Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: psf/requests
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.32.1
Choose a base ref
...
head repository: psf/requests
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v2.32.2
Choose a head ref
  • 4 commits
  • 3 files changed
  • 1 contributor

Commits on May 21, 2024

  1. Move _get_connection to get_connection_with_tls_context

    @nateprewitt
    nateprewitt committed May 21, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    aa1461b View commit details

  2. Add deprecation warning

    @nateprewitt
    nateprewitt committed May 21, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    92075b3 View commit details

  3. Merge pull request #6710 from nateprewitt/api_rename 

    Move _get_connection to get_connection_with_tls_context
    @nateprewitt
    nateprewitt authored May 21, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    c98e4d1 View commit details

  4. v2.32.2

    @nateprewitt
    nateprewitt authored May 21, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    88dce9d View commit details
Showing with 47 additions and 8 deletions.
  1. +14 −0 HISTORY.md
  2. +2 −2 src/requests/__version__.py
  3. +31 −6 src/requests/adapters.py
14 changes: 14 additions & 0 deletions HISTORY.md
View file
Original file line number Diff line number Diff line change
@@ -6,6 +6,20 @@ dev

- \[Short description of non-trivial change.\]

2.32.2 (2024-05-21)
-------------------

**Deprecations**
- To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed `_get_connection` to
a new public API, `get_connection_with_tls_context`. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
`get_connection` is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)
-------------------

4 changes: 2 additions & 2 deletions src/requests/__version__.py
View file
Original file line number Diff line number Diff line change
@@ -5,8 +5,8 @@
__title__ = "requests"
__description__ = "Python HTTP for Humans."
__url__ = "https://requests.readthedocs.io"
__version__ = "2.32.1"
__build__ = 0x023201
__version__ = "2.32.2"
__build__ = 0x023202
__author__ = "Kenneth Reitz"
__author_email__ = "me@kennethreitz.org"
__license__ = "Apache-2.0"
37 changes: 31 additions & 6 deletions src/requests/adapters.py
View file
Original file line number Diff line number Diff line change
@@ -9,6 +9,7 @@
import os.path
import socket # noqa: F401
import typing
import warnings

from urllib3.exceptions import ClosedPoolError, ConnectTimeoutError
from urllib3.exceptions import HTTPError as _HTTPError
@@ -374,10 +375,20 @@ def build_response(self, req, resp):

return response

def _get_connection(self, request, verify, proxies=None, cert=None):
# Replace the existing get_connection without breaking things and
# ensure that TLS settings are considered when we interact with
# urllib3 HTTP Pools
def get_connection_with_tls_context(self, request, verify, proxies=None, cert=None):
"""Returns a urllib3 connection for the given request and TLS settings.
This should not be called from user code, and is only exposed for use
when subclassing the :class:`HTTPAdapter <requests.adapters.HTTPAdapter>`.
:param request: The :class:`PreparedRequest <PreparedRequest>` object
to be sent over the connection.
:param verify: Either a boolean, in which case it controls whether
we verify the server's TLS certificate, or a string, in which case it
must be a path to a CA bundle to use.
:param proxies: (optional) The proxies dictionary to apply to the request.
:param cert: (optional) Any user-provided SSL certificate to be trusted.
:rtype: urllib3.ConnectionPool
"""
proxy = select_proxy(request.url, proxies)
try:
host_params, pool_kwargs = _urllib3_request_context(request, verify, cert)
@@ -404,14 +415,26 @@ def _get_connection(self, request, verify, proxies=None, cert=None):
return conn

def get_connection(self, url, proxies=None):
"""Returns a urllib3 connection for the given URL. This should not be
"""DEPRECATED: Users should move to `get_connection_with_tls_context`
for all subclasses of HTTPAdapter using Requests>=2.32.2.
Returns a urllib3 connection for the given URL. This should not be
called from user code, and is only exposed for use when subclassing the
:class:`HTTPAdapter <requests.adapters.HTTPAdapter>`.
:param url: The URL to connect to.
:param proxies: (optional) A Requests-style dictionary of proxies used on this request.
:rtype: urllib3.ConnectionPool
"""
warnings.warn(
(
"`get_connection` has been deprecated in favor of "
"`get_connection_with_tls_context`. Custom HTTPAdapter subclasses "
"will need to migrate for Requests>=2.32.2. Please see "
"https://github.com/psf/requests/pull/6710 for more details."
),
DeprecationWarning,
)
proxy = select_proxy(url, proxies)

if proxy:
@@ -529,7 +552,9 @@ def send(
"""

try:
conn = self._get_connection(request, verify, proxies=proxies, cert=cert)
conn = self.get_connection_with_tls_context(
request, verify, proxies=proxies, cert=cert
)
except LocationValueError as e:
raise InvalidURL(e, request=request)