HomeSoftware Heritage
Diffusion python3-dulwich packaging 48e2ef8c2f2c

Enable SSL verification for `urllib3`
48e2ef8c2f2c
Actions

Description

Enable SSL verification for urllib3

By default, urllib3 does not verify HTTPS requests.

As recommended in the urllib3 documentation [0], SSL verification is
enabled by including the certifi package which comes with Mozilla's
root certificate bundle. This silences an InsecureRequestWarning
otherwise issued by urllib3.

Before Python 2.7.9, the ssl module lacks SNI support and may lag
behind in security updates [1, 2, 3, 4]. The recommended approach by
urllib3 is to use pyOpenSSL as a replacement for those versions. This
silences InsecurePlatformWarning and SNIMissingWarning otherwise
issued by urllib3 when run on these versions.

[0]: https://urllib3.readthedocs.io/en/latest/user-guide.html#certificate-verification
[1]: https://urllib3.readthedocs.io/en/latest/user-guide.html#certificate-verification-in-python-2
[2]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365
[3]: https://www.python.org/dev/peps/pep-0476/
[4]: https://www.python.org/dev/peps/pep-0493/

Details

Provenance
Daniel Andersson <dandersson@users.noreply.github.com>Authored on Jan 29 2018, 11:55 AM
ardumontPushed on Sep 27 2021, 5:34 PM
Parents
rPPDW221f07362026: Replace `urllib2` HTTP requests with `urllib3`
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (4)

PathSize
dulwich/
tests/

rPPDW48e2ef8c2f2c

View Options

dulwich/client.py

Loading...
View Options

dulwich/tests/test_client.py

Loading...
View Options

requirements.txt

Loading...
View Options

setup.py

Loading...
About · Developer information · Legal