_verify_locations(cafile=certifi.where())
ctx_proxymanager._ctx.use_certificate(x509)
ctx_proxymanager._ctx.use_privatekey(pkey)
self._ctx_proxymanager = ctx_proxymanager
super(_MutualTlsAdapter, self).__init__()
def init_poolmanager(self,
connections,
maxsize,
block=False,
**pool_kwargs):
self._pool_connections = connections
self._pool_maxsize = maxsize
self._pool_block = block
ssl_context = create_urllib3_context(ciphers=CIPHERS)
self.poolmanager = PoolManager(num_pools=connections,
maxsize=maxsize,
block=block,
strict=True,
ssl_context=ssl_context,
**pool_kwargs)
def init_poolmanager(self, connections, maxsize, block=DEFAULT_POOLBLOCK, **pool_kwargs):
if self._cbapi_force_tls_1_2:
# Force the use of TLS v1.2 when talking to this Cb Response server.
context = create_urllib3_context(ciphers=('TLSv1.2:!aNULL:!eNULL:!MD5'))
context.options |= ssl.OP_NO_SSLv2
context.options |= ssl.OP_NO_SSLv3
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1
pool_kwargs['ssl_context'] = context
if not self._cbapi_verify_hostname:
# Provide the ability to validate a Carbon Black server's SSL certificate without validating the hostname
# (by default Carbon Black certificates are "issued" as CN=Self-signed Carbon Black Enterprise Server
# HTTPS Certificate)
pool_kwargs["assert_hostname"] = False
return super(CbAPISessionAdapter, self).init_poolmanager(connections, maxsize, block, **pool_kwargs)
def init_poolmanager(self, connections, maxsize, block=DEFAULT_POOLBLOCK, **pool_kwargs):
if self._cbapi_force_tls_1_2 and REQUESTS_HAS_URLLIB_SSL_CONTEXT:
# Force the use of TLS v1.2 when talking to this Cb Response server.
context = create_urllib3_context(ciphers=('TLSv1.2:!aNULL:!eNULL:!MD5'))
context.options |= ssl.OP_NO_SSLv2
context.options |= ssl.OP_NO_SSLv3
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1
pool_kwargs['ssl_context'] = context
if not self._cbapi_verify_hostname:
# Provide the ability to validate a Carbon Black server's SSL certificate without validating the hostname
# (by default Carbon Black certificates are "issued" as CN=Self-signed Carbon Black Enterprise Server
# HTTPS Certificate)
pool_kwargs["assert_hostname"] = False
return super(CbAPISessionAdapter, self).init_poolmanager(connections, maxsize, block, **pool_kwargs)
def init_poolmanager(self, connections, maxsize, block, *args, **kwargs):
context = create_urllib3_context(ciphers=CIPHERS)
kwargs['ssl_context'] = context
return super(SSLAdapter, self).init_poolmanager(
connections, maxsize, block, *args, **kwargs
)
def init_poolmanager(self, *args, **kwargs):
context = create_urllib3_context()
kwargs['ssl_context'] = context
context.load_default_certs() # this loads the OS defaults on Windows
return super(SSLContextAdapter, self).init_poolmanager(*args, **kwargs)
def proxy_manager_for(self, *args, **kwargs):
kwargs['ssl_context'] = create_urllib3_context(
ciphers=self.cipher_suite)
return super(CipherSuiteAdapter,
self).proxy_manager_for(*args, **kwargs)
import gevent
from gevent import monkey
import requests
from pyquery import PyQuery as pq
import threading
from requests.packages.urllib3.util.ssl_ import create_urllib3_context
create_urllib3_context()
monkey.patch_all() # 对所有io操作打上补丁,固定加这一句
def get_title(i):
print(threading.current_thread().name) # 打印出当前线程名称
url = 'https://movie.douban.com/top250?start={}&filter='.format(i * 25)
headers = {
'User-Agent':
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36'
}
res = requests.get(url=url, headers=headers)
doc = pq(res.text)
ids = doc('.pic').items()
for id in ids:
print({id.text(): id.find('img').attr('alt')})
gevent.joinall([gevent.spawn(get_title, i) for i in range(10)])
def proxy_manager_for(self, *args, **kwargs):
context = create_urllib3_context(ciphers=CIPHERS)
kwargs['ssl_context'] = context
return super(DESAdapter, self).proxy_manager_for(*args, **kwargs)
def __init__(self, default_timeout):
self.default_timeout = default_timeout
self.ssl_context = create_urllib3_context(ciphers="ECDHE+AESGCM:!ECDSA") # avoid DH_KEY_TOO_SMALL error
super().__init__(
max_retries=Retry(total=4, backoff_factor=2, status_forcelist=[500, 502, 503, 504])
)
def init_poolmanager(self, *args, **kwargs):
context = create_urllib3_context(ciphers=CIPHERS)
kwargs['ssl_context'] = context
return super(DESAdapter, self).init_poolmanager(*args, **kwargs)
def init_poolmanager(self, *args, **kwargs):
# Override poolmanager setup to stash a copy of the context
# for later access.
self.context = create_urllib3_context()
kwargs['ssl_context'] = self.context
return super().init_poolmanager(*args, **kwargs)
def init_poolmanager(self, *args, **kwargs):
kwargs['ssl_context'] = create_urllib3_context(
ciphers=self.cipherSuite)
return super(CipherSuiteAdapter,
self).init_poolmanager(*args, **kwargs)
def proxy_manager_for(self, *args, **kwargs):
context = create_urllib3_context()
context.load_verify_locations(cadata=keychain.get_truststore_data())
kwargs['ssl_context'] = context
return super().proxy_manager_for(*args, **kwargs)
import requests
# https://github.com/requests/requests/issues/3833
# https://github.com/requests/requests/issues/4046
CIPHERS = (
'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:'
'ECDH+HIGH:DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+HIGH:'
'RSA+3DES:ECDH+RC4:DH+RC4:RSA+RC4:!aNULL:!eNULL:!MD5'
)
#CIPHERS=('ALL:!aNULL:!SSLv2:!LOW:!EXP:!MD5')
#CIPHERS = (
# 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:'
# 'ECDH+HIGH:DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+HIGH:'
# 'RSA+3DES:ECDH+RC4:DH+RC4:RSA+RC4:!aNULL:!eNULL:!EXP:-MD5:RSA+RC4+MD5'
# )
context = create_urllib3_context(ciphers=CIPHERS,ssl_version=ssl.PROTOCOL_TLSv1)
class TLSAdapter(HTTPAdapter):
def init_poolmanager(self, *args, **kwargs):
kwargs['ssl_context'] = context
return super(TLSAdapter, self).init_poolmanager(*args, **kwargs)
def proxy_manager_for(self, *args, **kwargs):
kwargs['ssl_context'] = self.create_ssl_context()
return super(TLSAdapter, self).proxy_manager_for(*args, **kwargs)
# session = requests.Session()
# session.mount('https://', TLSAdapter())
# session.get('https://www.jpxgyw.com')
