Public bug reported: ** DRAFT in progress...**
[Impact] The urllib3 library is not using the alternative name field on a TLS certificate to validate the certificate. The problem has been fixed, and we want to take advantage of the fix in Xenial. "Initial error that was hit while using requests to query an endpoint by ip with a self signed cert: requests.exceptions.SSLError: hostname 'XX.XX.XX.XXX' doesn't match either of 'XXXX', 'YYYY', 'ZZZZ' [Test Case] TBD [Regression Potential] TBD [Other Info] # Upstream commit : Add support for IP address SAN fields. https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b Xenial only is affected, Bionic & Cosmic already has the change: # Upstream git describe --contains c74bd70 1.18^2~4 # Rmadison python-urllib3 | 1.13.1-2 | xenial | source, all python-urllib3 | 1.13.1-2ubuntu0.16.04.1 | xenial-updates | source, all python-urllib3 | 1.22-1 | bionic | source, all python-urllib3 | 1.22-1 | cosmic | source, all [Original Description] Please backport https://github.com/urllib3/urllib3/commit/c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b to urllib3 on xenial. The urllib3 library is not using the alternative name field on a TLS certificate to validate the certificate. The problem has been fixed, and we want to take advantage of the fix in Xenial. Earliest version of urllib3 library that incorporates this change: 1.18 Earliest version of requests library that bundles this: 2.12.0 (which is actually using urllib3 1.19) ** Affects: python-urllib3 (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: python-urllib3 (Ubuntu Xenial) Importance: Medium Status: Confirmed ** Tags: sts -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1788262 Title: backport request of upstream commit c74bd70c3a97e30f0560bee9b7fa1bfc767ebf0b on xenial To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-urllib3/+bug/1788262/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
