Ubuntu
python-urllib3 package

Merge lp:~matsubara/ubuntu/trusty/python-urllib3/bug-1412545 into lp:ubuntu/trusty/python-urllib3

  1. Trusty (14.04)
  2. bug-1412545
  3. Merge into trusty
Proposed by Diogo Matsubara
Status: Merged
Merge reported by: Robie Basak
Merged at revision: not available
Proposed branch: lp:~matsubara/ubuntu/trusty/python-urllib3/bug-1412545
Merge into: lp:ubuntu/trusty/python-urllib3
Diff against target: 95 lines (+75/-0)
3 files modified
debian/changelog (+8/-0)
debian/patches/05_backport_proxy_fix.patch (+66/-0)
debian/patches/series (+1/-0)
To merge this branch: bzr merge lp:~matsubara/ubuntu/trusty/python-urllib3/bug-1412545
Reviewer Review Type Date Requested Status
Robie Basak Needs Fixing
Review via email: mp+247593@code.launchpad.net

Description of the change

This is an attempt to backport the fix for bug LP #1412545.
The issue in the trusty version is that when users are behind a proxy and the
connection is dropped, the library stops using the proxy. The fix has been
committed on 1c30a1f3 python-urllib3 upstream code and released on 1.8.3.

To post a comment you must log in.
Revision history for this message
Robie Basak (racb) wrote :

Assuming the patch works, the packaging changes look good.

A few minor corrections:

Please use 1.7.1-1ubuntu0.1 as the version number from an SRU (taken from https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging, which is recommended from https://wiki.ubuntu.com/StableReleaseUpdates#Procedure).

Please can you add dep3 headers to the quilt patch? Described at http://dep.debian.net/deps/dep3/, these make it easier for other developers to track where the patch came from and what its current status is. I'm sorry if I failed to mention this in our Hangout.

Finally, please can you check step 3 in https://wiki.ubuntu.com/StableReleaseUpdates#Procedure? The SRU team will need this to process the upload, so we don't upload until all steps before step 5 are complete. As you backported the patch you're probably the best person to assess the potential for regressions and pass this information on the SRU team.

Thanks!

review: Needs Fixing
lp:~matsubara/ubuntu/trusty/python-urllib3/bug-1412545 updated
13. By Diogo Matsubara

review comments: fix package versioning, add dep3 headers to patch

Revision history for this message
Diogo Matsubara (matsubara) wrote :

Hi Robie,

thanks for the review!

> Assuming the patch works, the packaging changes look good.
>
> A few minor corrections:
>
> Please use 1.7.1-1ubuntu0.1 as the version number from an SRU (taken from
> https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging,
> which is recommended from
> https://wiki.ubuntu.com/StableReleaseUpdates#Procedure).

Done.

>
> Please can you add dep3 headers to the quilt patch? Described at
> http://dep.debian.net/deps/dep3/, these make it easier for other developers to
> track where the patch came from and what its current status is. I'm sorry if I
> failed to mention this in our Hangout.

You did mention, I forgot to update it but have done so now.

>
> Finally, please can you check step 3 in
> https://wiki.ubuntu.com/StableReleaseUpdates#Procedure? The SRU team will need
> this to process the upload, so we don't upload until all steps before step 5
> are complete. As you backported the patch you're probably the best person to
> assess the potential for regressions and pass this information on the SRU
> team.

Done.

lp:~matsubara/ubuntu/trusty/python-urllib3/bug-1412545 updated
14. By Diogo Matsubara

review comments: fix dep3 headers

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'debian/changelog'
--- debian/changelog 2014-02-23 13:53:23 +0000
+++ debian/changelog 2015-01-28 15:47:21 +0000
@@ -1,3 +1,11 @@
1python-urllib3 (1.7.1-1ubuntu0.1) UNRELEASED; urgency=medium
2
3 * debian/patches/05_backport_proxy_fix.patch: Backport upstream fix 1c30a1f3
4 from 1.8.3 release. Fixes the issue when a dropped connection makes
5 further connections ignore the proxy. (LP: #1412545)
6
7 -- Diogo Matsubara <diogo.matsubara@canonical.com> Mon, 26 Jan 2015 12:02:13 -0200
8
1python-urllib3 (1.7.1-1build1) trusty; urgency=medium9python-urllib3 (1.7.1-1build1) trusty; urgency=medium
210
3 * Rebuild to drop files installed into /usr/share/pyshared.11 * Rebuild to drop files installed into /usr/share/pyshared.
412
=== added file 'debian/patches/05_backport_proxy_fix.patch'
--- debian/patches/05_backport_proxy_fix.patch 1970-01-01 00:00:00 +0000
+++ debian/patches/05_backport_proxy_fix.patch 2015-01-28 15:47:21 +0000
@@ -0,0 +1,66 @@
1Description: Backport upstream fix to deal with dropped connections that
2 ignore proxy settings.
3Origin: backport, https://github.com/shazow/urllib3/commit/1c30a1f3a4af9591f480a338f75221bdf5ca48da
4Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/python-urllib3/+bug/1412545
5
6Index: trusty/urllib3/connectionpool.py
7===================================================================
8--- trusty.orig/urllib3/connectionpool.py 2015-01-26 11:59:47.871036000 -0200
9+++ trusty/urllib3/connectionpool.py 2015-01-26 12:01:56.137278695 -0200
10@@ -122,6 +122,7 @@
11 # Calls self._set_hostport(), so self.host is
12 # self._tunnel_host below.
13 self._tunnel()
14+ self.auto_open = 0
15
16 # Wrap socket using verification with the root certs in
17 # trusted_root_certs
18@@ -260,10 +261,18 @@
19 if not six.PY3: # Python 2
20 extra_params['strict'] = self.strict
21
22- return HTTPConnection(host=self.host, port=self.port,
23+ conn = HTTPConnection(host=self.host, port=self.port,
24 timeout=self.timeout.connect_timeout,
25 **extra_params)
26
27+ # Backport fix LP #1412545
28+ if getattr(conn, '_tunnel_host', None):
29+ # TODO: Fix tunnel so it doesn't depend on self.sock state.
30+ conn._tunnel()
31+ # Mark this connection as not reusable
32+ conn.auto_open = 0
33+
34+ return conn
35
36 def _get_conn(self, timeout=None):
37 """
38@@ -295,6 +304,12 @@
39 if conn and is_connection_dropped(conn):
40 log.info("Resetting dropped connection: %s" % self.host)
41 conn.close()
42+ if getattr(conn, 'auto_open', 1) == 0:
43+ # This is a proxied connection that has been mutated by
44+ # httplib._tunnel() and cannot be reused (since it would
45+ # attempt to bypass the proxy)
46+ conn = None
47+
48
49 return conn or self._new_conn()
50
51Index: trusty/urllib3/util.py
52===================================================================
53--- trusty.orig/urllib3/util.py 2015-01-26 11:59:47.871036000 -0200
54+++ trusty/urllib3/util.py 2015-01-26 12:01:56.141278695 -0200
55@@ -479,8 +479,10 @@
56 let the platform handle connection recycling transparently for us.
57 """
58 sock = getattr(conn, 'sock', False)
59- if not sock: # Platform-specific: AppEngine
60+ if sock is False: # Platform-specific: AppEngine
61 return False
62+ if sock is None: # Connection already closed (such as by httplib).
63+ return True
64
65 if not poll:
66 if not select: # Platform-specific: AppEngine
067
=== modified file 'debian/patches/series'
--- debian/patches/series 2013-10-17 13:28:10 +0000
+++ debian/patches/series 2015-01-28 15:47:21 +0000
@@ -2,3 +2,4 @@
202_require-cert-verification.patch202_require-cert-verification.patch
303_no-setuptools.patch303_no-setuptools.patch
404_relax_nosetests_options.patch404_relax_nosetests_options.patch
505_backport_proxy_fix.patch

Subscribers

People subscribed via source and target branches