From 28039229fec4c481efced928d5a5fd8931b5e1c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mike=20F=C3=A4hrmann?= <mike_faehrmann@web.de>
Date: Fri, 10 May 2024 19:17:39 +0200
Subject: [PATCH] [common] use 'create_urllib3_context' for creating
 SSLContexts

enables dumping TLS session keys by setting SSLKEYLOGFILE (#5215)
as well as other potentially useful settings.
---
 gallery_dl/extractor/common.py | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/gallery_dl/extractor/common.py b/gallery_dl/extractor/common.py
index 7efd06a2..d80dea2a 100644
--- a/gallery_dl/extractor/common.py
+++ b/gallery_dl/extractor/common.py
@@ -22,6 +22,7 @@ import threading
 from requests.adapters import HTTPAdapter
 from .message import Message
 from .. import config, text, util, cache, exception
+urllib3 = requests.packages.urllib3
 
 
 class Extractor():
@@ -834,12 +835,8 @@ def _build_requests_adapter(ssl_options, ssl_ciphers, source_address):
         pass
 
     if ssl_options or ssl_ciphers:
-        ssl_context = ssl.create_default_context()
-        if ssl_options:
-            ssl_context.options |= ssl_options
-        if ssl_ciphers:
-            ssl_context.set_ecdh_curve("prime256v1")
-            ssl_context.set_ciphers(ssl_ciphers)
+        ssl_context = urllib3.connection.create_urllib3_context(
+            options=ssl_options or None, ciphers=ssl_ciphers)
         ssl_context.check_hostname = False
     else:
         ssl_context = None
@@ -960,8 +957,6 @@ SSL_CIPHERS = {
 }
 
 
-urllib3 = requests.packages.urllib3
-
 # detect brotli support
 try:
     BROTLI = urllib3.response.brotli is not None