def test_is_ipaddress_false(addr): assert not ssl_.is_ipaddress(addr)
def test_is_ipaddress_true(addr): assert ssl_.is_ipaddress(addr)
def test_is_ipaddress_false(self, addr): assert not ssl_.is_ipaddress(addr)
def test_is_ipaddress_true(self, addr): assert ssl_.is_ipaddress(addr)
def test_is_ipaddress_false(self, addr: Union[bytes, str]) -> None: assert not ssl_.is_ipaddress(addr)
def __init__(self, hostname, username=None, password=None, authinfo=None, protocol=None, port=None, verify_ssl=None): super(Session, self).__init__() # Determine whether or not server SSL certificates should be verified. if verify_ssl is None: verify_ssl = os.environ.get('SSLREQCERT', 'yes') verify_ssl = str(verify_ssl).lower() not in ('no', 'false') self._id = uuid4().hex self.message_log = logger.getChild('session.%s' % self._id) # If certificate path has already been set for SWAT package, make # Requests module reuse it. for k in ['SSLCALISTLOC', 'CAS_CLIENT_SSL_CA_LIST']: if k in os.environ: os.environ['REQUESTS_CA_BUNDLE'] = os.environ[k] break # If certificate path hasn't been specified in either environment # variable, replace the default adapter with one that will use the # machine's default SSL _settings. if 'REQUESTS_CA_BUNDLE' not in os.environ: if verify_ssl: # Skip hostname verification if IP address specified instead # of DNS name. Prevents error from urllib3. try: from urllib3.util.ssl_ import is_ipaddress except ImportError: # is_ipaddres not present in older versions of urllib3 def is_ipaddress(hst): return re.match(r"^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$", hst) verify_hostname = not is_ipaddress(hostname) adapter = SSLContextAdapter(assert_hostname=verify_hostname) self.mount('https://', adapter) else: # Every request will generate an InsecureRequestWarning from urllib3.exceptions import InsecureRequestWarning warnings.simplefilter('default', InsecureRequestWarning) self.filters = DEFAULT_FILTERS # Used for context manager self._old_session = None # Reuse an existing CAS connection if possible if swat and isinstance(hostname, swat.CAS): if isinstance(hostname._sw_connection, swat.cas.rest.connection.REST_CASConnection): import base64 # Use the httpAddress action to retieve information about # REST endpoints httpAddress = hostname.get_action('builtins.httpAddress') address = httpAddress() domain = address.virtualHost # httpAddress action may return virtualHost = '' # if this happens, try the CAS host if not domain: domain = hostname._sw_connection._current_hostname protocol = address.protocol port = address.port auth = hostname._sw_connection._auth.decode('utf-8').replace( 'Basic ', '') username, password = base64.b64decode(auth).decode( 'utf-8').split(':') else: raise ValueError("A 'swat.CAS' session can only be reused " "when it's connected via the REST APIs.") else: url = urlsplit(hostname) # Extract http/https from domain name if present and protocl not # explicitly given protocol = protocol or url.scheme domain = url.hostname or str(hostname) self._settings = { 'protocol': protocol or 'https', 'domain': domain, 'port': port, 'username': username, 'password': password } if self._settings['password'] is None: # Try to get credentials from .authinfo or .netrc files. # If no file path was specified, the default locations will # be checked. if 'swat' in sys.modules: auth = swat.utils.authinfo.query_authinfo(domain, user=username, path=authinfo) self._settings['username'] = auth.get('user') self._settings['password'] = auth.get('password') # Not able to load credentials using SWAT. Try Netrc. # TODO: IF a username was specified, verify that the credentials # found are for that username. if self._settings['password'] is None: try: parser = netrc.netrc(authinfo) values = parser.authenticators(domain) if values: self._settings['username'], \ _, \ self._settings['password'] = values except (OSError, IOError): pass # netrc throws if $HOME is not set self.verify = verify_ssl self.auth = HTTPBearerAuth(self.get_token()) if current_session() is None: current_session(self)