~bzr-pqm/bzr/bzr.dev

« back to all changes in this revision

Viewing changes to bzrlib/transport/http/_urllib2_wrappers.py

  • Committer: Andrew Starr-Bochicchio
  • Date: 2013-05-20 16:38:11 UTC
  • mto: This revision was merged to the branch mainline in revision 6574.
  • Revision ID: a.starr.b@gmail.com-20130520163811-s93pur0yotqmapiu
Fix possible abuse of _urllib2_wrappers.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099).

Show diffs side-by-side

added added

removed removed

Lines of Context:
400
400
 
401
401
# These two methods were imported from Python 3.2's ssl module
402
402
 
403
 
def _dnsname_to_pat(dn):
 
403
def _dnsname_to_pat(dn, max_wildcards=1):
404
404
    pats = []
405
405
    for frag in dn.split(r'.'):
 
406
        if frag.count('*') > max_wildcards:
 
407
            # Python Issue #17980: avoid denials of service by refusing more
 
408
            # than one wildcard per fragment.  A survery of established
 
409
            # policy among SSL implementations showed it to be a
 
410
            # reasonable choice.
 
411
            raise ValueError(
 
412
                "too many wildcards in certificate DNS name: " + repr(dn))
406
413
        if frag == '*':
407
414
            # When '*' is a fragment by itself, it matches a non-empty dotless
408
415
            # fragment.