mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-22 02:29:24 -05:00
881006b65c
* gnu/packages/patches/python-acme-dont-use-openssl-rand.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/tls.scm (python-acme)[source]: Use it.
28 lines
860 B
Diff
28 lines
860 B
Diff
Fix build with PyOpenSSL > 17.2.0.
|
|
|
|
See <https://github.com/certbot/certbot/issues/5111>.
|
|
|
|
Patch copied from upstream source repository:
|
|
https://github.com/certbot/certbot/commit/f6be07da74c664b57ac8c053585f919c79f9af44
|
|
|
|
diff --git a/acme/crypto_util.py b/acme/crypto_util.py
|
|
index de15284c03..b8fba03488 100644
|
|
--- a/acme/crypto_util.py
|
|
+++ b/acme/crypto_util.py
|
|
@@ -2,6 +2,7 @@
|
|
import binascii
|
|
import contextlib
|
|
import logging
|
|
+import os
|
|
import re
|
|
import socket
|
|
import sys
|
|
@@ -243,7 +244,7 @@ def gen_ss_cert(key, domains, not_before=None,
|
|
"""
|
|
assert domains, "Must provide one or more hostnames for the cert."
|
|
cert = OpenSSL.crypto.X509()
|
|
- cert.set_serial_number(int(binascii.hexlify(OpenSSL.rand.bytes(16)), 16))
|
|
+ cert.set_serial_number(int(binascii.hexlify(os.urandom(16)), 16))
|
|
cert.set_version(2)
|
|
|
|
extensions = [
|