Bump urllib3 from 1.26.12 to 1.26.13 (#1908)

* Bump urllib3 from 1.26.12 to 1.26.13 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.12 to 1.26.13. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/1.26.13/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.12...1.26.13) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update urllib3==1.26.13 Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: JonnyWong16 <9099342+JonnyWong16@users.noreply.github.com> [skip ci]
2025-07-07 05:31:15 -07:00 · 2022-12-21 15:59:10 -08:00 · 2022-12-21 15:59:10 -08:00 · d596b86c8d
commit d596b86c8d
parent 3d378eb583
7 changed files with 21 additions and 9 deletions
--- a/lib/urllib3/_version.py
+++ b/lib/urllib3/_version.py
@ -1,2 +1,2 @@
 # This file is protected via CODEOWNERS
-__version__ = "1.26.12"
+__version__ = "1.26.13"
--- a/lib/urllib3/connectionpool.py
+++ b/lib/urllib3/connectionpool.py
@ -862,7 +862,7 @@ class HTTPConnectionPool(ConnectionPool, RequestMethods):
            )

        # Check if we should retry the HTTP response.
-        has_retry_after = bool(response.getheader("Retry-After"))
+        has_retry_after = bool(response.headers.get("Retry-After"))
        if retries.is_retry(method, response.status, has_retry_after):
            try:
                retries = retries.increment(method, url, response=response, _pool=self)
--- a/lib/urllib3/contrib/pyopenssl.py
+++ b/lib/urllib3/contrib/pyopenssl.py
@ -47,10 +47,10 @@ compression in Python 2 (see `CRIME attack`_).
 """
 from __future__ import absolute_import

+import OpenSSL.crypto
 import OpenSSL.SSL
 from cryptography import x509
 from cryptography.hazmat.backends.openssl import backend as openssl_backend
-from cryptography.hazmat.backends.openssl.x509 import _Certificate

 try:
    from cryptography.x509 import UnsupportedExtension
@ -228,9 +228,8 @@ def get_subj_alt_name(peer_cert):
    if hasattr(peer_cert, "to_cryptography"):
        cert = peer_cert.to_cryptography()
    else:
-        # This is technically using private APIs, but should work across all
-        # relevant versions before PyOpenSSL got a proper API for this.
-        cert = _Certificate(openssl_backend, peer_cert._x509)
+        der = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_ASN1, peer_cert)
+        cert = x509.load_der_x509_certificate(der, openssl_backend)

    # We want to find the SAN extension. Ask Cryptography to locate it (it's
    # faster than looping in Python)
--- a/lib/urllib3/response.py
+++ b/lib/urllib3/response.py
@ -3,6 +3,7 @@ from __future__ import absolute_import
 import io
 import logging
 import sys
+import warnings
 import zlib
 from contextlib import contextmanager
 from socket import error as SocketError
@ -663,9 +664,21 @@ class HTTPResponse(io.IOBase):

    # Backwards-compatibility methods for http.client.HTTPResponse
    def getheaders(self):
+        warnings.warn(
+            "HTTPResponse.getheaders() is deprecated and will be removed "
+            "in urllib3 v2.1.0. Instead access HTTResponse.headers directly.",
+            category=DeprecationWarning,
+            stacklevel=2,
+        )
        return self.headers

    def getheader(self, name, default=None):
+        warnings.warn(
+            "HTTPResponse.getheader() is deprecated and will be removed "
+            "in urllib3 v2.1.0. Instead use HTTResponse.headers.get(name, default).",
+            category=DeprecationWarning,
+            stacklevel=2,
+        )
        return self.headers.get(name, default)

    # Backwards compatibility for http.cookiejar
--- a/lib/urllib3/util/retry.py
+++ b/lib/urllib3/util/retry.py
@ -394,7 +394,7 @@ class Retry(object):
    def get_retry_after(self, response):
        """Get the value of Retry-After in seconds."""

-        retry_after = response.getheader("Retry-After")
+        retry_after = response.headers.get("Retry-After")

        if retry_after is None:
            return None
--- a/lib/urllib3/util/url.py
+++ b/lib/urllib3/util/url.py
@ -63,7 +63,7 @@ IPV6_ADDRZ_RE = re.compile("^" + IPV6_ADDRZ_PAT + "$")
 BRACELESS_IPV6_ADDRZ_RE = re.compile("^" + IPV6_ADDRZ_PAT[2:-2] + "$")
 ZONE_ID_RE = re.compile("(" + ZONE_ID_PAT + r")\]$")

-_HOST_PORT_PAT = ("^(%s|%s|%s)(?::([0-9]{0,5}))?$") % (
+_HOST_PORT_PAT = ("^(%s|%s|%s)(?::0*([0-9]{0,5}))?$") % (
    REG_NAME_PAT,
    IPV4_PAT,
    IPV6_ADDRZ_PAT,
--- a/requirements.txt
+++ b/requirements.txt
@ -45,7 +45,7 @@ tempora==5.1.0
 tokenize-rt==5.0.0
 tzdata==2022.6
 tzlocal==4.2
-urllib3==1.26.12
+urllib3==1.26.13
 webencodings==0.5.1
 websocket-client==1.4.2
 xmltodict==0.13.0