Your message dated Tue, 21 Nov 2017 16:16:49 +0100
with message-id <20171121151649.2yxfmp6d6s7ef...@home.ouaza.com>
and subject line Re: tracker.debian.org: Get rid of InsecureRequestWarning
has caused the Debian Bug report #882297,
regarding tracker.debian.org: Get rid of InsecureRequestWarning
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
882297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882297
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: tracker.debian.org
Severity: important
since we switched to Python 3 on tracker.debian.org, the cron tasks
are generating annoying warnings. The following commands (at least) are
affected:
./manage.py tracker_run_all_tasks
./manage.py tracker_update_pseudo_packages
The warning shown is this one:
/usr/lib/python3/dist-packages/urllib3/connectionpool.py:845:
InsecureRequestWarning: Unverified HTTPS
request is being made. Adding certificate verification is strongly advised. See:
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
We need to investigate what code is causing this. I suspect one of the places
where it happens is within pysimplesoap so it might not be trivial to fix. We
might
want to work-around by disabling this specific warning in the place where we use
pysimplesoap.
But in general this should be fixed as we want TLS certificates to be verified.
Or maybe the code is fine in the general case and we are only hit by the
debian.org
way of managing TLS certificates:
https://wiki.debian.org/ServicesSSL
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
--- End Message ---
--- Begin Message ---
On Tue, 21 Nov 2017 09:21:49 +0100 Raphael Hertzog <hert...@debian.org> wrote:
> /usr/lib/python3/dist-packages/urllib3/connectionpool.py:845:
> InsecureRequestWarning: Unverified HTTPS
It looks like they were all due requests.get()'s "verify" attribute being
set to False.
I changed it to true in 3cac00262e4287234c2e08e3b2b22f96dcd009a4 and then
added debian-specific code to use the global CA bundle in
eac12f2e8ca318cfa9be203e42f23121d74aaa34.
I did not have any other occurence of this warning so far.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
--- End Message ---
