[issue18543] urllib.parse.urlopen shouldn't ignore installed opener when called with any ca* argument

[David Ford (FirefighterBlu3)]

David Ford (FirefighterBlu3) added the comment:

Unfortunately more breakage exists within urllib.request. A context supplied to urlopen() is useless in the following pseudo code:

build_some_openers()
context = ssl.foo()
urlopen('foo.com', context=context)

<test against foo.com -- foo.com ssl setup is munged with non-verify, out of date, or something that doesn't make happy with a default context>

When urlopen() runs, it does indeed (with my earlier patch) add another HTTPSHandler(context). However, the default added HTTPSHandler is called first in the chain (see the bisect.insort) and will cause the urlopen attempt to fail if the SSL connection does not work with a default or void context.

The end-user specified context will never be reached whether they attempt to install their own HTTPSHandler or not since the default installed HTTPSHandler will raise an exception.

Therefore, I've attached another patch to urllib.request which ensures that (a) existing opener chain is not discarded and (b) a default opener chain is not made with an HTTPSHandler in it, only adding the HTTPSHandler at urlopen() time if 'https' is found in the URL.

----------
Added file: http://bugs.python.org/file39847/urllib.request.py-do-not-overwrite-existing-opener.diff

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue18543>
_______________________________________