Fixed Bug 840968 - SSL errors when the site certificate contains subjectAltName but DNS is not in it
This commit is contained in:
Ding-Yi Chen
parent
cfe1853fb7
commit
d773cae6c0
19
python-httplib2.rfc2459.patch
Normal file
19
python-httplib2.rfc2459.patch
Normal file
@ -0,0 +1,19 @@
|
||||
diff -up ./python2/httplib2/__init__.py.orig ./python2/httplib2/__init__.py
|
||||
--- ./python2/httplib2/__init__.py.orig 2012-07-27 18:35:59.215300471 +1000
|
||||
+++ ./python2/httplib2/__init__.py 2012-07-27 18:36:30.697287505 +1000
|
||||
@@ -943,8 +943,13 @@ class HTTPSConnectionWithTimeout(httplib
|
||||
"""
|
||||
if 'subjectAltName' in cert:
|
||||
# Patch from richardfearn@gmail.com
|
||||
- return [x[1] for x in cert['subjectAltName']
|
||||
+ # RFC 2459 states that subjectAltName may contain:
|
||||
+ # either DNS, email, IP or URI
|
||||
+ # email, URI,
|
||||
+ hosts=[x[1] for x in cert['subjectAltName']
|
||||
if x[0].lower() == "dns"]
|
||||
+ if hosts:
|
||||
+ return hosts
|
||||
|
||||
return [x[0][1] for x in cert['subject']
|
||||
if x[0][0].lower() == 'commonname']
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
|
||||
Name: python-httplib2
|
||||
Version: 0.7.4
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
Summary: A comprehensive HTTP client library
|
||||
Group: System Environment/Libraries
|
||||
License: MIT
|
||||
@ -19,6 +19,7 @@ Source0: http://httplib2.googlecode.com/files/httplib2-%{version}.tar.gz
|
||||
#Patch0: httplib_py26.diff
|
||||
Patch1: %{name}.certfile.patch
|
||||
Patch2: %{name}.getCertHost.patch
|
||||
Patch3: %{name}.rfc2459.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
BuildRequires: python-setuptools-devel
|
||||
BuildRequires: python-devel
|
||||
@ -47,6 +48,7 @@ other HTTP libraries.
|
||||
#%patch0 -p0 -b .issue39
|
||||
%patch1 -p0 -b .certfile
|
||||
%patch2 -p0 -b .getCertHost
|
||||
%patch3 -p0 -b .rfc2459
|
||||
|
||||
%if 0%{?with_python3}
|
||||
rm -rf %{py3dir}
|
||||
@ -89,6 +91,10 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%endif # with_python3
|
||||
|
||||
%changelog
|
||||
* Fri Jul 27 2012 Ding-Yi Chen <dchen at redhat.com> - 0.7.4-5
|
||||
- Fixed Bug 840968 - SSL errors when the site certificate contains
|
||||
subjectAltName but DNS is not in it
|
||||
|
||||
* Fri Jun 22 2012 Ding-Yi Chen <dchen at redhat.com> - 0.7.4-4
|
||||
- Unify the spec file between EPEL and Fedora.
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user