ALP-pool/saltbundlepy-urllib3
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:ALP:Source:Standard:1.0 saltbundlepy-urllib3 revision cadb12ccb5fa1cc55fcc1ccd8e742bee

Browse Source
This commit is contained in:
Adrian Schröter 2024-11-15 12:53:48 +01:00
parent 44345f84cb
commit 12a81548d5
8 changed files with 309 additions and 332 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

154
CVE-2024-37891.patch Normal file
View File

@ -0,0 +1,154 @@
From accff72ecc2f6cf5a76d9570198a93ac7c90270e Mon Sep 17 00:00:00 2001
From: Quentin Pradet <quentin.pradet@gmail.com>
Date: Mon, 17 Jun 2024 11:09:06 +0400
Subject: [PATCH] Merge pull request from GHSA-34jh-p97f-mpxf
* Strip Proxy-Authorization header on redirects
* Fix test_retry_default_remove_headers_on_redirect
* Set release date
---
CHANGES.rst | 5 +++++
src/urllib3/util/retry.py | 4 +++-
test/test_retry.py | 6 ++++-
test/with_dummyserver/test_poolmanager.py | 27 ++++++++++++++++++++---
4 files changed, 37 insertions(+), 5 deletions(-)
diff --git a/src/urllib3/util/retry.py b/src/urllib3/util/retry.py
index 7a76a4a6ad..0456cceba4 100644
--- a/src/urllib3/util/retry.py
+++ b/src/urllib3/util/retry.py
@@ -189,7 +189,9 @@ class Retry:
RETRY_AFTER_STATUS_CODES = frozenset([413, 429, 503])
#: Default headers to be used for ``remove_headers_on_redirect``
- DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(["Cookie", "Authorization"])
+ DEFAULT_REMOVE_HEADERS_ON_REDIRECT = frozenset(
+ ["Cookie", "Authorization", "Proxy-Authorization"]
+ )
#: Default maximum backoff time.
DEFAULT_BACKOFF_MAX = 120
diff --git a/test/test_retry.py b/test/test_retry.py
index f71e7acc9e..ac3ce4ca73 100644
--- a/test/test_retry.py
+++ b/test/test_retry.py
@@ -334,7 +334,11 @@ def test_retry_method_not_allowed(self) -> None:
def test_retry_default_remove_headers_on_redirect(self) -> None:
retry = Retry()
- assert retry.remove_headers_on_redirect == {"authorization", "cookie"}
+ assert retry.remove_headers_on_redirect == {
+ "authorization",
+ "proxy-authorization",
+ "cookie",
+ }
def test_retry_set_remove_headers_on_redirect(self) -> None:
retry = Retry(remove_headers_on_redirect=["X-API-Secret"])
diff --git a/test/with_dummyserver/test_poolmanager.py b/test/with_dummyserver/test_poolmanager.py
index 4fa9ec850a..af77241d6c 100644
--- a/test/with_dummyserver/test_poolmanager.py
+++ b/test/with_dummyserver/test_poolmanager.py
@@ -144,7 +144,11 @@ def test_redirect_cross_host_remove_headers(self) -> None:
"GET",
f"{self.base_url}/redirect",
fields={"target": f"{self.base_url_alt}/headers"},
- headers={"Authorization": "foo", "Cookie": "foo=bar"},
+ headers={
+ "Authorization": "foo",
+ "Proxy-Authorization": "bar",
+ "Cookie": "foo=bar",
+ },
)
assert r.status == 200
@@ -152,13 +156,18 @@ def test_redirect_cross_host_remove_headers(self) -> None:
data = r.json()
assert "Authorization" not in data
+ assert "Proxy-Authorization" not in data
assert "Cookie" not in data
r = http.request(
"GET",
f"{self.base_url}/redirect",
fields={"target": f"{self.base_url_alt}/headers"},
- headers={"authorization": "foo", "cookie": "foo=bar"},
+ headers={
+ "authorization": "foo",
+ "proxy-authorization": "baz",
+ "cookie": "foo=bar",
+ },
)
assert r.status == 200
@@ -167,6 +176,8 @@ def test_redirect_cross_host_remove_headers(self) -> None:
assert "authorization" not in data
assert "Authorization" not in data
+ assert "proxy-authorization" not in data
+ assert "Proxy-Authorization" not in data
assert "cookie" not in data
assert "Cookie" not in data
@@ -176,7 +187,11 @@ def test_redirect_cross_host_no_remove_headers(self) -> None:
"GET",
f"{self.base_url}/redirect",
fields={"target": f"{self.base_url_alt}/headers"},
- headers={"Authorization": "foo", "Cookie": "foo=bar"},
+ headers={
+ "Authorization": "foo",
+ "Proxy-Authorization": "bar",
+ "Cookie": "foo=bar",
+ },
retries=Retry(remove_headers_on_redirect=[]),
)
@@ -185,6 +200,7 @@ def test_redirect_cross_host_no_remove_headers(self) -> None:
data = r.json()
assert data["Authorization"] == "foo"
+ assert data["Proxy-Authorization"] == "bar"
assert data["Cookie"] == "foo=bar"
def test_redirect_cross_host_set_removed_headers(self) -> None:
@@ -196,6 +212,7 @@ def test_redirect_cross_host_set_removed_headers(self) -> None:
headers={
"X-API-Secret": "foo",
"Authorization": "bar",
+ "Proxy-Authorization": "baz",
"Cookie": "foo=bar",
},
retries=Retry(remove_headers_on_redirect=["X-API-Secret"]),
@@ -207,11 +224,13 @@ def test_redirect_cross_host_set_removed_headers(self) -> None:
assert "X-API-Secret" not in data
assert data["Authorization"] == "bar"
+ assert data["Proxy-Authorization"] == "baz"
assert data["Cookie"] == "foo=bar"
headers = {
"x-api-secret": "foo",
"authorization": "bar",
+ "proxy-authorization": "baz",
"cookie": "foo=bar",
}
r = http.request(
@@ -229,12 +248,14 @@ def test_redirect_cross_host_set_removed_headers(self) -> None:
assert "x-api-secret" not in data
assert "X-API-Secret" not in data
assert data["Authorization"] == "bar"
+ assert data["Proxy-Authorization"] == "baz"
assert data["Cookie"] == "foo=bar"
# Ensure the header argument itself is not modified in-place.
assert headers == {
"x-api-secret": "foo",
"authorization": "bar",
+ "proxy-authorization": "baz",
"cookie": "foo=bar",
}

30
no-strict-OpenSSL-1.1.1.patch Normal file
View File

@ -0,0 +1,30 @@
--- a/src/urllib3/__init__.py
+++ b/src/urllib3/__init__.py
@@ -22,27 +22,10 @@
from .util.retry import Retry
from .util.timeout import Timeout
-# Ensure that Python is compiled with OpenSSL 1.1.1+
-# If the 'ssl' module isn't available at all that's
-# fine, we only care if the module is available.
try:
import ssl
except ImportError:
pass
-else:
- if not ssl.OPENSSL_VERSION.startswith("OpenSSL "): # Defensive:
- warnings.warn(
- "urllib3 v2.0 only supports OpenSSL 1.1.1+, currently "
- f"the 'ssl' module is compiled with {ssl.OPENSSL_VERSION!r}. "
- "See: https://github.com/urllib3/urllib3/issues/3020",
- exceptions.NotOpenSSLWarning,
- )
- elif ssl.OPENSSL_VERSION_INFO < (1, 1, 1): # Defensive:
- raise ImportError(
- "urllib3 v2.0 only supports OpenSSL 1.1.1+, currently "
- f"the 'ssl' module is compiled with {ssl.OPENSSL_VERSION!r}. "
- "See: https://github.com/urllib3/urllib3/issues/2168"
- )
# === NOTE TO REPACKAGERS AND VENDORS ===
# Please delete this block, this logic is only

34
openssl-3.2.patch
View File

@ -1,34 +0,0 @@
Index: urllib3-1.26.18/changelog/3268.bugfix.rst
===================================================================
--- /dev/null
+++ urllib3-1.26.18/changelog/3268.bugfix.rst
@@ -0,0 +1 @@
+Fixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS.
Index: urllib3-1.26.18/test/with_dummyserver/test_socketlevel.py
===================================================================
--- urllib3-1.26.18.orig/test/with_dummyserver/test_socketlevel.py
+++ urllib3-1.26.18/test/with_dummyserver/test_socketlevel.py
@@ -1226,7 +1226,8 @@ class TestSSL(SocketDummyServerTestCase)
self._start_server(socket_handler)
with HTTPSConnectionPool(self.host, self.port, ca_certs=DEFAULT_CA) as pool:
with pytest.raises(
- SSLError, match=r"(wrong version number|record overflow)"
+ SSLError,
+ match=r"(wrong version number|record overflow|record layer failure)",
):
pool.request("GET", "/", retries=False)
Index: urllib3-1.26.18/src/urllib3/connectionpool.py
===================================================================
--- urllib3-1.26.18.orig/src/urllib3/connectionpool.py
+++ urllib3-1.26.18/src/urllib3/connectionpool.py
@@ -768,7 +768,8 @@ class HTTPConnectionPool(ConnectionPool,
# so we try to cover our bases here!
message = " ".join(re.split("[^a-z]", str(ssl_error).lower()))
return (
- "wrong version number" in message or "unknown protocol" in message
+ "wrong version number" in message or "unknown protocol" in message or "record layer failure" in message
+
)
# Try to detect a common user error with proxies which is to

261
remove_mock.patch
View File

@ -1,261 +0,0 @@
Index: urllib3-1.26.16/docs/conf.py
===================================================================
--- urllib3-1.26.16.orig/docs/conf.py
+++ urllib3-1.26.16/docs/conf.py
@@ -14,7 +14,10 @@ sys.path.insert(0, root_path)
# Mock some expensive/platform-specific modules so build will work.
# (https://read-the-docs.readthedocs.io/en/latest/faq.html#\
# i-get-import-errors-on-libraries-that-depend-on-c-modules)
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
class MockModule(mock.Mock):
Index: urllib3-1.26.16/test/contrib/test_pyopenssl.py
===================================================================
--- urllib3-1.26.16.orig/test/contrib/test_pyopenssl.py
+++ urllib3-1.26.16/test/contrib/test_pyopenssl.py
@@ -1,7 +1,10 @@
# -*- coding: utf-8 -*-
import os
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
try:
Index: urllib3-1.26.16/test/contrib/test_pyopenssl_dependencies.py
===================================================================
--- urllib3-1.26.16.orig/test/contrib/test_pyopenssl_dependencies.py
+++ urllib3-1.26.16/test/contrib/test_pyopenssl_dependencies.py
@@ -1,6 +1,9 @@
# -*- coding: utf-8 -*-
import pytest
-from mock import Mock, patch
+try:
+ from unittest.mock import Mock, patch
+except ImportError:
+ from mock import Mock, patch
try:
from urllib3.contrib.pyopenssl import extract_from_urllib3, inject_into_urllib3
Index: urllib3-1.26.16/test/test_connection.py
===================================================================
--- urllib3-1.26.16.orig/test/test_connection.py
+++ urllib3-1.26.16/test/test_connection.py
@@ -1,6 +1,9 @@
import datetime
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
from urllib3.connection import RECENT_DATE, CertificateError, _match_hostname
Index: urllib3-1.26.16/test/test_connectionpool.py
===================================================================
--- urllib3-1.26.16.orig/test/test_connectionpool.py
+++ urllib3-1.26.16/test/test_connectionpool.py
@@ -6,7 +6,10 @@ from ssl import SSLError as BaseSSLError
from test import SHORT_TIMEOUT
import pytest
-from mock import Mock
+try:
+ from unittest.mock import Mock
+except ImportError:
+ from mock import Mock
from dummyserver.server import DEFAULT_CA
from urllib3._collections import HTTPHeaderDict
Index: urllib3-1.26.16/test/test_queue_monkeypatch.py
===================================================================
--- urllib3-1.26.16.orig/test/test_queue_monkeypatch.py
+++ urllib3-1.26.16/test/test_queue_monkeypatch.py
@@ -1,6 +1,9 @@
from __future__ import absolute_import
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
from urllib3 import HTTPConnectionPool
Index: urllib3-1.26.16/test/test_response.py
===================================================================
--- urllib3-1.26.16.orig/test/test_response.py
+++ urllib3-1.26.16/test/test_response.py
@@ -9,7 +9,10 @@ from base64 import b64decode
from io import BufferedReader, BytesIO, TextIOWrapper
from test import onlyBrotlipy
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
import six
Index: urllib3-1.26.16/test/test_retry.py
===================================================================
--- urllib3-1.26.16.orig/test/test_retry.py
+++ urllib3-1.26.16/test/test_retry.py
@@ -1,6 +1,9 @@
import warnings
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
from urllib3.exceptions import (
Index: urllib3-1.26.16/test/test_retry_deprecated.py
===================================================================
--- urllib3-1.26.16.orig/test/test_retry_deprecated.py
+++ urllib3-1.26.16/test/test_retry_deprecated.py
@@ -1,7 +1,10 @@
# This is a copy-paste of test_retry.py with extra asserts about deprecated options. It will be removed for v2.
import warnings
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
from urllib3.exceptions import (
Index: urllib3-1.26.16/test/test_ssl.py
===================================================================
--- urllib3-1.26.16.orig/test/test_ssl.py
+++ urllib3-1.26.16/test/test_ssl.py
@@ -1,6 +1,9 @@
from test import notPyPy2
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
from urllib3.exceptions import SNIMissingWarning
Index: urllib3-1.26.16/test/test_ssltransport.py
===================================================================
--- urllib3-1.26.16.orig/test/test_ssltransport.py
+++ urllib3-1.26.16/test/test_ssltransport.py
@@ -4,7 +4,10 @@ import socket
import ssl
import sys
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
from dummyserver.server import DEFAULT_CA, DEFAULT_CERTS
Index: urllib3-1.26.16/test/test_util.py
===================================================================
--- urllib3-1.26.16.orig/test/test_util.py
+++ urllib3-1.26.16/test/test_util.py
@@ -9,7 +9,10 @@ from itertools import chain
from test import notBrotlipy, onlyBrotlipy, onlyPy2, onlyPy3
import pytest
-from mock import Mock, patch
+try:
+ from unittest.mock import Mock, patch
+except ImportError:
+ from mock import Mock, patch
from urllib3 import add_stderr_logger, disable_warnings, util
from urllib3.exceptions import (
Index: urllib3-1.26.16/test/with_dummyserver/test_connectionpool.py
===================================================================
--- urllib3-1.26.16.orig/test/with_dummyserver/test_connectionpool.py
+++ urllib3-1.26.16/test/with_dummyserver/test_connectionpool.py
@@ -12,7 +12,10 @@ import warnings
from test import LONG_TIMEOUT, SHORT_TIMEOUT, onlyPy2
from threading import Event
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
import six
Index: urllib3-1.26.16/test/with_dummyserver/test_https.py
===================================================================
--- urllib3-1.26.16.orig/test/with_dummyserver/test_https.py
+++ urllib3-1.26.16/test/with_dummyserver/test_https.py
@@ -18,7 +18,10 @@ from test import (
resolvesLocalhostFQDN,
)
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
import trustme
Index: urllib3-1.26.16/test/with_dummyserver/test_socketlevel.py
===================================================================
--- urllib3-1.26.16.orig/test/with_dummyserver/test_socketlevel.py
+++ urllib3-1.26.16/test/with_dummyserver/test_socketlevel.py
@@ -54,7 +54,10 @@ from test import (
)
from threading import Event
-import mock
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
import pytest
import trustme
Index: urllib3-1.26.16/test/test_poolmanager.py
===================================================================
--- urllib3-1.26.16.orig/test/test_poolmanager.py
+++ urllib3-1.26.16/test/test_poolmanager.py
@@ -3,7 +3,11 @@ import socket
from test import resolvesLocalhostFQDN
import pytest
-from mock import patch
+
+try:
+ import unittest.mock as mock
+except ImportError:
+ import mock
from urllib3 import connection_from_url
from urllib3.exceptions import LocationValueError
@@ -361,7 +365,7 @@ class TestPoolManager(object):
"http://[a::b%25zone]",
],
)
- @patch("urllib3.util.connection.create_connection")
+ @mock.patch("urllib3.util.connection.create_connection")
def test_e2e_connect_to_ipv6_scoped(self, create_connection, url):
"""Checks that IPv6 scoped addresses are properly handled end-to-end.

102
saltbundlepy-urllib3.changes
View File

@ -1,3 +1,105 @@
-------------------------------------------------------------------
Fri Aug 23 08:31:44 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Add CVE-2024-37891.patch (bsc#1226469, bsc#1229654)
- Remove strict OpenSSL 1.1.1 version checking
- Update to 2.0.7 (bsc#1216377, CVE-2023-45803):
* Made body stripped from HTTP requests changing the request method
to GET after HTTP 303 "See Other" redirect responses.
- Update Buildrequires to upstream list.
- Update to 2.0.6 (bsc#1215968, CVE-2023-43804):
* Added the Cookie header to the list of headers to strip from
requests when redirecting to a different host. As before, different
headers can be set via Retry.remove_headers_on_redirect
- Update to 2.0.5:
* Allowed pyOpenSSL third-party module without any deprecation
warning. #3126
* Fixed default blocksize of HTTPConnection classes to match
high-level classes. Previously was 8KiB, now 16KiB. #3066
- Update to 2.0.4:
* Added support for union operators to ``HTTPHeaderDict``
* Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`#3078
* Fixed ``urllib3.connection.HTTPConnection`` to raise the
``http.client.connect`` audit event to have the same behavior
as the standard library HTTP client
* Relied on the standard library for checking hostnames in
supported PyPy releases
- Disable test_deprecated_no_scheme so it needs network connection to
run correctly.
- Update to 2.0.3:
* Allowed alternative SSL libraries such as LibreSSL, while
still issuing a warning as we cannot help users facing issues
with implementations other than OpenSSL.
* Deprecated URLs which don't have an explicit scheme
* Fixed response decoding with Zstandard when compressed data
is made of several frames.
* Fixed ``assert_hostname=False`` to correctly skip hostname
check.
- Update to 2.0.2:
* Fixed ``HTTPResponse.stream()`` to continue yielding bytes if
buffered decompressed data was still available to be read
even if the underlying socket is closed. This prevents
a compressed response from being truncated.
- Update to 2.0.1:
* Fixed a socket leak when fingerprint or hostname verifications fail.
* Fixed an error when HTTPResponse.read(0) was the first read call or when
the internal response body buffer was otherwise empty.
* Removed support for Python 2.7, 3.5, and 3.6.
* Removed fallback on certificate commonName in match_hostname() function.
* Removed support for Python with an ssl module compiled with LibreSSL,
CiscoSSL, wolfSSL, and all other OpenSSL alternatives.
* Removed support for OpenSSL versions earlier than 1.1.1.
* Removed urllib3.contrib.appengine.AppEngineManager and support for Google
App Engine Standard Environment.
* Changed ssl_version to instead set the corresponding
SSLContext.minimum_version and SSLContext.maximum_version values.
* Changed default SSLContext.minimum_version to be TLSVersion.TLSv1_2
in line with Python 3.10.
* Changed urllib3.util.create_urllib3_context to not override the system
cipher suites with a default value.
* Changed multipart/form-data header parameter formatting matches the
WHATWG HTML Standard as of 2021-06-10.
* Changed HTTPConnection.request() to always use lowercase chunk boundaries
when sending requests with Transfer-Encoding: chunked.
* Changed enforce_content_length default to True, preventing silent data
loss when reading streamed responses.
* Changed all parameters in the HTTPConnection and HTTPSConnection
constructors to be keyword-only except host and port.
* Changed HTTPConnection.getresponse() to set the socket timeout from
HTTPConnection.timeout value before reading data from the socket.
* Changed name of Retry.BACK0FF_MAX to be Retry.DEFAULT_BACKOFF_MAX.
* Changed TLS handshakes to use SSLContext.check_hostname when possible.
* Changed the default blocksize to 16KB to match OpenSSL's default read
amounts.
* Changed HTTPResponse.read() to raise an error when calling with
decode_content=False after using decode_content=True to prevent data loss.
* Fixed thread-safety issue where accessing a PoolManager with many
distinct origins would cause connection pools to be closed while
requests are in progress.
* Fixed the default value of HTTPSConnection.socket_options to match
HTTPConnection.
* Fixed a socket leak if HTTPConnection.connect() fails.
- Drop patch remove_mock.patch, included upstream.
- Fiddle with {Build,}Requires as appropiate, six finally dropped.
- Added:
* CVE-2024-37891.patch
* no-strict-OpenSSL-1.1.1.patch
- Removed:
* openssl-3.2.patch
* remove_mock.patch
-------------------------------------------------------------------
Mon Mar 4 11:11:14 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

54
saltbundlepy-urllib3.spec
View File

@ -19,10 +19,6 @@
%{?!saltbundlepy_module:%define saltbundlepy_module() saltbundlepy-%{**}}
%define pythons saltbundlepy
# Disable python bytecompile for all distros
# It's called explicitly in the spec
%global __brp_python_bytecompile %{nil}
%global flavor @BUILD_FLAVOR@%{nil}
%if "%{flavor}" == "test"
%define psuffix -test
@ -33,21 +29,21 @@
%endif
Name: saltbundlepy-urllib3%{psuffix}
Version: 1.26.18
Version: 2.0.7
Release: 0
Summary: HTTP library with thread-safe connection pooling, file post, and more
License: MIT
Group: Development/Languages/Python
URL: https://urllib3.readthedocs.org/
Source: https://files.pythonhosted.org/packages/source/u/urllib3/urllib3-%{version}.tar.gz
# PATCH-FIX-UPSTREAM remove_mock.patch gh#urllib3/urllib3#2108 mcepl@suse.com
# remove dependency on the external module mock
Patch0: remove_mock.patch
# PATCH-FIX-UPSTREAM openssl-3.2.patch gh#urllib3/urllib3#3271
Patch1: openssl-3.2.patch
BuildRequires: %{saltbundlepy_module base >= 3.10}
BuildRequires: %{saltbundlepy_module setuptools}
BuildRequires: %{saltbundlepy_module six}
# PATCH-FIX-UPSTREAM https://github.com/urllib3/urllib3/commit/accff72ecc2f6cf5a76d9570198a93ac7c90270e Strip Proxy-Authorization header on redirects
Patch1: CVE-2024-37891.patch
# Avoid stict dependency on OpenSSL 1.1.1
Patch2: no-strict-OpenSSL-1.1.1.patch
BuildRequires: saltbundlepy >= 3.11
BuildRequires: %{saltbundlepy_module base >= 3.11}
BuildRequires: %{saltbundlepy_module hatchling}
BuildRequires: %{saltbundlepy_module pip}
BuildRequires: fdupes
BuildRequires: saltbundlepy-rpm-macros
#!BuildIgnore: python-requests
@ -95,32 +91,18 @@ Highlights
find . -type f -exec chmod a-x '{}' \;
find . -name __pycache__ -type d -exec rm -fr {} +
# Drop the dummyserver tests, they fail in OBS
rm test/with_dummyserver/test_proxy_poolmanager.py
rm test/with_dummyserver/test_poolmanager.py
# Don't run the Google App Engine tests
rm -r test/appengine/
find . -type f -name '*.orig' -delete
%build
%python_build
%pyproject_wheel
%install
%if !%{with test}
%python_install
%pyproject_install
%{python_expand # Unbundle six
rm %{buildroot}/%{$python_sitelib}/urllib3/packages/six.py
rm %{buildroot}/%{$python_sitelib}/urllib3/packages/__pycache__/six*.pyc
find %{buildroot} -type f -name '*.pyc' -exec touch {} \;
ln -s %{$python_sitelib}/six.py %{buildroot}/%{$python_sitelib}/urllib3/packages/six.py
ln -sf %{$python_sitelib}/__pycache__/six.cpython-%{$python_version_nodots}.opt-1.pyc \
%{buildroot}/%{$python_sitelib}/urllib3/packages/__pycache__/
ln -sf %{$python_sitelib}/__pycache__/six.cpython-%{$python_version_nodots}.pyc \
%{buildroot}/%{$python_sitelib}/urllib3/packages/__pycache__/
%fdupes %{buildroot}%{$python_sitelib}
}
%python_expand %fdupes %{buildroot}%{$python_sitelib}
%endif
%if %{with test}
@ -135,13 +117,17 @@ skiplist="test_ssl_read_timeout or test_ssl_failed_fingerprint_verification or t
skiplist+=" or test_recent_date"
# too slow to run in obs (checks 2GiB of data)
skiplist+=" or test_requesting_large_resources_via_ssl"
%pytest -k "not (${skiplist})"
# Try to access external evil.com
skiplist+=" or test_deprecated_no_scheme"
# DeprecationWarning('ssl.TLSVersion.TLSv1 is deprecated') is filtered upstream in pyproject.toml, but it somehow got through
skiplist+=" or TestHTTPS_TLSv1"
%pytest -k "not (${skiplist})" --ignore test/with_dummyserver/test_socketlevel.py
%endif
%if ! %{with test}
%files %{python_files}
%license LICENSE.txt
%doc CHANGES.rst README.rst
%doc CHANGES.rst README.md
%{python_sitelib}/urllib3
%{python_sitelib}/urllib3-%{version}*-info
%endif

BIN
urllib3-1.26.18.tar.gz (Stored with Git LFS)
View File

Binary file not shown.

BIN
urllib3-2.0.7.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.