| |
@@ -0,0 +1,101 @@
|
| |
+ From 420420456f6367d051744ddcebcd548d251bbb3e Mon Sep 17 00:00:00 2001
|
| |
+ From: Seth Michael Larson <sethmichaellarson@gmail.com>
|
| |
+ Date: Wed, 17 Apr 2019 12:46:22 -0500
|
| |
+ Subject: [PATCH] urllib3: Release 1.24.2 (#1564)
|
| |
+
|
| |
+ * Don't load system certificates by default when any other ``ca_certs``, ``ca_certs_dir`` or ``ssl_context`` parameters are specified.
|
| |
+ * Remove Authorization header regardless of case when redirecting to cross-site. (Issue #1510)
|
| |
+ * Add support for IPv6 addresses in subjectAltName section of certificates. (Issue #1269)
|
| |
+ ---
|
| |
+ src/pip/_vendor/urllib3/__init__.py | 2 +-
|
| |
+ src/pip/_vendor/urllib3/contrib/pyopenssl.py | 3 +++
|
| |
+ src/pip/_vendor/urllib3/poolmanager.py | 7 +++++--
|
| |
+ src/pip/_vendor/urllib3/util/retry.py | 3 ++-
|
| |
+ src/pip/_vendor/urllib3/util/ssl_.py | 5 ++++-
|
| |
+ 5 files changed, 15 insertions(+), 5 deletions(-)
|
| |
+
|
| |
+ diff --git a/src/pip/_vendor/urllib3/__init__.py b/src/pip/_vendor/urllib3/__init__.py
|
| |
+ index 148a9c3..6191546 100644
|
| |
+ --- a/src/pip/_vendor/urllib3/__init__.py
|
| |
+ +++ b/src/pip/_vendor/urllib3/__init__.py
|
| |
+ @@ -27,7 +27,7 @@ from logging import NullHandler
|
| |
+
|
| |
+ __author__ = 'Andrey Petrov (andrey.petrov@shazow.net)'
|
| |
+ __license__ = 'MIT'
|
| |
+ -__version__ = '1.24.1'
|
| |
+ +__version__ = '1.24.2'
|
| |
+
|
| |
+ __all__ = (
|
| |
+ 'HTTPConnectionPool',
|
| |
+ diff --git a/src/pip/_vendor/urllib3/contrib/pyopenssl.py b/src/pip/_vendor/urllib3/contrib/pyopenssl.py
|
| |
+ index 363667c..fb05afa 100644
|
| |
+ --- a/src/pip/_vendor/urllib3/contrib/pyopenssl.py
|
| |
+ +++ b/src/pip/_vendor/urllib3/contrib/pyopenssl.py
|
| |
+ @@ -184,6 +184,9 @@ def _dnsname_to_stdlib(name):
|
| |
+ except idna.core.IDNAError:
|
| |
+ return None
|
| |
+
|
| |
+ + if ':' in name:
|
| |
+ + return name
|
| |
+ +
|
| |
+ name = idna_encode(name)
|
| |
+ if name is None:
|
| |
+ return None
|
| |
+ diff --git a/src/pip/_vendor/urllib3/poolmanager.py b/src/pip/_vendor/urllib3/poolmanager.py
|
| |
+ index fe5491c..32bd973 100644
|
| |
+ --- a/src/pip/_vendor/urllib3/poolmanager.py
|
| |
+ +++ b/src/pip/_vendor/urllib3/poolmanager.py
|
| |
+ @@ -7,6 +7,7 @@ from ._collections import RecentlyUsedContainer
|
| |
+ from .connectionpool import HTTPConnectionPool, HTTPSConnectionPool
|
| |
+ from .connectionpool import port_by_scheme
|
| |
+ from .exceptions import LocationValueError, MaxRetryError, ProxySchemeUnknown
|
| |
+ +from .packages import six
|
| |
+ from .packages.six.moves.urllib.parse import urljoin
|
| |
+ from .request import RequestMethods
|
| |
+ from .util.url import parse_url
|
| |
+ @@ -342,8 +343,10 @@ class PoolManager(RequestMethods):
|
| |
+ # conn.is_same_host() which may use socket.gethostbyname() in the future.
|
| |
+ if (retries.remove_headers_on_redirect
|
| |
+ and not conn.is_same_host(redirect_location)):
|
| |
+ - for header in retries.remove_headers_on_redirect:
|
| |
+ - kw['headers'].pop(header, None)
|
| |
+ + headers = list(six.iterkeys(kw['headers']))
|
| |
+ + for header in headers:
|
| |
+ + if header.lower() in retries.remove_headers_on_redirect:
|
| |
+ + kw['headers'].pop(header, None)
|
| |
+
|
| |
+ try:
|
| |
+ retries = retries.increment(method, url, response=response, _pool=conn)
|
| |
+ diff --git a/src/pip/_vendor/urllib3/util/retry.py b/src/pip/_vendor/urllib3/util/retry.py
|
| |
+ index e7d0abd..02429ee 100644
|
| |
+ --- a/src/pip/_vendor/urllib3/util/retry.py
|
| |
+ +++ b/src/pip/_vendor/urllib3/util/retry.py
|
| |
+ @@ -179,7 +179,8 @@ class Retry(object):
|
| |
+ self.raise_on_status = raise_on_status
|
| |
+ self.history = history or tuple()
|
| |
+ self.respect_retry_after_header = respect_retry_after_header
|
| |
+ - self.remove_headers_on_redirect = remove_headers_on_redirect
|
| |
+ + self.remove_headers_on_redirect = frozenset([
|
| |
+ + h.lower() for h in remove_headers_on_redirect])
|
| |
+
|
| |
+ def new(self, **kw):
|
| |
+ params = dict(
|
| |
+ diff --git a/src/pip/_vendor/urllib3/util/ssl_.py b/src/pip/_vendor/urllib3/util/ssl_.py
|
| |
+ index dfc553f..d96e893 100644
|
| |
+ --- a/src/pip/_vendor/urllib3/util/ssl_.py
|
| |
+ +++ b/src/pip/_vendor/urllib3/util/ssl_.py
|
| |
+ @@ -327,7 +327,10 @@ def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None,
|
| |
+ if e.errno == errno.ENOENT:
|
| |
+ raise SSLError(e)
|
| |
+ raise
|
| |
+ - elif getattr(context, 'load_default_certs', None) is not None:
|
| |
+ +
|
| |
+ + # Don't load system certs unless there were no CA certs or
|
| |
+ + # SSLContext object specified manually.
|
| |
+ + elif ssl_context is None and hasattr(context, 'load_default_certs'):
|
| |
+ # try to load OS default certs; works well on Windows (require Python3.4+)
|
| |
+ context.load_default_certs()
|
| |
+
|
| |
+ --
|
| |
+ 2.24.1
|
| |
+
|
| |