diff options
author | Daniele Tricoli <eriol@mornie.org> | 2015-10-09 23:19:30 +0200 |
---|---|---|
committer | Daniele Tricoli <eriol@mornie.org> | 2015-10-09 23:19:30 +0200 |
commit | cd2a4010a9e1356c36cfb42b57501343c29e2608 (patch) | |
tree | 81af3946a53bb27e34e85eb28035ace8c3e7b27e /debian/patches/02_require-cert-verification.patch | |
parent | ebc01af6ebb87c1e27e50b4ea572b8c1a20e70b0 (diff) | |
parent | 7db0aa9b18e70f43ef0bfcdec7f223e5b681aaf0 (diff) | |
download | python-urllib3-cd2a4010a9e1356c36cfb42b57501343c29e2608.tar python-urllib3-cd2a4010a9e1356c36cfb42b57501343c29e2608.tar.gz |
merge patched into master
Diffstat (limited to 'debian/patches/02_require-cert-verification.patch')
-rw-r--r-- | debian/patches/02_require-cert-verification.patch | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/debian/patches/02_require-cert-verification.patch b/debian/patches/02_require-cert-verification.patch index 6973d7a..b10b3b1 100644 --- a/debian/patches/02_require-cert-verification.patch +++ b/debian/patches/02_require-cert-verification.patch @@ -1,4 +1,4 @@ -From 9cd0feeb36e835dbc9f394befd32e02ec1ce6841 Mon Sep 17 00:00:00 2001 +From f27a60baa815150ce224d1be75464c46d987f749 Mon Sep 17 00:00:00 2001 From: Jamie Strandboge <jamie@canonical.com> Date: Thu, 8 Oct 2015 13:19:47 -0700 Subject: require SSL certificate validation by default by using @@ -14,19 +14,19 @@ Patch-Name: 02_require-cert-verification.patch 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/urllib3/connectionpool.py b/urllib3/connectionpool.py -index 0750e24..fe2f546 100644 +index 563f108..a99d4ec 100644 --- a/urllib3/connectionpool.py +++ b/urllib3/connectionpool.py -@@ -679,6 +679,8 @@ class HTTPSConnectionPool(HTTPConnectionPool): - ``ssl_version`` are only used if :mod:`ssl` is available and are fed into - :meth:`urllib3.util.ssl_wrap_socket` to upgrade the connection socket - into an SSL socket. +@@ -681,6 +681,8 @@ class HTTPSConnectionPool(HTTPConnectionPool): + ``ca_cert_dir``, and ``ssl_version`` are only used if :mod:`ssl` is + available and are fed into :meth:`urllib3.util.ssl_wrap_socket` to upgrade + the connection socket into an SSL socket. + + On Debian, SSL certificate validation is required by default """ scheme = 'https' -@@ -688,8 +690,8 @@ class HTTPSConnectionPool(HTTPConnectionPool): +@@ -690,8 +692,8 @@ class HTTPSConnectionPool(HTTPConnectionPool): strict=False, timeout=Timeout.DEFAULT_TIMEOUT, maxsize=1, block=False, headers=None, retries=None, _proxy=None, _proxy_headers=None, @@ -35,5 +35,5 @@ index 0750e24..fe2f546 100644 + key_file=None, cert_file=None, cert_reqs='CERT_REQUIRED', + ca_certs='/etc/ssl/certs/ca-certificates.crt', ssl_version=None, assert_hostname=None, assert_fingerprint=None, - **conn_kw): + ca_cert_dir=None, **conn_kw): |