Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-requests for openSUSE:Factory checked in at 2024-06-07 15:01:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-requests (Old) and /work/SRC/openSUSE:Factory/.python-requests.new.24587 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python-requests" Fri Jun 7 15:01:52 2024 rev:82 rq:1179087 version:2.32.3 Changes: -------- --- /work/SRC/openSUSE:Factory/python-requests/python-requests.changes 2024-05-24 19:50:02.115088124 +0200 +++ /work/SRC/openSUSE:Factory/.python-requests.new.24587/python-requests.changes 2024-06-07 15:01:59.920782407 +0200 @@ -1,0 +2,9 @@ +Thu Jun 6 19:38:03 UTC 2024 - Dirk Müller <dmueller@suse.com> + +- update to 2.32.3: + * Fixed bug breaking the ability to specify custom SSLContexts + in sub-classes of HTTPAdapter. + * Fixed issue where Requests started failing to run on Python + versions compiled without the `ssl` module. + +------------------------------------------------------------------- Old: ---- requests-2.32.2.tar.gz New: ---- requests-2.32.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-requests.spec ++++++ --- /var/tmp/diff_new_pack.13LWXk/_old 2024-06-07 15:02:00.576806306 +0200 +++ /var/tmp/diff_new_pack.13LWXk/_new 2024-06-07 15:02:00.576806306 +0200 @@ -26,7 +26,7 @@ %endif %{?sle15_python_module_pythons} Name: python-requests%{psuffix} -Version: 2.32.2 +Version: 2.32.3 Release: 0 Summary: Python HTTP Library License: Apache-2.0 ++++++ requests-2.32.2.tar.gz -> requests-2.32.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/requests-2.32.2/HISTORY.md new/requests-2.32.3/HISTORY.md --- old/requests-2.32.2/HISTORY.md 2024-05-21 20:49:50.000000000 +0200 +++ new/requests-2.32.3/HISTORY.md 2024-05-29 17:36:42.000000000 +0200 @@ -6,6 +6,15 @@ - \[Short description of non-trivial change.\] +2.32.3 (2024-05-29) +------------------- + +**Bugfixes** +- Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of + HTTPAdapter. (#6716) +- Fixed issue where Requests started failing to run on Python versions compiled + without the `ssl` module. (#6724) + 2.32.2 (2024-05-21) ------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/requests-2.32.2/PKG-INFO new/requests-2.32.3/PKG-INFO --- old/requests-2.32.2/PKG-INFO 2024-05-21 20:51:11.119319000 +0200 +++ new/requests-2.32.3/PKG-INFO 2024-05-29 17:37:13.783149200 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: requests -Version: 2.32.2 +Version: 2.32.3 Summary: Python HTTP for Humans. Home-page: https://requests.readthedocs.io Author: Kenneth Reitz diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/requests-2.32.2/src/requests/__version__.py new/requests-2.32.3/src/requests/__version__.py --- old/requests-2.32.2/src/requests/__version__.py 2024-05-21 20:49:50.000000000 +0200 +++ new/requests-2.32.3/src/requests/__version__.py 2024-05-29 17:36:42.000000000 +0200 @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.32.2" -__build__ = 0x023202 +__version__ = "2.32.3" +__build__ = 0x023203 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache-2.0" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/requests-2.32.2/src/requests/adapters.py new/requests-2.32.3/src/requests/adapters.py --- old/requests-2.32.2/src/requests/adapters.py 2024-05-21 20:49:50.000000000 +0200 +++ new/requests-2.32.3/src/requests/adapters.py 2024-05-29 17:36:42.000000000 +0200 @@ -73,26 +73,44 @@ DEFAULT_RETRIES = 0 DEFAULT_POOL_TIMEOUT = None -_preloaded_ssl_context = create_urllib3_context() -_preloaded_ssl_context.load_verify_locations( - extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) -) + +try: + import ssl # noqa: F401 + + _preloaded_ssl_context = create_urllib3_context() + _preloaded_ssl_context.load_verify_locations( + extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) + ) +except ImportError: + # Bypass default SSLContext creation when Python + # interpreter isn't built with the ssl module. + _preloaded_ssl_context = None def _urllib3_request_context( request: "PreparedRequest", verify: "bool | str | None", client_cert: "typing.Tuple[str, str] | str | None", + poolmanager: "PoolManager", ) -> "(typing.Dict[str, typing.Any], typing.Dict[str, typing.Any])": host_params = {} pool_kwargs = {} parsed_request_url = urlparse(request.url) scheme = parsed_request_url.scheme.lower() port = parsed_request_url.port + + # Determine if we have and should use our default SSLContext + # to optimize performance on standard requests. + poolmanager_kwargs = getattr(poolmanager, "connection_pool_kw", {}) + has_poolmanager_ssl_context = poolmanager_kwargs.get("ssl_context") + should_use_default_ssl_context = ( + _preloaded_ssl_context is not None and not has_poolmanager_ssl_context + ) + cert_reqs = "CERT_REQUIRED" if verify is False: cert_reqs = "CERT_NONE" - elif verify is True: + elif verify is True and should_use_default_ssl_context: pool_kwargs["ssl_context"] = _preloaded_ssl_context elif isinstance(verify, str): if not os.path.isdir(verify): @@ -375,23 +393,83 @@ return response + def build_connection_pool_key_attributes(self, request, verify, cert=None): + """Build the PoolKey attributes used by urllib3 to return a connection. + + This looks at the PreparedRequest, the user-specified verify value, + and the value of the cert parameter to determine what PoolKey values + to use to select a connection from a given urllib3 Connection Pool. + + The SSL related pool key arguments are not consistently set. As of + this writing, use the following to determine what keys may be in that + dictionary: + + * If ``verify`` is ``True``, ``"ssl_context"`` will be set and will be the + default Requests SSL Context + * If ``verify`` is ``False``, ``"ssl_context"`` will not be set but + ``"cert_reqs"`` will be set + * If ``verify`` is a string, (i.e., it is a user-specified trust bundle) + ``"ca_certs"`` will be set if the string is not a directory recognized + by :py:func:`os.path.isdir`, otherwise ``"ca_certs_dir"`` will be + set. + * If ``"cert"`` is specified, ``"cert_file"`` will always be set. If + ``"cert"`` is a tuple with a second item, ``"key_file"`` will also + be present + + To override these settings, one may subclass this class, call this + method and use the above logic to change parameters as desired. For + example, if one wishes to use a custom :py:class:`ssl.SSLContext` one + must both set ``"ssl_context"`` and based on what else they require, + alter the other keys to ensure the desired behaviour. + + :param request: + The PreparedReqest being sent over the connection. + :type request: + :class:`~requests.models.PreparedRequest` + :param verify: + Either a boolean, in which case it controls whether + we verify the server's TLS certificate, or a string, in which case it + must be a path to a CA bundle to use. + :param cert: + (optional) Any user-provided SSL certificate for client + authentication (a.k.a., mTLS). This may be a string (i.e., just + the path to a file which holds both certificate and key) or a + tuple of length 2 with the certificate file path and key file + path. + :returns: + A tuple of two dictionaries. The first is the "host parameters" + portion of the Pool Key including scheme, hostname, and port. The + second is a dictionary of SSLContext related parameters. + """ + return _urllib3_request_context(request, verify, cert, self.poolmanager) + def get_connection_with_tls_context(self, request, verify, proxies=None, cert=None): """Returns a urllib3 connection for the given request and TLS settings. This should not be called from user code, and is only exposed for use when subclassing the :class:`HTTPAdapter <requests.adapters.HTTPAdapter>`. - :param request: The :class:`PreparedRequest <PreparedRequest>` object - to be sent over the connection. - :param verify: Either a boolean, in which case it controls whether - we verify the server's TLS certificate, or a string, in which case it - must be a path to a CA bundle to use. - :param proxies: (optional) The proxies dictionary to apply to the request. - :param cert: (optional) Any user-provided SSL certificate to be trusted. - :rtype: urllib3.ConnectionPool + :param request: + The :class:`PreparedRequest <PreparedRequest>` object to be sent + over the connection. + :param verify: + Either a boolean, in which case it controls whether we verify the + server's TLS certificate, or a string, in which case it must be a + path to a CA bundle to use. + :param proxies: + (optional) The proxies dictionary to apply to the request. + :param cert: + (optional) Any user-provided SSL certificate to be used for client + authentication (a.k.a., mTLS). + :rtype: + urllib3.ConnectionPool """ proxy = select_proxy(request.url, proxies) try: - host_params, pool_kwargs = _urllib3_request_context(request, verify, cert) + host_params, pool_kwargs = self.build_connection_pool_key_attributes( + request, + verify, + cert, + ) except ValueError as e: raise InvalidURL(e, request=request) if proxy: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/requests-2.32.2/src/requests.egg-info/PKG-INFO new/requests-2.32.3/src/requests.egg-info/PKG-INFO --- old/requests-2.32.2/src/requests.egg-info/PKG-INFO 2024-05-21 20:51:11.000000000 +0200 +++ new/requests-2.32.3/src/requests.egg-info/PKG-INFO 2024-05-29 17:37:13.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: requests -Version: 2.32.2 +Version: 2.32.3 Summary: Python HTTP for Humans. Home-page: https://requests.readthedocs.io Author: Kenneth Reitz