David Ford (FirefighterBlu3) added the comment:
Unfortunately more breakage exists within urllib.request. A context supplied to
urlopen() is useless in the following pseudo code:
build_some_openers()
context = ssl.foo()
urlopen('foo.com', context=context)
<test against foo.com -- foo.com ssl setup is munged with non-verify, out of
date, or something that doesn't make happy with a default context>
When urlopen() runs, it does indeed (with my earlier patch) add another
HTTPSHandler(context). However, the default added HTTPSHandler is called first
in the chain (see the bisect.insort) and will cause the urlopen attempt to fail
if the SSL connection does not work with a default or void context.
The end-user specified context will never be reached whether they attempt to
install their own HTTPSHandler or not since the default installed HTTPSHandler
will raise an exception.
Therefore, I've attached another patch to urllib.request which ensures that (a)
existing opener chain is not discarded and (b) a default opener chain is not
made with an HTTPSHandler in it, only adding the HTTPSHandler at urlopen() time
if 'https' is found in the URL.
----------
Added file:
http://bugs.python.org/file39847/urllib.request.py-do-not-overwrite-existing-opener.diff
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue18543>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
