Hello community, here is the log from the commit of package python-boto for openSUSE:Factory checked in at 2014-03-12 19:08:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-boto (Old) and /work/SRC/openSUSE:Factory/.python-boto.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-boto" Changes: -------- --- /work/SRC/openSUSE:Factory/python-boto/python-boto-doc.changes 2014-02-12 11:09:54.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python-boto.new/python-boto-doc.changes 2014-03-12 19:09:01.000000000 +0100 @@ -1,0 +2,17 @@ +Tue Mar 4 13:11:20 UTC 2014 - [email protected] + +- add patch boto_useSystemCerts.patch updates the doc to explain new + "system" keyword in boto.cfg + +------------------------------------------------------------------- +Fri Feb 28 14:00:38 UTC 2014 - [email protected] + +- update to version 2.26.0 + + no upstream doc cahnges in changelog + +------------------------------------------------------------------- +Fri Feb 14 10:50:38 UTC 2014 - [email protected] + +- Include in SLE 12 (FATE #316168) + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/python-boto/python-boto.changes 2014-02-12 11:09:54.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python-boto.new/python-boto.changes 2014-03-12 19:09:01.000000000 +0100 @@ -1,0 +2,98 @@ +Tue Mar 4 13:08:30 UTC 2014 - [email protected] + +- add patch boto_useSystemCerts.patch to support use of system suuplied + certificates, patch accepted upstream https://github.com/boto/boto/pull/2139 +- add a boto.cfg file to set boto to use the distro certs + +------------------------------------------------------------------- +Fri Feb 28 14:00:38 UTC 2014 - [email protected] + +- update to version 2.26.0: + + Add support for Route53 API version 2013-04-01 (issue 2080, + commit 600dcd0) + + Add option to opt-in for EC2 SigV4 (issue 2074, commit 4d780bd) + + Add Autoscale feature to get all adjustment types (issue 2058, + issue 1538, commit b9c7e15) + + Add Route53 unit tests (issue 2066, commit e859576) + + Add a basic Route53 tutorial (issue 2060, commit f0ad46b) + + Add Autoscale associated public IP to launch configuration + (issue 2051, issue 2028, issue 2029, commit c58bda6) + + Add option to pass VPC zone identifiers as a Python list (issue 2047, + issue 1772, commit 07ef9e1) + + Add RDS call to get all log files (issue 2040, issue 1994, commit 925b8cb) + + Changed S3 get_bucket to use HEAD in place of GET. (issue 2078, + issue 2082, commit 016be83) + + Fix EMR’s describe_cluster_command. (issue 2034, commit 1c5621e) + + Tutorial small code fix (issue 2072, commit 38e7db1) + + Fix CloudFront string representation (issue 2069, commit 885c397) + + Route53 doc cleanup (issue 2059, commit d2fc38e) + + Fix MWS parsing of GetProductCategoriesForASIN response. (issue 2024, + commit 0af08ce) + + Fix SQS docs for get_queue_attributes (issue 2061, commit 1cdc326) + + Don’t insert a ‘?’ in URLs unless there is a query string (issue 2042, + issue 1943, commit c15ce60) + + Added support for MFA in STS AssumeRole. (commit 899810c) + + Fixed how DynamoDB v2 works with Global Secondary Indexes. (issue 2122, + commit f602c95) + + Add request hooks and request logger. (issue 2125, commit e8b20fe) + + Don’t pull the security token from the environment or config when a + caller supplies the access key and secret. (issue 2123, commit 4df1694) + + Read EvaluateTargetHealth from Route53 resource record set. (issue 2120, + commit 0a97158) + + Prevent implicit string decode in hmac-v4 handlers. (issue 2037, + issue 2033, commit 8e56a5f) + + Updated Datapipeline to include all current regions. (issue 2121, + commit dff5e3e) + + Bug fix for Google Storage generate_url authentication. (issue 2116, + issue 2108, commit 5a50932) + + Handle JSON error responses in BotoServerError. (issue 2113, + issue 2077, commit 221085e) + + Corrected a typo in SQS tutorial. (issue 2114, commit 7ed41f7) + + Add CloudFormation template capabilities support. (issue 2111, + issue 2075, commit 65a4323) + + Add SWF layer1_decisions to docs. (issue 2110, issue 2062, commit 6039cc9) + + Add support for request intervals in health checks. (issue 2109, + commit 660b01a) + + Added checks for invalid regions to the bin scripts (issue 2107, + commit bbb9f1e) + + Better error output for unknown region - (issue 2041, issue 1983, + commit cd63f92) + + Added certificate tests for CloudTrail. (issue 2106, commit a7e9b4c) + + Updated Kinesis endpoints. (commit 7bd4b6e) + + Finished implementation of RDS’s DescribeDBLogFiles. (issue 2084, + commit f3c706c) + + Added support for RDS log file downloading. (issue 2086, issue 1993, + commit 4c51841) + + Added some unit tests for CloudFront. (issue 2076, commit 6c46b1d) + + GS should ignore restore_headers as they are never set. (issue 2067, + commit f02aeb3) + + Update CloudFormation to support the latest API. (issue 2101, + commit ea1b1b6) + + Added Route53 health checks. (issue 2054, commit 9028f7d) + + Merge branch ‘rds2’ into develop Fixes #2097. (issue 2097, commit 6843c16) + + Fix Param class convert method (issue 2094, commit 5cd4598) + + Added support for Route53 aliasing. (issue 2096, commit df5fa40) + + Removed the dependence on example.com within the Route53 tests. + (issue 2098, commit 6ce9e0f) + + Fixed has_item support in DynamoDB v2. (issue 2090, commit aada5d3) + + Fix a little typo bug in the S3 tutorial. (issue 2088, commit c091d27) +- remove patch fixGoogleStorageSupport.diff, fix included + +------------------------------------------------------------------- +Thu Feb 27 17:13:46 UTC 2014 - [email protected] + +- add python-xml dependency + +------------------------------------------------------------------- +Thu Feb 20 22:13:44 UTC 2014 - [email protected] + +- add patch fixGoogleStorageSupport.diff + + addresses upstream issue 2105 by applying pull request 2112 + + this fixes the exception triggered by any gsutil command + +------------------------------------------------------------------- +Fri Feb 14 10:50:07 UTC 2014 - [email protected] + +- Include in SLE 12 (FATE #316168) + +------------------------------------------------------------------- Old: ---- boto-2.24.0.tar.gz New: ---- boto-2.26.0.tar.gz boto.cfg boto_useSystemCerts.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-boto-doc.spec ++++++ --- /var/tmp/diff_new_pack.oBx7oW/_old 2014-03-12 19:09:02.000000000 +0100 +++ /var/tmp/diff_new_pack.oBx7oW/_new 2014-03-12 19:09:02.000000000 +0100 @@ -17,7 +17,7 @@ Name: python-boto-doc -Version: 2.24.0 +Version: 2.26.0 Release: 0 Url: http://code.google.com/p/boto/ Summary: Amazon Web Services Library ++++++ python-boto.spec ++++++ --- /var/tmp/diff_new_pack.oBx7oW/_old 2014-03-12 19:09:02.000000000 +0100 +++ /var/tmp/diff_new_pack.oBx7oW/_new 2014-03-12 19:09:02.000000000 +0100 @@ -17,14 +17,17 @@ Name: python-boto -Version: 2.24.0 +Version: 2.26.0 Release: 0 Url: http://code.google.com/p/boto/ Summary: Amazon Web Services Library License: MIT Group: Development/Languages/Python Source: boto-%{version}.tar.gz +Source1: boto.cfg +Patch0: boto_useSystemCerts.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build +Requires: python-xml BuildRequires: fdupes BuildRequires: python-devel BuildRequires: python-setuptools @@ -48,6 +51,7 @@ %prep %setup -q -n boto-%{version} +%patch0 -p1 %build python setup.py build @@ -57,10 +61,13 @@ # Fix executable flag for Python scripts with shebang line chmod 0755 %{buildroot}%{python_sitelib}/boto/{services/bs,services/result,pyami/launch_ami}.py %fdupes %{buildroot}%{_prefix} +mkdir %{buildroot}%{_sysconfdir} +cp %{SOURCE1} %{buildroot}%{_sysconfdir} %files %defattr(-,root,root,-) -%doc README.rst +%doc README.rst LICENSE +%config %{_sysconfdir}/boto.cfg %{_bindir}/* %{python_sitelib}/* ++++++ boto-2.24.0.tar.gz -> boto-2.26.0.tar.gz ++++++ ++++ 10364 lines of diff (skipped) ++++++ boto.cfg ++++++ [Boto] ca_certificates_file = system ++++++ boto_useSystemCerts.patch ++++++ >From cf8b2f0f29c979b91d2606aa40b4bacceb11e8ad Mon Sep 17 00:00:00 2001 From: Robert Schweikert <[email protected]> Date: Mon, 3 Mar 2014 11:54:12 -0500 Subject: [PATCH] - Allow the use of system provided certificate setup that may be incorporated into the SSL library used on the specific system + At present we either use the default certificate bundle we ship with the boto source, or we force a user/integrator to create a bundle file of their own. Linux distributors build the way certificates are used and validated into their SSL implementation. This change allows integrators to use their way of certificate handling by setting the configuration to the new "system" keyword. --- boto/connection.py | 14 ++++++++++---- boto/https_connection.py | 8 ++++++-- docs/source/boto_config_tut.rst | 5 ++++- 3 files changed, 20 insertions(+), 7 deletions(-) diff --git a/boto/connection.py b/boto/connection.py index c40acf1..a178d1f 100644 --- a/boto/connection.py +++ b/boto/connection.py @@ -494,8 +494,11 @@ class AWSAuthConnection(object): "support this feature are not available. Certificate " "validation is only supported when running under Python " "2.6 or later.") - self.ca_certificates_file = config.get_value( + certs_file = config.get_value( 'Boto', 'ca_certificates_file', DEFAULT_CA_CERTS_FILE) + if certs_file == 'system': + certs_file = None + self.ca_certificates_file = certs_file if port: self.port = port else: @@ -821,9 +824,12 @@ class AWSAuthConnection(object): h = httplib.HTTPConnection(host) if self.https_validate_certificates and HAVE_HTTPS_CONNECTION: - boto.log.debug("wrapping ssl socket for proxied connection; " - "CA certificate file=%s", - self.ca_certificates_file) + msg = "wrapping ssl socket for proxied connection; " + if self.ca_certificates_file: + msg += "CA certificate file=%s" %self.ca_certificates_file + else: + msg += "using system provided SSL certs" + boto.log.debug(msg) key_file = self.http_connection_kwargs.get('key_file', None) cert_file = self.http_connection_kwargs.get('cert_file', None) sslSock = ssl.wrap_socket(sock, keyfile=key_file, diff --git a/boto/https_connection.py b/boto/https_connection.py index 4cbf518..1471195 100644 --- a/boto/https_connection.py +++ b/boto/https_connection.py @@ -109,8 +109,12 @@ class CertValidatingHTTPSConnection(httplib.HTTPConnection): if hasattr(self, "timeout") and self.timeout is not socket._GLOBAL_DEFAULT_TIMEOUT: sock.settimeout(self.timeout) sock.connect((self.host, self.port)) - boto.log.debug("wrapping ssl socket; CA certificate file=%s", - self.ca_certs) + msg = "wrapping ssl socket; " + if self.ca_certs: + msg += "CA certificate file=%s" %self.ca_certs + else: + msg += "using system provided SSL certs" + boto.log.debug(msg) self.sock = ssl.wrap_socket(sock, keyfile=self.key_file, certfile=self.cert_file, cert_reqs=ssl.CERT_REQUIRED, diff --git a/docs/source/boto_config_tut.rst b/docs/source/boto_config_tut.rst index bdfc489..3e8fec2 100644 --- a/docs/source/boto_config_tut.rst +++ b/docs/source/boto_config_tut.rst @@ -147,7 +147,10 @@ For example:: :is_secure: Is the connection over SSL. This setting will overide passed in values. :https_validate_certificates: Validate HTTPS certificates. This is on by default -:ca_certificates_file: Location of CA certificates +:ca_certificates_file: Location of CA certificates or the keyword "system". + Using the system keyword lets boto get out of the way and makes the + SSL certificate validation the responsibility the underlying SSL + implementation provided by the system. :http_socket_timeout: Timeout used to overwrite the system default socket timeout for httplib . :send_crlf_after_proxy_auth_headers: Change line ending behaviour with proxies. -- 1.8.4.5 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
