diff options
author | 2015-08-08 13:49:04 -0700 | |
---|---|---|
committer | 2015-08-08 17:38:18 -0700 | |
commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /dev-python/keystonemiddleware/files/cve-2015-1852-master-keystonemiddleware.patch | |
download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'dev-python/keystonemiddleware/files/cve-2015-1852-master-keystonemiddleware.patch')
-rw-r--r-- | dev-python/keystonemiddleware/files/cve-2015-1852-master-keystonemiddleware.patch | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/dev-python/keystonemiddleware/files/cve-2015-1852-master-keystonemiddleware.patch b/dev-python/keystonemiddleware/files/cve-2015-1852-master-keystonemiddleware.patch new file mode 100644 index 000000000000..6ea8f99d5c3c --- /dev/null +++ b/dev-python/keystonemiddleware/files/cve-2015-1852-master-keystonemiddleware.patch @@ -0,0 +1,63 @@ +diff --git a/keystonemiddleware/s3_token.py b/keystonemiddleware/s3_token.py +index d56482f..3fe13f9 100644 +--- a/keystonemiddleware/s3_token.py ++++ b/keystonemiddleware/s3_token.py +@@ -35,6 +35,7 @@ import logging + import webob + + from oslo_serialization import jsonutils ++from oslo_utils import strutils + import requests + import six + from six.moves import urllib +@@ -116,7 +117,7 @@ class S3Token(object): + auth_port) + + # SSL +- insecure = conf.get('insecure', False) ++ insecure = strutils.bool_from_string(conf.get('insecure', False)) + cert_file = conf.get('certfile') + key_file = conf.get('keyfile') + +diff --git a/keystonemiddleware/tests/test_s3_token_middleware.py b/keystonemiddleware/tests/test_s3_token_middleware.py +index fdadb76..4b910a6 100644 +--- a/keystonemiddleware/tests/test_s3_token_middleware.py ++++ b/keystonemiddleware/tests/test_s3_token_middleware.py +@@ -124,7 +124,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): + @mock.patch.object(requests, 'post') + def test_insecure(self, MOCK_REQUEST): + self.middleware = ( +- s3_token.filter_factory({'insecure': True})(FakeApp())) ++ s3_token.filter_factory({'insecure': 'True'})(FakeApp())) + + text_return_value = jsonutils.dumps(GOOD_RESPONSE) + if six.PY3: +@@ -142,6 +142,28 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): + mock_args, mock_kwargs = MOCK_REQUEST.call_args + self.assertIs(mock_kwargs['verify'], False) + ++ def test_insecure_option(self): ++ # insecure is passed as a string. ++ ++ # Some non-secure values. ++ true_values = ['true', 'True', '1', 'yes'] ++ for val in true_values: ++ config = {'insecure': val, 'certfile': 'false_ind'} ++ middleware = s3_token.filter_factory(config)(FakeApp()) ++ self.assertIs(False, middleware._verify) ++ ++ # Some "secure" values, including unexpected value. ++ false_values = ['false', 'False', '0', 'no', 'someweirdvalue'] ++ for val in false_values: ++ config = {'insecure': val, 'certfile': 'false_ind'} ++ middleware = s3_token.filter_factory(config)(FakeApp()) ++ self.assertEqual('false_ind', middleware._verify) ++ ++ # Default is secure. ++ config = {'certfile': 'false_ind'} ++ middleware = s3_token.filter_factory(config)(FakeApp()) ++ self.assertIs('false_ind', middleware._verify) ++ + + class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase): + def setUp(self): |