gnu: python-pyopenssl: Update to 23.1.1.
* gnu/packages/python-crypto.scm (python-pyopenssl): Update to 23.1.1. [source]: Remove patches. [arguments]: Update faketime date in check phase. Normalize pytest invocation in check phase override. [propagated-inputs]: Remove python-six.master
parent
5ec5e560ad
commit
367fce7a2f
|
@ -1755,7 +1755,6 @@ dist_patch_DATA = \
|
||||||
%D%/packages/patches/python-pillow-CVE-2022-45199.patch \
|
%D%/packages/patches/python-pillow-CVE-2022-45199.patch \
|
||||||
%D%/packages/patches/python-pyfakefs-remove-bad-test.patch \
|
%D%/packages/patches/python-pyfakefs-remove-bad-test.patch \
|
||||||
%D%/packages/patches/python-pyflakes-test-location.patch \
|
%D%/packages/patches/python-pyflakes-test-location.patch \
|
||||||
%D%/packages/patches/python2-pyopenssl-openssl-compat.patch \
|
|
||||||
%D%/packages/patches/python-flint-includes.patch \
|
%D%/packages/patches/python-flint-includes.patch \
|
||||||
%D%/packages/patches/python-libxml2-utf8.patch \
|
%D%/packages/patches/python-libxml2-utf8.patch \
|
||||||
%D%/packages/patches/python-magic-python-bytecode.patch \
|
%D%/packages/patches/python-magic-python-bytecode.patch \
|
||||||
|
|
|
@ -1,51 +0,0 @@
|
||||||
Adjust for OpenSSL 1.1.1:
|
|
||||||
|
|
||||||
https://github.com/pyca/pyopenssl/issues/1043
|
|
||||||
|
|
||||||
Taken from upstream:
|
|
||||||
|
|
||||||
https://github.com/pyca/pyopenssl/commit/cc5c00ae5fd3c19d07fff79b5c4a08f5e58697ad
|
|
||||||
|
|
||||||
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
|
|
||||||
index 59f21cec..fcdee047 100644
|
|
||||||
--- a/src/OpenSSL/SSL.py
|
|
||||||
+++ b/src/OpenSSL/SSL.py
|
|
||||||
@@ -1421,6 +1421,12 @@ def set_alpn_protos(self, protos):
|
|
||||||
This list should be a Python list of bytestrings representing the
|
|
||||||
protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
|
|
||||||
"""
|
|
||||||
+ # Different versions of OpenSSL are inconsistent about how they handle empty
|
|
||||||
+ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
|
|
||||||
+ # ourselves.
|
|
||||||
+ if not protos:
|
|
||||||
+ raise ValueError("at least one protocol must be specified")
|
|
||||||
+
|
|
||||||
# Take the list of protocols and join them together, prefixing them
|
|
||||||
# with their lengths.
|
|
||||||
protostr = b"".join(
|
|
||||||
@@ -2449,6 +2455,12 @@ def set_alpn_protos(self, protos):
|
|
||||||
This list should be a Python list of bytestrings representing the
|
|
||||||
protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
|
|
||||||
"""
|
|
||||||
+ # Different versions of OpenSSL are inconsistent about how they handle empty
|
|
||||||
+ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
|
|
||||||
+ # ourselves.
|
|
||||||
+ if not protos:
|
|
||||||
+ raise ValueError("at least one protocol must be specified")
|
|
||||||
+
|
|
||||||
# Take the list of protocols and join them together, prefixing them
|
|
||||||
# with their lengths.
|
|
||||||
protostr = b"".join(
|
|
||||||
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
|
|
||||||
index ffc505d8..ca363b45 100644
|
|
||||||
--- a/tests/test_ssl.py
|
|
||||||
+++ b/tests/test_ssl.py
|
|
||||||
@@ -1928,7 +1928,7 @@ def test_alpn_call_failure(self):
|
|
||||||
protocols list. Ensure that we produce a user-visible error.
|
|
||||||
"""
|
|
||||||
context = Context(SSLv23_METHOD)
|
|
||||||
- with pytest.raises(Error):
|
|
||||||
+ with pytest.raises(ValueError):
|
|
||||||
context.set_alpn_protos([])
|
|
||||||
|
|
||||||
def test_alpn_set_on_connection(self):
|
|
|
@ -654,19 +654,17 @@ ciphers, message digests and key derivation functions.")
|
||||||
(propagated-inputs '())
|
(propagated-inputs '())
|
||||||
(synopsis "Core implementation of the Cryptography Python library")))
|
(synopsis "Core implementation of the Cryptography Python library")))
|
||||||
|
|
||||||
;; This is the last version which is compatable with python-cryptography < 35.
|
|
||||||
(define-public python-pyopenssl
|
(define-public python-pyopenssl
|
||||||
(package
|
(package
|
||||||
(name "python-pyopenssl")
|
(name "python-pyopenssl")
|
||||||
(version "21.0.0")
|
(version "23.1.1")
|
||||||
(source
|
(source
|
||||||
(origin
|
(origin
|
||||||
(method url-fetch)
|
(method url-fetch)
|
||||||
(uri (pypi-uri "pyOpenSSL" version))
|
(uri (pypi-uri "pyOpenSSL" version))
|
||||||
(sha256
|
(sha256
|
||||||
(base32
|
(base32
|
||||||
"1cqcc20fwl521z3fxsc1c98gbnhb14q55vrvjfp6bn6h8rg8qbay"))
|
"1dxhip610zw1j2bz35g1w1h7vh374g0bnzn4nsqj65n6pswrh544"))))
|
||||||
(patches (search-patches "python2-pyopenssl-openssl-compat.patch"))))
|
|
||||||
(build-system python-build-system)
|
(build-system python-build-system)
|
||||||
(arguments
|
(arguments
|
||||||
(list
|
(list
|
||||||
|
@ -678,7 +676,7 @@ ciphers, message digests and key derivation functions.")
|
||||||
;; PyOpenSSL runs tests against a certificate with a fixed
|
;; PyOpenSSL runs tests against a certificate with a fixed
|
||||||
;; expiry time. To ensure successful builds in the future,
|
;; expiry time. To ensure successful builds in the future,
|
||||||
;; set the time to roughly the release date.
|
;; set the time to roughly the release date.
|
||||||
(invoke "faketime" "2022-02-01" "py.test" "-v" "-k"
|
(invoke "faketime" "2023-03-25" "pytest" "-vv" "-k"
|
||||||
(string-append
|
(string-append
|
||||||
;; This test tries to look up certificates from
|
;; This test tries to look up certificates from
|
||||||
;; the compiled-in default path in OpenSSL, which
|
;; the compiled-in default path in OpenSSL, which
|
||||||
|
@ -690,17 +688,13 @@ ciphers, message digests and key derivation functions.")
|
||||||
;; Fails on i686-linux and possibly other 32-bit platforms
|
;; Fails on i686-linux and possibly other 32-bit platforms
|
||||||
;; https://github.com/pyca/pyopenssl/issues/974
|
;; https://github.com/pyca/pyopenssl/issues/974
|
||||||
"and not test_verify_with_time"))))))))
|
"and not test_verify_with_time"))))))))
|
||||||
(propagated-inputs
|
(propagated-inputs (list python-cryptography))
|
||||||
(list python-cryptography python-six))
|
(inputs (list openssl))
|
||||||
(inputs
|
(native-inputs (list libfaketime python-flaky python-pretend python-pytest))
|
||||||
(list openssl))
|
|
||||||
(native-inputs
|
|
||||||
(list libfaketime python-flaky python-pretend python-pytest))
|
|
||||||
(home-page "https://github.com/pyca/pyopenssl")
|
(home-page "https://github.com/pyca/pyopenssl")
|
||||||
(synopsis "Python wrapper module around the OpenSSL library")
|
(synopsis "Python wrapper module around the OpenSSL library")
|
||||||
(description
|
(description "PyOpenSSL is a high-level wrapper around a subset of the
|
||||||
"PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
|
OpenSSL library.")
|
||||||
library.")
|
|
||||||
(license license:asl2.0)))
|
(license license:asl2.0)))
|
||||||
|
|
||||||
(define-public python-ed25519
|
(define-public python-ed25519
|
||||||
|
|
Reference in New Issue