Hello community, here is the log from the commit of package python-urllib3 for openSUSE:Factory checked in at 2020-08-06 17:32:03 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-urllib3 (Old) and /work/SRC/openSUSE:Factory/.python-urllib3.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-urllib3" Thu Aug 6 17:32:03 2020 rev:40 rq:824352 version:1.25.10 Changes: -------- --- /work/SRC/openSUSE:Factory/python-urllib3/python-urllib3.changes 2020-06-05 20:01:54.712274728 +0200 +++ /work/SRC/openSUSE:Factory/.python-urllib3.new.3399/python-urllib3.changes 2020-08-06 17:32:43.597102899 +0200 @@ -1,0 +2,15 @@ +Tue Aug 4 16:09:35 UTC 2020 - Dirk Mueller <[email protected]> + +- update to 1.25.10: + * Added support for ``SSLKEYLOGFILE`` environment variable for + logging TLS session keys with use with programs like + Wireshark for decrypting captured web traffic (Pull #1867) + * Fixed loading of SecureTransport libraries on macOS Big Sur + due to the new dynamic linker cache (Pull #1905) + * Collapse chunked request bodies data and framing into one + call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906) + * Don't insert ``None`` into ``ConnectionPool`` if the pool + was empty when requesting a connection (Pull #1866) + * Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858) + +------------------------------------------------------------------- Old: ---- urllib3-1.25.9.tar.gz New: ---- urllib3-1.25.10.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-urllib3.spec ++++++ --- /var/tmp/diff_new_pack.CVIXbu/_old 2020-08-06 17:32:44.729103164 +0200 +++ /var/tmp/diff_new_pack.CVIXbu/_new 2020-08-06 17:32:44.733103165 +0200 @@ -28,7 +28,7 @@ %bcond_with test %endif Name: python-urllib3%{psuffix} -Version: 1.25.9 +Version: 1.25.10 Release: 0 Summary: HTTP library with thread-safe connection pooling, file post, and more License: MIT ++++++ urllib3-1.25.9.tar.gz -> urllib3-1.25.10.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/CHANGES.rst new/urllib3-1.25.10/CHANGES.rst --- old/urllib3-1.25.9/CHANGES.rst 2020-04-16 17:37:21.000000000 +0200 +++ new/urllib3-1.25.10/CHANGES.rst 2020-07-22 17:42:19.000000000 +0200 @@ -1,6 +1,25 @@ Changes ======= +1.25.10 (2020-07-22) +-------------------- + +* Added support for ``SSLKEYLOGFILE`` environment variable for + logging TLS session keys with use with programs like + Wireshark for decrypting captured web traffic (Pull #1867) + +* Fixed loading of SecureTransport libraries on macOS Big Sur + due to the new dynamic linker cache (Pull #1905) + +* Collapse chunked request bodies data and framing into one + call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906) + +* Don't insert ``None`` into ``ConnectionPool`` if the pool + was empty when requesting a connection (Pull #1866) + +* Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858) + + 1.25.9 (2020-04-16) ------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/CONTRIBUTORS.txt new/urllib3-1.25.10/CONTRIBUTORS.txt --- old/urllib3-1.25.9/CONTRIBUTORS.txt 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/CONTRIBUTORS.txt 2020-07-22 17:42:10.000000000 +0200 @@ -300,5 +300,8 @@ * Chris Olufson <[email protected]> * Fix for connection not being released on HTTP redirect and response not preloaded +* [Bastiaan Bakker] <https://github.com/bastiaanb> + * Support for logging session keys via environment variable ``SSLKEYLOGFILE`` (Python 3.8+) + * [Your name or handle] <[email or website]> * [Brief summary of your changes] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/PKG-INFO new/urllib3-1.25.10/PKG-INFO --- old/urllib3-1.25.9/PKG-INFO 2020-04-16 17:43:36.000000000 +0200 +++ new/urllib3-1.25.10/PKG-INFO 2020-07-22 17:46:08.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: urllib3 -Version: 1.25.9 +Version: 1.25.10 Summary: HTTP library with thread-safe connection pooling, file post, and more. Home-page: https://urllib3.readthedocs.io/ Author: Andrey Petrov @@ -118,6 +118,25 @@ Changes ======= + 1.25.10 (2020-07-22) + -------------------- + + * Added support for ``SSLKEYLOGFILE`` environment variable for + logging TLS session keys with use with programs like + Wireshark for decrypting captured web traffic (Pull #1867) + + * Fixed loading of SecureTransport libraries on macOS Big Sur + due to the new dynamic linker cache (Pull #1905) + + * Collapse chunked request bodies data and framing into one + call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906) + + * Don't insert ``None`` into ``ConnectionPool`` if the pool + was empty when requesting a connection (Pull #1866) + + * Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858) + + 1.25.9 (2020-04-16) ------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/docs/advanced-usage.rst new/urllib3-1.25.10/docs/advanced-usage.rst --- old/urllib3-1.25.9/docs/advanced-usage.rst 2020-04-16 14:43:41.000000000 +0200 +++ new/urllib3-1.25.10/docs/advanced-usage.rst 2020-07-22 17:42:19.000000000 +0200 @@ -72,7 +72,7 @@ response content. :meth:`~response.HTTPResponse.stream` lets you iterate over chunks of the response content. -.. note:: When using ``preload_content=False``, you should call +.. note:: When using ``preload_content=False``, you should call :meth:`~response.HTTPResponse.release_conn` to release the http connection back to the connection pool so that it can be re-used. @@ -87,7 +87,7 @@ b'\x88\x1f\x8b\xe5' Calls to :meth:`~response.HTTPResponse.read()` will block until more response -data is available. +data is available. >>> import io >>> reader = io.BufferedReader(r, 8) @@ -289,3 +289,16 @@ >>> from urllib3 import PoolManager >>> http = PoolManager() >>> http.request('GET', 'https://www.google.com/', headers={'Accept-Encoding': 'br'}) + +Decrypting captured TLS sessions with Wireshark +----------------------------------------------- +Python 3.8 and higher support logging of TLS pre-master secrets. +With these secrets tools like `Wireshark <https://wireshark.org>`_ can decrypt captured +network traffic. + +To enable this simply define environment variable `SSLKEYLOGFILE`: + + export SSLKEYLOGFILE=/path/to/keylogfile.txt + +Then configure the key logfile in `Wireshark <https://wireshark.org>`_, see +`Wireshark TLS Decryption <https://wiki.wireshark.org/TLS#TLS_Decryption>`_ for instructions. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/setup.py new/urllib3-1.25.10/setup.py --- old/urllib3-1.25.9/setup.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/setup.py 2020-07-22 17:42:19.000000000 +0200 @@ -1,4 +1,5 @@ #!/usr/bin/env python +# This file is protected via CODEOWNERS from setuptools import setup @@ -9,7 +10,7 @@ base_path = os.path.dirname(__file__) # Get the version (borrowed from SQLAlchemy) -with open(os.path.join(base_path, "src", "urllib3", "__init__.py")) as fp: +with open(os.path.join(base_path, "src", "urllib3", "_version.py")) as fp: VERSION = ( re.compile(r""".*__version__ = ["'](.*?)['"]""", re.S).match(fp.read()).group(1) ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3/__init__.py new/urllib3-1.25.10/src/urllib3/__init__.py --- old/urllib3-1.25.9/src/urllib3/__init__.py 2020-04-16 17:37:21.000000000 +0200 +++ new/urllib3-1.25.10/src/urllib3/__init__.py 2020-07-22 17:42:10.000000000 +0200 @@ -14,6 +14,7 @@ from .util.url import get_host from .util.timeout import Timeout from .util.retry import Retry +from ._version import __version__ # Set default logging handler to avoid "No handler found" warnings. @@ -22,7 +23,7 @@ __author__ = "Andrey Petrov ([email protected])" __license__ = "MIT" -__version__ = "1.25.9" +__version__ = __version__ __all__ = ( "HTTPConnectionPool", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3/_version.py new/urllib3-1.25.10/src/urllib3/_version.py --- old/urllib3-1.25.9/src/urllib3/_version.py 1970-01-01 01:00:00.000000000 +0100 +++ new/urllib3-1.25.10/src/urllib3/_version.py 2020-07-22 17:42:19.000000000 +0200 @@ -0,0 +1,2 @@ +# This file is protected via CODEOWNERS +__version__ = "1.25.10" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3/connection.py new/urllib3-1.25.10/src/urllib3/connection.py --- old/urllib3-1.25.9/src/urllib3/connection.py 2020-04-16 14:43:41.000000000 +0200 +++ new/urllib3-1.25.10/src/urllib3/connection.py 2020-07-22 17:42:19.000000000 +0200 @@ -225,10 +225,11 @@ if not isinstance(chunk, bytes): chunk = chunk.encode("utf8") len_str = hex(len(chunk))[2:] - self.send(len_str.encode("utf-8")) - self.send(b"\r\n") - self.send(chunk) - self.send(b"\r\n") + to_send = bytearray(len_str.encode()) + to_send += b"\r\n" + to_send += chunk + to_send += b"\r\n" + self.send(to_send) # After the if clause, to always have a closed body self.send(b"0\r\n\r\n") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3/connectionpool.py new/urllib3-1.25.10/src/urllib3/connectionpool.py --- old/urllib3-1.25.9/src/urllib3/connectionpool.py 2020-04-16 14:43:41.000000000 +0200 +++ new/urllib3-1.25.10/src/urllib3/connectionpool.py 2020-07-22 17:42:19.000000000 +0200 @@ -698,9 +698,11 @@ # Everything went great! clean_exit = True - except queue.Empty: - # Timed out by queue. - raise EmptyPoolError(self, "No pool connections are available.") + except EmptyPoolError: + # Didn't get a connection from the pool, no need to clean up + clean_exit = True + release_this_conn = False + raise except ( TimeoutError, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3/contrib/_securetransport/bindings.py new/urllib3-1.25.10/src/urllib3/contrib/_securetransport/bindings.py --- old/urllib3-1.25.9/src/urllib3/contrib/_securetransport/bindings.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/src/urllib3/contrib/_securetransport/bindings.py 2020-07-22 17:42:19.000000000 +0200 @@ -45,17 +45,11 @@ c_bool, ) from ctypes import CDLL, POINTER, CFUNCTYPE +from urllib3.packages.six import raise_from -security_path = find_library("Security") -if not security_path: - raise ImportError("The library Security could not be found") - - -core_foundation_path = find_library("CoreFoundation") -if not core_foundation_path: - raise ImportError("The library CoreFoundation could not be found") - +if platform.system() != "Darwin": + raise ImportError("Only macOS is supported") version = platform.mac_ver()[0] version_info = tuple(map(int, version.split("."))) @@ -65,8 +59,31 @@ % (version_info[0], version_info[1]) ) -Security = CDLL(security_path, use_errno=True) -CoreFoundation = CDLL(core_foundation_path, use_errno=True) + +def load_cdll(name, macos10_16_path): + """Loads a CDLL by name, falling back to known path on 10.16+""" + try: + # Big Sur is technically 11 but we use 10.16 due to the Big Sur + # beta being labeled as 10.16. + if version_info >= (10, 16): + path = macos10_16_path + else: + path = find_library(name) + if not path: + raise OSError # Caught and reraised as 'ImportError' + return CDLL(path, use_errno=True) + except OSError: + raise_from(ImportError("The library %s failed to load" % name), None) + + +Security = load_cdll( + "Security", "/System/Library/Frameworks/Security.framework/Security" +) +CoreFoundation = load_cdll( + "CoreFoundation", + "/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation", +) + Boolean = c_bool CFIndex = c_long diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3/response.py new/urllib3-1.25.10/src/urllib3/response.py --- old/urllib3-1.25.9/src/urllib3/response.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/src/urllib3/response.py 2020-07-22 17:42:19.000000000 +0200 @@ -107,11 +107,10 @@ # are for 'brotlipy' and bottom branches for 'Brotli' def __init__(self): self._obj = brotli.Decompressor() - - def decompress(self, data): if hasattr(self._obj, "decompress"): - return self._obj.decompress(data) - return self._obj.process(data) + self.decompress = self._obj.decompress + else: + self.decompress = self._obj.process def flush(self): if hasattr(self._obj, "flush"): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3/util/ssl_.py new/urllib3-1.25.10/src/urllib3/util/ssl_.py --- old/urllib3-1.25.9/src/urllib3/util/ssl_.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/src/urllib3/util/ssl_.py 2020-07-22 17:42:19.000000000 +0200 @@ -2,6 +2,7 @@ import errno import warnings import hmac +import os import sys from binascii import hexlify, unhexlify @@ -29,8 +30,8 @@ Returns True if the digests match, and False otherwise. """ result = abs(len(a) - len(b)) - for l, r in zip(bytearray(a), bytearray(b)): - result |= l ^ r + for left, right in zip(bytearray(a), bytearray(b)): + result |= left ^ right return result == 0 @@ -293,6 +294,12 @@ # We do our own verification, including fingerprints and alternative # hostnames. So disable it here context.check_hostname = False + + # Enable logging of TLS session keys via defacto standard environment variable + # 'SSLKEYLOGFILE', if the feature is available (Python 3.8+). + if hasattr(context, "keylog_filename"): + context.keylog_filename = os.environ.get("SSLKEYLOGFILE") + return context diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3.egg-info/PKG-INFO new/urllib3-1.25.10/src/urllib3.egg-info/PKG-INFO --- old/urllib3-1.25.9/src/urllib3.egg-info/PKG-INFO 2020-04-16 17:43:36.000000000 +0200 +++ new/urllib3-1.25.10/src/urllib3.egg-info/PKG-INFO 2020-07-22 17:46:08.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: urllib3 -Version: 1.25.9 +Version: 1.25.10 Summary: HTTP library with thread-safe connection pooling, file post, and more. Home-page: https://urllib3.readthedocs.io/ Author: Andrey Petrov @@ -118,6 +118,25 @@ Changes ======= + 1.25.10 (2020-07-22) + -------------------- + + * Added support for ``SSLKEYLOGFILE`` environment variable for + logging TLS session keys with use with programs like + Wireshark for decrypting captured web traffic (Pull #1867) + + * Fixed loading of SecureTransport libraries on macOS Big Sur + due to the new dynamic linker cache (Pull #1905) + + * Collapse chunked request bodies data and framing into one + call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906) + + * Don't insert ``None`` into ``ConnectionPool`` if the pool + was empty when requesting a connection (Pull #1866) + + * Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858) + + 1.25.9 (2020-04-16) ------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/src/urllib3.egg-info/SOURCES.txt new/urllib3-1.25.10/src/urllib3.egg-info/SOURCES.txt --- old/urllib3-1.25.9/src/urllib3.egg-info/SOURCES.txt 2020-04-16 17:43:36.000000000 +0200 +++ new/urllib3-1.25.10/src/urllib3.egg-info/SOURCES.txt 2020-07-22 17:46:08.000000000 +0200 @@ -35,6 +35,7 @@ dummyserver/certs/server.key src/urllib3/__init__.py src/urllib3/_collections.py +src/urllib3/_version.py src/urllib3/connection.py src/urllib3/connectionpool.py src/urllib3/exceptions.py diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/test/__init__.py new/urllib3-1.25.10/test/__init__.py --- old/urllib3-1.25.9/test/__init__.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/test/__init__.py 2020-07-22 17:42:19.000000000 +0200 @@ -19,8 +19,14 @@ from urllib3.util import ssl_ # We need a host that will not immediately close the connection with a TCP -# Reset. SO suggests this hostname -TARPIT_HOST = "10.255.255.1" +# Reset. +if platform.system() == "Windows": + # Reserved loopback subnet address + TARPIT_HOST = "127.0.0.0" +else: + # Reserved internet scoped address + # https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml + TARPIT_HOST = "240.0.0.0" # (Arguments for socket, is it IPv6 address?) VALID_SOURCE_ADDRESSES = [(("::1", 0), True), (("127.0.0.1", 0), False)] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/test/contrib/test_pyopenssl.py new/urllib3-1.25.10/test/contrib/test_pyopenssl.py --- old/urllib3-1.25.9/test/contrib/test_pyopenssl.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/test/contrib/test_pyopenssl.py 2020-07-22 17:42:10.000000000 +0200 @@ -30,7 +30,7 @@ pass -from ..with_dummyserver.test_https import ( # noqa: F401 +from ..with_dummyserver.test_https import ( # noqa: E402, F401 TestHTTPS, TestHTTPS_TLSv1, TestHTTPS_TLSv1_1, @@ -41,7 +41,7 @@ TestHTTPS_NoSAN, TestHTTPS_IPV6SAN, ) -from ..with_dummyserver.test_socketlevel import ( # noqa: F401 +from ..with_dummyserver.test_socketlevel import ( # noqa: E402, F401 TestSNI, TestSocketClosing, TestClientCerts, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/test/contrib/test_securetransport.py new/urllib3-1.25.10/test/contrib/test_securetransport.py --- old/urllib3-1.25.9/test/contrib/test_securetransport.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/test/contrib/test_securetransport.py 2020-07-22 17:42:10.000000000 +0200 @@ -31,13 +31,13 @@ # SecureTransport does not support TLSv1.3 # https://github.com/urllib3/urllib3/issues/1674 -from ..with_dummyserver.test_https import ( # noqa: F401 +from ..with_dummyserver.test_https import ( # noqa: E402, F401 TestHTTPS, TestHTTPS_TLSv1, TestHTTPS_TLSv1_1, TestHTTPS_TLSv1_2, ) -from ..with_dummyserver.test_socketlevel import ( # noqa: F401 +from ..with_dummyserver.test_socketlevel import ( # noqa: E402, F401 TestSNI, TestSocketClosing, TestClientCerts, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/test/test_connectionpool.py new/urllib3-1.25.10/test/test_connectionpool.py --- old/urllib3-1.25.9/test/test_connectionpool.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/test/test_connectionpool.py 2020-07-22 17:42:19.000000000 +0200 @@ -2,6 +2,7 @@ import ssl import pytest +from mock import Mock from urllib3.connectionpool import ( connection_from_url, @@ -279,7 +280,6 @@ # Make sure that all of the exceptions return the connection # to the pool - _test(Empty, EmptyPoolError) _test(BaseSSLError, MaxRetryError, SSLError) _test(CertificateError, MaxRetryError, SSLError) @@ -292,6 +292,15 @@ pool.request("GET", "/", retries=1, pool_timeout=SHORT_TIMEOUT) assert pool.pool.qsize() == POOL_SIZE + def test_empty_does_not_put_conn(self): + """Do not put None back in the pool if the pool was empty""" + + with HTTPConnectionPool(host="localhost", maxsize=1, block=True) as pool: + pool._get_conn = Mock(side_effect=EmptyPoolError(pool, "Pool is empty")) + pool._put_conn = Mock(side_effect=AssertionError("Unexpected _put_conn")) + with pytest.raises(EmptyPoolError): + pool.request("GET", "/") + def test_assert_same_host(self): with connection_from_url("http://google.com:80";) as c: with pytest.raises(HostChangedError): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/test/with_dummyserver/test_https.py new/urllib3-1.25.10/test/with_dummyserver/test_https.py --- old/urllib3-1.25.9/test/with_dummyserver/test_https.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/test/with_dummyserver/test_https.py 2020-07-22 17:42:19.000000000 +0200 @@ -698,6 +698,25 @@ finally: conn.close() + @pytest.mark.skipif(sys.version_info < (3, 8), reason="requires python 3.8+") + def test_sslkeylogfile(self, tmpdir, monkeypatch): + if not hasattr(util.SSLContext, "keylog_filename"): + pytest.skip("requires OpenSSL 1.1.1+") + keylog_file = tmpdir.join("keylogfile.txt") + monkeypatch.setenv("SSLKEYLOGFILE", str(keylog_file)) + with HTTPSConnectionPool( + self.host, self.port, ca_certs=DEFAULT_CA + ) as https_pool: + r = https_pool.request("GET", "/") + assert r.status == 200, r.data + assert keylog_file.check(file=1), "keylogfile '%s' should exist" % str( + keylog_file + ) + assert keylog_file.read().startswith("# TLS secrets log file"), ( + "keylogfile '%s' should start with '# TLS secrets log file'" + % str(keylog_file) + ) + @requiresTLSv1() class TestHTTPS_TLSv1(TestHTTPS): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/urllib3-1.25.9/test/with_dummyserver/test_socketlevel.py new/urllib3-1.25.10/test/with_dummyserver/test_socketlevel.py --- old/urllib3-1.25.9/test/with_dummyserver/test_socketlevel.py 2020-04-16 14:42:30.000000000 +0200 +++ new/urllib3-1.25.10/test/with_dummyserver/test_socketlevel.py 2020-07-22 17:42:19.000000000 +0200 @@ -10,8 +10,8 @@ ProtocolError, ) from urllib3.response import httplib +from urllib3 import util from urllib3.util import ssl_wrap_socket -from urllib3.util.ssl_ import HAS_SNI from urllib3.util import ssl_ from urllib3.util.timeout import Timeout from urllib3.util.retry import Retry @@ -87,8 +87,9 @@ class TestSNI(SocketDummyServerTestCase): - @pytest.mark.skipif(not HAS_SNI, reason="SNI-support not available") def test_hostname_in_first_request_packet(self): + if not util.HAS_SNI: + pytest.skip("SNI-support not available") done_receiving = Event() self.buf = b""
