aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniele Tricoli <eriol@mornie.org>2014-03-31 16:27:26 +0000
committerDaniele Tricoli <eriol@mornie.org>2014-03-31 16:27:26 +0000
commit29256ae8f81b85f7a28b1733b33d9513abdead7f (patch)
treed7328d9ec4d66c3e5836cb3788cc24ea36fa4a43
parent20fb79be3ff8c970f1a165493c802ee62d84ed5f (diff)
downloadpython-urllib3-29256ae8f81b85f7a28b1733b33d9513abdead7f.tar
python-urllib3-29256ae8f81b85f7a28b1733b33d9513abdead7f.tar.gz
Refreshed 02_require-cert-verification.patch
-rw-r--r--debian/changelog4
-rw-r--r--debian/patches/02_require-cert-verification.patch26
2 files changed, 12 insertions, 18 deletions
diff --git a/debian/changelog b/debian/changelog
index d0510a3..44a0ee8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,8 +3,10 @@ python-urllib3 (1.8-1) UNRELEASED; urgency=medium
* New upstream release
* debian/patches/01_do-not-use-embedded-python-six.patch
- Refreshed
+ * debian/patches/02_require-cert-verification.patch
+ - Refreshed
- -- Daniele Tricoli <eriol@mornie.org> Mon, 31 Mar 2014 17:50:10 +0200
+ -- Daniele Tricoli <eriol@mornie.org> Mon, 31 Mar 2014 18:26:22 +0200
python-urllib3 (1.7.1-1) unstable; urgency=low
diff --git a/debian/patches/02_require-cert-verification.patch b/debian/patches/02_require-cert-verification.patch
index 7c3bef1..14b6a73 100644
--- a/debian/patches/02_require-cert-verification.patch
+++ b/debian/patches/02_require-cert-verification.patch
@@ -3,28 +3,20 @@ Description: require SSL certificate validation by default by using
CERT_REQUIRED and using the system /etc/ssl/certs/ca-certificates.crt
Bug-Ubuntu: https://launchpad.net/bugs/1047054
Bug-Debian: http://bugs.debian.org/686872
-Last-Update: 2013-10-16
+Last-Update: 2014-03-31
--- a/urllib3/connectionpool.py
+++ b/urllib3/connectionpool.py
-@@ -87,12 +87,13 @@
- Based on httplib.HTTPSConnection but wraps the socket with
- SSL certification.
+@@ -583,6 +583,8 @@
+ ``ssl_version`` are only used if :mod:`ssl` is available and are fed into
+ :meth:`urllib3.util.ssl_wrap_socket` to upgrade the connection socket
+ into an SSL socket.
++
++ On Debian, SSL certificate validation is required by default
"""
-- cert_reqs = None
-- ca_certs = None
-+ # On Debian, SSL certificate validation is required by default
-+ cert_reqs = 'CERT_REQUIRED'
-+ ca_certs = '/etc/ssl/certs/ca-certificates.crt'
- ssl_version = None
- def set_cert(self, key_file=None, cert_file=None,
-- cert_reqs=None, ca_certs=None,
-+ cert_reqs='CERT_REQUIRED', ca_certs='/etc/ssl/certs/ca-certificates.crt',
- assert_hostname=None, assert_fingerprint=None):
-
- self.key_file = key_file
-@@ -644,8 +645,8 @@
+ scheme = 'https'
+@@ -592,8 +594,8 @@
strict=False, timeout=None, maxsize=1,
block=False, headers=None,
_proxy=None, _proxy_headers=None,