mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-25 13:58:15 -05:00
gnu: python-pyopenssl: Update to 22.0.0.
* gnu/packages/python-crypto.scm (python-pyopenssl): Update to 22.0.0. [arguments]: Respect TESTS? in check phase and rewrite in gexp style. (python2-pyopenssl): Update to 21.0.0. [source](patches): New field. * gnu/packages/patches/python2-pyopenssl-openssl-compat.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly.
This commit is contained in:
parent
d94de62f1c
commit
6f22596b1c
3 changed files with 88 additions and 24 deletions
|
@ -1721,6 +1721,7 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/python-piexif-fix-tests-with-pillow-7.2.patch \
|
||||
%D%/packages/patches/python-pyfakefs-remove-bad-test.patch \
|
||||
%D%/packages/patches/python-pyflakes-test-location.patch \
|
||||
%D%/packages/patches/python2-pyopenssl-openssl-compat.patch \
|
||||
%D%/packages/patches/python-flint-includes.patch \
|
||||
%D%/packages/patches/python-libxml2-utf8.patch \
|
||||
%D%/packages/patches/python-magic-python-bytecode.patch \
|
||||
|
|
51
gnu/packages/patches/python2-pyopenssl-openssl-compat.patch
Normal file
51
gnu/packages/patches/python2-pyopenssl-openssl-compat.patch
Normal file
|
@ -0,0 +1,51 @@
|
|||
Adjust for OpenSSL 1.1.1:
|
||||
|
||||
https://github.com/pyca/pyopenssl/issues/1043
|
||||
|
||||
Taken from upstream:
|
||||
|
||||
https://github.com/pyca/pyopenssl/commit/cc5c00ae5fd3c19d07fff79b5c4a08f5e58697ad
|
||||
|
||||
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
|
||||
index 59f21cec..fcdee047 100644
|
||||
--- a/src/OpenSSL/SSL.py
|
||||
+++ b/src/OpenSSL/SSL.py
|
||||
@@ -1421,6 +1421,12 @@ def set_alpn_protos(self, protos):
|
||||
This list should be a Python list of bytestrings representing the
|
||||
protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
|
||||
"""
|
||||
+ # Different versions of OpenSSL are inconsistent about how they handle empty
|
||||
+ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
|
||||
+ # ourselves.
|
||||
+ if not protos:
|
||||
+ raise ValueError("at least one protocol must be specified")
|
||||
+
|
||||
# Take the list of protocols and join them together, prefixing them
|
||||
# with their lengths.
|
||||
protostr = b"".join(
|
||||
@@ -2449,6 +2455,12 @@ def set_alpn_protos(self, protos):
|
||||
This list should be a Python list of bytestrings representing the
|
||||
protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
|
||||
"""
|
||||
+ # Different versions of OpenSSL are inconsistent about how they handle empty
|
||||
+ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
|
||||
+ # ourselves.
|
||||
+ if not protos:
|
||||
+ raise ValueError("at least one protocol must be specified")
|
||||
+
|
||||
# Take the list of protocols and join them together, prefixing them
|
||||
# with their lengths.
|
||||
protostr = b"".join(
|
||||
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
|
||||
index ffc505d8..ca363b45 100644
|
||||
--- a/tests/test_ssl.py
|
||||
+++ b/tests/test_ssl.py
|
||||
@@ -1928,7 +1928,7 @@ def test_alpn_call_failure(self):
|
||||
protocols list. Ensure that we produce a user-visible error.
|
||||
"""
|
||||
context = Context(SSLv23_METHOD)
|
||||
- with pytest.raises(Error):
|
||||
+ with pytest.raises(ValueError):
|
||||
context.set_alpn_protos([])
|
||||
|
||||
def test_alpn_set_on_connection(self):
|
|
@ -663,37 +663,37 @@ (define-public python2-cryptography
|
|||
(define-public python-pyopenssl
|
||||
(package
|
||||
(name "python-pyopenssl")
|
||||
(version "20.0.1")
|
||||
(version "22.0.0")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "pyOpenSSL" version))
|
||||
(sha256
|
||||
(base32
|
||||
"0labcbh2g0jhgisd79wx9kixmi6fip28096d1xb05fj3jmsiq8sc"))))
|
||||
"1gzihw09sqi71lwx97c69hab7w4rbnl6hhfrl6za3i5a4la1n2v6"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
'(#:phases
|
||||
(modify-phases %standard-phases
|
||||
(delete 'check)
|
||||
(add-after 'install 'check
|
||||
(lambda* (#:key inputs outputs #:allow-other-keys)
|
||||
(add-installed-pythonpath inputs outputs)
|
||||
;; PyOpenSSL runs tests against a certificate with a fixed
|
||||
;; expiry time. To ensure successful builds in the future,
|
||||
;; set the time to roughly the release date.
|
||||
(invoke "faketime" "2021-05-01" "py.test" "-v" "-k"
|
||||
(string-append
|
||||
;; This test tries to look up certificates from
|
||||
;; the compiled-in default path in OpenSSL, which
|
||||
;; does not exist in the build environment.
|
||||
"not test_fallback_default_verify_paths "
|
||||
;; This test attempts to make a connection to
|
||||
;; an external web service.
|
||||
"and not test_set_default_verify_paths "
|
||||
;; Fails on i686-linux and possibly other 32-bit platforms
|
||||
;; https://github.com/pyca/pyopenssl/issues/974
|
||||
"and not test_verify_with_time")))))))
|
||||
(list
|
||||
#:phases
|
||||
#~(modify-phases %standard-phases
|
||||
(replace 'check
|
||||
(lambda* (#:key tests? #:allow-other-keys)
|
||||
(when tests?
|
||||
;; PyOpenSSL runs tests against a certificate with a fixed
|
||||
;; expiry time. To ensure successful builds in the future,
|
||||
;; set the time to roughly the release date.
|
||||
(invoke "faketime" "2022-02-01" "py.test" "-v" "-k"
|
||||
(string-append
|
||||
;; This test tries to look up certificates from
|
||||
;; the compiled-in default path in OpenSSL, which
|
||||
;; does not exist in the build environment.
|
||||
"not test_fallback_default_verify_paths "
|
||||
;; This test attempts to make a connection to
|
||||
;; an external web service.
|
||||
"and not test_set_default_verify_paths "
|
||||
;; Fails on i686-linux and possibly other 32-bit platforms
|
||||
;; https://github.com/pyca/pyopenssl/issues/974
|
||||
"and not test_verify_with_time"))))))))
|
||||
(propagated-inputs
|
||||
(list python-cryptography python-six))
|
||||
(inputs
|
||||
|
@ -705,10 +705,22 @@ (define-public python-pyopenssl
|
|||
(description
|
||||
"PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
|
||||
library.")
|
||||
(properties `((python2-variant . ,(delay python2-pyopenssl))))
|
||||
(license license:asl2.0)))
|
||||
|
||||
(define-public python2-pyopenssl
|
||||
(package-with-python2 python-pyopenssl))
|
||||
(let ((base (package-with-python2 (strip-python2-variant python-pyopenssl))))
|
||||
(package
|
||||
(inherit base)
|
||||
(version "21.0.0")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "pyOpenSSL" version))
|
||||
(patches (search-patches "python2-pyopenssl-openssl-compat.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"1cqcc20fwl521z3fxsc1c98gbnhb14q55vrvjfp6bn6h8rg8qbay")))))))
|
||||
|
||||
(define-public python-ed25519
|
||||
(package
|
||||
|
|
Loading…
Reference in a new issue