> On Sep 19, 2014, at 11:54 AM, Brant Knudson <b...@acm.org> wrote: > > > I don't think anyone would be complaining if glanceclient didn't have the > need to reach into and monkeypatch requests's connection pool manager[1]. Is > there a way to tell requests to build the https connections differently > without monkeypatching urllib3.poolmanager? > > glanceclient's monkeypatching of the global variable here is dangerous since > it will mess with the application and every other library if the application > or another library uses glanceclient. > > [1] > http://git.openstack.org/cgit/openstack/python-glanceclient/tree/glanceclient/common/https.py#n75 > > <http://git.openstack.org/cgit/openstack/python-glanceclient/tree/glanceclient/common/https.py#n75> >
Why does it need to use it’s own VerifiedHTTPSConnection class? Ironically reimplementing that is probably more dangerous for security than requests bundling urllib3 ;) --- Donald Stufft PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev