diff --git a/python-requests-toolbelt.changes b/python-requests-toolbelt.changes index 52b70c6..b6c720d 100644 --- a/python-requests-toolbelt.changes +++ b/python-requests-toolbelt.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Fri Sep 30 04:24:08 UTC 2022 - Steve Kowalik + +- Add patch stop-using-pyopenssl-compat.patch: + * Stop importing (and using!) a pyopenssl compatibility module + to avoid a DeprecationWarning. + ------------------------------------------------------------------- Wed Mar 2 02:03:40 UTC 2022 - Steve Kowalik diff --git a/python-requests-toolbelt.spec b/python-requests-toolbelt.spec index 32525b4..fb31b9f 100644 --- a/python-requests-toolbelt.spec +++ b/python-requests-toolbelt.spec @@ -22,7 +22,6 @@ Version: 0.9.1 Release: 0 Summary: A utility belt for advanced users of python3-requests License: Apache-2.0 -Group: Development/Languages/Python URL: https://github.com/requests/toolbelt Source: https://files.pythonhosted.org/packages/source/r/requests-toolbelt/requests-toolbelt-%{version}.tar.gz # Replace expired test certificate @@ -33,6 +32,9 @@ Patch0: fix-tests.patch Patch1: remove_mock.patch # PATCH-FIX-UPSTREAM requests-toolbelt-pr246-collections.abc.patch -- fix python310 deprecation. gh#requests/toolbelt#246 Patch2: https://github.com/requests/toolbelt/pull/246.patch#/requests-toolbelt-pr246-collections.abc.patch +# PATCH-FIX-OPENSUSE Stop using PyOpenSSLCompat, it generates widespread +# DeprecationWarnings +Patch3: stop-using-pyopenssl-compat.patch BuildRequires: %{python_module requests >= 2.12.2} BuildRequires: %{python_module setuptools} BuildRequires: fdupes @@ -61,8 +63,6 @@ some idiosyncracies prevent effective or sane testing on that version. cp %{SOURCE1} tests/certs rm -rf requests_toolbelt.egg-info -# requires network access -rm -v tests/test_multipart_encoder.py %build %python_build @@ -76,7 +76,8 @@ rm -v tests/test_multipart_encoder.py export OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file export OPENSSL_CONF='' -%pytest +# Requires network access +%pytest -k 'not (TestFileFromURLWrapper or test_reads_file_from_url_wrapper)' %files %{python_files} %license LICENSE diff --git a/stop-using-pyopenssl-compat.patch b/stop-using-pyopenssl-compat.patch new file mode 100644 index 0000000..9d11c48 --- /dev/null +++ b/stop-using-pyopenssl-compat.patch @@ -0,0 +1,90 @@ +Index: requests-toolbelt-0.9.1/requests_toolbelt/adapters/x509.py +=================================================================== +--- requests-toolbelt-0.9.1.orig/requests_toolbelt/adapters/x509.py ++++ requests-toolbelt-0.9.1/requests_toolbelt/adapters/x509.py +@@ -8,6 +8,7 @@ X.509 certificate without needing to con + """ + + from OpenSSL.crypto import PKey, X509 ++from OpenSSL.SSL import Context, TLS_CLIENT_METHOD + from cryptography import x509 + from cryptography.hazmat.primitives.serialization import (load_pem_private_key, + load_der_private_key) +@@ -18,19 +19,8 @@ from datetime import datetime + from requests.adapters import HTTPAdapter + import requests + +-from .._compat import PyOpenSSLContext + from .. import exceptions as exc + +-""" +-importing the protocol constants from _ssl instead of ssl because only the +-constants are needed and to handle issues caused by importing from ssl on +-the 2.7.x line. +-""" +-try: +- from _ssl import PROTOCOL_TLS as PROTOCOL +-except ImportError: +- from _ssl import PROTOCOL_SSLv23 as PROTOCOL +- + + class X509Adapter(HTTPAdapter): + r"""Adapter for use with X.509 certificates. +@@ -81,7 +71,6 @@ class X509Adapter(HTTPAdapter): + """ + + def __init__(self, *args, **kwargs): +- self._check_version() + cert_bytes = kwargs.pop('cert_bytes', None) + pk_bytes = kwargs.pop('pk_bytes', None) + password = kwargs.pop('password', None) +@@ -118,15 +107,6 @@ class X509Adapter(HTTPAdapter): + kwargs['ssl_context'] = self.ssl_context + return super(X509Adapter, self).proxy_manager_for(*args, **kwargs) + +- def _check_version(self): +- if PyOpenSSLContext is None: +- raise exc.VersionMismatchError( +- "The X509Adapter requires at least Requests 2.12.0 to be " +- "installed. Version {0} was found instead.".format( +- requests.__version__ +- ) +- ) +- + + def check_cert_dates(cert): + """Verify that the supplied client cert is not invalid.""" +@@ -172,7 +152,7 @@ def create_ssl_context(cert_byes, pk_byt + raise ValueError('Cert and key could not be parsed from ' + 'provided data') + check_cert_dates(cert) +- ssl_context = PyOpenSSLContext(PROTOCOL) +- ssl_context._ctx.use_certificate(X509.from_cryptography(cert)) +- ssl_context._ctx.use_privatekey(PKey.from_cryptography_key(key)) ++ ssl_context = Context(TLS_CLIENT_METHOD) ++ ssl_context.use_certificate(X509.from_cryptography(cert)) ++ ssl_context.use_privatekey(PKey.from_cryptography_key(key)) + return ssl_context +Index: requests-toolbelt-0.9.1/requests_toolbelt/_compat.py +=================================================================== +--- requests-toolbelt-0.9.1.orig/requests_toolbelt/_compat.py ++++ requests-toolbelt-0.9.1/requests_toolbelt/_compat.py +@@ -49,17 +49,7 @@ else: + except ImportError: + from urllib3.contrib import appengine as gaecontrib + +-if requests.__build__ < 0x021200: +- PyOpenSSLContext = None +-else: +- try: +- from requests.packages.urllib3.contrib.pyopenssl \ +- import PyOpenSSLContext +- except ImportError: +- try: +- from urllib3.contrib.pyopenssl import PyOpenSSLContext +- except ImportError: +- PyOpenSSLContext = None ++PyOpenSSLContext = None + + PY3 = sys.version_info > (3, 0) +