[Yum-devel] [PATCH] Do basename checking of ssl cert. files.
James Antill
james at and.org
Mon Apr 11 17:23:24 UTC 2011
---
yum/__init__.py | 16 ++++++++++++++++
1 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/yum/__init__.py b/yum/__init__.py
index cf4d827..1b0e5ba 100644
--- a/yum/__init__.py
+++ b/yum/__init__.py
@@ -597,6 +597,22 @@ class YumBase(depsolve.Depsolve):
if doSetup:
+ if (hasattr(urlgrabber, 'grabber') and
+ hasattr(urlgrabber.grabber, 'pycurl')):
+ # Must do basename checking, on cert. files...
+ cert_basenames = {}
+ for repo in self._repos:
+ bn = os.path.basename(repo.sslclientcert)
+ if bn not in cert_basenames:
+ cert_basenames[bn] = repo
+ continue
+ if repo.sslclientcert == cert_basenames[bn].sslclientcert:
+ # Exactly the same path is fine too
+ continue
+
+ msg = 'sslclientcert basename shared between %s and %s'
+ raise Errors.ConfigError, msg % (repo, cert_basenames[bn])
+
repo_st = time.time()
self._repos.doSetup(thisrepo)
self.verbose_logger.debug('repo time: %0.3f' % (time.time() - repo_st))
--
1.7.3.4
More information about the Yum-devel
mailing list