[Bug 1500768] Re: python3.4.3 SRU break requests

Sebastien Bacher seb128 at ubuntu.com
Tue Oct 6 14:39:19 UTC 2015 

you can't introduce regressions or incompatible changes in a LTS and
then trying to deal with those through -backport, some users could have
production code relying on us that needs to keep working, behaviour
changes don't have their place in stable updates even if that's to fix
bugs. If there are cases which can't be fixed we should probably revert
and suggest users who want those fixes to update to more recent Ubuntu
versions

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to python3.4 in Ubuntu.
https://bugs.launchpad.net/bugs/1500768

Title:
  python3.4.3 SRU break requests

Status in python3.4 package in Ubuntu:
  Triaged
Status in python3.4 source package in Trusty:
  Triaged

Bug description:
  Sicne the upgade to python 3.4.3 on trusty, I'm getting this error when using a squid proxy:
  https://jenkins.qa.ubuntu.com/view/All/job/udtc-trusty-tests/1946/label=ps-trusty-desktop-amd64-1,type=large/testReport/tests.large.test_android/AndroidSDKTests/test_default_android_sdk_install/

  The code is using python-requests, with verify=True for ssl connection
  (default). Some tests are testing that invalid certificates are
  rejected:  https://github.com/ubuntu/ubuntu-
  make/blob/master/umake/network/download_center.py#L129

  Rerunning the same code with previous trusty package (3.4.0~trusty1)
  doesn't show up this issue. It seems that SNI is broken for the trusty
  version of python3-requests with 3.4.3. (See the FAQ http://www
  .python-requests.org/en/latest/community/faq/ with "What are “hostname
  doesn’t match” errors?" and the stackoverflow question.

  I did run a test, grabbing requests 2.7 and backporting it to trusty
  (I needed to as well to take python3-urllib3 willy version).

  So, 3.4.3 has an incompatible change for existing projects and people
  with proxys are starting to see some breakage like in
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-make/+bug/1499890.

  Can we get it fix somehow, reverting the incompatible change breaking
  SNI (I wonder if this is "Changed in version 3.4.3: This class now
  performs all the necessary certificate and hostname checks by default.
  To revert to the previous, unverified, behavior
  ssl._create_unverified_context() can be passed to the context
  parameter." in https://docs.python.org/3/library/http.client.html or
  something else) so that existing code can either get a new compatible
  python-requests or avoid incompatible changes in python 3.4.3?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python3.4/+bug/1500768/+subscriptions

More information about the foundations-bugs mailing list