- Update from 1.26.7 to 1.26.9
- Update of rootfile
- Changelog
1.26.9 (2022-03-16)
* Changed ``urllib3[brotli]`` extra to favor installing Brotli libraries that are still
receiving updates like ``brotli`` and ``brotlicffi`` instead of ``brotlipy``.
This change does not impact behavior of urllib3, only which dependencies are installed.
* Fixed a socket leaking when ``HTTPSConnection.connect()`` raises an exception.
* Fixed ``server_hostname`` being forwarded from ``PoolManager`` to ``HTTPConnectionPool``
when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL.
1.26.8 (2022-01-07)
* Added extra message to ``urllib3.exceptions.ProxyError`` when urllib3 detects that
a proxy is configured to use HTTPS but the proxy itself appears to only use HTTP.
* Added a mention of the size of the connection pool when discarding a connection due to the pool being full.
* Added explicit support for Python 3.11.
* Deprecated the ``Retry.MAX_BACKOFF`` class property in favor of ``Retry.DEFAULT_MAX_BACKOFF``
to better match the rest of the default parameter names. ``Retry.MAX_BACKOFF`` is removed in v2.0.
* Changed location of the vendored ``ssl.match_hostname`` function from ``urllib3.packages.ssl_match_hostname``
to ``urllib3.util.ssl_match_hostname`` to ensure Python 3.10+ compatibility after being repackaged
by downstream distributors.
* Fixed absolute imports, all imports are now relative.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Historically, the MD5 checksums in our LFS files serve as a protection
against broken downloads, or accidentally corrupted source files.
While the sources are nowadays downloaded via HTTPS, it make sense to
beef up integrity protection for them, since transparently intercepting
TLS is believed to be feasible for more powerful actors, and the state
of the public PKI ecosystem is clearly not helping.
Therefore, this patch switches from MD5 to BLAKE2, updating all LFS
files as well as make.sh to deal with this checksum algorithm. BLAKE2 is
notably faster (and more secure) than SHA2, so the performance penalty
introduced by this patch is negligible, if noticeable at all.
In preparation of this patch, the toolchain files currently used have
been supplied with BLAKE2 checksums as well on
https://source.ipfire.org/.
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Acked-by: Michael Tremer <michael.tremeripfire.org>
* Add a Summary and Services field to all pak lfs files
* Replace occurances of INSTALL_INITSCRIPT with new INSTALL_INITSCRIPTS
macro in all pak lfs files.
Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
- Update from 1.26.2 to 1.27.7
- Update of rootfile
- Changelog
1.26.7 (2021-09-22)
* Fixed a bug with HTTPS hostname verification involving IP addresses and lack
of SNI. (Issue #2400)
* Fixed a bug where IPv6 braces weren't stripped during certificate hostname
matching. (Issue #2240)
1.26.6 (2021-06-25)
* Deprecated the ``urllib3.contrib.ntlmpool`` module. urllib3 is not able to support
it properly due to `reasons listed in this issue <https://github.com/urllib3/urllib3/issues/2282>`_.
If you are a user of this module please leave a comment.
* Changed ``HTTPConnection.request_chunked()`` to not erroneously emit multiple
``Transfer-Encoding`` headers in the case that one is already specified.
* Fixed typo in deprecation message to recommend ``Retry.DEFAULT_ALLOWED_METHODS``.
1.26.5 (2021-05-26)
* Fixed deprecation warnings emitted in Python 3.10.
* Updated vendored ``six`` library to 1.16.0.
* Improved performance of URL parser when splitting
the authority component.
1.26.4 (2021-03-15)
* Changed behavior of the default ``SSLContext`` when connecting to HTTPS proxy
during HTTPS requests. The default ``SSLContext`` now sets ``check_hostname=True``.
1.26.3 (2021-01-26)
* Fixed bytes and string comparison issue with headers (Pull #2141)
* Changed ``ProxySchemeUnknown`` error message to be
more actionable if the user supplies a proxy URL without
a scheme. (Pull #2107)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
