From 10fdc786b1363b98125130929e10f842844dbf2e Mon Sep 17 00:00:00 2001
From: Karolina Surma <ksurma@redhat.com>
Date: Wed, 16 Jun 2021 10:11:46 +0200
Subject: [PATCH] Update to 1.26.5

---
 .gitignore                |  1 +
 python-urllib3.spec       | 13 ++++++++++---
 sources                   |  2 +-
 ssl_match_hostname_py3.py |  1 +
 4 files changed, 13 insertions(+), 4 deletions(-)
 create mode 100644 ssl_match_hostname_py3.py

diff --git a/.gitignore b/.gitignore
index b81808c..a8a0a0c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,3 +30,4 @@
 /urllib3-1.25.8.tar.gz
 /urllib3-1.25.10.tar.gz
 /urllib3-1.26.4.tar.gz
+/urllib3-1.26.5.tar.gz
diff --git a/python-urllib3.spec b/python-urllib3.spec
index 5c8b8ea..558b1ec 100644
--- a/python-urllib3.spec
+++ b/python-urllib3.spec
@@ -5,13 +5,15 @@
 %bcond_with tests
 
 Name:           python-%{srcname}
-Version:        1.26.4
+Version:        1.26.5
 Release:        1%{?dist}
 Summary:        Python HTTP library with thread-safe connection pooling and file post
 
 License:        MIT
 URL:            https://github.com/urllib3/urllib3
 Source0:        %{url}/archive/%{version}/%{srcname}-%{version}.tar.gz
+# Unbundle ssl_match_hostname since we depend on it
+Source1:        ssl_match_hostname_py3.py
 BuildArch:      noarch
 
 %description
@@ -91,10 +93,10 @@ sed -i -e 's/^import mock/from unittest import mock/' \
 # Unbundle the Python 3 build
 rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py
 rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/six.*
-rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname/_implementation.py
-rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname/__pycache__/_implementation.*
+rm -rf %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname/
 
 mkdir -p %{buildroot}/%{python3_sitelib}/urllib3/packages/
+cp -a %{SOURCE1} %{buildroot}/%{python3_sitelib}/urllib3/packages/ssl_match_hostname.py
 ln -s %{python3_sitelib}/six.py %{buildroot}/%{python3_sitelib}/urllib3/packages/six.py
 ln -s %{python3_sitelib}/__pycache__/six.cpython-%{python3_version_nodots}.opt-1.pyc \
       %{buildroot}/%{python3_sitelib}/urllib3/packages/__pycache__/
@@ -116,6 +118,11 @@ ln -s %{python3_sitelib}/__pycache__/six.cpython-%{python3_version_nodots}.pyc \
 
 
 %changelog
+* Wed Jun 16 2021 Karolina Surma <ksurma@redhat.com> - 1.26.5-1
+- Update to 1.26.5
+- Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser
+Resolves: rhbz#1972639
+
 * Tue May 18 2021 Miro Hrončok <mhroncok@redhat.com> - 1.26.4-1
 - Update to 1.26.4
 Resolves: rhbz#1935737
diff --git a/sources b/sources
index 3ca6661..f80ee90 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (urllib3-1.26.4.tar.gz) = c770ae93e024af2bd79145d90426ad56f89184a4a02a55551bf54680a1ba369e683080e1899f00d57efcb085145e29a189f502ae6b41e572de111909297fb4e6
+SHA512 (urllib3-1.26.5.tar.gz) = d4a97aa05f9138cbd2fceadd6268f55f1389a57abccc44f6dfd7755778d417a6648f081ceefd376b27c17e384ccc81caf49f0ea23b4d9ac8e347a06d85cb4639
diff --git a/ssl_match_hostname_py3.py b/ssl_match_hostname_py3.py
new file mode 100644
index 0000000..99d425a
--- /dev/null
+++ b/ssl_match_hostname_py3.py
@@ -0,0 +1 @@
+from ssl import match_hostname, CertificateError