[pywbem] work around M2Crypto's inability to handle unicode

Michal Minar miminar at fedoraproject.org
Mon Dec 30 20:30:31 UTC 2013 

commit 5675d620efe9a1e63417aee61628bf7f383b09f4
Author: Michal Minar <miminar at redhat.com>
Date:   Fri Dec 27 18:45:35 2013 +0100

    work around M2Crypto's inability to handle unicode

 pywbem-20131121-ssl_verify_host.patch |   35 +++++++++++++++++++++++++++-----
 pywbem.spec                           |    5 +++-
 2 files changed, 33 insertions(+), 7 deletions(-)
---
diff --git a/pywbem-20131121-ssl_verify_host.patch b/pywbem-20131121-ssl_verify_host.patch
index 5ed1664..985eb9e 100644
--- a/pywbem-20131121-ssl_verify_host.patch
+++ b/pywbem-20131121-ssl_verify_host.patch
@@ -38,7 +38,7 @@ Index: pywbem-20131121/cim_http.py
      """Send XML data over HTTP to the specified url. Return the
      response in XML.  Uses Python's build-in httplib.  x509 may be a
      dictionary containing the location of the SSL certificate and key
-@@ -105,10 +124,35 @@ def wbem_request(url, data, creds, heade
+@@ -105,10 +124,47 @@ def wbem_request(url, data, creds, heade
      
      class HTTPSConnection(HTTPBaseConnection, httplib.HTTPSConnection):
          def __init__(self, host, port=None, key_file=None, cert_file=None, 
@@ -52,7 +52,7 @@ Index: pywbem-20131121/cim_http.py
 +
 +        def connect(self):
 +            "Connect to a host on a given (SSL) port."
-+            sock = socket.create_connection((self.host, self.port),
++            self.sock = socket.create_connection((self.host, self.port),
 +                                            self.timeout, self.source_address)
 +            if self._tunnel_host:
 +                self.sock = sock
@@ -68,15 +68,27 @@ Index: pywbem-20131121/cim_http.py
 +                else:
 +                    ctx.load_verify_locations(cafile=self.ca_certs)
 +            try:
-+                self.sock = SSL.Connection(ctx)
-+                self.sock.connect((self.host, self.port))
++                self.sock = SSL.Connection(ctx, self.sock)
++                # Below is a body of SSL.Connection.connect() method
++                # except for the first line (socket connection). We want to preserve
++                # tunneling ability.
++                self.sock.addr = (self.host, self.port)
++                self.sock.setup_ssl()
++                self.sock.set_connect_state()
++                ret = self.sock.connect_ssl()
++                check = getattr(self.sock, 'postConnectionCheck',
++                         self.sock.clientPostConnectionCheck)
++                if check is not None:
++                    if not check(self.sock.get_peer_cert(), self.host):
++                        raise Error('SSL error: post connection check failed')
++                return ret
 +            except (Err.SSLError, SSL.SSLError, SSL.SSLTimeoutError), arg:
 +                raise Error("SSL error: %s" % arg)
 +
      class FileHTTPConnection(HTTPBaseConnection, httplib.HTTPConnection):
          def __init__(self, uds_path):
              httplib.HTTPConnection.__init__(self, 'localhost')
-@@ -117,53 +161,14 @@ def wbem_request(url, data, creds, heade
+@@ -117,64 +173,36 @@ def wbem_request(url, data, creds, heade
              self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
              self.sock.connect(self.uds_path)
  
@@ -134,8 +146,10 @@ Index: pywbem-20131121/cim_http.py
  
      numTries = 0
      localAuthHeader = None
-@@ -171,10 +176,19 @@ def wbem_request(url, data, creds, heade
+     tryLimit = 5
  
++    if isinstance(data, unicode):
++        data = data.encode('utf-8')
      data = '<?xml version="1.0" encoding="utf-8" ?>\n' + data
  
 +    if not no_verification and ca_certs is None:
@@ -157,6 +171,15 @@ Index: pywbem-20131121/cim_http.py
      else:
          if url.startswith('http'):
              h = HTTPConnection(host, port = port)
+@@ -216,6 +244,8 @@ def wbem_request(url, data, creds, heade
+             h.putheader('PegasusAuthorization', 'Local "%s"' % locallogin)
+ 
+         for hdr in headers:
++            if isinstance(hdr, unicode):
++                hdr = hdr.encode('utf-8')
+             s = map(lambda x: string.strip(x), string.split(hdr, ":", 1))
+             h.putheader(urllib.quote(s[0]), urllib.quote(s[1]))
+ 
 Index: pywbem-20131121/cim_operations.py
 ===================================================================
 --- pywbem-20131121.orig/cim_operations.py
diff --git a/pywbem.spec b/pywbem.spec
index 9e2d7cd..d2fc22c 100644
--- a/pywbem.spec
+++ b/pywbem.spec
@@ -4,7 +4,7 @@
 
 Name:           pywbem 
 Version:        0.7.0
-Release:        21.%{revdate}svn%{svnrev}%{?dist}
+Release:        22.%{revdate}svn%{svnrev}%{?dist}
 Summary:        Python WBEM Client and Provider Interface
 Group:          Development/Libraries
 License:        LGPLv2
@@ -84,6 +84,9 @@ rm -rf %{buildroot}
 %{python_sitelib}/pywbem/twisted_client.py*
 
 %changelog
+* Fri Dec 27 2013 Michal Minar <miminar at redhat.com> 0.7.0-22.20131121svn656
+- Work around M2Crypto's inability to handle unicode strings.
+
 * Wed Dec 18 2013 Michal Minar <miminar at redhat.com> 0.7.0-21.20131121svn656
 - Adjusted default certificates paths searched for cert validation.

More information about the scm-commits mailing list