From d49d5dda344f0a458c020a8a3c0032480e6b57d5 Mon Sep 17 00:00:00 2001
From: Quentin Pradet <quentin.pradet@elastic.co>
Date: Thu, 23 May 2024 11:48:10 +0400
Subject: [PATCH] Fix requests 2.32 compatibility

---
 elastic_transport/_node/_http_requests.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/elastic_transport/_node/_http_requests.py b/elastic_transport/_node/_http_requests.py
index 19cec37..e439865 100644
--- a/elastic_transport/_node/_http_requests.py
+++ b/elastic_transport/_node/_http_requests.py
@@ -169,7 +169,16 @@ def __init__(self, config: NodeConfig):
         )
         # Preload the HTTPConnectionPool so initialization issues
         # are raised here instead of in perform_request()
-        adapter.get_connection(self.base_url)  # type: ignore[no-untyped-call]
+        if hasattr(adapter, "get_connection_with_tls_context"):
+            adapter.get_connection_with_tls_context(
+                requests.Request(url=self.base_url), verify=self.session.verify
+            )
+        else:
+            # elastic-transport is not vulnerable to CVE-2024-35195 because it uses
+            # requests.Session and an SSLContext without using the verify parameter.
+            # We should remove this branch when requiring requests 2.32 or later.
+            adapter.get_connection(self.base_url)  # type: ignore [no-untyped-call]
+
         self.session.mount(prefix=f"{self.scheme}://", adapter=adapter)
 
     def perform_request(