diff options
| author | Daniele Tricoli <eriol@mornie.org> | 2014-11-22 18:57:06 +0000 |
|---|---|---|
| committer | Daniele Tricoli <eriol@mornie.org> | 2014-11-22 18:57:06 +0000 |
| commit | 8af60f07fee0bd4abd9ee269e767cdc55c15f2b6 (patch) | |
| tree | 64ca37eeead11e187ac3c2c3c1bb54de17c94142 | |
| parent | 353f2a5c3850292b12181fa6991437682e433945 (diff) | |
| download | python-requests-8af60f07fee0bd4abd9ee269e767cdc55c15f2b6.tar python-requests-8af60f07fee0bd4abd9ee269e767cdc55c15f2b6.tar.gz | |
* debian/patches/05_do-not-make-SSLv3-mandatory.patch
- Since SSL version 3 is insecure it is supported only if Python
supports it. (Closes: #770172)
| -rw-r--r-- | debian/changelog | 8 | ||||
| -rw-r--r-- | debian/patches/05_do-not-make-SSLv3-mandatory.patch | 25 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
3 files changed, 34 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index edd52f2..10a3a62 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +requests (2.4.3-6) UNRELEASED; urgency=medium + + * debian/patches/05_do-not-make-SSLv3-mandatory.patch + - Since SSL version 3 is insecure it is supported only if Python + supports it. (Closes: #770172) + + -- Daniele Tricoli <eriol@mornie.org> Sat, 22 Nov 2014 19:44:01 +0100 + requests (2.4.3-5) unstable; urgency=medium * Team upload. diff --git a/debian/patches/05_do-not-make-SSLv3-mandatory.patch b/debian/patches/05_do-not-make-SSLv3-mandatory.patch new file mode 100644 index 0000000..dbeef77 --- /dev/null +++ b/debian/patches/05_do-not-make-SSLv3-mandatory.patch @@ -0,0 +1,25 @@ +Description: Since SSL version 3 is insecure it is supported only if Python + supports it. In Debian SSL version 3 is disabled in system Python since + 2.7.8-12. +Author: Daniele Tricoli <eriol@mornie.org> +Forwarded: https://github.com/shazow/urllib3/issues/487#issuecomment-63805742 +Last/Update: 2014-11-20 + +--- a/requests/packages/urllib3/contrib/pyopenssl.py ++++ b/requests/packages/urllib3/contrib/pyopenssl.py +@@ -70,9 +70,14 @@ + # Map from urllib3 to PyOpenSSL compatible parameter-values. + _openssl_versions = { + ssl.PROTOCOL_SSLv23: OpenSSL.SSL.SSLv23_METHOD, +- ssl.PROTOCOL_SSLv3: OpenSSL.SSL.SSLv3_METHOD, + ssl.PROTOCOL_TLSv1: OpenSSL.SSL.TLSv1_METHOD, + } ++ ++try: ++ _openssl_versions.update({ssl.PROTOCOL_SSLv3: OpenSSL.SSL.SSLv3_METHOD}) ++except AttributeError: ++ pass ++ + _openssl_verify = { + ssl.CERT_NONE: OpenSSL.SSL.VERIFY_NONE, + ssl.CERT_OPTIONAL: OpenSSL.SSL.VERIFY_PEER, diff --git a/debian/patches/series b/debian/patches/series index 38fffac..c373be5 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ 02_use-system-chardet-and-urllib3.patch 03_export-IncompleteRead.patch 04_make-requests.packages.urllib3-same-as-urllib3.patch +05_do-not-make-SSLv3-mandatory.patch |