Skip to content

/ brave-browser

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update python ssl module in brave-core/vendor to prevent InsecurePlatformWarning #568

Open
mbacchi opened this issue Jul 17, 2018 · 4 comments
Open

Update python ssl module in brave-core/vendor to prevent InsecurePlatformWarning #568

mbacchi opened this issue Jul 17, 2018 · 4 comments

Comments

@mbacchi
Copy link
Member

@mbacchi mbacchi commented Jul 17, 2018 

ubuntu@ip-172-31-42-80:/var/lib/jenkins/workspace/brave-browser-build-linux$ yarn run upload
yarn run v1.6.0
$ node ./scripts/commands.js upload
python script/upload.py -v v0.50.11
[INFO] Running upload...
/var/lib/jenkins/workspace/brave-browser-build-linux/src/brave/vendor/requests/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning

Description from https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning:

InsecurePlatformWarning
This happens on Python 2 platforms that have an outdated ssl module. These older ssl modules can cause some insecure requests to succeed where they should fail and secure requests to fail where they should succeed. Follow the pyOpenSSL guide to resolve this warning.
@RyanJarv
Copy link
Contributor

@RyanJarv RyanJarv commented Jul 18, 2018

Really shouldn't be ignoring these, can we change the ticket to resolving the ssl issue? (apologies if that's what you meant)
@RyanJarv
Copy link
Contributor

@RyanJarv RyanJarv commented Jul 18, 2018

There's a ticket to switch to python3 I believe, maybe makes sense to combine it with that?
@mbacchi
Copy link
Member Author

@mbacchi mbacchi commented Jul 18, 2018

Oh, ya I meant 'fix the problem with ssl that is causing these warnings', sorry if I wasn't clear about that. I'll change the title.
@mbacchi mbacchi changed the title silence upload.py InsecurePlatformWarning Update python ssl module in brave-core/vendor to prevent InsecurePlatformWarning Jul 18, 2018
@bbondy bbondy added this to the Backlog milestone Jul 26, 2018
@mbacchi
Copy link
Member Author

@mbacchi mbacchi commented Jan 30, 2019

On Mac, this exhibits a slightly different InsecureRequestWarning:

python script/upload.py
[INFO] Running upload...
[INFO] Found existing release draft, merging this upload with it
[INFO] Uploading release v0.60.17
[INFO] Uploading: brave-v0.60.17-darwin-x64.zip
/usr/local/lib/python2.7/site-packages/urllib3/connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  InsecureRequestWarning)
@rebron rebron modified the milestone: 1.x Backlog Feb 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
@bbondy @RyanJarv @rebron @mbacchi
You can’t perform that action at this time.