aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniele Tricoli <eriol@mornie.org>2014-11-20 13:28:03 +0000
committerDaniele Tricoli <eriol@mornie.org>2014-11-20 13:28:03 +0000
commit8ef89a8dcccd9bbb7d189934385649ba27cd20be (patch)
treea759b37b94217325876b7e9d4afebf08babf6ca0
parent874ffc18a181a397bf262463f7287f28eec633ba (diff)
downloadpython-urllib3-8ef89a8dcccd9bbb7d189934385649ba27cd20be.tar
python-urllib3-8ef89a8dcccd9bbb7d189934385649ba27cd20be.tar.gz
* debian/patches/06_do-not-make-SSLv3-mandatory.patch
- Since SSL version 3 is insicure it is supported only if Python supports it. (Closes: 770246)
-rw-r--r--debian/changelog9
-rw-r--r--debian/patches/06_do-not-make-SSLv3-mandatory.patch25
-rw-r--r--debian/patches/series1
3 files changed, 33 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog
index 5436a6f..fd4f27e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,11 +1,16 @@
python-urllib3 (1.9.1-3) UNRELEASED; urgency=medium
- * Team upload.
+ [ Stefano Rivera ]
* Replace 05_do-not-use-embedded-ssl-match-hostname.patch with
05_avoid-embedded-ssl-match-hostname.patch. Users may use virtualenv with
cPython << 2.7.9 (or Debian python2.7 2.7.8-7). (Closes: 755106, 763389)
- -- Stefano Rivera <stefanor@debian.org> Tue, 18 Nov 2014 12:45:49 -0800
+ [ Daniele Tricoli ]
+ * debian/patches/06_do-not-make-SSLv3-mandatory.patch
+ - Since SSL version 3 is insicure it is supported only if Python
+ supports it. (Closes: 770246)
+
+ -- Daniele Tricoli <eriol@mornie.org> Thu, 20 Nov 2014 13:17:59 +0100
python-urllib3 (1.9.1-2) unstable; urgency=medium
diff --git a/debian/patches/06_do-not-make-SSLv3-mandatory.patch b/debian/patches/06_do-not-make-SSLv3-mandatory.patch
new file mode 100644
index 0000000..0ce3f4a
--- /dev/null
+++ b/debian/patches/06_do-not-make-SSLv3-mandatory.patch
@@ -0,0 +1,25 @@
+Description: Since SSL version 3 is insicure it is supported only if Python
+ supports it. In Debian SSL version 3 is disabled in system Python since
+ 2.7.8-12.
+Author: Daniele Tricoli <eriol@mornie.org>
+Forwarded: https://github.com/shazow/urllib3/issues/487#issuecomment-63805742
+Last/Update: 2014-11-20
+
+--- a/urllib3/contrib/pyopenssl.py
++++ b/urllib3/contrib/pyopenssl.py
+@@ -70,9 +70,14 @@
+ # Map from urllib3 to PyOpenSSL compatible parameter-values.
+ _openssl_versions = {
+ ssl.PROTOCOL_SSLv23: OpenSSL.SSL.SSLv23_METHOD,
+- ssl.PROTOCOL_SSLv3: OpenSSL.SSL.SSLv3_METHOD,
+ ssl.PROTOCOL_TLSv1: OpenSSL.SSL.TLSv1_METHOD,
+ }
++
++try:
++ _openssl_versions.update({ssl.PROTOCOL_SSLv3: OpenSSL.SSL.SSLv3_METHOD})
++except AttributeError:
++ pass
++
+ _openssl_verify = {
+ ssl.CERT_NONE: OpenSSL.SSL.VERIFY_NONE,
+ ssl.CERT_OPTIONAL: OpenSSL.SSL.VERIFY_PEER,
diff --git a/debian/patches/series b/debian/patches/series
index b77d657..30602ad 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,3 +3,4 @@
03_force_setuptools.patch
04_relax_nosetests_options.patch
05_avoid-embedded-ssl-match-hostname.patch
+06_do-not-make-SSLv3-mandatory.patch