From bda7f0171f8bba17989d3a2c28dfa9a9261b1b65 Mon Sep 17 00:00:00 2001 From: Sergey Lyapustin Date: Wed, 29 Jun 2022 20:41:49 +0200 Subject: [PATCH 001/164] Fixed warnings message to suggest using secure protocol. (#6188) --- requests/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requests/models.py b/requests/models.py index 3cd49f5bba..617a4134e5 100644 --- a/requests/models.py +++ b/requests/models.py @@ -438,7 +438,7 @@ def prepare_url(self, url, params): if not scheme: raise MissingSchema( f"Invalid URL {url!r}: No scheme supplied. " - f"Perhaps you meant http://{url}?" + f"Perhaps you meant https://{url}?" ) if not host: From 786255613bd92f87c9c8f066c4271aab1b9eeaad Mon Sep 17 00:00:00 2001 From: Miloslav Pojman Date: Thu, 21 Jul 2022 01:13:36 +0200 Subject: [PATCH 002/164] Remove Python 2 mention from tox (#6200) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 5e8fe3cccb..f74dc42ddf 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ init: pip install -r requirements-dev.txt test: - # This runs all of the tests, on both Python 2 and Python 3. + # This runs all of the tests on all supported Python versions. tox -p ci: pytest tests --junitxml=report.xml From 177dd90f18a8f4dc79a7d2049f0a3f4fcc5932a0 Mon Sep 17 00:00:00 2001 From: David Cain Date: Wed, 27 Jul 2022 10:22:21 -0700 Subject: [PATCH 003/164] Remove Python 2 mention on `chardet` behavior (#6204) --- docs/user/advanced.rst | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 2a91401a25..7decdb6029 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -717,10 +717,9 @@ If ``chardet`` is installed, ``requests`` uses it, however for python3 library is an LGPL-licenced dependency and some users of requests cannot depend on mandatory LGPL-licensed dependencies. -When you install ``request`` without specifying ``[use_chardet_on_py3]]`` extra, +When you install ``requests`` without specifying ``[use_chardet_on_py3]`` extra, and ``chardet`` is not already installed, ``requests`` uses ``charset-normalizer`` -(MIT-licensed) to guess the encoding. For Python 2, ``requests`` uses only -``chardet`` and is a mandatory dependency there. +(MIT-licensed) to guess the encoding. The only time Requests will not guess the encoding is if no explicit charset is present in the HTTP headers **and** the ``Content-Type`` From da246958b41f6548914fb185d7d91094cabd1157 Mon Sep 17 00:00:00 2001 From: Jaap Roes Date: Wed, 7 Sep 2022 09:48:59 +0200 Subject: [PATCH 004/164] Fix CURL_CA_BUNDLE override example Promote REQUESTS_CA_BUNDLE as it is looked at first --- docs/user/advanced.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 7decdb6029..c664a83d30 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -656,10 +656,10 @@ certificates trusted by Requests can be found with:: from requests.utils import DEFAULT_CA_BUNDLE_PATH print(DEFAULT_CA_BUNDLE_PATH) -You override this default certificate bundle by setting the standard -``curl_ca_bundle`` environment variable to another file path:: +You override this default certificate bundle by setting the ``REQUESTS_CA_BUNDLE`` +(or ``CURL_CA_BUNDLE``) environment variable to another file path:: - $ export curl_ca_bundle="/usr/local/myproxy_info/cacert.pem" + $ export REQUESTS_CA_BUNDLE="/usr/local/myproxy_info/cacert.pem" $ export https_proxy="http://10.10.1.10:1080" $ python From c57f1f0ca10e61771b459c857182c23626607312 Mon Sep 17 00:00:00 2001 From: deedy5 <65482418+deedy5@users.noreply.github.com> Date: Thu, 20 Oct 2022 18:26:18 +0000 Subject: [PATCH 005/164] Allow charset normalizer >=2 and <4 (#6261) --- requests/__init__.py | 4 ++-- setup.cfg | 2 +- setup.py | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/requests/__init__.py b/requests/__init__.py index 7ac8e297b8..22db3c1d7c 100644 --- a/requests/__init__.py +++ b/requests/__init__.py @@ -80,8 +80,8 @@ def check_compatibility(urllib3_version, chardet_version, charset_normalizer_ver elif charset_normalizer_version: major, minor, patch = charset_normalizer_version.split(".")[:3] major, minor, patch = int(major), int(minor), int(patch) - # charset_normalizer >= 2.0.0 < 3.0.0 - assert (2, 0, 0) <= (major, minor, patch) < (3, 0, 0) + # charset_normalizer >= 2.0.0 < 4.0.0 + assert (2, 0, 0) <= (major, minor, patch) < (4, 0, 0) else: raise Exception("You need either charset_normalizer or chardet installed") diff --git a/setup.cfg b/setup.cfg index 33af66eb15..bf21c81cc0 100644 --- a/setup.cfg +++ b/setup.cfg @@ -5,7 +5,7 @@ provides-extra = use_chardet_on_py3 requires-dist = certifi>=2017.4.17 - charset_normalizer>=2,<3 + charset_normalizer>=2,<4 idna>=2.5,<4 urllib3>=1.21.1,<1.27 diff --git a/setup.py b/setup.py index 23977ed77a..092b40d011 100755 --- a/setup.py +++ b/setup.py @@ -59,7 +59,7 @@ def run_tests(self): sys.exit() requires = [ - "charset_normalizer>=2,<3", + "charset_normalizer>=2,<4", "idna>=2.5,<4", "urllib3>=1.21.1,<1.27", "certifi>=2017.4.17", From 7908ad3af981a424f36aab4357b03a38f2b8ee18 Mon Sep 17 00:00:00 2001 From: reeko234 Date: Fri, 21 Oct 2022 07:42:58 +0000 Subject: [PATCH 006/164] JSONDecodeError included in the documentation #6260 --- docs/api.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/api.rst b/docs/api.rst index 83eb58787a..34959dd6f1 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -36,6 +36,7 @@ Exceptions .. autoexception:: requests.ConnectTimeout .. autoexception:: requests.ReadTimeout .. autoexception:: requests.Timeout +.. autoexception:: requests.JSONDecodeError Request Sessions From 53a0562331c4a825036a347e77984d68b310fcf3 Mon Sep 17 00:00:00 2001 From: Volker Schaus Date: Sun, 23 Oct 2022 18:35:43 +0000 Subject: [PATCH 007/164] change to SPDX conform license string --- requests/__version__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requests/__version__.py b/requests/__version__.py index e725ada655..5778594af3 100644 --- a/requests/__version__.py +++ b/requests/__version__.py @@ -9,6 +9,6 @@ __build__ = 0x022801 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" -__license__ = "Apache 2.0" +__license__ = "Apache-2.0" __copyright__ = "Copyright 2022 Kenneth Reitz" __cake__ = "\u2728 \U0001f370 \u2728" From 192083576d1e92627976db1bb0948956a4d9baa8 Mon Sep 17 00:00:00 2001 From: Olivia Crain Date: Mon, 21 Nov 2022 14:01:02 -0600 Subject: [PATCH 008/164] Replace git protocol URL in docs with an HTTPS URL --- docs/user/install.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user/install.rst b/docs/user/install.rst index d0d454d37d..7fa9a606d2 100644 --- a/docs/user/install.rst +++ b/docs/user/install.rst @@ -22,7 +22,7 @@ Requests is actively developed on GitHub, where the code is You can either clone the public repository:: - $ git clone git://github.com/psf/requests.git + $ git clone https://github.com/psf/requests.git Or, download the `tarball `_:: From ec553c275fe915ab8c179a530907b564892d2922 Mon Sep 17 00:00:00 2001 From: ch-iv <108201575+ch-iv@users.noreply.github.com> Date: Sun, 25 Dec 2022 23:24:16 -0500 Subject: [PATCH 009/164] Update flake8 repo and version (#6317) --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index cac5ddccb4..cc18abd901 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -22,7 +22,7 @@ repos: hooks: - id: pyupgrade args: [--py37-plus] -- repo: https://gitlab.com/pycqa/flake8 - rev: 4.0.1 +- repo: https://github.com/PyCQA/flake8 + rev: 6.0.0 hooks: - id: flake8 From 2745db131a667a3d5457957cb3ed6adeb9b9949a Mon Sep 17 00:00:00 2001 From: Bruno Alla Date: Fri, 6 Jan 2023 18:32:31 +0000 Subject: [PATCH 010/164] Switch to Python 3.11 final on CI and add to tox file (#6325) --- .github/workflows/run-tests.yml | 2 +- tox.ini | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 7b0e3c031e..abe6144711 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -9,7 +9,7 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11-dev"] + python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"] os: [ubuntu-18.04, macOS-latest, windows-latest] include: # pypy-3.7 on Mac OS currently fails trying to compile diff --git a/tox.ini b/tox.ini index 2e4fd90d32..546c7371b1 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py{37,38,39,310}-{default, use_chardet_on_py3} +envlist = py{37,38,39,310,311}-{default, use_chardet_on_py3} [testenv] deps = -rrequirements-dev.txt From eb07385b025798baf921d3cb3b398c8794524fd9 Mon Sep 17 00:00:00 2001 From: Ashish Kurmi <100655670+boahc077@users.noreply.github.com> Date: Thu, 12 Jan 2023 03:36:53 +0530 Subject: [PATCH 011/164] ci: add minimum GitHub token permissions for workflows (#6236) Signed-off-by: Ashish Kurmi --- .github/workflows/codeql-analysis.yml | 7 +++++++ .github/workflows/lint.yml | 3 +++ .github/workflows/run-tests.yml | 3 +++ 3 files changed, 13 insertions(+) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 617f2df3ef..1e7dba233b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -14,8 +14,15 @@ on: schedule: - cron: '0 23 * * 0' +permissions: + contents: read + jobs: analyze: + permissions: + actions: read # for github/codeql-action/init to get workflow details + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/autobuild to send a status report name: Analyze runs-on: ubuntu-latest diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c69aa7fccb..fd9f4202f3 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -4,6 +4,9 @@ on: push: pull_request: +permissions: + contents: read + jobs: lint: runs-on: ubuntu-20.04 diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index abe6144711..f1bdb439ad 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -2,6 +2,9 @@ name: Tests on: [push, pull_request] +permissions: + contents: read + jobs: build: runs-on: ${{ matrix.os }} From 61c324da43dd8b775d3930d76265538b3ca27bc1 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Thu, 12 Jan 2023 09:16:09 -0700 Subject: [PATCH 012/164] v2.28.2 --- HISTORY.md | 11 +++++++++++ requests/__version__.py | 6 +++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 307f92a4d9..5b980299da 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -7,6 +7,17 @@ dev - \[Short description of non-trivial change.\] +2.28.2 (2023-01-12) +------------------- + +**Dependencies** + +- Requests now supports charset\_normalizer 3.x. (#6261) + +**Bugfixes** + +- Updated MissingSchema exception to suggest https scheme rather than http. (#6188) + 2.28.1 (2022-06-29) ------------------- diff --git a/requests/__version__.py b/requests/__version__.py index e725ada655..69be3dec74 100644 --- a/requests/__version__.py +++ b/requests/__version__.py @@ -5,10 +5,10 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.28.1" -__build__ = 0x022801 +__version__ = "2.28.2" +__build__ = 0x022802 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache 2.0" -__copyright__ = "Copyright 2022 Kenneth Reitz" +__copyright__ = "Copyright Kenneth Reitz" __cake__ = "\u2728 \U0001f370 \u2728" From 16a17a3ca7134b0a56c49653165ef37cb6acfece Mon Sep 17 00:00:00 2001 From: Matthew Feickert Date: Wed, 18 Jan 2023 23:37:24 -0600 Subject: [PATCH 013/164] fix: Remove '<4' from python_requires (#6333) * As discussed in https://discuss.python.org/t/use-of-less-than-next-major-version-e-g-4-in-python-requires-setup-py/1066 and other places by the PyPA, use of upper bounds with python_requires for future versions of Python is unintended use of python_requires and actively discouraged. --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 092b40d011..bf13369be0 100755 --- a/setup.py +++ b/setup.py @@ -94,7 +94,7 @@ def run_tests(self): package_data={"": ["LICENSE", "NOTICE"]}, package_dir={"requests": "requests"}, include_package_data=True, - python_requires=">=3.7, <4", + python_requires=">=3.7", install_requires=requires, license=about["__license__"], zip_safe=False, From 15585909c3dd3014e4083961c8a404709450151c Mon Sep 17 00:00:00 2001 From: Quentin Pradet Date: Sat, 21 Jan 2023 09:44:33 +0100 Subject: [PATCH 014/164] Support missing SNIMissingWarning in tests (#6336) --- tests/__init__.py | 14 +++++++++----- tests/test_requests.py | 5 +++++ 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/tests/__init__.py b/tests/__init__.py index 04385be18a..c8561a0801 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -2,9 +2,13 @@ import warnings -from urllib3.exceptions import SNIMissingWarning +try: + from urllib3.exceptions import SNIMissingWarning -# urllib3 sets SNIMissingWarning to only go off once, -# while this test suite requires it to always fire -# so that it occurs during test_requests.test_https_warnings -warnings.simplefilter("always", SNIMissingWarning) + # urllib3 1.x sets SNIMissingWarning to only go off once, + # while this test suite requires it to always fire + # so that it occurs during test_requests.test_https_warnings + warnings.simplefilter("always", SNIMissingWarning) +except ImportError: + # urllib3 2.0 removed that warning and errors out instead + SNIMissingWarning = None diff --git a/tests/test_requests.py b/tests/test_requests.py index 5b4c3f53fa..2a5c9b1102 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -48,6 +48,7 @@ from requests.sessions import SessionRedirectMixin from requests.structures import CaseInsensitiveDict +from . import SNIMissingWarning from .compat import StringIO from .utils import override_environ @@ -974,6 +975,10 @@ def test_http_with_certificate(self, httpbin): r = requests.get(httpbin(), cert=".") assert r.status_code == 200 + @pytest.mark.skipif( + SNIMissingWarning is None, + reason="urllib3 2.0 removed that warning and errors out instead", + ) def test_https_warnings(self, nosan_server): """warnings are emitted with requests.get""" host, port, ca_bundle = nosan_server From 46188256ee5955147cce4c0af91958b1681b47b1 Mon Sep 17 00:00:00 2001 From: Boris Verkhovskiy Date: Mon, 27 Feb 2023 16:31:15 +0100 Subject: [PATCH 015/164] Response.raw.read() returns bytes (#6365) --- docs/user/quickstart.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/user/quickstart.rst b/docs/user/quickstart.rst index 7fac5ce735..464e4f5fa5 100644 --- a/docs/user/quickstart.rst +++ b/docs/user/quickstart.rst @@ -177,7 +177,7 @@ server, you can access ``r.raw``. If you want to do this, make sure you set >>> r.raw.read(10) - '\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x03' + b'\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x03' In general, however, you should use a pattern like this to save what is being streamed to a file:: @@ -237,7 +237,7 @@ dictionary of data will automatically be form-encoded when the request is made:: >>> payload = {'key1': 'value1', 'key2': 'value2'} - >>> r = requests.post("https://httpbin.org/post", data=payload) + >>> r = requests.post('https://httpbin.org/post', data=payload) >>> print(r.text) { ... From ec78348c4b6292b1a38008fa31e51f7b6b2252dc Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Thu, 2 Mar 2023 20:45:27 -0800 Subject: [PATCH 016/164] Upgrade lint.yml action (#6370) --- .github/workflows/lint.yml | 9 +++++---- .pre-commit-config.yaml | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index fd9f4202f3..df275c51b6 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,8 +1,6 @@ name: Lint code -on: - push: - pull_request: +on: [push, pull_request] permissions: contents: read @@ -10,10 +8,13 @@ permissions: jobs: lint: runs-on: ubuntu-20.04 + timeout-minutes: 10 steps: - uses: actions/checkout@v3 - name: Set up Python - uses: actions/setup-python@v3 + uses: actions/setup-python@v4 + with: + python-version: "3.x" - name: Run pre-commit uses: pre-commit/action@v3.0.0 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index cc18abd901..5b915dc383 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -9,7 +9,7 @@ repos: - id: end-of-file-fixer - id: trailing-whitespace - repo: https://github.com/PyCQA/isort - rev: 5.10.1 + rev: 5.12.0 hooks: - id: isort - repo: https://github.com/psf/black From e90852d20c9bc44c465e55234c01432711627d94 Mon Sep 17 00:00:00 2001 From: Yifang Zhu <70597936+zhu-yifang@users.noreply.github.com> Date: Thu, 2 Mar 2023 21:32:49 -0800 Subject: [PATCH 017/164] Make json doc strings consistent (#6368) --- requests/api.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requests/api.py b/requests/api.py index 2f71aaed1a..cd0b3eeac3 100644 --- a/requests/api.py +++ b/requests/api.py @@ -106,7 +106,7 @@ def post(url, data=None, json=None, **kwargs): :param url: URL for the new :class:`Request` object. :param data: (optional) Dictionary, list of tuples, bytes, or file-like object to send in the body of the :class:`Request`. - :param json: (optional) json data to send in the body of the :class:`Request`. + :param json: (optional) A JSON serializable Python object to send in the body of the :class:`Request`. :param \*\*kwargs: Optional arguments that ``request`` takes. :return: :class:`Response ` object :rtype: requests.Response @@ -121,7 +121,7 @@ def put(url, data=None, **kwargs): :param url: URL for the new :class:`Request` object. :param data: (optional) Dictionary, list of tuples, bytes, or file-like object to send in the body of the :class:`Request`. - :param json: (optional) json data to send in the body of the :class:`Request`. + :param json: (optional) A JSON serializable Python object to send in the body of the :class:`Request`. :param \*\*kwargs: Optional arguments that ``request`` takes. :return: :class:`Response ` object :rtype: requests.Response @@ -136,7 +136,7 @@ def patch(url, data=None, **kwargs): :param url: URL for the new :class:`Request` object. :param data: (optional) Dictionary, list of tuples, bytes, or file-like object to send in the body of the :class:`Request`. - :param json: (optional) json data to send in the body of the :class:`Request`. + :param json: (optional) A JSON serializable Python object to send in the body of the :class:`Request`. :param \*\*kwargs: Optional arguments that ``request`` takes. :return: :class:`Response ` object :rtype: requests.Response From 7f694b79e114c06fac5ec06019cada5a61e5570f Mon Sep 17 00:00:00 2001 From: Seth Michael Larson Date: Fri, 17 Feb 2023 10:17:19 -0600 Subject: [PATCH 018/164] Allow str/bytes subclasses to be used as header parts --- requests/_internal_utils.py | 6 ++++-- requests/utils.py | 30 +++++++++++++++++++----------- tests/test_requests.py | 25 +++++++++++++++++++++++++ 3 files changed, 48 insertions(+), 13 deletions(-) diff --git a/requests/_internal_utils.py b/requests/_internal_utils.py index 7dc9bc5336..f2cf635e29 100644 --- a/requests/_internal_utils.py +++ b/requests/_internal_utils.py @@ -14,9 +14,11 @@ _VALID_HEADER_VALUE_RE_BYTE = re.compile(rb"^\S[^\r\n]*$|^$") _VALID_HEADER_VALUE_RE_STR = re.compile(r"^\S[^\r\n]*$|^$") +_HEADER_VALIDATORS_STR = (_VALID_HEADER_NAME_RE_STR, _VALID_HEADER_VALUE_RE_STR) +_HEADER_VALIDATORS_BYTE = (_VALID_HEADER_NAME_RE_BYTE, _VALID_HEADER_VALUE_RE_BYTE) HEADER_VALIDATORS = { - bytes: (_VALID_HEADER_NAME_RE_BYTE, _VALID_HEADER_VALUE_RE_BYTE), - str: (_VALID_HEADER_NAME_RE_STR, _VALID_HEADER_VALUE_RE_STR), + bytes: _HEADER_VALIDATORS_BYTE, + str: _HEADER_VALIDATORS_STR, } diff --git a/requests/utils.py b/requests/utils.py index ad5358381a..a367417f8e 100644 --- a/requests/utils.py +++ b/requests/utils.py @@ -25,7 +25,12 @@ from .__version__ import __version__ # to_native_string is unused here, but imported here for backwards compatibility -from ._internal_utils import HEADER_VALIDATORS, to_native_string # noqa: F401 +from ._internal_utils import ( # noqa: F401 + _HEADER_VALIDATORS_BYTE, + _HEADER_VALIDATORS_STR, + HEADER_VALIDATORS, + to_native_string, +) from .compat import ( Mapping, basestring, @@ -1031,20 +1036,23 @@ def check_header_validity(header): :param header: tuple, in the format (name, value). """ name, value = header + _validate_header_part(header, name, 0) + _validate_header_part(header, value, 1) - for part in header: - if type(part) not in HEADER_VALIDATORS: - raise InvalidHeader( - f"Header part ({part!r}) from {{{name!r}: {value!r}}} must be " - f"of type str or bytes, not {type(part)}" - ) - - _validate_header_part(name, "name", HEADER_VALIDATORS[type(name)][0]) - _validate_header_part(value, "value", HEADER_VALIDATORS[type(value)][1]) +def _validate_header_part(header, header_part, header_validator_index): + if isinstance(header_part, str): + validator = _HEADER_VALIDATORS_STR[header_validator_index] + elif isinstance(header_part, bytes): + validator = _HEADER_VALIDATORS_BYTE[header_validator_index] + else: + raise InvalidHeader( + f"Header part ({header_part!r}) from {header} " + f"must be of type str or bytes, not {type(header_part)}" + ) -def _validate_header_part(header_part, header_kind, validator): if not validator.match(header_part): + header_kind = "name" if header_validator_index == 0 else "value" raise InvalidHeader( f"Invalid leading whitespace, reserved character(s), or return" f"character(s) in header {header_kind}: {header_part!r}" diff --git a/tests/test_requests.py b/tests/test_requests.py index 2a5c9b1102..b1c8dd4534 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -1752,6 +1752,31 @@ def test_header_no_leading_space(self, httpbin, invalid_header): with pytest.raises(InvalidHeader): requests.get(httpbin("get"), headers=invalid_header) + def test_header_with_subclass_types(self, httpbin): + """If the subclasses does not behave *exactly* like + the base bytes/str classes, this is not supported. + This test is for backwards compatibility. + """ + + class MyString(str): + pass + + class MyBytes(bytes): + pass + + r_str = requests.get(httpbin("get"), headers={MyString("x-custom"): "myheader"}) + assert r_str.request.headers["x-custom"] == "myheader" + + r_bytes = requests.get( + httpbin("get"), headers={MyBytes(b"x-custom"): b"myheader"} + ) + assert r_bytes.request.headers["x-custom"] == b"myheader" + + r_mixed = requests.get( + httpbin("get"), headers={MyString("x-custom"): MyBytes(b"myheader")} + ) + assert r_mixed.request.headers["x-custom"] == b"myheader" + @pytest.mark.parametrize("files", ("foo", b"foo", bytearray(b"foo"))) def test_can_send_objects_with_files(self, httpbin, files): data = {"a": "this is a string"} From 26bea1e498d6e234fbc9ce8e07c0389bac73810b Mon Sep 17 00:00:00 2001 From: Levi Date: Sat, 22 Apr 2023 17:32:51 -0600 Subject: [PATCH 019/164] Use urllib3 native chunking ability (#6226) * Fix #3844 * Use urllib for chunked --------- Co-authored-by: James Pickering Co-authored-by: Leon Verrall --- requests/adapters.py | 71 ++++++++------------------------------------ 1 file changed, 13 insertions(+), 58 deletions(-) diff --git a/requests/adapters.py b/requests/adapters.py index d3b2d5bb1e..f13ae4e5e2 100644 --- a/requests/adapters.py +++ b/requests/adapters.py @@ -22,7 +22,6 @@ from urllib3.exceptions import ReadTimeoutError, ResponseError from urllib3.exceptions import SSLError as _SSLError from urllib3.poolmanager import PoolManager, proxy_from_url -from urllib3.response import HTTPResponse from urllib3.util import Timeout as TimeoutSauce from urllib3.util import parse_url from urllib3.util.retry import Retry @@ -485,63 +484,19 @@ def send( timeout = TimeoutSauce(connect=timeout, read=timeout) try: - if not chunked: - resp = conn.urlopen( - method=request.method, - url=url, - body=request.body, - headers=request.headers, - redirect=False, - assert_same_host=False, - preload_content=False, - decode_content=False, - retries=self.max_retries, - timeout=timeout, - ) - - # Send the request. - else: - if hasattr(conn, "proxy_pool"): - conn = conn.proxy_pool - - low_conn = conn._get_conn(timeout=DEFAULT_POOL_TIMEOUT) - - try: - skip_host = "Host" in request.headers - low_conn.putrequest( - request.method, - url, - skip_accept_encoding=True, - skip_host=skip_host, - ) - - for header, value in request.headers.items(): - low_conn.putheader(header, value) - - low_conn.endheaders() - - for i in request.body: - low_conn.send(hex(len(i))[2:].encode("utf-8")) - low_conn.send(b"\r\n") - low_conn.send(i) - low_conn.send(b"\r\n") - low_conn.send(b"0\r\n\r\n") - - # Receive the response from the server - r = low_conn.getresponse() - - resp = HTTPResponse.from_httplib( - r, - pool=conn, - connection=low_conn, - preload_content=False, - decode_content=False, - ) - except Exception: - # If we hit any problems here, clean up the connection. - # Then, raise so that we can handle the actual exception. - low_conn.close() - raise + resp = conn.urlopen( + method=request.method, + url=url, + body=request.body, + headers=request.headers, + redirect=False, + assert_same_host=False, + preload_content=False, + decode_content=False, + retries=self.max_retries, + timeout=timeout, + chunked=chunked, + ) except (ProtocolError, OSError) as err: raise ConnectionError(err, request=request) From dfc3e2433836813fe6b93b8e182a761aa6c0ee05 Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Sun, 23 Apr 2023 00:41:27 +0100 Subject: [PATCH 020/164] pin cryptography<40 on pypy 3.7 (#6421) * pin cryptography<40 on pypy 3.7 --- requirements-dev.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements-dev.txt b/requirements-dev.txt index 6edee41781..e29f2474d2 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -6,6 +6,7 @@ pytest-mock==2.0.0 httpbin==0.7.0 trustme wheel +cryptography<40.0.0; python_version <= '3.7' and platform_python_implementation == 'PyPy' # Flask Stack Flask>1.0,<2.0 From a7da1ab3498b10ec3a3582244c94b2845f8a8e71 Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Sun, 23 Apr 2023 00:53:09 +0100 Subject: [PATCH 021/164] try on ubuntu 22.04 (#6418) --- .github/workflows/run-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index f1bdb439ad..71fb63e44d 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -13,7 +13,7 @@ jobs: fail-fast: false matrix: python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"] - os: [ubuntu-18.04, macOS-latest, windows-latest] + os: [ubuntu-22.04, macOS-latest, windows-latest] include: # pypy-3.7 on Mac OS currently fails trying to compile # brotlipy. Moving pypy3 to only test linux. From 51716c4ef390136b0d4b800ec7665dd5503e64fc Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Sun, 23 Apr 2023 01:00:22 +0100 Subject: [PATCH 022/164] enable the warnings plugin (#6416) --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 996bf14c83..d3ab7bd9bb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ src_paths = ["requests", "test"] honor_noqa = true [tool.pytest.ini_options] -addopts = "-p no:warnings --doctest-modules" +addopts = "--doctest-modules" doctest_optionflags = "NORMALIZE_WHITESPACE ELLIPSIS" minversion = "6.2" testpaths = [ From 87d63de8739263bbe17034fba2285c79780da7e8 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 26 Apr 2023 09:19:11 -0600 Subject: [PATCH 023/164] v2.29.0 --- HISTORY.md | 8 ++++++++ requests/__version__.py | 4 ++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 5b980299da..0b7b39ca1f 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,14 @@ dev - \[Short description of non-trivial change.\] +2.29.0 (2023-04-26) +------------------- + +**Improvements** + +- Requests now defers chunked requests to the urllib3 implementation to improve + standardization. (#6226) +- Requests relaxes header component requirements to support bytes/str subclasses. (#6356) 2.28.2 (2023-01-12) ------------------- diff --git a/requests/__version__.py b/requests/__version__.py index 69be3dec74..4775ae32ed 100644 --- a/requests/__version__.py +++ b/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.28.2" -__build__ = 0x022802 +__version__ = "2.29.0" +__build__ = 0x022900 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache 2.0" From f2629e9e3c7ce3c3c8c025bcd8db551101cbc773 Mon Sep 17 00:00:00 2001 From: Quentin Pradet Date: Fri, 28 Apr 2023 23:17:10 +0400 Subject: [PATCH 024/164] Remove strict parameter (#6434) --- requests/adapters.py | 1 - 1 file changed, 1 deletion(-) diff --git a/requests/adapters.py b/requests/adapters.py index f13ae4e5e2..78e3bb6ecf 100644 --- a/requests/adapters.py +++ b/requests/adapters.py @@ -193,7 +193,6 @@ def init_poolmanager( num_pools=connections, maxsize=maxsize, block=block, - strict=True, **pool_kwargs, ) From 2ad18e0e10e7d7ecd5384c378f25ec8821a10a29 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 3 May 2023 08:39:44 -0700 Subject: [PATCH 025/164] v2.30.0 --- HISTORY.md | 12 ++++++++++++ requests/__init__.py | 8 ++++---- requests/__version__.py | 4 ++-- setup.py | 2 +- 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 0b7b39ca1f..177ce59fe0 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,18 @@ dev - \[Short description of non-trivial change.\] +2.30.0 (2023-05-03) +------------------- + +**Dependencies** +- ⚠️ Added support for urllib3 2.0. ⚠️ + + This may contain minor breaking changes so we advise careful testing and + reviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html + prior to upgrading. + + Users who wish to stay on urllib3 1.x can pin to `urllib3<2`. + 2.29.0 (2023-04-26) ------------------- diff --git a/requests/__init__.py b/requests/__init__.py index 22db3c1d7c..300a16c574 100644 --- a/requests/__init__.py +++ b/requests/__init__.py @@ -66,10 +66,10 @@ def check_compatibility(urllib3_version, chardet_version, charset_normalizer_ver # Check urllib3 for compatibility. major, minor, patch = urllib3_version # noqa: F811 major, minor, patch = int(major), int(minor), int(patch) - # urllib3 >= 1.21.1, <= 1.26 - assert major == 1 - assert minor >= 21 - assert minor <= 26 + # urllib3 >= 1.21.1 + assert major >= 1 + if major == 1: + assert minor >= 21 # Check charset_normalizer for compatibility. if chardet_version: diff --git a/requests/__version__.py b/requests/__version__.py index 4775ae32ed..e0f3373d0d 100644 --- a/requests/__version__.py +++ b/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.29.0" -__build__ = 0x022900 +__version__ = "2.30.0" +__build__ = 0x023000 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache 2.0" diff --git a/setup.py b/setup.py index bf13369be0..323e4f886d 100755 --- a/setup.py +++ b/setup.py @@ -61,7 +61,7 @@ def run_tests(self): requires = [ "charset_normalizer>=2,<4", "idna>=2.5,<4", - "urllib3>=1.21.1,<1.27", + "urllib3>=1.21.1,<3", "certifi>=2017.4.17", ] test_requirements = [ From d3d504436ef0c2ac7ec8af13738b04dcc8c694be Mon Sep 17 00:00:00 2001 From: Syed Saifullah <39564496+syed-saif@users.noreply.github.com> Date: Tue, 9 May 2023 22:25:33 +0530 Subject: [PATCH 026/164] Fixed a small typo (#6452) --- HISTORY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/HISTORY.md b/HISTORY.md index 177ce59fe0..aaa05e2832 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -73,7 +73,7 @@ dev cert verification. All Requests 2.x versions before 2.28.0 are affected. (#6074) - Fixed urllib3 exception leak, wrapping `urllib3.exceptions.SSLError` with `requests.exceptions.SSLError` for `content` and `iter_content`. (#6057) -- Fixed issue where invalid Windows registry entires caused proxy resolution +- Fixed issue where invalid Windows registry entries caused proxy resolution to raise an exception rather than ignoring the entry. (#6149) - Fixed issue where entire payload could be included in the error message for JSONDecodeError. (#6036) From b639e66c816514e40604d46f0088fbceec1a5149 Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Sat, 13 May 2023 15:10:56 +0100 Subject: [PATCH 027/164] test on py3.12 (#6448) * test on py3.12 * update to pytest-httpbin==2.0.0 --- .github/workflows/run-tests.yml | 2 +- requirements-dev.txt | 2 +- setup.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 71fb63e44d..677ae11477 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -12,7 +12,7 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"] + python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12-dev"] os: [ubuntu-22.04, macOS-latest, windows-latest] include: # pypy-3.7 on Mac OS currently fails trying to compile diff --git a/requirements-dev.txt b/requirements-dev.txt index e29f2474d2..d62637378e 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,7 +1,7 @@ -e .[socks] pytest>=2.8.0,<=6.2.5 pytest-cov -pytest-httpbin==1.0.0 +pytest-httpbin==2.0.0 pytest-mock==2.0.0 httpbin==0.7.0 trustme diff --git a/setup.py b/setup.py index 323e4f886d..012354574d 100755 --- a/setup.py +++ b/setup.py @@ -65,7 +65,7 @@ def run_tests(self): "certifi>=2017.4.17", ] test_requirements = [ - "pytest-httpbin==0.0.7", + "pytest-httpbin==2.0.0", "pytest-cov", "pytest-mock", "pytest-xdist", From 302225334678490ec66b3614a9dddb8a02c5f4fe Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Mon, 15 May 2023 16:04:21 +0100 Subject: [PATCH 028/164] test on pypy 3.8 and pypy 3.9 on windows and macos (#6424) --- .github/workflows/run-tests.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 677ae11477..c4159508e4 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -12,14 +12,13 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12-dev"] + python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12-dev", "pypy-3.8", "pypy-3.9"] os: [ubuntu-22.04, macOS-latest, windows-latest] include: - # pypy-3.7 on Mac OS currently fails trying to compile - # brotlipy. Moving pypy3 to only test linux. + # pypy-3.7 on Windows and Mac OS currently fails trying to compile + # cryptography. Moving pypy-3.7 to only test linux. - python-version: pypy-3.7 os: ubuntu-latest - experimental: false steps: - uses: actions/checkout@v2 From 74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Mon, 22 May 2023 08:08:57 -0700 Subject: [PATCH 029/164] Merge pull request from GHSA-j8r2-6x86-q33q --- requests/sessions.py | 4 +++- tests/test_requests.py | 20 ++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/requests/sessions.py b/requests/sessions.py index 6cb3b4dae3..dbcf2a7b0e 100644 --- a/requests/sessions.py +++ b/requests/sessions.py @@ -324,7 +324,9 @@ def rebuild_proxies(self, prepared_request, proxies): except KeyError: username, password = None, None - if username and password: + # urllib3 handles proxy authorization for us in the standard adapter. + # Avoid appending this to TLS tunneled requests where it may be leaked. + if not scheme.startswith('https') and username and password: headers["Proxy-Authorization"] = _basic_auth_str(username, password) return new_proxies diff --git a/tests/test_requests.py b/tests/test_requests.py index b1c8dd4534..b420c44d73 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -647,6 +647,26 @@ def test_proxy_authorization_preserved_on_request(self, httpbin): assert sent_headers.get("Proxy-Authorization") == proxy_auth_value + + @pytest.mark.parametrize( + "url,has_proxy_auth", + ( + ('http://example.com', True), + ('https://example.com', False), + ), + ) + def test_proxy_authorization_not_appended_to_https_request(self, url, has_proxy_auth): + session = requests.Session() + proxies = { + 'http': 'http://test:pass@localhost:8080', + 'https': 'http://test:pass@localhost:8090', + } + req = requests.Request('GET', url) + prep = req.prepare() + session.rebuild_proxies(prep, proxies) + + assert ('Proxy-Authorization' in prep.headers) is has_proxy_auth + def test_basicauth_with_netrc(self, httpbin): auth = ("user", "pass") wrong_auth = ("wronguser", "wrongpass") From 147c8511ddbfa5e8f71bbf5c18ede0c4ceb3bba4 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Mon, 22 May 2023 08:10:32 -0700 Subject: [PATCH 030/164] v2.31.0 --- HISTORY.md | 27 +++++++++++++++++++++++++++ requests/__version__.py | 4 ++-- 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index aaa05e2832..bbe6dd425b 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,33 @@ dev - \[Short description of non-trivial change.\] +2.31.0 (2023-05-22) +------------------- + +**Security** +- Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential + forwarding of `Proxy-Authorization` headers to destination servers when + following HTTPS redirects. + + When proxies are defined with user info (https://user:pass@proxy:8080), Requests + will construct a `Proxy-Authorization` header that is attached to the request to + authenticate with the proxy. + + In cases where Requests receives a redirect response, it previously reattached + the `Proxy-Authorization` header incorrectly, resulting in the value being + sent through the tunneled connection to the destination server. Users who rely on + defining their proxy credentials in the URL are *strongly* encouraged to upgrade + to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy + credentials once the change has been fully deployed. + + Users who do not use a proxy or do not supply their proxy credentials through + the user information portion of their proxy URL are not subject to this + vulnerability. + + Full details can be read in our [Github Security Advisory](https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q) + and [CVE-2023-32681](https://nvd.nist.gov/vuln/detail/CVE-2023-32681). + + 2.30.0 (2023-05-03) ------------------- diff --git a/requests/__version__.py b/requests/__version__.py index e0f3373d0d..5063c3f8ee 100644 --- a/requests/__version__.py +++ b/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.30.0" -__build__ = 0x023000 +__version__ = "2.31.0" +__build__ = 0x023100 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache 2.0" From 6e5b15d542a4e85945fd72066bb6cecbc3a82191 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Mon, 22 May 2023 08:36:22 -0700 Subject: [PATCH 031/164] Fix linting issues --- requests/sessions.py | 2 +- tests/test_requests.py | 17 +++++++++-------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/requests/sessions.py b/requests/sessions.py index dbcf2a7b0e..df35bfe2cd 100644 --- a/requests/sessions.py +++ b/requests/sessions.py @@ -326,7 +326,7 @@ def rebuild_proxies(self, prepared_request, proxies): # urllib3 handles proxy authorization for us in the standard adapter. # Avoid appending this to TLS tunneled requests where it may be leaked. - if not scheme.startswith('https') and username and password: + if not scheme.startswith("https") and username and password: headers["Proxy-Authorization"] = _basic_auth_str(username, password) return new_proxies diff --git a/tests/test_requests.py b/tests/test_requests.py index b420c44d73..5a01f5fbb2 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -647,25 +647,26 @@ def test_proxy_authorization_preserved_on_request(self, httpbin): assert sent_headers.get("Proxy-Authorization") == proxy_auth_value - @pytest.mark.parametrize( "url,has_proxy_auth", ( - ('http://example.com', True), - ('https://example.com', False), + ("http://example.com", True), + ("https://example.com", False), ), ) - def test_proxy_authorization_not_appended_to_https_request(self, url, has_proxy_auth): + def test_proxy_authorization_not_appended_to_https_request( + self, url, has_proxy_auth + ): session = requests.Session() proxies = { - 'http': 'http://test:pass@localhost:8080', - 'https': 'http://test:pass@localhost:8090', + "http": "http://test:pass@localhost:8080", + "https": "http://test:pass@localhost:8090", } - req = requests.Request('GET', url) + req = requests.Request("GET", url) prep = req.prepare() session.rebuild_proxies(prep, proxies) - assert ('Proxy-Authorization' in prep.headers) is has_proxy_auth + assert ("Proxy-Authorization" in prep.headers) is has_proxy_auth def test_basicauth_with_netrc(self, httpbin): auth = ("user", "pass") From 22db55a8896b69e53d0a3cc2764c27b832c81478 Mon Sep 17 00:00:00 2001 From: Boris Verkhovskiy Date: Mon, 26 Jun 2023 18:09:23 +0100 Subject: [PATCH 032/164] Fix doc typo (#6467) --- requests/api.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requests/api.py b/requests/api.py index cd0b3eeac3..5960744552 100644 --- a/requests/api.py +++ b/requests/api.py @@ -25,7 +25,7 @@ def request(method, url, **kwargs): :param cookies: (optional) Dict or CookieJar object to send with the :class:`Request`. :param files: (optional) Dictionary of ``'name': file-like-objects`` (or ``{'name': file-tuple}``) for multipart encoding upload. ``file-tuple`` can be a 2-tuple ``('filename', fileobj)``, 3-tuple ``('filename', fileobj, 'content_type')`` - or a 4-tuple ``('filename', fileobj, 'content_type', custom_headers)``, where ``'content-type'`` is a string + or a 4-tuple ``('filename', fileobj, 'content_type', custom_headers)``, where ``'content_type'`` is a string defining the content type of the given file and ``custom_headers`` a dict-like object containing additional headers to add for the file. :param auth: (optional) Auth tuple to enable Basic/Digest/Custom HTTP Auth. From cdbc2e271529f467b278b2760f12ee0b5d6930d3 Mon Sep 17 00:00:00 2001 From: Matthew Armand Date: Mon, 3 Jul 2023 16:38:22 -0400 Subject: [PATCH 033/164] Add an Example for automatic retries to the Advanced Usage docs (#6258) - While Requests doesn't automatically retry failures, this ability is a very common advanced use case in real world applications. - Although there's a mention of this ability on the HTTPAdapter class docs, it's a bit buried and not very specific. - It makes sense then to have an Example in the HTTPAdapter section of the Advanced Usage docs with a basic template for how this can be accomplished with Requests. --- docs/user/advanced.rst | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index c664a83d30..055c88a956 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -1026,8 +1026,30 @@ library to use SSLv3:: num_pools=connections, maxsize=maxsize, block=block, ssl_version=ssl.PROTOCOL_SSLv3) +Example: Automatic Retries +^^^^^^^^^^^^^^^^^^^^^^^^^^ + +By default, Requests does not retry failed connections. However, it is possible +to implement automatic retries with a powerful array of features, including +backoff, within a Requests :class:`Session ` using the +`urllib3.util.Retry`_ class:: + + from urllib3.util import Retry + from requests import Session + from requests.adapters import HTTPAdapter + + s = Session() + retries = Retry( + total=3, + backoff_factor=0.1, + status_forcelist=[502, 503, 504], + allowed_methods={'POST'}, + ) + s.mount('https://', HTTPAdapter(max_retries=retries)) + .. _`described here`: https://kenreitz.org/essays/2012/06/14/the-future-of-python-http .. _`urllib3`: https://github.com/urllib3/urllib3 +.. _`urllib3.util.Retry`: https://urllib3.readthedocs.io/en/stable/reference/urllib3.util.html#urllib3.util.Retry .. _blocking-or-nonblocking: From fecf3dc472ddc78e20e96ea0b18e1589110c1d5e Mon Sep 17 00:00:00 2001 From: cpzt Date: Sun, 30 Jul 2023 09:01:42 +0800 Subject: [PATCH 034/164] add docstring parameter `hooks` (#6456) --- requests/sessions.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/requests/sessions.py b/requests/sessions.py index df35bfe2cd..2d1f8e71e0 100644 --- a/requests/sessions.py +++ b/requests/sessions.py @@ -545,6 +545,8 @@ def request( :type allow_redirects: bool :param proxies: (optional) Dictionary mapping protocol or protocol and hostname to the URL of the proxy. + :param hooks: (optional) Dictionary mapping hook name to one event or + list of events, event must be callable. :param stream: (optional) whether to immediately download the response content. Defaults to ``False``. :param verify: (optional) Either a boolean, in which case it controls whether we verify From 2ecdb685619340735fa85d253c4779029957246f Mon Sep 17 00:00:00 2001 From: Alexandre Erwin Ittner Date: Sat, 29 Jul 2023 22:50:43 -0300 Subject: [PATCH 035/164] Update reference to "cookielib" to "cookiejar" in documentation (#6214) --- requests/cookies.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/requests/cookies.py b/requests/cookies.py index bf54ab237e..f69d0cda9e 100644 --- a/requests/cookies.py +++ b/requests/cookies.py @@ -2,7 +2,7 @@ requests.cookies ~~~~~~~~~~~~~~~~ -Compatibility code to be able to use `cookielib.CookieJar` with requests. +Compatibility code to be able to use `http.cookiejar.CookieJar` with requests. requests.utils imports from here, so be careful with imports. """ @@ -23,7 +23,7 @@ class MockRequest: """Wraps a `requests.Request` to mimic a `urllib2.Request`. - The code in `cookielib.CookieJar` expects this interface in order to correctly + The code in `http.cookiejar.CookieJar` expects this interface in order to correctly manage cookie policies, i.e., determine whether a cookie can be set, given the domains of the request and the cookie. @@ -76,7 +76,7 @@ def get_header(self, name, default=None): return self._r.headers.get(name, self._new_headers.get(name, default)) def add_header(self, key, val): - """cookielib has no legitimate use for this method; add it back if you find one.""" + """cookiejar has no legitimate use for this method; add it back if you find one.""" raise NotImplementedError( "Cookie headers should be added with add_unredirected_header()" ) @@ -104,11 +104,11 @@ class MockResponse: """Wraps a `httplib.HTTPMessage` to mimic a `urllib.addinfourl`. ...what? Basically, expose the parsed HTTP headers from the server response - the way `cookielib` expects to see them. + the way `http.cookiejar` expects to see them. """ def __init__(self, headers): - """Make a MockResponse for `cookielib` to read. + """Make a MockResponse for `cookiejar` to read. :param headers: a httplib.HTTPMessage or analogous carrying the headers """ @@ -124,7 +124,7 @@ def getheaders(self, name): def extract_cookies_to_jar(jar, request, response): """Extract the cookies from the response into a CookieJar. - :param jar: cookielib.CookieJar (not necessarily a RequestsCookieJar) + :param jar: http.cookiejar.CookieJar (not necessarily a RequestsCookieJar) :param request: our own requests.Request object :param response: urllib3.HTTPResponse object """ @@ -174,7 +174,7 @@ class CookieConflictError(RuntimeError): class RequestsCookieJar(cookielib.CookieJar, MutableMapping): - """Compatibility class; is a cookielib.CookieJar, but exposes a dict + """Compatibility class; is a http.cookiejar.CookieJar, but exposes a dict interface. This is the CookieJar we create by default for requests and sessions that @@ -341,7 +341,7 @@ def __setitem__(self, name, value): self.set(name, value) def __delitem__(self, name): - """Deletes a cookie given a name. Wraps ``cookielib.CookieJar``'s + """Deletes a cookie given a name. Wraps ``http.cookiejar.CookieJar``'s ``remove_cookie_by_name()``. """ remove_cookie_by_name(self, name) From dfe46c1b7f55c9377caecba2119be14d3cce74e5 Mon Sep 17 00:00:00 2001 From: Kevin Kirsche Date: Sat, 29 Jul 2023 21:55:18 -0400 Subject: [PATCH 036/164] refactor: prefer dictionary comphrension to loop (#6187) --- requests/utils.py | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/requests/utils.py b/requests/utils.py index a367417f8e..f85f1bc614 100644 --- a/requests/utils.py +++ b/requests/utils.py @@ -466,11 +466,7 @@ def dict_from_cookiejar(cj): :rtype: dict """ - cookie_dict = {} - - for cookie in cj: - cookie_dict[cookie.name] = cookie.value - + cookie_dict = {cookie.name: cookie.value for cookie in cj} return cookie_dict From aa4cc78627bcf8ff87b73422ec06748d833c7a15 Mon Sep 17 00:00:00 2001 From: Calle Svensson Date: Sun, 30 Jul 2023 06:05:44 +0200 Subject: [PATCH 037/164] Add note about adapter prefix match to docs (#6465) --- docs/user/advanced.rst | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 055c88a956..543b378511 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -994,6 +994,10 @@ The mount call registers a specific instance of a Transport Adapter to a prefix. Once mounted, any HTTP request made using that session whose URL starts with the given prefix will use the given Transport Adapter. +.. note:: The adapter will be chosen based on a longest prefix match. Be mindful + prefixes such as ``http://localhost`` will also match ``http://localhost.other.com`` + or ``http://localhost@other.com``. It's recommended to terminate full hostnames with a ``/``. + Many of the details of implementing a Transport Adapter are beyond the scope of this documentation, but take a look at the next example for a simple SSL use- case. For more than that, you might look at subclassing the From cb7fcd7ebddb45917fb7a526d3627feb2d7738b9 Mon Sep 17 00:00:00 2001 From: Joren Vrancken Date: Sat, 12 Aug 2023 19:53:36 +0200 Subject: [PATCH 038/164] Specify that Session.headers needs to be set to a OrderedDict in Header Ordering docs (#6475) --- docs/user/advanced.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 543b378511..c90a13dc6d 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -1081,7 +1081,7 @@ Header Ordering In unusual circumstances you may want to provide headers in an ordered manner. If you pass an ``OrderedDict`` to the ``headers`` keyword argument, that will provide the headers with an ordering. *However*, the ordering of the default headers used by Requests will be preferred, which means that if you override default headers in the ``headers`` keyword argument, they may appear out of order compared to other headers in that keyword argument. -If this is problematic, users should consider setting the default headers on a :class:`Session ` object, by setting :attr:`Session ` to a custom ``OrderedDict``. That ordering will always be preferred. +If this is problematic, users should consider setting the default headers on a :class:`Session ` object, by setting :attr:`Session.headers ` to a custom ``OrderedDict``. That ordering will always be preferred. .. _timeouts: From 2c193bda0c50481d3bff4ef4d90203c578afa294 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Sat, 12 Aug 2023 12:02:58 -0700 Subject: [PATCH 039/164] Pin GHA workflows and add dependabot to keep them up to date (#6497) --- .github/dependabot.yml | 11 +++++++++++ .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/lint.yml | 6 +++--- .github/workflows/lock-issues.yml | 2 +- .github/workflows/run-tests.yml | 4 ++-- 5 files changed, 21 insertions(+), 10 deletions(-) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000000..2be85338e3 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + ignore: + # Ignore all patch releases as we can manually + # upgrade if we run into a bug and need a fix. + - dependency-name: "*" + update-types: ["version-update:semver-patch"] diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 1e7dba233b..fc6ae0f8fa 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@231aa2c8a89117b126725a0e11897209b7118144 # v1.1.39 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@231aa2c8a89117b126725a0e11897209b7118144 # v1.1.39 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@231aa2c8a89117b126725a0e11897209b7118144 # v1.1.39 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index df275c51b6..b439153aee 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,10 +11,10 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: python-version: "3.x" - name: Run pre-commit - uses: pre-commit/action@v3.0.0 + uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # v3.0.0 diff --git a/.github/workflows/lock-issues.yml b/.github/workflows/lock-issues.yml index f8429c3fdc..1bc88507d9 100644 --- a/.github/workflows/lock-issues.yml +++ b/.github/workflows/lock-issues.yml @@ -13,7 +13,7 @@ jobs: if: github.repository_owner == 'psf' runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@v3 + - uses: dessant/lock-threads@e460dfeb36e731f3aeb214be6b0c9a9d9a67eda6 # v3.0.0 with: issue-lock-inactive-days: 90 pr-lock-inactive-days: 90 diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index c4159508e4..978ab7bd5e 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -21,9 +21,9 @@ jobs: os: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v2 + uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2.3.4 with: python-version: ${{ matrix.python-version }} - name: Install dependencies From 8112fcc7beb15e1cdc66180c10a3290174866828 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Sat, 12 Aug 2023 12:03:10 -0700 Subject: [PATCH 040/164] Pre commit update (#6498) --- .pre-commit-config.yaml | 8 ++++---- requests/adapters.py | 1 - requests/auth.py | 1 - requests/models.py | 6 ++---- requests/sessions.py | 8 ++------ requests/utils.py | 1 + tests/test_requests.py | 13 ------------- 7 files changed, 9 insertions(+), 29 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5b915dc383..0a0515cf87 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,7 +2,7 @@ exclude: 'docs/|ext/' repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.0.1 + rev: v4.4.0 hooks: - id: check-yaml - id: debug-statements @@ -13,16 +13,16 @@ repos: hooks: - id: isort - repo: https://github.com/psf/black - rev: 22.3.0 + rev: 23.7.0 hooks: - id: black exclude: tests/test_lowlevel.py - repo: https://github.com/asottile/pyupgrade - rev: v2.31.1 + rev: v3.10.1 hooks: - id: pyupgrade args: [--py37-plus] - repo: https://github.com/PyCQA/flake8 - rev: 6.0.0 + rev: 6.1.0 hooks: - id: flake8 diff --git a/requests/adapters.py b/requests/adapters.py index 78e3bb6ecf..eb240fa954 100644 --- a/requests/adapters.py +++ b/requests/adapters.py @@ -247,7 +247,6 @@ def cert_verify(self, conn, url, verify, cert): :param cert: The SSL certificate to verify. """ if url.lower().startswith("https") and verify: - cert_loc = None # Allow self-specified cert location. diff --git a/requests/auth.py b/requests/auth.py index 9733686ddb..4a7ce6dc14 100644 --- a/requests/auth.py +++ b/requests/auth.py @@ -258,7 +258,6 @@ def handle_401(self, r, **kwargs): s_auth = r.headers.get("www-authenticate", "") if "digest" in s_auth.lower() and self._thread_local.num_401_calls < 2: - self._thread_local.num_401_calls += 1 pat = re.compile(r"digest ", flags=re.IGNORECASE) self._thread_local.chal = parse_dict_header(pat.sub("", s_auth, count=1)) diff --git a/requests/models.py b/requests/models.py index 617a4134e5..44556394ec 100644 --- a/requests/models.py +++ b/requests/models.py @@ -170,7 +170,7 @@ def _encode_files(files, data): ) ) - for (k, v) in files: + for k, v in files: # support for explicit filename ft = None fh = None @@ -268,7 +268,6 @@ def __init__( hooks=None, json=None, ): - # Default empty dicts for dict params. data = [] if data is None else data files = [] if files is None else files @@ -277,7 +276,7 @@ def __init__( hooks = {} if hooks is None else hooks self.hooks = default_hooks() - for (k, v) in list(hooks.items()): + for k, v in list(hooks.items()): self.register_hook(event=k, hook=v) self.method = method @@ -865,7 +864,6 @@ def iter_lines( for chunk in self.iter_content( chunk_size=chunk_size, decode_unicode=decode_unicode ): - if pending is not None: chunk = pending + chunk diff --git a/requests/sessions.py b/requests/sessions.py index 2d1f8e71e0..b387bc36df 100644 --- a/requests/sessions.py +++ b/requests/sessions.py @@ -262,7 +262,6 @@ def resolve_redirects( if yield_requests: yield req else: - resp = self.send( req, stream=stream, @@ -389,7 +388,6 @@ class Session(SessionRedirectMixin): ] def __init__(self): - #: A case-insensitive dictionary of headers to be sent on each #: :class:`Request ` sent from this #: :class:`Session `. @@ -713,7 +711,6 @@ def send(self, request, **kwargs): # Persist cookies if r.history: - # If the hooks create history then we want those cookies too for resp in r.history: extract_cookies_to_jar(self.cookies, resp.request, resp.raw) @@ -761,7 +758,7 @@ def merge_environment_settings(self, url, proxies, stream, verify, cert): # Set environment's proxies. no_proxy = proxies.get("no_proxy") if proxies is not None else None env_proxies = get_environ_proxies(url, no_proxy=no_proxy) - for (k, v) in env_proxies.items(): + for k, v in env_proxies.items(): proxies.setdefault(k, v) # Look for requests environment configuration @@ -787,8 +784,7 @@ def get_adapter(self, url): :rtype: requests.adapters.BaseAdapter """ - for (prefix, adapter) in self.adapters.items(): - + for prefix, adapter in self.adapters.items(): if url.lower().startswith(prefix.lower()): return adapter diff --git a/requests/utils.py b/requests/utils.py index f85f1bc614..1ae77d68ff 100644 --- a/requests/utils.py +++ b/requests/utils.py @@ -763,6 +763,7 @@ def should_bypass_proxies(url, no_proxy): :rtype: bool """ + # Prioritize lowercase environment variables over uppercase # to keep a consistent behaviour with other http projects (curl, wget). def get_proxy(key): diff --git a/tests/test_requests.py b/tests/test_requests.py index 5a01f5fbb2..6e831a91e7 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -75,11 +75,9 @@ class TestRequests: - digest_auth_algo = ("MD5", "SHA-256", "SHA-512") def test_entry_points(self): - requests.session requests.session().get requests.session().head @@ -510,7 +508,6 @@ def test_headers_preserve_order(self, httpbin): @pytest.mark.parametrize("key", ("User-agent", "user-agent")) def test_user_agent_transfers(self, httpbin, key): - heads = {key: "Mozilla/5.0 (github.com/psf/requests)"} r = requests.get(httpbin("user-agent"), headers=heads) @@ -704,7 +701,6 @@ def get_netrc_auth_mock(url): requests.sessions.get_netrc_auth = old_auth def test_DIGEST_HTTP_200_OK_GET(self, httpbin): - for authtype in self.digest_auth_algo: auth = HTTPDigestAuth("user", "pass") url = httpbin("digest-auth", "auth", "user", "pass", authtype, "never") @@ -722,7 +718,6 @@ def test_DIGEST_HTTP_200_OK_GET(self, httpbin): assert r.status_code == 200 def test_DIGEST_AUTH_RETURNS_COOKIE(self, httpbin): - for authtype in self.digest_auth_algo: url = httpbin("digest-auth", "auth", "user", "pass", authtype) auth = HTTPDigestAuth("user", "pass") @@ -733,7 +728,6 @@ def test_DIGEST_AUTH_RETURNS_COOKIE(self, httpbin): assert r.status_code == 200 def test_DIGEST_AUTH_SETS_SESSION_COOKIES(self, httpbin): - for authtype in self.digest_auth_algo: url = httpbin("digest-auth", "auth", "user", "pass", authtype) auth = HTTPDigestAuth("user", "pass") @@ -742,7 +736,6 @@ def test_DIGEST_AUTH_SETS_SESSION_COOKIES(self, httpbin): assert s.cookies["fake"] == "fake_value" def test_DIGEST_STREAM(self, httpbin): - for authtype in self.digest_auth_algo: auth = HTTPDigestAuth("user", "pass") url = httpbin("digest-auth", "auth", "user", "pass", authtype) @@ -754,7 +747,6 @@ def test_DIGEST_STREAM(self, httpbin): assert r.raw.read() == b"" def test_DIGESTAUTH_WRONG_HTTP_401_GET(self, httpbin): - for authtype in self.digest_auth_algo: auth = HTTPDigestAuth("user", "wrongpass") url = httpbin("digest-auth", "auth", "user", "pass", authtype) @@ -771,7 +763,6 @@ def test_DIGESTAUTH_WRONG_HTTP_401_GET(self, httpbin): assert r.status_code == 401 def test_DIGESTAUTH_QUOTES_QOP_VALUE(self, httpbin): - for authtype in self.digest_auth_algo: auth = HTTPDigestAuth("user", "pass") url = httpbin("digest-auth", "auth", "user", "pass", authtype) @@ -780,7 +771,6 @@ def test_DIGESTAUTH_QUOTES_QOP_VALUE(self, httpbin): assert '"auth"' in r.request.headers["Authorization"] def test_POSTBIN_GET_POST_FILES(self, httpbin): - url = httpbin("post") requests.post(url).raise_for_status() @@ -798,7 +788,6 @@ def test_POSTBIN_GET_POST_FILES(self, httpbin): requests.post(url, files=["bad file data"]) def test_invalid_files_input(self, httpbin): - url = httpbin("post") post = requests.post(url, files={"random-file-1": None, "random-file-2": 1}) assert b'name="random-file-1"' not in post.request.body @@ -846,7 +835,6 @@ def seek(self, offset, where=0): assert post2.json()["data"] == "st" def test_POSTBIN_GET_POST_FILES_WITH_DATA(self, httpbin): - url = httpbin("post") requests.post(url).raise_for_status() @@ -1035,7 +1023,6 @@ def test_certificate_failure(self, httpbin_secure): requests.get(httpbin_secure("status", "200")) def test_urlencoded_get_query_multivalued_param(self, httpbin): - r = requests.get(httpbin("get"), params={"test": ["foo", "baz"]}) assert r.status_code == 200 assert r.url == httpbin("get?test=foo&test=baz") From ea49261a279c9e8216f25410a9e9611b758c2611 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 12 Aug 2023 19:03:17 +0000 Subject: [PATCH 041/164] Bump dessant/lock-threads from 3.0.0 to 4.0.1 Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 3.0.0 to 4.0.1. - [Release notes](https://github.com/dessant/lock-threads/releases) - [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md) - [Commits](https://github.com/dessant/lock-threads/compare/e460dfeb36e731f3aeb214be6b0c9a9d9a67eda6...be8aa5be94131386884a6da4189effda9b14aa21) --- updated-dependencies: - dependency-name: dessant/lock-threads dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/lock-issues.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lock-issues.yml b/.github/workflows/lock-issues.yml index 1bc88507d9..66f68a1900 100644 --- a/.github/workflows/lock-issues.yml +++ b/.github/workflows/lock-issues.yml @@ -13,7 +13,7 @@ jobs: if: github.repository_owner == 'psf' runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@e460dfeb36e731f3aeb214be6b0c9a9d9a67eda6 # v3.0.0 + - uses: dessant/lock-threads@be8aa5be94131386884a6da4189effda9b14aa21 # v4.0.1 with: issue-lock-inactive-days: 90 pr-lock-inactive-days: 90 From c7933453cff05a297d4d1cdacb7fb49480e6924c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 12 Aug 2023 19:03:22 +0000 Subject: [PATCH 042/164] Bump actions/setup-python from 2.3.4 to 4.7.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2.3.4 to 4.7.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v2.3.4...61a6322f88396a6271a6ee3565807d608ecaddd1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/run-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 978ab7bd5e..01028d5cb3 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2.3.4 + uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies From 9acca90bf6bdb29f80b9c82ff66303bd6fb157fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 12 Aug 2023 19:03:30 +0000 Subject: [PATCH 043/164] Bump github/codeql-action from 1.1.39 to 2.21.3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.39 to 2.21.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/231aa2c8a89117b126725a0e11897209b7118144...5b6282e01c62d02e720b81eb8a51204f527c3624) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index fc6ae0f8fa..1a58bb8f7e 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@231aa2c8a89117b126725a0e11897209b7118144 # v1.1.39 + uses: github/codeql-action/init@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@231aa2c8a89117b126725a0e11897209b7118144 # v1.1.39 + uses: github/codeql-action/autobuild@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@231aa2c8a89117b126725a0e11897209b7118144 # v1.1.39 + uses: github/codeql-action/analyze@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3 From 4bd06cd325f4b7213708ff520f346c177ba218d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 12 Aug 2023 19:37:22 +0000 Subject: [PATCH 044/164] Bump actions/checkout from 2.7.0 to 3.5.3 Bumps [actions/checkout](https://github.com/actions/checkout) from 2.7.0 to 3.5.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2.7.0...c85c95e3d7251135ab7dc9ce3241c5835cc595a9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/run-tests.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index fc6ae0f8fa..80d4707ca6 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 01028d5cb3..d6197a6de3 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -21,7 +21,7 @@ jobs: os: ubuntu-latest steps: - - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: From 678fca84238e311ffba758d90879d4b870030498 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Sun, 13 Aug 2023 09:56:53 -0700 Subject: [PATCH 045/164] Upgrade to httpbin 0.10.0 (#6496) --- .github/workflows/run-tests.yml | 1 + requirements-dev.txt | 6 +----- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index d6197a6de3..4a151601f0 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -26,6 +26,7 @@ jobs: uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: python-version: ${{ matrix.python-version }} + cache: 'pip' - name: Install dependencies run: | make diff --git a/requirements-dev.txt b/requirements-dev.txt index d62637378e..c24a6bc6d4 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -3,11 +3,7 @@ pytest>=2.8.0,<=6.2.5 pytest-cov pytest-httpbin==2.0.0 pytest-mock==2.0.0 -httpbin==0.7.0 +httpbin==0.10.0 trustme wheel cryptography<40.0.0; python_version <= '3.7' and platform_python_implementation == 'PyPy' - -# Flask Stack -Flask>1.0,<2.0 -markupsafe<2.1 From e9fa2e2da3076e4f55f18b3f4a169c7b3916b272 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Sun, 13 Aug 2023 12:56:18 -0700 Subject: [PATCH 046/164] Add 3.12 classifier and tox configuration (#6503) --- setup.py | 1 + tox.ini | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 012354574d..e93bb41622 100755 --- a/setup.py +++ b/setup.py @@ -112,6 +112,7 @@ def run_tests(self): "Programming Language :: Python :: 3.9", "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", "Programming Language :: Python :: 3 :: Only", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", diff --git a/tox.ini b/tox.ini index 546c7371b1..92ab6d1a24 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py{37,38,39,310,311}-{default, use_chardet_on_py3} +envlist = py{37,38,39,310,311,312}-{default, use_chardet_on_py3} [testenv] deps = -rrequirements-dev.txt From d63e94f552ebf77ccf45d97e5863ac46500fa2c7 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Sun, 13 Aug 2023 14:46:13 -0700 Subject: [PATCH 047/164] Move to src directory (#6506) --- Makefile | 10 +++++----- pyproject.toml | 7 ++----- setup.cfg | 4 ++-- setup.py | 4 ++-- {requests => src/requests}/__init__.py | 0 {requests => src/requests}/__version__.py | 0 {requests => src/requests}/_internal_utils.py | 0 {requests => src/requests}/adapters.py | 0 {requests => src/requests}/api.py | 0 {requests => src/requests}/auth.py | 0 {requests => src/requests}/certs.py | 0 {requests => src/requests}/compat.py | 0 {requests => src/requests}/cookies.py | 0 {requests => src/requests}/exceptions.py | 0 {requests => src/requests}/help.py | 0 {requests => src/requests}/hooks.py | 0 {requests => src/requests}/models.py | 0 {requests => src/requests}/packages.py | 0 {requests => src/requests}/sessions.py | 0 {requests => src/requests}/status_codes.py | 0 {requests => src/requests}/structures.py | 0 {requests => src/requests}/utils.py | 0 22 files changed, 11 insertions(+), 14 deletions(-) rename {requests => src/requests}/__init__.py (100%) rename {requests => src/requests}/__version__.py (100%) rename {requests => src/requests}/_internal_utils.py (100%) rename {requests => src/requests}/adapters.py (100%) rename {requests => src/requests}/api.py (100%) rename {requests => src/requests}/auth.py (100%) rename {requests => src/requests}/certs.py (100%) rename {requests => src/requests}/compat.py (100%) rename {requests => src/requests}/cookies.py (100%) rename {requests => src/requests}/exceptions.py (100%) rename {requests => src/requests}/help.py (100%) rename {requests => src/requests}/hooks.py (100%) rename {requests => src/requests}/models.py (100%) rename {requests => src/requests}/packages.py (100%) rename {requests => src/requests}/sessions.py (100%) rename {requests => src/requests}/status_codes.py (100%) rename {requests => src/requests}/structures.py (100%) rename {requests => src/requests}/utils.py (100%) diff --git a/Makefile b/Makefile index f74dc42ddf..192b926853 100644 --- a/Makefile +++ b/Makefile @@ -1,23 +1,23 @@ .PHONY: docs init: - pip install -r requirements-dev.txt + python -m pip install -r requirements-dev.txt test: # This runs all of the tests on all supported Python versions. tox -p ci: - pytest tests --junitxml=report.xml + python -m pytest tests --junitxml=report.xml test-readme: python setup.py check --restructuredtext --strict && ([ $$? -eq 0 ] && echo "README.rst and HISTORY.rst ok") || echo "Invalid markup in README.rst or HISTORY.rst!" flake8: - flake8 --ignore=E501,F401,E128,E402,E731,F821 requests + python -m flake8 src/requests coverage: - pytest --cov-config .coveragerc --verbose --cov-report term --cov-report xml --cov=requests tests + python -m pytest --cov-config .coveragerc --verbose --cov-report term --cov-report xml --cov=src/requests tests publish: - pip install 'twine>=1.5.0' + python -m pip install 'twine>=1.5.0' python setup.py sdist bdist_wheel twine upload dist/* rm -fr build dist .egg requests.egg-info diff --git a/pyproject.toml b/pyproject.toml index d3ab7bd9bb..1b7901e155 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,13 +1,10 @@ [tool.isort] profile = "black" -src_paths = ["requests", "test"] +src_paths = ["src/requests", "test"] honor_noqa = true [tool.pytest.ini_options] addopts = "--doctest-modules" doctest_optionflags = "NORMALIZE_WHITESPACE ELLIPSIS" minversion = "6.2" -testpaths = [ - "requests", - "tests", -] +testpaths = ["tests"] diff --git a/setup.cfg b/setup.cfg index bf21c81cc0..14e2d96cf6 100644 --- a/setup.cfg +++ b/setup.cfg @@ -12,6 +12,6 @@ requires-dist = [flake8] ignore = E203, E501, W503 per-file-ignores = - requests/__init__.py:E402, F401 - requests/compat.py:E402, F401 + src/requests/__init__.py:E402, F401 + src/requests/compat.py:E402, F401 tests/compat.py:F401 diff --git a/setup.py b/setup.py index e93bb41622..dc8043a695 100755 --- a/setup.py +++ b/setup.py @@ -75,7 +75,7 @@ def run_tests(self): about = {} here = os.path.abspath(os.path.dirname(__file__)) -with open(os.path.join(here, "requests", "__version__.py"), "r", "utf-8") as f: +with open(os.path.join(here, "src", "requests", "__version__.py"), "r", "utf-8") as f: exec(f.read(), about) with open("README.md", "r", "utf-8") as f: @@ -92,7 +92,7 @@ def run_tests(self): url=about["__url__"], packages=["requests"], package_data={"": ["LICENSE", "NOTICE"]}, - package_dir={"requests": "requests"}, + package_dir={"": "src"}, include_package_data=True, python_requires=">=3.7", install_requires=requires, diff --git a/requests/__init__.py b/src/requests/__init__.py similarity index 100% rename from requests/__init__.py rename to src/requests/__init__.py diff --git a/requests/__version__.py b/src/requests/__version__.py similarity index 100% rename from requests/__version__.py rename to src/requests/__version__.py diff --git a/requests/_internal_utils.py b/src/requests/_internal_utils.py similarity index 100% rename from requests/_internal_utils.py rename to src/requests/_internal_utils.py diff --git a/requests/adapters.py b/src/requests/adapters.py similarity index 100% rename from requests/adapters.py rename to src/requests/adapters.py diff --git a/requests/api.py b/src/requests/api.py similarity index 100% rename from requests/api.py rename to src/requests/api.py diff --git a/requests/auth.py b/src/requests/auth.py similarity index 100% rename from requests/auth.py rename to src/requests/auth.py diff --git a/requests/certs.py b/src/requests/certs.py similarity index 100% rename from requests/certs.py rename to src/requests/certs.py diff --git a/requests/compat.py b/src/requests/compat.py similarity index 100% rename from requests/compat.py rename to src/requests/compat.py diff --git a/requests/cookies.py b/src/requests/cookies.py similarity index 100% rename from requests/cookies.py rename to src/requests/cookies.py diff --git a/requests/exceptions.py b/src/requests/exceptions.py similarity index 100% rename from requests/exceptions.py rename to src/requests/exceptions.py diff --git a/requests/help.py b/src/requests/help.py similarity index 100% rename from requests/help.py rename to src/requests/help.py diff --git a/requests/hooks.py b/src/requests/hooks.py similarity index 100% rename from requests/hooks.py rename to src/requests/hooks.py diff --git a/requests/models.py b/src/requests/models.py similarity index 100% rename from requests/models.py rename to src/requests/models.py diff --git a/requests/packages.py b/src/requests/packages.py similarity index 100% rename from requests/packages.py rename to src/requests/packages.py diff --git a/requests/sessions.py b/src/requests/sessions.py similarity index 100% rename from requests/sessions.py rename to src/requests/sessions.py diff --git a/requests/status_codes.py b/src/requests/status_codes.py similarity index 100% rename from requests/status_codes.py rename to src/requests/status_codes.py diff --git a/requests/structures.py b/src/requests/structures.py similarity index 100% rename from requests/structures.py rename to src/requests/structures.py diff --git a/requests/utils.py b/src/requests/utils.py similarity index 100% rename from requests/utils.py rename to src/requests/utils.py From 005571d1180835eb5266a3fdbdbe8fdae57d90c2 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Sun, 13 Aug 2023 16:08:21 -0700 Subject: [PATCH 048/164] Remove pytest-mock requirement (#6505) --- requirements-dev.txt | 1 - tests/test_help.py | 14 ++++++++------ tests/test_requests.py | 31 +++++++++++++++---------------- tests/test_utils.py | 9 +++++---- 4 files changed, 28 insertions(+), 27 deletions(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index c24a6bc6d4..f137c46a33 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -2,7 +2,6 @@ pytest>=2.8.0,<=6.2.5 pytest-cov pytest-httpbin==2.0.0 -pytest-mock==2.0.0 httpbin==0.10.0 trustme wheel diff --git a/tests/test_help.py b/tests/test_help.py index fb4e967c53..5fca6207ef 100644 --- a/tests/test_help.py +++ b/tests/test_help.py @@ -1,3 +1,5 @@ +from unittest import mock + from requests.help import info @@ -11,15 +13,15 @@ def __init__(self, version): self.__version__ = version -def test_idna_without_version_attribute(mocker): +def test_idna_without_version_attribute(): """Older versions of IDNA don't provide a __version__ attribute, verify that if we have such a package, we don't blow up. """ - mocker.patch("requests.help.idna", new=None) - assert info()["idna"] == {"version": ""} + with mock.patch("requests.help.idna", new=None): + assert info()["idna"] == {"version": ""} -def test_idna_with_version_attribute(mocker): +def test_idna_with_version_attribute(): """Verify we're actually setting idna version when it should be available.""" - mocker.patch("requests.help.idna", new=VersionedPackage("2.6")) - assert info()["idna"] == {"version": "2.6"} + with mock.patch("requests.help.idna", new=VersionedPackage("2.6")): + assert info()["idna"] == {"version": "2.6"} diff --git a/tests/test_requests.py b/tests/test_requests.py index 6e831a91e7..5d8d2cd3af 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -8,6 +8,7 @@ import pickle import re import warnings +from unittest import mock import pytest import urllib3 @@ -972,12 +973,12 @@ def test_invalid_ssl_certificate_files(self, httpbin_secure): ), ), ) - def test_env_cert_bundles(self, httpbin, mocker, env, expected): + def test_env_cert_bundles(self, httpbin, env, expected): s = requests.Session() - mocker.patch("os.environ", env) - settings = s.merge_environment_settings( - url=httpbin("get"), proxies={}, stream=False, verify=True, cert=None - ) + with mock.patch("os.environ", env): + settings = s.merge_environment_settings( + url=httpbin("get"), proxies={}, stream=False, verify=True, cert=None + ) assert settings["verify"] == expected def test_http_with_certificate(self, httpbin): @@ -1464,11 +1465,9 @@ def test_response_chunk_size_type(self): (urllib3.exceptions.SSLError, tuple(), RequestsSSLError), ), ) - def test_iter_content_wraps_exceptions( - self, httpbin, mocker, exception, args, expected - ): + def test_iter_content_wraps_exceptions(self, httpbin, exception, args, expected): r = requests.Response() - r.raw = mocker.Mock() + r.raw = mock.Mock() # ReadTimeoutError can't be initialized by mock # so we'll manually create the instance with args r.raw.stream.side_effect = exception(*args) @@ -2093,16 +2092,16 @@ def test_response_iter_lines_reentrant(self, httpbin): next(r.iter_lines()) assert len(list(r.iter_lines())) == 3 - def test_session_close_proxy_clear(self, mocker): + def test_session_close_proxy_clear(self): proxies = { - "one": mocker.Mock(), - "two": mocker.Mock(), + "one": mock.Mock(), + "two": mock.Mock(), } session = requests.Session() - mocker.patch.dict(session.adapters["http://"].proxy_manager, proxies) - session.close() - proxies["one"].clear.assert_called_once_with() - proxies["two"].clear.assert_called_once_with() + with mock.patch.dict(session.adapters["http://"].proxy_manager, proxies): + session.close() + proxies["one"].clear.assert_called_once_with() + proxies["two"].clear.assert_called_once_with() def test_proxy_auth(self): adapter = HTTPAdapter() diff --git a/tests/test_utils.py b/tests/test_utils.py index 112bbd1eaf..8988eaf69c 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -5,6 +5,7 @@ import zipfile from collections import deque from io import BytesIO +from unittest import mock import pytest @@ -751,13 +752,13 @@ def test_should_bypass_proxies(url, expected, monkeypatch): ("http://user:pass@hostname:5000", "hostname"), ), ) -def test_should_bypass_proxies_pass_only_hostname(url, expected, mocker): +def test_should_bypass_proxies_pass_only_hostname(url, expected): """The proxy_bypass function should be called with a hostname or IP without a port number or auth credentials. """ - proxy_bypass = mocker.patch("requests.utils.proxy_bypass") - should_bypass_proxies(url, no_proxy=None) - proxy_bypass.assert_called_once_with(expected) + with mock.patch("requests.utils.proxy_bypass") as proxy_bypass: + should_bypass_proxies(url, no_proxy=None) + proxy_bypass.assert_called_once_with(expected) @pytest.mark.parametrize( From 89f0eb91b396619db6695b64e368950e36bdbe7f Mon Sep 17 00:00:00 2001 From: Jonas Schell Date: Wed, 16 Aug 2023 17:16:53 +0200 Subject: [PATCH 049/164] fix monthly download badge (#6507) --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c90ef08a5e..c4b170e70f 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ Requests allows you to send HTTP/1.1 requests extremely easily. There’s no nee Requests is one of the most downloaded Python packages today, pulling in around `30M downloads / week`— according to GitHub, Requests is currently [depended upon](https://github.com/psf/requests/network/dependents?package_id=UGFja2FnZS01NzA4OTExNg%3D%3D) by `1,000,000+` repositories. You may certainly put your trust in this code. -[![Downloads](https://pepy.tech/badge/requests/month)](https://pepy.tech/project/requests) +[![Downloads](https://static.pepy.tech/badge/requests/month)](https://pepy.tech/project/requests) [![Supported Versions](https://img.shields.io/pypi/pyversions/requests.svg)](https://pypi.org/project/requests) [![Contributors](https://img.shields.io/github/contributors/psf/requests.svg)](https://github.com/psf/requests/graphs/contributors) From 2ee5b0b01c9e7c14217a536886b337d6f08b9aac Mon Sep 17 00:00:00 2001 From: 13steinj <13steinj@users.noreply.github.com> Date: Fri, 18 Aug 2023 12:01:26 -0500 Subject: [PATCH 050/164] Fix documentation monthly download badge (#6508) --- docs/index.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/index.rst b/docs/index.rst index 306b60f3ea..50b0adc3d2 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -9,7 +9,7 @@ Requests: HTTP for Humans™ Release v\ |version|. (:ref:`Installation `) -.. image:: https://pepy.tech/badge/requests/month +.. image:: https://static.pepy.tech/badge/requests/month :target: https://pepy.tech/project/requests :alt: Requests Downloads Per Month Badge From bea231b033d643a6c4152a5b12c3e0b2524ed48f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Aug 2023 16:12:37 +0000 Subject: [PATCH 051/164] Bump actions/checkout from 3.5.3 to 3.6.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index f64eeadc26..274de9808b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index b439153aee..fcb73eb0ef 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,7 +11,7 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Set up Python uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 4a151601f0..d9b4741786 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -21,7 +21,7 @@ jobs: os: ubuntu-latest steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: From 4585a7fbdaaebf19d213eb16326afae2e9382abe Mon Sep 17 00:00:00 2001 From: "Johnny.H" Date: Tue, 29 Aug 2023 13:41:49 +0800 Subject: [PATCH 052/164] remove pytest.ini since it does not exist anymore --- MANIFEST.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MANIFEST.in b/MANIFEST.in index 633be369e2..87a23ab937 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -1,2 +1,2 @@ -include README.md LICENSE NOTICE HISTORY.md pytest.ini requirements-dev.txt +include README.md LICENSE NOTICE HISTORY.md requirements-dev.txt recursive-include tests *.py From 29fc8d1e9346a29b91513547d626e23f4c36e557 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Sep 2023 16:21:27 +0000 Subject: [PATCH 053/164] Bump actions/checkout from 3.6.0 to 4.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 274de9808b..a4dfacdf96 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index fcb73eb0ef..00a8ddafe0 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,7 +11,7 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Set up Python uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index d9b4741786..0214e32f9f 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -21,7 +21,7 @@ jobs: os: ubuntu-latest steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: From 6c8d9b1d0fd6bef2e7b617bcb1574e69c4fc8780 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Wed, 13 Sep 2023 09:33:58 -0500 Subject: [PATCH 054/164] Autoclose specific issue templates We spend a fair amount of time closing issues because people don't read the template closely or understand what they're being told. Let's take advantage of being able to auto-label an issue based on the template and then trigger a workflow to auto-magically close the issue with a message and lock the issue. --- .github/ISSUE_TEMPLATE/Custom.md | 3 ++ .github/ISSUE_TEMPLATE/Feature_request.md | 3 ++ .github/workflows/close-issues.yml | 35 +++++++++++++++++++++++ 3 files changed, 41 insertions(+) create mode 100644 .github/workflows/close-issues.yml diff --git a/.github/ISSUE_TEMPLATE/Custom.md b/.github/ISSUE_TEMPLATE/Custom.md index 19291c1500..332c3aea97 100644 --- a/.github/ISSUE_TEMPLATE/Custom.md +++ b/.github/ISSUE_TEMPLATE/Custom.md @@ -1,6 +1,9 @@ --- name: Request for Help about: Guidance on using Requests. +labels: +- "Question/Not a bug" +- "actions/autoclose-qa" --- diff --git a/.github/ISSUE_TEMPLATE/Feature_request.md b/.github/ISSUE_TEMPLATE/Feature_request.md index dcf6a445fb..544113ae1c 100644 --- a/.github/ISSUE_TEMPLATE/Feature_request.md +++ b/.github/ISSUE_TEMPLATE/Feature_request.md @@ -1,6 +1,9 @@ --- name: Feature request about: Suggest an idea for this project +labels: +- "Feature Request" +- "actions/autoclose-feat" --- diff --git a/.github/workflows/close-issues.yml b/.github/workflows/close-issues.yml new file mode 100644 index 0000000000..6b3d621013 --- /dev/null +++ b/.github/workflows/close-issues.yml @@ -0,0 +1,35 @@ +name: 'Autoclose Issues' + +on: + issues: + types: + - labeled + +permissions: + issues: write + +jobs: + close_qa: + if: github.event.label.name == 'actions/autoclose-qa' + runs-on: ubuntu-latest + steps: + - env: + GITHUB_TOKEN: ${{ secrets.MY_TOKEN }} + ISSUE_URL: ${{ github.event.issue.html_url }} + run: | + gh issue close $ISSUE_URL \ + --comment "As described in the template, this is not the appropriate place for questions. Please use Stack Overflow" \ + --reason completed + gh issue lock $ISSUE_URL --reason off_topic + close_feature_request: + if: github.event.label.name == 'actions/autoclose-feat' + runs-on: ubuntu-latest + steps: + - env: + GITHUB_TOKEN: ${{ secrets.MY_TOKEN }} + ISSUE_URL: ${{ github.event.issue.html_url }} + run: | + gh issue close $ISSUE_URL \ + --comment "As described in the template, Requests is not accepting feature requests" \ + --reason "not planned" + gh issue lock $ISSUE_URL --reason off_topic From 12862617df7391a87f30d5bc30fffbcfd8fa3761 Mon Sep 17 00:00:00 2001 From: anupam-arista <118899211+anupam-arista@users.noreply.github.com> Date: Thu, 14 Sep 2023 14:29:37 +0530 Subject: [PATCH 055/164] Update models.Response.json docstring clearer --- src/requests/models.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/requests/models.py b/src/requests/models.py index 44556394ec..b521474926 100644 --- a/src/requests/models.py +++ b/src/requests/models.py @@ -940,7 +940,7 @@ def text(self): return content def json(self, **kwargs): - r"""Returns the json-encoded content of a response, if any. + r"""Returns the json-decoded dict of a response, if any. :param \*\*kwargs: Optional arguments that ``json.loads`` takes. :raises requests.exceptions.JSONDecodeError: If the response body does not From a775435c4b3ecb9f8f49b91ccb5403a071a0a4ee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Sep 2023 16:28:35 +0000 Subject: [PATCH 056/164] Bump actions/checkout from 4.0.0 to 4.1.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/3df4ab11eba7bda6032a0b82a6bb43b11571feac...8ade135a41bc03ea155e62e844d188df1ea18608) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a4dfacdf96..65d312f4d0 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 00a8ddafe0..3a358a290a 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,7 +11,7 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 0214e32f9f..5461ccddfb 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -21,7 +21,7 @@ jobs: os: ubuntu-latest steps: - - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: From f5a7aefc2dc123c65ec1c6d3e83949999b03876b Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Fri, 6 Oct 2023 15:34:24 -0700 Subject: [PATCH 057/164] Fix urllib3 pin in setup.cfg (#6545) --- setup.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.cfg b/setup.cfg index 14e2d96cf6..8d44e0e14b 100644 --- a/setup.cfg +++ b/setup.cfg @@ -7,7 +7,7 @@ requires-dist = certifi>=2017.4.17 charset_normalizer>=2,<4 idna>=2.5,<4 - urllib3>=1.21.1,<1.27 + urllib3>=1.21.1,<3 [flake8] ignore = E203, E501, W503 From 42a3b5cce8336c52ad7102a3a493576ba40fb4fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 16:29:55 +0000 Subject: [PATCH 058/164] Bump github/codeql-action from 2.21.3 to 2.22.1 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.3 to 2.22.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/5b6282e01c62d02e720b81eb8a51204f527c3624...fdcae64e1484d349b3366718cdfef3d404390e85) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 65d312f4d0..a2a43cfcde 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3 + uses: github/codeql-action/init@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3 + uses: github/codeql-action/autobuild@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@5b6282e01c62d02e720b81eb8a51204f527c3624 # v2.21.3 + uses: github/codeql-action/analyze@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1 From f75b9504fc8427c1617bac2dd1e1aa405c9f1b1b Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Wed, 11 Oct 2023 08:19:14 -0500 Subject: [PATCH 059/164] Update close comment Co-authored-by: Nate Prewitt --- .github/workflows/close-issues.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/close-issues.yml b/.github/workflows/close-issues.yml index 6b3d621013..29fcde7439 100644 --- a/.github/workflows/close-issues.yml +++ b/.github/workflows/close-issues.yml @@ -18,7 +18,7 @@ jobs: ISSUE_URL: ${{ github.event.issue.html_url }} run: | gh issue close $ISSUE_URL \ - --comment "As described in the template, this is not the appropriate place for questions. Please use Stack Overflow" \ + --comment "As described in the template, we won't be able to answer questions on this issue tracker. Please use [Stack Overflow](https://stackoverflow.com/)" \ --reason completed gh issue lock $ISSUE_URL --reason off_topic close_feature_request: From 818776862239a7dd97d39157ec3a202c35af122c Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Wed, 11 Oct 2023 08:19:57 -0500 Subject: [PATCH 060/164] Update close-issues.yml Remove references to GITHUB_TOKEN/MY_TOKEN --- .github/workflows/close-issues.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/close-issues.yml b/.github/workflows/close-issues.yml index 29fcde7439..f1c177baa5 100644 --- a/.github/workflows/close-issues.yml +++ b/.github/workflows/close-issues.yml @@ -14,7 +14,6 @@ jobs: runs-on: ubuntu-latest steps: - env: - GITHUB_TOKEN: ${{ secrets.MY_TOKEN }} ISSUE_URL: ${{ github.event.issue.html_url }} run: | gh issue close $ISSUE_URL \ @@ -26,7 +25,6 @@ jobs: runs-on: ubuntu-latest steps: - env: - GITHUB_TOKEN: ${{ secrets.MY_TOKEN }} ISSUE_URL: ${{ github.event.issue.html_url }} run: | gh issue close $ISSUE_URL \ From a8e9c1b436e9a35c271d8b690eefbc0d3d18df0f Mon Sep 17 00:00:00 2001 From: sumedhrao7 Date: Wed, 18 Oct 2023 07:40:50 +0530 Subject: [PATCH 061/164] added assert statements into tests/test_requests/test_header_validation in regards to the issue #6551 --- tests/test_requests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_requests.py b/tests/test_requests.py index 5d8d2cd3af..a71fe7d6b8 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -1702,7 +1702,7 @@ def test_header_validation(self, httpbin): } r = requests.get(httpbin("get"), headers=valid_headers) for key in valid_headers.keys(): - valid_headers[key] == r.request.headers[key] + assert valid_headers[key] == r.request.headers[key] @pytest.mark.parametrize( "invalid_header, key", From ad761abcdd2f1b5e4fcba549676b2ea52bd325cd Mon Sep 17 00:00:00 2001 From: mayank Date: Tue, 31 Oct 2023 00:50:10 +0530 Subject: [PATCH 062/164] every chardet package maps to requests.packages.chardet.* package respectively --- src/requests/packages.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/requests/packages.py b/src/requests/packages.py index 77c45c9e90..9962bcd269 100644 --- a/src/requests/packages.py +++ b/src/requests/packages.py @@ -23,6 +23,5 @@ target = chardet.__name__ for mod in list(sys.modules): if mod == target or mod.startswith(f"{target}."): - target = target.replace(target, "chardet") - sys.modules[f"requests.packages.{target}"] = sys.modules[mod] -# Kinda cool, though, right? + sys.modules[f"requests.packages.{mod}"] = sys.modules[mod] +# Kinda cool, though, right? \ No newline at end of file From e9b1217cff710307e5de9fb8ce2fc21eb79acec3 Mon Sep 17 00:00:00 2001 From: mayank Date: Tue, 31 Oct 2023 20:37:59 +0530 Subject: [PATCH 063/164] added handling for chardet and charset_normalizer imports --- src/requests/packages.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/requests/packages.py b/src/requests/packages.py index 9962bcd269..34fccdb71d 100644 --- a/src/requests/packages.py +++ b/src/requests/packages.py @@ -24,4 +24,6 @@ for mod in list(sys.modules): if mod == target or mod.startswith(f"{target}."): sys.modules[f"requests.packages.{mod}"] = sys.modules[mod] + target = target.replace(target, "chardet") + sys.modules[f"requests.packages.{target}"] = sys.modules[mod] # Kinda cool, though, right? \ No newline at end of file From d7490c9d2dc967f68c6ca38b73aa099bc888a04e Mon Sep 17 00:00:00 2001 From: amkarn258 <55189266+amkarn258@users.noreply.github.com> Date: Tue, 31 Oct 2023 22:36:39 +0530 Subject: [PATCH 064/164] Update src/requests/packages.py Co-authored-by: Ian Stapleton Cordasco --- src/requests/packages.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/requests/packages.py b/src/requests/packages.py index 34fccdb71d..0a90f54d99 100644 --- a/src/requests/packages.py +++ b/src/requests/packages.py @@ -23,7 +23,8 @@ target = chardet.__name__ for mod in list(sys.modules): if mod == target or mod.startswith(f"{target}."): - sys.modules[f"requests.packages.{mod}"] = sys.modules[mod] - target = target.replace(target, "chardet") - sys.modules[f"requests.packages.{target}"] = sys.modules[mod] + imported_mod = sys.modules[mod] + sys.modules[f"requests.packages.{mod}"] = imported_mod + mod = mod.replace(target, "chardet") + sys.modules[f"requests.packages.{mod}"] = imported_mod # Kinda cool, though, right? \ No newline at end of file From 89cde235bec9374273281c1b4c9277c409246a6c Mon Sep 17 00:00:00 2001 From: mayank Date: Sat, 4 Nov 2023 23:20:21 +0530 Subject: [PATCH 065/164] checkstyle --- src/requests/packages.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/requests/packages.py b/src/requests/packages.py index 0a90f54d99..a9e5ae087d 100644 --- a/src/requests/packages.py +++ b/src/requests/packages.py @@ -27,4 +27,4 @@ sys.modules[f"requests.packages.{mod}"] = imported_mod mod = mod.replace(target, "chardet") sys.modules[f"requests.packages.{mod}"] = imported_mod -# Kinda cool, though, right? \ No newline at end of file +# Kinda cool, though, right? From c32b046243dcbf0dceb952da1317261109ac45c4 Mon Sep 17 00:00:00 2001 From: Matthew Carruth Date: Wed, 15 Nov 2023 17:00:28 -0800 Subject: [PATCH 066/164] Fix missing space in error message --- src/requests/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/requests/utils.py b/src/requests/utils.py index 1ae77d68ff..629ccb73d4 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -1051,7 +1051,7 @@ def _validate_header_part(header, header_part, header_validator_index): if not validator.match(header_part): header_kind = "name" if header_validator_index == 0 else "value" raise InvalidHeader( - f"Invalid leading whitespace, reserved character(s), or return" + f"Invalid leading whitespace, reserved character(s), or return " f"character(s) in header {header_kind}: {header_part!r}" ) From e66a07b28651ddeab4297fbf3a600cb42b21dfe6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Nov 2023 16:28:17 +0000 Subject: [PATCH 067/164] Bump dessant/lock-threads from 4.0.1 to 5.0.0 Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 4.0.1 to 5.0.0. - [Release notes](https://github.com/dessant/lock-threads/releases) - [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md) - [Commits](https://github.com/dessant/lock-threads/compare/be8aa5be94131386884a6da4189effda9b14aa21...d42e5f49803f3c4e14ffee0378e31481265dda22) --- updated-dependencies: - dependency-name: dessant/lock-threads dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/lock-issues.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lock-issues.yml b/.github/workflows/lock-issues.yml index 66f68a1900..7d5a3c6525 100644 --- a/.github/workflows/lock-issues.yml +++ b/.github/workflows/lock-issues.yml @@ -13,7 +13,7 @@ jobs: if: github.repository_owner == 'psf' runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@be8aa5be94131386884a6da4189effda9b14aa21 # v4.0.1 + - uses: dessant/lock-threads@d42e5f49803f3c4e14ffee0378e31481265dda22 # v5.0.0 with: issue-lock-inactive-days: 90 pr-lock-inactive-days: 90 From 15849947ec4b8b7c3c136a47e950499edfd36921 Mon Sep 17 00:00:00 2001 From: Elliot Ford Date: Wed, 22 Nov 2023 11:31:53 +0000 Subject: [PATCH 068/164] fix docstring typo: a -> as --- src/requests/utils.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/requests/utils.py b/src/requests/utils.py index 629ccb73d4..c3b123ea4e 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -859,7 +859,7 @@ def select_proxy(url, proxies): def resolve_proxies(request, proxies, trust_env=True): """This method takes proxy information from a request and configuration input to resolve a mapping of target proxies. This will consider settings - such a NO_PROXY to strip proxy configurations. + such as NO_PROXY to strip proxy configurations. :param request: Request or PreparedRequest :param proxies: A dictionary of schemes or schemes and hosts to proxy URLs From f6707042d8b18d2a3737380bf58ff020872fb07b Mon Sep 17 00:00:00 2001 From: Bruce Adams Date: Mon, 27 Nov 2023 17:27:43 -0500 Subject: [PATCH 069/164] Unit test for string containing multi-byte UTF-8 There are two tests here. One demonstrating existing, correct behavior for `data=bytes`, and another, failing, test for the case where `data=string` and the string contains multi-byte UTF-8. --- tests/test_requests.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/tests/test_requests.py b/tests/test_requests.py index a71fe7d6b8..b6fb84d1bd 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -1808,6 +1808,23 @@ def test_autoset_header_values_are_native(self, httpbin): assert p.headers["Content-Length"] == length + def test_content_length_for_bytes_data(self, httpbin): + data = "This is a string containing multi-byte UTF-8 ☃️" + encoded_data = data.encode("utf-8") + length = str(len(encoded_data)) + req = requests.Request("POST", httpbin("post"), data=encoded_data) + p = req.prepare() + + assert p.headers["Content-Length"] == length + + def test_content_length_for_string_data_counts_bytes(self, httpbin): + data = "This is a string containing multi-byte UTF-8 ☃️" + length = str(len(data.encode("utf-8"))) + req = requests.Request("POST", httpbin("post"), data=data) + p = req.prepare() + + assert p.headers["Content-Length"] == length + def test_nonhttp_schemes_dont_check_URLs(self): test_urls = ( "data:image/gif;base64,R0lGODlhAQABAHAAACH5BAUAAAAALAAAAAABAAEAAAICRAEAOw==", From b37878d3407995e41fd3c160fd04d5d0afda1130 Mon Sep 17 00:00:00 2001 From: Ata Tuzuner Date: Tue, 28 Nov 2023 18:12:22 -0500 Subject: [PATCH 070/164] Too early definition added to 425 status code type --- src/requests/status_codes.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/requests/status_codes.py b/src/requests/status_codes.py index 4bd072be97..235881224f 100644 --- a/src/requests/status_codes.py +++ b/src/requests/status_codes.py @@ -79,7 +79,7 @@ 422: ("unprocessable_entity", "unprocessable"), 423: ("locked",), 424: ("failed_dependency", "dependency"), - 425: ("unordered_collection", "unordered"), + 425: ("unordered_collection", "unordered", "too_early"), 426: ("upgrade_required", "upgrade"), 428: ("precondition_required", "precondition"), 429: ("too_many_requests", "too_many"), From 889910c77a9618dc59dd800c17913e2b1644cee3 Mon Sep 17 00:00:00 2001 From: Ata Tuzuner Date: Wed, 29 Nov 2023 12:24:15 -0500 Subject: [PATCH 071/164] Added tests for status code 425 definitions. --- tests/test_requests.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/test_requests.py b/tests/test_requests.py index a71fe7d6b8..0ac3092f5e 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -2795,3 +2795,16 @@ def test_json_decode_persists_doc_attr(self, httpbin): with pytest.raises(requests.exceptions.JSONDecodeError) as excinfo: r.json() assert excinfo.value.doc == r.text + + def test_status_code_425(self): + r1 = requests.codes.get("TOO_EARLY") + r2 = requests.codes.get("too_early") + r3 = requests.codes.get("UNORDERED") + r4 = requests.codes.get("unordered") + r5 = requests.codes.get("UNORDERED_COLLECTION") + r6 = requests.codes.get("unordered_collection") + + assert r1 == 425 + assert r2 == 425 + assert r3 == 425 + assert r4 == 425 From ec84f2c539d952499e0207849dfd3f73e2c11324 Mon Sep 17 00:00:00 2001 From: Ata Tuzuner Date: Wed, 29 Nov 2023 12:27:18 -0500 Subject: [PATCH 072/164] Fixes to test --- tests/test_requests.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/test_requests.py b/tests/test_requests.py index 0ac3092f5e..34796dc7ec 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -2808,3 +2808,5 @@ def test_status_code_425(self): assert r2 == 425 assert r3 == 425 assert r4 == 425 + assert r5 == 425 + assert r6 == 425 From 3fd309a5c14e4cfbd96bea6c8e71b4958fe090bb Mon Sep 17 00:00:00 2001 From: Bruce Adams Date: Tue, 28 Nov 2023 13:17:49 -0500 Subject: [PATCH 073/164] Enhance `super_len` to count encoded bytes for str This fixes issue #6586 --- src/requests/utils.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/requests/utils.py b/src/requests/utils.py index c3b123ea4e..a603a8638c 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -134,6 +134,9 @@ def super_len(o): total_length = None current_position = 0 + if isinstance(o, str): + o = o.encode("utf-8") + if hasattr(o, "__len__"): total_length = len(o) From d6ffd868ee3730f4e5c7d1595da37e2027a93eb8 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Fri, 1 Dec 2023 08:05:59 -0600 Subject: [PATCH 074/164] Update close-issues.yml I noticed the auto-labeling was working but not the auto-closing. Looking at recent actions runs I see that we need to specify the token even if we're not giving our own special token. See https://github.com/psf/requests/actions/runs/7057701782/job/19211845073#step:2:13 for additional context, namely ``` gh: To use GitHub CLI in a GitHub Actions workflow, set the GH_TOKEN environment variable. Example: env: GH_TOKEN: ${{ github.token }} ``` --- .github/workflows/close-issues.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/close-issues.yml b/.github/workflows/close-issues.yml index f1c177baa5..bedc75ea5b 100644 --- a/.github/workflows/close-issues.yml +++ b/.github/workflows/close-issues.yml @@ -15,6 +15,7 @@ jobs: steps: - env: ISSUE_URL: ${{ github.event.issue.html_url }} + GH_TOKEN: ${{ github.token }} run: | gh issue close $ISSUE_URL \ --comment "As described in the template, we won't be able to answer questions on this issue tracker. Please use [Stack Overflow](https://stackoverflow.com/)" \ @@ -26,6 +27,7 @@ jobs: steps: - env: ISSUE_URL: ${{ github.event.issue.html_url }} + GH_TOKEN: ${{ github.token }} run: | gh issue close $ISSUE_URL \ --comment "As described in the template, Requests is not accepting feature requests" \ From ba67dc8dccd114faf8347e66c56baaa9d72f6429 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 16:07:15 +0000 Subject: [PATCH 075/164] Bump actions/setup-python from 4.7.0 to 5.0.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.0 to 5.0.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/61a6322f88396a6271a6ee3565807d608ecaddd1...0a5c61591373683505ea898e09a3ea4f39ef2b9c) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 3a358a290a..b35a32d13a 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 + uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: "3.x" - name: Run pre-commit diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 5461ccddfb..8178ed423a 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 + uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: ${{ matrix.python-version }} cache: 'pip' From a64f32ba453bc19aa679018838bee8ef8cc9a68b Mon Sep 17 00:00:00 2001 From: Rodrigo Silva Date: Wed, 13 Dec 2023 10:05:12 -0300 Subject: [PATCH 076/164] Add note on connection timeout being larger than specified. Fix #5773 On servers with multiple IPs, such as IPv4 and IPv6, `urllib3` tries each address sequentially until one successfully connects, using the specified timeout for _each_ attempt, leading to a total connection timeout that is a _multiple_ of the requested time. --- docs/user/advanced.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index c90a13dc6d..129cf4d0d6 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -1122,4 +1122,12 @@ coffee. r = requests.get('https://github.com', timeout=None) +.. note:: The connect timeout applies to each connection attempt to an IP address. +If multiple addresses exist for a domain name, the underlying ``urllib3`` will +try each address sequentially until one successfully connects. +This may lead to an effective total connection timeout *multiple* times longer +than the specified time, e.g. an unresponsive server having both IPv4 and IPv6 +addresses will have its perceived timeout *doubled*, so take that into account +when setting the connection timeout. + .. _`connect()`: https://linux.die.net/man/2/connect From c7c2ebf1a7b4b0f4149b3935b781e1392015e2d6 Mon Sep 17 00:00:00 2001 From: Nicola Soranzo Date: Fri, 15 Dec 2023 20:59:51 +0000 Subject: [PATCH 077/164] Add now mandatory readthedocs config file Docs builds currently fail with: ``` Problem in your project's configuration. No default configuration file found at repository's root. See https://docs.readthedocs.io/en/stable/config-file/ ``` See e.g. https://readthedocs.org/projects/requests/builds/22842479/ --- .readthedocs.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .readthedocs.yaml diff --git a/.readthedocs.yaml b/.readthedocs.yaml new file mode 100644 index 0000000000..dd3fb9d3ba --- /dev/null +++ b/.readthedocs.yaml @@ -0,0 +1,28 @@ +# Read the Docs configuration file for Sphinx projects +# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details + +# Required +version: 2 + +# Set the OS, Python version and other tools you might need +build: + os: ubuntu-22.04 + tools: + python: "3.12" + +# Build documentation in the "docs/" directory with Sphinx +sphinx: + configuration: docs/conf.py + +# Optionally build your docs in additional formats such as PDF and ePub +formats: + - pdf + - epub + +# Optional but recommended, declare the Python requirements required +# to build your documentation +# See https://docs.readthedocs.io/en/stable/guides/reproducible-builds.html +python: + install: + - path: . + - requirements: docs/requirements.txt From 951dd15fa619b23aba6b72532f1aac30b69389b7 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Sat, 16 Dec 2023 07:26:23 -0600 Subject: [PATCH 078/164] Update docs/user/advanced.rst fix indentation for note so it renders properly --- docs/user/advanced.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 129cf4d0d6..3f5243ee24 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -1123,11 +1123,11 @@ coffee. r = requests.get('https://github.com', timeout=None) .. note:: The connect timeout applies to each connection attempt to an IP address. -If multiple addresses exist for a domain name, the underlying ``urllib3`` will -try each address sequentially until one successfully connects. -This may lead to an effective total connection timeout *multiple* times longer -than the specified time, e.g. an unresponsive server having both IPv4 and IPv6 -addresses will have its perceived timeout *doubled*, so take that into account -when setting the connection timeout. + If multiple addresses exist for a domain name, the underlying ``urllib3`` will + try each address sequentially until one successfully connects. + This may lead to an effective total connection timeout *multiple* times longer + than the specified time, e.g. an unresponsive server having both IPv4 and IPv6 + addresses will have its perceived timeout *doubled*, so take that into account + when setting the connection timeout. .. _`connect()`: https://linux.die.net/man/2/connect From 92f9e431c99d5e0776a00c10a90dfdf11cd45ba0 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Sat, 16 Dec 2023 07:29:50 -0600 Subject: [PATCH 079/164] Update docs/user/advanced.rst Add note about wall clock too --- docs/user/advanced.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 3f5243ee24..5e5e36f302 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -1129,5 +1129,11 @@ coffee. than the specified time, e.g. an unresponsive server having both IPv4 and IPv6 addresses will have its perceived timeout *doubled*, so take that into account when setting the connection timeout. +.. note:: Neither the connect nor read timeouts are `wall clock`_. This means + that if you start a request, and look at the time, and then look at + the time when the request finishes or times out, the real-world time + may be greater than what you specified. + +.. _`wall clock`: https://wiki.php.net/rfc/max_execution_wall_time .. _`connect()`: https://linux.die.net/man/2/connect From 1447bccc057e7fbffdfecd75cd4922702489a14b Mon Sep 17 00:00:00 2001 From: Jaikish Pai Date: Sun, 17 Dec 2023 22:34:30 +0100 Subject: [PATCH 080/164] fix for ##6604 --- docs/_templates/sidebarintro.html | 10 +++++----- docs/_templates/sidebarlogo.html | 12 ++++++------ 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/_templates/sidebarintro.html b/docs/_templates/sidebarintro.html index 2b595b54d4..6a2fcea33e 100644 --- a/docs/_templates/sidebarintro.html +++ b/docs/_templates/sidebarintro.html @@ -16,11 +16,11 @@

Useful Links

    -
  • Quickstart
    • -
  • Advanced Usage
    • -
  • API Reference
    • -
  • Release History
    • -
  • Contributors Guide
    • +
  • Quickstart
    • +
  • Advanced Usage
    • +
  • API Reference
    • +
  • Release History
    • +
  • Contributors Guide

    • diff --git a/docs/_templates/sidebarlogo.html b/docs/_templates/sidebarlogo.html index a3454b7c49..d0d14ce85b 100644 --- a/docs/_templates/sidebarlogo.html +++ b/docs/_templates/sidebarlogo.html @@ -11,15 +11,15 @@

    Useful Links

      -
    • Quickstart
      • -
    • Advanced Usage
      • -
    • API Reference
      • -
    • Release History
      • -
    • Contributors Guide
      • +
    • Quickstart
      • +
    • Advanced Usage
      • +
    • API Reference
      • +
    • Release History
      • +
    • Contributors Guide

      • -
    • Recommended Packages and Extensions
      • +
    • Recommended Packages and Extensions

      • From 421b1f175766065e2feb569990c528df16c2874f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Dec 2023 16:39:47 +0000 Subject: [PATCH 081/164] Bump github/codeql-action from 2.22.1 to 3.22.11 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.1 to 3.22.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/fdcae64e1484d349b3366718cdfef3d404390e85...b374143c1149a9115d881581d29b8390bbcbb59c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a2a43cfcde..4f0eebf29e 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1 + uses: github/codeql-action/init@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1 + uses: github/codeql-action/autobuild@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1 + uses: github/codeql-action/analyze@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11 From 242d3113c09d10ba9a11dbcc05e0310a1e7568af Mon Sep 17 00:00:00 2001 From: Mike Fiedler Date: Sat, 23 Dec 2023 16:16:50 +0000 Subject: [PATCH 082/164] docs: specify sphinx dirhtml builder With the requirement of a configuration file, the default builder of `dirhtml` that RTD used to use is no longer specified. This leads to URLs ending in `.html` now, which breaks other exisitng references. Refs: #6603 Refs: https://docs.readthedocs.io/en/stable/config-file/v2.html#sphinx-builder Refs: https://www.sphinx-doc.org/en/master/usage/builders/index.html#sphinx.builders.dirhtml.DirectoryHTMLBuilder Signed-off-by: Mike Fiedler --- .readthedocs.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.readthedocs.yaml b/.readthedocs.yaml index dd3fb9d3ba..0e2c719e08 100644 --- a/.readthedocs.yaml +++ b/.readthedocs.yaml @@ -13,6 +13,7 @@ build: # Build documentation in the "docs/" directory with Sphinx sphinx: configuration: docs/conf.py + builder: "dirhtml" # Optionally build your docs in additional formats such as PDF and ePub formats: From b5bd0f14cc6fe12a712d21d7881aab59d0dd9951 Mon Sep 17 00:00:00 2001 From: Mike Fiedler Date: Sat, 23 Dec 2023 17:17:34 +0000 Subject: [PATCH 083/164] docs: add label to socks heading When trying to link via intersphinx, a label must be used. Otherwise a full URL is required, which is less desirable. Signed-off-by: Mike Fiedler --- docs/user/advanced.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 5e5e36f302..ecd17cb300 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -666,6 +666,8 @@ You override this default certificate bundle by setting the ``REQUESTS_CA_BUNDLE >>> import requests >>> requests.get('https://example.org') +.. _socks: + SOCKS ^^^^^ From f23346a9b8e74de01220cce96c037bbd2404a1c6 Mon Sep 17 00:00:00 2001 From: Mike Fiedler Date: Sat, 23 Dec 2023 17:36:34 +0000 Subject: [PATCH 084/164] Revert "Merge pull request #6605 from jaikishpai/fix-#6604" This reverts commit 1396eb6f7a1116d49f1f0df0ddf895343f84af64, reversing changes made to e4c821a24778c3a33beec2aa86f3d58e3d94b58c. --- docs/_templates/sidebarintro.html | 10 +++++----- docs/_templates/sidebarlogo.html | 12 ++++++------ 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/_templates/sidebarintro.html b/docs/_templates/sidebarintro.html index 6a2fcea33e..2b595b54d4 100644 --- a/docs/_templates/sidebarintro.html +++ b/docs/_templates/sidebarintro.html @@ -16,11 +16,11 @@

      Useful Links

        -
      • Quickstart
        • -
      • Advanced Usage
        • -
      • API Reference
        • -
      • Release History
        • -
      • Contributors Guide
        • +
      • Quickstart
        • +
      • Advanced Usage
        • +
      • API Reference
        • +
      • Release History
        • +
      • Contributors Guide

        • diff --git a/docs/_templates/sidebarlogo.html b/docs/_templates/sidebarlogo.html index d0d14ce85b..a3454b7c49 100644 --- a/docs/_templates/sidebarlogo.html +++ b/docs/_templates/sidebarlogo.html @@ -11,15 +11,15 @@

        Useful Links

          -
        • Quickstart
          • -
        • Advanced Usage
          • -
        • API Reference
          • -
        • Release History
          • -
        • Contributors Guide
          • +
        • Quickstart
          • +
        • Advanced Usage
          • +
        • API Reference
          • +
        • Release History
          • +
        • Contributors Guide

          • -
        • Recommended Packages and Extensions
          • +
        • Recommended Packages and Extensions

          • From bfba9dc68c841b78ca51e6302d3283d33167f773 Mon Sep 17 00:00:00 2001 From: Mike Fiedler Date: Sat, 23 Dec 2023 18:09:08 +0000 Subject: [PATCH 085/164] docs: replace concrete URLs with references Any development links will now refer back to the generated docs. Signed-off-by: Mike Fiedler --- docs/_templates/sidebarintro.html | 12 ++++++------ docs/_templates/sidebarlogo.html | 12 ++++++------ docs/community/faq.rst | 2 +- docs/user/quickstart.rst | 2 ++ 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/docs/_templates/sidebarintro.html b/docs/_templates/sidebarintro.html index 2b595b54d4..607bf92c4e 100644 --- a/docs/_templates/sidebarintro.html +++ b/docs/_templates/sidebarintro.html @@ -16,15 +16,15 @@

          Useful Links

            -
          • Quickstart
            • -
          • Advanced Usage
            • -
          • API Reference
            • -
          • Release History
            • -
          • Contributors Guide
            • +
          • Quickstart
            • +
          • Advanced Usage
            • +
          • API Reference
            • +
          • Release History
            • +
          • Contributors Guide

            • -
          • Recommended Packages and Extensions
            • +
          • Recommended Packages and Extensions

            • diff --git a/docs/_templates/sidebarlogo.html b/docs/_templates/sidebarlogo.html index a3454b7c49..71eb82e726 100644 --- a/docs/_templates/sidebarlogo.html +++ b/docs/_templates/sidebarlogo.html @@ -11,15 +11,15 @@

            Useful Links

              -
            • Quickstart
              • -
            • Advanced Usage
              • -
            • API Reference
              • -
            • Release History
              • -
            • Contributors Guide
              • +
            • Quickstart
              • +
            • Advanced Usage
              • +
            • API Reference
              • +
            • Release History
              • +
            • Contributors Guide

              • -
            • Recommended Packages and Extensions
              • +
            • Recommended Packages and Extensions

              • diff --git a/docs/community/faq.rst b/docs/community/faq.rst index 9d900be2b5..33fb7e84f3 100644 --- a/docs/community/faq.rst +++ b/docs/community/faq.rst @@ -22,7 +22,7 @@ Custom User-Agents? ------------------- Requests allows you to easily override User-Agent strings, along with -any other HTTP Header. See `documentation about headers `_. +any other HTTP Header. See :ref:`documentation about headers `. diff --git a/docs/user/quickstart.rst b/docs/user/quickstart.rst index 464e4f5fa5..bbf3745eea 100644 --- a/docs/user/quickstart.rst +++ b/docs/user/quickstart.rst @@ -201,6 +201,8 @@ may better fit your use cases. were returned, use ``Response.raw``. +.. _custom-headers: + Custom Headers -------------- From 25939d8784dc8bec784b8129152efa4443daa82f Mon Sep 17 00:00:00 2001 From: Mike Fiedler Date: Sat, 23 Dec 2023 18:15:33 +0000 Subject: [PATCH 086/164] add myself Signed-off-by: Mike Fiedler --- AUTHORS.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/AUTHORS.rst b/AUTHORS.rst index c4e554d478..1dc04117cf 100644 --- a/AUTHORS.rst +++ b/AUTHORS.rst @@ -192,3 +192,4 @@ Patches and Suggestions - Alessio Izzo (`@aless10 `_) - Sylvain Marié (`@smarie `_) - Hod Bin Noon (`@hodbn `_) +- Mike Fiedler (`@miketheman `_) From b0e6c9bf85378acd079ca84a4481f361b47a2147 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jan 2024 17:01:37 +0000 Subject: [PATCH 087/164] Bump github/codeql-action from 3.22.11 to 3.23.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.22.11 to 3.23.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/b374143c1149a9115d881581d29b8390bbcbb59c...e5f05b81d5b6ff8cfa111c80c22c5fd02a384118) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4f0eebf29e..c03a8a7ca8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11 + uses: github/codeql-action/init@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11 + uses: github/codeql-action/autobuild@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11 + uses: github/codeql-action/analyze@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 From 3ff3ff21dd45957c9e143cd500291959bb15f690 Mon Sep 17 00:00:00 2001 From: Thomas Dehghani Date: Wed, 31 Jan 2024 17:07:35 +0100 Subject: [PATCH 088/164] Fix #6628 - JSONDecodeError are not deserializable requests.exceptions.JSONDecodeError are not deserializable: calling `pickle.dumps` followed by `pickle.loads` will trigger an error. This is particularly a problem in a process pool, as an attempt to decode json on an invalid json document will result in the entire process pool crashing. This is due to the MRO of the `requests.exceptions.JSONDecodeError` class: the `__reduce__` method called when pickling an instance is not the one from the JSON library parent: two out of three args expected for instantiation will be dropped, and the instance can't be deserialised. By specifying in the class which parent `__reduce__` method should be called, the bug is fixed as all args are carried over in the resulting pickled bytes. --- src/requests/exceptions.py | 10 ++++++++++ tests/test_requests.py | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/src/requests/exceptions.py b/src/requests/exceptions.py index e1cedf883d..83986b4898 100644 --- a/src/requests/exceptions.py +++ b/src/requests/exceptions.py @@ -41,6 +41,16 @@ def __init__(self, *args, **kwargs): CompatJSONDecodeError.__init__(self, *args) InvalidJSONError.__init__(self, *self.args, **kwargs) + def __reduce__(self): + """ + The __reduce__ method called when pickling the object must + be the one from the JSONDecodeError (be it json/simplejson) + as it expects all the arguments for instantiation, not just + one like the IOError, and the MRO would by default call the + __reduce__ method from the IOError due to the inheritance order. + """ + return CompatJSONDecodeError.__reduce__(self) + class HTTPError(RequestException): """An HTTP error occurred.""" diff --git a/tests/test_requests.py b/tests/test_requests.py index 34796dc7ec..77aac3fecb 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -2810,3 +2810,13 @@ def test_status_code_425(self): assert r4 == 425 assert r5 == 425 assert r6 == 425 + + +def test_json_decode_errors_are_serializable_deserializable(): + json_decode_error = requests.exceptions.JSONDecodeError( + "Extra data", + '{"responseCode":["706"],"data":null}{"responseCode":["706"],"data":null}', + 36, + ) + deserialized_error = pickle.loads(pickle.dumps(json_decode_error)) + assert repr(json_decode_error) == repr(deserialized_error) From a5a0e4b587c7f2de4250ec965caf21b8fca172e0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 16:38:01 +0000 Subject: [PATCH 089/164] Bump github/codeql-action from 3.23.0 to 3.24.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.23.0 to 3.24.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e5f05b81d5b6ff8cfa111c80c22c5fd02a384118...e8893c57a1f3a2b659b6b55564fdfdbbd2982911) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index c03a8a7ca8..26a4348a4b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 + uses: github/codeql-action/init@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 + uses: github/codeql-action/autobuild@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 # v3.23.0 + uses: github/codeql-action/analyze@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 From 6106a63eb6c0fa490efa73d44388ac25b1b08af4 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 20 Feb 2024 11:58:35 -0800 Subject: [PATCH 090/164] Cleanup defunct links from community docs page --- docs/community/out-there.rst | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/docs/community/out-there.rst b/docs/community/out-there.rst index c33ab3c95b..c75c71f6a2 100644 --- a/docs/community/out-there.rst +++ b/docs/community/out-there.rst @@ -1,22 +1,10 @@ Integrations ============ -Python for iOS --------------- - -Requests is built into the wonderful `Python for iOS `_ runtime! - -To give it a try, simply:: - - import requests - - Articles & Talks ================ -- `Python for the Web `_ teaches how to use Python to interact with the web, using Requests. - `Daniel Greenfeld's Review of Requests `_ -- `My 'Python for Humans' talk `_ ( `audio `_ ) -- `Issac Kelly's 'Consuming Web APIs' talk `_ +- `Issac Kelly's 'Consuming Web APIs' talk `_ - `Blog post about Requests via Yum `_ - `Russian blog post introducing Requests `_ - `Sending JSON in Requests `_ From 5fc10bf1f5185f330f8471c738ce753b3e231008 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 20 Feb 2024 13:37:25 -0800 Subject: [PATCH 091/164] Fix httpbin pin for test suite --- requirements-dev.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index f137c46a33..a663015cda 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -2,7 +2,7 @@ pytest>=2.8.0,<=6.2.5 pytest-cov pytest-httpbin==2.0.0 -httpbin==0.10.0 +httpbin~=0.10.0 trustme wheel cryptography<40.0.0; python_version <= '3.7' and platform_python_implementation == 'PyPy' From 28855fd43a68bf26fec23aa9b548239e13255edf Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 20 Feb 2024 13:58:26 -0800 Subject: [PATCH 092/164] Update supported copies of PyPy Dropped support for pypy-3.7 and pypy-3.8 which are no longer maintained by upstream. Added support for pypy-3.10. --- .github/workflows/run-tests.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 8178ed423a..24981a3b58 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -12,13 +12,8 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12-dev", "pypy-3.8", "pypy-3.9"] + python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12-dev", "pypy-3.9", "pypy-3.10"] os: [ubuntu-22.04, macOS-latest, windows-latest] - include: - # pypy-3.7 on Windows and Mac OS currently fails trying to compile - # cryptography. Moving pypy-3.7 to only test linux. - - python-version: pypy-3.7 - os: ubuntu-latest steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 From 8fa4302322f1a34053683b7f4c0d2ee5ef0ebd64 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 20 Feb 2024 15:04:04 -0800 Subject: [PATCH 093/164] Update Sphinx to work with latest readthedocs requirements --- docs/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/requirements.txt b/docs/requirements.txt index 8c2488252b..2af334d57b 100644 --- a/docs/requirements.txt +++ b/docs/requirements.txt @@ -1,3 +1,3 @@ # Pinning to avoid unexpected breakages. # Used by RTD to generate docs. -Sphinx==4.2.0 +Sphinx==7.2.6 From 58cea7a7282999adafdc19a4e82e2d09207ab568 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 20 Feb 2024 15:22:20 -0800 Subject: [PATCH 094/164] Drop support for CPython 3.7 --- .github/workflows/run-tests.yml | 2 +- README.md | 2 +- docs/community/faq.rst | 2 +- docs/index.rst | 2 +- requirements-dev.txt | 1 - setup.py | 7 +++---- tox.ini | 2 +- 7 files changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 24981a3b58..3275080233 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -12,7 +12,7 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12-dev", "pypy-3.9", "pypy-3.10"] + python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "pypy-3.9", "pypy-3.10"] os: [ubuntu-22.04, macOS-latest, windows-latest] steps: diff --git a/README.md b/README.md index c4b170e70f..79cf54d1e1 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ Requests is available on PyPI: $ python -m pip install requests ``` -Requests officially supports Python 3.7+. +Requests officially supports Python 3.8+. ## Supported Features & Best–Practices diff --git a/docs/community/faq.rst b/docs/community/faq.rst index 33fb7e84f3..b6ea654e60 100644 --- a/docs/community/faq.rst +++ b/docs/community/faq.rst @@ -55,7 +55,7 @@ Chris Adams gave an excellent summary on Python 3 Support? ----------------- -Yes! Requests officially supports Python 3.7+ and PyPy. +Yes! Requests officially supports Python 3.8+ and PyPy. Python 2 Support? ----------------- diff --git a/docs/index.rst b/docs/index.rst index 50b0adc3d2..289250c2a4 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -72,7 +72,7 @@ Requests is ready for today's web. - Chunked Requests - ``.netrc`` Support -Requests officially supports Python 3.7+, and runs great on PyPy. +Requests officially supports Python 3.8+, and runs great on PyPy. The User Guide diff --git a/requirements-dev.txt b/requirements-dev.txt index a663015cda..13173f3ae5 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -5,4 +5,3 @@ pytest-httpbin==2.0.0 httpbin~=0.10.0 trustme wheel -cryptography<40.0.0; python_version <= '3.7' and platform_python_implementation == 'PyPy' diff --git a/setup.py b/setup.py index dc8043a695..1b0eb377b4 100755 --- a/setup.py +++ b/setup.py @@ -7,7 +7,7 @@ from setuptools.command.test import test as TestCommand CURRENT_PYTHON = sys.version_info[:2] -REQUIRED_PYTHON = (3, 7) +REQUIRED_PYTHON = (3, 8) if CURRENT_PYTHON < REQUIRED_PYTHON: sys.stderr.write( @@ -20,7 +20,7 @@ consider upgrading to a supported Python version. If you can't upgrade your Python version, you'll need to -pin to an older version of Requests (<2.28). +pin to an older version of Requests (<2.32.0). """.format( *(REQUIRED_PYTHON + CURRENT_PYTHON) ) @@ -94,7 +94,7 @@ def run_tests(self): package_data={"": ["LICENSE", "NOTICE"]}, package_dir={"": "src"}, include_package_data=True, - python_requires=">=3.7", + python_requires=">=3.8", install_requires=requires, license=about["__license__"], zip_safe=False, @@ -107,7 +107,6 @@ def run_tests(self): "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", "Programming Language :: Python :: 3.10", diff --git a/tox.ini b/tox.ini index 92ab6d1a24..d2b529e2b9 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py{37,38,39,310,311,312}-{default, use_chardet_on_py3} +envlist = py{38,39,310,311,312}-{default, use_chardet_on_py3} [testenv] deps = -rrequirements-dev.txt From 60389df6d69ce833164696dcf36cbb43336d3426 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Wed, 21 Feb 2024 19:09:48 -0600 Subject: [PATCH 095/164] Trim excess leading path separators A URL with excess leading / (path-separator)s would cause urllib3 to attempt to reparse the request-uri as a full URI with a host and port. This bypasses that logic in ConnectionPool.urlopen by replacing these leading /s with just a single /. Closes #6643 --- src/requests/adapters.py | 3 +++ tests/test_adapters.py | 8 ++++++++ 2 files changed, 11 insertions(+) create mode 100644 tests/test_adapters.py diff --git a/src/requests/adapters.py b/src/requests/adapters.py index eb240fa954..fc5606bdcb 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -390,6 +390,9 @@ def request_url(self, request, proxies): using_socks_proxy = proxy_scheme.startswith("socks") url = request.path_url + if url.startswith("//"): # Don't confuse urllib3 + url = f"/{url.lstrip('/')}" + if is_proxied_http_request and not using_socks_proxy: url = urldefragauth(request.url) diff --git a/tests/test_adapters.py b/tests/test_adapters.py new file mode 100644 index 0000000000..6c55d5a130 --- /dev/null +++ b/tests/test_adapters.py @@ -0,0 +1,8 @@ +import requests.adapters + + +def test_request_url_trims_leading_path_separators(): + """See also https://github.com/psf/requests/issues/6643.""" + a = requests.adapters.HTTPAdapter() + p = requests.Request(method="GET", url="http://127.0.0.1:10000//v:h").prepare() + assert "/v:h" == a.request_url(p, {}) From 0ec2780c291107b6686996e4b38f3d63e076eda7 Mon Sep 17 00:00:00 2001 From: Elliot Ford Date: Fri, 24 Nov 2023 10:37:33 +0000 Subject: [PATCH 096/164] update broken github pagination link --- docs/user/advanced.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index ecd17cb300..a61aa85074 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -948,7 +948,7 @@ Link Headers Many HTTP APIs feature Link headers. They make APIs more self describing and discoverable. -GitHub uses these for `pagination `_ +GitHub uses these for `pagination `_ in their API, for example:: >>> url = 'https://api.github.com/users/kennethreitz/repos?page=1&per_page=10' From d3b3399ece1f76387d323983638e0838c06e88ea Mon Sep 17 00:00:00 2001 From: Elliot Ford Date: Fri, 24 Nov 2023 10:44:09 +0000 Subject: [PATCH 097/164] update authors github link Update account link for original author which has changed. --- AUTHORS.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/AUTHORS.rst b/AUTHORS.rst index 1dc04117cf..6e017c9a91 100644 --- a/AUTHORS.rst +++ b/AUTHORS.rst @@ -8,7 +8,7 @@ Keepers of the Crystals Previous Keepers of Crystals ```````````````````````````` -- Kenneth Reitz `@ken-reitz `_, reluctant Keeper of the Master Crystal. +- Kenneth Reitz `@kennethreitz `_, reluctant Keeper of the Master Crystal. - Cory Benfield `@lukasa `_ - Ian Cordasco `@sigmavirus24 `_. From 541aa80ca3d0ee771611bd155a5172efaa26d9da Mon Sep 17 00:00:00 2001 From: Elliot Ford Date: Fri, 24 Nov 2023 11:04:16 +0000 Subject: [PATCH 098/164] update urllib3 docs link --- docs/user/advanced.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index a61aa85074..037e50a4fc 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -291,7 +291,7 @@ versions of Requests. For the sake of security we recommend upgrading certifi frequently! .. _HTTP persistent connection: https://en.wikipedia.org/wiki/HTTP_persistent_connection -.. _connection pooling: https://urllib3.readthedocs.io/en/latest/reference/index.html#module-urllib3.connectionpool +.. _connection pooling: https://urllib3.readthedocs.io/en/latest/reference/urllib3.connectionpool.html .. _certifi: https://certifiio.readthedocs.io/ .. _Mozilla trust store: https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt From 5f1c3c22ff7c7bb89a4e017e3f336cbc88e189c3 Mon Sep 17 00:00:00 2001 From: Elliot Ford Date: Fri, 24 Nov 2023 11:04:32 +0000 Subject: [PATCH 099/164] remove section with broken link to survey --- docs/user/quickstart.rst | 3 --- 1 file changed, 3 deletions(-) diff --git a/docs/user/quickstart.rst b/docs/user/quickstart.rst index bbf3745eea..33c2732c7f 100644 --- a/docs/user/quickstart.rst +++ b/docs/user/quickstart.rst @@ -568,6 +568,3 @@ All exceptions that Requests explicitly raises inherit from ----------------------- Ready for more? Check out the :ref:`advanced ` section. - - -If you're on the job market, consider taking `this programming quiz `_. A substantial donation will be made to this project, if you find a job through this platform. From 0a7f662aa70d39b6c3b5c804be00af5731292550 Mon Sep 17 00:00:00 2001 From: Elliot Ford Date: Fri, 24 Nov 2023 11:04:54 +0000 Subject: [PATCH 100/164] Make example URL format a literal rather than an actual link The rendered docs 'auto-link' this, which might encourage users to click the link, even though it doesn't go anywhere. --- HISTORY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/HISTORY.md b/HISTORY.md index bbe6dd425b..432ee3b174 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -14,7 +14,7 @@ dev forwarding of `Proxy-Authorization` headers to destination servers when following HTTPS redirects. - When proxies are defined with user info (https://user:pass@proxy:8080), Requests + When proxies are defined with user info (`https://user:pass@proxy:8080`), Requests will construct a `Proxy-Authorization` header that is attached to the request to authenticate with the proxy. From a0e79bad059f2d0e6d3c00a2a7311acb2bef4d67 Mon Sep 17 00:00:00 2001 From: Elliot Ford Date: Fri, 24 Nov 2023 11:05:45 +0000 Subject: [PATCH 101/164] update broken rfc link ietf seems appropriate here - it's used elsewhere in the requets docs in several places. --- docs/user/advanced.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 037e50a4fc..ff3a3d0f26 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -1099,7 +1099,7 @@ The **connect** timeout is the number of seconds Requests will wait for your client to establish a connection to a remote machine (corresponding to the `connect()`_) call on the socket. It's a good practice to set connect timeouts to slightly larger than a multiple of 3, which is the default `TCP packet -retransmission window `_. +retransmission window `_. Once your client has connected to the server and sent the HTTP request, the **read** timeout is the number of seconds the client will wait for the server From c0813a2d910ea6b4f8438b91d315b8d181302356 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Sun, 3 Mar 2024 07:00:49 -0600 Subject: [PATCH 102/164] Use TLS settings in selecting connection pool Previously, if someone made a request with `verify=False` then made a request where they expected verification to be enabled to the same host, they would potentially reuse a connection where TLS had not been verified. This fixes that issue. --- src/requests/adapters.py | 58 +++++++++++++++++++++++++++++++++++++++- tests/test_requests.py | 7 +++++ tox.ini | 2 +- 3 files changed, 65 insertions(+), 2 deletions(-) diff --git a/src/requests/adapters.py b/src/requests/adapters.py index fc5606bdcb..6c62766639 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -8,6 +8,7 @@ import os.path import socket # noqa: F401 +import typing from urllib3.exceptions import ClosedPoolError, ConnectTimeoutError from urllib3.exceptions import HTTPError as _HTTPError @@ -61,12 +62,38 @@ def SOCKSProxyManager(*args, **kwargs): raise InvalidSchema("Missing dependencies for SOCKS support.") +if typing.TYPE_CHECKING: + from .models import PreparedRequest + + DEFAULT_POOLBLOCK = False DEFAULT_POOLSIZE = 10 DEFAULT_RETRIES = 0 DEFAULT_POOL_TIMEOUT = None +def _urllib3_request_context( + request: "PreparedRequest", verify: "bool | str | None" +) -> "(typing.Dict[str, typing.Any], typing.Dict[str, typing.Any])": + host_params = {} + pool_kwargs = {} + parsed_request_url = urlparse(request.url) + scheme = parsed_request_url.scheme.lower() + port = parsed_request_url.port + cert_reqs = "CERT_REQUIRED" + if verify is False: + cert_reqs = "CERT_NONE" + if isinstance(verify, str): + pool_kwargs["ca_certs"] = verify + pool_kwargs["cert_reqs"] = cert_reqs + host_params = { + "scheme": scheme, + "host": parsed_request_url.hostname, + "port": port, + } + return host_params, pool_kwargs + + class BaseAdapter: """The Base Transport Adapter""" @@ -327,6 +354,35 @@ def build_response(self, req, resp): return response + def _get_connection(self, request, verify, proxies=None): + # Replace the existing get_connection without breaking things and + # ensure that TLS settings are considered when we interact with + # urllib3 HTTP Pools + proxy = select_proxy(request.url, proxies) + try: + host_params, pool_kwargs = _urllib3_request_context(request, verify) + except ValueError as e: + raise InvalidURL(e, request=request) + if proxy: + proxy = prepend_scheme_if_needed(proxy, "http") + proxy_url = parse_url(proxy) + if not proxy_url.host: + raise InvalidProxyURL( + "Please check proxy URL. It is malformed " + "and could be missing the host." + ) + proxy_manager = self.proxy_manager_for(proxy) + conn = proxy_manager.connection_from_host( + **host_params, pool_kwargs=pool_kwargs + ) + else: + # Only scheme should be lower case + conn = self.poolmanager.connection_from_host( + **host_params, pool_kwargs=pool_kwargs + ) + + return conn + def get_connection(self, url, proxies=None): """Returns a urllib3 connection for the given URL. This should not be called from user code, and is only exposed for use when subclassing the @@ -453,7 +509,7 @@ def send( """ try: - conn = self.get_connection(request.url, proxies) + conn = self._get_connection(request, verify, proxies) except LocationValueError as e: raise InvalidURL(e, request=request) diff --git a/tests/test_requests.py b/tests/test_requests.py index 32b5e6700c..d5cc13c79f 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -2828,6 +2828,13 @@ def test_status_code_425(self): assert r5 == 425 assert r6 == 425 + def test_different_connection_pool_for_tls_settings(self): + s = requests.Session() + r1 = s.get("https://invalid.badssl.com", verify=False) + assert r1.status_code == 421 + with pytest.raises(requests.exceptions.SSLError): + s.get("https://invalid.badssl.com") + def test_json_decode_errors_are_serializable_deserializable(): json_decode_error = requests.exceptions.JSONDecodeError( diff --git a/tox.ini b/tox.ini index d2b529e2b9..c438ef316a 100644 --- a/tox.ini +++ b/tox.ini @@ -7,7 +7,7 @@ extras = security socks commands = - pytest tests + pytest {posargs:tests} [testenv:default] From a94e9b5308ffcc3d2913ab873e9810a6601a67da Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Wed, 13 Mar 2024 15:58:45 -0500 Subject: [PATCH 103/164] Add local TLS server This also adds certificates for testing purposes and files to make it easy to generate/regenerate them. This also replaces an existing test of how we utilize our pool manager such that we don't connect to badssl.com Finally, this adds additional context parameters for our pool manager to account for mTLS certificates used by clients to authenticate to a server. --- src/requests/adapters.py | 18 +++- tests/certs/README.md | 10 ++ tests/certs/expired/Makefile | 13 +++ tests/certs/expired/README.md | 11 ++ tests/certs/expired/ca/Makefile | 13 +++ tests/certs/expired/ca/ca-private.key | 28 ++++++ tests/certs/expired/ca/ca.cnf | 12 +++ tests/certs/expired/ca/ca.crt | 20 ++++ tests/certs/expired/ca/ca.srl | 1 + tests/certs/expired/server/Makefile | 16 +++ tests/certs/expired/server/cert.cnf | 24 +++++ tests/certs/expired/server/server.csr | 19 ++++ tests/certs/expired/server/server.key | 28 ++++++ tests/certs/expired/server/server.pem | 41 ++++++++ tests/certs/mtls/Makefile | 7 ++ tests/certs/mtls/README.md | 4 + tests/certs/mtls/client/Makefile | 16 +++ tests/certs/mtls/client/ca | 1 + tests/certs/mtls/client/cert.cnf | 26 +++++ tests/certs/mtls/client/client.csr | 24 +++++ tests/certs/mtls/client/client.key | 28 ++++++ tests/certs/mtls/client/client.pem | 41 ++++++++ tests/certs/valid/ca | 1 + tests/certs/valid/server/Makefile | 16 +++ tests/certs/valid/server/cert.cnf | 31 ++++++ tests/certs/valid/server/server.csr | 19 ++++ tests/certs/valid/server/server.key | 28 ++++++ tests/certs/valid/server/server.pem | 47 +++++++++ tests/test_requests.py | 140 +++++++++++++++++++++++++- tests/testserver/server.py | 42 ++++++++ 30 files changed, 716 insertions(+), 9 deletions(-) create mode 100644 tests/certs/README.md create mode 100644 tests/certs/expired/Makefile create mode 100644 tests/certs/expired/README.md create mode 100644 tests/certs/expired/ca/Makefile create mode 100644 tests/certs/expired/ca/ca-private.key create mode 100644 tests/certs/expired/ca/ca.cnf create mode 100644 tests/certs/expired/ca/ca.crt create mode 100644 tests/certs/expired/ca/ca.srl create mode 100644 tests/certs/expired/server/Makefile create mode 100644 tests/certs/expired/server/cert.cnf create mode 100644 tests/certs/expired/server/server.csr create mode 100644 tests/certs/expired/server/server.key create mode 100644 tests/certs/expired/server/server.pem create mode 100644 tests/certs/mtls/Makefile create mode 100644 tests/certs/mtls/README.md create mode 100644 tests/certs/mtls/client/Makefile create mode 120000 tests/certs/mtls/client/ca create mode 100644 tests/certs/mtls/client/cert.cnf create mode 100644 tests/certs/mtls/client/client.csr create mode 100644 tests/certs/mtls/client/client.key create mode 100644 tests/certs/mtls/client/client.pem create mode 120000 tests/certs/valid/ca create mode 100644 tests/certs/valid/server/Makefile create mode 100644 tests/certs/valid/server/cert.cnf create mode 100644 tests/certs/valid/server/server.csr create mode 100644 tests/certs/valid/server/server.key create mode 100644 tests/certs/valid/server/server.pem diff --git a/src/requests/adapters.py b/src/requests/adapters.py index 6c62766639..84ec48fc70 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -73,7 +73,9 @@ def SOCKSProxyManager(*args, **kwargs): def _urllib3_request_context( - request: "PreparedRequest", verify: "bool | str | None" + request: "PreparedRequest", + verify: "bool | str | None", + client_cert: "typing.Tuple[str, str] | str | None", ) -> "(typing.Dict[str, typing.Any], typing.Dict[str, typing.Any])": host_params = {} pool_kwargs = {} @@ -86,6 +88,14 @@ def _urllib3_request_context( if isinstance(verify, str): pool_kwargs["ca_certs"] = verify pool_kwargs["cert_reqs"] = cert_reqs + if client_cert is not None: + if isinstance(client_cert, tuple) and len(client_cert) == 2: + pool_kwargs["cert_file"] = client_cert[0] + pool_kwargs["key_file"] = client_cert[1] + else: + # According to our docs, we allow users to specify just the client + # cert path + pool_kwargs["cert_file"] = client_cert host_params = { "scheme": scheme, "host": parsed_request_url.hostname, @@ -354,13 +364,13 @@ def build_response(self, req, resp): return response - def _get_connection(self, request, verify, proxies=None): + def _get_connection(self, request, verify, proxies=None, cert=None): # Replace the existing get_connection without breaking things and # ensure that TLS settings are considered when we interact with # urllib3 HTTP Pools proxy = select_proxy(request.url, proxies) try: - host_params, pool_kwargs = _urllib3_request_context(request, verify) + host_params, pool_kwargs = _urllib3_request_context(request, verify, cert) except ValueError as e: raise InvalidURL(e, request=request) if proxy: @@ -509,7 +519,7 @@ def send( """ try: - conn = self._get_connection(request, verify, proxies) + conn = self._get_connection(request, verify, proxies=proxies, cert=cert) except LocationValueError as e: raise InvalidURL(e, request=request) diff --git a/tests/certs/README.md b/tests/certs/README.md new file mode 100644 index 0000000000..4bf7002e0b --- /dev/null +++ b/tests/certs/README.md @@ -0,0 +1,10 @@ +# Testing Certificates + +This is a collection of certificates useful for testing aspects of Requests' +behaviour. + +The certificates include: + +* [expired](./expired) server certificate with a valid certificate authority +* [mtls](./mtls) provides a valid client certificate with a 2 year validity +* [valid](./valid) has a valid server certificate diff --git a/tests/certs/expired/Makefile b/tests/certs/expired/Makefile new file mode 100644 index 0000000000..d5a51da541 --- /dev/null +++ b/tests/certs/expired/Makefile @@ -0,0 +1,13 @@ +.PHONY: all clean ca server + +ca: + make -C $@ all + +server: + make -C $@ all + +all: ca server + +clean: + make -C ca clean + make -C server clean diff --git a/tests/certs/expired/README.md b/tests/certs/expired/README.md new file mode 100644 index 0000000000..f7234f8820 --- /dev/null +++ b/tests/certs/expired/README.md @@ -0,0 +1,11 @@ +# Expired Certificates and Configuration for Testing + +This has a valid certificate authority in [ca](./ca) and an invalid server +certificate in [server](./server). + +This can all be regenerated with: + +``` +make clean +make all +``` diff --git a/tests/certs/expired/ca/Makefile b/tests/certs/expired/ca/Makefile new file mode 100644 index 0000000000..098193f88d --- /dev/null +++ b/tests/certs/expired/ca/Makefile @@ -0,0 +1,13 @@ +.PHONY: all clean + +root_files = ca-private.key ca.crt + +ca-private.key: + openssl genrsa -out ca-private.key 2048 + +all: ca-private.key + openssl req -x509 -sha256 -days 7300 -key ca-private.key -out ca.crt -config ca.cnf + ln -s ca.crt cacert.pem + +clean: + rm -f cacert.pem ca.crt ca-private.key *.csr diff --git a/tests/certs/expired/ca/ca-private.key b/tests/certs/expired/ca/ca-private.key new file mode 100644 index 0000000000..507b1f5623 --- /dev/null +++ b/tests/certs/expired/ca/ca-private.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHlIhe7GLCeSk8 +RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He +mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK +na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 +fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm +zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy +e6lzFyWnAgMBAAECggEAFwzHhzcD3PQDWCus85PwZoxTeQ817BmUBGpBBOKM0gLG +GCsT7XsmGP2NjICBy9OK+QTKawmb/wR5XK0OMUWDHXqtWn+NFIyojyo8+HEeCf8n +4ZleTFHLnJ+d2N1etbc2qc9mY3tjpaurq8/0Tol9YH06ock1TY2+lO+a5HvMURnY +hcWs70CamL+5B/6n67DhjzMtIW3dIXuEEceM1BW/jW8SKq0JHpQ3t+OJwID7zFaJ +bLyOwAVheMzVGvN3yphf8tll3tMA65bNjdOzgOfZSjAy7EGjW3DyAolDw9jKLRyu +E0gw/exNGe618oMIeUDv0KParlL4RjdiUP8l0xYOwQKBgQD3eYj9rWeqZquI9vKP +gaSv6urb2UJLngShZUpEZRNJgBO+Ewiof0w8tpQdsnuMvWudxMLbzgiUNA+NyC/K +CpzIXFkWnWx+A/pxs8ZO8moOfajVRayJgeOLsQZb7c4fXGsVGApbN4+cPNhTNG6d +ucErv6tae/SzAzcLc5Vkw/ELxwKBgQDOdJ5Wl5JeKAvU/3kF6+MYWCrXxZqMjoHS +y1BtyMX5RbdaWTCfDUu1aV3qJOJjjWQ9DJdJQcEsrTjOpD4bVdZx4w/XEG0JXAa3 +jRypVHGdeG/TjhUGJA8U+KX3a1DkcdqM9pqFYRw5Ie95Wz9YRroI+YkixqpK8d7W +C+5BodxXIQKBgCk8Lv9V7XgPM3XW8APJbk+BrTCEuu8unUbnQcCztssAdEmvkjnB +PErBgVyRaNTCmzPmnTFS20sWgaD2QkBAFG+uM4n5ISK+NvTLJ7fv3IwdlAw1V9Jx +uiCElrKqpTXEiHMzVkZss5ks6j6y9duCIBXSEhM5pERPvNRDphjsLTXxAoGARSNC +nyb1Kjjo9XR0V+pNy6pC9q1C+00B5tCVZ55zxe114Hi70pfGQcM+YxnlAoeoCNW9 +mBfAFDESNAlGjyrovIzYkiH7EcZSrYdBEOepgJ2DfWo4Wi0bK9+03K2AknAaS1iO +GJqTtAJMSuymwu40gKroJNA42Q40nKO0LyCARGECgYEAiFRHkblBtStv22SpZxNC +jim9yuM0ikh7Ij1lEHysc/GWb2RQNxQVk54BU2kQ0d9xwMZQTKvpF3VE9t7uGdwt +AasWPr/tWYt35Ud0D4bNlagJJ4Xdslf8n1nkq3qqqDQbd7kkQRgwGzVr0uVg7ZfS +26qSPQ0/aF9nagb5eHX3AuU= +-----END PRIVATE KEY----- diff --git a/tests/certs/expired/ca/ca.cnf b/tests/certs/expired/ca/ca.cnf new file mode 100644 index 0000000000..8c4b823053 --- /dev/null +++ b/tests/certs/expired/ca/ca.cnf @@ -0,0 +1,12 @@ +[req] +default_bits = 2048 +prompt = no +default_md = sha256 +encrypt_key = no +distinguished_name = dn + +[dn] +C = US # country code +O = Python Software Foundation # organization +OU = python-requests # organization unit/department +CN = Self-Signed Root CA # common name / your cert name diff --git a/tests/certs/expired/ca/ca.crt b/tests/certs/expired/ca/ca.crt new file mode 100644 index 0000000000..c332b7cb7b --- /dev/null +++ b/tests/certs/expired/ca/ca.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDWzCCAkMCFA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAMGox +CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv +bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l +ZCBSb290IENBMB4XDTI0MDMxMjIxMDQwM1oXDTQ0MDMwNzIxMDQwM1owajELMAkG +A1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgw +FgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJv +b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlIhe7GLCeSk8 +RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He +mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK +na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 +fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm +zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy +e6lzFyWnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGymNVTsKSAq8Ju6zV+AWAyV +GcUNBmLpgzDA0e7pkVYhHTdWKlGH4GnrRcp0nvnSbr6iq1Ob/8yEUUoRzK55Flws +Kt1OLwnZyhfRoSUesoEqpP68vzWEgiYv0QuIWvzNt0YfAAvEgGoc3iri44MelKLn +9ZMT8m91nVamA35R8ZjfeAkNp2xcz0a67V0ww6o4wSXrG7o5ZRXyjqZ/9K7SfwUJ +rV9RciccsjH/MzKbfrx73QwsbPWiFmjzHopdasIO0lDlmgm/r9gKfkbzfKoGCgLZ +6an6FlmLftLSXijf/QwtqeSP9fODeE3dzBmnTM3jdoVS53ZegUDWNl14o25v2Kg= +-----END CERTIFICATE----- diff --git a/tests/certs/expired/ca/ca.srl b/tests/certs/expired/ca/ca.srl new file mode 100644 index 0000000000..fab68405ed --- /dev/null +++ b/tests/certs/expired/ca/ca.srl @@ -0,0 +1 @@ +4F36C3A7E075BA6452D10EEB81E7F189FF489B74 diff --git a/tests/certs/expired/server/Makefile b/tests/certs/expired/server/Makefile new file mode 100644 index 0000000000..79914ee1db --- /dev/null +++ b/tests/certs/expired/server/Makefile @@ -0,0 +1,16 @@ +.PHONY: all clean + +server.key: + openssl genrsa -out $@ 2048 + +server.csr: server.key + openssl req -key $< -new -out $@ -config cert.cnf + +server.pem: server.csr + openssl x509 -req -CA ../ca/ca.crt -CAkey ../ca/ca-private.key -in server.csr -outform PEM -out server.pem -days 0 -CAcreateserial + openssl x509 -in ../ca/ca.crt -outform PEM >> $@ + +all: server.pem + +clean: + rm -f server.* diff --git a/tests/certs/expired/server/cert.cnf b/tests/certs/expired/server/cert.cnf new file mode 100644 index 0000000000..a773fc679f --- /dev/null +++ b/tests/certs/expired/server/cert.cnf @@ -0,0 +1,24 @@ +[req] +req_extensions = v3_req +distinguished_name = req_distinguished_name +prompt=no + +[req_distinguished_name] +C = US +ST = DE +O = Python Software Foundation +OU = python-requests +CN = localhost + +[v3_req] +# Extensions to add to a certificate request +basicConstraints = CA:FALSE +keyUsage = digitalSignature, keyEncipherment +extendedKeyUsage = serverAuth +subjectAltName = @alt_names + +[alt_names] +DNS.1 = *.localhost +DNS.1 = localhost +IP.1 = 127.0.0.1 +IP.2 = ::1 diff --git a/tests/certs/expired/server/server.csr b/tests/certs/expired/server/server.csr new file mode 100644 index 0000000000..5e3c177647 --- /dev/null +++ b/tests/certs/expired/server/server.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDHjCCAgYCAQAwbTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQK +DBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJl +cXVlc3RzMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQCKulIMpo633iCgbkKv1UoiLC4sQt5xWpgguujywu3hLYwmPFp9 +kvPt//imqtl8FhuhKqJ8FCGrVl2YIGj1RJIB3GW7MSPNCuIBFL/gwNi35LxDPtoA +IPyXytIR7VH9+ch9DFInJaoA/BekMuKvbXk54VW9whpHbwkXSG2lBS2vKL0XemYh +9VjvtuRDji2iOZpznlVE2PEN80bojArp6oYKakv2kYzgzgxAJiI/NZGvC7mbSI4e +ja7ad3R9G0kB1FzNj36jrNO5WtxHO/mrRiXSpDeyUbitYvt0HKoM0vhTnOR+BspP +IltfwOQh8qq2Q2AaMHNcVjMH3gHCZADfhk/zAgMBAAGgbDBqBgkqhkiG9w0BCQ4x +XTBbMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMB +MCwGA1UdEQQlMCOCCWxvY2FsaG9zdIcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATAN +BgkqhkiG9w0BAQsFAAOCAQEAfAhEhrulsZae71YFqgvzwJHm/hzXh47hErtgDXVJ +mFqAxgF6XrnzYujlt3XQXUx/8vdrU7jH+Pe8WO1rDvFwRPMDGoBF3RX29SzyX/2F +e102egnoRR+Hlf0Ixqu0CuTjEVnD+g4mRgXhV7LPKP4W6qGwzcVbaJ3c/zRcfqNR +g9gN6Q6Qt4fXDc7wlx2T3nOszBLQ2XCsIyzVtOJ2sSuadqKH9Aj+mrkrLBdzVFHD +FHnTMJ0t0+anZwd+AWDNsCr5lIwBGL634zw7/yJepMHuPFd2X24S3u8EaWPkfVQn +lV6rLQMGjXYTe2xuYzlUCUYnKvkyPTMjSXDkxWa+WSNwyQ== +-----END CERTIFICATE REQUEST----- diff --git a/tests/certs/expired/server/server.key b/tests/certs/expired/server/server.key new file mode 100644 index 0000000000..27ddafd1ca --- /dev/null +++ b/tests/certs/expired/server/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCKulIMpo633iCg +bkKv1UoiLC4sQt5xWpgguujywu3hLYwmPFp9kvPt//imqtl8FhuhKqJ8FCGrVl2Y +IGj1RJIB3GW7MSPNCuIBFL/gwNi35LxDPtoAIPyXytIR7VH9+ch9DFInJaoA/Bek +MuKvbXk54VW9whpHbwkXSG2lBS2vKL0XemYh9VjvtuRDji2iOZpznlVE2PEN80bo +jArp6oYKakv2kYzgzgxAJiI/NZGvC7mbSI4eja7ad3R9G0kB1FzNj36jrNO5WtxH +O/mrRiXSpDeyUbitYvt0HKoM0vhTnOR+BspPIltfwOQh8qq2Q2AaMHNcVjMH3gHC +ZADfhk/zAgMBAAECggEAFSF9RvUFzyb0BEvXN44+/QaKv+4tkMmSW4Xs3rFnZ4G3 +E8nkpLUCF9ICD2z9tKNvcPScDFdKq5z7o6ToJ9faf5MRIdrBz8UlGLIO6g6l1Bjw +vjNwJE3h+8MGjXl/IDbwXW/HgbQAeabsePPRSJRdvz2+ACn1M8VLdrLvFJA93ayW ++n3Bk0bXdsrzqBGdoDiNzmIHI3WqdONiR9TymuJe41NJtMKxQDF+c6Y1n/X1OtBk +s9L+u9Xr+R3H72xSYrf1KH1mFZJfTnIPoOmdEU2tVZnZj03rZhT7p8R1fVNX6OHu +NX1Dy9VA6J7dbcqdPvTI743ByQeb+hNnqI/3hmV5eQKBgQC++1Wn3v/dxtczjA+I +tN4a7zyjhazpB25lde55HVfCQPxmYxIYct+j6S0JkMaoLrjiEDb4pnu4Gt4MDqZa +r0Xm8t3wD1YKUUbhpBEGvsMhAEZEIsBOcwkTiEwsoF0mKFa2mTyqAImgIQa8uFt8 +Y/oTj55XFe1x6pZKEJRg+K+QSwKBgQC59ONVkMSBirLGS+G+b2kqiBdwZB/3s3wr +feS1xTa+deL3AChnKT9+MsVqOkxdE2TRj/mAeF+5Woa5bPMvgr9Kl7u8bulTH80l +YA/N6FneO11/ncnkgK9wN54kd5TiOtGsGB5S5t/nEAIMUIwWrM/cRau72xNEWOhT +Tvw7TOSF+QKBgQCa/texeiYmE24sA4vH4yIuseKAw8hlBwbtiRyVZt8GZD9zyQuy +k+g02tUWYk0XyXN65LX4bwURkZyMJIeWKZGNsaW1YnzturDQB5tZ4g/zBIoCWkHA +aVQAaimIPk3a3foiD5NQVUdckfEp0GVPOsSGg5R6EO23+i8mxPXnDW1OqQKBgGvf +lelTO8tyLFdAOcqBUt6rZ/1499p3snaAZ6bSqvk95dYnr0h48y5AQaln/FiaIYg4 +HyLZsZ4S18jFXSWYkWOyNeQP6yafciBWY5StT0TN52VaoX3+8McGXKUHAcVjHbLZ +ou2wpP6jmKyQJVQaF9LOT9uAMOMbOFrrnQLBjmfxAoGAQAnUhMFG5mwi9Otxt6Mz +g+Gr+3JTlzwC3L7UwGdlFc3G2vSdGx/yOrfzpxPImfIBS95mibDfdvEBMer26pvw +a/ycqybyX9d/5nPDIaJ1lc4M4cbHC/cB52JI6avr/1g8OMK7lR7b/FsPVHS1w8kl +n6uwEjVt2+gP2o9DFTGs158= +-----END PRIVATE KEY----- diff --git a/tests/certs/expired/server/server.pem b/tests/certs/expired/server/server.pem new file mode 100644 index 0000000000..05a2a4dac8 --- /dev/null +++ b/tests/certs/expired/server/server.pem @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIDXjCCAkYCFE82w6fgdbpkUtEO64Hn8Yn/SJt0MA0GCSqGSIb3DQEBCwUAMGox +CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv +bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l +ZCBSb290IENBMB4XDTI0MDMxMzIxMTQ0NVoXDTI0MDMxMzIxMTQ0NVowbTELMAkG +A1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUg +Rm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRIwEAYDVQQDDAls +b2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKulIMpo63 +3iCgbkKv1UoiLC4sQt5xWpgguujywu3hLYwmPFp9kvPt//imqtl8FhuhKqJ8FCGr +Vl2YIGj1RJIB3GW7MSPNCuIBFL/gwNi35LxDPtoAIPyXytIR7VH9+ch9DFInJaoA +/BekMuKvbXk54VW9whpHbwkXSG2lBS2vKL0XemYh9VjvtuRDji2iOZpznlVE2PEN +80bojArp6oYKakv2kYzgzgxAJiI/NZGvC7mbSI4eja7ad3R9G0kB1FzNj36jrNO5 +WtxHO/mrRiXSpDeyUbitYvt0HKoM0vhTnOR+BspPIltfwOQh8qq2Q2AaMHNcVjMH +3gHCZADfhk/zAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGeQdB4+iDbJ78eKhCMV +49Cm8nyYi9215rRRJ24Bw6BtVw1ECwymxLVOEB0gHCu8kKdsFnniFBtChts/ilFg +blIyPKTsb3+kQW9YV9QwVdFdC4mTIljujCSQ4HNUC/Vjfnz85SDKf9/3PMKRr36+ +GtSLIozudPvkNmCv68jy3RRXyCwWHc43BLMSZKPD/W+DEuXShI9OIpIlSLBx16Hz +4ce3/1pGuITWcsw6UcRqW31oPR31QmNs5fsq5ZCojDNFzEFCA1t9LiR6UOftFUKy +yOZWfZeAGGdK75U+XDqS9Xkr5/ic5jE0I5rT7e7r3lpvQdgIj8lSx493fczLOGHr +YA0= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDWzCCAkMCFA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAMGox +CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv +bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l +ZCBSb290IENBMB4XDTI0MDMxMjIxMDQwM1oXDTQ0MDMwNzIxMDQwM1owajELMAkG +A1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgw +FgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJv +b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlIhe7GLCeSk8 +RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He +mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK +na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 +fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm +zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy +e6lzFyWnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGymNVTsKSAq8Ju6zV+AWAyV +GcUNBmLpgzDA0e7pkVYhHTdWKlGH4GnrRcp0nvnSbr6iq1Ob/8yEUUoRzK55Flws +Kt1OLwnZyhfRoSUesoEqpP68vzWEgiYv0QuIWvzNt0YfAAvEgGoc3iri44MelKLn +9ZMT8m91nVamA35R8ZjfeAkNp2xcz0a67V0ww6o4wSXrG7o5ZRXyjqZ/9K7SfwUJ +rV9RciccsjH/MzKbfrx73QwsbPWiFmjzHopdasIO0lDlmgm/r9gKfkbzfKoGCgLZ +6an6FlmLftLSXijf/QwtqeSP9fODeE3dzBmnTM3jdoVS53ZegUDWNl14o25v2Kg= +-----END CERTIFICATE----- diff --git a/tests/certs/mtls/Makefile b/tests/certs/mtls/Makefile new file mode 100644 index 0000000000..399a906da7 --- /dev/null +++ b/tests/certs/mtls/Makefile @@ -0,0 +1,7 @@ +.PHONY: all clean + +all: + make -C client all + +clean: + make -C client clean diff --git a/tests/certs/mtls/README.md b/tests/certs/mtls/README.md new file mode 100644 index 0000000000..9a3df4623e --- /dev/null +++ b/tests/certs/mtls/README.md @@ -0,0 +1,4 @@ +# Certificate Examples for mTLS + +This has some generated certificates for mTLS utilization. The idea is to be +able to have testing around how Requests handles client certificates. diff --git a/tests/certs/mtls/client/Makefile b/tests/certs/mtls/client/Makefile new file mode 100644 index 0000000000..9c6c388be1 --- /dev/null +++ b/tests/certs/mtls/client/Makefile @@ -0,0 +1,16 @@ +.PHONY: all clean + +client.key: + openssl genrsa -out $@ 2048 + +client.csr: client.key + openssl req -key $< -new -out $@ -config cert.cnf + +client.pem: client.csr + openssl x509 -req -CA ./ca/ca.crt -CAkey ./ca/ca-private.key -in client.csr -outform PEM -out client.pem -days 730 -CAcreateserial + openssl x509 -in ./ca/ca.crt -outform PEM >> $@ + +all: client.pem + +clean: + rm -f client.* diff --git a/tests/certs/mtls/client/ca b/tests/certs/mtls/client/ca new file mode 120000 index 0000000000..85c8e8f2c2 --- /dev/null +++ b/tests/certs/mtls/client/ca @@ -0,0 +1 @@ +../../expired/ca/ \ No newline at end of file diff --git a/tests/certs/mtls/client/cert.cnf b/tests/certs/mtls/client/cert.cnf new file mode 100644 index 0000000000..338e2527ba --- /dev/null +++ b/tests/certs/mtls/client/cert.cnf @@ -0,0 +1,26 @@ +[req] +req_extensions = v3_req +distinguished_name = req_distinguished_name +prompt=no + +[req_distinguished_name] +C = US +ST = DE +O = Python Software Foundation +OU = python-requests +CN = requests + +[v3_req] +# Extensions to add to a certificate request +basicConstraints = CA:FALSE +keyUsage = digitalSignature, keyEncipherment +extendedKeyUsage = clientAuth +subjectAltName = @alt_names + +[alt_names] +DNS.1 = *.localhost +IP.1 = 127.0.0.1 +IP.2 = ::1 +URI.1 = spiffe://trust.python.org/v0/maintainer/sigmavirus24/project/requests/org/psf +URI.2 = spiffe://trust.python.org/v1/maintainer:sigmavirus24/project:requests/org:psf +URI.3 = spiffe://trust.python.org/v1/maintainer=sigmavirus24/project=requests/org=psf diff --git a/tests/certs/mtls/client/client.csr b/tests/certs/mtls/client/client.csr new file mode 100644 index 0000000000..9a5713d5c7 --- /dev/null +++ b/tests/certs/mtls/client/client.csr @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIEGjCCAwICAQAwbDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQK +DBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJl +cXVlc3RzMREwDwYDVQQDDAhyZXF1ZXN0czCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAMn3iQycTjUzpKJChRNkcm33UB282cUwpxeqKN4ahHxBpS09HRhk +cQYO7yErEUQwzQnBQEcIpzzeIMZIqHuCkgnySjeEJd95AIzNzGyoLLkS51TcJwgR +v83AvT8ljA88s9h38qGTy4/TCxJgf76pfHIuC1qoKVQh3AuHj9nOxIZLUsrdDbWF +WoLqKSVyTby+RXvSAppAR+cuBCaWStQ6xFORn48RHfc6t30ggD4rDAjyU6Vz6oR8 +ot3XmGdK0h42UdqidUWkRJajEbpkCnQSXS21IvfXKxF5sFqAXJrj9iVbUfpNPpaa +W8IrHByngyV8amazGZrASstUVRFtWrnrcWECAwEAAaCCAWcwggFjBgkqhkiG9w0B +CQ4xggFUMIIBUDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggr +BgEFBQcDAjCCAR8GA1UdEQSCARYwggESggsqLmxvY2FsaG9zdIcEfwAAAYcQAAAA +AAAAAAAAAAAAAAAAAYZNc3BpZmZlOi8vdHJ1c3QucHl0aG9uLm9yZy92MC9tYWlu +dGFpbmVyL3NpZ21hdmlydXMyNC9wcm9qZWN0L3JlcXVlc3RzL29yZy9wc2aGTXNw +aWZmZTovL3RydXN0LnB5dGhvbi5vcmcvdjEvbWFpbnRhaW5lcjpzaWdtYXZpcnVz +MjQvcHJvamVjdDpyZXF1ZXN0cy9vcmc6cHNmhk1zcGlmZmU6Ly90cnVzdC5weXRo +b24ub3JnL3YxL21haW50YWluZXI9c2lnbWF2aXJ1czI0L3Byb2plY3Q9cmVxdWVz +dHMvb3JnPXBzZjANBgkqhkiG9w0BAQsFAAOCAQEAwP1KJ+Evddn2RV1FM6BFkoDK +MPDO9qwb8ea3j57SIJXZlpw168DljmuGzxJw9oys2O6FYcspbHIocAkfFwiYgVAr +NEog6xlCdPxNBJgC3YFIKwnmBjMPG6ZCWiJn940qTbaJ/j6ZviN17uW4K7Sl+THp +IkMv29uQTWkfg+GbZ9q1hm2m2GHhYLGLAUdJdtv7JI+yq5uxdsWaCANpH6kc8SnK +2rik6D3iItDhHCmToHBpdEnP8J+KDzf5pJrv/g3WH8XVrl4ZzBsOhmciWF4C3Hbf +9eu8eAsp1AsIrZOEGTfClBd7vFCES5DmI0/iRs4czQooqZPnHjOw3Azp/LujrA== +-----END CERTIFICATE REQUEST----- diff --git a/tests/certs/mtls/client/client.key b/tests/certs/mtls/client/client.key new file mode 100644 index 0000000000..8107125399 --- /dev/null +++ b/tests/certs/mtls/client/client.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDJ94kMnE41M6Si +QoUTZHJt91AdvNnFMKcXqijeGoR8QaUtPR0YZHEGDu8hKxFEMM0JwUBHCKc83iDG +SKh7gpIJ8ko3hCXfeQCMzcxsqCy5EudU3CcIEb/NwL0/JYwPPLPYd/Khk8uP0wsS +YH++qXxyLgtaqClUIdwLh4/ZzsSGS1LK3Q21hVqC6iklck28vkV70gKaQEfnLgQm +lkrUOsRTkZ+PER33Ord9IIA+KwwI8lOlc+qEfKLd15hnStIeNlHaonVFpESWoxG6 +ZAp0El0ttSL31ysRebBagFya4/YlW1H6TT6WmlvCKxwcp4MlfGpmsxmawErLVFUR +bVq563FhAgMBAAECggEABhWX97JJxN6JFNOjhgGzqiPA3R8lrFlv3zhNbODS9u9U +q404xYBZIKaYhkucLzgNJUBrevhZbsL+V8WJQIH0JlU57nw5ATIjAHA+uqiXraen +zRhTcLHK28b1AeRUA4LU+YN7jWnnawN075kf9WgjtfOJ0gcDimOkE7uCFjyyvPJA +LG9bG+8enGjvUleKXNgmwP4Sq/GlEdGz9Qy+8ga3mtfAULUWe8haFNZXK8CN3xPp +wmVqy7QzgH2TGN1p6Dyxib9ksSN/lOg0dShL8zgu+QXDNx2VwmVrI8Vr02vmB//0 +bYxCo5pfICPIFLjLl5yo30dvrUfYqF29PperStHGlQKBgQD/TdemlLjJNP0fvSs7 +KEVJj/22YuHK+wurNr2ZFbSdcF3v9sfiwysllmEyGr5cNYA56uUbfG+8VSw7kDll +G+6BKK2UdlPH++6RahqWLqo4k6rsNrkq7elj8xG4gIjR5qzu2uLpjNwp2BGmIoUI +eb1NcLfTlMcNCooV8RHjm1Z5WwKBgQDKhHkUPDcJm2/9Ltq2NZQMrCS7o4LV2uAI +GhGpISfY+SfHkQQNZ9Fvbe6hrFeZs31nAvlTDpPEg/LGSVKA5I2EZT9gwzAQU1TD +Cyol4xqqWFWlwze7w+RLYqX5LtXf7NJg2m5p+ZOoOzzqvTVpodDxqTlCNp2/6ICP +vAIvWhbA8wKBgAYlr62ZIyHlHrsm6OWRwKlWyDseAmXKyasjtEj9Vs37qKdgf8ub ++2v6RPjZ3/+EYkQCveV9h4s3WctNW7Rtib6eZh+PAdFs5X+m2GEJWpvmIlVxs9+u +vtHjRmf04FZ9gWh26MPK2no/c51Wc3GSzNYSgrqbeHd963k/xrh+QwTFAoGAZZjb +3UjwG4O9RPjyhCKQ6WKa8v9urbamWaoqXfziLrmgOUAJFmiU6x/tbXI2aEdhjAIz +7nULsLS5YLx8BWmjjV3106dYP3hut4KsXGF4iSjTnts25J27tA4DUeUrKrF2QVyT +s9qfNvCw+Np/J0Uku3e33/3iWdpcVL9vIS5C5/0CgYBEuxb3dffNRqEiNkpOUrCD +mQTqbO3X+hin9zT3GrxQE+7KpfCfdDIqdK6c5UWHirR3HUjUPZmIFLSx8msfLl3k +hgQw37NMV+asg0Wy3P908qbtnEA2P6aDOMQeHJoC7qEHIDOcOQ1KP3FMvOrdscwS +f0IIDygTH6fYr329s0iXjg== +-----END PRIVATE KEY----- diff --git a/tests/certs/mtls/client/client.pem b/tests/certs/mtls/client/client.pem new file mode 100644 index 0000000000..0a11d4d472 --- /dev/null +++ b/tests/certs/mtls/client/client.pem @@ -0,0 +1,41 @@ +-----BEGIN CERTIFICATE----- +MIIDXTCCAkUCFE82w6fgdbpkUtEO64Hn8Yn/SJtzMA0GCSqGSIb3DQEBCwUAMGox +CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv +bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l +ZCBSb290IENBMB4XDTI0MDMxMzE4MzUwNFoXDTI2MDMxMzE4MzUwNFowbDELMAkG +A1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUg +Rm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMREwDwYDVQQDDAhy +ZXF1ZXN0czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMn3iQycTjUz +pKJChRNkcm33UB282cUwpxeqKN4ahHxBpS09HRhkcQYO7yErEUQwzQnBQEcIpzze +IMZIqHuCkgnySjeEJd95AIzNzGyoLLkS51TcJwgRv83AvT8ljA88s9h38qGTy4/T +CxJgf76pfHIuC1qoKVQh3AuHj9nOxIZLUsrdDbWFWoLqKSVyTby+RXvSAppAR+cu +BCaWStQ6xFORn48RHfc6t30ggD4rDAjyU6Vz6oR8ot3XmGdK0h42UdqidUWkRJaj +EbpkCnQSXS21IvfXKxF5sFqAXJrj9iVbUfpNPpaaW8IrHByngyV8amazGZrASstU +VRFtWrnrcWECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAHHgMckLDRV72p1FEVmCh +AAPZjCswiPZFrwGPN57JqSWjoRB9ilKvo87aPosEO7vfa05OD/qkM/T9Qykuhati +I1T1T7qX4Ymb5kTJIBouuflAO3uKVaq+ga2Q/HLlU5w/VoMU4RuK7+RaiRUEE3xL +iPSMBvZpoMj695LnzcGrT5oLkFI0bTIlpQt1SFjDpHFtOj/ZdwgSbZYLoTCBXQK3 +7Y29qAj/XwEiCH63n8tJKvZcD8/ssMIMIdWhNmu+0jOWica/3WSih9Geoy6Ydtxi +I5t9vRjC4LIipMUAF86AJIfvHJyI6aCNT420LaR6NRW0FQn5CPTHPAsKg3JkAywn +Ew== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDWzCCAkMCFA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAMGox +CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv +bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l +ZCBSb290IENBMB4XDTI0MDMxMjIxMDQwM1oXDTQ0MDMwNzIxMDQwM1owajELMAkG +A1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgw +FgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJv +b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlIhe7GLCeSk8 +RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He +mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK +na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 +fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm +zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy +e6lzFyWnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGymNVTsKSAq8Ju6zV+AWAyV +GcUNBmLpgzDA0e7pkVYhHTdWKlGH4GnrRcp0nvnSbr6iq1Ob/8yEUUoRzK55Flws +Kt1OLwnZyhfRoSUesoEqpP68vzWEgiYv0QuIWvzNt0YfAAvEgGoc3iri44MelKLn +9ZMT8m91nVamA35R8ZjfeAkNp2xcz0a67V0ww6o4wSXrG7o5ZRXyjqZ/9K7SfwUJ +rV9RciccsjH/MzKbfrx73QwsbPWiFmjzHopdasIO0lDlmgm/r9gKfkbzfKoGCgLZ +6an6FlmLftLSXijf/QwtqeSP9fODeE3dzBmnTM3jdoVS53ZegUDWNl14o25v2Kg= +-----END CERTIFICATE----- diff --git a/tests/certs/valid/ca b/tests/certs/valid/ca new file mode 120000 index 0000000000..46f26c3982 --- /dev/null +++ b/tests/certs/valid/ca @@ -0,0 +1 @@ +../expired/ca \ No newline at end of file diff --git a/tests/certs/valid/server/Makefile b/tests/certs/valid/server/Makefile new file mode 100644 index 0000000000..9ce6778c0f --- /dev/null +++ b/tests/certs/valid/server/Makefile @@ -0,0 +1,16 @@ +.PHONY: all clean + +server.key: + openssl genrsa -out $@ 2048 + +server.csr: server.key + openssl req -key $< -config cert.cnf -new -out $@ + +server.pem: server.csr + openssl x509 -req -CA ../ca/ca.crt -CAkey ../ca/ca-private.key -in server.csr -outform PEM -out server.pem -extfile cert.cnf -extensions v3_ca -days 7200 -CAcreateserial + openssl x509 -in ../ca/ca.crt -outform PEM >> $@ + +all: server.pem + +clean: + rm -f server.* diff --git a/tests/certs/valid/server/cert.cnf b/tests/certs/valid/server/cert.cnf new file mode 100644 index 0000000000..f9a01cd8b4 --- /dev/null +++ b/tests/certs/valid/server/cert.cnf @@ -0,0 +1,31 @@ +[req] +req_extensions = v3_req +distinguished_name = req_distinguished_name +prompt=no + +[req_distinguished_name] +C = US +ST = DE +O = Python Software Foundation +OU = python-requests +CN = localhost + +[v3_req] +# Extensions to add to a certificate request +basicConstraints = critical, CA:FALSE +keyUsage = critical, digitalSignature, keyEncipherment +extendedKeyUsage = critical, serverAuth +subjectAltName = critical, @alt_names + +[v3_ca] +# Extensions to add to a certificate request +basicConstraints = critical, CA:FALSE +keyUsage = critical, digitalSignature, keyEncipherment +extendedKeyUsage = critical, serverAuth +subjectAltName = critical, @alt_names + +[alt_names] +DNS.1 = *.localhost +DNS.1 = localhost +IP.1 = 127.0.0.1 +IP.2 = ::1 diff --git a/tests/certs/valid/server/server.csr b/tests/certs/valid/server/server.csr new file mode 100644 index 0000000000..000d1facb2 --- /dev/null +++ b/tests/certs/valid/server/server.csr @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIDKjCCAhICAQAwbTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQK +DBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJl +cXVlc3RzMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQChEKOx377ymuDg23By5Re1DHi2RiBKSHr85/ZTZuwP/69lHN7q +TQEO//EMEFZ9+ZwezeJJsejjP2HO5lQZbcsWok3hbM0wVT+vApkogPvJ8WNFFWFe +ZBnGLi/1WM9cSZpUsDJ0XCsG0RTtO27wfgZQlKQMZxTkfi971oPYxNVSjTm2JcLT +kvwYIwxjJXPDTOgRo9TEAY3cWkCrBJN4w74GWBTM5KDDA230T7WwLuv81XD2LvYj +YYdMBGcxPr5tYTIlp3LncbcrDRNk3pbYQk0bRJgkw2vUkteiRGjkt+dgVnLc6+MI +W+VLXEpj+zsOZ5/R4d1pofqj9sDyDPhtNr1JAgMBAAGgeDB2BgkqhkiG9w0BCQ4x +aTBnMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMBYGA1UdJQEB/wQMMAoG +CCsGAQUFBwMBMC8GA1UdEQEB/wQlMCOCCWxvY2FsaG9zdIcEfwAAAYcQAAAAAAAA +AAAAAAAAAAAAATANBgkqhkiG9w0BAQsFAAOCAQEAFTlFTn5Mn8JXtqB5bGjuiChe +ClA6Y32Co4l7N0CtAlf+bExwLdpLOleTX3WnryIPALl9uBUI/67dy/STn/J1Yn86 +jWPEFwpmYNSKgQljYWcwtBdYLWfIsJO11kKdaAkOUHBEN5DKrXJ46Vs4918bD1/Q +6ztqdrThiKc646u9xB58Hg7F0IyMWbHfs0x16ZpcN9otrIkbqOE2wzTmc65O1t1i +HDljcSk7OnNy3a9wtLEnyPiyMqHf2k/bTlmiDRVe3cSy9xieoqmzHTnOCSASe1y9 +7lcEBQild18Jo4nACV4vCYOUwrMi/58LWW+lD6OmMnPiWUqOvMbgMffMNDpWPA== +-----END CERTIFICATE REQUEST----- diff --git a/tests/certs/valid/server/server.key b/tests/certs/valid/server/server.key new file mode 100644 index 0000000000..d6afaf59fe --- /dev/null +++ b/tests/certs/valid/server/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQChEKOx377ymuDg +23By5Re1DHi2RiBKSHr85/ZTZuwP/69lHN7qTQEO//EMEFZ9+ZwezeJJsejjP2HO +5lQZbcsWok3hbM0wVT+vApkogPvJ8WNFFWFeZBnGLi/1WM9cSZpUsDJ0XCsG0RTt +O27wfgZQlKQMZxTkfi971oPYxNVSjTm2JcLTkvwYIwxjJXPDTOgRo9TEAY3cWkCr +BJN4w74GWBTM5KDDA230T7WwLuv81XD2LvYjYYdMBGcxPr5tYTIlp3LncbcrDRNk +3pbYQk0bRJgkw2vUkteiRGjkt+dgVnLc6+MIW+VLXEpj+zsOZ5/R4d1pofqj9sDy +DPhtNr1JAgMBAAECggEAIuLzBfXgCvXzlBjL2kMXd7p4EgkN+PEKnKmUr/t40b1Q +zR6sBQWBX3GeET4fseElSQHQzCQaPNCve4xltm1S4jftFREHP7sTVHHEYWLQxuy/ +Uwkewj5927CI6ERgg82YfVP91bjaA/u5I+pt7O7rKLyNbPdN7fEMEW+FNuhpiVvg +JMrcK1BCFL6pmIT21LyTwkacMKZSPko58pWE24MA9aSCHk6cXdwQWQK0AfQT3XGT +C4I0hRed7LgqMH+gMuhpakiO13t8yTwxt2iQC9+aa4oSHD3BOi/CwIWfe1mHwmlr +cj4Kof1JSnK4SVTD16T++PlnWZkF6oaLUNg+/c2C9QKBgQDOFSYIY7+HzinT2hbI +yTIJCHpp+Iee+WVvvxjdZIPMDINrlIiHcMfXb0itUdcUO6tz0KYDMDLRC9CSP0ar +6mBWUTHfAKF2S4JpI9JYI4PNtIpOP1NiYuyJlnh5+ytU1yIeIvl39hmLcRwI9mgz +njy/D7yEoDCrG1dhcltubKpNXQKBgQDIFAVg0A7MNcxBZDLlk1NAME2JKOSszX8E +VNucvZD+9l+L9V9BmwwPQdzYifv/dNp3nYn+lxRPPgze3ZWu4+PeDuGudxu0I6ll +beFdbIcp1wbeQguzHYLjBYJqsMb4Pao5HPInjPu/HWfZlg9oZpJbKVucQwbonJLX +lgca9KaE3QKBgA+OUx+g/+0tZ8ThGoUvgsJhzHPBWeNrKfgEcckMdFJrw2PUg3XN +0pf1g4PpwJV7Z5bHcjCda8iR3r2bXydM+tapLF2L+6QlUQPEu3UBwUo+zY3Yg9/S +Xc6I+DEk/4FY9+9UboZaolT/RcF7cCQtVqKJeo58VRAlcTQe4L32H+jVAoGALXX3 +Ht9HbXkP1w/YTLej4+LVy0OCag0rPiW13LBqALSkUx3GrhZ3sAPMFVuM6ad4eFNQ +ZouXbsXvkLgSabGYNf11o/mmTtEHjWdhHKQrNgOIqPmixOkAs2quDmXqX79LLTz5 +fKkZDny0+wiQqa0cth/4k9HbAQGKj/ej16kdKPUCgYAz08Y39NnJYxRNz3tu/7C6 +jKyXKxhuZCZCt3cSWto5Tg0mVVB+2Jk2GhG1hCfZoRCP25R3FFBR1HOJgOc59T7C +LL67FdO0+7mj/WNzHj3+9gyOYQyQgPVDaTmsJLbuzT2S+GpR94ZNliwL2NEa5baG +B/Nb2ruRNj0GgZVw48N4XQ== +-----END PRIVATE KEY----- diff --git a/tests/certs/valid/server/server.pem b/tests/certs/valid/server/server.pem new file mode 100644 index 0000000000..0168cd3e3f --- /dev/null +++ b/tests/certs/valid/server/server.pem @@ -0,0 +1,47 @@ +-----BEGIN CERTIFICATE----- +MIIEhTCCA22gAwIBAgIUTzbDp+B1umRS0Q7rgefxif9Im3wwDQYJKoZIhvcNAQEL +BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu +ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt +U2lnbmVkIFJvb3QgQ0EwHhcNMjQwMzE0MDAxMDAzWhcNNDMxMTMwMDAxMDAzWjBt +MQswCQYDVQQGEwJVUzELMAkGA1UECAwCREUxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0 +d2FyZSBGb3VuZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxEjAQBgNV +BAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKEQ +o7HfvvKa4ODbcHLlF7UMeLZGIEpIevzn9lNm7A//r2Uc3upNAQ7/8QwQVn35nB7N +4kmx6OM/Yc7mVBltyxaiTeFszTBVP68CmSiA+8nxY0UVYV5kGcYuL/VYz1xJmlSw +MnRcKwbRFO07bvB+BlCUpAxnFOR+L3vWg9jE1VKNObYlwtOS/BgjDGMlc8NM6BGj +1MQBjdxaQKsEk3jDvgZYFMzkoMMDbfRPtbAu6/zVcPYu9iNhh0wEZzE+vm1hMiWn +cudxtysNE2TelthCTRtEmCTDa9SS16JEaOS352BWctzr4whb5UtcSmP7Ow5nn9Hh +3Wmh+qP2wPIM+G02vUkCAwEAAaOCAR4wggEaMAwGA1UdEwEB/wQCMAAwDgYDVR0P +AQH/BAQDAgWgMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMBMC8GA1UdEQEB/wQlMCOC +CWxvY2FsaG9zdIcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATAdBgNVHQ4EFgQUJ90a +UnXKPP13yDprLhG39fUrnu8wgZEGA1UdIwSBiTCBhqFupGwwajELMAkGA1UEBhMC +VVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgwFgYDVQQL +DA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJvb3QgQ0GC +FA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAA4IBAQCVh4hiraRv +JzYbS/TombP//xfVEWHXDBEYsT5GgWf7GPJ/QtSvv6uJFsK7heqLzf9f+r4Z5xMh +YAkb0oe/Ge0T30Mo1YaBEqkKuQL9lOMcP69S9uFz2VT6I/76I8qqAu2AFhu74p8f +qudwmQyRYo1Ryg4R/SgRhSJKF/ST/2wOusNWSsBe1s8S2PmtOb4dr3cMBGihrUzS +DmCQpWjuiuE23HXnnYDc/EUAnEEPkLDgCsE9iLq37FPUHcHjqdYIAhmImPBpv2EL +ftXeRWfxN2hRHpS5Fn3QuAOwfJw5tUcVXojJCJfSpL+Ac97iSjxNaDIPlyomauKw +1rgbUkSw+9JQ +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDWzCCAkMCFA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAMGox +CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv +bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l +ZCBSb290IENBMB4XDTI0MDMxMjIxMDQwM1oXDTQ0MDMwNzIxMDQwM1owajELMAkG +A1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgw +FgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJv +b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlIhe7GLCeSk8 +RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He +mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK +na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 +fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm +zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy +e6lzFyWnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGymNVTsKSAq8Ju6zV+AWAyV +GcUNBmLpgzDA0e7pkVYhHTdWKlGH4GnrRcp0nvnSbr6iq1Ob/8yEUUoRzK55Flws +Kt1OLwnZyhfRoSUesoEqpP68vzWEgiYv0QuIWvzNt0YfAAvEgGoc3iri44MelKLn +9ZMT8m91nVamA35R8ZjfeAkNp2xcz0a67V0ww6o4wSXrG7o5ZRXyjqZ/9K7SfwUJ +rV9RciccsjH/MzKbfrx73QwsbPWiFmjzHopdasIO0lDlmgm/r9gKfkbzfKoGCgLZ +6an6FlmLftLSXijf/QwtqeSP9fODeE3dzBmnTM3jdoVS53ZegUDWNl14o25v2Kg= +-----END CERTIFICATE----- diff --git a/tests/test_requests.py b/tests/test_requests.py index d5cc13c79f..4de47bc693 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -7,6 +7,7 @@ import os import pickle import re +import threading import warnings from unittest import mock @@ -51,6 +52,7 @@ from . import SNIMissingWarning from .compat import StringIO +from .testserver.server import TLSServer, consume_socket_content from .utils import override_environ # Requests to this URL should always fail with a connection timeout (nothing @@ -2828,12 +2830,140 @@ def test_status_code_425(self): assert r5 == 425 assert r6 == 425 - def test_different_connection_pool_for_tls_settings(self): + def test_different_connection_pool_for_tls_settings_verify_True(self): + def response_handler(sock): + consume_socket_content(sock, timeout=0.5) + sock.send( + b"HTTP/1.1 200 OK\r\n" + b"Content-Length: 18\r\n\r\n" + b'\xff\xfe{\x00"\x00K0"\x00=\x00"\x00\xab0"\x00\r\n' + ) + + s = requests.Session() + close_server = threading.Event() + server = TLSServer( + handler=response_handler, + wait_to_close_event=close_server, + requests_to_handle=3, + cert_chain="tests/certs/expired/server/server.pem", + keyfile="tests/certs/expired/server/server.key", + ) + + with server as (host, port): + url = f"https://{host}:{port}" + r1 = s.get(url, verify=False) + assert r1.status_code == 200 + + # Cannot verify self-signed certificate + with pytest.raises(requests.exceptions.SSLError): + s.get(url) + + close_server.set() + assert 2 == len(s.adapters["https://"].poolmanager.pools) + + def test_different_connection_pool_for_tls_settings_verify_bundle_expired_cert( + self, + ): + def response_handler(sock): + consume_socket_content(sock, timeout=0.5) + sock.send( + b"HTTP/1.1 200 OK\r\n" + b"Content-Length: 18\r\n\r\n" + b'\xff\xfe{\x00"\x00K0"\x00=\x00"\x00\xab0"\x00\r\n' + ) + + s = requests.Session() + close_server = threading.Event() + server = TLSServer( + handler=response_handler, + wait_to_close_event=close_server, + requests_to_handle=3, + cert_chain="tests/certs/expired/server/server.pem", + keyfile="tests/certs/expired/server/server.key", + ) + + with server as (host, port): + url = f"https://{host}:{port}" + r1 = s.get(url, verify=False) + assert r1.status_code == 200 + + # Has right trust bundle, but certificate expired + with pytest.raises(requests.exceptions.SSLError): + s.get(url, verify="tests/certs/expired/ca/ca.crt") + + close_server.set() + assert 2 == len(s.adapters["https://"].poolmanager.pools) + + def test_different_connection_pool_for_tls_settings_verify_bundle_unexpired_cert( + self, + ): + def response_handler(sock): + consume_socket_content(sock, timeout=0.5) + sock.send( + b"HTTP/1.1 200 OK\r\n" + b"Content-Length: 18\r\n\r\n" + b'\xff\xfe{\x00"\x00K0"\x00=\x00"\x00\xab0"\x00\r\n' + ) + + s = requests.Session() + close_server = threading.Event() + server = TLSServer( + handler=response_handler, + wait_to_close_event=close_server, + requests_to_handle=3, + cert_chain="tests/certs/valid/server/server.pem", + keyfile="tests/certs/valid/server/server.key", + ) + + with server as (host, port): + url = f"https://{host}:{port}" + r1 = s.get(url, verify=False) + assert r1.status_code == 200 + + r2 = s.get(url, verify="tests/certs/valid/ca/ca.crt") + assert r2.status_code == 200 + + close_server.set() + assert 2 == len(s.adapters["https://"].poolmanager.pools) + + def test_different_connection_pool_for_mtls_settings(self): + client_cert = None + + def response_handler(sock): + nonlocal client_cert + client_cert = sock.getpeercert() + consume_socket_content(sock, timeout=0.5) + sock.send( + b"HTTP/1.1 200 OK\r\n" + b"Content-Length: 18\r\n\r\n" + b'\xff\xfe{\x00"\x00K0"\x00=\x00"\x00\xab0"\x00\r\n' + ) + s = requests.Session() - r1 = s.get("https://invalid.badssl.com", verify=False) - assert r1.status_code == 421 - with pytest.raises(requests.exceptions.SSLError): - s.get("https://invalid.badssl.com") + close_server = threading.Event() + server = TLSServer( + handler=response_handler, + wait_to_close_event=close_server, + requests_to_handle=2, + cert_chain="tests/certs/expired/server/server.pem", + keyfile="tests/certs/expired/server/server.key", + mutual_tls=True, + cacert="tests/certs/expired/ca/ca.crt", + ) + + cert = ( + "tests/certs/mtls/client/client.pem", + "tests/certs/mtls/client/client.key", + ) + with server as (host, port): + url = f"https://{host}:{port}" + r1 = s.get(url, verify=False, cert=cert) + assert r1.status_code == 200 + with pytest.raises(requests.exceptions.SSLError): + s.get(url, cert=cert) + close_server.set() + + assert client_cert is not None def test_json_decode_errors_are_serializable_deserializable(): diff --git a/tests/testserver/server.py b/tests/testserver/server.py index 5936abdf8b..da1b65608e 100644 --- a/tests/testserver/server.py +++ b/tests/testserver/server.py @@ -1,5 +1,6 @@ import select import socket +import ssl import threading @@ -132,3 +133,44 @@ def __exit__(self, exc_type, exc_value, traceback): self._close_server_sock_ignore_errors() self.join() return False # allow exceptions to propagate + + +class TLSServer(Server): + def __init__( + self, + *, + handler=None, + host="localhost", + port=0, + requests_to_handle=1, + wait_to_close_event=None, + cert_chain=None, + keyfile=None, + mutual_tls=False, + cacert=None, + ): + super().__init__( + handler=handler, + host=host, + port=port, + requests_to_handle=requests_to_handle, + wait_to_close_event=wait_to_close_event, + ) + self.cert_chain = cert_chain + self.keyfile = keyfile + self.ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER) + self.ssl_context.load_cert_chain(self.cert_chain, keyfile=self.keyfile) + self.mutual_tls = mutual_tls + self.cacert = cacert + if mutual_tls: + # For simplicity, we're going to assume that the client cert is + # issued by the same CA as our Server certificate + self.ssl_context.verify_mode = ssl.CERT_OPTIONAL + self.ssl_context.load_verify_locations(self.cacert) + + def _create_socket_and_bind(self): + sock = socket.socket() + sock = self.ssl_context.wrap_socket(sock, server_side=True) + sock.bind((self.host, self.port)) + sock.listen() + return sock From 1604e20fc87ce212cf3a02474a6d7509b640cbbb Mon Sep 17 00:00:00 2001 From: flysee Date: Wed, 7 Dec 2022 11:24:22 +0000 Subject: [PATCH 104/164] Fix the proxy_bypass_registry function all returning true in some cases. --- src/requests/utils.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/requests/utils.py b/src/requests/utils.py index a603a8638c..9067904563 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -97,6 +97,8 @@ def proxy_bypass_registry(host): # '' string by the localhost entry and the corresponding # canonical entry. proxyOverride = proxyOverride.split(";") + # filter out empty strings to avoid re.match all true. + proxyOverride = filter(None, proxyOverride) # now check if we match one of the registry values. for test in proxyOverride: if test == "": From 13d892bdbe9a2aa374959a166e8067c35253705d Mon Sep 17 00:00:00 2001 From: flysee Date: Mon, 18 Mar 2024 22:33:17 +0800 Subject: [PATCH 105/164] Additional should_bypass_proxies function test cases --- src/requests/utils.py | 2 +- tests/test_utils.py | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/src/requests/utils.py b/src/requests/utils.py index 9067904563..ae6c42f6cb 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -97,7 +97,7 @@ def proxy_bypass_registry(host): # '' string by the localhost entry and the corresponding # canonical entry. proxyOverride = proxyOverride.split(";") - # filter out empty strings to avoid re.match all true. + # filter out empty strings to avoid re.match return true in the following code. proxyOverride = filter(None, proxyOverride) # now check if we match one of the registry values. for test in proxyOverride: diff --git a/tests/test_utils.py b/tests/test_utils.py index 8988eaf69c..5e9b56ea64 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -924,3 +924,35 @@ def test_set_environ_raises_exception(): raise Exception("Expected exception") assert "Expected exception" in str(exception.value) + + +@pytest.mark.skipif(os.name != "nt", reason="Test only on Windows") +def test_should_bypass_proxies_win_registry_ProxyOverride_value(monkeypatch): + """Tests for function should_bypass_proxies to check if proxy + can be bypassed or not with Windows ProxyOverride registry value ending with a semicolon. + """ + import winreg + + class RegHandle: + def Close(self): + pass + + ie_settings = RegHandle() + + def OpenKey(key, subkey): + return ie_settings + + def QueryValueEx(key, value_name): + if key is ie_settings: + if value_name == "ProxyEnable": + return [1] + elif value_name == "ProxyOverride": + return [ + "192.168.*;127.0.0.1;localhost.localdomain;172.16.1.1;<-loopback>;" + ] + + monkeypatch.setenv("NO_PROXY", "") + monkeypatch.setenv("no_proxy", "") + monkeypatch.setattr(winreg, "OpenKey", OpenKey) + monkeypatch.setattr(winreg, "QueryValueEx", QueryValueEx) + assert should_bypass_proxies("http://example.com/", None) is False From 2daa7b52a78984ab5e66358052fc8dfe93e251bd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 17:00:20 +0000 Subject: [PATCH 106/164] Bump actions/setup-python from 5.0.0 to 5.1.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.0.0 to 5.1.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/0a5c61591373683505ea898e09a3ea4f39ef2b9c...82c7e631bb3cdc910f68e0081d67478d79c6982d) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index b35a32d13a..46a7862eac 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: "3.x" - name: Run pre-commit diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 3275080233..c955029bc0 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: ${{ matrix.python-version }} cache: 'pip' From e45b428960ff3927812fc9b555e2ac627ba95769 Mon Sep 17 00:00:00 2001 From: "Michiel W. Beijen" Date: Mon, 8 Apr 2024 21:47:12 +0200 Subject: [PATCH 107/164] Add rfc9110 HTTP status code names RFC 9110 _HTTP Semantics_ obsoletes some earlier RFCs which defined HTTP 1.1. It adds some status codes that were previously only used for WebDAV to HTTP _proper_ after making the names somewhat more generic. See https://www.rfc-editor.org/rfc/rfc9110.html#name-changes-from-rfc-7231 This commit adds the http status code names from that RFC. --- src/requests/status_codes.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/requests/status_codes.py b/src/requests/status_codes.py index 235881224f..c7945a2f06 100644 --- a/src/requests/status_codes.py +++ b/src/requests/status_codes.py @@ -24,7 +24,7 @@ # Informational. 100: ("continue",), 101: ("switching_protocols",), - 102: ("processing",), + 102: ("processing", "early-hints"), 103: ("checkpoint",), 122: ("uri_too_long", "request_uri_too_long"), 200: ("ok", "okay", "all_ok", "all_okay", "all_good", "\\o/", "✓"), @@ -65,8 +65,8 @@ 410: ("gone",), 411: ("length_required",), 412: ("precondition_failed", "precondition"), - 413: ("request_entity_too_large",), - 414: ("request_uri_too_large",), + 413: ("request_entity_too_large", "content_too_large"), + 414: ("request_uri_too_large", "uri_too_long"), 415: ("unsupported_media_type", "unsupported_media", "media_type"), 416: ( "requested_range_not_satisfiable", @@ -76,7 +76,7 @@ 417: ("expectation_failed",), 418: ("im_a_teapot", "teapot", "i_am_a_teapot"), 421: ("misdirected_request",), - 422: ("unprocessable_entity", "unprocessable"), + 422: ("unprocessable_entity", "unprocessable", "unprocessable_content"), 423: ("locked",), 424: ("failed_dependency", "dependency"), 425: ("unordered_collection", "unordered", "too_early"), From cc23d1c6445d61c1e6905cae4861d6e3c3244274 Mon Sep 17 00:00:00 2001 From: Lumir Balhar Date: Thu, 11 Apr 2024 21:10:36 +0200 Subject: [PATCH 108/164] Fix compatibility with pytest 8 `pytest.warns(None)` has been deprecated in pytest 7.0.0 and it's no longer working in pytest 8. Resolves: https://github.com/psf/requests/issues/6679 --- requirements-dev.txt | 2 +- tests/test_requests.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index 13173f3ae5..e80b18581e 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,5 +1,5 @@ -e .[socks] -pytest>=2.8.0,<=6.2.5 +pytest>=2.8.0,<9 pytest-cov pytest-httpbin==2.0.0 httpbin~=0.10.0 diff --git a/tests/test_requests.py b/tests/test_requests.py index 4de47bc693..d05febeef5 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -1003,7 +1003,7 @@ def test_https_warnings(self, nosan_server): "SubjectAltNameWarning", ) - with pytest.warns(None) as warning_records: + with pytest.warns() as warning_records: warnings.simplefilter("always") requests.get(f"https://localhost:{port}/", verify=ca_bundle) From 60047ade64b0b882cbc94e047198818ab580911e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Apr 2024 16:40:35 +0000 Subject: [PATCH 109/164] Bump github/codeql-action from 3.24.0 to 3.25.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.0 to 3.25.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e8893c57a1f3a2b659b6b55564fdfdbbd2982911...df5a14dc28094dc936e103b37d749c6628682b60) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 26a4348a4b..b6d544640b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 + uses: github/codeql-action/init@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 + uses: github/codeql-action/autobuild@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0 + uses: github/codeql-action/analyze@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 From 2d5f54779ad174035c5437b3b3c1146b0eaf60fe Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 23 Apr 2024 11:50:19 -0600 Subject: [PATCH 110/164] Pin 3.8 and 3.9 runners back to macos-13 (#6688) --- .github/workflows/run-tests.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index c955029bc0..e1699fe81a 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -14,6 +14,15 @@ jobs: matrix: python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "pypy-3.9", "pypy-3.10"] os: [ubuntu-22.04, macOS-latest, windows-latest] + # Python 3.8 and 3.9 do not run on macOS-latest which + # is now using arm64 hardware. + # https://github.com/actions/setup-python/issues/696#issuecomment-1637587760 + exclude: + - { python-version: "3.8", os: "macos-latest" } + - { python-version: "3.9", os: "macos-latest" } + include: + - { python-version: "3.8", os: "macos-13" } + - { python-version: "3.9", os: "macos-13" } steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 From bf24b7d8d17da34be720c19e5978b2d3bf94a53b Mon Sep 17 00:00:00 2001 From: franekmagiera Date: Sun, 12 May 2024 22:08:24 +0200 Subject: [PATCH 111/164] Use an invalid URI that will not cause httpbin to throw 500 --- tests/test_requests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_requests.py b/tests/test_requests.py index d05febeef5..b4e9fe92ae 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -2721,7 +2721,7 @@ def test_preparing_bad_url(self, url): with pytest.raises(requests.exceptions.InvalidURL): r.prepare() - @pytest.mark.parametrize("url, exception", (("http://localhost:-1", InvalidURL),)) + @pytest.mark.parametrize("url, exception", (("http://:1", InvalidURL),)) def test_redirecting_to_bad_url(self, httpbin, url, exception): with pytest.raises(exception): requests.get(httpbin("redirect-to"), params={"url": url}) From 555b870eb19d497ddb67042645420083ec8efb02 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 14 May 2024 14:59:26 -0700 Subject: [PATCH 112/164] Allow character detection dependencies to be optional in post-packaging steps --- .github/workflows/run-tests.yml | 20 ++++++++++++++++++++ src/requests/__init__.py | 6 +++++- src/requests/compat.py | 25 ++++++++++++++++++++----- src/requests/models.py | 7 ++++++- src/requests/packages.py | 25 +++++++++---------------- 5 files changed, 60 insertions(+), 23 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index e1699fe81a..c35af968c4 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -37,3 +37,23 @@ jobs: - name: Run tests run: | make ci + + no_chardet: + name: "No Character Detection" + runs-on: ubuntu-latest + strategy: + fail-fast: true + + steps: + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - name: 'Set up Python 3.8' + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d + with: + python-version: '3.8' + - name: Install dependencies + run: | + make + python -m pip uninstall -y "charset_normalizer" "chardet" + - name: Run tests + run: | + make ci diff --git a/src/requests/__init__.py b/src/requests/__init__.py index 300a16c574..051cda1340 100644 --- a/src/requests/__init__.py +++ b/src/requests/__init__.py @@ -83,7 +83,11 @@ def check_compatibility(urllib3_version, chardet_version, charset_normalizer_ver # charset_normalizer >= 2.0.0 < 4.0.0 assert (2, 0, 0) <= (major, minor, patch) < (4, 0, 0) else: - raise Exception("You need either charset_normalizer or chardet installed") + warnings.warn( + "Unable to find acceptable character detection dependency " + "(chardet or charset_normalizer).", + RequestsDependencyWarning, + ) def _check_cryptography(cryptography_version): diff --git a/src/requests/compat.py b/src/requests/compat.py index 6776163c94..095de1b6ca 100644 --- a/src/requests/compat.py +++ b/src/requests/compat.py @@ -7,13 +7,28 @@ compatibility until the next major version. """ -try: - import chardet -except ImportError: - import charset_normalizer as chardet - +import importlib import sys +# ------------------- +# Character Detection +# ------------------- + + +def _resolve_char_detection(): + """Find supported character detection libraries.""" + chardet = None + for lib in ("chardet", "charset_normalizer"): + if chardet is None: + try: + chardet = importlib.import_module(lib) + except ImportError: + pass + return chardet + + +chardet = _resolve_char_detection() + # ------- # Pythons # ------- diff --git a/src/requests/models.py b/src/requests/models.py index 44556394ec..8f56ca7d23 100644 --- a/src/requests/models.py +++ b/src/requests/models.py @@ -789,7 +789,12 @@ def next(self): @property def apparent_encoding(self): """The apparent encoding, provided by the charset_normalizer or chardet libraries.""" - return chardet.detect(self.content)["encoding"] + if chardet is not None: + return chardet.detect(self.content)["encoding"] + else: + # If no character detection library is available, we'll fall back + # to a standard Python utf-8 str. + return "utf-8" def iter_content(self, chunk_size=1, decode_unicode=False): """Iterates over the response data. When stream=True is set on the diff --git a/src/requests/packages.py b/src/requests/packages.py index a9e5ae087d..5ab3d8e250 100644 --- a/src/requests/packages.py +++ b/src/requests/packages.py @@ -1,13 +1,6 @@ import sys -try: - import chardet -except ImportError: - import warnings - - import charset_normalizer as chardet - - warnings.filterwarnings("ignore", "Trying to detect", module="charset_normalizer") +from .compat import chardet # This code exists for backwards compatibility reasons. # I don't like it either. Just look the other way. :) @@ -20,11 +13,11 @@ if mod == package or mod.startswith(f"{package}."): sys.modules[f"requests.packages.{mod}"] = sys.modules[mod] -target = chardet.__name__ -for mod in list(sys.modules): - if mod == target or mod.startswith(f"{target}."): - imported_mod = sys.modules[mod] - sys.modules[f"requests.packages.{mod}"] = imported_mod - mod = mod.replace(target, "chardet") - sys.modules[f"requests.packages.{mod}"] = imported_mod -# Kinda cool, though, right? +if chardet is not None: + target = chardet.__name__ + for mod in list(sys.modules): + if mod == target or mod.startswith(f"{target}."): + imported_mod = sys.modules[mod] + sys.modules[f"requests.packages.{mod}"] = imported_mod + mod = mod.replace(target, "chardet") + sys.modules[f"requests.packages.{mod}"] = imported_mod From 9a40d1277807f0a4f26c9a37eea8ec90faa8aadc Mon Sep 17 00:00:00 2001 From: agubelu Date: Wed, 15 May 2024 22:07:26 +0200 Subject: [PATCH 113/164] Avoid reloading root certificates to improve concurrent performance (#6667) --- src/requests/adapters.py | 46 ++++++++++++++++++++++++---------------- 1 file changed, 28 insertions(+), 18 deletions(-) diff --git a/src/requests/adapters.py b/src/requests/adapters.py index 84ec48fc70..f544f9d545 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -26,6 +26,7 @@ from urllib3.util import Timeout as TimeoutSauce from urllib3.util import parse_url from urllib3.util.retry import Retry +from urllib3.util.ssl_ import create_urllib3_context from .auth import _basic_auth_str from .compat import basestring, urlparse @@ -71,6 +72,11 @@ def SOCKSProxyManager(*args, **kwargs): DEFAULT_RETRIES = 0 DEFAULT_POOL_TIMEOUT = None +_preloaded_ssl_context = create_urllib3_context() +_preloaded_ssl_context.load_verify_locations( + extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) +) + def _urllib3_request_context( request: "PreparedRequest", @@ -85,8 +91,13 @@ def _urllib3_request_context( cert_reqs = "CERT_REQUIRED" if verify is False: cert_reqs = "CERT_NONE" - if isinstance(verify, str): - pool_kwargs["ca_certs"] = verify + elif verify is True: + pool_kwargs["ssl_context"] = _preloaded_ssl_context + elif isinstance(verify, str): + if not os.path.isdir(verify): + pool_kwargs["ca_certs"] = verify + else: + pool_kwargs["ca_cert_dir"] = verify pool_kwargs["cert_reqs"] = cert_reqs if client_cert is not None: if isinstance(client_cert, tuple) and len(client_cert) == 2: @@ -284,27 +295,26 @@ def cert_verify(self, conn, url, verify, cert): :param cert: The SSL certificate to verify. """ if url.lower().startswith("https") and verify: - cert_loc = None + conn.cert_reqs = "CERT_REQUIRED" - # Allow self-specified cert location. + # Only load the CA certificates if 'verify' is a string indicating the CA bundle to use. + # Otherwise, if verify is a boolean, we don't load anything since + # the connection will be using a context with the default certificates already loaded, + # and this avoids a call to the slow load_verify_locations() if verify is not True: + # `verify` must be a str with a path then cert_loc = verify - if not cert_loc: - cert_loc = extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) - - if not cert_loc or not os.path.exists(cert_loc): - raise OSError( - f"Could not find a suitable TLS CA certificate bundle, " - f"invalid path: {cert_loc}" - ) + if not os.path.exists(cert_loc): + raise OSError( + f"Could not find a suitable TLS CA certificate bundle, " + f"invalid path: {cert_loc}" + ) - conn.cert_reqs = "CERT_REQUIRED" - - if not os.path.isdir(cert_loc): - conn.ca_certs = cert_loc - else: - conn.ca_cert_dir = cert_loc + if not os.path.isdir(cert_loc): + conn.ca_certs = cert_loc + else: + conn.ca_cert_dir = cert_loc else: conn.cert_reqs = "CERT_NONE" conn.ca_certs = None From d6ebc4a2f1f68b7e355fb7e4dd5ffc0845547f9f Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Mon, 20 May 2024 08:46:49 -0700 Subject: [PATCH 114/164] v2.32.0 --- HISTORY.md | 46 +++++++++++++++++++++++++++++++++++++ src/requests/__version__.py | 4 ++-- 2 files changed, 48 insertions(+), 2 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 432ee3b174..7c2cd71c10 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,52 @@ dev - \[Short description of non-trivial change.\] +2.32.0 (2024-05-20) +------------------- + +**Security** +- Fixed an issue where setting `verify=False` on the first request from a + Session will cause subsequent requests to the _same origin_ to also ignore + cert verification, regardless of the value of `verify`. + (https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56) + +**Improvements** +- `verify=True` now reuses a global SSLContext which should improve + request time variance between first and subsequent requests. It should + also minimize certificate load time on Windows systems when using a Python + version built with OpenSSL 3.x. (#6667) +- Requests now supports optional use of character detection + (`chardet` or `charset_normalizer`) when repackaged or vendored. + This enables `pip` and other projects to minimize their vendoring + surface area. The `Response.text()` and `apparent_encoding` APIs + will default to `utf-8` if neither library is present. (#6702) + +**Bugfixes** +- Fixed bug in length detection where emoji length was incorrectly + calculated in the request content-length. (#6589) +- Fixed deserialization bug in JSONDecodeError. (#6629) +- Fixed bug where an extra leading `/` (path separator) could lead + urllib3 to unnecessarily reparse the request URI. (#6644) + +**Deprecations** + +- Requests has officially added support for CPython 3.12 (#6503) +- Requests has officially added support for PyPy 3.9 and 3.10 (#6641) +- Requests has officially dropped support for CPython 3.7 (#6642) +- Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641) + +**Documentation** +- Various typo fixes and doc improvements. + +**Packaging** +- Requests has started adopting some modern packaging practices. + The source files for the projects (formerly `requests`) is now located + in `src/requests` in the Requests sdist. (#6506) +- Starting in Requests 2.33.0, Requests will migrate to a PEP 517 build system + using `hatchling`. This should not impact the average user, but extremely old + versions of packaging utilities may have issues with the new packaging format. + + 2.31.0 (2023-05-22) ------------------- diff --git a/src/requests/__version__.py b/src/requests/__version__.py index d206427e50..1ac168734e 100644 --- a/src/requests/__version__.py +++ b/src/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.31.0" -__build__ = 0x023100 +__version__ = "2.32.0" +__build__ = 0x023200 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache-2.0" From 970e8cec988421bd43da57350723b05c8ce8dc7e Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Mon, 20 May 2024 15:02:29 -0700 Subject: [PATCH 115/164] v2.32.1 --- HISTORY.md | 7 +++++++ MANIFEST.in | 1 + src/requests/__version__.py | 4 ++-- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 7c2cd71c10..5ee5029d9f 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,13 @@ dev - \[Short description of non-trivial change.\] +2.32.1 (2024-05-20) +------------------- + +**Bugfixes** +- Add missing test certs to the sdist distributed on PyPI. + + 2.32.0 (2024-05-20) ------------------- diff --git a/MANIFEST.in b/MANIFEST.in index 87a23ab937..9dd81e6f0f 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -1,2 +1,3 @@ include README.md LICENSE NOTICE HISTORY.md requirements-dev.txt recursive-include tests *.py +recursive-include tests/certs * diff --git a/src/requests/__version__.py b/src/requests/__version__.py index 1ac168734e..ecc87fbf72 100644 --- a/src/requests/__version__.py +++ b/src/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.32.0" -__build__ = 0x023200 +__version__ = "2.32.1" +__build__ = 0x023201 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache-2.0" From aa1461b68aa73e2f6ec0e78c8853b635c76fd099 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 21 May 2024 05:40:52 -0700 Subject: [PATCH 116/164] Move _get_connection to get_connection_with_tls_context --- src/requests/adapters.py | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/src/requests/adapters.py b/src/requests/adapters.py index f544f9d545..3c9ddebfcc 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -374,10 +374,20 @@ def build_response(self, req, resp): return response - def _get_connection(self, request, verify, proxies=None, cert=None): - # Replace the existing get_connection without breaking things and - # ensure that TLS settings are considered when we interact with - # urllib3 HTTP Pools + def get_connection_with_tls_context(self, request, verify, proxies=None, cert=None): + """Returns a urllib3 connection for the given request and TLS settings. + This should not be called from user code, and is only exposed for use + when subclassing the :class:`HTTPAdapter `. + + :param request: The :class:`PreparedRequest ` object + to be sent over the connection. + :param verify: Either a boolean, in which case it controls whether + we verify the server's TLS certificate, or a string, in which case it + must be a path to a CA bundle to use. + :param proxies: (optional) The proxies dictionary to apply to the request. + :param cert: (optional) Any user-provided SSL certificate to be trusted. + :rtype: urllib3.ConnectionPool + """ proxy = select_proxy(request.url, proxies) try: host_params, pool_kwargs = _urllib3_request_context(request, verify, cert) @@ -404,7 +414,10 @@ def _get_connection(self, request, verify, proxies=None, cert=None): return conn def get_connection(self, url, proxies=None): - """Returns a urllib3 connection for the given URL. This should not be + """DEPRECATED: Users should move to `get_connection_with_tls_context` + for all subclasses of HTTPAdapter using Requests>=2.32.2. + + Returns a urllib3 connection for the given URL. This should not be called from user code, and is only exposed for use when subclassing the :class:`HTTPAdapter `. @@ -529,7 +542,9 @@ def send( """ try: - conn = self._get_connection(request, verify, proxies=proxies, cert=cert) + conn = self.get_connection_with_tls_context( + request, verify, proxies=proxies, cert=cert + ) except LocationValueError as e: raise InvalidURL(e, request=request) From 92075b330a30b9883f466a43d3f7566ab849f91b Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 21 May 2024 09:28:30 -0700 Subject: [PATCH 117/164] Add deprecation warning --- src/requests/adapters.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/requests/adapters.py b/src/requests/adapters.py index 3c9ddebfcc..42fabe527c 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -9,6 +9,7 @@ import os.path import socket # noqa: F401 import typing +import warnings from urllib3.exceptions import ClosedPoolError, ConnectTimeoutError from urllib3.exceptions import HTTPError as _HTTPError @@ -425,6 +426,15 @@ def get_connection(self, url, proxies=None): :param proxies: (optional) A Requests-style dictionary of proxies used on this request. :rtype: urllib3.ConnectionPool """ + warnings.warn( + ( + "`get_connection` has been deprecated in favor of " + "`get_connection_with_tls_context`. Custom HTTPAdapter subclasses " + "will need to migrate for Requests>=2.32.2. Please see " + "https://github.com/psf/requests/pull/6710 for more details." + ), + DeprecationWarning, + ) proxy = select_proxy(url, proxies) if proxy: From 88dce9d854797c05d0ff296b70e0430535ef8aaf Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 21 May 2024 11:49:22 -0700 Subject: [PATCH 118/164] v2.32.2 --- HISTORY.md | 14 ++++++++++++++ src/requests/__version__.py | 4 ++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 5ee5029d9f..4fca5894d7 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,20 @@ dev - \[Short description of non-trivial change.\] +2.32.2 (2024-05-21) +------------------- + +**Deprecations** +- To provide a more stable migration for custom HTTPAdapters impacted + by the CVE changes in 2.32.0, we've renamed `_get_connection` to + a new public API, `get_connection_with_tls_context`. Existing custom + HTTPAdapters will need to migrate their code to use this new API. + `get_connection` is considered deprecated in all versions of Requests>=2.32.0. + + A minimal (2-line) example has been provided in the linked PR to ease + migration, but we strongly urge users to evaluate if their custom adapter + is subject to the same issue described in CVE-2024-35195. (#6710) + 2.32.1 (2024-05-20) ------------------- diff --git a/src/requests/__version__.py b/src/requests/__version__.py index ecc87fbf72..24829c4b5f 100644 --- a/src/requests/__version__.py +++ b/src/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.32.1" -__build__ = 0x023201 +__version__ = "2.32.2" +__build__ = 0x023202 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache-2.0" From a62a2d35d918baa8e793f7aa4fb41527644dfca5 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Wed, 22 May 2024 06:51:48 -0500 Subject: [PATCH 119/164] Allow for overriding of specific pool key params This re-enables the use case of providing a custom SSLContext via a Transport Adapter as broken in #6655 and reported in #6715 Closes #6715 --- HISTORY.md | 7 ++++ src/requests/adapters.py | 78 +++++++++++++++++++++++++++++++++++----- 2 files changed, 76 insertions(+), 9 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 4fca5894d7..b5dcbb660e 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,13 @@ dev - \[Short description of non-trivial change.\] +2.32.3 (2024-??-??) +------------------- + +**Bugfixes** +- Fix bug breaking the ability to specify custom SSLContexts in sub-classes of + HTTPAdapter. (#6655) + 2.32.2 (2024-05-21) ------------------- diff --git a/src/requests/adapters.py b/src/requests/adapters.py index 42fabe527c..ebffff3fcb 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -375,23 +375,83 @@ def build_response(self, req, resp): return response + def build_connection_pool_key_attributes(self, request, verify, cert=None): + """Build the PoolKey attributes used by urllib3 to return a connection. + + This looks at the PreparedRequest, the user-specified verify value, + and the value of the cert parameter to determine what PoolKey values + to use to select a connection from a given urllib3 Connection Pool. + + The SSL related pool key arguments are not consistently set. As of + this writing, use the following to determine what keys may be in that + dictionary: + + * If ``verify`` is ``True``, ``"ssl_context"`` will be set and will be the + default Requests SSL Context + * If ``verify`` is ``False``, ``"ssl_context"`` will not be set but + ``"cert_reqs"`` will be set + * If ``verify`` is a string, (i.e., it is a user-specified trust bundle) + ``"ca_certs"`` will be set if the string is not a directory recognized + by :py:func:`os.path.isdir`, otherwise ``"ca_certs_dir"`` will be + set. + * If ``"cert"`` is specified, ``"cert_file"`` will always be set. If + ``"cert"`` is a tuple with a second item, ``"key_file"`` will also + be present + + To override these settings, one may subclass this class, call this + method and use the above logic to change parameters as desired. For + example, if one wishes to use a custom :py:class:`ssl.SSLContext` one + must both set ``"ssl_context"`` and based on what else they require, + alter the other keys to ensure the desired behaviour. + + :param request: + The PreparedReqest being sent over the connection. + :type request: + :class:`~requests.models.PreparedRequest` + :param verify: + Either a boolean, in which case it controls whether + we verify the server's TLS certificate, or a string, in which case it + must be a path to a CA bundle to use. + :param cert: + (optional) Any user-provided SSL certificate for client + authentication (a.k.a., mTLS). This may be a string (i.e., just + the path to a file which holds both certificate and key) or a + tuple of length 2 with the certificate file path and key file + path. + :returns: + A tuple of two dictionaries. The first is the "host parameters" + portion of the Pool Key including scheme, hostname, and port. The + second is a dictionary of SSLContext related parameters. + """ + return _urllib3_request_context(request, verify, cert) + def get_connection_with_tls_context(self, request, verify, proxies=None, cert=None): """Returns a urllib3 connection for the given request and TLS settings. This should not be called from user code, and is only exposed for use when subclassing the :class:`HTTPAdapter `. - :param request: The :class:`PreparedRequest ` object - to be sent over the connection. - :param verify: Either a boolean, in which case it controls whether - we verify the server's TLS certificate, or a string, in which case it - must be a path to a CA bundle to use. - :param proxies: (optional) The proxies dictionary to apply to the request. - :param cert: (optional) Any user-provided SSL certificate to be trusted. - :rtype: urllib3.ConnectionPool + :param request: + The :class:`PreparedRequest ` object to be sent + over the connection. + :param verify: + Either a boolean, in which case it controls whether we verify the + server's TLS certificate, or a string, in which case it must be a + path to a CA bundle to use. + :param proxies: + (optional) The proxies dictionary to apply to the request. + :param cert: + (optional) Any user-provided SSL certificate to be used for client + authentication (a.k.a., mTLS). + :rtype: + urllib3.ConnectionPool """ proxy = select_proxy(request.url, proxies) try: - host_params, pool_kwargs = _urllib3_request_context(request, verify, cert) + host_params, pool_kwargs = self.build_connection_pool_key_attributes( + request, + verify, + cert, + ) except ValueError as e: raise InvalidURL(e, request=request) if proxy: From 2e1452234d8a3240aa27fc5fa5db93d53d799c25 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Thu, 23 May 2024 11:51:07 -0700 Subject: [PATCH 120/164] Start testing on 3.13 beta --- .github/workflows/run-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index c35af968c4..674df73120 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -12,7 +12,7 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "pypy-3.9", "pypy-3.10"] + python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13-dev", "pypy-3.9", "pypy-3.10"] os: [ubuntu-22.04, macOS-latest, windows-latest] # Python 3.8 and 3.9 do not run on macOS-latest which # is now using arm64 hardware. From 6badbac6e0d6b5a53872f26401761ad37a9002b8 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 22 May 2024 14:43:57 -0600 Subject: [PATCH 121/164] Update HISTORY.md --- HISTORY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index b5dcbb660e..327a4072e6 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,12 +6,12 @@ dev - \[Short description of non-trivial change.\] -2.32.3 (2024-??-??) +2.32.3 (2024-05-24) ------------------- **Bugfixes** - Fix bug breaking the ability to specify custom SSLContexts in sub-classes of - HTTPAdapter. (#6655) + HTTPAdapter. (#6716) 2.32.2 (2024-05-21) ------------------- From b1d73ddb509a3a2d3e10744e85f9cdebdbde90f0 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Fri, 24 May 2024 09:00:52 -0700 Subject: [PATCH 122/164] Don't use default SSLContext with custom poolmanager kwargs --- src/requests/adapters.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/requests/adapters.py b/src/requests/adapters.py index ebffff3fcb..4766693f56 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -83,16 +83,20 @@ def _urllib3_request_context( request: "PreparedRequest", verify: "bool | str | None", client_cert: "typing.Tuple[str, str] | str | None", + poolmanager: "PoolManager", ) -> "(typing.Dict[str, typing.Any], typing.Dict[str, typing.Any])": host_params = {} pool_kwargs = {} parsed_request_url = urlparse(request.url) scheme = parsed_request_url.scheme.lower() port = parsed_request_url.port + poolmanager_kwargs = getattr(poolmanager, "connection_pool_kw", {}) + has_poolmanager_ssl_context = poolmanager_kwargs.get("ssl_context") + cert_reqs = "CERT_REQUIRED" if verify is False: cert_reqs = "CERT_NONE" - elif verify is True: + elif verify is True and not has_poolmanager_ssl_context: pool_kwargs["ssl_context"] = _preloaded_ssl_context elif isinstance(verify, str): if not os.path.isdir(verify): @@ -423,7 +427,7 @@ def build_connection_pool_key_attributes(self, request, verify, cert=None): portion of the Pool Key including scheme, hostname, and port. The second is a dictionary of SSLContext related parameters. """ - return _urllib3_request_context(request, verify, cert) + return _urllib3_request_context(request, verify, cert, self.poolmanager) def get_connection_with_tls_context(self, request, verify, proxies=None, cert=None): """Returns a urllib3 connection for the given request and TLS settings. From e18879932287c2bf4bcee4ddf6ccb8a69b6fc656 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 29 May 2024 08:23:39 -0700 Subject: [PATCH 123/164] Don't create default SSLContext if ssl module isn't present (#6724) --- src/requests/adapters.py | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/src/requests/adapters.py b/src/requests/adapters.py index 4766693f56..9a58b16025 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -73,10 +73,18 @@ def SOCKSProxyManager(*args, **kwargs): DEFAULT_RETRIES = 0 DEFAULT_POOL_TIMEOUT = None -_preloaded_ssl_context = create_urllib3_context() -_preloaded_ssl_context.load_verify_locations( - extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) -) + +try: + import ssl # noqa: F401 + + _preloaded_ssl_context = create_urllib3_context() + _preloaded_ssl_context.load_verify_locations( + extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) + ) +except ImportError: + # Bypass default SSLContext creation when Python + # interpreter isn't built with the ssl module. + _preloaded_ssl_context = None def _urllib3_request_context( @@ -90,13 +98,19 @@ def _urllib3_request_context( parsed_request_url = urlparse(request.url) scheme = parsed_request_url.scheme.lower() port = parsed_request_url.port + + # Determine if we have and should use our default SSLContext + # to optimize performance on standard requests. poolmanager_kwargs = getattr(poolmanager, "connection_pool_kw", {}) has_poolmanager_ssl_context = poolmanager_kwargs.get("ssl_context") + should_use_default_ssl_context = ( + _preloaded_ssl_context is not None and not has_poolmanager_ssl_context + ) cert_reqs = "CERT_REQUIRED" if verify is False: cert_reqs = "CERT_NONE" - elif verify is True and not has_poolmanager_ssl_context: + elif verify is True and should_use_default_ssl_context: pool_kwargs["ssl_context"] = _preloaded_ssl_context elif isinstance(verify, str): if not os.path.isdir(verify): From 0e322af87745eff34caffe4df68456ebc20d9068 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 29 May 2024 08:36:10 -0700 Subject: [PATCH 124/164] v2.32.3 --- HISTORY.md | 6 ++++-- src/requests/__version__.py | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 327a4072e6..e51a7ee2c2 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,12 +6,14 @@ dev - \[Short description of non-trivial change.\] -2.32.3 (2024-05-24) +2.32.3 (2024-05-29) ------------------- **Bugfixes** -- Fix bug breaking the ability to specify custom SSLContexts in sub-classes of +- Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716) +- Fixed issue where Requests started failing to run on Python versions compiled + without the `ssl` module. (#6724) 2.32.2 (2024-05-21) ------------------- diff --git a/src/requests/__version__.py b/src/requests/__version__.py index 24829c4b5f..2c105aca7d 100644 --- a/src/requests/__version__.py +++ b/src/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.32.2" -__build__ = 0x023202 +__version__ = "2.32.3" +__build__ = 0x023203 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache-2.0" From f8aa36b92d95e6d2f133489f39f9d5c2412f1bd9 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Mon, 1 Jul 2024 18:08:04 -0700 Subject: [PATCH 125/164] Test on urllib3 1.26.x --- .github/workflows/run-tests.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index c35af968c4..3a0053327b 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -57,3 +57,23 @@ jobs: - name: Run tests run: | make ci + + urllib3: + name: 'urllib3 1.x' + runs-on: 'ubuntu-latest' + strategy: + fail-fast: true + + steps: + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - name: 'Set up Python 3.8' + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d + with: + python-version: '3.8' + - name: Install dependencies + run: | + make + python -m pip install "urllib3<2" + - name: Run tests + run: | + make ci From 4e383642a9ebb82a67eaeed199d0fbbb31991e3c Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Thu, 18 Jul 2024 09:43:49 -0700 Subject: [PATCH 126/164] Add conditional string encoding based on urllib3 major version --- src/requests/compat.py | 12 ++++++++++++ src/requests/utils.py | 5 ++++- tests/test_requests.py | 41 ++++++++++++++++++++++++----------------- 3 files changed, 40 insertions(+), 18 deletions(-) diff --git a/src/requests/compat.py b/src/requests/compat.py index 095de1b6ca..4e843c6cf1 100644 --- a/src/requests/compat.py +++ b/src/requests/compat.py @@ -10,6 +10,18 @@ import importlib import sys +# ------- +# urllib3 +# ------- +from urllib3 import __version__ as urllib3_version + +# Detect which major version of urllib3 is being used. +try: + is_urllib3_2 = int(urllib3_version.split(".")[0]) == 2 +except (TypeError, AttributeError): + # If we can't discern a version, prefer old functionality. + is_urllib3_2 = False + # ------------------- # Character Detection # ------------------- diff --git a/src/requests/utils.py b/src/requests/utils.py index ae6c42f6cb..be7fc1d2f6 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -38,6 +38,7 @@ getproxies, getproxies_environment, integer_types, + is_urllib3_2, ) from .compat import parse_http_list as _parse_list_header from .compat import ( @@ -136,7 +137,9 @@ def super_len(o): total_length = None current_position = 0 - if isinstance(o, str): + if is_urllib3_2 and isinstance(o, str): + # urllib3 2.x treats all strings as utf-8 instead + # of latin-1 (iso-8859-1) like http.client. o = o.encode("utf-8") if hasattr(o, "__len__"): diff --git a/tests/test_requests.py b/tests/test_requests.py index b4e9fe92ae..df0d329eaf 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -25,6 +25,7 @@ builtin_str, cookielib, getproxies, + is_urllib3_2, urlparse, ) from requests.cookies import cookiejar_from_dict, morsel_to_cookie @@ -1810,23 +1811,6 @@ def test_autoset_header_values_are_native(self, httpbin): assert p.headers["Content-Length"] == length - def test_content_length_for_bytes_data(self, httpbin): - data = "This is a string containing multi-byte UTF-8 ☃️" - encoded_data = data.encode("utf-8") - length = str(len(encoded_data)) - req = requests.Request("POST", httpbin("post"), data=encoded_data) - p = req.prepare() - - assert p.headers["Content-Length"] == length - - def test_content_length_for_string_data_counts_bytes(self, httpbin): - data = "This is a string containing multi-byte UTF-8 ☃️" - length = str(len(data.encode("utf-8"))) - req = requests.Request("POST", httpbin("post"), data=data) - p = req.prepare() - - assert p.headers["Content-Length"] == length - def test_nonhttp_schemes_dont_check_URLs(self): test_urls = ( "data:image/gif;base64,R0lGODlhAQABAHAAACH5BAUAAAAALAAAAAABAAEAAAICRAEAOw==", @@ -2966,6 +2950,29 @@ def response_handler(sock): assert client_cert is not None +def test_content_length_for_bytes_data(httpbin): + data = "This is a string containing multi-byte UTF-8 ☃️" + encoded_data = data.encode("utf-8") + length = str(len(encoded_data)) + req = requests.Request("POST", httpbin("post"), data=encoded_data) + p = req.prepare() + + assert p.headers["Content-Length"] == length + + +@pytest.mark.skipif( + not is_urllib3_2, + reason="urllib3 2.x encodes all strings to utf-8, urllib3 1.x uses latin-1", +) +def test_content_length_for_string_data_counts_bytes(httpbin): + data = "This is a string containing multi-byte UTF-8 ☃️" + length = str(len(data.encode("utf-8"))) + req = requests.Request("POST", httpbin("post"), data=data) + p = req.prepare() + + assert p.headers["Content-Length"] == length + + def test_json_decode_errors_are_serializable_deserializable(): json_decode_error = requests.exceptions.JSONDecodeError( "Extra data", From 01353d3b4afe3afa838f8f5c08e5f30a5b50cb05 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 23 Jul 2024 04:28:03 -0700 Subject: [PATCH 127/164] Invert major version check --- src/requests/compat.py | 4 ++-- src/requests/utils.py | 6 +++--- tests/test_requests.py | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/requests/compat.py b/src/requests/compat.py index 4e843c6cf1..7f9d754350 100644 --- a/src/requests/compat.py +++ b/src/requests/compat.py @@ -17,10 +17,10 @@ # Detect which major version of urllib3 is being used. try: - is_urllib3_2 = int(urllib3_version.split(".")[0]) == 2 + is_urllib3_1 = int(urllib3_version.split(".")[0]) == 1 except (TypeError, AttributeError): # If we can't discern a version, prefer old functionality. - is_urllib3_2 = False + is_urllib3_1 = True # ------------------- # Character Detection diff --git a/src/requests/utils.py b/src/requests/utils.py index be7fc1d2f6..699683e5d9 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -38,7 +38,7 @@ getproxies, getproxies_environment, integer_types, - is_urllib3_2, + is_urllib3_1, ) from .compat import parse_http_list as _parse_list_header from .compat import ( @@ -137,8 +137,8 @@ def super_len(o): total_length = None current_position = 0 - if is_urllib3_2 and isinstance(o, str): - # urllib3 2.x treats all strings as utf-8 instead + if not is_urllib3_1 and isinstance(o, str): + # urllib3 2.x+ treats all strings as utf-8 instead # of latin-1 (iso-8859-1) like http.client. o = o.encode("utf-8") diff --git a/tests/test_requests.py b/tests/test_requests.py index df0d329eaf..d8fbb23688 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -25,7 +25,7 @@ builtin_str, cookielib, getproxies, - is_urllib3_2, + is_urllib3_1, urlparse, ) from requests.cookies import cookiejar_from_dict, morsel_to_cookie @@ -2961,7 +2961,7 @@ def test_content_length_for_bytes_data(httpbin): @pytest.mark.skipif( - not is_urllib3_2, + is_urllib3_1, reason="urllib3 2.x encodes all strings to utf-8, urllib3 1.x uses latin-1", ) def test_content_length_for_string_data_counts_bytes(httpbin): From 15e1f17bb6f3f978787dd23da0268388148bc3d5 Mon Sep 17 00:00:00 2001 From: Branch Vincent Date: Sun, 28 Jul 2024 20:49:48 -0700 Subject: [PATCH 128/164] remove setuptools test command --- setup.py | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/setup.py b/setup.py index 1b0eb377b4..e18aa18bb6 100755 --- a/setup.py +++ b/setup.py @@ -4,7 +4,6 @@ from codecs import open from setuptools import setup -from setuptools.command.test import test as TestCommand CURRENT_PYTHON = sys.version_info[:2] REQUIRED_PYTHON = (3, 8) @@ -28,30 +27,6 @@ sys.exit(1) -class PyTest(TestCommand): - user_options = [("pytest-args=", "a", "Arguments to pass into py.test")] - - def initialize_options(self): - TestCommand.initialize_options(self) - try: - from multiprocessing import cpu_count - - self.pytest_args = ["-n", str(cpu_count()), "--boxed"] - except (ImportError, NotImplementedError): - self.pytest_args = ["-n", "1", "--boxed"] - - def finalize_options(self): - TestCommand.finalize_options(self) - self.test_args = [] - self.test_suite = True - - def run_tests(self): - import pytest - - errno = pytest.main(self.pytest_args) - sys.exit(errno) - - # 'setup.py publish' shortcut. if sys.argv[-1] == "publish": os.system("python setup.py sdist bdist_wheel") @@ -118,7 +93,6 @@ def run_tests(self): "Topic :: Internet :: WWW/HTTP", "Topic :: Software Development :: Libraries", ], - cmdclass={"test": PyTest}, tests_require=test_requirements, extras_require={ "security": [], From 877892e67e22e25bd3cb0dec780bf45c0e67026e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Aug 2024 16:23:16 +0000 Subject: [PATCH 129/164] Bump github/codeql-action from 3.25.0 to 3.26.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.0 to 3.26.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/df5a14dc28094dc936e103b37d749c6628682b60...eb055d739abdc2e8de2e5f4ba1a8b246daa779aa) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b6d544640b..a504eccc5b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/init@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/autobuild@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/analyze@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 From 173890a48e9f064f0c034edf45109279d1d90a94 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Sep 2024 16:56:26 +0000 Subject: [PATCH 130/164] Bump actions/setup-python from 5.1.0 to 5.2.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/82c7e631bb3cdc910f68e0081d67478d79c6982d...f677139bbe7f9c59b41e40162b753c062f5d49a3) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 46a7862eac..cbea3ae665 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: "3.x" - name: Run pre-commit diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 3a0053327b..5bbb2acaea 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -27,7 +27,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python-version }} cache: 'pip' @@ -47,7 +47,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: 'Set up Python 3.8' - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 with: python-version: '3.8' - name: Install dependencies @@ -67,7 +67,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: 'Set up Python 3.8' - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 with: python-version: '3.8' - name: Install dependencies From 83e67c448567cb78490e709925cc335567f656dd Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Wed, 18 Sep 2024 15:04:08 +0100 Subject: [PATCH 131/164] use allow-prereleases: true instead of 3.13-dev --- .github/workflows/run-tests.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 0a8d73af6a..5d371a8b80 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -12,7 +12,7 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13-dev", "pypy-3.9", "pypy-3.10"] + python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13", "pypy-3.9", "pypy-3.10"] os: [ubuntu-22.04, macOS-latest, windows-latest] # Python 3.8 and 3.9 do not run on macOS-latest which # is now using arm64 hardware. @@ -31,6 +31,7 @@ jobs: with: python-version: ${{ matrix.python-version }} cache: 'pip' + allow-prereleases: true - name: Install dependencies run: | make From 92f10cec5b3223e90c186b7a04306564cde050dc Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Wed, 18 Sep 2024 15:04:53 +0100 Subject: [PATCH 132/164] upgrade to pytest-httpbin 2.1.0rc1 --- requirements-dev.txt | 2 +- setup.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index e80b18581e..158b24ebbd 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,7 +1,7 @@ -e .[socks] pytest>=2.8.0,<9 pytest-cov -pytest-httpbin==2.0.0 +pytest-httpbin==2.1.0rc1 httpbin~=0.10.0 trustme wheel diff --git a/setup.py b/setup.py index e18aa18bb6..a864d95c78 100755 --- a/setup.py +++ b/setup.py @@ -40,7 +40,7 @@ "certifi>=2017.4.17", ] test_requirements = [ - "pytest-httpbin==2.0.0", + "pytest-httpbin==2.1.0rc1", "pytest-cov", "pytest-mock", "pytest-xdist", From 314e7c9c701ddbeb6c26ae357a132045709d47f1 Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Wed, 18 Sep 2024 16:36:43 +0100 Subject: [PATCH 133/164] upgrade to pytest-httpbin 2.1.0 final --- requirements-dev.txt | 2 +- setup.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index 158b24ebbd..77fedb9716 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,7 +1,7 @@ -e .[socks] pytest>=2.8.0,<9 pytest-cov -pytest-httpbin==2.1.0rc1 +pytest-httpbin==2.1.0 httpbin~=0.10.0 trustme wheel diff --git a/setup.py b/setup.py index a864d95c78..b72b6c63ca 100755 --- a/setup.py +++ b/setup.py @@ -40,7 +40,7 @@ "certifi>=2017.4.17", ] test_requirements = [ - "pytest-httpbin==2.1.0rc1", + "pytest-httpbin==2.1.0", "pytest-cov", "pytest-mock", "pytest-xdist", From f519bbae3346b4bf0ff866e0659b7efbcf016eb1 Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Wed, 18 Sep 2024 19:14:19 +0100 Subject: [PATCH 134/164] add trove classifier for 3.13 --- setup.py | 1 + 1 file changed, 1 insertion(+) diff --git a/setup.py b/setup.py index b72b6c63ca..7d9b52bc3b 100755 --- a/setup.py +++ b/setup.py @@ -87,6 +87,7 @@ "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", "Programming Language :: Python :: 3 :: Only", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", From 5984296b6a4cea1b20a6747127c335d95595e7d9 Mon Sep 17 00:00:00 2001 From: Thomas Grainger Date: Wed, 18 Sep 2024 19:40:02 +0100 Subject: [PATCH 135/164] Update tox.ini --- tox.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index c438ef316a..79f74b2567 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py{38,39,310,311,312}-{default, use_chardet_on_py3} +envlist = py{38,39,310,311,312,313}-{default, use_chardet_on_py3} [testenv] deps = -rrequirements-dev.txt From 0bff2d94e624651d02756e37e50af3cc1569abcf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Sep 2024 16:34:20 +0000 Subject: [PATCH 136/164] Bump actions/checkout from 4.1.0 to 4.2.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...d632683dd7b4114ad314bca15554477dd762a938) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a504eccc5b..d85b39c226 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: # We must fetch at least the immediate parents so that if this is # a pull request then we can checkout the head. diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index cbea3ae665..a9c0f9cc60 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -11,7 +11,7 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 5d371a8b80..fec2d30055 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -25,7 +25,7 @@ jobs: - { python-version: "3.9", os: "macos-13" } steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: @@ -46,7 +46,7 @@ jobs: fail-fast: true steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 with: @@ -66,7 +66,7 @@ jobs: fail-fast: true steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 with: From 26664fa57853e97717b0a72244d35eeadaac48d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Oct 2024 16:05:11 +0000 Subject: [PATCH 137/164] Bump actions/setup-python from 5.2.0 to 5.3.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/f677139bbe7f9c59b41e40162b753c062f5d49a3...0b93645e9fea7318ecaed2b359559ac225c90a2b) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index a9c0f9cc60..cc53b13cf2 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: "3.x" - name: Run pre-commit diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index fec2d30055..d503b6cfbc 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -27,7 +27,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ matrix.python-version }} cache: 'pip' @@ -48,7 +48,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b with: python-version: '3.8' - name: Install dependencies @@ -68,7 +68,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b with: python-version: '3.8' - name: Install dependencies From 9787d0c09c0d771b97cb5d333f71e988b43d9ffc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Oct 2024 16:05:20 +0000 Subject: [PATCH 138/164] Bump github/codeql-action from 3.26.0 to 3.27.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.0 to 3.27.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/eb055d739abdc2e8de2e5f4ba1a8b246daa779aa...662472033e021d55d94146f66f6058822b0b39fd) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d85b39c226..0ac7aaeaca 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/autobuild@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 + uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 From a6cf27a77f6f5dd6116096e95c16e7c1a616b419 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Sat, 2 Nov 2024 13:13:02 -0700 Subject: [PATCH 139/164] Update vulnerability disclosure process (#6820) * Update contact point for Vulnerability disclosures * Fix RedHat Contact * Point vulnerabilities.rst to our .SECURITY file --- .github/SECURITY.md | 17 ++--- docs/community/vulnerabilities.rst | 109 +---------------------------- 2 files changed, 6 insertions(+), 120 deletions(-) diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 9021d429d8..4b368617bd 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -1,18 +1,9 @@ # Vulnerability Disclosure If you think you have found a potential security vulnerability in -requests, please email [Nate](mailto:nate.prewitt@gmail.com) -and [Seth](mailto:sethmichaellarson@gmail.com) directly. -**Do not file a public issue.** - -Our PGP Key fingerprints are: - -- 8722 7E29 AD9C FF5C FAC3 EA6A 44D3 FF97 B80D C864 ([@nateprewitt](https://keybase.io/nateprewitt)) - -- EDD5 6765 A9D8 4653 CBC8 A134 51B0 6736 1740 F5FC ([@sethmlarson](https://keybase.io/sethmlarson)) - -You can also contact us on [Keybase](https://keybase.io) with the -profiles above if desired. +requests, please open a [draft Security Advisory](https://github.com/psf/requests/security/advisories/new) +via GitHub. We will coordinate verification and next steps through +that secure medium. If English is not your first language, please try to describe the problem and its impact to the best of your ability. For greater detail, @@ -72,7 +63,7 @@ intended patch ahead of time, to ensure that they are able to promptly release their downstream packages. Currently the list of people we actively contact *ahead of a public release* is: -- Jeremy Cline, Red Hat (@jeremycline) +- Python Maintenance Team, Red Hat (python-maint@redhat.com) - Daniele Tricoli, Debian (@eriol) We will notify these individuals at least a week ahead of our planned diff --git a/docs/community/vulnerabilities.rst b/docs/community/vulnerabilities.rst index 6a9c7d94d3..764d34223d 100644 --- a/docs/community/vulnerabilities.rst +++ b/docs/community/vulnerabilities.rst @@ -1,110 +1,5 @@ Vulnerability Disclosure ======================== -If you think you have found a potential security vulnerability in requests, -please email `Nate `_ and `Seth `_ directly. **Do not file a public issue.** - -Our PGP Key fingerprints are: - -- 8722 7E29 AD9C FF5C FAC3 EA6A 44D3 FF97 B80D C864 (`@nateprewitt `_) - -- EDD5 6765 A9D8 4653 CBC8 A134 51B0 6736 1740 F5FC (`@sethmlarson `_) - -You can also contact us on `Keybase `_ with the -profiles above if desired. - -If English is not your first language, please try to describe the problem and -its impact to the best of your ability. For greater detail, please use your -native language and we will try our best to translate it using online services. - -Please also include the code you used to find the problem and the shortest -amount of code necessary to reproduce it. - -Please do not disclose this to anyone else. We will retrieve a CVE identifier -if necessary and give you full credit under whatever name or alias you provide. -We will only request an identifier when we have a fix and can publish it in a -release. - -We will respect your privacy and will only publicize your involvement if you -grant us permission. - -Process -------- - -This following information discusses the process the requests project follows -in response to vulnerability disclosures. If you are disclosing a -vulnerability, this section of the documentation lets you know how we will -respond to your disclosure. - -Timeline -~~~~~~~~ - -When you report an issue, one of the project members will respond to you within -two days *at the outside*. In most cases responses will be faster, usually -within 12 hours. This initial response will at the very least confirm receipt -of the report. - -If we were able to rapidly reproduce the issue, the initial response will also -contain confirmation of the issue. If we are not, we will often ask for more -information about the reproduction scenario. - -Our goal is to have a fix for any vulnerability released within two weeks of -the initial disclosure. This may potentially involve shipping an interim -release that simply disables function while a more mature fix can be prepared, -but will in the vast majority of cases mean shipping a complete release as soon -as possible. - -Throughout the fix process we will keep you up to speed with how the fix is -progressing. Once the fix is prepared, we will notify you that we believe we -have a fix. Often we will ask you to confirm the fix resolves the problem in -your environment, especially if we are not confident of our reproduction -scenario. - -At this point, we will prepare for the release. We will obtain a CVE number -if one is required, providing you with full credit for the discovery. We will -also decide on a planned release date, and let you know when it is. This -release date will *always* be on a weekday. - -At this point we will reach out to our major downstream packagers to notify -them of an impending security-related patch so they can make arrangements. In -addition, these packagers will be provided with the intended patch ahead of -time, to ensure that they are able to promptly release their downstream -packages. Currently the list of people we actively contact *ahead of a public -release* is: - -- Python Maintenance Team, Red Hat (python-maint@redhat.com) -- Daniele Tricoli, Debian (@eriol) - -We will notify these individuals at least a week ahead of our planned release -date to ensure that they have sufficient time to prepare. If you believe you -should be on this list, please let one of the maintainers know at one of the -email addresses at the top of this article. - -On release day, we will push the patch to our public repository, along with an -updated changelog that describes the issue and credits you. We will then issue -a PyPI release containing the patch. - -At this point, we will publicise the release. This will involve mails to -mailing lists, Tweets, and all other communication mechanisms available to the -core team. - -We will also explicitly mention which commits contain the fix to make it easier -for other distributors and users to easily patch their own versions of requests -if upgrading is not an option. - -Previous CVEs -------------- - -- Fixed in 2.20.0 - - `CVE 2018-18074 `_ - -- Fixed in 2.6.0 - - - `CVE 2015-2296 `_, - reported by Matthew Daley of `BugFuzz `_. - -- Fixed in 2.3.0 - - - `CVE 2014-1829 `_ - - - `CVE 2014-1830 `_ +The latest vulnerability disclosure information can be found on GitHub in our +`Security Policy `_. From ad959acfcfa77c3d9360a5f62df4a4789eed0fb3 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Sat, 9 Nov 2024 22:50:30 -0700 Subject: [PATCH 140/164] Remove old macOS runners --- .github/workflows/run-tests.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index d503b6cfbc..d7e86ba271 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -14,15 +14,6 @@ jobs: matrix: python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13", "pypy-3.9", "pypy-3.10"] os: [ubuntu-22.04, macOS-latest, windows-latest] - # Python 3.8 and 3.9 do not run on macOS-latest which - # is now using arm64 hardware. - # https://github.com/actions/setup-python/issues/696#issuecomment-1637587760 - exclude: - - { python-version: "3.8", os: "macos-latest" } - - { python-version: "3.9", os: "macos-latest" } - include: - - { python-version: "3.8", os: "macos-13" } - - { python-version: "3.9", os: "macos-13" } steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 From 8c36da656df15111c423975381f523e0b9db7326 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Jan 2025 16:56:12 +0000 Subject: [PATCH 141/164] Bump github/codeql-action from 3.27.0 to 3.28.5 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.0 to 3.28.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/662472033e021d55d94146f66f6058822b0b39fd...f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0ac7aaeaca..170391ef09 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 + uses: github/codeql-action/init@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 + uses: github/codeql-action/autobuild@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 + uses: github/codeql-action/analyze@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5 From e361622fae03f08b16c48a0a1414a718d9d45d25 Mon Sep 17 00:00:00 2001 From: jakobheine Date: Sat, 1 Feb 2025 19:42:06 +0000 Subject: [PATCH 142/164] docs(exceptions): Remove unused exception URLRequired from documentation The documentation previously listed `requests.URLRequired` as a valid exception, suggesting it would be raised for invalid URLs. However, this exception has been dead code since commit ab27027 (2012) and is never actually raised. Instead, invalid URLs raise `MissingSchema`, `InvalidSchema`, or `InvalidURL`, none of which were documented. This commit removes `URLRequired` from the documentation to reflect the actual behavior and prevent confusion. Signed-off-by: jakobheine --- docs/api.rst | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/api.rst b/docs/api.rst index 34959dd6f1..3ae5b9d856 100644 --- a/docs/api.rst +++ b/docs/api.rst @@ -31,7 +31,6 @@ Exceptions .. autoexception:: requests.RequestException .. autoexception:: requests.ConnectionError .. autoexception:: requests.HTTPError -.. autoexception:: requests.URLRequired .. autoexception:: requests.TooManyRedirects .. autoexception:: requests.ConnectTimeout .. autoexception:: requests.ReadTimeout From 11f63a330bc7b9026086e3d259f400f9c702b542 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2025 16:27:40 +0000 Subject: [PATCH 143/164] Bump actions/setup-python from 5.3.0 to 5.4.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/0b93645e9fea7318ecaed2b359559ac225c90a2b...42375524e23c412d93fb67b49958b491fce71c38) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index cc53b13cf2..f86b6f1b1b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 with: python-version: "3.x" - name: Run pre-commit diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index d7e86ba271..7f00a3f067 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 with: python-version: ${{ matrix.python-version }} cache: 'pip' @@ -39,7 +39,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b + uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 with: python-version: '3.8' - name: Install dependencies @@ -59,7 +59,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b + uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 with: python-version: '3.8' - name: Install dependencies From d96f9982a276c73ab078b255c94397cf4d7f6cc2 Mon Sep 17 00:00:00 2001 From: anupam-arista <118899211+anupam-arista@users.noreply.github.com> Date: Tue, 11 Feb 2025 21:25:29 +0530 Subject: [PATCH 144/164] Update src/requests/models.py Co-authored-by: Ian Stapleton Cordasco --- src/requests/models.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/requests/models.py b/src/requests/models.py index 31ac5ea102..7c414241e9 100644 --- a/src/requests/models.py +++ b/src/requests/models.py @@ -945,7 +945,9 @@ def text(self): return content def json(self, **kwargs): - r"""Returns the json-decoded dict of a response, if any. + r"""Decodes the JSON response body (if any) as a Python object. + + This may return a dictionary, list, etc. depending on what is in the response. :param \*\*kwargs: Optional arguments that ``json.loads`` takes. :raises requests.exceptions.JSONDecodeError: If the response body does not From a2fd25ff34b66ef71b54dfc90e09a4e4152357f6 Mon Sep 17 00:00:00 2001 From: anupam-arista <118899211+anupam-arista@users.noreply.github.com> Date: Tue, 11 Feb 2025 21:28:59 +0530 Subject: [PATCH 145/164] Update models.py --- src/requests/models.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/requests/models.py b/src/requests/models.py index 7c414241e9..298afcd7ad 100644 --- a/src/requests/models.py +++ b/src/requests/models.py @@ -946,8 +946,7 @@ def text(self): def json(self, **kwargs): r"""Decodes the JSON response body (if any) as a Python object. - - This may return a dictionary, list, etc. depending on what is in the response. + This may return a dictionary, list, etc. depending on what is in the response. :param \*\*kwargs: Optional arguments that ``json.loads`` takes. :raises requests.exceptions.JSONDecodeError: If the response body does not From 5d31ddbf7b3f512dd3c61952d2c16e980a2b7dc1 Mon Sep 17 00:00:00 2001 From: anupam-arista <118899211+anupam-arista@users.noreply.github.com> Date: Wed, 12 Feb 2025 17:58:07 +0530 Subject: [PATCH 146/164] Update src/requests/models.py Co-authored-by: Ian Stapleton Cordasco --- src/requests/models.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/requests/models.py b/src/requests/models.py index 298afcd7ad..c4b25fa079 100644 --- a/src/requests/models.py +++ b/src/requests/models.py @@ -946,6 +946,7 @@ def text(self): def json(self, **kwargs): r"""Decodes the JSON response body (if any) as a Python object. + This may return a dictionary, list, etc. depending on what is in the response. :param \*\*kwargs: Optional arguments that ``json.loads`` takes. From 507409661335bd3dd8a7e39f04d07b42e519becc Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Mon, 17 Feb 2025 00:39:07 +0000 Subject: [PATCH 147/164] Add CA constraint to test CA Otherwise recent versions of OpenSSL reject it as an invalid CA certificate (at least once the test certificates are regenerated). Fixes: #6896 --- tests/certs/expired/ca/ca.cnf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/certs/expired/ca/ca.cnf b/tests/certs/expired/ca/ca.cnf index 8c4b823053..1443cb9374 100644 --- a/tests/certs/expired/ca/ca.cnf +++ b/tests/certs/expired/ca/ca.cnf @@ -4,9 +4,13 @@ prompt = no default_md = sha256 encrypt_key = no distinguished_name = dn +x509_extensions = v3_ca [dn] C = US # country code O = Python Software Foundation # organization OU = python-requests # organization unit/department CN = Self-Signed Root CA # common name / your cert name + +[v3_ca] +basicConstraints = critical, CA:true From 9ebebdef98a6aacfbedcf2ca61ba0eaecc2563f4 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Mon, 17 Feb 2025 00:41:30 +0000 Subject: [PATCH 148/164] Regenerate test certificates Created using the following command with OpenSSL 3.4.0: for cert in expired mtls valid/server; do make -C tests/certs/$cert clean all done --- tests/certs/expired/ca/ca-private.key | 52 +++++++++--------- tests/certs/expired/ca/ca.crt | 38 ++++++------- tests/certs/expired/ca/ca.srl | 2 +- tests/certs/expired/server/server.csr | 24 ++++----- tests/certs/expired/server/server.key | 52 +++++++++--------- tests/certs/expired/server/server.pem | 77 ++++++++++++++------------- tests/certs/mtls/client/client.csr | 24 ++++----- tests/certs/mtls/client/client.key | 52 +++++++++--------- tests/certs/mtls/client/client.pem | 77 ++++++++++++++------------- tests/certs/valid/server/server.csr | 24 ++++----- tests/certs/valid/server/server.key | 52 +++++++++--------- tests/certs/valid/server/server.pem | 77 +++++++++++++-------------- 12 files changed, 279 insertions(+), 272 deletions(-) diff --git a/tests/certs/expired/ca/ca-private.key b/tests/certs/expired/ca/ca-private.key index 507b1f5623..8aa400e043 100644 --- a/tests/certs/expired/ca/ca-private.key +++ b/tests/certs/expired/ca/ca-private.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHlIhe7GLCeSk8 -RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He -mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK -na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 -fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm -zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy -e6lzFyWnAgMBAAECggEAFwzHhzcD3PQDWCus85PwZoxTeQ817BmUBGpBBOKM0gLG -GCsT7XsmGP2NjICBy9OK+QTKawmb/wR5XK0OMUWDHXqtWn+NFIyojyo8+HEeCf8n -4ZleTFHLnJ+d2N1etbc2qc9mY3tjpaurq8/0Tol9YH06ock1TY2+lO+a5HvMURnY -hcWs70CamL+5B/6n67DhjzMtIW3dIXuEEceM1BW/jW8SKq0JHpQ3t+OJwID7zFaJ -bLyOwAVheMzVGvN3yphf8tll3tMA65bNjdOzgOfZSjAy7EGjW3DyAolDw9jKLRyu -E0gw/exNGe618oMIeUDv0KParlL4RjdiUP8l0xYOwQKBgQD3eYj9rWeqZquI9vKP -gaSv6urb2UJLngShZUpEZRNJgBO+Ewiof0w8tpQdsnuMvWudxMLbzgiUNA+NyC/K -CpzIXFkWnWx+A/pxs8ZO8moOfajVRayJgeOLsQZb7c4fXGsVGApbN4+cPNhTNG6d -ucErv6tae/SzAzcLc5Vkw/ELxwKBgQDOdJ5Wl5JeKAvU/3kF6+MYWCrXxZqMjoHS -y1BtyMX5RbdaWTCfDUu1aV3qJOJjjWQ9DJdJQcEsrTjOpD4bVdZx4w/XEG0JXAa3 -jRypVHGdeG/TjhUGJA8U+KX3a1DkcdqM9pqFYRw5Ie95Wz9YRroI+YkixqpK8d7W -C+5BodxXIQKBgCk8Lv9V7XgPM3XW8APJbk+BrTCEuu8unUbnQcCztssAdEmvkjnB -PErBgVyRaNTCmzPmnTFS20sWgaD2QkBAFG+uM4n5ISK+NvTLJ7fv3IwdlAw1V9Jx -uiCElrKqpTXEiHMzVkZss5ks6j6y9duCIBXSEhM5pERPvNRDphjsLTXxAoGARSNC -nyb1Kjjo9XR0V+pNy6pC9q1C+00B5tCVZ55zxe114Hi70pfGQcM+YxnlAoeoCNW9 -mBfAFDESNAlGjyrovIzYkiH7EcZSrYdBEOepgJ2DfWo4Wi0bK9+03K2AknAaS1iO -GJqTtAJMSuymwu40gKroJNA42Q40nKO0LyCARGECgYEAiFRHkblBtStv22SpZxNC -jim9yuM0ikh7Ij1lEHysc/GWb2RQNxQVk54BU2kQ0d9xwMZQTKvpF3VE9t7uGdwt -AasWPr/tWYt35Ud0D4bNlagJJ4Xdslf8n1nkq3qqqDQbd7kkQRgwGzVr0uVg7ZfS -26qSPQ0/aF9nagb5eHX3AuU= +MIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAQCfZUh82dF/r9GW +89IN2vqOiMMuikIAO3SEI3+uSGCdWT13C+NnrFJ7XF/D6UGy1mvm8KfhSnapWoAk +toyPXSc/GNzJzCwZool7xE+rm/0vbu1XbUcQcqB8nQRLzTChDIGuuD8DHs7bmen1 +9sT5kZy0CIqac383cQxR8W1Fs48xEBJfuBBmyl+bz4ugPci96H4DIuAD2QvP2KKg +Gqs4yyDPSmf86k9+okOsLMQVwGnHety+TPJawCn2aCXl+rmMTSCH2sUEc81cXaVQ +Yxyf6HaqGncCs1O2MzeRbPugEzb5K4ZVM4NYtDMkxrQnZFCALf4XOma1uv5Kh6Qo +FMFHOA6tAgMBAAECgf9YadXLawbJzLx0/smE5fIVHccmCYqSlmgK46XvBjaREO8H +GZEJ8IvP4W09PiUzDbzMXLDCRouLZKevtZJB82nRlfjh9l5/2aho/nsytVO6+8yq +sfK5LNvYQ0Aey7ItosJMJ+bL1ErphHZB+J9Jz3scYaCAC5CFMC+lREVYZEEI9QD4 +P2D5QbmaSeu8jmL/H3fWHjNXWDprue3W/MIf96NZa3qJew45go4TAYYMe5i757KW +Ja40VNfmsgbz4uI9oDXaYL/NkWUaQP1lnh+Mfrm1YnBe2wsLcP/WuM5h0bYzJW/1 +ZeSrZM3fqCMW6SJyrVE1qzqvtw1xQBlrq0B6q0ECgYEA0fi4+ySFGR+mL6k5UjP1 +roREqQgKaLgdhOvD88EnO93Nl6tJ3Qk8LyzPUNbxe1/xTUEKMtglBKOoxCHJJZlg +xXnKBAQUtlmrLFKIGe+UCD+r+wfSpS6Sl7BUDmeCSczG9dPN5vnyZA4ixUke2SCC +k4Eb9Q0AHyNnbXv928r0sfkCgYEAwlZRYmGTVva6cY2YEmMrqbWy4Wxm2Zmdo+Uq +Xu1RZF9a3tGzNbGsyYdeLNY7vVZoVOm1paMJCA8ScNLFtCux2jEPqwqd1OZ8OLhA +1VF3/kYtUSdqwLzWoS1RdD6mZCAHeOE+N0pone4lt3A2o8wtpHsaDA+XSTw2rHLR +LVS+b1UCgYEAtezJ4Ze31pfMdrkpmCa69JVXpBj6Y9c6hGN+aWFuq/k22/WmTuRk +h/9MNR+3JQ1w1l3HB1ytXkKqxBz92hz1csReG3Kpu4EfxYxQriAdY7Q/P4Z8pXAf +xVwayEw439aUgIQef8UKllSFHeiH2NrJKCKSZZT5CQG06HCo+Fn1/4kCgYAYuwtY +TbqGUpefY7l6fYxM6IZ/EWB1SIs7FCq0MdctwsS5nk4EAzxN2SAu7IRlr91PEP7A +uWKo1+Is4WWva/ASKDQqPAuh0EL2pNv7SYbPoPabYTzAkkdt82puNJrQGxNYWrGk +L5/omSnLkkghyBX23IOQDVvfQf5jK6la73HckQKBgAI+iLECAkle9HvnJ3flicau +9FAU1/9pOdM+WogSanhYQ/P2rAwRiyCIkqu62/OoZR5g4kLxWqOOmVvsK3j+gs5F +FtwN7gauq06MAHnWr6qC8ZltzMsGZTVDvqSH2vgV4T1V6ovVpTBPKQ1gWtABEmpm +dyfeA6HHeRAHx8VRGpL6 -----END PRIVATE KEY----- diff --git a/tests/certs/expired/ca/ca.crt b/tests/certs/expired/ca/ca.crt index c332b7cb7b..f08b2d67a5 100644 --- a/tests/certs/expired/ca/ca.crt +++ b/tests/certs/expired/ca/ca.crt @@ -1,20 +1,22 @@ -----BEGIN CERTIFICATE----- -MIIDWzCCAkMCFA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAMGox -CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv -bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l -ZCBSb290IENBMB4XDTI0MDMxMjIxMDQwM1oXDTQ0MDMwNzIxMDQwM1owajELMAkG -A1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgw -FgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJv -b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlIhe7GLCeSk8 -RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He -mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK -na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 -fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm -zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy -e6lzFyWnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGymNVTsKSAq8Ju6zV+AWAyV -GcUNBmLpgzDA0e7pkVYhHTdWKlGH4GnrRcp0nvnSbr6iq1Ob/8yEUUoRzK55Flws -Kt1OLwnZyhfRoSUesoEqpP68vzWEgiYv0QuIWvzNt0YfAAvEgGoc3iri44MelKLn -9ZMT8m91nVamA35R8ZjfeAkNp2xcz0a67V0ww6o4wSXrG7o5ZRXyjqZ/9K7SfwUJ -rV9RciccsjH/MzKbfrx73QwsbPWiFmjzHopdasIO0lDlmgm/r9gKfkbzfKoGCgLZ -6an6FlmLftLSXijf/QwtqeSP9fODeE3dzBmnTM3jdoVS53ZegUDWNl14o25v2Kg= +MIIDlDCCAnygAwIBAgIUG/CTOPIQbH2BI36TyThUChQyR8wwDQYJKoZIhvcNAQEL +BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu +ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt +U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMjE3MDAzODIyWhcNNDUwMjEyMDAzODIyWjBq +MQswCQYDVQQGEwJVUzEjMCEGA1UECgwaUHl0aG9uIFNvZnR3YXJlIEZvdW5kYXRp +b24xGDAWBgNVBAsMD3B5dGhvbi1yZXF1ZXN0czEcMBoGA1UEAwwTU2VsZi1TaWdu +ZWQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ9lSHzZ +0X+v0Zbz0g3a+o6Iwy6KQgA7dIQjf65IYJ1ZPXcL42esUntcX8PpQbLWa+bwp+FK +dqlagCS2jI9dJz8Y3MnMLBmiiXvET6ub/S9u7VdtRxByoHydBEvNMKEMga64PwMe +ztuZ6fX2xPmRnLQIippzfzdxDFHxbUWzjzEQEl+4EGbKX5vPi6A9yL3ofgMi4APZ +C8/YoqAaqzjLIM9KZ/zqT36iQ6wsxBXAacd63L5M8lrAKfZoJeX6uYxNIIfaxQRz +zVxdpVBjHJ/odqoadwKzU7YzN5Fs+6ATNvkrhlUzg1i0MyTGtCdkUIAt/hc6ZrW6 +/kqHpCgUwUc4Dq0CAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +CEaIPf7XQsGt0xbf6P9x5cxdKpwwDQYJKoZIhvcNAQELBQADggEBAHMgyQNA3DQG +0l9eX8RMl4YNwhAXChU/wOTcvD+F4OsJcPqzy6QHFh1AbBBGOI9/HN7du+EiKwGZ +wE+69FEsSbhSv22XidPm+kHPTguWl1eKveeWrrT5MPl9F48s14lKb/8yMEa1/ryG +Iu8NQ6ZL91JbTXdkLoBDya9HZqyXjwcGkXLE8fSqTibJ7EhWS5Q3Ic7WPgUoGAum +b5ygoxqhm+SEyXC2/LAktwmFawkv1SsMeYpT790VIFqJ/TVVnUl+gQ2RjSEl2WLb +UO4Hwq4FZbWF9NrY6JVThLmbcr8eW6+UxWfiXHLw/qTRre4/3367QAUQRt7EuEsb +KOWpOS3fbsI= -----END CERTIFICATE----- diff --git a/tests/certs/expired/ca/ca.srl b/tests/certs/expired/ca/ca.srl index fab68405ed..0d6f69d6fe 100644 --- a/tests/certs/expired/ca/ca.srl +++ b/tests/certs/expired/ca/ca.srl @@ -1 +1 @@ -4F36C3A7E075BA6452D10EEB81E7F189FF489B74 +4F36C3A7E075BA6452D10EEB81E7F189FF489B83 diff --git a/tests/certs/expired/server/server.csr b/tests/certs/expired/server/server.csr index 5e3c177647..d8ba3a5bf2 100644 --- a/tests/certs/expired/server/server.csr +++ b/tests/certs/expired/server/server.csr @@ -2,18 +2,18 @@ MIIDHjCCAgYCAQAwbTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQK DBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJl cXVlc3RzMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB -DwAwggEKAoIBAQCKulIMpo633iCgbkKv1UoiLC4sQt5xWpgguujywu3hLYwmPFp9 -kvPt//imqtl8FhuhKqJ8FCGrVl2YIGj1RJIB3GW7MSPNCuIBFL/gwNi35LxDPtoA -IPyXytIR7VH9+ch9DFInJaoA/BekMuKvbXk54VW9whpHbwkXSG2lBS2vKL0XemYh -9VjvtuRDji2iOZpznlVE2PEN80bojArp6oYKakv2kYzgzgxAJiI/NZGvC7mbSI4e -ja7ad3R9G0kB1FzNj36jrNO5WtxHO/mrRiXSpDeyUbitYvt0HKoM0vhTnOR+BspP -IltfwOQh8qq2Q2AaMHNcVjMH3gHCZADfhk/zAgMBAAGgbDBqBgkqhkiG9w0BCQ4x +DwAwggEKAoIBAQDcRRwk8IU1YoNu8CHzB5Vh8HP/yLfBtU69LLZq+7rDG31JlR5s +lmcwLLoZ8opUQ5rg8JMRZ7toh5zB4Uc0B4Sg8RhQMSOZYBIJkXdHuqQkciR0vWnN +vD/5CkWEhnj4dxE7xTbDufBlxmwAthC/u72UIsZHavAyLCBqsONa7xuTiogz/d+3 +G+525JrfVr05hhJpT4Ypx5YY+ABkIOuOk/XuudbGm5SquuX6BgjmgaGtDjAuE/Rn +BnliIavCDrG0v3KGbG3Xxt7lFTu+98foForwGCbbQBraty27oZrzAtLltfIHlJRn +jPz0JA9akNDhAihxEsTUhk2d7jFszsd0Ev7DAgMBAAGgbDBqBgkqhkiG9w0BCQ4x XTBbMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMB MCwGA1UdEQQlMCOCCWxvY2FsaG9zdIcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATAN -BgkqhkiG9w0BAQsFAAOCAQEAfAhEhrulsZae71YFqgvzwJHm/hzXh47hErtgDXVJ -mFqAxgF6XrnzYujlt3XQXUx/8vdrU7jH+Pe8WO1rDvFwRPMDGoBF3RX29SzyX/2F -e102egnoRR+Hlf0Ixqu0CuTjEVnD+g4mRgXhV7LPKP4W6qGwzcVbaJ3c/zRcfqNR -g9gN6Q6Qt4fXDc7wlx2T3nOszBLQ2XCsIyzVtOJ2sSuadqKH9Aj+mrkrLBdzVFHD -FHnTMJ0t0+anZwd+AWDNsCr5lIwBGL634zw7/yJepMHuPFd2X24S3u8EaWPkfVQn -lV6rLQMGjXYTe2xuYzlUCUYnKvkyPTMjSXDkxWa+WSNwyQ== +BgkqhkiG9w0BAQsFAAOCAQEAVVIxJlDrgeG0bOSufgVVRqDQx7XSd15mGlT+CynM +lEFJ3Q9k98T2vRNNGVYYYZAnbdSOW9ACwWGcYm2bzIjbgZV0H2Kz0dLD/GrNuEY+ +O9j6K2toFKc57G7UUkve+N74ldq+hkR4zbb6FQmTlnL2YaPp2dv5TxdMKfHEfPNf +Bg8xpbXdoRc7CYW1ZACme+d2U063GVqQsrIfwGJ+BtE6aNo62T/oEm+G4Wy5iBay +jNv/imwf+JKQ75bTvha9YLUg2scqdYwJj8JlBw7cvkBIHW8GydA3fX4dtV9YBbFi +8RTlWhhLgCXpYbLoDGOqF6f/MuPSIGkV1wVhCUfYA+p+Gw== -----END CERTIFICATE REQUEST----- diff --git a/tests/certs/expired/server/server.key b/tests/certs/expired/server/server.key index 27ddafd1ca..c48457b39a 100644 --- a/tests/certs/expired/server/server.key +++ b/tests/certs/expired/server/server.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCKulIMpo633iCg -bkKv1UoiLC4sQt5xWpgguujywu3hLYwmPFp9kvPt//imqtl8FhuhKqJ8FCGrVl2Y -IGj1RJIB3GW7MSPNCuIBFL/gwNi35LxDPtoAIPyXytIR7VH9+ch9DFInJaoA/Bek -MuKvbXk54VW9whpHbwkXSG2lBS2vKL0XemYh9VjvtuRDji2iOZpznlVE2PEN80bo -jArp6oYKakv2kYzgzgxAJiI/NZGvC7mbSI4eja7ad3R9G0kB1FzNj36jrNO5WtxH -O/mrRiXSpDeyUbitYvt0HKoM0vhTnOR+BspPIltfwOQh8qq2Q2AaMHNcVjMH3gHC -ZADfhk/zAgMBAAECggEAFSF9RvUFzyb0BEvXN44+/QaKv+4tkMmSW4Xs3rFnZ4G3 -E8nkpLUCF9ICD2z9tKNvcPScDFdKq5z7o6ToJ9faf5MRIdrBz8UlGLIO6g6l1Bjw -vjNwJE3h+8MGjXl/IDbwXW/HgbQAeabsePPRSJRdvz2+ACn1M8VLdrLvFJA93ayW -+n3Bk0bXdsrzqBGdoDiNzmIHI3WqdONiR9TymuJe41NJtMKxQDF+c6Y1n/X1OtBk -s9L+u9Xr+R3H72xSYrf1KH1mFZJfTnIPoOmdEU2tVZnZj03rZhT7p8R1fVNX6OHu -NX1Dy9VA6J7dbcqdPvTI743ByQeb+hNnqI/3hmV5eQKBgQC++1Wn3v/dxtczjA+I -tN4a7zyjhazpB25lde55HVfCQPxmYxIYct+j6S0JkMaoLrjiEDb4pnu4Gt4MDqZa -r0Xm8t3wD1YKUUbhpBEGvsMhAEZEIsBOcwkTiEwsoF0mKFa2mTyqAImgIQa8uFt8 -Y/oTj55XFe1x6pZKEJRg+K+QSwKBgQC59ONVkMSBirLGS+G+b2kqiBdwZB/3s3wr -feS1xTa+deL3AChnKT9+MsVqOkxdE2TRj/mAeF+5Woa5bPMvgr9Kl7u8bulTH80l -YA/N6FneO11/ncnkgK9wN54kd5TiOtGsGB5S5t/nEAIMUIwWrM/cRau72xNEWOhT -Tvw7TOSF+QKBgQCa/texeiYmE24sA4vH4yIuseKAw8hlBwbtiRyVZt8GZD9zyQuy -k+g02tUWYk0XyXN65LX4bwURkZyMJIeWKZGNsaW1YnzturDQB5tZ4g/zBIoCWkHA -aVQAaimIPk3a3foiD5NQVUdckfEp0GVPOsSGg5R6EO23+i8mxPXnDW1OqQKBgGvf -lelTO8tyLFdAOcqBUt6rZ/1499p3snaAZ6bSqvk95dYnr0h48y5AQaln/FiaIYg4 -HyLZsZ4S18jFXSWYkWOyNeQP6yafciBWY5StT0TN52VaoX3+8McGXKUHAcVjHbLZ -ou2wpP6jmKyQJVQaF9LOT9uAMOMbOFrrnQLBjmfxAoGAQAnUhMFG5mwi9Otxt6Mz -g+Gr+3JTlzwC3L7UwGdlFc3G2vSdGx/yOrfzpxPImfIBS95mibDfdvEBMer26pvw -a/ycqybyX9d/5nPDIaJ1lc4M4cbHC/cB52JI6avr/1g8OMK7lR7b/FsPVHS1w8kl -n6uwEjVt2+gP2o9DFTGs158= +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDcRRwk8IU1YoNu +8CHzB5Vh8HP/yLfBtU69LLZq+7rDG31JlR5slmcwLLoZ8opUQ5rg8JMRZ7toh5zB +4Uc0B4Sg8RhQMSOZYBIJkXdHuqQkciR0vWnNvD/5CkWEhnj4dxE7xTbDufBlxmwA +thC/u72UIsZHavAyLCBqsONa7xuTiogz/d+3G+525JrfVr05hhJpT4Ypx5YY+ABk +IOuOk/XuudbGm5SquuX6BgjmgaGtDjAuE/RnBnliIavCDrG0v3KGbG3Xxt7lFTu+ +98foForwGCbbQBraty27oZrzAtLltfIHlJRnjPz0JA9akNDhAihxEsTUhk2d7jFs +zsd0Ev7DAgMBAAECggEAUZjCX8a/ufJ3+OE42lQdWO4fsonS1I3LENYe70u4OC2X +QGpenmAq8pQnDpSj/KocliZYfLKeII9YGRRQcaw1S/9z/8TsSJVnqSa7dpVj1+J2 +sc43AxEw65sL/Jdp+bT169vXOTNIpBMYkDzhwH0WMemd5Pfu6c8h5RQI7Pc1knYn +nPNY848qSYCWOUjZS3QmBik/gp9X//yxVCyvxB3xVnb1cpvc952D90Va6nFIWfgN +ix4NgFgAvwIxCFpWI2z7JF8uBdAHPeFAx8pFukQpAzwhaEILlgt3WbvEob9CsdP5 +E39SUkzxiIfVM1du+hRquk9SJ/X56OSLnEjxLarSIQKBgQDyVU00yrv7lG7TJLZ5 +YyfE20A7eUtYdcfatTKfsxKO4KVV+p0mGsNnFhhKziuT5/xtVunbUNFEOaUfmTUP +dCjy4XkDbE/ufxzIm1WTSqknUluVoJRWKmLI5gbDFxu/XGRQNLxQbMK54l3N69PT +EO4kz/jqBYbd4aEmtaSx2R8JowKBgQDosUTgBGDxDE2ODPVoXc+YjReOmVHvGMKK +tA+KDBEs4spxaqhH0OFh6mewx3jA4VHbcIgM50STXrq1VL/QqYclDlY9/VWzkmqp +2Ekc4NoAl3H022pgcbmXx3qapC4Z3hokNFOlbtD9xQf9NMx6c5djTKMYTBrBBWXH +oFhSz6PIYQKBgQCMGqkydmvMffq89CLTd3JMq/4s5GmdUSsk1VHZZuy50kOEvAoT +N7H1bZ7J0Pz83Eji5jb6Z3U1nqZK6Ib20k/CbH1Mb1ifKLp5eOU27Rly9Hiiv15D +munWALe0Hy4Zqs8MWBDv5pGGasuU/F1RUB5/BgaBNoTMz2AeQzJe6Iq7RQKBgCca +Ku3OLpAzNhEp4k9wfEMxaoT/BMK+EWsHiRj0oCo/zi8y8iZnVoiCwHv3eTZIZt4O +Uf6BGof9QjjYjgc9hcVXXGy8Vpt/fkceXmLo8hlpWbAA8yZT1hFIZzT3Y/va09/D +n07MiXgrlQUay0XEiOsZ5Mpfd5t6EblzG4SG+gnhAoGAZ+shbacxhji7cUUYJLrO +9uZJCDCZiyq8yZ+lMzX1kILQwaP6VmSvF4TzKrkrCuD2HzUYcqebko/TvckeTp/a +oYC2put3zt0CHBf/keeeJwjhff19qVyE9mpZwoo7PuS5zmM7pQOLxzCyAM9MdsCz +kmnbborcfh74fkfRcwXm6G8= -----END PRIVATE KEY----- diff --git a/tests/certs/expired/server/server.pem b/tests/certs/expired/server/server.pem index 05a2a4dac8..8304c04e49 100644 --- a/tests/certs/expired/server/server.pem +++ b/tests/certs/expired/server/server.pem @@ -1,41 +1,44 @@ -----BEGIN CERTIFICATE----- -MIIDXjCCAkYCFE82w6fgdbpkUtEO64Hn8Yn/SJt0MA0GCSqGSIb3DQEBCwUAMGox -CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv -bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l -ZCBSb290IENBMB4XDTI0MDMxMzIxMTQ0NVoXDTI0MDMxMzIxMTQ0NVowbTELMAkG -A1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUg -Rm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRIwEAYDVQQDDAls -b2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKulIMpo63 -3iCgbkKv1UoiLC4sQt5xWpgguujywu3hLYwmPFp9kvPt//imqtl8FhuhKqJ8FCGr -Vl2YIGj1RJIB3GW7MSPNCuIBFL/gwNi35LxDPtoAIPyXytIR7VH9+ch9DFInJaoA -/BekMuKvbXk54VW9whpHbwkXSG2lBS2vKL0XemYh9VjvtuRDji2iOZpznlVE2PEN -80bojArp6oYKakv2kYzgzgxAJiI/NZGvC7mbSI4eja7ad3R9G0kB1FzNj36jrNO5 -WtxHO/mrRiXSpDeyUbitYvt0HKoM0vhTnOR+BspPIltfwOQh8qq2Q2AaMHNcVjMH -3gHCZADfhk/zAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGeQdB4+iDbJ78eKhCMV -49Cm8nyYi9215rRRJ24Bw6BtVw1ECwymxLVOEB0gHCu8kKdsFnniFBtChts/ilFg -blIyPKTsb3+kQW9YV9QwVdFdC4mTIljujCSQ4HNUC/Vjfnz85SDKf9/3PMKRr36+ -GtSLIozudPvkNmCv68jy3RRXyCwWHc43BLMSZKPD/W+DEuXShI9OIpIlSLBx16Hz -4ce3/1pGuITWcsw6UcRqW31oPR31QmNs5fsq5ZCojDNFzEFCA1t9LiR6UOftFUKy -yOZWfZeAGGdK75U+XDqS9Xkr5/ic5jE0I5rT7e7r3lpvQdgIj8lSx493fczLOGHr -YA0= +MIIDpzCCAo+gAwIBAgIUTzbDp+B1umRS0Q7rgefxif9Im4EwDQYJKoZIhvcNAQEL +BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu +ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt +U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMjE3MDAzODIyWhcNMjUwMjE3MDAzODIyWjBt +MQswCQYDVQQGEwJVUzELMAkGA1UECAwCREUxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0 +d2FyZSBGb3VuZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxEjAQBgNV +BAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANxF +HCTwhTVig27wIfMHlWHwc//It8G1Tr0stmr7usMbfUmVHmyWZzAsuhnyilRDmuDw +kxFnu2iHnMHhRzQHhKDxGFAxI5lgEgmRd0e6pCRyJHS9ac28P/kKRYSGePh3ETvF +NsO58GXGbAC2EL+7vZQixkdq8DIsIGqw41rvG5OKiDP937cb7nbkmt9WvTmGEmlP +hinHlhj4AGQg646T9e651sablKq65foGCOaBoa0OMC4T9GcGeWIhq8IOsbS/coZs +bdfG3uUVO773x+gWivAYJttAGtq3LbuhmvMC0uW18geUlGeM/PQkD1qQ0OECKHES +xNSGTZ3uMWzOx3QS/sMCAwEAAaNCMEAwHQYDVR0OBBYEFFK1WmMqRSzUD2isk8TL +M3JfsVczMB8GA1UdIwQYMBaAFAhGiD3+10LBrdMW3+j/ceXMXSqcMA0GCSqGSIb3 +DQEBCwUAA4IBAQCekjxplL/AI32WtODgw7FpTXNXdyNy8PWEhn3ufL0MqiyseYOZ +bIa0PAecsArlKs5hXJzB7p/hu5CZdvaCButw1jyWQBySCpeJXn3FmGdTkBvhwBHv +y6npmBoy/nbLkIRNRcoLbALlfn/0iGWfmDTRblT7vRNWJmZCZCTA/+ILXJ36ItbF +3JCs3ARF6XWORuZs5Y8cNloOy2brAC/4EHnTfOZBQf8cL8CfHlcNa+nbG1j+wVNO +60e/0v9zTxa2wNzdnLBCW4rqJFJ44aGClxat5tWuypv0snA/0xrqIYWTQGXZPVT6 +rET47dfVbj1QxmW3sAyuy5PskZA9T7pOhcjR -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDWzCCAkMCFA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAMGox -CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv -bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l -ZCBSb290IENBMB4XDTI0MDMxMjIxMDQwM1oXDTQ0MDMwNzIxMDQwM1owajELMAkG -A1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgw -FgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJv -b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlIhe7GLCeSk8 -RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He -mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK -na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 -fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm -zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy -e6lzFyWnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGymNVTsKSAq8Ju6zV+AWAyV -GcUNBmLpgzDA0e7pkVYhHTdWKlGH4GnrRcp0nvnSbr6iq1Ob/8yEUUoRzK55Flws -Kt1OLwnZyhfRoSUesoEqpP68vzWEgiYv0QuIWvzNt0YfAAvEgGoc3iri44MelKLn -9ZMT8m91nVamA35R8ZjfeAkNp2xcz0a67V0ww6o4wSXrG7o5ZRXyjqZ/9K7SfwUJ -rV9RciccsjH/MzKbfrx73QwsbPWiFmjzHopdasIO0lDlmgm/r9gKfkbzfKoGCgLZ -6an6FlmLftLSXijf/QwtqeSP9fODeE3dzBmnTM3jdoVS53ZegUDWNl14o25v2Kg= +MIIDlDCCAnygAwIBAgIUG/CTOPIQbH2BI36TyThUChQyR8wwDQYJKoZIhvcNAQEL +BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu +ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt +U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMjE3MDAzODIyWhcNNDUwMjEyMDAzODIyWjBq +MQswCQYDVQQGEwJVUzEjMCEGA1UECgwaUHl0aG9uIFNvZnR3YXJlIEZvdW5kYXRp +b24xGDAWBgNVBAsMD3B5dGhvbi1yZXF1ZXN0czEcMBoGA1UEAwwTU2VsZi1TaWdu +ZWQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ9lSHzZ +0X+v0Zbz0g3a+o6Iwy6KQgA7dIQjf65IYJ1ZPXcL42esUntcX8PpQbLWa+bwp+FK +dqlagCS2jI9dJz8Y3MnMLBmiiXvET6ub/S9u7VdtRxByoHydBEvNMKEMga64PwMe +ztuZ6fX2xPmRnLQIippzfzdxDFHxbUWzjzEQEl+4EGbKX5vPi6A9yL3ofgMi4APZ +C8/YoqAaqzjLIM9KZ/zqT36iQ6wsxBXAacd63L5M8lrAKfZoJeX6uYxNIIfaxQRz +zVxdpVBjHJ/odqoadwKzU7YzN5Fs+6ATNvkrhlUzg1i0MyTGtCdkUIAt/hc6ZrW6 +/kqHpCgUwUc4Dq0CAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +CEaIPf7XQsGt0xbf6P9x5cxdKpwwDQYJKoZIhvcNAQELBQADggEBAHMgyQNA3DQG +0l9eX8RMl4YNwhAXChU/wOTcvD+F4OsJcPqzy6QHFh1AbBBGOI9/HN7du+EiKwGZ +wE+69FEsSbhSv22XidPm+kHPTguWl1eKveeWrrT5MPl9F48s14lKb/8yMEa1/ryG +Iu8NQ6ZL91JbTXdkLoBDya9HZqyXjwcGkXLE8fSqTibJ7EhWS5Q3Ic7WPgUoGAum +b5ygoxqhm+SEyXC2/LAktwmFawkv1SsMeYpT790VIFqJ/TVVnUl+gQ2RjSEl2WLb +UO4Hwq4FZbWF9NrY6JVThLmbcr8eW6+UxWfiXHLw/qTRre4/3367QAUQRt7EuEsb +KOWpOS3fbsI= -----END CERTIFICATE----- diff --git a/tests/certs/mtls/client/client.csr b/tests/certs/mtls/client/client.csr index 9a5713d5c7..35c8c2f325 100644 --- a/tests/certs/mtls/client/client.csr +++ b/tests/certs/mtls/client/client.csr @@ -2,12 +2,12 @@ MIIEGjCCAwICAQAwbDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQK DBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJl cXVlc3RzMREwDwYDVQQDDAhyZXF1ZXN0czCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAMn3iQycTjUzpKJChRNkcm33UB282cUwpxeqKN4ahHxBpS09HRhk -cQYO7yErEUQwzQnBQEcIpzzeIMZIqHuCkgnySjeEJd95AIzNzGyoLLkS51TcJwgR -v83AvT8ljA88s9h38qGTy4/TCxJgf76pfHIuC1qoKVQh3AuHj9nOxIZLUsrdDbWF -WoLqKSVyTby+RXvSAppAR+cuBCaWStQ6xFORn48RHfc6t30ggD4rDAjyU6Vz6oR8 -ot3XmGdK0h42UdqidUWkRJajEbpkCnQSXS21IvfXKxF5sFqAXJrj9iVbUfpNPpaa -W8IrHByngyV8amazGZrASstUVRFtWrnrcWECAwEAAaCCAWcwggFjBgkqhkiG9w0B +ADCCAQoCggEBAJrdvu5kvCy5g6w67gczETk/u6K0UBmf6Mv0lqXCp3Voyt5fv6SI +/OPWrFV1+m4imNe5bLM7JUoUfkqkmULsjTTh7sxVLjW226vLSYOWWy7PA+OSwUTN +LjydF1dazlPedHPYdmhVShCmyoOd1pUCDQn0/4cEA/WW4mtzZImmoCf/pyAM3XAC +9RBcSSJRywOTe6n9LY6Ko0YUW94ay2M4ClVblDxswDemaAsLFuciKmi53gKx4H/l +areo8p60dgubooiMbcc4E9bzp0oJpfh7xhwKeJtCNEpOik1AiiQIZtwqmkkIHvtI +Go3SZ7WAQU9Eh2r+u3E6aSl+N0PMXK4Y4JsCAwEAAaCCAWcwggFjBgkqhkiG9w0B CQ4xggFUMIIBUDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggr BgEFBQcDAjCCAR8GA1UdEQSCARYwggESggsqLmxvY2FsaG9zdIcEfwAAAYcQAAAA AAAAAAAAAAAAAAAAAYZNc3BpZmZlOi8vdHJ1c3QucHl0aG9uLm9yZy92MC9tYWlu @@ -15,10 +15,10 @@ dGFpbmVyL3NpZ21hdmlydXMyNC9wcm9qZWN0L3JlcXVlc3RzL29yZy9wc2aGTXNw aWZmZTovL3RydXN0LnB5dGhvbi5vcmcvdjEvbWFpbnRhaW5lcjpzaWdtYXZpcnVz MjQvcHJvamVjdDpyZXF1ZXN0cy9vcmc6cHNmhk1zcGlmZmU6Ly90cnVzdC5weXRo b24ub3JnL3YxL21haW50YWluZXI9c2lnbWF2aXJ1czI0L3Byb2plY3Q9cmVxdWVz -dHMvb3JnPXBzZjANBgkqhkiG9w0BAQsFAAOCAQEAwP1KJ+Evddn2RV1FM6BFkoDK -MPDO9qwb8ea3j57SIJXZlpw168DljmuGzxJw9oys2O6FYcspbHIocAkfFwiYgVAr -NEog6xlCdPxNBJgC3YFIKwnmBjMPG6ZCWiJn940qTbaJ/j6ZviN17uW4K7Sl+THp -IkMv29uQTWkfg+GbZ9q1hm2m2GHhYLGLAUdJdtv7JI+yq5uxdsWaCANpH6kc8SnK -2rik6D3iItDhHCmToHBpdEnP8J+KDzf5pJrv/g3WH8XVrl4ZzBsOhmciWF4C3Hbf -9eu8eAsp1AsIrZOEGTfClBd7vFCES5DmI0/iRs4czQooqZPnHjOw3Azp/LujrA== +dHMvb3JnPXBzZjANBgkqhkiG9w0BAQsFAAOCAQEAMOwYPyq+OpMRQUAgoRjfxTQO +DiqfBzCsjUsPAacLTtebbWBx8y6TkLSb+/Qn3amq3ESo4iBqKpmVwdlAS4P486GD +9f78W3zkZ29jGcnQ+XHb7WvPvzBRoXImE276F9JGqJ+9q39Cbxzh0U2+ofBx2iGY +sSutzU0B/l/FKZRc8thuFoeKqHwVePLGD9p2+2nYI9I08QoGqEokTcFAq0tZ858F +9PdxBZYOKOMpnLZhiJ8qZo23v3ycBXPOjg5ILtQ9EzHoNEA5Mxx/mfNLKJ0NktZD +KXANLWKbXm+w9gTcBLtCPWNeqj5DIGPsHSfq/Bmjbp/o+uOJs6oq3s5rA7WrAA== -----END CERTIFICATE REQUEST----- diff --git a/tests/certs/mtls/client/client.key b/tests/certs/mtls/client/client.key index 8107125399..b6cea90813 100644 --- a/tests/certs/mtls/client/client.key +++ b/tests/certs/mtls/client/client.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDJ94kMnE41M6Si -QoUTZHJt91AdvNnFMKcXqijeGoR8QaUtPR0YZHEGDu8hKxFEMM0JwUBHCKc83iDG -SKh7gpIJ8ko3hCXfeQCMzcxsqCy5EudU3CcIEb/NwL0/JYwPPLPYd/Khk8uP0wsS -YH++qXxyLgtaqClUIdwLh4/ZzsSGS1LK3Q21hVqC6iklck28vkV70gKaQEfnLgQm -lkrUOsRTkZ+PER33Ord9IIA+KwwI8lOlc+qEfKLd15hnStIeNlHaonVFpESWoxG6 -ZAp0El0ttSL31ysRebBagFya4/YlW1H6TT6WmlvCKxwcp4MlfGpmsxmawErLVFUR -bVq563FhAgMBAAECggEABhWX97JJxN6JFNOjhgGzqiPA3R8lrFlv3zhNbODS9u9U -q404xYBZIKaYhkucLzgNJUBrevhZbsL+V8WJQIH0JlU57nw5ATIjAHA+uqiXraen -zRhTcLHK28b1AeRUA4LU+YN7jWnnawN075kf9WgjtfOJ0gcDimOkE7uCFjyyvPJA -LG9bG+8enGjvUleKXNgmwP4Sq/GlEdGz9Qy+8ga3mtfAULUWe8haFNZXK8CN3xPp -wmVqy7QzgH2TGN1p6Dyxib9ksSN/lOg0dShL8zgu+QXDNx2VwmVrI8Vr02vmB//0 -bYxCo5pfICPIFLjLl5yo30dvrUfYqF29PperStHGlQKBgQD/TdemlLjJNP0fvSs7 -KEVJj/22YuHK+wurNr2ZFbSdcF3v9sfiwysllmEyGr5cNYA56uUbfG+8VSw7kDll -G+6BKK2UdlPH++6RahqWLqo4k6rsNrkq7elj8xG4gIjR5qzu2uLpjNwp2BGmIoUI -eb1NcLfTlMcNCooV8RHjm1Z5WwKBgQDKhHkUPDcJm2/9Ltq2NZQMrCS7o4LV2uAI -GhGpISfY+SfHkQQNZ9Fvbe6hrFeZs31nAvlTDpPEg/LGSVKA5I2EZT9gwzAQU1TD -Cyol4xqqWFWlwze7w+RLYqX5LtXf7NJg2m5p+ZOoOzzqvTVpodDxqTlCNp2/6ICP -vAIvWhbA8wKBgAYlr62ZIyHlHrsm6OWRwKlWyDseAmXKyasjtEj9Vs37qKdgf8ub -+2v6RPjZ3/+EYkQCveV9h4s3WctNW7Rtib6eZh+PAdFs5X+m2GEJWpvmIlVxs9+u -vtHjRmf04FZ9gWh26MPK2no/c51Wc3GSzNYSgrqbeHd963k/xrh+QwTFAoGAZZjb -3UjwG4O9RPjyhCKQ6WKa8v9urbamWaoqXfziLrmgOUAJFmiU6x/tbXI2aEdhjAIz -7nULsLS5YLx8BWmjjV3106dYP3hut4KsXGF4iSjTnts25J27tA4DUeUrKrF2QVyT -s9qfNvCw+Np/J0Uku3e33/3iWdpcVL9vIS5C5/0CgYBEuxb3dffNRqEiNkpOUrCD -mQTqbO3X+hin9zT3GrxQE+7KpfCfdDIqdK6c5UWHirR3HUjUPZmIFLSx8msfLl3k -hgQw37NMV+asg0Wy3P908qbtnEA2P6aDOMQeHJoC7qEHIDOcOQ1KP3FMvOrdscwS -f0IIDygTH6fYr329s0iXjg== +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCa3b7uZLwsuYOs +Ou4HMxE5P7uitFAZn+jL9Jalwqd1aMreX7+kiPzj1qxVdfpuIpjXuWyzOyVKFH5K +pJlC7I004e7MVS41ttury0mDllsuzwPjksFEzS48nRdXWs5T3nRz2HZoVUoQpsqD +ndaVAg0J9P+HBAP1luJrc2SJpqAn/6cgDN1wAvUQXEkiUcsDk3up/S2OiqNGFFve +GstjOApVW5Q8bMA3pmgLCxbnIipoud4CseB/5Wq3qPKetHYLm6KIjG3HOBPW86dK +CaX4e8YcCnibQjRKTopNQIokCGbcKppJCB77SBqN0me1gEFPRIdq/rtxOmkpfjdD +zFyuGOCbAgMBAAECggEABHa5xyNOLTfXrMIyFDELoQvOO71YxbRPQHm3UeXPb9nq +Zwh5fKOaLnMEmp4A7uW+ZBFrKatdwsnebgZaiIxK8ahFesxFvbScllIQt2NBE5NR ++GBFg9cqKwMYJiNu6Qnzb1dg6lbzAJHeKncFNVxOxeey6dBa0NxdgF1eG32bBiwT +yIr6JO7cK5JfcExls5yxdZMZiW08quaeFMQR6Wocod2caDgJUBVbZwivEoNI3ak4 +/kzQaxvRoDMM8uN3LrVH2YUJgURUxSbpOLu8ycZtfg8JRArprUYI0P0OD6iDlly1 +3FhJXqBEY0dWQPmZKP/Elt3ywC1oncW+AqPh9cchiQKBgQDMriOKoBrTmplw0kbo +EEuxTU1A23BqcZfn2+PoUww6UxOvStL/s7iupjl3g4CXw0RgIfyOuJQldLdq7mh6 +W7BpK855fH2CLy1VMdIFY1umHSgJ5Bayd5NmyKdfORUw88PTFFSARYyr5DDqufWg +jI77BMjqHtbyujQKspV+9U66ZwKBgQDBsi5YptfaqMdzh343G5zAtCiGCd3m9NZO +atEEvgq9LKqEVwvJ/FD+3QPAS1MN+ms9KcfJ3G05VUhhEsPGRKibgcE0FNA/VBDO +jS2HK6kZ1M0clC5kHmQfLZxp1q3tA5nW6zqjVFdqYzJsis7G5YxFKhnzui0lgP6V +I1Io+3QvrQKBgQCK6D+sq92o8AnkfICsq6qDCKA+PO68/pyGOUAiAoKQ7qK0W0Z5 +TMIwnRTxHCjgViAIUehx/6hjByQXiPcU2zcNGTLGVgtjl5rfb7FGANlJEg6DL+2L +bwV1QwX75OSR1U136hsy9oByg6oDEvM040+B4gxsf0OHdYEuJWa5w8eLTwKBgCJt +CM+416SFWu2tp0EkJzgYzRsFpermmTBWy8+L91yoE6Zx0iaUMdEadxA2Uwyo9WZp +hpjaFI+cGMEoFKOokE8TQMOA74JR7qrHbNAZcnSk3c+2hohE3oasFKC7By6Y9T69 +kC53TxIZj1y7TwUKx2ODmBk5fcysoJLhNDkUeBIBAoGAQ/YMeMN/pSvTDCPhubbk +9bF0SwoN6DWrzw7gzMMhHlVSPM4fjdBA+wXbhnYF7hiNan7uShtRHVhwyfj+glBz +KIkDxETjxTWx5mbo3tNf8xEMsbHZBe8KPlKxizdAOvShLvkpthTCPiyqn6XTvbs4 +vC0zZrsQWCYT4Wbm7gcOOAU= -----END PRIVATE KEY----- diff --git a/tests/certs/mtls/client/client.pem b/tests/certs/mtls/client/client.pem index 0a11d4d472..0e3091d0e4 100644 --- a/tests/certs/mtls/client/client.pem +++ b/tests/certs/mtls/client/client.pem @@ -1,41 +1,44 @@ -----BEGIN CERTIFICATE----- -MIIDXTCCAkUCFE82w6fgdbpkUtEO64Hn8Yn/SJtzMA0GCSqGSIb3DQEBCwUAMGox -CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv -bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l -ZCBSb290IENBMB4XDTI0MDMxMzE4MzUwNFoXDTI2MDMxMzE4MzUwNFowbDELMAkG -A1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUg -Rm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMREwDwYDVQQDDAhy -ZXF1ZXN0czCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMn3iQycTjUz -pKJChRNkcm33UB282cUwpxeqKN4ahHxBpS09HRhkcQYO7yErEUQwzQnBQEcIpzze -IMZIqHuCkgnySjeEJd95AIzNzGyoLLkS51TcJwgRv83AvT8ljA88s9h38qGTy4/T -CxJgf76pfHIuC1qoKVQh3AuHj9nOxIZLUsrdDbWFWoLqKSVyTby+RXvSAppAR+cu -BCaWStQ6xFORn48RHfc6t30ggD4rDAjyU6Vz6oR8ot3XmGdK0h42UdqidUWkRJaj -EbpkCnQSXS21IvfXKxF5sFqAXJrj9iVbUfpNPpaaW8IrHByngyV8amazGZrASstU -VRFtWrnrcWECAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAHHgMckLDRV72p1FEVmCh -AAPZjCswiPZFrwGPN57JqSWjoRB9ilKvo87aPosEO7vfa05OD/qkM/T9Qykuhati -I1T1T7qX4Ymb5kTJIBouuflAO3uKVaq+ga2Q/HLlU5w/VoMU4RuK7+RaiRUEE3xL -iPSMBvZpoMj695LnzcGrT5oLkFI0bTIlpQt1SFjDpHFtOj/ZdwgSbZYLoTCBXQK3 -7Y29qAj/XwEiCH63n8tJKvZcD8/ssMIMIdWhNmu+0jOWica/3WSih9Geoy6Ydtxi -I5t9vRjC4LIipMUAF86AJIfvHJyI6aCNT420LaR6NRW0FQn5CPTHPAsKg3JkAywn -Ew== +MIIDpjCCAo6gAwIBAgIUTzbDp+B1umRS0Q7rgefxif9Im4IwDQYJKoZIhvcNAQEL +BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu +ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt +U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMjE3MDAzODIzWhcNMjcwMjE3MDAzODIzWjBs +MQswCQYDVQQGEwJVUzELMAkGA1UECAwCREUxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0 +d2FyZSBGb3VuZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxETAPBgNV +BAMMCHJlcXVlc3RzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmt2+ +7mS8LLmDrDruBzMROT+7orRQGZ/oy/SWpcKndWjK3l+/pIj849asVXX6biKY17ls +szslShR+SqSZQuyNNOHuzFUuNbbbq8tJg5ZbLs8D45LBRM0uPJ0XV1rOU950c9h2 +aFVKEKbKg53WlQINCfT/hwQD9Zbia3NkiaagJ/+nIAzdcAL1EFxJIlHLA5N7qf0t +joqjRhRb3hrLYzgKVVuUPGzAN6ZoCwsW5yIqaLneArHgf+Vqt6jynrR2C5uiiIxt +xzgT1vOnSgml+HvGHAp4m0I0Sk6KTUCKJAhm3CqaSQge+0gajdJntYBBT0SHav67 +cTppKX43Q8xcrhjgmwIDAQABo0IwQDAdBgNVHQ4EFgQU3Ujw+VSuTzPgHqU+KFwO +T4t2MHswHwYDVR0jBBgwFoAUCEaIPf7XQsGt0xbf6P9x5cxdKpwwDQYJKoZIhvcN +AQELBQADggEBAEvrKXWHRRDIf26j2fH9hanx0nh+lxvI4jSWYmK0rJXZA3htEvWn +gcoUspmhmLlgmRMP88lGINMjTsogUubu2j6WF/WuKxAWWvl/hUgK8NzOwOHvByPB +lhO/rSNGdOWGlnaW1TVO4kI8w6c6LwzOCpY8WvOZLW+v7duLhKUdhaJMR9X77Tbt +ohHkyYm0gV79izaFRpA6mdYoyHOR4gyWAKaj942doU794fT4gqQacRNifl/kUbWI +lilktTLyLnmBJgrxHVBxcGe8kwnPafA1k3Gb1w7mY5BSoGKglKjutTfqR3uTjAQb +vskS4SGXmsEIjLrXYWFNHyoC3pCBXWhX6Kc= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDWzCCAkMCFA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAMGox -CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv -bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l -ZCBSb290IENBMB4XDTI0MDMxMjIxMDQwM1oXDTQ0MDMwNzIxMDQwM1owajELMAkG -A1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgw -FgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJv -b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlIhe7GLCeSk8 -RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He -mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK -na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 -fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm -zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy -e6lzFyWnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGymNVTsKSAq8Ju6zV+AWAyV -GcUNBmLpgzDA0e7pkVYhHTdWKlGH4GnrRcp0nvnSbr6iq1Ob/8yEUUoRzK55Flws -Kt1OLwnZyhfRoSUesoEqpP68vzWEgiYv0QuIWvzNt0YfAAvEgGoc3iri44MelKLn -9ZMT8m91nVamA35R8ZjfeAkNp2xcz0a67V0ww6o4wSXrG7o5ZRXyjqZ/9K7SfwUJ -rV9RciccsjH/MzKbfrx73QwsbPWiFmjzHopdasIO0lDlmgm/r9gKfkbzfKoGCgLZ -6an6FlmLftLSXijf/QwtqeSP9fODeE3dzBmnTM3jdoVS53ZegUDWNl14o25v2Kg= +MIIDlDCCAnygAwIBAgIUG/CTOPIQbH2BI36TyThUChQyR8wwDQYJKoZIhvcNAQEL +BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu +ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt +U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMjE3MDAzODIyWhcNNDUwMjEyMDAzODIyWjBq +MQswCQYDVQQGEwJVUzEjMCEGA1UECgwaUHl0aG9uIFNvZnR3YXJlIEZvdW5kYXRp +b24xGDAWBgNVBAsMD3B5dGhvbi1yZXF1ZXN0czEcMBoGA1UEAwwTU2VsZi1TaWdu +ZWQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ9lSHzZ +0X+v0Zbz0g3a+o6Iwy6KQgA7dIQjf65IYJ1ZPXcL42esUntcX8PpQbLWa+bwp+FK +dqlagCS2jI9dJz8Y3MnMLBmiiXvET6ub/S9u7VdtRxByoHydBEvNMKEMga64PwMe +ztuZ6fX2xPmRnLQIippzfzdxDFHxbUWzjzEQEl+4EGbKX5vPi6A9yL3ofgMi4APZ +C8/YoqAaqzjLIM9KZ/zqT36iQ6wsxBXAacd63L5M8lrAKfZoJeX6uYxNIIfaxQRz +zVxdpVBjHJ/odqoadwKzU7YzN5Fs+6ATNvkrhlUzg1i0MyTGtCdkUIAt/hc6ZrW6 +/kqHpCgUwUc4Dq0CAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +CEaIPf7XQsGt0xbf6P9x5cxdKpwwDQYJKoZIhvcNAQELBQADggEBAHMgyQNA3DQG +0l9eX8RMl4YNwhAXChU/wOTcvD+F4OsJcPqzy6QHFh1AbBBGOI9/HN7du+EiKwGZ +wE+69FEsSbhSv22XidPm+kHPTguWl1eKveeWrrT5MPl9F48s14lKb/8yMEa1/ryG +Iu8NQ6ZL91JbTXdkLoBDya9HZqyXjwcGkXLE8fSqTibJ7EhWS5Q3Ic7WPgUoGAum +b5ygoxqhm+SEyXC2/LAktwmFawkv1SsMeYpT790VIFqJ/TVVnUl+gQ2RjSEl2WLb +UO4Hwq4FZbWF9NrY6JVThLmbcr8eW6+UxWfiXHLw/qTRre4/3367QAUQRt7EuEsb +KOWpOS3fbsI= -----END CERTIFICATE----- diff --git a/tests/certs/valid/server/server.csr b/tests/certs/valid/server/server.csr index 000d1facb2..60d082e8ef 100644 --- a/tests/certs/valid/server/server.csr +++ b/tests/certs/valid/server/server.csr @@ -2,18 +2,18 @@ MIIDKjCCAhICAQAwbTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkRFMSMwIQYDVQQK DBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEYMBYGA1UECwwPcHl0aG9uLXJl cXVlc3RzMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB -DwAwggEKAoIBAQChEKOx377ymuDg23By5Re1DHi2RiBKSHr85/ZTZuwP/69lHN7q -TQEO//EMEFZ9+ZwezeJJsejjP2HO5lQZbcsWok3hbM0wVT+vApkogPvJ8WNFFWFe -ZBnGLi/1WM9cSZpUsDJ0XCsG0RTtO27wfgZQlKQMZxTkfi971oPYxNVSjTm2JcLT -kvwYIwxjJXPDTOgRo9TEAY3cWkCrBJN4w74GWBTM5KDDA230T7WwLuv81XD2LvYj -YYdMBGcxPr5tYTIlp3LncbcrDRNk3pbYQk0bRJgkw2vUkteiRGjkt+dgVnLc6+MI -W+VLXEpj+zsOZ5/R4d1pofqj9sDyDPhtNr1JAgMBAAGgeDB2BgkqhkiG9w0BCQ4x +DwAwggEKAoIBAQDD3OzTz9TgOiJp/STy/au8G1EDVUuP3HWKAX5ZpkWSTYZfc7FF +pgPQvBq83oh/K1+9Rw0/529N1+KeTp1i9vUBUM2wJ3EzykJP4rMFh+J/Nt6VFfJh +05pTQiHnc85l4U8Qz7fHS6Lc9EG/Yp6yDxt5OeK8QAkNYjvxVhVdpif3GlnICx1e +y1EcPxb9rslERyz0eiL6+BtVbhlSvup/rz2skvaYxoh/pP1RVwbu8VtS0it046Fm +U0TnIdsjrdFjHXNJ2JSs5g6FDB9QEFhYdDOonL4KMcAkXxBLYXpjJ5fj8/X4LFkU +FINry+Q2zdFKYsghCxlW98hmJVJTscVWznqpAgMBAAGgeDB2BgkqhkiG9w0BCQ4x aTBnMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMBYGA1UdJQEB/wQMMAoG CCsGAQUFBwMBMC8GA1UdEQEB/wQlMCOCCWxvY2FsaG9zdIcEfwAAAYcQAAAAAAAA -AAAAAAAAAAAAATANBgkqhkiG9w0BAQsFAAOCAQEAFTlFTn5Mn8JXtqB5bGjuiChe -ClA6Y32Co4l7N0CtAlf+bExwLdpLOleTX3WnryIPALl9uBUI/67dy/STn/J1Yn86 -jWPEFwpmYNSKgQljYWcwtBdYLWfIsJO11kKdaAkOUHBEN5DKrXJ46Vs4918bD1/Q -6ztqdrThiKc646u9xB58Hg7F0IyMWbHfs0x16ZpcN9otrIkbqOE2wzTmc65O1t1i -HDljcSk7OnNy3a9wtLEnyPiyMqHf2k/bTlmiDRVe3cSy9xieoqmzHTnOCSASe1y9 -7lcEBQild18Jo4nACV4vCYOUwrMi/58LWW+lD6OmMnPiWUqOvMbgMffMNDpWPA== +AAAAAAAAAAAAATANBgkqhkiG9w0BAQsFAAOCAQEAn8TdRWYAGL7L8JKpkX2FRMMY +EuFOEeJ2UaQLRbVtb1RhkIkMT6UYulQ16K45dbFe4k8DT59/mHrTl0bJ6pqVPawa +vo7vmKCrSYEz8GrImh1+i6lHaFiqbkAs1mJ6z86dZUofMYwfTPVh64ztamUqwBk7 +Dey+MzWUQvpTVqoaP7cLgzMy+XfcyGuWSoL6pX5XKkt4+A2wiCTsHul1sXOn4vQz +4xY96AUVnkKosXMWXvhbMkncLNH+gs+ZeQI0MekakuMa42N+0BAad3Zx60lifG3N +ugyVUmvVI0Fq6QUlYp3YV6QQj3FDjbgOVsSJNh+2s4SIARJsb/k//Tddzxei7g== -----END CERTIFICATE REQUEST----- diff --git a/tests/certs/valid/server/server.key b/tests/certs/valid/server/server.key index d6afaf59fe..387d5d67f1 100644 --- a/tests/certs/valid/server/server.key +++ b/tests/certs/valid/server/server.key @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQChEKOx377ymuDg -23By5Re1DHi2RiBKSHr85/ZTZuwP/69lHN7qTQEO//EMEFZ9+ZwezeJJsejjP2HO -5lQZbcsWok3hbM0wVT+vApkogPvJ8WNFFWFeZBnGLi/1WM9cSZpUsDJ0XCsG0RTt -O27wfgZQlKQMZxTkfi971oPYxNVSjTm2JcLTkvwYIwxjJXPDTOgRo9TEAY3cWkCr -BJN4w74GWBTM5KDDA230T7WwLuv81XD2LvYjYYdMBGcxPr5tYTIlp3LncbcrDRNk -3pbYQk0bRJgkw2vUkteiRGjkt+dgVnLc6+MIW+VLXEpj+zsOZ5/R4d1pofqj9sDy -DPhtNr1JAgMBAAECggEAIuLzBfXgCvXzlBjL2kMXd7p4EgkN+PEKnKmUr/t40b1Q -zR6sBQWBX3GeET4fseElSQHQzCQaPNCve4xltm1S4jftFREHP7sTVHHEYWLQxuy/ -Uwkewj5927CI6ERgg82YfVP91bjaA/u5I+pt7O7rKLyNbPdN7fEMEW+FNuhpiVvg -JMrcK1BCFL6pmIT21LyTwkacMKZSPko58pWE24MA9aSCHk6cXdwQWQK0AfQT3XGT -C4I0hRed7LgqMH+gMuhpakiO13t8yTwxt2iQC9+aa4oSHD3BOi/CwIWfe1mHwmlr -cj4Kof1JSnK4SVTD16T++PlnWZkF6oaLUNg+/c2C9QKBgQDOFSYIY7+HzinT2hbI -yTIJCHpp+Iee+WVvvxjdZIPMDINrlIiHcMfXb0itUdcUO6tz0KYDMDLRC9CSP0ar -6mBWUTHfAKF2S4JpI9JYI4PNtIpOP1NiYuyJlnh5+ytU1yIeIvl39hmLcRwI9mgz -njy/D7yEoDCrG1dhcltubKpNXQKBgQDIFAVg0A7MNcxBZDLlk1NAME2JKOSszX8E -VNucvZD+9l+L9V9BmwwPQdzYifv/dNp3nYn+lxRPPgze3ZWu4+PeDuGudxu0I6ll -beFdbIcp1wbeQguzHYLjBYJqsMb4Pao5HPInjPu/HWfZlg9oZpJbKVucQwbonJLX -lgca9KaE3QKBgA+OUx+g/+0tZ8ThGoUvgsJhzHPBWeNrKfgEcckMdFJrw2PUg3XN -0pf1g4PpwJV7Z5bHcjCda8iR3r2bXydM+tapLF2L+6QlUQPEu3UBwUo+zY3Yg9/S -Xc6I+DEk/4FY9+9UboZaolT/RcF7cCQtVqKJeo58VRAlcTQe4L32H+jVAoGALXX3 -Ht9HbXkP1w/YTLej4+LVy0OCag0rPiW13LBqALSkUx3GrhZ3sAPMFVuM6ad4eFNQ -ZouXbsXvkLgSabGYNf11o/mmTtEHjWdhHKQrNgOIqPmixOkAs2quDmXqX79LLTz5 -fKkZDny0+wiQqa0cth/4k9HbAQGKj/ej16kdKPUCgYAz08Y39NnJYxRNz3tu/7C6 -jKyXKxhuZCZCt3cSWto5Tg0mVVB+2Jk2GhG1hCfZoRCP25R3FFBR1HOJgOc59T7C -LL67FdO0+7mj/WNzHj3+9gyOYQyQgPVDaTmsJLbuzT2S+GpR94ZNliwL2NEa5baG -B/Nb2ruRNj0GgZVw48N4XQ== +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDD3OzTz9TgOiJp +/STy/au8G1EDVUuP3HWKAX5ZpkWSTYZfc7FFpgPQvBq83oh/K1+9Rw0/529N1+Ke +Tp1i9vUBUM2wJ3EzykJP4rMFh+J/Nt6VFfJh05pTQiHnc85l4U8Qz7fHS6Lc9EG/ +Yp6yDxt5OeK8QAkNYjvxVhVdpif3GlnICx1ey1EcPxb9rslERyz0eiL6+BtVbhlS +vup/rz2skvaYxoh/pP1RVwbu8VtS0it046FmU0TnIdsjrdFjHXNJ2JSs5g6FDB9Q +EFhYdDOonL4KMcAkXxBLYXpjJ5fj8/X4LFkUFINry+Q2zdFKYsghCxlW98hmJVJT +scVWznqpAgMBAAECggEACY98I+6uJm/QBDpuFkpZmqn+r1n3gUMynZTrFPcvyC9u +krQ0AAFViFfWOkfmg8abOsMAG5FxdmxGTJHrzsvdM748/A9A0FVcHUgkku2KGcmU +3dQfa7UHgG7m9sRJW+G+mUR6ZQkFHyHxH6Vxt6FTJvyzW5sIlhWodWRNUK/unXoe +5QNIh/PM9Mkg91wKVeg8AGdY27zfuUV0KLwhV052hCSwckayi7pjYrH2xDL8fahi +Z/F43N1SI6Q7PTW6izDs2KrlGyexn97jOV+cooSXXaDvivTaB2K4RoidrPt+UAW4 +/e1zw/LbeBvQXX4vsyC9vLO+Av1gYo2PxAZ/ezc5gQKBgQDvY/kgUud6stdMs73N +Qavu9o/Ul4oeQa4fsmfUwj43OjquxpXbfV9sNTLFxFbsl5ADGkpqsR3WhP2090TK +62vkyCBiaYZjyMY6WLDATEvrpfbc74ATEzTU+r9T1rEByq/atbWPZq/zoMo8aAdg +Qk2X7gQO3pTpPeEpetYG42Di+QKBgQDRc9IqPeELQugXEuI0RZ8rsfGRSFKVRelQ +Rz/KpD/S8SsE7ERL0w/w5KgE0IPPbh/SYX2KYxafCqTrPWDNaoguROvUoUJQvf4a +uOMTCRkqdqj8j70zaPj2ohuIIZ3GZHyaXgl/isWtuZ5OeaoY5h3r+4gk5mO41Llz +YikB71SRMQKBgGBNG18BetVFNI9Kj0QO8xeCYIHpJErfqShfIJ3aNiUJa6n7gTV2 +zfg9vlsIjN9IaUqWPPGGprYxcc5m2mm3IwQ57a0pPkLN9dBq9U+mYbQ+Y3ylbCRA +SbST2nvjlflejDezeYJikM21FSYPw0fZ5FUGDuPcbpMVrYp+O7MxrTwhAoGAcjQq +xemTiWZj0iDzwfisP1D5HHRIwyepfaI7wCwquMPS5w5EduuQZ5LloipnlHTBWR7b +Kte4f+N35OREofySYFgoFnoPBKNzp/Jjrf9p/2NP5NYjHaMBDMl7JZDezEwCPNFF +cIukGYN6M+PWwVjHu+Ica7JLcX5b1/QP1ARBIiECgYAsdDa0CoYTVWMeqMq9GjF3 +BElBKCLp6iYqpElWyKTj39LCnLhzRICyYQpblM8zZgtQIvRGT8DYh2HA1Q29yPzt +Rgrz9yfFACdT5gUM5D6sx7L37xbtMQQ7YYOxEAfCUZ0qnMJgpNTJ8/ECkjGJZaif +CXrx6XCdvrM/evZW2JZbyg== -----END PRIVATE KEY----- diff --git a/tests/certs/valid/server/server.pem b/tests/certs/valid/server/server.pem index 0168cd3e3f..b4ad4c650d 100644 --- a/tests/certs/valid/server/server.pem +++ b/tests/certs/valid/server/server.pem @@ -1,47 +1,46 @@ -----BEGIN CERTIFICATE----- -MIIEhTCCA22gAwIBAgIUTzbDp+B1umRS0Q7rgefxif9Im3wwDQYJKoZIhvcNAQEL +MIIEEDCCAvigAwIBAgIUTzbDp+B1umRS0Q7rgefxif9Im4MwDQYJKoZIhvcNAQEL BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt -U2lnbmVkIFJvb3QgQ0EwHhcNMjQwMzE0MDAxMDAzWhcNNDMxMTMwMDAxMDAzWjBt +U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMjE3MDAzODIzWhcNNDQxMTA0MDAzODIzWjBt MQswCQYDVQQGEwJVUzELMAkGA1UECAwCREUxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0 d2FyZSBGb3VuZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxEjAQBgNV -BAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKEQ -o7HfvvKa4ODbcHLlF7UMeLZGIEpIevzn9lNm7A//r2Uc3upNAQ7/8QwQVn35nB7N -4kmx6OM/Yc7mVBltyxaiTeFszTBVP68CmSiA+8nxY0UVYV5kGcYuL/VYz1xJmlSw -MnRcKwbRFO07bvB+BlCUpAxnFOR+L3vWg9jE1VKNObYlwtOS/BgjDGMlc8NM6BGj -1MQBjdxaQKsEk3jDvgZYFMzkoMMDbfRPtbAu6/zVcPYu9iNhh0wEZzE+vm1hMiWn -cudxtysNE2TelthCTRtEmCTDa9SS16JEaOS352BWctzr4whb5UtcSmP7Ow5nn9Hh -3Wmh+qP2wPIM+G02vUkCAwEAAaOCAR4wggEaMAwGA1UdEwEB/wQCMAAwDgYDVR0P -AQH/BAQDAgWgMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMBMC8GA1UdEQEB/wQlMCOC -CWxvY2FsaG9zdIcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATAdBgNVHQ4EFgQUJ90a -UnXKPP13yDprLhG39fUrnu8wgZEGA1UdIwSBiTCBhqFupGwwajELMAkGA1UEBhMC -VVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgwFgYDVQQL -DA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJvb3QgQ0GC -FA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAA4IBAQCVh4hiraRv -JzYbS/TombP//xfVEWHXDBEYsT5GgWf7GPJ/QtSvv6uJFsK7heqLzf9f+r4Z5xMh -YAkb0oe/Ge0T30Mo1YaBEqkKuQL9lOMcP69S9uFz2VT6I/76I8qqAu2AFhu74p8f -qudwmQyRYo1Ryg4R/SgRhSJKF/ST/2wOusNWSsBe1s8S2PmtOb4dr3cMBGihrUzS -DmCQpWjuiuE23HXnnYDc/EUAnEEPkLDgCsE9iLq37FPUHcHjqdYIAhmImPBpv2EL -ftXeRWfxN2hRHpS5Fn3QuAOwfJw5tUcVXojJCJfSpL+Ac97iSjxNaDIPlyomauKw -1rgbUkSw+9JQ +BAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMPc +7NPP1OA6Imn9JPL9q7wbUQNVS4/cdYoBflmmRZJNhl9zsUWmA9C8GrzeiH8rX71H +DT/nb03X4p5OnWL29QFQzbAncTPKQk/iswWH4n823pUV8mHTmlNCIedzzmXhTxDP +t8dLotz0Qb9inrIPG3k54rxACQ1iO/FWFV2mJ/caWcgLHV7LURw/Fv2uyURHLPR6 +Ivr4G1VuGVK+6n+vPayS9pjGiH+k/VFXBu7xW1LSK3TjoWZTROch2yOt0WMdc0nY +lKzmDoUMH1AQWFh0M6icvgoxwCRfEEthemMnl+Pz9fgsWRQUg2vL5DbN0UpiyCEL +GVb3yGYlUlOxxVbOeqkCAwEAAaOBqjCBpzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB +/wQEAwIFoDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDATAvBgNVHREBAf8EJTAjggls +b2NhbGhvc3SHBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEwHQYDVR0OBBYEFGg5Q9Ll +ADkONmo02kmPg9+aiOxQMB8GA1UdIwQYMBaAFAhGiD3+10LBrdMW3+j/ceXMXSqc +MA0GCSqGSIb3DQEBCwUAA4IBAQA1RlUI34tXrIdsRiALD8iLDFhh816B7qUi+F1j +3dOkTNgYw0CnQ+Vm4wrQjCEVSDQ/9sry5DOfXeGziDpFlZmQ0UuAeM1EJJD5/42l +C/eKquA09+IMEq2U03GPhijrC68sFCfr5wgoB/4HmcZ1c3kLYvRaJhEK7AHDgenY +knKbvuKAiRbCd584eG8HFOW7xv+YqGZ257Ic9flbarkPrazmAJg2P709w7/fP83x +7lnkPZY09jS3lcIpEdtWvzfm+anGF190hKA1yfPdO5bYPvUcEMxXdMtQ6/pbZd5i +F6t95o9CPCqI/lLIn5jAf9Z+Iil3GmKefEZYIGmKJ85HGUqE -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDWzCCAkMCFA9wdtNh/V99DRwYp8vXjPxSjJnWMA0GCSqGSIb3DQEBCwUAMGox -CzAJBgNVBAYTAlVTMSMwIQYDVQQKDBpQeXRob24gU29mdHdhcmUgRm91bmRhdGlv -bjEYMBYGA1UECwwPcHl0aG9uLXJlcXVlc3RzMRwwGgYDVQQDDBNTZWxmLVNpZ25l -ZCBSb290IENBMB4XDTI0MDMxMjIxMDQwM1oXDTQ0MDMwNzIxMDQwM1owajELMAkG -A1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3VuZGF0aW9uMRgw -FgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYtU2lnbmVkIFJv -b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHlIhe7GLCeSk8 -RZOKdtmyKns6KdZgGw/LcxPkYvQlu1g0zV8X0DqVr2LdMumWUTNCc9sPdSlAG+He -mQp2TMoWUMumMuwDtit9RT0Sb6Eh9svWgjY9ferovPJRfCWUTsA2Ug8uoh0wyEXK -na7X6fHt5E3B9vj0+b9a4vDibdBXV11FheLT02/uEmAEJDdP/zeBgvVbhcVyumO6 -fAGMIWzR2ukhe8z/ma5H9zoi4gZA8nsK6reZUD8+6affnPe+jIt/AdzggtV9jkWm -zSpr+RHeZ0y+q4eik2ZNUGg4XcF6JsJ9yu/AqLBXxd38uLdFfgyhP2y6K628yzgy -e6lzFyWnAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGymNVTsKSAq8Ju6zV+AWAyV -GcUNBmLpgzDA0e7pkVYhHTdWKlGH4GnrRcp0nvnSbr6iq1Ob/8yEUUoRzK55Flws -Kt1OLwnZyhfRoSUesoEqpP68vzWEgiYv0QuIWvzNt0YfAAvEgGoc3iri44MelKLn -9ZMT8m91nVamA35R8ZjfeAkNp2xcz0a67V0ww6o4wSXrG7o5ZRXyjqZ/9K7SfwUJ -rV9RciccsjH/MzKbfrx73QwsbPWiFmjzHopdasIO0lDlmgm/r9gKfkbzfKoGCgLZ -6an6FlmLftLSXijf/QwtqeSP9fODeE3dzBmnTM3jdoVS53ZegUDWNl14o25v2Kg= +MIIDlDCCAnygAwIBAgIUG/CTOPIQbH2BI36TyThUChQyR8wwDQYJKoZIhvcNAQEL +BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu +ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt +U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMjE3MDAzODIyWhcNNDUwMjEyMDAzODIyWjBq +MQswCQYDVQQGEwJVUzEjMCEGA1UECgwaUHl0aG9uIFNvZnR3YXJlIEZvdW5kYXRp +b24xGDAWBgNVBAsMD3B5dGhvbi1yZXF1ZXN0czEcMBoGA1UEAwwTU2VsZi1TaWdu +ZWQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ9lSHzZ +0X+v0Zbz0g3a+o6Iwy6KQgA7dIQjf65IYJ1ZPXcL42esUntcX8PpQbLWa+bwp+FK +dqlagCS2jI9dJz8Y3MnMLBmiiXvET6ub/S9u7VdtRxByoHydBEvNMKEMga64PwMe +ztuZ6fX2xPmRnLQIippzfzdxDFHxbUWzjzEQEl+4EGbKX5vPi6A9yL3ofgMi4APZ +C8/YoqAaqzjLIM9KZ/zqT36iQ6wsxBXAacd63L5M8lrAKfZoJeX6uYxNIIfaxQRz +zVxdpVBjHJ/odqoadwKzU7YzN5Fs+6ATNvkrhlUzg1i0MyTGtCdkUIAt/hc6ZrW6 +/kqHpCgUwUc4Dq0CAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +CEaIPf7XQsGt0xbf6P9x5cxdKpwwDQYJKoZIhvcNAQELBQADggEBAHMgyQNA3DQG +0l9eX8RMl4YNwhAXChU/wOTcvD+F4OsJcPqzy6QHFh1AbBBGOI9/HN7du+EiKwGZ +wE+69FEsSbhSv22XidPm+kHPTguWl1eKveeWrrT5MPl9F48s14lKb/8yMEa1/ryG +Iu8NQ6ZL91JbTXdkLoBDya9HZqyXjwcGkXLE8fSqTibJ7EhWS5Q3Ic7WPgUoGAum +b5ygoxqhm+SEyXC2/LAktwmFawkv1SsMeYpT790VIFqJ/TVVnUl+gQ2RjSEl2WLb +UO4Hwq4FZbWF9NrY6JVThLmbcr8eW6+UxWfiXHLw/qTRre4/3367QAUQRt7EuEsb +KOWpOS3fbsI= -----END CERTIFICATE----- From e946665c5953ab40e6dbb29cc8c496ee625fdadd Mon Sep 17 00:00:00 2001 From: duzhuoshanwai <65448395+duzhuoshanwai@users.noreply.github.com> Date: Wed, 19 Feb 2025 10:05:28 +0800 Subject: [PATCH 149/164] Update advanced.rst Add quotes to prevent Zsh wildcard interpretation. --- docs/user/advanced.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index ff3a3d0f26..e2f426bde8 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -681,7 +681,7 @@ You can get the dependencies for this feature from ``pip``: .. code-block:: bash - $ python -m pip install requests[socks] + $ python -m pip install 'requests[socks]' Once you've installed those dependencies, using a SOCKS proxy is just as easy as using a HTTP one:: From 2019450b43511289d45c6b3e7376f2813e1c27b4 Mon Sep 17 00:00:00 2001 From: Richard van den Berg Date: Sat, 29 Mar 2025 14:53:45 +0100 Subject: [PATCH 150/164] Add key usage extension to test ca.crt --- tests/certs/expired/ca/ca.cnf | 1 + tests/certs/expired/ca/ca.crt | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/tests/certs/expired/ca/ca.cnf b/tests/certs/expired/ca/ca.cnf index 1443cb9374..09fcb6de1c 100644 --- a/tests/certs/expired/ca/ca.cnf +++ b/tests/certs/expired/ca/ca.cnf @@ -14,3 +14,4 @@ CN = Self-Signed Root CA # common name / your cert name [v3_ca] basicConstraints = critical, CA:true +keyUsage = critical, cRLSign, digitalSignature, keyCertSign diff --git a/tests/certs/expired/ca/ca.crt b/tests/certs/expired/ca/ca.crt index f08b2d67a5..2c8ebd44ae 100644 --- a/tests/certs/expired/ca/ca.crt +++ b/tests/certs/expired/ca/ca.crt @@ -1,8 +1,8 @@ -----BEGIN CERTIFICATE----- -MIIDlDCCAnygAwIBAgIUG/CTOPIQbH2BI36TyThUChQyR8wwDQYJKoZIhvcNAQEL +MIIDpDCCAoygAwIBAgIUQt0yyZmppkHKNx4aXRrmD5tvjbswDQYJKoZIhvcNAQEL BQAwajELMAkGA1UEBhMCVVMxIzAhBgNVBAoMGlB5dGhvbiBTb2Z0d2FyZSBGb3Vu ZGF0aW9uMRgwFgYDVQQLDA9weXRob24tcmVxdWVzdHMxHDAaBgNVBAMME1NlbGYt -U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMjE3MDAzODIyWhcNNDUwMjEyMDAzODIyWjBq +U2lnbmVkIFJvb3QgQ0EwHhcNMjUwMzI5MTM1MTQ1WhcNNDUwMzI0MTM1MTQ1WjBq MQswCQYDVQQGEwJVUzEjMCEGA1UECgwaUHl0aG9uIFNvZnR3YXJlIEZvdW5kYXRp b24xGDAWBgNVBAsMD3B5dGhvbi1yZXF1ZXN0czEcMBoGA1UEAwwTU2VsZi1TaWdu ZWQgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ9lSHzZ @@ -11,12 +11,12 @@ dqlagCS2jI9dJz8Y3MnMLBmiiXvET6ub/S9u7VdtRxByoHydBEvNMKEMga64PwMe ztuZ6fX2xPmRnLQIippzfzdxDFHxbUWzjzEQEl+4EGbKX5vPi6A9yL3ofgMi4APZ C8/YoqAaqzjLIM9KZ/zqT36iQ6wsxBXAacd63L5M8lrAKfZoJeX6uYxNIIfaxQRz zVxdpVBjHJ/odqoadwKzU7YzN5Fs+6ATNvkrhlUzg1i0MyTGtCdkUIAt/hc6ZrW6 -/kqHpCgUwUc4Dq0CAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -CEaIPf7XQsGt0xbf6P9x5cxdKpwwDQYJKoZIhvcNAQELBQADggEBAHMgyQNA3DQG -0l9eX8RMl4YNwhAXChU/wOTcvD+F4OsJcPqzy6QHFh1AbBBGOI9/HN7du+EiKwGZ -wE+69FEsSbhSv22XidPm+kHPTguWl1eKveeWrrT5MPl9F48s14lKb/8yMEa1/ryG -Iu8NQ6ZL91JbTXdkLoBDya9HZqyXjwcGkXLE8fSqTibJ7EhWS5Q3Ic7WPgUoGAum -b5ygoxqhm+SEyXC2/LAktwmFawkv1SsMeYpT790VIFqJ/TVVnUl+gQ2RjSEl2WLb -UO4Hwq4FZbWF9NrY6JVThLmbcr8eW6+UxWfiXHLw/qTRre4/3367QAUQRt7EuEsb -KOWpOS3fbsI= +/kqHpCgUwUc4Dq0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E +BAMCAYYwHQYDVR0OBBYEFAhGiD3+10LBrdMW3+j/ceXMXSqcMA0GCSqGSIb3DQEB +CwUAA4IBAQBRT21cyZ0Jx0JLA2ilYTLvpMsSryGyWrCOXlmRlBt1MAhmxdTRgCmu +UB3UU2pfnrC16UeMVVS411lhzjowFXkXrjAqSUBRcetUIYHlpnGgDdUl4dV/X5kx +HxD9VUBx/QwGeyzFhjzjeN89M2v9kPnhU/kkVfcsafwYiHdC6pwN6zeZNz7JP+GS +rmI+KVpm5C+Nz6ekm3TR8rFgPIsiDTbY3qj/DNYX2+NhpU1DZfm687vhOr3Ekljx +NHNu9++STEjGpirrI8EqQnK+FP2fRJ5D82YZM0d++8tmHKpY0+FRCr8//459sgun +CojmhIobDa2NuF81Jx6Cc7lagCPG3/Ts -----END CERTIFICATE----- From a5cb4284e18555d9e179f309356178410dbfdaf1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 16:31:10 +0000 Subject: [PATCH 151/164] Bump actions/setup-python from 5.4.0 to 5.5.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.4.0 to 5.5.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/42375524e23c412d93fb67b49958b491fce71c38...8d9ed9ac5c53483de85588cdf95a591a75ab9f55) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index f86b6f1b1b..ad64094506 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 + uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0 with: python-version: "3.x" - name: Run pre-commit diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 7f00a3f067..5e4cfd72fe 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 + uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0 with: python-version: ${{ matrix.python-version }} cache: 'pip' @@ -39,7 +39,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 + uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 with: python-version: '3.8' - name: Install dependencies @@ -59,7 +59,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 + uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 with: python-version: '3.8' - name: Install dependencies From 4ce9520a1cfa2e91abe5a923498f49e1fdb2e4ee Mon Sep 17 00:00:00 2001 From: Robin <167366979+allrob23@users.noreply.github.com> Date: Wed, 23 Apr 2025 08:44:05 -0400 Subject: [PATCH 152/164] Update lint workflow to ubuntu-24.04 Ubuntu 20.04 was the old default and is no longer supported by GitHub Actions --- .github/workflows/lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ad64094506..894ad271a2 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -7,7 +7,7 @@ permissions: jobs: lint: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 timeout-minutes: 10 steps: From 991f05dcd922b1c4036067cb0473abc17db3c806 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 17:28:05 +0000 Subject: [PATCH 153/164] Bump actions/setup-python from 5.5.0 to 5.6.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.5.0 to 5.6.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/8d9ed9ac5c53483de85588cdf95a591a75ab9f55...a26af69be951a213d495a4c3e4e4022e16d87065) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 894ad271a2..52b1fe075e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: python-version: "3.x" - name: Run pre-commit diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 5e4cfd72fe..60c4b03a46 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: python-version: ${{ matrix.python-version }} cache: 'pip' @@ -39,7 +39,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 with: python-version: '3.8' - name: Install dependencies @@ -59,7 +59,7 @@ jobs: steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 - name: 'Set up Python 3.8' - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 + uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 with: python-version: '3.8' - name: Install dependencies From 579cd9f23319ebc65b71613f59e2b7b37d67276d Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Mon, 31 Mar 2025 10:43:23 -0700 Subject: [PATCH 154/164] Drop pypy 3.9 and add pypy 3.11 support --- .github/workflows/run-tests.yml | 6 +++++- HISTORY.md | 5 +++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 60c4b03a46..052560153c 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -12,8 +12,12 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13", "pypy-3.9", "pypy-3.10"] + python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13", "pypy-3.10", "pypy-3.11"] os: [ubuntu-22.04, macOS-latest, windows-latest] + # Pypy-3.11 can't install openssl-sys with rust + # which prevents us from testing in GHA. + exclude: + - { python-version: "pypy-3.11", os: "windows-latest" } steps: - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 diff --git a/HISTORY.md b/HISTORY.md index e51a7ee2c2..582060ee11 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,11 @@ dev - \[Short description of non-trivial change.\] +**Deprecations** +- Added support for pypy 3.11 for Linux and macOS. +- Dropped support for pypy 3.9 following its end of support. + + 2.32.3 (2024-05-29) ------------------- From c65c780849563c891f35ffc98d3198b71011c012 Mon Sep 17 00:00:00 2001 From: Robin <167366979+allrob23@users.noreply.github.com> Date: Sat, 3 May 2025 12:39:14 -0400 Subject: [PATCH 155/164] Add two more tests exercising the adapter (#6936) Closes #6935 --- tests/test_requests.py | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tests/test_requests.py b/tests/test_requests.py index d8fbb23688..c1634eb725 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -1663,6 +1663,32 @@ def test_session_get_adapter_prefix_matching_is_case_insensitive(self): assert s.get_adapter(url_matching_prefix_with_different_case) is my_adapter + def test_session_get_adapter_prefix_with_trailing_slash(self): + # from issue #6935 + prefix = "https://example.com/" # trailing slash + url_matching_prefix = "https://example.com/some/path" + url_not_matching_prefix = "https://example.com.other.com/some/path" + + s = requests.Session() + adapter = HTTPAdapter() + s.mount(prefix, adapter) + + assert s.get_adapter(url_matching_prefix) is adapter + assert s.get_adapter(url_not_matching_prefix) is not adapter + + def test_session_get_adapter_prefix_without_trailing_slash(self): + # from issue #6935 + prefix = "https://example.com" # no trailing slash + url_matching_prefix = "https://example.com/some/path" + url_extended_hostname = "https://example.com.other.com/some/path" + + s = requests.Session() + adapter = HTTPAdapter() + s.mount(prefix, adapter) + + assert s.get_adapter(url_matching_prefix) is adapter + assert s.get_adapter(url_extended_hostname) is adapter + def test_header_remove_is_case_insensitive(self, httpbin): # From issue #1321 s = requests.Session() From c799b8167a13416833ad3b4f3298261a477e826f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20Swe=C3=B1a=20=28Swast=29?= Date: Wed, 21 May 2025 11:08:05 -0500 Subject: [PATCH 156/164] docs: fix dead links to kenreitz.org --- docs/conf.py | 2 +- docs/dev/contributing.rst | 2 +- docs/user/advanced.rst | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/conf.py b/docs/conf.py index edbd72ba82..150029fd68 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -58,7 +58,7 @@ # General information about the project. project = u"Requests" -copyright = u'MMXVIX. A Kenneth Reitz Project' +copyright = u'MMXVIX. A Kenneth Reitz Project' author = u"Kenneth Reitz" # The version info for the project you're documenting, acts as replacement for diff --git a/docs/dev/contributing.rst b/docs/dev/contributing.rst index 961f7c3aba..8132c0246c 100644 --- a/docs/dev/contributing.rst +++ b/docs/dev/contributing.rst @@ -34,7 +34,7 @@ including reporting bugs or requesting features. This golden rule is **All contributions are welcome**, as long as everyone involved is treated with respect. -.. _be cordial or be on your way: https://kenreitz.org/essays/2013/01/27/be-cordial-or-be-on-your-way +.. _be cordial or be on your way: https://kennethreitz.org/essays/2013/be_cordial_or_be_on_your_way .. _early-feedback: diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index e2f426bde8..7bf913d6e6 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -1053,7 +1053,7 @@ backoff, within a Requests :class:`Session ` using the ) s.mount('https://', HTTPAdapter(max_retries=retries)) -.. _`described here`: https://kenreitz.org/essays/2012/06/14/the-future-of-python-http +.. _`described here`: https://kennethreitz.org/essays/2012/the_future_of_python_http .. _`urllib3`: https://github.com/urllib3/urllib3 .. _`urllib3.util.Retry`: https://urllib3.readthedocs.io/en/stable/reference/urllib3.util.html#urllib3.util.Retry From a7e1c745dc23c18e836febd672416ed0c5d8d8ae Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Sat, 31 May 2025 11:59:51 -0500 Subject: [PATCH 157/164] Update docs/conf.py Co-authored-by: Nate Prewitt --- docs/conf.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/conf.py b/docs/conf.py index 150029fd68..9b81db0810 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -58,7 +58,7 @@ # General information about the project. project = u"Requests" -copyright = u'MMXVIX. A Kenneth Reitz Project' +copyright = u'MMXVIX. A Kenneth Reitz Project' author = u"Kenneth Reitz" # The version info for the project you're documenting, acts as replacement for From 6716d7c9f29df636643fa2489f98890216525cb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20Swe=C3=B1a?= Date: Sun, 1 Jun 2025 09:03:51 -0500 Subject: [PATCH 158/164] remove links --- docs/dev/contributing.rst | 20 +++++++++----------- docs/user/advanced.rst | 9 +++------ 2 files changed, 12 insertions(+), 17 deletions(-) diff --git a/docs/dev/contributing.rst b/docs/dev/contributing.rst index 8132c0246c..214e2b48ce 100644 --- a/docs/dev/contributing.rst +++ b/docs/dev/contributing.rst @@ -22,19 +22,17 @@ The guide is split into sections based on the type of contribution you're thinking of making, with a section that covers general guidelines for all contributors. -Be Cordial ----------- +Code of Conduct +--------------- - **Be cordial or be on your way**. *—Kenneth Reitz* +The Python community is made up of members from around the globe with a diverse +set of skills, personalities, and experiences. It is through these differences +that our community experiences great successes and continued growth. When you're +working with members of the community, follow the +`Python Software Foundation Code of Conduct`_ to help steer your interactions +and keep Python a positive, successful, and growing community. -Requests has one very important rule governing all forms of contribution, -including reporting bugs or requesting features. This golden rule is -"`be cordial or be on your way`_". - -**All contributions are welcome**, as long as -everyone involved is treated with respect. - -.. _be cordial or be on your way: https://kennethreitz.org/essays/2013/be_cordial_or_be_on_your_way +.. _Python Software Foundation Code of Conduct: https://policies.python.org/python.org/code-of-conduct/ .. _early-feedback: diff --git a/docs/user/advanced.rst b/docs/user/advanced.rst index 7bf913d6e6..2ff0c7dfbf 100644 --- a/docs/user/advanced.rst +++ b/docs/user/advanced.rst @@ -969,11 +969,9 @@ Requests will automatically parse these link headers and make them easily consum Transport Adapters ------------------ -As of v1.0.0, Requests has moved to a modular internal design. Part of the -reason this was done was to implement Transport Adapters, originally -`described here`_. Transport Adapters provide a mechanism to define interaction -methods for an HTTP service. In particular, they allow you to apply per-service -configuration. +As of v1.0.0, Requests has moved to a modular internal design using Transport +Adapters. These objects provide a mechanism to define interaction methods for an +HTTP service. In particular, they allow you to apply per-service configuration. Requests ships with a single Transport Adapter, the :class:`HTTPAdapter `. This adapter provides the default Requests @@ -1053,7 +1051,6 @@ backoff, within a Requests :class:`Session ` using the ) s.mount('https://', HTTPAdapter(max_retries=retries)) -.. _`described here`: https://kennethreitz.org/essays/2012/the_future_of_python_http .. _`urllib3`: https://github.com/urllib3/urllib3 .. _`urllib3.util.Retry`: https://urllib3.readthedocs.io/en/stable/reference/urllib3.util.html#urllib3.util.Retry From 96ba401c1296ab1dda74a2365ef36d88f7d144ef Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 25 Sep 2024 08:03:20 -0700 Subject: [PATCH 159/164] Only use hostname to do netrc lookup instead of netloc --- src/requests/utils.py | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/src/requests/utils.py b/src/requests/utils.py index 699683e5d9..8a307ca8a0 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -236,13 +236,7 @@ def get_netrc_auth(url, raise_errors=False): return ri = urlparse(url) - - # Strip port numbers from netloc. This weird `if...encode`` dance is - # used for Python 3.2, which doesn't support unicode literals. - splitstr = b":" - if isinstance(url, str): - splitstr = splitstr.decode("ascii") - host = ri.netloc.split(splitstr)[0] + host = ri.hostname try: _netrc = netrc(netrc_path).authenticators(host) From 7bc45877a86192af77645e156eb3744f95b47dae Mon Sep 17 00:00:00 2001 From: danigm Date: Thu, 5 Jun 2025 13:21:46 +0200 Subject: [PATCH 160/164] Add new test to check netrc auth leak (#6962) This patch adds a new test that reproduces the security issue reported here: https://seclists.org/oss-sec/2025/q2/204 Doing a request to a malicious url with a prefix like "domain.com:@" will use the "domain.com" netrc credentials in the request to other domain. --- tests/test_requests.py | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/tests/test_requests.py b/tests/test_requests.py index c1634eb725..75d2deff2e 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -7,6 +7,7 @@ import os import pickle import re +import tempfile import threading import warnings from unittest import mock @@ -704,6 +705,36 @@ def get_netrc_auth_mock(url): finally: requests.sessions.get_netrc_auth = old_auth + def test_basicauth_with_netrc_leak(self, httpbin): + url1 = httpbin("basic-auth", "user", "pass") + url = url1[len("http://") :] + domain = url.split(":")[0] + url = f"http://example.com:@{url}" + + netrc_file = "" + with tempfile.NamedTemporaryFile(mode="w", delete=False) as fp: + fp.write("machine example.com\n") + fp.write("login wronguser\n") + fp.write("password wrongpass\n") + fp.write(f"machine {domain}\n") + fp.write("login user\n") + fp.write("password pass\n") + fp.close() + netrc_file = fp.name + + old_netrc = os.environ.get("NETRC", "") + os.environ["NETRC"] = netrc_file + + try: + # Should use netrc + # Make sure that we don't use the example.com credentails + # for the request + r = requests.get(url) + assert r.status_code == 200 + finally: + os.environ["NETRC"] = old_netrc + os.unlink(netrc_file) + def test_DIGEST_HTTP_200_OK_GET(self, httpbin): for authtype in self.digest_auth_algo: auth = HTTPDigestAuth("user", "pass") From 5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arthur=20Woimb=C3=A9e?= Date: Thu, 5 Jun 2025 16:55:33 +0200 Subject: [PATCH 161/164] Add more tests to prevent regression of CVE 2024 47081 Remove workaround not needed since py38 for os.path.expanduser. --- src/requests/utils.py | 9 +-------- tests/test_utils.py | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/src/requests/utils.py b/src/requests/utils.py index 8a307ca8a0..8ab55852cc 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -219,14 +219,7 @@ def get_netrc_auth(url, raise_errors=False): netrc_path = None for f in netrc_locations: - try: - loc = os.path.expanduser(f) - except KeyError: - # os.path.expanduser can fail when $HOME is undefined and - # getpwuid fails. See https://bugs.python.org/issue20164 & - # https://github.com/psf/requests/issues/1846 - return - + loc = os.path.expanduser(f) if os.path.exists(loc): netrc_path = loc break diff --git a/tests/test_utils.py b/tests/test_utils.py index 5e9b56ea64..f9a287af1b 100644 --- a/tests/test_utils.py +++ b/tests/test_utils.py @@ -23,6 +23,7 @@ get_encoding_from_headers, get_encodings_from_content, get_environ_proxies, + get_netrc_auth, guess_filename, guess_json_utf, is_ipv4_address, @@ -152,6 +153,24 @@ def test_super_len_with_no_matches(self): assert super_len(object()) == 0 +class TestGetNetrcAuth: + def test_works(self, tmp_path, monkeypatch): + netrc_path = tmp_path / ".netrc" + monkeypatch.setenv("NETRC", str(netrc_path)) + with open(netrc_path, "w") as f: + f.write("machine example.com login aaaa password bbbb\n") + auth = get_netrc_auth("http://example.com/thing") + assert auth == ("aaaa", "bbbb") + + def test_not_vulnerable_to_bad_url_parsing(self, tmp_path, monkeypatch): + netrc_path = tmp_path / ".netrc" + monkeypatch.setenv("NETRC", str(netrc_path)) + with open(netrc_path, "w") as f: + f.write("machine example.com login aaaa password bbbb\n") + auth = get_netrc_auth("http://example.com:@evil.com/'") + assert auth is None + + class TestToKeyValList: @pytest.mark.parametrize( "value, expected", From 59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401 Mon Sep 17 00:00:00 2001 From: Piotr Szlazak <11884243+pszlazak@users.noreply.github.com> Date: Sun, 8 Jun 2025 19:47:55 +0200 Subject: [PATCH 162/164] Add netrc file search information to authentication documentation (#6876) --- docs/user/authentication.rst | 10 ++++++++++ docs/user/quickstart.rst | 1 + 2 files changed, 11 insertions(+) diff --git a/docs/user/authentication.rst b/docs/user/authentication.rst index 0737bd319a..76be9cccaf 100644 --- a/docs/user/authentication.rst +++ b/docs/user/authentication.rst @@ -44,6 +44,16 @@ set with `headers=`. If credentials for the hostname are found, the request is sent with HTTP Basic Auth. +Requests will search for the netrc file at `~/.netrc`, `~/_netrc`, or at the path +specified by the `NETRC` environment variable. `~` denotes the user's home +directory, which is `$HOME` on Unix based systems and `%USERPROFILE%` on Windows. + +Usage of netrc file can be disabled by setting `trust_env` to `False` in the +Requests session:: + + >>> s = requests.Session() + >>> s.trust_env = False + >>> s.get('https://httpbin.org/basic-auth/user/pass') Digest Authentication --------------------- diff --git a/docs/user/quickstart.rst b/docs/user/quickstart.rst index 33c2732c7f..3755d26239 100644 --- a/docs/user/quickstart.rst +++ b/docs/user/quickstart.rst @@ -222,6 +222,7 @@ Note: Custom headers are given less precedence than more specific sources of inf are specified in ``.netrc``, which in turn will be overridden by the ``auth=`` parameter. Requests will search for the netrc file at `~/.netrc`, `~/_netrc`, or at the path specified by the `NETRC` environment variable. + Check details in :ref:`netrc authentication `. * Authorization headers will be removed if you get redirected off-host. * Proxy-Authorization headers will be overridden by proxy credentials provided in the URL. * Content-Length headers will be overridden when we can determine the length of the content. From 821770e822a20a21b207b3907ea83878bda1d396 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Mon, 9 Jun 2025 10:21:47 -0500 Subject: [PATCH 163/164] Bump version and add release notes for v2.32.4 --- HISTORY.md | 11 +++++++++++ src/requests/__version__.py | 4 ++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 582060ee11..ed4d652b1a 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,17 @@ dev - \[Short description of non-trivial change.\] +2.32.4 (2025-06-10) +------------------- + +**Security** +- CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted + environment will retrieve credentials for the wrong hostname/machine from a + netrc file. + +**Improvements** +- Numerous documentation improvements + **Deprecations** - Added support for pypy 3.11 for Linux and macOS. - Dropped support for pypy 3.9 following its end of support. diff --git a/src/requests/__version__.py b/src/requests/__version__.py index 2c105aca7d..3128a4644e 100644 --- a/src/requests/__version__.py +++ b/src/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.32.3" -__build__ = 0x023203 +__version__ = "2.32.4" +__build__ = 0x023204 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache-2.0" From 021dc729f0b71a3030cefdbec7fb57a0e80a6cfd Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Mon, 9 Jun 2025 11:26:42 -0500 Subject: [PATCH 164/164] Polish up release tooling for last manual release --- Makefile | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 192b926853..6fa4152526 100644 --- a/Makefile +++ b/Makefile @@ -16,10 +16,13 @@ flake8: coverage: python -m pytest --cov-config .coveragerc --verbose --cov-report term --cov-report xml --cov=src/requests tests -publish: - python -m pip install 'twine>=1.5.0' - python setup.py sdist bdist_wheel - twine upload dist/* +.publishenv: + python -m venv .publishenv + .publishenv/bin/pip install 'twine>=1.5.0' build + +publish: .publishenv + .publishenv/bin/python -m build + .publishenv/bin/python twine upload --skip-existing dist/* rm -fr build dist .egg requests.egg-info docs: