Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-urllib3 for openSUSE:Factory
checked in at 2022-08-04 13:23:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-urllib3 (Old)
and /work/SRC/openSUSE:Factory/.python-urllib3.new.1521 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-urllib3"
Thu Aug 4 13:23:24 2022 rev:50 rq:992370 version:1.26.11
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-urllib3/python-urllib3.changes
2022-04-23 19:45:38.334959973 +0200
+++ /work/SRC/openSUSE:Factory/.python-urllib3.new.1521/python-urllib3.changes
2022-08-04 13:23:37.584526397 +0200
@@ -1,0 +2,15 @@
+Tue Aug 2 14:54:12 UTC 2022 - Ben Greiner <c...@bnavigator.de>
+
+- update to 1.26.11
+ * Fix OverflowError when TLS is used on some Python versions
+
+-------------------------------------------------------------------
+Sun Jul 24 08:02:24 UTC 2022 - Dirk M??ller <dmuel...@suse.com>
+
+- update to 1.26.10:
+ * Removed support for Python 3.5
+ * Fixed an issue where a ``ProxyError`` recommending configuring the proxy
as HTTP
+ instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
+- refresh remove_mock.patch with extra mock usages
+
+-------------------------------------------------------------------
Old:
----
urllib3-1.26.9.tar.gz
New:
----
urllib3-1.26.11.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-urllib3.spec ++++++
--- /var/tmp/diff_new_pack.KVLR6Z/_old 2022-08-04 13:23:38.176528076 +0200
+++ /var/tmp/diff_new_pack.KVLR6Z/_new 2022-08-04 13:23:38.180528087 +0200
@@ -16,8 +16,6 @@
#
-%{?!python_module:%define python_module() python3-%{**}}
-%define skip_python2 1
%global flavor @BUILD_FLAVOR@%{nil}
%if "%{flavor}" == "test"
%define psuffix -test
@@ -27,7 +25,7 @@
%bcond_with test
%endif
Name: python-urllib3%{psuffix}
-Version: 1.26.9
+Version: 1.26.11
Release: 0
Summary: HTTP library with thread-safe connection pooling, file post,
and more
License: MIT
@@ -130,6 +128,8 @@
# system has a correct system time breaks (re-)building the package after too
# many months have passed since the last release.
skiplist+=" or test_recent_date"
+# too slow to run in obs (checks 2GiB of data)
+skiplist+=" or test_requesting_large_resources_via_ssl"
%pytest -k "not (${skiplist})"
%endif
++++++ remove_mock.patch ++++++
--- /var/tmp/diff_new_pack.KVLR6Z/_old 2022-08-04 13:23:38.216528189 +0200
+++ /var/tmp/diff_new_pack.KVLR6Z/_new 2022-08-04 13:23:38.220528201 +0200
@@ -1,7 +1,7 @@
-Index: urllib3-1.26.3/docs/conf.py
+Index: urllib3-1.26.10/docs/conf.py
===================================================================
---- urllib3-1.26.3.orig/docs/conf.py
-+++ urllib3-1.26.3/docs/conf.py
+--- urllib3-1.26.10.orig/docs/conf.py
++++ urllib3-1.26.10/docs/conf.py
@@ -14,7 +14,10 @@ sys.path.insert(0, root_path)
# Mock some expensive/platform-specific modules so build will work.
# (https://read-the-docs.readthedocs.io/en/latest/faq.html#\
@@ -14,26 +14,10 @@
class MockModule(mock.Mock):
-Index: urllib3-1.26.3/test/appengine/test_urlfetch.py
+Index: urllib3-1.26.10/test/contrib/test_pyopenssl.py
===================================================================
---- urllib3-1.26.3.orig/test/appengine/test_urlfetch.py
-+++ urllib3-1.26.3/test/appengine/test_urlfetch.py
-@@ -5,7 +5,10 @@ Engine-patched version of httplib to mak
- import httplib
- import pytest
- import StringIO
--from mock import patch
-+try:
-+ from unittest.mock import patch
-+except ImportError:
-+ from mock import patch
-
- from ..test_no_ssl import TestWithoutSSL
-
-Index: urllib3-1.26.3/test/contrib/test_pyopenssl.py
-===================================================================
---- urllib3-1.26.3.orig/test/contrib/test_pyopenssl.py
-+++ urllib3-1.26.3/test/contrib/test_pyopenssl.py
+--- urllib3-1.26.10.orig/test/contrib/test_pyopenssl.py
++++ urllib3-1.26.10/test/contrib/test_pyopenssl.py
@@ -1,7 +1,10 @@
# -*- coding: utf-8 -*-
import os
@@ -46,10 +30,10 @@
import pytest
try:
-Index: urllib3-1.26.3/test/contrib/test_pyopenssl_dependencies.py
+Index: urllib3-1.26.10/test/contrib/test_pyopenssl_dependencies.py
===================================================================
---- urllib3-1.26.3.orig/test/contrib/test_pyopenssl_dependencies.py
-+++ urllib3-1.26.3/test/contrib/test_pyopenssl_dependencies.py
+--- urllib3-1.26.10.orig/test/contrib/test_pyopenssl_dependencies.py
++++ urllib3-1.26.10/test/contrib/test_pyopenssl_dependencies.py
@@ -1,6 +1,9 @@
# -*- coding: utf-8 -*-
import pytest
@@ -61,10 +45,10 @@
try:
from urllib3.contrib.pyopenssl import extract_from_urllib3,
inject_into_urllib3
-Index: urllib3-1.26.3/test/test_connection.py
+Index: urllib3-1.26.10/test/test_connection.py
===================================================================
---- urllib3-1.26.3.orig/test/test_connection.py
-+++ urllib3-1.26.3/test/test_connection.py
+--- urllib3-1.26.10.orig/test/test_connection.py
++++ urllib3-1.26.10/test/test_connection.py
@@ -1,6 +1,9 @@
import datetime
@@ -76,10 +60,10 @@
import pytest
from urllib3.connection import RECENT_DATE, CertificateError, _match_hostname
-Index: urllib3-1.26.3/test/test_connectionpool.py
+Index: urllib3-1.26.10/test/test_connectionpool.py
===================================================================
---- urllib3-1.26.3.orig/test/test_connectionpool.py
-+++ urllib3-1.26.3/test/test_connectionpool.py
+--- urllib3-1.26.10.orig/test/test_connectionpool.py
++++ urllib3-1.26.10/test/test_connectionpool.py
@@ -6,7 +6,10 @@ from ssl import SSLError as BaseSSLError
from test import SHORT_TIMEOUT
@@ -92,10 +76,10 @@
from dummyserver.server import DEFAULT_CA
from urllib3._collections import HTTPHeaderDict
-Index: urllib3-1.26.3/test/test_queue_monkeypatch.py
+Index: urllib3-1.26.10/test/test_queue_monkeypatch.py
===================================================================
---- urllib3-1.26.3.orig/test/test_queue_monkeypatch.py
-+++ urllib3-1.26.3/test/test_queue_monkeypatch.py
+--- urllib3-1.26.10.orig/test/test_queue_monkeypatch.py
++++ urllib3-1.26.10/test/test_queue_monkeypatch.py
@@ -1,6 +1,9 @@
from __future__ import absolute_import
@@ -107,10 +91,10 @@
import pytest
from urllib3 import HTTPConnectionPool
-Index: urllib3-1.26.3/test/test_response.py
+Index: urllib3-1.26.10/test/test_response.py
===================================================================
---- urllib3-1.26.3.orig/test/test_response.py
-+++ urllib3-1.26.3/test/test_response.py
+--- urllib3-1.26.10.orig/test/test_response.py
++++ urllib3-1.26.10/test/test_response.py
@@ -9,7 +9,10 @@ from base64 import b64decode
from io import BufferedReader, BytesIO, TextIOWrapper
from test import onlyBrotlipy
@@ -123,10 +107,10 @@
import pytest
import six
-Index: urllib3-1.26.3/test/test_retry.py
+Index: urllib3-1.26.10/test/test_retry.py
===================================================================
---- urllib3-1.26.3.orig/test/test_retry.py
-+++ urllib3-1.26.3/test/test_retry.py
+--- urllib3-1.26.10.orig/test/test_retry.py
++++ urllib3-1.26.10/test/test_retry.py
@@ -1,6 +1,9 @@
import warnings
@@ -138,10 +122,10 @@
import pytest
from urllib3.exceptions import (
-Index: urllib3-1.26.3/test/test_retry_deprecated.py
+Index: urllib3-1.26.10/test/test_retry_deprecated.py
===================================================================
---- urllib3-1.26.3.orig/test/test_retry_deprecated.py
-+++ urllib3-1.26.3/test/test_retry_deprecated.py
+--- urllib3-1.26.10.orig/test/test_retry_deprecated.py
++++ urllib3-1.26.10/test/test_retry_deprecated.py
@@ -1,7 +1,10 @@
# This is a copy-paste of test_retry.py with extra asserts about deprecated
options. It will be removed for v2.
import warnings
@@ -154,10 +138,10 @@
import pytest
from urllib3.exceptions import (
-Index: urllib3-1.26.3/test/test_ssl.py
+Index: urllib3-1.26.10/test/test_ssl.py
===================================================================
---- urllib3-1.26.3.orig/test/test_ssl.py
-+++ urllib3-1.26.3/test/test_ssl.py
+--- urllib3-1.26.10.orig/test/test_ssl.py
++++ urllib3-1.26.10/test/test_ssl.py
@@ -1,6 +1,9 @@
from test import notPyPy2
@@ -169,10 +153,10 @@
import pytest
from urllib3.exceptions import SNIMissingWarning
-Index: urllib3-1.26.3/test/test_ssltransport.py
+Index: urllib3-1.26.10/test/test_ssltransport.py
===================================================================
---- urllib3-1.26.3.orig/test/test_ssltransport.py
-+++ urllib3-1.26.3/test/test_ssltransport.py
+--- urllib3-1.26.10.orig/test/test_ssltransport.py
++++ urllib3-1.26.10/test/test_ssltransport.py
@@ -4,7 +4,10 @@ import socket
import ssl
import sys
@@ -185,10 +169,10 @@
import pytest
from dummyserver.server import DEFAULT_CA, DEFAULT_CERTS
-Index: urllib3-1.26.3/test/test_util.py
+Index: urllib3-1.26.10/test/test_util.py
===================================================================
---- urllib3-1.26.3.orig/test/test_util.py
-+++ urllib3-1.26.3/test/test_util.py
+--- urllib3-1.26.10.orig/test/test_util.py
++++ urllib3-1.26.10/test/test_util.py
@@ -9,7 +9,10 @@ from itertools import chain
from test import notBrotlipy, onlyBrotlipy, onlyPy2, onlyPy3
@@ -201,11 +185,11 @@
from urllib3 import add_stderr_logger, disable_warnings, util
from urllib3.exceptions import (
-Index: urllib3-1.26.3/test/with_dummyserver/test_connectionpool.py
+Index: urllib3-1.26.10/test/with_dummyserver/test_connectionpool.py
===================================================================
---- urllib3-1.26.3.orig/test/with_dummyserver/test_connectionpool.py
-+++ urllib3-1.26.3/test/with_dummyserver/test_connectionpool.py
-@@ -10,7 +10,10 @@ import warnings
+--- urllib3-1.26.10.orig/test/with_dummyserver/test_connectionpool.py
++++ urllib3-1.26.10/test/with_dummyserver/test_connectionpool.py
+@@ -12,7 +12,10 @@ import warnings
from test import LONG_TIMEOUT, SHORT_TIMEOUT, onlyPy2
from threading import Event
@@ -217,11 +201,11 @@
import pytest
import six
-Index: urllib3-1.26.3/test/with_dummyserver/test_https.py
+Index: urllib3-1.26.10/test/with_dummyserver/test_https.py
===================================================================
---- urllib3-1.26.3.orig/test/with_dummyserver/test_https.py
-+++ urllib3-1.26.3/test/with_dummyserver/test_https.py
-@@ -19,7 +19,10 @@ from test import (
+--- urllib3-1.26.10.orig/test/with_dummyserver/test_https.py
++++ urllib3-1.26.10/test/with_dummyserver/test_https.py
+@@ -18,7 +18,10 @@ from test import (
resolvesLocalhostFQDN,
)
@@ -233,11 +217,11 @@
import pytest
import trustme
-Index: urllib3-1.26.3/test/with_dummyserver/test_socketlevel.py
+Index: urllib3-1.26.10/test/with_dummyserver/test_socketlevel.py
===================================================================
---- urllib3-1.26.3.orig/test/with_dummyserver/test_socketlevel.py
-+++ urllib3-1.26.3/test/with_dummyserver/test_socketlevel.py
-@@ -52,7 +52,10 @@ from test import (
+--- urllib3-1.26.10.orig/test/with_dummyserver/test_socketlevel.py
++++ urllib3-1.26.10/test/with_dummyserver/test_socketlevel.py
+@@ -53,7 +53,10 @@ from test import (
)
from threading import Event
@@ -249,4 +233,30 @@
import pytest
import trustme
+Index: urllib3-1.26.10/test/test_poolmanager.py
+===================================================================
+--- urllib3-1.26.10.orig/test/test_poolmanager.py
++++ urllib3-1.26.10/test/test_poolmanager.py
+@@ -2,7 +2,11 @@ import socket
+ from test import resolvesLocalhostFQDN
+
+ import pytest
+-from mock import patch
++
++try:
++ import unittest.mock as mock
++except ImportError:
++ import mock
+
+ from urllib3 import connection_from_url
+ from urllib3.exceptions import ClosedPoolError, LocationValueError
+@@ -383,7 +387,7 @@ class TestPoolManager(object):
+ "http://[a::b%25zone]";,
+ ],
+ )
+- @patch("urllib3.util.connection.create_connection")
++ @mock.patch("urllib3.util.connection.create_connection")
+ def test_e2e_connect_to_ipv6_scoped(self, create_connection, url):
+ """Checks that IPv6 scoped addresses are properly handled end-to-end.
+
++++++ urllib3-1.26.9.tar.gz -> urllib3-1.26.11.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/CHANGES.rst
new/urllib3-1.26.11/CHANGES.rst
--- old/urllib3-1.26.9/CHANGES.rst 2022-03-16 14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/CHANGES.rst 2022-07-25 15:01:49.000000000 +0200
@@ -1,6 +1,21 @@
Changes
=======
+1.26.11 (2022-07-25)
+--------------------
+
+* Fixed an issue where reading more than 2 GiB in a call to
``HTTPResponse.read`` would
+ raise an ``OverflowError`` on Python 3.9 and earlier.
+
+
+1.26.10 (2022-07-07)
+--------------------
+
+* Removed support for Python 3.5
+* Fixed an issue where a ``ProxyError`` recommending configuring the proxy as
HTTP
+ instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
+
+
1.26.9 (2022-03-16)
-------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/PKG-INFO new/urllib3-1.26.11/PKG-INFO
--- old/urllib3-1.26.9/PKG-INFO 2022-03-16 14:27:36.687475400 +0100
+++ new/urllib3-1.26.11/PKG-INFO 2022-07-25 15:02:04.047067600 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: urllib3
-Version: 1.26.9
+Version: 1.26.11
Summary: HTTP library with thread-safe connection pooling, file post, and more.
Home-page: https://urllib3.readthedocs.io/
Author: Andrey Petrov
@@ -10,7 +10,6 @@
Project-URL: Code, https://github.com/urllib3/urllib3
Project-URL: Issue tracker, https://github.com/urllib3/urllib3/issues
Keywords: urllib httplib threadsafe filepost http https ssl pooling
-Platform: UNKNOWN
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
@@ -19,7 +18,6 @@
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
@@ -30,7 +28,7 @@
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Software Development :: Libraries
-Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <4
+Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*,
<4
Description-Content-Type: text/x-rst
Provides-Extra: brotli
Provides-Extra: secure
@@ -74,7 +72,9 @@
Alternatively, you can grab the latest source code from `GitHub
<https://github.com/urllib3/urllib3>`_::
- $ git clone git://github.com/urllib3/urllib3.git
+ $ git clone https://github.com/urllib3/urllib3.git
+ $ cd urllib3
+ $ git checkout 1.26.x
$ pip install .
@@ -144,6 +144,21 @@
Changes
=======
+1.26.11 (2022-07-25)
+--------------------
+
+* Fixed an issue where reading more than 2 GiB in a call to
``HTTPResponse.read`` would
+ raise an ``OverflowError`` on Python 3.9 and earlier.
+
+
+1.26.10 (2022-07-07)
+--------------------
+
+* Removed support for Python 3.5
+* Fixed an issue where a ``ProxyError`` recommending configuring the proxy as
HTTP
+ instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
+
+
1.26.9 (2022-03-16)
-------------------
@@ -1413,5 +1428,3 @@
----------------
* First release.
-
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/README.rst
new/urllib3-1.26.11/README.rst
--- old/urllib3-1.26.9/README.rst 2022-03-16 14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/README.rst 2022-07-25 15:01:49.000000000 +0200
@@ -51,7 +51,9 @@
Alternatively, you can grab the latest source code from `GitHub
<https://github.com/urllib3/urllib3>`_::
- $ git clone git://github.com/urllib3/urllib3.git
+ $ git clone https://github.com/urllib3/urllib3.git
+ $ cd urllib3
+ $ git checkout 1.26.x
$ pip install .
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/dev-requirements.txt
new/urllib3-1.26.11/dev-requirements.txt
--- old/urllib3-1.26.9/dev-requirements.txt 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/dev-requirements.txt 2022-07-25 15:01:49.000000000
+0200
@@ -1,7 +1,7 @@
mock==3.0.5
coverage~=5.0
tornado==5.1.1;python_version<="2.7"
-tornado==6.1.0;python_version>="3.5"
+tornado==6.1.0;python_version>"3.5"
PySocks==1.7.1
# https://github.com/Anorov/PySocks/issues/131
win-inet-pton==1.1.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/docs/advanced-usage.rst
new/urllib3-1.26.11/docs/advanced-usage.rst
--- old/urllib3-1.26.9/docs/advanced-usage.rst 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/docs/advanced-usage.rst 2022-07-25 15:01:49.000000000
+0200
@@ -53,8 +53,33 @@
Streaming and I/O
-----------------
-When dealing with large responses it's often better to stream the response
-content::
+When using ``preload_content=True`` (the default setting) the
+response body will be read immediately into memory and the HTTP connection
+will be released back into the pool without manual intervention.
+
+However, when dealing with large responses it's often better to stream the
response
+content using ``preload_content=False``. Setting ``preload_content`` to
``False`` means
+that urllib3 will only read from the socket when data is requested.
+
+.. note:: When using ``preload_content=False``, you need to manually release
+ the HTTP connection back to the connection pool so that it can be re-used.
+ To ensure the HTTP connection is in a valid state before being re-used
+ all data should be read off the wire.
+
+ You can call the :meth:`~response.HTTPResponse.drain_conn` to throw away
+ unread data still on the wire. This call isn't necessary if data has
already
+ been completely read from the response.
+
+ After all data is read you can call
:meth:`~response.HTTPResponse.release_conn`
+ to release the connection into the pool.
+
+ You can call the :meth:`~response.HTTPResponse.close` to close the
connection,
+ but this call doesn???t return the connection to the pool, throws away the
unread
+ data on the wire, and leaves the connection in an undefined protocol state.
+ This is desirable if you prefer not reading data from the socket to
re-using the
+ HTTP connection.
+
+:meth:`~response.HTTPResponse.stream` lets you iterate over chunks of the
response content.
>>> import urllib3
>>> http = urllib3.PoolManager()
@@ -69,14 +94,6 @@
...
>>> r.release_conn()
-Setting ``preload_content`` to ``False`` means that urllib3 will stream the
-response content. :meth:`~response.HTTPResponse.stream` lets you iterate over
-chunks of the response content.
-
-.. note:: When using ``preload_content=False``, you should call
- :meth:`~response.HTTPResponse.release_conn` to release the http connection
- back to the connection pool so that it can be re-used.
-
However, you can also treat the :class:`~response.HTTPResponse` instance as
a file-like object. This allows you to do buffering::
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/docs/contributing.rst
new/urllib3-1.26.11/docs/contributing.rst
--- old/urllib3-1.26.9/docs/contributing.rst 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/docs/contributing.rst 2022-07-25 15:01:49.000000000
+0200
@@ -24,7 +24,7 @@
In order to setup the development environment all that you need is
`nox <https://nox.thea.codes/en/stable/index.html>`_ installed in your
machine::
- $ pip install --user --upgrade nox
+ $ python -m pip install --user --upgrade nox
Running the tests
@@ -62,15 +62,16 @@
.......
.......
nox > Session test-2.7 was successful.
- nox > Session test-3.4 was successful.
- nox > Session test-3.5 was successful.
nox > Session test-3.6 was successful.
nox > Session test-3.7 was successful.
nox > Session test-3.8 was successful.
+ nox > Session test-3.9 was successful.
+ nox > Session test-3.10 was successful.
+ nox > Session test-3.11 was successful.
nox > Session test-pypy was successful.
-Our test suite `runs continuously on Travis CI
-<https://travis-ci.org/urllib3/urllib3>`_ with every pull request.
+Our test suite `runs continuously on GitHub Actions
+<https://github.com/urllib3/urllib3/actions>`_ with every pull request.
To run specific tests or quickly re-run without nox recreating the env, do the
following::
@@ -94,25 +95,83 @@
For all valid arguments, check `the pytest documentation
<https://docs.pytest.org/en/stable/usage.html#stopping-after-the-first-or-n-failures>`_.
+Getting paid for your contributions
+-----------------------------------
+
+urllib3 has a `pool of money hosted on Open Collective
<https://opencollective.com/urllib3#category-BUDGET>`_
+which the team uses to pay contributors for their work. **That could be you,
too!** If you complete all tasks in an issue
+that is marked with the `"???? Bounty $X00" label
<https://github.com/urllib3/urllib3/issues?q=is%3Aopen+is%3Aissue+label%3A%22%F0%9F%92%B0+Bounty+%24100%22%2C%22%F0%9F%92%B0+Bounty+%24200%22%2C%22%F0%9F%92%B0+Bounty+%24300%22%2C%22%F0%9F%92%B0+Bounty+%24400%22%2C%22%F0%9F%92%B0+Bounty+%24500%22+no%3Aassignee>`_
then you're eligible to be paid for your work.
+
+- Ensure that you're able to `receive funds from Open Collective for working
on OSS
<https://docs.opencollective.com/help/expenses-and-getting-paid/submitting-expenses>`_.
+ Consider your employment contract and taxes for possible restrictions.
+- If an issue is already assigned to someone on GitHub then it's likely they've
+ made substantial progress on the issue and will be given the bounty.
+ If you're interested in bounties you should look for issues which
+ aren't assigned to anyone.
+- **Don't "claim" issues or ask whether someone is already working on an
issue.**
+ Instead, focus on researching and working on the tasks in the issue. Once you
+ have made considerable progress on the tasks in an issue we can assign your
+ account to the issue to ensure others don't start working on it in parallel.
+- If you've been assigned to an issue and haven't made progress or given an
update
+ in over a week you will be unassigned from the issue to allow others a chance
+ at solving the issue.
+- The amount you will be paid for the completing an issue is shown in the
label (either $100, $200, $300, etc).
+- If you have questions about how to create an invoice on Open Collective
+ `try reading their FAQ
<https://docs.opencollective.com/help/expenses-and-getting-paid/expenses>`_.
+- If you have a proposal to work on urllib3 that's not listed in the issue
tracker please open an issue
+ with your proposal and our team will discuss whether we'd pay for your work
on your proposal.
+- If you have other questions get in contact with a maintainer in the `urllib3
Discord channel <https://discord.gg/urllib3>`_ or via email.
+- The list above isn't an exhaustive list of criteria or rules for how/when
money is distributed.
+ **The final say on whether money will be distributed is up to maintainers.**
+
+This program is an experiment so if you have positive or negative feedback on
the process you can contact the maintainers through one of the above channels.
+
+Note that this program isn't a "bug bounty" program, we don't distribute funds
to reporters of bugs or security vulnerabilities at this time.
+
+Contributing to documentation
+-----------------------------
+
+You can build the docs locally using ``nox``:
+
+.. code-block:: bash
+
+ $ nox -rs docs
+
+While writing documentation you should follow these guidelines:
+
+- Use the top-level ``urllib3.request()`` function for smaller code examples.
For more involved examples use PoolManager, etc.
+- Use double quotes for all strings. (Output, Declaration etc.)
+- Use keyword arguments everywhere except for method and url. (ie
``http.request("GET", "https://example.com";, headers={...})`` )
+- Use HTTPS in URLs everywhere unless HTTP is needed.
+- Rules for code examples and naming variables:
+
+ - ``PoolManager`` instances should be named ``http``. (ie ``http =
urllib3.PoolManager(...)``)
+ - ``ProxyManager`` instances should be named ``proxy``.
+ - ``ConnectionPool`` instances should be named ``pool``.
+ - ``Connection`` instances should be named ``conn``.
+ - ``HTTPResponse`` instances should be named ``resp``.
+ - Only use ``example.com`` or ``httpbin.org`` for example URLs
+
+- Comments within snippets should be useful, if what's being done is apparent
+ (such as parsing JSON, making a request) then it can be skipped for that
section.
+- Comments should always go above a code section rather than below with the
exception of print
+ statements where the comment containing the result goes below.
+- Imports should be their own section separated from the rest of the example
with a line of whitespace.
+- Imports should minimized if possible. Use import urllib3 instead of from
urllib3 import X.
+- Sort imports similarly to isort, standard library first and third-party
(like urllib3) come after.
+- No whitespace is required between the sections as normally would be in case
of isort.
+- Add print statements along with a comment below them showing the output,
potentially compressed.
+- This helps users using the copy-paste button immediately see the results
from a script.
+
Releases
--------
-A release candidate can be created by any contributor by creating a branch
-named ``release-x.x`` where ``x.x`` is the version of the proposed release.
+A release candidate can be created by any contributor.
-- Update ``CHANGES.rst`` and ``urllib3/__init__.py`` with the proper version
number
- and commit the changes to ``release-x.x``.
-- Open a pull request to merge the ``release-x.x`` branch into the ``master``
branch.
-- Integration tests are run against the release candidate on Travis. From here
on all
- the steps below will be handled by a maintainer so unless you receive review
comments
- you are done here.
-- Once the pull request is squash merged into master the merging maintainer
- will tag the merge commit with the version number:
-
- - ``git tag -a 1.24.1 [commit sha]``
- - ``git push origin master --tags``
-
-- After the commit is tagged Travis will build the tagged commit and upload
the sdist and wheel
- to PyPI and create a draft release on GitHub for the tag. The merging
maintainer will
- ensure that the PyPI sdist and wheel are properly uploaded.
-- The merging maintainer will mark the draft release on GitHub as an approved
release.
+- Announce intent to release on Discord, see if anyone wants to include last
minute
+ changes.
+- Update ``urllib3/_version.py`` with the proper version number
+- Commit the changes to a ``release-X.Y.Z`` branch.
+- Create a pull request and append ``&expand=1&template=release.md`` to the
URL before
+ submitting in order to include our release checklist in the pull request
description.
+- Follow the checklist!
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/docs/index.rst
new/urllib3-1.26.11/docs/index.rst
--- old/urllib3-1.26.9/docs/index.rst 2022-03-16 14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/docs/index.rst 2022-07-25 15:01:49.000000000 +0200
@@ -85,7 +85,9 @@
.. code-block:: bash
- $ git clone git://github.com/urllib3/urllib3.git
+ $ git clone https://github.com/urllib3/urllib3.git
+ $ cd urllib3
+ $ git checkout 1.26.x
$ pip install .
Usage
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/docs/v2-roadmap.rst
new/urllib3-1.26.11/docs/v2-roadmap.rst
--- old/urllib3-1.26.9/docs/v2-roadmap.rst 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/docs/v2-roadmap.rst 2022-07-25 15:01:49.000000000
+0200
@@ -127,9 +127,6 @@
---------------------------------
- Top-level ``urllib3.request()`` API
-- Open Possibility to Alternate HTTP Implementations
-- Translated Guides
-- Support Zstandard Compression
- Streaming ``multipart/form-encoded`` Request Data
- More Powerful and Configurable Retry Logic
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/setup.py new/urllib3-1.26.11/setup.py
--- old/urllib3-1.26.9/setup.py 2022-03-16 14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/setup.py 2022-07-25 15:01:49.000000000 +0200
@@ -51,7 +51,6 @@
"Programming Language :: Python :: 2",
"Programming Language :: Python :: 2.7",
"Programming Language :: Python :: 3",
- "Programming Language :: Python :: 3.5",
"Programming Language :: Python :: 3.6",
"Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
@@ -83,7 +82,7 @@
],
package_dir={"": "src"},
requires=[],
- python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <4",
+ python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*,
!=3.5.*, <4",
extras_require={
"brotli": [
"brotli>=1.0.9; (os_name != 'nt' or python_version >= '3') and
platform_python_implementation == 'CPython'",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3/_version.py
new/urllib3-1.26.11/src/urllib3/_version.py
--- old/urllib3-1.26.9/src/urllib3/_version.py 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/src/urllib3/_version.py 2022-07-25 15:01:49.000000000
+0200
@@ -1,2 +1,2 @@
# This file is protected via CODEOWNERS
-__version__ = "1.26.9"
+__version__ = "1.26.11"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3/connection.py
new/urllib3-1.26.11/src/urllib3/connection.py
--- old/urllib3-1.26.9/src/urllib3/connection.py 2022-03-16
14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/src/urllib3/connection.py 2022-07-25
15:01:49.000000000 +0200
@@ -68,7 +68,7 @@
# When it comes time to update this value as a part of regular maintenance
# (ie test_recent_date is failing) update it to ~6 months before the current
date.
-RECENT_DATE = datetime.date(2020, 7, 1)
+RECENT_DATE = datetime.date(2022, 1, 1)
_CONTAINS_CONTROL_CHAR_RE = re.compile(r"[^-!#$%&'*+.^_`|~0-9a-zA-Z]")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3/connectionpool.py
new/urllib3-1.26.11/src/urllib3/connectionpool.py
--- old/urllib3-1.26.9/src/urllib3/connectionpool.py 2022-03-16
14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/src/urllib3/connectionpool.py 2022-07-25
15:01:49.000000000 +0200
@@ -767,6 +767,8 @@
isinstance(e, BaseSSLError)
and self.proxy
and _is_ssl_error_message_from_http_proxy(e)
+ and conn.proxy
+ and conn.proxy.scheme == "https"
):
e = ProxyError(
"Your proxy appears to only use HTTP and not HTTPS, "
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3/contrib/pyopenssl.py
new/urllib3-1.26.11/src/urllib3/contrib/pyopenssl.py
--- old/urllib3-1.26.9/src/urllib3/contrib/pyopenssl.py 2022-03-16
14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/src/urllib3/contrib/pyopenssl.py 2022-07-25
15:01:49.000000000 +0200
@@ -406,7 +406,6 @@
self._makefile_refs += 1
return _fileobject(self, mode, bufsize, close=True)
-
else: # Platform-specific: Python 3
makefile = backport_makefile
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/urllib3-1.26.9/src/urllib3/contrib/securetransport.py
new/urllib3-1.26.11/src/urllib3/contrib/securetransport.py
--- old/urllib3-1.26.9/src/urllib3/contrib/securetransport.py 2022-03-16
14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/src/urllib3/contrib/securetransport.py 2022-07-25
15:01:49.000000000 +0200
@@ -770,7 +770,6 @@
self._makefile_refs += 1
return _fileobject(self, mode, bufsize, close=True)
-
else: # Platform-specific: Python 3
def makefile(self, mode="r", buffering=None, *args, **kwargs):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3/packages/six.py
new/urllib3-1.26.11/src/urllib3/packages/six.py
--- old/urllib3-1.26.9/src/urllib3/packages/six.py 2022-03-16
14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/src/urllib3/packages/six.py 2022-07-25
15:01:49.000000000 +0200
@@ -772,7 +772,6 @@
value = None
tb = None
-
else:
def exec_(_code_, _globs_=None, _locs_=None):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3/response.py
new/urllib3-1.26.11/src/urllib3/response.py
--- old/urllib3-1.26.9/src/urllib3/response.py 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/src/urllib3/response.py 2022-07-25 15:01:49.000000000
+0200
@@ -2,6 +2,7 @@
import io
import logging
+import sys
import zlib
from contextlib import contextmanager
from socket import error as SocketError
@@ -15,6 +16,7 @@
except ImportError:
brotli = None
+from . import util
from ._collections import HTTPHeaderDict
from .connection import BaseSSLError, HTTPException
from .exceptions import (
@@ -481,6 +483,54 @@
if self._original_response and self._original_response.isclosed():
self.release_conn()
+ def _fp_read(self, amt):
+ """
+ Read a response with the thought that reading the number of bytes
+ larger than can fit in a 32-bit int at a time via SSL in some
+ known cases leads to an overflow error that has to be prevented
+ if `amt` or `self.length_remaining` indicate that a problem may
+ happen.
+
+ The known cases:
+ * 3.8 <= CPython < 3.9.7 because of a bug
+
https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
+ * urllib3 injected with pyOpenSSL-backed SSL-support.
+ * CPython < 3.10 only when `amt` does not fit 32-bit int.
+ """
+ assert self._fp
+ c_int_max = 2 ** 31 - 1
+ if (
+ (
+ (amt and amt > c_int_max)
+ or (self.length_remaining and self.length_remaining >
c_int_max)
+ )
+ and not util.IS_SECURETRANSPORT
+ and (util.IS_PYOPENSSL or sys.version_info < (3, 10))
+ ):
+ buffer = io.BytesIO()
+ # Besides `max_chunk_amt` being a maximum chunk size, it
+ # affects memory overhead of reading a response by this
+ # method in CPython.
+ # `c_int_max` equal to 2 GiB - 1 byte is the actual maximum
+ # chunk size that does not lead to an overflow error, but
+ # 256 MiB is a compromise.
+ max_chunk_amt = 2 ** 28
+ while amt is None or amt != 0:
+ if amt is not None:
+ chunk_amt = min(amt, max_chunk_amt)
+ amt -= chunk_amt
+ else:
+ chunk_amt = max_chunk_amt
+ data = self._fp.read(chunk_amt)
+ if not data:
+ break
+ buffer.write(data)
+ del data # to reduce peak memory usage by `max_chunk_amt`.
+ return buffer.getvalue()
+ else:
+ # StringIO doesn't like amt=None
+ return self._fp.read(amt) if amt is not None else self._fp.read()
+
def read(self, amt=None, decode_content=None, cache_content=False):
"""
Similar to :meth:`http.client.HTTPResponse.read`, but with two
additional
@@ -513,13 +563,11 @@
fp_closed = getattr(self._fp, "closed", False)
with self._error_catcher():
+ data = self._fp_read(amt) if not fp_closed else b""
if amt is None:
- # cStringIO doesn't like amt=None
- data = self._fp.read() if not fp_closed else b""
flush_decoder = True
else:
cache_content = False
- data = self._fp.read(amt) if not fp_closed else b""
if (
amt != 0 and not data
): # Platform-specific: Buggy versions of Python.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3/util/url.py
new/urllib3-1.26.11/src/urllib3/util/url.py
--- old/urllib3-1.26.9/src/urllib3/util/url.py 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/src/urllib3/util/url.py 2022-07-25 15:01:49.000000000
+0200
@@ -279,6 +279,9 @@
if scheme in NORMALIZABLE_SCHEMES:
is_ipv6 = IPV6_ADDRZ_RE.match(host)
if is_ipv6:
+ # IPv6 hosts of the form 'a::b%zone' are encoded in a URL as
+ # such per RFC 6874: 'a::b%25zone'. Unquote the ZoneID
+ # separator as necessary to return a valid RFC 4007 scoped IP.
match = ZONE_ID_RE.search(host)
if match:
start, end = match.span(1)
@@ -331,7 +334,7 @@
"""
Given a url, return a parsed :class:`.Url` namedtuple. Best-effort is
performed to parse incomplete urls. Fields not provided will be None.
- This parser is RFC 3986 compliant.
+ This parser is RFC 3986 and RFC 6874 compliant.
The parser logic and helper functions are based heavily on
work done in the ``rfc3986`` module.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3/util/wait.py
new/urllib3-1.26.11/src/urllib3/util/wait.py
--- old/urllib3-1.26.9/src/urllib3/util/wait.py 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/src/urllib3/util/wait.py 2022-07-25
15:01:49.000000000 +0200
@@ -42,7 +42,6 @@
def _retry_on_intr(fn, timeout):
return fn(timeout)
-
else:
# Old and broken Pythons.
def _retry_on_intr(fn, timeout):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/src/urllib3.egg-info/PKG-INFO
new/urllib3-1.26.11/src/urllib3.egg-info/PKG-INFO
--- old/urllib3-1.26.9/src/urllib3.egg-info/PKG-INFO 2022-03-16
14:27:36.000000000 +0100
+++ new/urllib3-1.26.11/src/urllib3.egg-info/PKG-INFO 2022-07-25
15:02:04.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: urllib3
-Version: 1.26.9
+Version: 1.26.11
Summary: HTTP library with thread-safe connection pooling, file post, and more.
Home-page: https://urllib3.readthedocs.io/
Author: Andrey Petrov
@@ -10,7 +10,6 @@
Project-URL: Code, https://github.com/urllib3/urllib3
Project-URL: Issue tracker, https://github.com/urllib3/urllib3/issues
Keywords: urllib httplib threadsafe filepost http https ssl pooling
-Platform: UNKNOWN
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
@@ -19,7 +18,6 @@
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
@@ -30,7 +28,7 @@
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Software Development :: Libraries
-Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <4
+Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*,
<4
Description-Content-Type: text/x-rst
Provides-Extra: brotli
Provides-Extra: secure
@@ -74,7 +72,9 @@
Alternatively, you can grab the latest source code from `GitHub
<https://github.com/urllib3/urllib3>`_::
- $ git clone git://github.com/urllib3/urllib3.git
+ $ git clone https://github.com/urllib3/urllib3.git
+ $ cd urllib3
+ $ git checkout 1.26.x
$ pip install .
@@ -144,6 +144,21 @@
Changes
=======
+1.26.11 (2022-07-25)
+--------------------
+
+* Fixed an issue where reading more than 2 GiB in a call to
``HTTPResponse.read`` would
+ raise an ``OverflowError`` on Python 3.9 and earlier.
+
+
+1.26.10 (2022-07-07)
+--------------------
+
+* Removed support for Python 3.5
+* Fixed an issue where a ``ProxyError`` recommending configuring the proxy as
HTTP
+ instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
+
+
1.26.9 (2022-03-16)
-------------------
@@ -1413,5 +1428,3 @@
----------------
* First release.
-
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/test/__init__.py
new/urllib3-1.26.11/test/__init__.py
--- old/urllib3-1.26.9/test/__init__.py 2022-03-16 14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/test/__init__.py 2022-07-25 15:01:49.000000000
+0200
@@ -3,7 +3,6 @@
import os
import platform
import socket
-import ssl
import sys
import warnings
@@ -198,19 +197,6 @@
return test(*args, **kwargs)
return wrapper
-
-
-def notOpenSSL098(test):
- """Skips this test for Python 3.5 macOS python.org distribution"""
-
- @six.wraps(test)
- def wrapper(*args, **kwargs):
- is_stdlib_ssl = not ssl_.IS_SECURETRANSPORT and not ssl_.IS_PYOPENSSL
- if is_stdlib_ssl and ssl.OPENSSL_VERSION == "OpenSSL 0.9.8zh 14 Jan
2016":
- pytest.xfail("{name} fails with OpenSSL
0.9.8zh".format(name=test.__name__))
- return test(*args, **kwargs)
-
- return wrapper
_requires_network_has_route = None
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/test/test_poolmanager.py
new/urllib3-1.26.11/test/test_poolmanager.py
--- old/urllib3-1.26.9/test/test_poolmanager.py 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/test/test_poolmanager.py 2022-07-25
15:01:49.000000000 +0200
@@ -2,6 +2,7 @@
from test import resolvesLocalhostFQDN
import pytest
+from mock import patch
from urllib3 import connection_from_url
from urllib3.exceptions import ClosedPoolError, LocationValueError
@@ -372,3 +373,27 @@
p = PoolManager(strict=True)
assert p._proxy_requires_url_absolute_form("http://example.com";) is
False
assert p._proxy_requires_url_absolute_form("https://example.com";) is
False
+
+ @pytest.mark.parametrize(
+ "url",
+ [
+ "[a::b%zone]",
+ "[a::b%25zone]",
+ "http://[a::b%zone]";,
+ "http://[a::b%25zone]";,
+ ],
+ )
+ @patch("urllib3.util.connection.create_connection")
+ def test_e2e_connect_to_ipv6_scoped(self, create_connection, url):
+ """Checks that IPv6 scoped addresses are properly handled end-to-end.
+
+ This is not strictly speaking a pool manager unit test - this test
+ lives here in absence of a better code location for e2e/integration
+ tests.
+ """
+ p = PoolManager()
+ conn_pool = p.connection_from_url(url)
+ conn = conn_pool._get_conn()
+ conn.connect()
+
+ assert create_connection.call_args[0][0] == ("a::b%zone", 80)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/test/test_ssltransport.py
new/urllib3-1.26.11/test/test_ssltransport.py
--- old/urllib3-1.26.9/test/test_ssltransport.py 2022-03-16
14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/test/test_ssltransport.py 2022-07-25
15:01:49.000000000 +0200
@@ -20,7 +20,7 @@
if hasattr(ssl, "PROTOCOL_TLS_SERVER"):
server_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
else:
- # python 2.7 and 3.5 workaround.
+ # python 2.7 workaround.
# PROTOCOL_TLS_SERVER was added in 3.6
server_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
server_context.load_cert_chain(DEFAULT_CERTS["certfile"],
DEFAULT_CERTS["keyfile"])
@@ -28,7 +28,7 @@
if hasattr(ssl, "PROTOCOL_TLS_CLIENT"):
client_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
else:
- # python 2.7 and 3.5 workaround.
+ # python 2.7 workaround.
# PROTOCOL_TLS_SERVER was added in 3.6
client_context = ssl.SSLContext(ssl.PROTOCOL_TLS)
client_context.verify_mode = ssl.CERT_REQUIRED
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/test/test_util.py
new/urllib3-1.26.11/test/test_util.py
--- old/urllib3-1.26.9/test/test_util.py 2022-03-16 14:25:49.000000000
+0100
+++ new/urllib3-1.26.11/test/test_util.py 2022-07-25 15:01:49.000000000
+0200
@@ -106,6 +106,9 @@
"http://[2010:836b:4179::836b:4179]";,
("http", "[2010:836b:4179::836b:4179]", None),
),
+ # Scoped IPv6 (with ZoneID), both RFC 6874 compliant and not.
+ ("http://[a::b%25zone]";, ("http", "[a::b%zone]", None)),
+ ("http://[a::b%zone]";, ("http", "[a::b%zone]", None)),
# Hosts
("HTTP://GOOGLE.COM/mail/", ("http", "google.com", None)),
("GOogle.COM/mail", ("http", "google.com", None)),
@@ -181,6 +184,10 @@
),
("HTTPS://Example.Com/?Key=Value",
"https://example.com/?Key=Value";),
("Https://Example.Com/#Fragment", "https://example.com/#Fragment";),
+ # IPv6 addresses with zone IDs. Both RFC 6874 (%25) as well as
+ # non-standard (unquoted %) variants.
+ ("[::1%zone]", "[::1%zone]"),
+ ("[::1%25zone]", "[::1%zone]"),
("[::1%25]", "[::1%25]"),
("[::Ff%etH0%Ff]/%ab%Af", "[::ff%etH0%FF]/%AB%AF"),
(
@@ -824,6 +831,28 @@
socket.return_value = Mock()
create_connection((host, 80))
+ @patch("socket.getaddrinfo")
+ @patch("socket.socket")
+ def test_create_connection_with_scoped_ipv6(self, socket, getaddrinfo):
+ # Check that providing create_connection with a scoped IPv6 address
+ # properly propagates the scope to getaddrinfo, and that the returned
+ # scoped ID makes it to the socket creation call.
+ fake_scoped_sa6 = ("a::b", 80, 0, 42)
+ getaddrinfo.return_value = [
+ (
+ socket.AF_INET6,
+ socket.SOCK_STREAM,
+ socket.IPPROTO_TCP,
+ "",
+ fake_scoped_sa6,
+ )
+ ]
+ socket.return_value = fake_sock = Mock()
+
+ create_connection(("a::b%iface", 80))
+ assert getaddrinfo.call_args[0][0] == "a::b%iface"
+ fake_sock.connect.assert_called_once_with(fake_scoped_sa6)
+
class TestUtilSSL(object):
"""Test utils that use an SSL backend."""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/urllib3-1.26.9/test/with_dummyserver/test_https.py
new/urllib3-1.26.11/test/with_dummyserver/test_https.py
--- old/urllib3-1.26.9/test/with_dummyserver/test_https.py 2022-03-16
14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/test/with_dummyserver/test_https.py 2022-07-25
15:01:49.000000000 +0200
@@ -11,7 +11,6 @@
LONG_TIMEOUT,
SHORT_TIMEOUT,
TARPIT_HOST,
- notOpenSSL098,
notSecureTransport,
onlyPy279OrNewer,
requires_network,
@@ -291,7 +290,6 @@
@onlyPy279OrNewer
@notSecureTransport # SecureTransport does not support cert directories
- @notOpenSSL098 # OpenSSL 0.9.8 does not support cert directories
def test_ca_dir_verified(self, tmpdir):
# OpenSSL looks up certificates by the hash for their name, see
c_rehash
# TODO infer the bytes using `cryptography.x509.Name.public_bytes`.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/urllib3-1.26.9/test/with_dummyserver/test_socketlevel.py
new/urllib3-1.26.11/test/with_dummyserver/test_socketlevel.py
--- old/urllib3-1.26.9/test/with_dummyserver/test_socketlevel.py
2022-03-16 14:25:49.000000000 +0100
+++ new/urllib3-1.26.11/test/with_dummyserver/test_socketlevel.py
2022-07-25 15:01:49.000000000 +0200
@@ -35,6 +35,7 @@
import os
import os.path
+import platform
import select
import shutil
import socket
@@ -1498,6 +1499,61 @@
pool.request("GET", "/", retries=False, timeout=LONG_TIMEOUT)
assert server_closed.wait(LONG_TIMEOUT), "The socket was not
terminated"
+ # SecureTransport can read only small pieces of data at the moment.
+ # https://github.com/urllib3/urllib3/pull/2674
+ @notSecureTransport
+ @pytest.mark.skipif(
+ os.environ.get("CI") == "true" and platform.python_implementation() ==
"PyPy",
+ reason="too slow to run in CI",
+ )
+ @pytest.mark.parametrize(
+ "preload_content,read_amt", [(True, None), (False, None), (False, 2 **
31)]
+ )
+ def test_requesting_large_resources_via_ssl(self, preload_content,
read_amt):
+ """
+ Ensure that it is possible to read 2 GiB or more via an SSL
+ socket.
+ https://github.com/urllib3/urllib3/issues/2513
+ """
+ content_length = 2 ** 31 # (`int` max value in C) + 1.
+ ssl_ready = Event()
+
+ def socket_handler(listener):
+ sock = listener.accept()[0]
+ ssl_sock = ssl.wrap_socket(
+ sock,
+ server_side=True,
+ keyfile=DEFAULT_CERTS["keyfile"],
+ certfile=DEFAULT_CERTS["certfile"],
+ ca_certs=DEFAULT_CA,
+ )
+ ssl_ready.set()
+
+ while not ssl_sock.recv(65536).endswith(b"\r\n\r\n"):
+ continue
+
+ ssl_sock.send(
+ b"HTTP/1.1 200 OK\r\n"
+ b"Content-Type: text/plain\r\n"
+ b"Content-Length: %d\r\n\r\n" % content_length
+ )
+
+ chunks = 2
+ for i in range(chunks):
+ ssl_sock.sendall(b"0" * (content_length // chunks))
+
+ ssl_sock.close()
+ sock.close()
+
+ self._start_server(socket_handler)
+ ssl_ready.wait(5)
+ with HTTPSConnectionPool(
+ self.host, self.port, ca_certs=DEFAULT_CA, retries=False
+ ) as pool:
+ response = pool.request("GET", "/",
preload_content=preload_content)
+ data = response.data if preload_content else
response.read(read_amt)
+ assert len(data) == content_length
+
class TestErrorWrapping(SocketDummyServerTestCase):
def test_bad_statusline(self):
