@@ -23,12 +23,15 @@ class Urllib3HttpConnection(Connection):
2323 :arg ssl_version: version of the SSL protocol to use. Choices are:
2424 SSLv23 (default) SSLv2 SSLv3 TLSv1 (see ``PROTOCOL_*`` constants in the
2525 ``ssl`` module for exact options for your environment).
26+ :arg ssl_assert_hostname: use hostname verification if not `False`
27+ :arg ssl_assert_fingerprint: verify the supplied certificate fingerprint if not `None`
2628 :arg maxsize: the maximum number of connections which will be kept open to
2729 this host.
2830 """
2931 def __init__ (self , host = 'localhost' , port = 9200 , http_auth = None ,
3032 use_ssl = False , verify_certs = False , ca_certs = None , client_cert = None ,
31- ssl_version = None , maxsize = 10 , ** kwargs ):
33+ ssl_version = None , ssl_assert_hostname = None , ssl_assert_fingerprint = None ,
34+ maxsize = 10 , ** kwargs ):
3235
3336 super (Urllib3HttpConnection , self ).__init__ (host = host , port = port , ** kwargs )
3437 self .headers = urllib3 .make_headers (keep_alive = True )
@@ -41,12 +44,18 @@ def __init__(self, host='localhost', port=9200, http_auth=None,
4144 kw = {}
4245 if use_ssl :
4346 pool_class = urllib3 .HTTPSConnectionPool
44- kw ['ssl_version' ] = ssl_version
47+ kw .update ({
48+ 'ssl_version' : ssl_version ,
49+ 'assert_hostname' : ssl_assert_hostname ,
50+ 'assert_fingerprint' : ssl_assert_fingerprint ,
51+ })
4552
4653 if verify_certs :
47- kw ['cert_reqs' ] = 'CERT_REQUIRED'
48- kw ['ca_certs' ] = ca_certs
49- kw ['cert_file' ] = client_cert
54+ kw .update ({
55+ 'cert_reqs' : 'CERT_REQUIRED' ,
56+ 'ca_certs' : ca_certs ,
57+ 'cert_file' : client_cert ,
58+ })
5059 elif ca_certs :
5160 raise ImproperlyConfigured ("You cannot pass CA certificates when verify SSL is off." )
5261 else :
0 commit comments