diff options
Diffstat (limited to 'dev-python/python-keystoneclient/files/cve-2015-1852-master-keystoneclient.patch')
| -rw-r--r-- | dev-python/python-keystoneclient/files/cve-2015-1852-master-keystoneclient.patch | 84 |
1 files changed, 0 insertions, 84 deletions
diff --git a/dev-python/python-keystoneclient/files/cve-2015-1852-master-keystoneclient.patch b/dev-python/python-keystoneclient/files/cve-2015-1852-master-keystoneclient.patch deleted file mode 100644 index 82897fe4ca69..000000000000 --- a/dev-python/python-keystoneclient/files/cve-2015-1852-master-keystoneclient.patch +++ /dev/null @@ -1,84 +0,0 @@ -From 46f8d86c197376b0cdd9589310f2e66ef7af027a Mon Sep 17 00:00:00 2001 -From: Brant Knudson <bknudson@us.ibm.com> -Date: Tue, 7 Apr 2015 19:38:29 +0000 -Subject: [PATCH] Fix s3_token middleware parsing insecure option - -The "insecure" option was being treated as a bool when it was -actually provided as a string. The fix is to parse the string to -a bool. - -Closes-Bug: 1411063 -Change-Id: I508dae8d7bedfc903e476cdefac43d05cbd7fbe1 ---- - keystoneclient/middleware/s3_token.py | 3 ++- - .../tests/unit/test_s3_token_middleware.py | 24 +++++++++++++++++++++- - 2 files changed, 25 insertions(+), 2 deletions(-) - -diff --git a/keystoneclient/middleware/s3_token.py b/keystoneclient/middleware/s3_token.py -index 7552893..f8d1ce0 100644 ---- a/keystoneclient/middleware/s3_token.py -+++ b/keystoneclient/middleware/s3_token.py -@@ -34,6 +34,7 @@ This WSGI component: - import logging - - from oslo_serialization import jsonutils -+from oslo_utils import strutils - import requests - import six - from six.moves import urllib -@@ -116,7 +117,7 @@ class S3Token(object): - self.request_uri = '%s://%s:%s' % (auth_protocol, auth_host, auth_port) - - # SSL -- insecure = conf.get('insecure', False) -+ insecure = strutils.bool_from_string(conf.get('insecure', False)) - cert_file = conf.get('certfile') - key_file = conf.get('keyfile') - -diff --git a/keystoneclient/tests/unit/test_s3_token_middleware.py b/keystoneclient/tests/unit/test_s3_token_middleware.py -index d5a62e8..dfb4406 100644 ---- a/keystoneclient/tests/unit/test_s3_token_middleware.py -+++ b/keystoneclient/tests/unit/test_s3_token_middleware.py -@@ -124,7 +124,7 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): - @mock.patch.object(requests, 'post') - def test_insecure(self, MOCK_REQUEST): - self.middleware = ( -- s3_token.filter_factory({'insecure': True})(FakeApp())) -+ s3_token.filter_factory({'insecure': 'True'})(FakeApp())) - - text_return_value = jsonutils.dumps(GOOD_RESPONSE) - if six.PY3: -@@ -142,6 +142,28 @@ class S3TokenMiddlewareTestGood(S3TokenMiddlewareTestBase): - mock_args, mock_kwargs = MOCK_REQUEST.call_args - self.assertIs(mock_kwargs['verify'], False) - -+ def test_insecure_option(self): -+ # insecure is passed as a string. -+ -+ # Some non-secure values. -+ true_values = ['true', 'True', '1', 'yes'] -+ for val in true_values: -+ config = {'insecure': val, 'certfile': 'false_ind'} -+ middleware = s3_token.filter_factory(config)(FakeApp()) -+ self.assertIs(False, middleware.verify) -+ -+ # Some "secure" values, including unexpected value. -+ false_values = ['false', 'False', '0', 'no', 'someweirdvalue'] -+ for val in false_values: -+ config = {'insecure': val, 'certfile': 'false_ind'} -+ middleware = s3_token.filter_factory(config)(FakeApp()) -+ self.assertEqual('false_ind', middleware.verify) -+ -+ # Default is secure. -+ config = {'certfile': 'false_ind'} -+ middleware = s3_token.filter_factory(config)(FakeApp()) -+ self.assertIs('false_ind', middleware.verify) -+ - - class S3TokenMiddlewareTestBad(S3TokenMiddlewareTestBase): - def setUp(self): --- -1.9.1 - - - |