Message255265
The latest ssl.py file tries to validate hostnames vs certificates but includes a faulty regexp which causes any wildcard domains (e.g. *.s3.amazonaws.com) to fail validation.
Steps to Reproduce:
>>> import ssl
>>> ssl._dnsname_match("*.s3.amazonaws.com", "planet.sofiavalley.com.s3.amazonaws.com")
>>>
From Python's documentation:
[]
Used to indicate a set of characters. In a set:
...
Special characters lose their special meaning inside sets. For example, [(+*)] will match any of the literal characters '(', '+', '*', or ')'.
^^^^^^^^^ this is the cause of the error
I've found this after an upgrade to RHEL 7.2 which contains the faulty code broke s3cmd for me. The result - one of my sites was outdated for a couple of days.
For more info and proposed patch see:
https://bugzilla.redhat.com/show_bug.cgi?id=1284916
https://bugzilla.redhat.com/show_bug.cgi?id=1284930
Note: As far as I can tell this affects upstream Python 2.7.10 and 3.5.0, however in the packages Red Hat distributes the code is different between 2 and 3 while upstream is more consistent. |
|
Date |
User |
Action |
Args |
2015-11-24 13:37:38 | Alexander Todorov | set | recipients:
+ Alexander Todorov |
2015-11-24 13:37:38 | Alexander Todorov | set | messageid: <1448372258.01.0.348498754399.issue25722@psf.upfronthosting.co.za> |
2015-11-24 13:37:37 | Alexander Todorov | link | issue25722 messages |
2015-11-24 13:37:37 | Alexander Todorov | create | |
|