[rpms/python-awscrt] rawhide: Update to 0.34.1 upstream release

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

* [rpms/python-awscrt] rawhide: Update to 0.34.1 upstream release
@ 2026-06-11  7:10 Packit
  0 siblings, 0 replies; only message in thread
From: Packit @ 2026-06-11  7:10 UTC (permalink / raw)
  To: git-commits

            A new commit has been pushed.

            Repo   : rpms/python-awscrt
            Branch : rawhide
            Commit : 300afab3b73193a45d22c562a7bbb8135b1bddc8
            Author : Packit <hello@packit.dev>
            Date   : 2026-06-11T08:39:04+02:00
            Stats  : +22/-21 in 5 file(s)
            URL    : https://src.fedoraproject.org/rpms/python-awscrt/c/300afab3b73193a45d22c562a7bbb8135b1bddc8?branch=rawhide

            Log:
            Update to 0.34.1 upstream release

- Resolves: rhbz#2461740

Upstream tag: v0.34.1
Upstream commit: f78d829f

Commit authored by Packit automation (https://packit.dev/)

---
diff --git a/.gitignore b/.gitignore
index 10f28cd..77bb256 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,3 +30,4 @@
 /awscrt-0.27.2.tar.gz
 /awscrt-0.31.1.tar.gz
 /awscrt-0.32.1.tar.gz
+/awscrt-0.34.1.tar.gz

diff --git a/0001-Update-OpenSSL-accessors-and-const-qualifiers.patch b/0001-Update-OpenSSL-accessors-and-const-qualifiers.patch
index 79546be..25c87d8 100644
--- a/0001-Update-OpenSSL-accessors-and-const-qualifiers.patch
+++ b/0001-Update-OpenSSL-accessors-and-const-qualifiers.patch
@@ -1,6 +1,6 @@
-From 58a94d95bc277b999e838111bdbc2295245b6e91 Mon Sep 17 00:00:00 2001
+From 4b413c41f6f767d5b903f443ffbff9fe4df114af Mon Sep 17 00:00:00 2001
 From: Simo Sorce <simo@redhat.com>
-Date: Mon, 4 May 2026 15:37:32 -0400
+Date: Thu, 11 Jun 2026 08:29:11 +0200
 Subject: [PATCH] Update OpenSSL accessors and const qualifiers
 
 This replaces direct struct field accesses with standard OpenSSL accessor
@@ -18,7 +18,7 @@ Signed-off-by: Simo Sorce <simo@redhat.com>
  2 files changed, 17 insertions(+), 17 deletions(-)
 
 diff --git a/crt/s2n/crypto/s2n_certificate.c b/crt/s2n/crypto/s2n_certificate.c
-index 01afc8e..ea89d06 100644
+index b10375f..c3a2f81 100644
 --- a/crt/s2n/crypto/s2n_certificate.c
 +++ b/crt/s2n/crypto/s2n_certificate.c
 @@ -227,8 +227,8 @@ int s2n_cert_chain_and_key_load_sans(struct s2n_cert_chain_and_key *chain_and_ke
@@ -55,7 +55,7 @@ index 01afc8e..ea89d06 100644
          if (!asn1_str) {
              continue;
          }
-@@ -721,7 +721,7 @@ static int s2n_utf8_string_from_extension_data(const uint8_t *extension_data, ui
+@@ -722,7 +722,7 @@ static int s2n_utf8_string_from_extension_data(const uint8_t *extension_data, ui
          * Since this is an internal pointer it should not be freed or modified in any way.
          * Ref: https://www.openssl.org/docs/man1.0.2/man3/ASN1_STRING_data.html.
          */
@@ -64,7 +64,7 @@ index 01afc8e..ea89d06 100644
          POSIX_ENSURE_REF(internal_data);
          POSIX_CHECKED_MEMCPY(out_data, internal_data, len);
      }
-@@ -784,7 +784,7 @@ static int s2n_parse_x509_extension(struct s2n_cert *cert, const uint8_t *oid,
+@@ -785,7 +785,7 @@ static int s2n_parse_x509_extension(struct s2n_cert *cert, const uint8_t *oid,
      POSIX_ENSURE_REF(asn1_obj_in);
  
      for (size_t loc = 0; loc < ext_count; loc++) {
@@ -73,7 +73,7 @@ index 01afc8e..ea89d06 100644
          bool match_found = false;
  
          /* Retrieve the x509 extension at location loc.
-@@ -793,7 +793,7 @@ static int s2n_parse_x509_extension(struct s2n_cert *cert, const uint8_t *oid,
+@@ -794,7 +794,7 @@ static int s2n_parse_x509_extension(struct s2n_cert *cert, const uint8_t *oid,
           * The returned extension is an internal pointer which must not be freed up by the application.
           * Ref: https://www.openssl.org/docs/man1.1.0/man3/X509_get_ext.html.
           */
@@ -82,7 +82,7 @@ index 01afc8e..ea89d06 100644
          POSIX_ENSURE_REF(x509_ext);
  
          /* Retrieve the extension object/OID/extnId.
-@@ -801,7 +801,7 @@ static int s2n_parse_x509_extension(struct s2n_cert *cert, const uint8_t *oid,
+@@ -802,7 +802,7 @@ static int s2n_parse_x509_extension(struct s2n_cert *cert, const uint8_t *oid,
           * The returned pointer is an internal value which must not be freed up.
           * Ref: https://www.openssl.org/docs/man1.1.0/man3/X509_EXTENSION_get_object.html.
           */
@@ -91,7 +91,7 @@ index 01afc8e..ea89d06 100644
          POSIX_ENSURE_REF(asn1_obj);
  
          /* OBJ_cmp() compares two ASN1_OBJECT objects. If the two are identical 0 is returned.
-@@ -827,7 +827,7 @@ static int s2n_parse_x509_extension(struct s2n_cert *cert, const uint8_t *oid,
+@@ -829,7 +829,7 @@ static int s2n_parse_x509_extension(struct s2n_cert *cert, const uint8_t *oid,
                   * Since this is an internal pointer it should not be freed or modified in any way.
                   * Ref: https://www.openssl.org/docs/man1.0.2/man3/ASN1_STRING_data.html.
                   */
@@ -101,18 +101,18 @@ index 01afc8e..ea89d06 100644
                  POSIX_CHECKED_MEMCPY(ext_value, internal_data, len);
              }
 diff --git a/crt/s2n/tls/s2n_x509_validator.c b/crt/s2n/tls/s2n_x509_validator.c
-index 26d36bf..5c72d7b 100644
+index 771ca31..e3f4fa0 100644
 --- a/crt/s2n/tls/s2n_x509_validator.c
 +++ b/crt/s2n/tls/s2n_x509_validator.c
 @@ -1,6 +1,6 @@
  /*
   * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 - *
-+ * 
++
   * Licensed under the Apache License, Version 2.0 (the "License").
   * You may not use this file except in compliance with the License.
   * A copy of the License is located at
-@@ -221,7 +221,7 @@ static S2N_RESULT s2n_verify_host_information_san_entry(struct s2n_connection *c
+@@ -223,7 +223,7 @@ static S2N_RESULT s2n_verify_host_information_san_entry(struct s2n_connection *c
      if (current_name->type == GEN_DNS || current_name->type == GEN_URI) {
          *san_found = true;
  
@@ -121,7 +121,7 @@ index 26d36bf..5c72d7b 100644
          RESULT_ENSURE_REF(name);
          int name_len = ASN1_STRING_length(current_name->d.ia5);
          RESULT_ENSURE_GT(name_len, 0);
-@@ -235,9 +235,9 @@ static S2N_RESULT s2n_verify_host_information_san_entry(struct s2n_connection *c
+@@ -237,9 +237,9 @@ static S2N_RESULT s2n_verify_host_information_san_entry(struct s2n_connection *c
          *san_found = true;
  
          /* try to validate an IP address if it's in the subject alt name. */
@@ -133,7 +133,7 @@ index 26d36bf..5c72d7b 100644
          RESULT_ENSURE_GT(ip_addr_len, 0);
  
          RESULT_STACK_BLOB(address, INET6_ADDRSTRLEN + 1, INET6_ADDRSTRLEN + 1);
-@@ -302,7 +302,7 @@ static S2N_RESULT s2n_verify_host_information_common_name(struct s2n_connection
+@@ -304,7 +304,7 @@ static S2N_RESULT s2n_verify_host_information_common_name(struct s2n_connection
      RESULT_ENSURE_REF(public_cert);
      RESULT_ENSURE_REF(cn_found);
  
@@ -142,7 +142,7 @@ index 26d36bf..5c72d7b 100644
      RESULT_ENSURE(subject_name, S2N_ERR_CERT_UNTRUSTED);
  
      int curr_idx = -1;
-@@ -317,7 +317,7 @@ static S2N_RESULT s2n_verify_host_information_common_name(struct s2n_connection
+@@ -319,7 +319,7 @@ static S2N_RESULT s2n_verify_host_information_common_name(struct s2n_connection
  
      RESULT_ENSURE(curr_idx >= 0, S2N_ERR_CERT_UNTRUSTED);
  
@@ -151,15 +151,15 @@ index 26d36bf..5c72d7b 100644
      RESULT_ENSURE(common_name, S2N_ERR_CERT_UNTRUSTED);
  
      /* X520CommonName allows the following ANSI string types per RFC 5280 Appendix A.1 */
-@@ -336,7 +336,7 @@ static S2N_RESULT s2n_verify_host_information_common_name(struct s2n_connection
+@@ -338,7 +338,7 @@ static S2N_RESULT s2n_verify_host_information_common_name(struct s2n_connection
      RESULT_ENSURE_GT(cn_len, 0);
      uint32_t len = (uint32_t) cn_len;
      RESULT_ENSURE_LTE(len, s2n_array_len(peer_cn) - 1);
 -    RESULT_CHECKED_MEMCPY(peer_cn, ASN1_STRING_data(common_name), len);
 +    RESULT_CHECKED_MEMCPY(peer_cn, ASN1_STRING_get0_data(common_name), len);
-     RESULT_ENSURE(conn->verify_host_fn(peer_cn, len, conn->data_for_verify_host), S2N_ERR_CERT_INVALID_HOSTNAME);
  
-     return S2N_RESULT_OK;
+     /* According to https://www.rfc-editor.org/rfc/rfc6125#section-6.4.4,
+      * the CN fallback only applies to fully qualified DNS domain names.
 -- 
-2.53.0
+2.54.0
 

diff --git a/README.packit b/README.packit
index d0c48a2..4e76cbe 100644
--- a/README.packit
+++ b/README.packit
@@ -1,3 +1,3 @@
 This repository is maintained by packit.
 https://packit.dev/
-The file was generated using packit 1.15.3.post1.dev2+g62cfd4cc2.
+The file was generated using packit 1.16.0.post1.dev8+g8a0482385.

diff --git a/python-awscrt.spec b/python-awscrt.spec
index 73b9099..74ccc27 100644
--- a/python-awscrt.spec
+++ b/python-awscrt.spec
@@ -3,7 +3,7 @@ Python bindings for the AWS Common Runtime}
 
 
 Name:           python-awscrt
-Version:        0.32.1
+Version:        0.34.1
 Release:        %autorelease
 
 Summary:        Python bindings for the AWS Common Runtime

diff --git a/sources b/sources
index e0772b9..235d83d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (awscrt-0.32.1.tar.gz) = 8fdd98682ce4cf5541b7185f2558e0401c3f043c207037e5b6d75cc0761b64ed5aa4e6d3d3d1a5a528735779e7f857f8cf9be3dbb2b1e3b68e1390bc9b075f43
+SHA512 (awscrt-0.34.1.tar.gz) = 5ec932ca1b8af3a01d5c8bcbb995f3c264f03b986a42094c843d9477672ba6a8e9d97b975a9e5340bb2766c1ab8debd2a665636a2451e63125dea1c734d5dec4

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2026-06-11  7:10 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-11  7:10 [rpms/python-awscrt] rawhide: Update to 0.34.1 upstream release Packit

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox