Python 2.7 TLS Broken on GitHub? [solved]

Posted on
Thu Mar 01, 2018 10:03 pm
kmarkley offline
Posts: 109
Joined: Nov 15, 2016

Re: Python 2.7 TLS Broken on GitHub? [solved]

The fix above fixes ghpu.py checking for releases, but not installing them. The method _getZipFileFromRelease also needs to be converted to curl for a full solution:

Code: Select all
    def _getZipFileFromRelease(self, release):
        # download and verify zipfile from the release package
        zipball = release.get('zipball_url', None)
        if (zipball == None):
            raise Exception('Invalid release package: no zipball')

        self._debug('Downloading zip file: %s' % zipball)

        # zipdata = urlopen(zipball).read()
        f = subprocess.Popen(["curl", "-L",  zipball], stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=False)
        zipdata, err = f.communicate()
        self._debug(u'HTTP Err result:'+unicode(err) )
        self._debug(u'ReturnCode:{0}'.format(unicode(f.returncode)))
        zipfile = ZipFile(StringIO(zipdata))

        self._debug('Verifying zip file (%d bytes)...' % len(zipdata))
        if (zipfile.testzip() != None):
            raise Exception('Download corrupted')

        return zipfile

Who is online

Users browsing this forum: No registered users and 1 guest