|
|
a938da |
%global module_name backports.ssl_match_hostname
|
|
|
a938da |
%global alphatag a3
|
|
|
a938da |
%global fullversion %{version}%{alphatag}
|
|
|
a938da |
|
|
|
a938da |
Name: python-backports-ssl_match_hostname
|
|
|
a938da |
Version: 3.2
|
|
|
a938da |
Release: 0.3.%{alphatag}%{?dist}
|
|
|
a938da |
Summary: The ssl.match_hostname() function from Python 3.2
|
|
|
a938da |
|
|
|
a938da |
# Webpages claim MIT but the code is cut-and-paste from Python source code
|
|
|
a938da |
License: Python
|
|
|
a938da |
URL: https://bitbucket.org/brandon/backports.ssl_match_hostname
|
|
|
a938da |
Source0: http://pypi.python.org/packages/source/b/backports.ssl_match_hostname/backports.ssl_match_hostname-%{fullversion}.tar.gz
|
|
|
a938da |
# From the upstream scm
|
|
|
a938da |
Patch0: ssl_match_hostname-issue12000.patch
|
|
|
a938da |
# Slightly modified version of patch against python3.2+
|
|
|
a938da |
# http://bugs.python.org/issue17980#msg189525
|
|
|
a938da |
Patch1: 00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch
|
|
|
a938da |
|
|
|
a938da |
BuildArch: noarch
|
|
|
a938da |
BuildRequires: python2-devel
|
|
|
a938da |
BuildRequires: python-setuptools
|
|
|
a938da |
|
|
|
a938da |
%description
|
|
|
a938da |
The Secure Sockets layer is only actually secure if you check the hostname in
|
|
|
a938da |
the certificate returned by the server to which you are connecting, and verify
|
|
|
a938da |
that it matches to hostname that you are trying to reach.
|
|
|
a938da |
|
|
|
a938da |
But the matching logic, defined in RFC2818, can be a bit tricky to implement on
|
|
|
a938da |
your own. So the ssl package in the Standard Library of Python 3.2 now includes
|
|
|
a938da |
a match_hostname() function for performing this check instead of requiring
|
|
|
a938da |
every application to implement the check separately.
|
|
|
a938da |
|
|
|
a938da |
This backport brings match_hostname() to users of earlier versions of Python.
|
|
|
a938da |
The actual code inside comes verbatim from Python 3.2.
|
|
|
a938da |
|
|
|
a938da |
|
|
|
a938da |
%prep
|
|
|
a938da |
%setup -qn %{module_name}-%{fullversion}
|
|
|
a938da |
%patch0 -p1
|
|
|
a938da |
%patch1 -p1
|
|
|
a938da |
mv src/backports/ssl_match_hostname/README.txt ./
|
|
|
a938da |
|
|
|
a938da |
|
|
|
a938da |
%build
|
|
|
a938da |
python setup.py build
|
|
|
a938da |
|
|
|
a938da |
|
|
|
a938da |
%install
|
|
|
a938da |
python setup.py install --skip-build --root %{buildroot}
|
|
|
a938da |
|
|
|
a938da |
|
|
|
a938da |
%files
|
|
|
a938da |
%doc README.txt
|
|
|
a938da |
%{python_sitelib}/*
|
|
|
a938da |
|
|
|
a938da |
|
|
|
a938da |
%changelog
|
|
|
a938da |
* Mon May 20 2013 Toshio Kuratomi <toshio@fedoraproject.org> - 3.2-0.3.a3
|
|
|
a938da |
- Add patch for CVE 2013-2099 https://bugzilla.redhat.com/show_bug.cgi?id=963260
|
|
|
a938da |
|
|
|
a938da |
* Tue Feb 05 2013 Ian Weller <iweller@redhat.com> - 3.2-0.2.a3
|
|
|
a938da |
- Fix Python issue 12000
|
|
|
a938da |
|
|
|
a938da |
* Fri Dec 07 2012 Ian Weller <iweller@redhat.com> - 3.2-0.1.a3
|
|
|
a938da |
- Initial package build
|