Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/urllib3/connectionpool.py: 20%

1from __future__ import absolute_import 

2 

3import errno 

4import logging 

5import re 

6import socket 

7import sys 

8import warnings 

9from socket import error as SocketError 

10from socket import timeout as SocketTimeout 

11 

12from ._collections import HTTPHeaderDict 

13from .connection import ( 

14 BaseSSLError, 

15 BrokenPipeError, 

16 DummyConnection, 

17 HTTPConnection, 

18 HTTPException, 

19 HTTPSConnection, 

20 VerifiedHTTPSConnection, 

21 port_by_scheme, 

22) 

23from .exceptions import ( 

24 ClosedPoolError, 

25 EmptyPoolError, 

26 HeaderParsingError, 

27 HostChangedError, 

28 InsecureRequestWarning, 

29 LocationValueError, 

30 MaxRetryError, 

31 NewConnectionError, 

32 ProtocolError, 

33 ProxyError, 

34 ReadTimeoutError, 

35 SSLError, 

36 TimeoutError, 

37) 

38from .packages import six 

39from .packages.six.moves import queue 

40from .request import RequestMethods 

41from .response import HTTPResponse 

42from .util.connection import is_connection_dropped 

43from .util.proxy import connection_requires_http_tunnel 

44from .util.queue import LifoQueue 

45from .util.request import set_file_position 

46from .util.response import assert_header_parsing 

47from .util.retry import Retry 

48from .util.ssl_match_hostname import CertificateError 

49from .util.timeout import Timeout 

50from .util.url import Url, _encode_target 

51from .util.url import _normalize_host as normalize_host 

52from .util.url import get_host, parse_url 

53 

54try: # Platform-specific: Python 3 

55 import weakref 

56 

57 weakref_finalize = weakref.finalize 

58except AttributeError: # Platform-specific: Python 2 

59 from .packages.backports.weakref_finalize import weakref_finalize 

60 

61xrange = six.moves.xrange 

62 

63log = logging.getLogger(__name__) 

64 

65_Default = object() 

66 

67 

68# Pool objects 

69class ConnectionPool(object): 

70 """ 

71 Base class for all connection pools, such as 

72 :class:`.HTTPConnectionPool` and :class:`.HTTPSConnectionPool`. 

73 

74 .. note:: 

75 ConnectionPool.urlopen() does not normalize or percent-encode target URIs 

76 which is useful if your target server doesn't support percent-encoded 

77 target URIs. 

78 """ 

79 

80 scheme = None 

81 QueueCls = LifoQueue 

82 

83 def __init__(self, host, port=None): 

84 if not host: 

85 raise LocationValueError("No host specified.") 

86 

87 self.host = _normalize_host(host, scheme=self.scheme) 

88 self._proxy_host = host.lower() 

89 self.port = port 

90 

91 def __str__(self): 

92 return "%s(host=%r, port=%r)" % (type(self).__name__, self.host, self.port) 

93 

94 def __enter__(self): 

95 return self 

96 

97 def __exit__(self, exc_type, exc_val, exc_tb): 

98 self.close() 

99 # Return False to re-raise any potential exceptions 

100 return False 

101 

102 def close(self): 

103 """ 

104 Close all pooled connections and disable the pool. 

105 """ 

106 pass 

107 

108 

109# This is taken from http://hg.python.org/cpython/file/7aaba721ebc0/Lib/socket.py#l252 

110_blocking_errnos = {errno.EAGAIN, errno.EWOULDBLOCK} 

111 

112 

113class HTTPConnectionPool(ConnectionPool, RequestMethods): 

114 """ 

115 Thread-safe connection pool for one host. 

116 

117 :param host: 

118 Host used for this HTTP Connection (e.g. "localhost"), passed into 

119 :class:`http.client.HTTPConnection`. 

120 

121 :param port: 

122 Port used for this HTTP Connection (None is equivalent to 80), passed 

123 into :class:`http.client.HTTPConnection`. 

124 

125 :param strict: 

126 Causes BadStatusLine to be raised if the status line can't be parsed 

127 as a valid HTTP/1.0 or 1.1 status line, passed into 

128 :class:`http.client.HTTPConnection`. 

129 

130 .. note:: 

131 Only works in Python 2. This parameter is ignored in Python 3. 

132 

133 :param timeout: 

134 Socket timeout in seconds for each individual connection. This can 

135 be a float or integer, which sets the timeout for the HTTP request, 

136 or an instance of :class:`urllib3.util.Timeout` which gives you more 

137 fine-grained control over request timeouts. After the constructor has 

138 been parsed, this is always a `urllib3.util.Timeout` object. 

139 

140 :param maxsize: 

141 Number of connections to save that can be reused. More than 1 is useful 

142 in multithreaded situations. If ``block`` is set to False, more 

143 connections will be created but they will not be saved once they've 

144 been used. 

145 

146 :param block: 

147 If set to True, no more than ``maxsize`` connections will be used at 

148 a time. When no free connections are available, the call will block 

149 until a connection has been released. This is a useful side effect for 

150 particular multithreaded situations where one does not want to use more 

151 than maxsize connections per host to prevent flooding. 

152 

153 :param headers: 

154 Headers to include with all requests, unless other headers are given 

155 explicitly. 

156 

157 :param retries: 

158 Retry configuration to use by default with requests in this pool. 

159 

160 :param _proxy: 

161 Parsed proxy URL, should not be used directly, instead, see 

162 :class:`urllib3.ProxyManager` 

163 

164 :param _proxy_headers: 

165 A dictionary with proxy headers, should not be used directly, 

166 instead, see :class:`urllib3.ProxyManager` 

167 

168 :param \\**conn_kw: 

169 Additional parameters are used to create fresh :class:`urllib3.connection.HTTPConnection`, 

170 :class:`urllib3.connection.HTTPSConnection` instances. 

171 """ 

172 

173 scheme = "http" 

174 ConnectionCls = HTTPConnection 

175 ResponseCls = HTTPResponse 

176 

177 def __init__( 

178 self, 

179 host, 

180 port=None, 

181 strict=False, 

182 timeout=Timeout.DEFAULT_TIMEOUT, 

183 maxsize=1, 

184 block=False, 

185 headers=None, 

186 retries=None, 

187 _proxy=None, 

188 _proxy_headers=None, 

189 _proxy_config=None, 

190 **conn_kw 

191 ): 

192 ConnectionPool.__init__(self, host, port) 

193 RequestMethods.__init__(self, headers) 

194 

195 self.strict = strict 

196 

197 if not isinstance(timeout, Timeout): 

198 timeout = Timeout.from_float(timeout) 

199 

200 if retries is None: 

201 retries = Retry.DEFAULT 

202 

203 self.timeout = timeout 

204 self.retries = retries 

205 

206 self.pool = self.QueueCls(maxsize) 

207 self.block = block 

208 

209 self.proxy = _proxy 

210 self.proxy_headers = _proxy_headers or {} 

211 self.proxy_config = _proxy_config 

212 

213 # Fill the queue up so that doing get() on it will block properly 

214 for _ in xrange(maxsize): 

215 self.pool.put(None) 

216 

217 # These are mostly for testing and debugging purposes. 

218 self.num_connections = 0 

219 self.num_requests = 0 

220 self.conn_kw = conn_kw 

221 

222 if self.proxy: 

223 # Enable Nagle's algorithm for proxies, to avoid packet fragmentation. 

224 # We cannot know if the user has added default socket options, so we cannot replace the 

225 # list. 

226 self.conn_kw.setdefault("socket_options", []) 

227 

228 self.conn_kw["proxy"] = self.proxy 

229 self.conn_kw["proxy_config"] = self.proxy_config 

230 

231 # Do not pass 'self' as callback to 'finalize'. 

232 # Then the 'finalize' would keep an endless living (leak) to self. 

233 # By just passing a reference to the pool allows the garbage collector 

234 # to free self if nobody else has a reference to it. 

235 pool = self.pool 

236 

237 # Close all the HTTPConnections in the pool before the 

238 # HTTPConnectionPool object is garbage collected. 

239 weakref_finalize(self, _close_pool_connections, pool) 

240 

241 def _new_conn(self): 

242 """ 

243 Return a fresh :class:`HTTPConnection`. 

244 """ 

245 self.num_connections += 1 

246 log.debug( 

247 "Starting new HTTP connection (%d): %s:%s", 

248 self.num_connections, 

249 self.host, 

250 self.port or "80", 

251 ) 

252 

253 conn = self.ConnectionCls( 

254 host=self.host, 

255 port=self.port, 

256 timeout=self.timeout.connect_timeout, 

257 strict=self.strict, 

258 **self.conn_kw 

259 ) 

260 return conn 

261 

262 def _get_conn(self, timeout=None): 

263 """ 

264 Get a connection. Will return a pooled connection if one is available. 

265 

266 If no connections are available and :prop:`.block` is ``False``, then a 

267 fresh connection is returned. 

268 

269 :param timeout: 

270 Seconds to wait before giving up and raising 

271 :class:`urllib3.exceptions.EmptyPoolError` if the pool is empty and 

272 :prop:`.block` is ``True``. 

273 """ 

274 conn = None 

275 try: 

276 conn = self.pool.get(block=self.block, timeout=timeout) 

277 

278 except AttributeError: # self.pool is None 

279 raise ClosedPoolError(self, "Pool is closed.") 

280 

281 except queue.Empty: 

282 if self.block: 

283 raise EmptyPoolError( 

284 self, 

285 "Pool reached maximum size and no more connections are allowed.", 

286 ) 

287 pass # Oh well, we'll create a new connection then 

288 

289 # If this is a persistent connection, check if it got disconnected 

290 if conn and is_connection_dropped(conn): 

291 log.debug("Resetting dropped connection: %s", self.host) 

292 conn.close() 

293 if getattr(conn, "auto_open", 1) == 0: 

294 # This is a proxied connection that has been mutated by 

295 # http.client._tunnel() and cannot be reused (since it would 

296 # attempt to bypass the proxy) 

297 conn = None 

298 

299 return conn or self._new_conn() 

300 

301 def _put_conn(self, conn): 

302 """ 

303 Put a connection back into the pool. 

304 

305 :param conn: 

306 Connection object for the current host and port as returned by 

307 :meth:`._new_conn` or :meth:`._get_conn`. 

308 

309 If the pool is already full, the connection is closed and discarded 

310 because we exceeded maxsize. If connections are discarded frequently, 

311 then maxsize should be increased. 

312 

313 If the pool is closed, then the connection will be closed and discarded. 

314 """ 

315 try: 

316 self.pool.put(conn, block=False) 

317 return # Everything is dandy, done. 

318 except AttributeError: 

319 # self.pool is None. 

320 pass 

321 except queue.Full: 

322 # This should never happen if self.block == True 

323 log.warning( 

324 "Connection pool is full, discarding connection: %s. Connection pool size: %s", 

325 self.host, 

326 self.pool.qsize(), 

327 ) 

328 # Connection never got put back into the pool, close it. 

329 if conn: 

330 conn.close() 

331 

332 def _validate_conn(self, conn): 

333 """ 

334 Called right before a request is made, after the socket is created. 

335 """ 

336 pass 

337 

338 def _prepare_proxy(self, conn): 

339 # Nothing to do for HTTP connections. 

340 pass 

341 

342 def _get_timeout(self, timeout): 

343 """Helper that always returns a :class:`urllib3.util.Timeout`""" 

344 if timeout is _Default: 

345 return self.timeout.clone() 

346 

347 if isinstance(timeout, Timeout): 

348 return timeout.clone() 

349 else: 

350 # User passed us an int/float. This is for backwards compatibility, 

351 # can be removed later 

352 return Timeout.from_float(timeout) 

353 

354 def _raise_timeout(self, err, url, timeout_value): 

355 """Is the error actually a timeout? Will raise a ReadTimeout or pass""" 

356 

357 if isinstance(err, SocketTimeout): 

358 raise ReadTimeoutError( 

359 self, url, "Read timed out. (read timeout=%s)" % timeout_value 

360 ) 

361 

362 # See the above comment about EAGAIN in Python 3. In Python 2 we have 

363 # to specifically catch it and throw the timeout error 

364 if hasattr(err, "errno") and err.errno in _blocking_errnos: 

365 raise ReadTimeoutError( 

366 self, url, "Read timed out. (read timeout=%s)" % timeout_value 

367 ) 

368 

369 # Catch possible read timeouts thrown as SSL errors. If not the 

370 # case, rethrow the original. We need to do this because of: 

371 # http://bugs.python.org/issue10272 

372 if "timed out" in str(err) or "did not complete (read)" in str( 

373 err 

374 ): # Python < 2.7.4 

375 raise ReadTimeoutError( 

376 self, url, "Read timed out. (read timeout=%s)" % timeout_value 

377 ) 

378 

379 def _make_request( 

380 self, conn, method, url, timeout=_Default, chunked=False, **httplib_request_kw 

381 ): 

382 """ 

383 Perform a request on a given urllib connection object taken from our 

384 pool. 

385 

386 :param conn: 

387 a connection from one of our connection pools 

388 

389 :param timeout: 

390 Socket timeout in seconds for the request. This can be a 

391 float or integer, which will set the same timeout value for 

392 the socket connect and the socket read, or an instance of 

393 :class:`urllib3.util.Timeout`, which gives you more fine-grained 

394 control over your timeouts. 

395 """ 

396 self.num_requests += 1 

397 

398 timeout_obj = self._get_timeout(timeout) 

399 timeout_obj.start_connect() 

400 conn.timeout = Timeout.resolve_default_timeout(timeout_obj.connect_timeout) 

401 

402 # Trigger any extra validation we need to do. 

403 try: 

404 self._validate_conn(conn) 

405 except (SocketTimeout, BaseSSLError) as e: 

406 # Py2 raises this as a BaseSSLError, Py3 raises it as socket timeout. 

407 self._raise_timeout(err=e, url=url, timeout_value=conn.timeout) 

408 raise 

409 

410 # conn.request() calls http.client.*.request, not the method in 

411 # urllib3.request. It also calls makefile (recv) on the socket. 

412 try: 

413 if chunked: 

414 conn.request_chunked(method, url, **httplib_request_kw) 

415 else: 

416 conn.request(method, url, **httplib_request_kw) 

417 

418 # We are swallowing BrokenPipeError (errno.EPIPE) since the server is 

419 # legitimately able to close the connection after sending a valid response. 

420 # With this behaviour, the received response is still readable. 

421 except BrokenPipeError: 

422 # Python 3 

423 pass 

424 except IOError as e: 

425 # Python 2 and macOS/Linux 

426 # EPIPE and ESHUTDOWN are BrokenPipeError on Python 2, and EPROTOTYPE/ECONNRESET are needed on macOS 

427 # https://erickt.github.io/blog/2014/11/19/adventures-in-debugging-a-potential-osx-kernel-bug/ 

428 if e.errno not in { 

429 errno.EPIPE, 

430 errno.ESHUTDOWN, 

431 errno.EPROTOTYPE, 

432 errno.ECONNRESET, 

433 }: 

434 raise 

435 

436 # Reset the timeout for the recv() on the socket 

437 read_timeout = timeout_obj.read_timeout 

438 

439 # App Engine doesn't have a sock attr 

440 if getattr(conn, "sock", None): 

441 # In Python 3 socket.py will catch EAGAIN and return None when you 

442 # try and read into the file pointer created by http.client, which 

443 # instead raises a BadStatusLine exception. Instead of catching 

444 # the exception and assuming all BadStatusLine exceptions are read 

445 # timeouts, check for a zero timeout before making the request. 

446 if read_timeout == 0: 

447 raise ReadTimeoutError( 

448 self, url, "Read timed out. (read timeout=%s)" % read_timeout 

449 ) 

450 if read_timeout is Timeout.DEFAULT_TIMEOUT: 

451 conn.sock.settimeout(socket.getdefaulttimeout()) 

452 else: # None or a value 

453 conn.sock.settimeout(read_timeout) 

454 

455 # Receive the response from the server 

456 try: 

457 try: 

458 # Python 2.7, use buffering of HTTP responses 

459 httplib_response = conn.getresponse(buffering=True) 

460 except TypeError: 

461 # Python 3 

462 try: 

463 httplib_response = conn.getresponse() 

464 except BaseException as e: 

465 # Remove the TypeError from the exception chain in 

466 # Python 3 (including for exceptions like SystemExit). 

467 # Otherwise it looks like a bug in the code. 

468 six.raise_from(e, None) 

469 except (SocketTimeout, BaseSSLError, SocketError) as e: 

470 self._raise_timeout(err=e, url=url, timeout_value=read_timeout) 

471 raise 

472 

473 # AppEngine doesn't have a version attr. 

474 http_version = getattr(conn, "_http_vsn_str", "HTTP/?") 

475 log.debug( 

476 '%s://%s:%s "%s %s %s" %s %s', 

477 self.scheme, 

478 self.host, 

479 self.port, 

480 method, 

481 url, 

482 http_version, 

483 httplib_response.status, 

484 httplib_response.length, 

485 ) 

486 

487 try: 

488 assert_header_parsing(httplib_response.msg) 

489 except (HeaderParsingError, TypeError) as hpe: # Platform-specific: Python 3 

490 log.warning( 

491 "Failed to parse headers (url=%s): %s", 

492 self._absolute_url(url), 

493 hpe, 

494 exc_info=True, 

495 ) 

496 

497 return httplib_response 

498 

499 def _absolute_url(self, path): 

500 return Url(scheme=self.scheme, host=self.host, port=self.port, path=path).url 

501 

502 def close(self): 

503 """ 

504 Close all pooled connections and disable the pool. 

505 """ 

506 if self.pool is None: 

507 return 

508 # Disable access to the pool 

509 old_pool, self.pool = self.pool, None 

510 

511 # Close all the HTTPConnections in the pool. 

512 _close_pool_connections(old_pool) 

513 

514 def is_same_host(self, url): 

515 """ 

516 Check if the given ``url`` is a member of the same host as this 

517 connection pool. 

518 """ 

519 if url.startswith("/"): 

520 return True 

521 

522 # TODO: Add optional support for socket.gethostbyname checking. 

523 scheme, host, port = get_host(url) 

524 if host is not None: 

525 host = _normalize_host(host, scheme=scheme) 

526 

527 # Use explicit default port for comparison when none is given 

528 if self.port and not port: 

529 port = port_by_scheme.get(scheme) 

530 elif not self.port and port == port_by_scheme.get(scheme): 

531 port = None 

532 

533 return (scheme, host, port) == (self.scheme, self.host, self.port) 

534 

535 def urlopen( 

536 self, 

537 method, 

538 url, 

539 body=None, 

540 headers=None, 

541 retries=None, 

542 redirect=True, 

543 assert_same_host=True, 

544 timeout=_Default, 

545 pool_timeout=None, 

546 release_conn=None, 

547 chunked=False, 

548 body_pos=None, 

549 **response_kw 

550 ): 

551 """ 

552 Get a connection from the pool and perform an HTTP request. This is the 

553 lowest level call for making a request, so you'll need to specify all 

554 the raw details. 

555 

556 .. note:: 

557 

558 More commonly, it's appropriate to use a convenience method provided 

559 by :class:`.RequestMethods`, such as :meth:`request`. 

560 

561 .. note:: 

562 

563 `release_conn` will only behave as expected if 

564 `preload_content=False` because we want to make 

565 `preload_content=False` the default behaviour someday soon without 

566 breaking backwards compatibility. 

567 

568 :param method: 

569 HTTP request method (such as GET, POST, PUT, etc.) 

570 

571 :param url: 

572 The URL to perform the request on. 

573 

574 :param body: 

575 Data to send in the request body, either :class:`str`, :class:`bytes`, 

576 an iterable of :class:`str`/:class:`bytes`, or a file-like object. 

577 

578 :param headers: 

579 Dictionary of custom headers to send, such as User-Agent, 

580 If-None-Match, etc. If None, pool headers are used. If provided, 

581 these headers completely replace any pool-specific headers. 

582 

583 :param retries: 

584 Configure the number of retries to allow before raising a 

585 :class:`~urllib3.exceptions.MaxRetryError` exception. 

586 

587 Pass ``None`` to retry until you receive a response. Pass a 

588 :class:`~urllib3.util.retry.Retry` object for fine-grained control 

589 over different types of retries. 

590 Pass an integer number to retry connection errors that many times, 

591 but no other types of errors. Pass zero to never retry. 

592 

593 If ``False``, then retries are disabled and any exception is raised 

594 immediately. Also, instead of raising a MaxRetryError on redirects, 

595 the redirect response will be returned. 

596 

597 :type retries: :class:`~urllib3.util.retry.Retry`, False, or an int. 

598 

599 :param redirect: 

600 If True, automatically handle redirects (status codes 301, 302, 

601 303, 307, 308). Each redirect counts as a retry. Disabling retries 

602 will disable redirect, too. 

603 

604 :param assert_same_host: 

605 If ``True``, will make sure that the host of the pool requests is 

606 consistent else will raise HostChangedError. When ``False``, you can 

607 use the pool on an HTTP proxy and request foreign hosts. 

608 

609 :param timeout: 

610 If specified, overrides the default timeout for this one 

611 request. It may be a float (in seconds) or an instance of 

612 :class:`urllib3.util.Timeout`. 

613 

614 :param pool_timeout: 

615 If set and the pool is set to block=True, then this method will 

616 block for ``pool_timeout`` seconds and raise EmptyPoolError if no 

617 connection is available within the time period. 

618 

619 :param release_conn: 

620 If False, then the urlopen call will not release the connection 

621 back into the pool once a response is received (but will release if 

622 you read the entire contents of the response such as when 

623 `preload_content=True`). This is useful if you're not preloading 

624 the response's content immediately. You will need to call 

625 ``r.release_conn()`` on the response ``r`` to return the connection 

626 back into the pool. If None, it takes the value of 

627 ``response_kw.get('preload_content', True)``. 

628 

629 :param chunked: 

630 If True, urllib3 will send the body using chunked transfer 

631 encoding. Otherwise, urllib3 will send the body using the standard 

632 content-length form. Defaults to False. 

633 

634 :param int body_pos: 

635 Position to seek to in file-like body in the event of a retry or 

636 redirect. Typically this won't need to be set because urllib3 will 

637 auto-populate the value when needed. 

638 

639 :param \\**response_kw: 

640 Additional parameters are passed to 

641 :meth:`urllib3.response.HTTPResponse.from_httplib` 

642 """ 

643 

644 parsed_url = parse_url(url) 

645 destination_scheme = parsed_url.scheme 

646 

647 if headers is None: 

648 headers = self.headers 

649 

650 if not isinstance(retries, Retry): 

651 retries = Retry.from_int(retries, redirect=redirect, default=self.retries) 

652 

653 if release_conn is None: 

654 release_conn = response_kw.get("preload_content", True) 

655 

656 # Check host 

657 if assert_same_host and not self.is_same_host(url): 

658 raise HostChangedError(self, url, retries) 

659 

660 # Ensure that the URL we're connecting to is properly encoded 

661 if url.startswith("/"): 

662 url = six.ensure_str(_encode_target(url)) 

663 else: 

664 url = six.ensure_str(parsed_url.url) 

665 

666 conn = None 

667 

668 # Track whether `conn` needs to be released before 

669 # returning/raising/recursing. Update this variable if necessary, and 

670 # leave `release_conn` constant throughout the function. That way, if 

671 # the function recurses, the original value of `release_conn` will be 

672 # passed down into the recursive call, and its value will be respected. 

673 # 

674 # See issue #651 [1] for details. 

675 # 

676 # [1] <https://github.com/urllib3/urllib3/issues/651> 

677 release_this_conn = release_conn 

678 

679 http_tunnel_required = connection_requires_http_tunnel( 

680 self.proxy, self.proxy_config, destination_scheme 

681 ) 

682 

683 # Merge the proxy headers. Only done when not using HTTP CONNECT. We 

684 # have to copy the headers dict so we can safely change it without those 

685 # changes being reflected in anyone else's copy. 

686 if not http_tunnel_required: 

687 headers = headers.copy() 

688 headers.update(self.proxy_headers) 

689 

690 # Must keep the exception bound to a separate variable or else Python 3 

691 # complains about UnboundLocalError. 

692 err = None 

693 

694 # Keep track of whether we cleanly exited the except block. This 

695 # ensures we do proper cleanup in finally. 

696 clean_exit = False 

697 

698 # Rewind body position, if needed. Record current position 

699 # for future rewinds in the event of a redirect/retry. 

700 body_pos = set_file_position(body, body_pos) 

701 

702 try: 

703 # Request a connection from the queue. 

704 timeout_obj = self._get_timeout(timeout) 

705 conn = self._get_conn(timeout=pool_timeout) 

706 

707 conn.timeout = timeout_obj.connect_timeout 

708 

709 is_new_proxy_conn = self.proxy is not None and not getattr( 

710 conn, "sock", None 

711 ) 

712 if is_new_proxy_conn and http_tunnel_required: 

713 self._prepare_proxy(conn) 

714 

715 # Make the request on the httplib connection object. 

716 httplib_response = self._make_request( 

717 conn, 

718 method, 

719 url, 

720 timeout=timeout_obj, 

721 body=body, 

722 headers=headers, 

723 chunked=chunked, 

724 ) 

725 

726 # If we're going to release the connection in ``finally:``, then 

727 # the response doesn't need to know about the connection. Otherwise 

728 # it will also try to release it and we'll have a double-release 

729 # mess. 

730 response_conn = conn if not release_conn else None 

731 

732 # Pass method to Response for length checking 

733 response_kw["request_method"] = method 

734 

735 # Import httplib's response into our own wrapper object 

736 response = self.ResponseCls.from_httplib( 

737 httplib_response, 

738 pool=self, 

739 connection=response_conn, 

740 retries=retries, 

741 **response_kw 

742 ) 

743 

744 # Everything went great! 

745 clean_exit = True 

746 

747 except EmptyPoolError: 

748 # Didn't get a connection from the pool, no need to clean up 

749 clean_exit = True 

750 release_this_conn = False 

751 raise 

752 

753 except ( 

754 TimeoutError, 

755 HTTPException, 

756 SocketError, 

757 ProtocolError, 

758 BaseSSLError, 

759 SSLError, 

760 CertificateError, 

761 ) as e: 

762 # Discard the connection for these exceptions. It will be 

763 # replaced during the next _get_conn() call. 

764 clean_exit = False 

765 

766 def _is_ssl_error_message_from_http_proxy(ssl_error): 

767 # We're trying to detect the message 'WRONG_VERSION_NUMBER' but 

768 # SSLErrors are kinda all over the place when it comes to the message, 

769 # so we try to cover our bases here! 

770 message = " ".join(re.split("[^a-z]", str(ssl_error).lower())) 

771 return ( 

772 "wrong version number" in message 

773 or "unknown protocol" in message 

774 or "record layer failure" in message 

775 ) 

776 

777 # Try to detect a common user error with proxies which is to 

778 # set an HTTP proxy to be HTTPS when it should be 'http://' 

779 # (ie {'http': 'http://proxy', 'https': 'https://proxy'}) 

780 # Instead we add a nice error message and point to a URL. 

781 if ( 

782 isinstance(e, BaseSSLError) 

783 and self.proxy 

784 and _is_ssl_error_message_from_http_proxy(e) 

785 and conn.proxy 

786 and conn.proxy.scheme == "https" 

787 ): 

788 e = ProxyError( 

789 "Your proxy appears to only use HTTP and not HTTPS, " 

790 "try changing your proxy URL to be HTTP. See: " 

791 "https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html" 

792 "#https-proxy-error-http-proxy", 

793 SSLError(e), 

794 ) 

795 elif isinstance(e, (BaseSSLError, CertificateError)): 

796 e = SSLError(e) 

797 elif isinstance(e, (SocketError, NewConnectionError)) and self.proxy: 

798 e = ProxyError("Cannot connect to proxy.", e) 

799 elif isinstance(e, (SocketError, HTTPException)): 

800 e = ProtocolError("Connection aborted.", e) 

801 

802 retries = retries.increment( 

803 method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2] 

804 ) 

805 retries.sleep() 

806 

807 # Keep track of the error for the retry warning. 

808 err = e 

809 

810 finally: 

811 if not clean_exit: 

812 # We hit some kind of exception, handled or otherwise. We need 

813 # to throw the connection away unless explicitly told not to. 

814 # Close the connection, set the variable to None, and make sure 

815 # we put the None back in the pool to avoid leaking it. 

816 conn = conn and conn.close() 

817 release_this_conn = True 

818 

819 if release_this_conn: 

820 # Put the connection back to be reused. If the connection is 

821 # expired then it will be None, which will get replaced with a 

822 # fresh connection during _get_conn. 

823 self._put_conn(conn) 

824 

825 if not conn: 

826 # Try again 

827 log.warning( 

828 "Retrying (%r) after connection broken by '%r': %s", retries, err, url 

829 ) 

830 return self.urlopen( 

831 method, 

832 url, 

833 body, 

834 headers, 

835 retries, 

836 redirect, 

837 assert_same_host, 

838 timeout=timeout, 

839 pool_timeout=pool_timeout, 

840 release_conn=release_conn, 

841 chunked=chunked, 

842 body_pos=body_pos, 

843 **response_kw 

844 ) 

845 

846 # Handle redirect? 

847 redirect_location = redirect and response.get_redirect_location() 

848 if redirect_location: 

849 if response.status == 303: 

850 # Change the method according to RFC 9110, Section 15.4.4. 

851 method = "GET" 

852 # And lose the body not to transfer anything sensitive. 

853 body = None 

854 headers = HTTPHeaderDict(headers)._prepare_for_method_change() 

855 

856 try: 

857 retries = retries.increment(method, url, response=response, _pool=self) 

858 except MaxRetryError: 

859 if retries.raise_on_redirect: 

860 response.drain_conn() 

861 raise 

862 return response 

863 

864 response.drain_conn() 

865 retries.sleep_for_retry(response) 

866 log.debug("Redirecting %s -> %s", url, redirect_location) 

867 return self.urlopen( 

868 method, 

869 redirect_location, 

870 body, 

871 headers, 

872 retries=retries, 

873 redirect=redirect, 

874 assert_same_host=assert_same_host, 

875 timeout=timeout, 

876 pool_timeout=pool_timeout, 

877 release_conn=release_conn, 

878 chunked=chunked, 

879 body_pos=body_pos, 

880 **response_kw 

881 ) 

882 

883 # Check if we should retry the HTTP response. 

884 has_retry_after = bool(response.headers.get("Retry-After")) 

885 if retries.is_retry(method, response.status, has_retry_after): 

886 try: 

887 retries = retries.increment(method, url, response=response, _pool=self) 

888 except MaxRetryError: 

889 if retries.raise_on_status: 

890 response.drain_conn() 

891 raise 

892 return response 

893 

894 response.drain_conn() 

895 retries.sleep(response) 

896 log.debug("Retry: %s", url) 

897 return self.urlopen( 

898 method, 

899 url, 

900 body, 

901 headers, 

902 retries=retries, 

903 redirect=redirect, 

904 assert_same_host=assert_same_host, 

905 timeout=timeout, 

906 pool_timeout=pool_timeout, 

907 release_conn=release_conn, 

908 chunked=chunked, 

909 body_pos=body_pos, 

910 **response_kw 

911 ) 

912 

913 return response 

914 

915 

916class HTTPSConnectionPool(HTTPConnectionPool): 

917 """ 

918 Same as :class:`.HTTPConnectionPool`, but HTTPS. 

919 

920 :class:`.HTTPSConnection` uses one of ``assert_fingerprint``, 

921 ``assert_hostname`` and ``host`` in this order to verify connections. 

922 If ``assert_hostname`` is False, no verification is done. 

923 

924 The ``key_file``, ``cert_file``, ``cert_reqs``, ``ca_certs``, 

925 ``ca_cert_dir``, ``ssl_version``, ``key_password`` are only used if :mod:`ssl` 

926 is available and are fed into :meth:`urllib3.util.ssl_wrap_socket` to upgrade 

927 the connection socket into an SSL socket. 

928 """ 

929 

930 scheme = "https" 

931 ConnectionCls = HTTPSConnection 

932 

933 def __init__( 

934 self, 

935 host, 

936 port=None, 

937 strict=False, 

938 timeout=Timeout.DEFAULT_TIMEOUT, 

939 maxsize=1, 

940 block=False, 

941 headers=None, 

942 retries=None, 

943 _proxy=None, 

944 _proxy_headers=None, 

945 key_file=None, 

946 cert_file=None, 

947 cert_reqs=None, 

948 key_password=None, 

949 ca_certs=None, 

950 ssl_version=None, 

951 assert_hostname=None, 

952 assert_fingerprint=None, 

953 ca_cert_dir=None, 

954 **conn_kw 

955 ): 

956 

957 HTTPConnectionPool.__init__( 

958 self, 

959 host, 

960 port, 

961 strict, 

962 timeout, 

963 maxsize, 

964 block, 

965 headers, 

966 retries, 

967 _proxy, 

968 _proxy_headers, 

969 **conn_kw 

970 ) 

971 

972 self.key_file = key_file 

973 self.cert_file = cert_file 

974 self.cert_reqs = cert_reqs 

975 self.key_password = key_password 

976 self.ca_certs = ca_certs 

977 self.ca_cert_dir = ca_cert_dir 

978 self.ssl_version = ssl_version 

979 self.assert_hostname = assert_hostname 

980 self.assert_fingerprint = assert_fingerprint 

981 

982 def _prepare_conn(self, conn): 

983 """ 

984 Prepare the ``connection`` for :meth:`urllib3.util.ssl_wrap_socket` 

985 and establish the tunnel if proxy is used. 

986 """ 

987 

988 if isinstance(conn, VerifiedHTTPSConnection): 

989 conn.set_cert( 

990 key_file=self.key_file, 

991 key_password=self.key_password, 

992 cert_file=self.cert_file, 

993 cert_reqs=self.cert_reqs, 

994 ca_certs=self.ca_certs, 

995 ca_cert_dir=self.ca_cert_dir, 

996 assert_hostname=self.assert_hostname, 

997 assert_fingerprint=self.assert_fingerprint, 

998 ) 

999 conn.ssl_version = self.ssl_version 

1000 return conn 

1001