aboutsummaryrefslogtreecommitdiff
path: root/debian/patches/02_require-cert-verification.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/02_require-cert-verification.patch')
-rw-r--r--debian/patches/02_require-cert-verification.patch16
1 files changed, 8 insertions, 8 deletions
diff --git a/debian/patches/02_require-cert-verification.patch b/debian/patches/02_require-cert-verification.patch
index 6973d7a..b10b3b1 100644
--- a/debian/patches/02_require-cert-verification.patch
+++ b/debian/patches/02_require-cert-verification.patch
@@ -1,4 +1,4 @@
-From 9cd0feeb36e835dbc9f394befd32e02ec1ce6841 Mon Sep 17 00:00:00 2001
+From f27a60baa815150ce224d1be75464c46d987f749 Mon Sep 17 00:00:00 2001
From: Jamie Strandboge <jamie@canonical.com>
Date: Thu, 8 Oct 2015 13:19:47 -0700
Subject: require SSL certificate validation by default by using
@@ -14,19 +14,19 @@ Patch-Name: 02_require-cert-verification.patch
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/urllib3/connectionpool.py b/urllib3/connectionpool.py
-index 0750e24..fe2f546 100644
+index 563f108..a99d4ec 100644
--- a/urllib3/connectionpool.py
+++ b/urllib3/connectionpool.py
-@@ -679,6 +679,8 @@ class HTTPSConnectionPool(HTTPConnectionPool):
- ``ssl_version`` are only used if :mod:`ssl` is available and are fed into
- :meth:`urllib3.util.ssl_wrap_socket` to upgrade the connection socket
- into an SSL socket.
+@@ -681,6 +681,8 @@ class HTTPSConnectionPool(HTTPConnectionPool):
+ ``ca_cert_dir``, and ``ssl_version`` are only used if :mod:`ssl` is
+ available and are fed into :meth:`urllib3.util.ssl_wrap_socket` to upgrade
+ the connection socket into an SSL socket.
+
+ On Debian, SSL certificate validation is required by default
"""
scheme = 'https'
-@@ -688,8 +690,8 @@ class HTTPSConnectionPool(HTTPConnectionPool):
+@@ -690,8 +692,8 @@ class HTTPSConnectionPool(HTTPConnectionPool):
strict=False, timeout=Timeout.DEFAULT_TIMEOUT, maxsize=1,
block=False, headers=None, retries=None,
_proxy=None, _proxy_headers=None,
@@ -35,5 +35,5 @@ index 0750e24..fe2f546 100644
+ key_file=None, cert_file=None, cert_reqs='CERT_REQUIRED',
+ ca_certs='/etc/ssl/certs/ca-certificates.crt', ssl_version=None,
assert_hostname=None, assert_fingerprint=None,
- **conn_kw):
+ ca_cert_dir=None, **conn_kw):
generated by cgit v1.2.3 (git 2.25.4) at 2024-04-28 21:49:39 +0000