aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniele Tricoli <eriol@mornie.org>2014-11-22 18:57:06 +0000
committerDaniele Tricoli <eriol@mornie.org>2014-11-22 18:57:06 +0000
commit8af60f07fee0bd4abd9ee269e767cdc55c15f2b6 (patch)
tree64ca37eeead11e187ac3c2c3c1bb54de17c94142
parent353f2a5c3850292b12181fa6991437682e433945 (diff)
downloadpython-requests-8af60f07fee0bd4abd9ee269e767cdc55c15f2b6.tar
python-requests-8af60f07fee0bd4abd9ee269e767cdc55c15f2b6.tar.gz
* debian/patches/05_do-not-make-SSLv3-mandatory.patch
- Since SSL version 3 is insecure it is supported only if Python supports it. (Closes: #770172)
-rw-r--r--debian/changelog8
-rw-r--r--debian/patches/05_do-not-make-SSLv3-mandatory.patch25
-rw-r--r--debian/patches/series1
3 files changed, 34 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index edd52f2..10a3a62 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+requests (2.4.3-6) UNRELEASED; urgency=medium
+
+ * debian/patches/05_do-not-make-SSLv3-mandatory.patch
+ - Since SSL version 3 is insecure it is supported only if Python
+ supports it. (Closes: #770172)
+
+ -- Daniele Tricoli <eriol@mornie.org> Sat, 22 Nov 2014 19:44:01 +0100
+
requests (2.4.3-5) unstable; urgency=medium
* Team upload.
diff --git a/debian/patches/05_do-not-make-SSLv3-mandatory.patch b/debian/patches/05_do-not-make-SSLv3-mandatory.patch
new file mode 100644
index 0000000..dbeef77
--- /dev/null
+++ b/debian/patches/05_do-not-make-SSLv3-mandatory.patch
@@ -0,0 +1,25 @@
+Description: Since SSL version 3 is insecure it is supported only if Python
+ supports it. In Debian SSL version 3 is disabled in system Python since
+ 2.7.8-12.
+Author: Daniele Tricoli <eriol@mornie.org>
+Forwarded: https://github.com/shazow/urllib3/issues/487#issuecomment-63805742
+Last/Update: 2014-11-20
+
+--- a/requests/packages/urllib3/contrib/pyopenssl.py
++++ b/requests/packages/urllib3/contrib/pyopenssl.py
+@@ -70,9 +70,14 @@
+ # Map from urllib3 to PyOpenSSL compatible parameter-values.
+ _openssl_versions = {
+ ssl.PROTOCOL_SSLv23: OpenSSL.SSL.SSLv23_METHOD,
+- ssl.PROTOCOL_SSLv3: OpenSSL.SSL.SSLv3_METHOD,
+ ssl.PROTOCOL_TLSv1: OpenSSL.SSL.TLSv1_METHOD,
+ }
++
++try:
++ _openssl_versions.update({ssl.PROTOCOL_SSLv3: OpenSSL.SSL.SSLv3_METHOD})
++except AttributeError:
++ pass
++
+ _openssl_verify = {
+ ssl.CERT_NONE: OpenSSL.SSL.VERIFY_NONE,
+ ssl.CERT_OPTIONAL: OpenSSL.SSL.VERIFY_PEER,
diff --git a/debian/patches/series b/debian/patches/series
index 38fffac..c373be5 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@
02_use-system-chardet-and-urllib3.patch
03_export-IncompleteRead.patch
04_make-requests.packages.urllib3-same-as-urllib3.patch
+05_do-not-make-SSLv3-mandatory.patch