diff options
| author | Daniele Tricoli <eriol@mornie.org> | 2014-03-31 16:27:26 +0000 |
|---|---|---|
| committer | Daniele Tricoli <eriol@mornie.org> | 2014-03-31 16:27:26 +0000 |
| commit | 29256ae8f81b85f7a28b1733b33d9513abdead7f (patch) | |
| tree | d7328d9ec4d66c3e5836cb3788cc24ea36fa4a43 | |
| parent | 20fb79be3ff8c970f1a165493c802ee62d84ed5f (diff) | |
| download | python-urllib3-29256ae8f81b85f7a28b1733b33d9513abdead7f.tar python-urllib3-29256ae8f81b85f7a28b1733b33d9513abdead7f.tar.gz | |
Refreshed 02_require-cert-verification.patch
| -rw-r--r-- | debian/changelog | 4 | ||||
| -rw-r--r-- | debian/patches/02_require-cert-verification.patch | 26 |
2 files changed, 12 insertions, 18 deletions
diff --git a/debian/changelog b/debian/changelog index d0510a3..44a0ee8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,8 +3,10 @@ python-urllib3 (1.8-1) UNRELEASED; urgency=medium * New upstream release * debian/patches/01_do-not-use-embedded-python-six.patch - Refreshed + * debian/patches/02_require-cert-verification.patch + - Refreshed - -- Daniele Tricoli <eriol@mornie.org> Mon, 31 Mar 2014 17:50:10 +0200 + -- Daniele Tricoli <eriol@mornie.org> Mon, 31 Mar 2014 18:26:22 +0200 python-urllib3 (1.7.1-1) unstable; urgency=low diff --git a/debian/patches/02_require-cert-verification.patch b/debian/patches/02_require-cert-verification.patch index 7c3bef1..14b6a73 100644 --- a/debian/patches/02_require-cert-verification.patch +++ b/debian/patches/02_require-cert-verification.patch @@ -3,28 +3,20 @@ Description: require SSL certificate validation by default by using CERT_REQUIRED and using the system /etc/ssl/certs/ca-certificates.crt Bug-Ubuntu: https://launchpad.net/bugs/1047054 Bug-Debian: http://bugs.debian.org/686872 -Last-Update: 2013-10-16 +Last-Update: 2014-03-31 --- a/urllib3/connectionpool.py +++ b/urllib3/connectionpool.py -@@ -87,12 +87,13 @@ - Based on httplib.HTTPSConnection but wraps the socket with - SSL certification. +@@ -583,6 +583,8 @@ + ``ssl_version`` are only used if :mod:`ssl` is available and are fed into + :meth:`urllib3.util.ssl_wrap_socket` to upgrade the connection socket + into an SSL socket. ++ ++ On Debian, SSL certificate validation is required by default """ -- cert_reqs = None -- ca_certs = None -+ # On Debian, SSL certificate validation is required by default -+ cert_reqs = 'CERT_REQUIRED' -+ ca_certs = '/etc/ssl/certs/ca-certificates.crt' - ssl_version = None - def set_cert(self, key_file=None, cert_file=None, -- cert_reqs=None, ca_certs=None, -+ cert_reqs='CERT_REQUIRED', ca_certs='/etc/ssl/certs/ca-certificates.crt', - assert_hostname=None, assert_fingerprint=None): - - self.key_file = key_file -@@ -644,8 +645,8 @@ + scheme = 'https' +@@ -592,8 +594,8 @@ strict=False, timeout=None, maxsize=1, block=False, headers=None, _proxy=None, _proxy_headers=None, |