From 876d8f131e03b98ebf144c7de90a40516c95b771 Mon Sep 17 00:00:00 2001
From: Konge <zkonge@outlook.com>
Date: Mon, 26 Aug 2024 09:19:25 +0800
Subject: [PATCH] Inject pyopenssl into urllib3 only when necessary

---
 src/etcd/__init__.py | 29 +++++++++++++++++++++++++++--
 1 file changed, 27 insertions(+), 2 deletions(-)

diff --git a/src/etcd/__init__.py b/src/etcd/__init__.py
index d716e9b..332212d 100644
--- a/src/etcd/__init__.py
+++ b/src/etcd/__init__.py
@@ -326,9 +326,34 @@ def handle(cls, payload):
 
 # Attempt to enable urllib3's SNI support, if possible
 # Blatantly copied from requests.
+def _check_cryptography(cryptography_version):
+    import warnings
+
+    # cryptography < 1.3.4
+    try:
+        cryptography_version = list(map(int, cryptography_version.split(".")))
+    except ValueError:
+        return
+
+    if cryptography_version < [1, 3, 4]:
+        warning = "Old version of cryptography ({}) may cause slowdown.".format(
+            cryptography_version
+        )
+        warnings.warn(warning, RequestsDependencyWarning)
+
 try:
-    from urllib3.contrib import pyopenssl
+    try:
+        import ssl
+    except ImportError:
+        ssl = None
+
+    if not getattr(ssl, "HAS_SNI", False):
+        from urllib3.contrib import pyopenssl
+
+        pyopenssl.inject_into_urllib3()
+
+        from cryptography import __version__ as cryptography_version
 
-    pyopenssl.inject_into_urllib3()
+        _check_cryptography(cryptography_version)
 except ImportError:
     pass