Merge branch 'feature/UpdateUrllib3' into develop

5 years ago · e13f7ba83e
8 changed files with 20 additions and 59 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -15,7 +15,7 @@
 * Update Requests library 2.22.0 (3d968ff) to 2.23.0 (b7c6aba)
 * Update Six compatibility library 1.13.0 (ec58185) to 1.14.0 (3a3db75)
 * Update Tornado_py3 Web Server 6.0.3 (ff985fe) to 6.0.4 (b4e39e5)
-* Update urllib3 release 1.25.6 (4a6c288) to 1.25.7 (37ba61a)
+* Update urllib3 release 1.25.6 (4a6c288) to 1.25.8 (2a57bc5)
 * Add Telegram notifier
 * Change enable image caching on browse pages
 * Change update sceneNameCache after scene names are updated
@ -30,6 +30,7 @@
 * Change remove deprecated `buildNameCache`
 * Update Requests library 2.22.0 (3d968ff) to 2.22.0 (d2f65af)
 * Update Tornado_py3 Web Server 6.0.3 (ff985fe) to 6.1.dev1 (18b653c)
+* Update urllib3 release 1.25.6 (4a6c288) to 1.25.7 (37ba61a)


 ### 0.21.20 (2019-03-11 18:35:00 UTC)
--- a/lib/urllib3/init.py
+++ b/lib/urllib3/init.py
@ -22,7 +22,7 @@ from logging import NullHandler

 __author__ = "Andrey Petrov (andrey.petrov@shazow.net)"
 __license__ = "MIT"
-__version__ = "1.25.7"
+__version__ = "1.25.8"

 __all__ = (
    "HTTPConnectionPool",
--- a/lib/urllib3/connection.py
+++ b/lib/urllib3/connection.py
@ -251,40 +251,6 @@ class HTTPSConnection(HTTPConnection):
        # HTTPS requests to go out as HTTP. (See Issue #356)
        self._protocol = "https"

-    def connect(self):
-        conn = self._new_conn()
-        self._prepare_conn(conn)
-
-        # Wrap socket using verification with the root certs in
-        # trusted_root_certs
-        default_ssl_context = False
-        if self.ssl_context is None:
-            default_ssl_context = True
-            self.ssl_context = create_urllib3_context(
-                ssl_version=resolve_ssl_version(self.ssl_version),
-                cert_reqs=resolve_cert_reqs(self.cert_reqs),
-            )
-
-        # Try to load OS default certs if none are given.
-        # Works well on Windows (requires Python3.4+)
-        context = self.ssl_context
-        if (
-            not self.ca_certs
-            and not self.ca_cert_dir
-            and default_ssl_context
-            and hasattr(context, "load_default_certs")
-        ):
-            context.load_default_certs()
-
-        self.sock = ssl_wrap_socket(
-            sock=conn,
-            keyfile=self.key_file,
-            certfile=self.cert_file,
-            key_password=self.key_password,
-            ssl_context=self.ssl_context,
-            server_hostname=self.server_hostname,
-        )
-

 class VerifiedHTTPSConnection(HTTPSConnection):
    """
--- a/lib/urllib3/connectionpool.py
+++ b/lib/urllib3/connectionpool.py
@ -996,10 +996,10 @@ class HTTPSConnectionPool(HTTPConnectionPool):
        if not conn.is_verified:
            warnings.warn(
                (
-                    "Unverified HTTPS request is being made. "
+                    "Unverified HTTPS request is being made to host '%s'. "
                    "Adding certificate verification is strongly advised. See: "
                    "https://urllib3.readthedocs.io/en/latest/advanced-usage.html"
-                    "#ssl-warnings"
+                    "#ssl-warnings" % conn.host
                ),
                InsecureRequestWarning,
            )
--- a/lib/urllib3/contrib/_appengine_environ.py
+++ b/lib/urllib3/contrib/_appengine_environ.py
@ -6,7 +6,7 @@ import os


 def is_appengine():
-    return "APPENGINE_RUNTIME" in os.environ
+    return is_local_appengine() or is_prod_appengine()


 def is_appengine_sandbox():
@ -20,15 +20,15 @@ def is_appengine_sandbox():


 def is_local_appengine():
-    return is_appengine() and os.environ.get("SERVER_SOFTWARE", "").startswith(
-        "Development/"
-    )
+    return "APPENGINE_RUNTIME" in os.environ and os.environ.get(
+        "SERVER_SOFTWARE", ""
+    ).startswith("Development/")


 def is_prod_appengine():
-    return is_appengine() and os.environ.get("SERVER_SOFTWARE", "").startswith(
-        "Google App Engine/"
-    )
+    return "APPENGINE_RUNTIME" in os.environ and os.environ.get(
+        "SERVER_SOFTWARE", ""
+    ).startswith("Google App Engine/")


 def is_prod_appengine_mvms():
--- a/lib/urllib3/response.py
+++ b/lib/urllib3/response.py
@ -792,7 +792,7 @@ class HTTPResponse(io.IOBase):
            return self._request_url

    def __iter__(self):
-        buffer = [b""]
+        buffer = []
        for chunk in self.stream(decode_content=True):
            if b"\n" in chunk:
                chunk = chunk.split(b"\n")
--- a/lib/urllib3/util/ssl_.py
+++ b/lib/urllib3/util/ssl_.py
@ -182,7 +182,7 @@ def resolve_cert_reqs(candidate):
    """
    Resolves the argument to a numeric constant, which can be passed to
    the wrap_socket function/method from the ssl module.
-    Defaults to :data:`ssl.CERT_NONE`.
+    Defaults to :data:`ssl.CERT_REQUIRED`.
    If given a string it is assumed to be the name of the constant in the
    :mod:`ssl` module or its abbreviation.
    (So you can specify `REQUIRED` instead of `CERT_REQUIRED`.
--- a/lib/urllib3/util/url.py
+++ b/lib/urllib3/util/url.py
@ -216,18 +216,15 @@ def _encode_invalid_chars(component, allowed_chars, encoding="utf-8"):

    component = six.ensure_text(component)

+    # Normalize existing percent-encoded bytes.
    # Try to see if the component we're encoding is already percent-encoded
    # so we can skip all '%' characters but still encode all others.
-    percent_encodings = PERCENT_RE.findall(component)
-
-    # Normalize existing percent-encoded bytes.
-    for enc in percent_encodings:
-        if not enc.isupper():
-            component = component.replace(enc, enc.upper())
+    component, percent_encodings = PERCENT_RE.subn(
+        lambda match: match.group(0).upper(), component
+    )

    uri_bytes = component.encode("utf-8", "surrogatepass")
-    is_percent_encoded = len(percent_encodings) == uri_bytes.count(b"%")
-
+    is_percent_encoded = percent_encodings == uri_bytes.count(b"%")
    encoded_component = bytearray()

    for i in range(0, len(uri_bytes)):
@ -237,7 +234,7 @@ def _encode_invalid_chars(component, allowed_chars, encoding="utf-8"):
        if (is_percent_encoded and byte == b"%") or (
            byte_ord < 128 and byte.decode() in allowed_chars
        ):
-            encoded_component.extend(byte)
+            encoded_component += byte
            continue
        encoded_component.extend(b"%" + (hex(byte_ord)[2:].encode().zfill(2).upper()))

@ -322,9 +319,6 @@ def _idna_encode(name):

 def _encode_target(target):
    """Percent-encodes a request target so that there are no invalid characters"""
-    if not target.startswith("/"):
-        return target
-
    path, query = TARGET_RE.match(target).groups()
    target = _encode_invalid_chars(path, PATH_CHARS)
    query = _encode_invalid_chars(query, QUERY_CHARS)