7 files changed, 106 insertions, 8 deletions

diff --git a/cloudinit/distros/__init__.py b/cloudinit/distros/__init__.py
index 6b458d06..21efe8d9 100644
--- a/cloudinit/distros/__init__.py
+++ b/cloudinit/distros/__init__.py
@@ -83,7 +83,7 @@ class Distro(object):
         return arch
 
     def _get_arch_package_mirror_info(self, arch=None):
-        mirror_info = self.get_option("package_mirrors", None)
+        mirror_info = self.get_option("package_mirrors", [])
         if arch == None:
             arch = self.get_primary_arch()
         return _get_arch_package_mirror_info(mirror_info, arch)
@@ -93,7 +93,6 @@ class Distro(object):
         # this resolves the package_mirrors config option
         # down to a single dict of {mirror_name: mirror_url}
         arch_info = self._get_arch_package_mirror_info(arch)
-
         return _get_package_mirror_info(availability_zone=availability_zone,
                                         mirror_info=arch_info)
 
@@ -356,6 +355,8 @@ def _get_package_mirror_info(mirror_info, availability_zone=None,
     # given a arch specific 'mirror_info' entry (from package_mirrors)
     # search through the 'search' entries, and fallback appropriately
     # return a dict with only {name: mirror} entries.
+    if not mirror_info:
+        mirror_info = {}
 
     ec2_az_re = ("^[a-z][a-z]-(%s)-[1-9][0-9]*[a-z]$" %
         "north|northeast|east|southeast|south|southwest|west|northwest")
diff --git a/cloudinit/safeyaml.py b/cloudinit/safeyaml.py
new file mode 100644
index 00000000..eba5d056
--- /dev/null
+++ b/cloudinit/safeyaml.py
@@ -0,0 +1,32 @@
+# vi: ts=4 expandtab
+#
+#    Copyright (C) 2012 Canonical Ltd.
+#
+#    Author: Scott Moser <scott.moser@canonical.com>
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License version 3, as
+#    published by the Free Software Foundation.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import yaml
+
+
+class _CustomSafeLoader(yaml.SafeLoader):
+    def construct_python_unicode(self, node):
+        return self.construct_scalar(node)
+
+_CustomSafeLoader.add_constructor(
+    u'tag:yaml.org,2002:python/unicode',
+    _CustomSafeLoader.construct_python_unicode)
+
+
+def load(blob):
+    return(yaml.load(blob, Loader=_CustomSafeLoader))
diff --git a/cloudinit/sources/DataSourceMAAS.py b/cloudinit/sources/DataSourceMAAS.py
index 581e9a4b..c172150b 100644
--- a/cloudinit/sources/DataSourceMAAS.py
+++ b/cloudinit/sources/DataSourceMAAS.py
@@ -338,7 +338,7 @@ if __name__ == "__main__":
         if args.config:
             import yaml
             with open(args.config) as fp:
-                cfg = yaml.safe_load(fp)
+                cfg = util.load_yaml(fp.read())
             if 'datasource' in cfg:
                 cfg = cfg['datasource']['MAAS']
             for key in creds.keys():
diff --git a/cloudinit/util.py b/cloudinit/util.py
index 184b37a4..f5a7ac12 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -50,6 +50,7 @@ import yaml
 
 from cloudinit import importer
 from cloudinit import log as logging
+from cloudinit import safeyaml
 from cloudinit import url_helper as uhelp
 
 from cloudinit.settings import (CFG_BUILTIN)
@@ -642,7 +643,7 @@ def load_yaml(blob, default=None, allowed=(dict,)):
         LOG.debug(("Attempting to load yaml from string "
                  "of length %s with allowed root types %s"),
                  len(blob), allowed)
-        converted = yaml.safe_load(blob)
+        converted = safeyaml.load(blob)
         if not isinstance(converted, allowed):
             # Yes this will just be caught, but thats ok for now...
             raise TypeError(("Yaml load allows %s root types,"
diff --git a/packages/brpm b/packages/brpm
index 77de0cf2..1735f5bb 100755
--- a/packages/brpm
+++ b/packages/brpm
@@ -91,7 +91,7 @@ def format_change_line(ds, who, comment=None):
     return "* %s" % (d)
 
 
-def generate_spec_contents(args, tmpl_fn, arc_fn):
+def generate_spec_contents(args, tmpl_fn, top_dir, arc_fn):
 
     # Figure out the version and revno
     cmd = [util.abs_join(find_root(), 'tools', 'read-version')]
@@ -148,7 +148,9 @@ def generate_spec_contents(args, tmpl_fn, arc_fn):
     else:
         subs['systemd'] = False
 
+    subs['defines'] = ["_topdir %s" % (top_dir)]
     subs['init_sys'] = args.boot
+    subs['patches'] = [os.path.basename(p) for p in args.patches]
     return templater.render_from_file(tmpl_fn, params=subs)
 
 
@@ -164,6 +166,10 @@ def main():
                               " (default: %(default)s)"),
                         default=False,
                         action='store_true')
+    parser.add_argument("-p", "--patch", dest="patches",
+                        help=("include the following patch when building"),
+                        default=[],
+                        action='append')
     args = parser.parse_args()
     capture = True
     if args.verbose:
@@ -192,16 +198,17 @@ def main():
     # Form the spec file to be used
     tmpl_fn = util.abs_join(find_root(), 'packages',
                             'redhat', 'cloud-init.spec.in')
-    contents = generate_spec_contents(args, tmpl_fn,
+    contents = generate_spec_contents(args, tmpl_fn, root_dir,
                                       os.path.basename(archive_fn))
     spec_fn = util.abs_join(root_dir, 'cloud-init.spec')
     util.write_file(spec_fn, contents)
     print("Created spec file at %r" % (spec_fn))
+    for p in args.patches:
+        util.copy(p, util.abs_join(arc_dir, os.path.basename(p)))
 
     # Now build it!
     print("Running 'rpmbuild' in %r" % (root_dir))
-    cmd = ['rpmbuild', '--clean',
-           '-ba', spec_fn]
+    cmd = ['rpmbuild', '-ba', spec_fn]
     util.subp(cmd, capture=capture)
 
     # Copy the items built to our local dir
diff --git a/packages/redhat/cloud-init.spec.in b/packages/redhat/cloud-init.spec.in
index 35b27beb..12f0b144 100644
--- a/packages/redhat/cloud-init.spec.in
+++ b/packages/redhat/cloud-init.spec.in
@@ -5,6 +5,10 @@
 # Or: http://fedoraproject.org/wiki/Packaging:ScriptletSnippets
 # Or: http://www.rpm.org/max-rpm/ch-rpm-inside.html
 
+#for $d in $defines
+%define ${d}
+#end for
+
 Name:           cloud-init
 Version:        ${version}
 Release:        ${release}%{?dist}
@@ -36,6 +40,13 @@ Requires:       shadow-utils
 Requires:       ${r}
 #end for
 
+# Custom patches
+#set $size = 0
+#for $p in $patches
+Patch${size}: $p
+#set $size += 1
+#end for
+
 #if $sysvinit
 Requires(post):       chkconfig
 Requires(postun):     initscripts
@@ -58,6 +69,13 @@ ssh keys and to let the user run various scripts.
 %prep
 %setup -q -n %{name}-%{version}~${release}
 
+# Custom patches activation
+#set $size = 0
+#for $p in $patches
+%patch${size} -p1
+#set $size += 1
+#end for
+
 %build
 %{__python} setup.py build
 
diff --git a/tests/unittests/test_util.py b/tests/unittests/test_util.py
index 15fcbd26..96962b91 100644
--- a/tests/unittests/test_util.py
+++ b/tests/unittests/test_util.py
@@ -1,5 +1,6 @@
 import os
 import stat
+import yaml
 
 from mocker import MockerTestCase
 from unittest import TestCase
@@ -268,4 +269,42 @@ class TestGetCmdline(TestCase):
         os.environ['DEBUG_PROC_CMDLINE'] = 'abcd 123'
         self.assertEqual(os.environ['DEBUG_PROC_CMDLINE'], util.get_cmdline())
 
+
+class TestLoadYaml(TestCase):
+    mydefault = "7b03a8ebace993d806255121073fed52"
+
+    def test_simple(self):
+        mydata = {'1': "one", '2': "two"}
+        self.assertEqual(util.load_yaml(yaml.dump(mydata)), mydata)
+
+    def test_nonallowed_returns_default(self):
+        # for now, anything not in the allowed list just returns the default.
+        myyaml = yaml.dump({'1': "one"})
+        self.assertEqual(util.load_yaml(blob=myyaml,
+                                        default=self.mydefault,
+                                        allowed=(str,)),
+                         self.mydefault)
+
+    def test_bogus_returns_default(self):
+        badyaml = "1\n 2:"
+        self.assertEqual(util.load_yaml(blob=badyaml,
+                                        default=self.mydefault),
+                         self.mydefault)
+
+    def test_unsafe_types(self):
+        # should not load complex types
+        unsafe_yaml = yaml.dump((1, 2, 3,))
+        self.assertEqual(util.load_yaml(blob=unsafe_yaml,
+                                        default=self.mydefault),
+                         self.mydefault)
+
+    def test_python_unicode(self):
+        # complex type of python/unicde is explicitly allowed
+        myobj = {'1': unicode("FOOBAR")}
+        safe_yaml = yaml.dump(myobj)
+        self.assertEqual(util.load_yaml(blob=safe_yaml,
+                                        default=self.mydefault),
+                         myobj)
+
+
 # vi: ts=4 expandtab