From 0271064fa9e42b3ec48228091efe80ce6d7aa816 Mon Sep 17 00:00:00 2001
From: Mike Manger <mike.manger@lighthouseuk.net>
Date: Fri, 6 Dec 2024 12:02:36 +0000
Subject: [PATCH 1/2] Tidy up SSL connection to fix deprication warnings

---
 lib/createsend/utils.py | 18 ++++--------------
 1 file changed, 4 insertions(+), 14 deletions(-)

diff --git a/lib/createsend/utils.py b/lib/createsend/utils.py
index b7eec68..63e4f98 100644
--- a/lib/createsend/utils.py
+++ b/lib/createsend/utils.py
@@ -81,30 +81,20 @@ class VerifiedHTTPSConnection(HTTPSConnection):
 
     def connect(self):
         self.connection_kwargs = {}
-        # for > py2.5
-        if hasattr(self, 'timeout'):
-            self.connection_kwargs.update(timeout=self.timeout)
-
-        # for >= py2.7
-        if hasattr(self, 'source_address'):
-            self.connection_kwargs.update(source_address=self.source_address)
+        self.connection_kwargs.update(timeout=self.timeout)
+        self.connection_kwargs.update(source_address=self.source_address)
 
         sock = socket.create_connection(
             (self.host, self.port), **self.connection_kwargs)
 
-        # for >= py2.7
-        if getattr(self, '_tunnel_host', None):
-            self.sock = sock
-            self._tunnel()
-
         cert_path = os.path.join(os.path.dirname(__file__), 'cacert.pem')
 
-        context = ssl.SSLContext()
+        context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLS_CLIENT)
         context.verify_mode = ssl.CERT_REQUIRED
         context.load_verify_locations(cert_path)
         if hasattr(self, 'cert_file') and hasattr(self, 'key_file') and self.cert_file and self.key_file:
             context.load_cert_chain(certfile=self.cert_file, keyfile=self.key_file)
-        self.sock = context.wrap_socket(sock)
+        self.sock = context.wrap_socket(sock, server_hostname=self.host)
 
         try:
             match_hostname(self.sock.getpeercert(), self.host)

From 802a56df52f811dd0724aa66b781647069e5dab4 Mon Sep 17 00:00:00 2001
From: Mike Manger <mike.manger@lighthouseuk.net>
Date: Fri, 6 Dec 2024 12:21:05 +0000
Subject: [PATCH 2/2] Add back proxy tunnel code

(cherry picked from commit 5e43f39f38f0e99f96cfa6b16a2bfcabebfaaa07)
---
 lib/createsend/utils.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/createsend/utils.py b/lib/createsend/utils.py
index 63e4f98..7396916 100644
--- a/lib/createsend/utils.py
+++ b/lib/createsend/utils.py
@@ -87,6 +87,9 @@ def connect(self):
         sock = socket.create_connection(
             (self.host, self.port), **self.connection_kwargs)
 
+        if self._tunnel_host:
+            self._tunnel()
+
         cert_path = os.path.join(os.path.dirname(__file__), 'cacert.pem')
 
         context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLS_CLIENT)