gnu: python-pyopenssl: Update to 23.1.1.

* gnu/packages/python-crypto.scm (python-pyopenssl): Update to 23.1.1. [source]: Remove patches. [arguments]: Update faketime date in check phase. Normalize pytest invocation in check phase override. [propagated-inputs]: Remove python-six.
2023-04-01 23:36:02 -04:00 · 2023-04-01 23:36:02 -04:00 · 367fce7a2f
parent 5ec5e560ad
commit 367fce7a2f
3 changed files with 8 additions and 66 deletions
--- a/gnu/local.mk
+++ b/gnu/local.mk
@ -1755,7 +1755,6 @@ dist_patch_DATA =						\
  %D%/packages/patches/python-pillow-CVE-2022-45199.patch	\
  %D%/packages/patches/python-pyfakefs-remove-bad-test.patch	\
  %D%/packages/patches/python-pyflakes-test-location.patch	\
-  %D%/packages/patches/python2-pyopenssl-openssl-compat.patch	\
  %D%/packages/patches/python-flint-includes.patch		\
  %D%/packages/patches/python-libxml2-utf8.patch		\
  %D%/packages/patches/python-magic-python-bytecode.patch	\
--- a/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch
+++ b/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch
@ -1,51 +0,0 @@
-Adjust for OpenSSL 1.1.1:
-
-  https://github.com/pyca/pyopenssl/issues/1043
-
-Taken from upstream:
-
-  https://github.com/pyca/pyopenssl/commit/cc5c00ae5fd3c19d07fff79b5c4a08f5e58697ad
-
-diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
-index 59f21cec..fcdee047 100644
--- a/src/OpenSSL/SSL.py
-+++ b/src/OpenSSL/SSL.py
-@@ -1421,6 +1421,12 @@ def set_alpn_protos(self, protos):
-             This list should be a Python list of bytestrings representing the
-             protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
-         """
-+        # Different versions of OpenSSL are inconsistent about how they handle empty
-+        # proto lists (see #1043), so we avoid the problem entirely by rejecting them
-+        # ourselves.
-+        if not protos:
-+            raise ValueError("at least one protocol must be specified")
-+
-         # Take the list of protocols and join them together, prefixing them
-         # with their lengths.
-         protostr = b"".join(
-@@ -2449,6 +2455,12 @@ def set_alpn_protos(self, protos):
-             This list should be a Python list of bytestrings representing the
-             protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
-         """
-+        # Different versions of OpenSSL are inconsistent about how they handle empty
-+        # proto lists (see #1043), so we avoid the problem entirely by rejecting them
-+        # ourselves.
-+        if not protos:
-+            raise ValueError("at least one protocol must be specified")
-+
-         # Take the list of protocols and join them together, prefixing them
-         # with their lengths.
-         protostr = b"".join(
-diff --git a/tests/test_ssl.py b/tests/test_ssl.py
-index ffc505d8..ca363b45 100644
--- a/tests/test_ssl.py
-+++ b/tests/test_ssl.py
-@@ -1928,7 +1928,7 @@ def test_alpn_call_failure(self):
-         protocols list. Ensure that we produce a user-visible error.
-         """
-         context = Context(SSLv23_METHOD)
-        with pytest.raises(Error):
-+        with pytest.raises(ValueError):
-             context.set_alpn_protos([])
- 
-     def test_alpn_set_on_connection(self):
--- a/gnu/packages/python-crypto.scm
+++ b/gnu/packages/python-crypto.scm
@ -654,19 +654,17 @@ ciphers, message digests and key derivation functions.")
    (propagated-inputs '())
    (synopsis "Core implementation of the Cryptography Python library")))

-;; This is the last version which is compatable with python-cryptography < 35.
 (define-public python-pyopenssl
  (package
    (name "python-pyopenssl")
-    (version "21.0.0")
+    (version "23.1.1")
    (source
     (origin
       (method url-fetch)
       (uri (pypi-uri "pyOpenSSL" version))
       (sha256
        (base32
-         "1cqcc20fwl521z3fxsc1c98gbnhb14q55vrvjfp6bn6h8rg8qbay"))
-       (patches (search-patches "python2-pyopenssl-openssl-compat.patch"))))
+         "1dxhip610zw1j2bz35g1w1h7vh374g0bnzn4nsqj65n6pswrh544"))))
    (build-system python-build-system)
    (arguments
     (list
@ -678,7 +676,7 @@ ciphers, message digests and key derivation functions.")
                ;; PyOpenSSL runs tests against a certificate with a fixed
                ;; expiry time.  To ensure successful builds in the future,
                ;; set the time to roughly the release date.
-                (invoke "faketime" "2022-02-01" "py.test" "-v" "-k"
+                (invoke "faketime" "2023-03-25" "pytest" "-vv" "-k"
                        (string-append
                         ;; This test tries to look up certificates from
                         ;; the compiled-in default path in OpenSSL, which
@ -690,17 +688,13 @@ ciphers, message digests and key derivation functions.")
                         ;; Fails on i686-linux and possibly other 32-bit platforms
                         ;; https://github.com/pyca/pyopenssl/issues/974
                         "and not test_verify_with_time"))))))))
-    (propagated-inputs
-     (list python-cryptography python-six))
-    (inputs
-     (list openssl))
-    (native-inputs
-     (list libfaketime python-flaky python-pretend python-pytest))
+    (propagated-inputs (list python-cryptography))
+    (inputs (list openssl))
+    (native-inputs (list libfaketime python-flaky python-pretend python-pytest))
    (home-page "https://github.com/pyca/pyopenssl")
    (synopsis "Python wrapper module around the OpenSSL library")
-    (description
-      "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
-library.")
+    (description "PyOpenSSL is a high-level wrapper around a subset of the
+OpenSSL library.")
    (license license:asl2.0)))

 (define-public python-ed25519