diff --git a/.gitignore b/.gitignore index bbe4a3d..52d9deb 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ httplib2-0.4.0.tar.gz /httplib2-0.9.2.tar.gz /httplib2-0.10.3.tar.gz /httplib2-0.11.3.tar.gz +/httplib2-0.13.0.tar.gz diff --git a/python-httplib2-0.9-cve-2013-2037.patch b/python-httplib2-0.9-cve-2013-2037.patch deleted file mode 100644 index 6a09337..0000000 --- a/python-httplib2-0.9-cve-2013-2037.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -Nur httplib2-0.9.orig/python2/httplib2/__init__.py httplib2-0.9/python2/httplib2/__init__.py ---- httplib2-0.9.orig/python2/httplib2/__init__.py 2015-04-03 13:10:43.401035131 -0600 -+++ httplib2-0.9/python2/httplib2/__init__.py 2015-04-03 13:10:08.470685647 -0600 -@@ -1042,7 +1042,7 @@ - raise CertificateHostnameMismatch( - 'Server presented certificate that does not match ' - 'host %s: %s' % (hostname, cert), hostname, cert) -- except ssl_SSLError, e: -+ except (ssl_SSLError, CertificateHostnameMismatch), e: - if sock: - sock.close() - if self.sock: -@@ -1052,7 +1052,7 @@ - # to get at more detailed error information, in particular - # whether the error is due to certificate validation or - # something else (such as SSL protocol mismatch). -- if e.errno == ssl.SSL_ERROR_SSL: -+ if hasattr(e, 'errno') and e.errno == ssl.SSL_ERROR_SSL: - raise SSLHandshakeError(e) - else: - raise diff --git a/python-httplib2-0.9-proxy-http.patch b/python-httplib2-0.9-proxy-http.patch deleted file mode 100644 index d48a2e3..0000000 --- a/python-httplib2-0.9-proxy-http.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff -Nur httplib2-0.11.3.orig/python2/httplib2/__init__.py httplib2-0.11.3/python2/httplib2/__init__.py ---- httplib2-0.11.3.orig/python2/httplib2/__init__.py 2018-06-10 17:27:19.397359583 -0700 -+++ httplib2-0.11.3/python2/httplib2/__init__.py 2018-06-10 17:27:57.789525463 -0700 -@@ -895,7 +895,11 @@ - else: - port = dict(https=443, http=80)[method] - -- proxy_type = 3 # socks.PROXY_TYPE_HTTP -+ if method == 'http': -+ proxy_type = 4 # socks.PROXY_TYPE_HTTP_NO_TUNNEL -+ else: -+ proxy_type = 3 # socks.PROXY_TYPE_HTTP -+ - pi = ProxyInfo( - proxy_type = proxy_type, - proxy_host = host, diff --git a/python-httplib2.certfile.patch b/python-httplib2.certfile.patch index 64ee0dd..362fd69 100644 --- a/python-httplib2.certfile.patch +++ b/python-httplib2.certfile.patch @@ -1,30 +1,41 @@ -diff -Nur httplib2-0.11.3.orig/python2/httplib2/__init__.py httplib2-0.11.3/python2/httplib2/__init__.py ---- httplib2-0.11.3.orig/python2/httplib2/__init__.py 2018-06-10 17:12:37.289548256 -0700 -+++ httplib2-0.11.3/python2/httplib2/__init__.py 2018-06-10 17:16:52.193649649 -0700 -@@ -218,8 +218,9 @@ - CA_CERTS = ca_certs_locater.get() - except ImportError: - # Default CA certificates file bundled with httplib2. -- CA_CERTS = os.path.join( -- os.path.dirname(os.path.abspath(__file__ )), "cacerts.txt") -+ #CA_CERTS = os.path.join( -+ # os.path.dirname(os.path.abspath(__file__ )), "cacerts.txt") -+ CA_CERTS = "/etc/pki/tls/certs/ca-bundle.crt" +diff -Nur httplib2-0.13.0.orig/python2/httplib2/certs.py httplib2-0.13.0/python2/httplib2/certs.py +--- httplib2-0.13.0.orig/python2/httplib2/certs.py 2019-06-06 12:46:32.000000000 -0700 ++++ httplib2-0.13.0/python2/httplib2/certs.py 2019-06-30 14:29:14.050085981 -0700 +@@ -23,6 +23,7 @@ + os.path.dirname(os.path.abspath(__file__)), "cacerts.txt" + ) - # Which headers are hop-by-hop headers by default - HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade'] -diff -Nur httplib2-0.11.3.orig/python3/httplib2/__init__.py httplib2-0.11.3/python3/httplib2/__init__.py ---- httplib2-0.11.3.orig/python3/httplib2/__init__.py 2018-03-29 19:28:43.000000000 -0700 -+++ httplib2-0.11.3/python3/httplib2/__init__.py 2018-06-10 17:18:19.267025891 -0700 -@@ -125,8 +125,9 @@ - HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade'] ++FEDORA_CA_CERTS = "/etc/pki/tls/certs/ca-bundle.crt" - # Default CA certificates file bundled with httplib2. --CA_CERTS = os.path.join( -- os.path.dirname(os.path.abspath(__file__ )), "cacerts.txt") -+#CA_CERTS = os.path.join( -+# os.path.dirname(os.path.abspath(__file__ )), "cacerts.txt") -+CA_CERTS = "/etc/pki/tls/certs/ca-bundle.crt" + def where(): + env = os.environ.get("HTTPLIB2_CA_CERTS") +@@ -35,7 +36,7 @@ + return custom_ca_locater_where() + if certifi_available: + return certifi_where() +- return BUILTIN_CA_CERTS ++ return FEDORA_CA_CERTS - # PROTOCOL_TLS is python 3.5.3+. PROTOCOL_SSLv23 is deprecated. - # Both PROTOCOL_TLS and PROTOCOL_SSLv23 are equivalent and means: + + if __name__ == "__main__": +diff -Nur httplib2-0.13.0.orig/python3/httplib2/certs.py httplib2-0.13.0/python3/httplib2/certs.py +--- httplib2-0.13.0.orig/python3/httplib2/certs.py 2019-06-06 12:46:32.000000000 -0700 ++++ httplib2-0.13.0/python3/httplib2/certs.py 2019-06-30 14:29:38.778214191 -0700 +@@ -23,6 +23,8 @@ + os.path.dirname(os.path.abspath(__file__)), "cacerts.txt" + ) + ++FEDORA_CA_CERTS = "/etc/pki/tls/certs/ca-bundle.crt" ++ + + def where(): + env = os.environ.get("HTTPLIB2_CA_CERTS") +@@ -35,7 +37,7 @@ + return custom_ca_locater_where() + if certifi_available: + return certifi_where() +- return BUILTIN_CA_CERTS ++ return FEDORA_CA_CERTS + + + if __name__ == "__main__": diff --git a/python-httplib2.getCertHost.patch b/python-httplib2.getCertHost.patch deleted file mode 100644 index f9c53de..0000000 --- a/python-httplib2.getCertHost.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -up ./python2/httplib2/__init__.py.getCertHost ./python2/httplib2/__init__.py ---- ./python2/httplib2/__init__.py.getCertHost 2012-05-03 17:16:33.834155219 +1000 -+++ ./python2/httplib2/__init__.py 2012-06-21 18:19:33.804660257 +1000 -@@ -942,11 +942,12 @@ class HTTPSConnectionWithTimeout(httplib - list: A list of valid host globs. - """ - if 'subjectAltName' in cert: -- return [x[1] for x in cert['subjectAltName'] -- if x[0].lower() == 'dns'] -- else: -- return [x[0][1] for x in cert['subject'] -- if x[0][0].lower() == 'commonname'] -+ # Patch from richardfearn@gmail.com -+ return [x[1] for x in cert['subjectAltName'] -+ if x[0].lower() == "dns"] -+ -+ return [x[0][1] for x in cert['subject'] -+ if x[0][0].lower() == 'commonname'] - - def _ValidateCertificateHostname(self, cert, hostname): - """Validates that a given hostname is valid for an SSL certificate. diff --git a/python-httplib2.rfc2459.patch b/python-httplib2.rfc2459.patch deleted file mode 100644 index 523129e..0000000 --- a/python-httplib2.rfc2459.patch +++ /dev/null @@ -1,19 +0,0 @@ -diff -up ./python2/httplib2/__init__.py.orig ./python2/httplib2/__init__.py ---- ./python2/httplib2/__init__.py.orig 2012-07-27 18:35:59.215300471 +1000 -+++ ./python2/httplib2/__init__.py 2012-07-27 18:36:30.697287505 +1000 -@@ -943,8 +943,13 @@ class HTTPSConnectionWithTimeout(httplib - """ - if 'subjectAltName' in cert: - # Patch from richardfearn@gmail.com -- return [x[1] for x in cert['subjectAltName'] -+ # RFC 2459 states that subjectAltName may contain: -+ # either DNS, email, IP or URI -+ # email, URI, -+ hosts=[x[1] for x in cert['subjectAltName'] - if x[0].lower() == "dns"] -+ if hosts: -+ return hosts - - return [x[0][1] for x in cert['subject'] - if x[0][0].lower() == 'commonname'] - diff --git a/python-httplib2.spec b/python-httplib2.spec index d8d69e8..26c26b0 100644 --- a/python-httplib2.spec +++ b/python-httplib2.spec @@ -7,24 +7,16 @@ %endif Name: python-httplib2 -Version: 0.11.3 -Release: 6%{?dist} +Version: 0.13.0 +Release: 1%{?dist} Summary: A comprehensive HTTP client library License: MIT URL: https://pypi.python.org/pypi/httplib2 Source0: https://pypi.python.org/packages/source/h/httplib2/httplib2-%{version}.tar.gz -# See also the 'locater plugin' system httplib2 now allows, and -# https://github.com/dreamhost/httplib2-ca_certs_locater -# It's kind of problematic, though: https://github.com/jcgregorio/httplib2/issues/293 -Patch1: %{name}.certfile.patch -Patch2: %{name}.getCertHost.patch -Patch3: %{name}.rfc2459.patch # -# Fix proxy with plain http -# https://bugzilla.redhat.com/show_bug.cgi?id=857514 -# https://github.com/jcgregorio/httplib2/issues/228 -# -Patch4: python-httplib2-0.9-proxy-http.patch +# Patch to use the Fedora ca certs instead of the bundled ones +# +Patch1: python-httplib2.certfile.patch BuildRequires: python2-setuptools BuildRequires: python2-devel @@ -33,7 +25,8 @@ BuildArch: noarch %if 0%{?with_python3} BuildRequires: python3-devel BuildRequires: python3-setuptools -%endif # if with_python3 +%endif +# if with_python3 %global _description\ A comprehensive HTTP client library that supports many features left out of\ @@ -54,20 +47,18 @@ Summary: A comprehensive HTTP client library %description -n python3-httplib2 A comprehensive HTTP client library that supports many features left out of other HTTP libraries. -%endif # with_python3 +%endif +# with_python3 %prep -%setup -q -n httplib2-%{version} -%patch1 -p1 -b .certfile -%patch2 -p0 -b .getCertHost -%patch3 -p0 -b .rfc2459 -%patch4 -p1 +%autosetup -n httplib2-%{version} -p1 %if 0%{?with_python3} rm -rf %{py3dir} cp -a . %{py3dir} find %{py3dir} -name '*.py' | xargs sed -i '1s|^#!/usr/bin/python|#!%{__python3}|' -%endif # with_python3 +%endif +# with_python3 %build CFLAGS="$RPM_OPT_FLAGS" %{__python2} setup.py build @@ -76,7 +67,8 @@ CFLAGS="$RPM_OPT_FLAGS" %{__python2} setup.py build pushd %{py3dir} %{__python3} setup.py build popd -%endif # with_python3 +%endif +# with_python3 %install rm -rf $RPM_BUILD_ROOT @@ -86,7 +78,8 @@ rm -rf $RPM_BUILD_ROOT pushd %{py3dir} %{__python3} setup.py install --skip-build --root $RPM_BUILD_ROOT popd -%endif # with_python3 +%endif +# with_python3 %files -n python2-httplib2 %{python2_sitelib}/* @@ -94,9 +87,16 @@ popd %if 0%{?with_python3} %files -n python3-httplib2 %{python3_sitelib}/* -%endif # with_python3 +%endif +# with_python3 %changelog +* Sun Jun 30 2019 Kevin Fenzi - 0.13.0-1 +- Update to 0.13.0. + +* Tue Apr 23 2019 Kevin Fenzi - 0.12.3-1 +- Update to 0.12.3. + * Sat Feb 02 2019 Fedora Release Engineering - 0.11.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild diff --git a/sources b/sources index 557473d..40fce0a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (httplib2-0.11.3.tar.gz) = e74be0ba945aaf5836ef14f4b8262e2be4b7f2a1df52b60f8ae7109d9727e117a69a8b7e4f524fb91997781af031a8a7c2112a7ab2b5d9f5c94b04a56aa04659 +SHA512 (httplib2-0.13.0.tar.gz) = b447531f18eb7d288cce9b1ab4b59c4302bd8db8eb095a102f9d730cb49644a1dc531ca007bb9c9a7321c9876ec0ce953317561fc94a51b02bcb749d2de1fa83