From 834a9601c3eb3291558ef8d1c16a92b376bf49e0 Mon Sep 17 00:00:00 2001 From: Cory Benfield Date: Sat, 19 Dec 2015 08:40:39 +0000 Subject: [PATCH] Update urllib3 to 1.13.1 --- requests/packages/urllib3/__init__.py | 2 +- requests/packages/urllib3/connection.py | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/requests/packages/urllib3/__init__.py b/requests/packages/urllib3/__init__.py index 43c88b14..e43991a9 100644 --- a/requests/packages/urllib3/__init__.py +++ b/requests/packages/urllib3/__init__.py @@ -32,7 +32,7 @@ except ImportError: __author__ = 'Andrey Petrov (andrey.petrov@shazow.net)' __license__ = 'MIT' -__version__ = '1.13' +__version__ = '1.13.1' __all__ = ( 'HTTPConnectionPool', diff --git a/requests/packages/urllib3/connection.py b/requests/packages/urllib3/connection.py index bb7f3e55..1e4cd417 100644 --- a/requests/packages/urllib3/connection.py +++ b/requests/packages/urllib3/connection.py @@ -265,7 +265,16 @@ class VerifiedHTTPSConnection(HTTPSConnection): 'for details.)'.format(hostname)), SubjectAltNameWarning ) - match_hostname(cert, self.assert_hostname or hostname) + + # In case the hostname is an IPv6 address, strip the square + # brackets from it before using it to validate. This is because + # a certificate with an IPv6 address in it won't have square + # brackets around that address. Sadly, match_hostname won't do this + # for us: it expects the plain host part without any extra work + # that might have been done to make it palatable to httplib. + asserted_hostname = self.assert_hostname or hostname + asserted_hostname = asserted_hostname.strip('[]') + match_hostname(cert, asserted_hostname) self.is_verified = (resolved_cert_reqs == ssl.CERT_REQUIRED or self.assert_fingerprint is not None)