[openstack-glance/el6: 1/3] avoid issue with crypto compat patch (#906051)
Pádraig Brady
pbrady at fedoraproject.org
Mon May 13 00:22:47 UTC 2013
commit 84e20fe263d263c20d190ada25f6b91616619925
Author: Pádraig Brady <P at draigBrady.com>
Date: Mon May 13 00:49:38 2013 +0100
avoid issue with crypto compat patch (#906051)
Avoid-NULLs-in-crypto-padding.patch | 47 +++++++++++++++++++++++++++++++++++
openstack-glance.spec | 7 ++++-
2 files changed, 53 insertions(+), 1 deletions(-)
---
diff --git a/Avoid-NULLs-in-crypto-padding.patch b/Avoid-NULLs-in-crypto-padding.patch
new file mode 100644
index 0000000..7ebb40b
--- /dev/null
+++ b/Avoid-NULLs-in-crypto-padding.patch
@@ -0,0 +1,47 @@
+From 4458d6af24ba1e9dcb72b7b15b99cba9dce6b4ca Mon Sep 17 00:00:00 2001
+From: Eoghan Glynn <eglynn at redhat.com>
+Date: Wed, 30 Jan 2013 17:43:52 +0000
+Subject: [PATCH] Avoid NULLs in crypto padding.
+
+Also include missing import of the os module.
+
+The problem does not exist upstream, as the regression was
+introduced in a RHEL-specific patch:
+
+ efebcc2b36353becd1e570ce4b4be5a659fa78e3
+
+Fixes bug: 906051
+
+Change-Id: I70a9b3340ff454ae75c32ee75e121f0de4de938b
+Reviewed-on: https://code.engineering.redhat.com/gerrit/2809
+Reviewed-by: Nikola Dipanov <ndipanov at redhat.com>
+Tested-by: Nikola Dipanov <ndipanov at redhat.com>
+---
+ glance/common/crypt.py | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/glance/common/crypt.py b/glance/common/crypt.py
+index ef6496b..3874de7 100644
+--- a/glance/common/crypt.py
++++ b/glance/common/crypt.py
+@@ -21,6 +21,10 @@ Routines for URL-safe encrypting/decrypting
+ """
+
+ import base64
++import os
++import random
++import string
++
+ from Crypto.Cipher import AES
+
+
+@@ -38,7 +42,8 @@ def urlsafe_encrypt(key, plaintext, blocksize=16):
+ Pads text to be encrypted
+ """
+ pad_length = (blocksize - len(text) % blocksize)
+- pad = os.urandom(pad_length - 1)
++ pad = "".join([random.choice([chr(i) for i in range(1,0xFF)])
++ for j in xrange(pad_length - 1)])
+ # We use chr(0) as a delimiter between text and padding
+ return text + chr(0) + pad
+
diff --git a/openstack-glance.spec b/openstack-glance.spec
index 1514dac..4005a5f 100644
--- a/openstack-glance.spec
+++ b/openstack-glance.spec
@@ -3,7 +3,7 @@
#
Name: openstack-glance
Version: 2012.2.3
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: OpenStack Image Service
Group: Applications/System
@@ -24,6 +24,7 @@ Patch0001: 0001-Don-t-access-the-net-while-building-docs.patch
# EPEL specific
Patch100: openstack-glance-newdeps.patch
Patch101: crypto.random.patch
+Patch102: Avoid-NULLs-in-crypto-padding.patch
BuildArch: noarch
BuildRequires: python2-devel
@@ -112,6 +113,7 @@ This package contains documentation files for glance.
%patch100 -p1
%patch101 -p1
+%patch102 -p1
# Remove bundled egg-info
rm -rf glance.egg-info
@@ -274,6 +276,9 @@ fi
%doc doc/build/html
%changelog
+* Mon May 13 2013 Pádraig Brady <P at draigBrady.com> 2012.2.3-2
+- Avoid issue with crypto compat patch (#906051)
+
* Fri Feb 01 2013 Pádraig Brady <P at draigBrady.com> 2012.2.3-1
- Update to stable release 2012.2.3
More information about the scm-commits
mailing list