D4701.id11666.diff
No OneTemporary
Actions

Size

7 KB

Referenced Files

None

Subscribers

None

D4701.id11666.diff
View Options

	Index: lang/python32/Makefile
	===================================================================
	--- lang/python32/Makefile
	+++ lang/python32/Makefile
	@@ -12,6 +12,9 @@

	LICENSE= PSFL

	+DEPRECATED= No longer receives bug fixes, only security updates. Please update to Python 3.5
	+EXPIRATION_DATE= 2016-02-01
	+
	USES= cpe ncurses pkgconfig readline tar:xz
	USE_OPENSSL= yes
	USE_LDCONFIG= yes
	Index: lang/python32/files/patch-PR195513
	===================================================================
	--- /dev/null
	+++ lang/python32/files/patch-PR195513
	@@ -0,0 +1,174 @@
	+--- Lib/ssl.py.orig 2014-10-12 08:52:02.000000000 +0200
	++++ Lib/ssl.py 2015-12-23 11:29:24.243085919 +0100
	+@@ -63,7 +63,16 @@ from _ssl import OPENSSL_VERSION_NUMBER,
	+ from _ssl import _SSLContext, SSLError
	+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
	+ from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
	+-from _ssl import RAND_status, RAND_egd, RAND_add
	++### Fix build with LibreSSL (does not have RAND_egd)
	++### PR195513, http://bugs.python.org/issue21356
	++from _ssl import RAND_status, RAND_add
	++try:
	++ from _ssl import RAND_egd
	++except ImportError:
	++ # LibreSSL does not provide RAND_egd
	++ pass
	++### End PR195513
	++
	+ from _ssl import (
	+ SSL_ERROR_ZERO_RETURN,
	+ SSL_ERROR_WANT_READ,
	+@@ -76,13 +85,12 @@ from _ssl import (
	+ SSL_ERROR_INVALID_ERROR_CODE,
	+ )
	+ from _ssl import HAS_SNI
	+-from _ssl import PROTOCOL_SSLv3, PROTOCOL_SSLv23, PROTOCOL_TLSv1
	++from _ssl import PROTOCOL_SSLv23, PROTOCOL_TLSv1
	+ from _ssl import _OPENSSL_API_VERSION
	+
	+ _PROTOCOL_NAMES = {
	+ PROTOCOL_TLSv1: "TLSv1",
	+ PROTOCOL_SSLv23: "SSLv23",
	+- PROTOCOL_SSLv3: "SSLv3",
	+ }
	+ try:
	+ from _ssl import PROTOCOL_SSLv2
	+@@ -91,6 +99,13 @@ except ImportError:
	+ _SSLv2_IF_EXISTS = None
	+ else:
	+ _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
	++try:
	++ from _ssl import PROTOCOL_SSLv3
	++ _SSLv3_IF_EXISTS = PROTOCOL_SSLv3
	++except ImportError:
	++ _SSLv3_IF_EXISTS = None
	++else:
	++ _PROTOCOL_NAMES[PROTOCOL_SSLv3] = "SSLv3"
	+
	+ from socket import getnameinfo as _getnameinfo
	+ from socket import error as socket_error
	+@@ -557,7 +572,7 @@ def PEM_cert_to_DER_cert(pem_cert_string
	+ d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
	+ return base64.decodebytes(d.encode('ASCII', 'strict'))
	+
	+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
	++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
	+ """Retrieve the certificate from the server at the specified address,
	+ and return it as a PEM-encoded string.
	+ If 'ca_certs' is specified, validate the server cert against it.
	+--- Lib/test/test_ssl.py.orig 2014-10-12 08:52:03.000000000 +0200
	++++ Lib/test/test_ssl.py 2015-12-23 11:29:24.245086385 +0100
	+@@ -21,11 +21,12 @@ import functools
	+ ssl = support.import_module("ssl")
	+
	+ PROTOCOLS = [
	+- ssl.PROTOCOL_SSLv3,
	+ ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1
	+ ]
	+ if hasattr(ssl, 'PROTOCOL_SSLv2'):
	+ PROTOCOLS.append(ssl.PROTOCOL_SSLv2)
	++if hasattr(ssl, 'PROTOCOL_SSLv3'):
	++ PROTOCOLS.append(ssl.PROTOCOL_SSLv3)
	+
	+ HOST = support.HOST
	+
	+@@ -104,8 +105,12 @@ class BasicSocketTests(unittest.TestCase
	+ sys.stdout.write("\n RAND_status is %d (%s)\n"
	+ % (v, (v and "sufficient randomness") or
	+ "insufficient randomness"))
	+- self.assertRaises(TypeError, ssl.RAND_egd, 1)
	+- self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
	++### Fix build with LibreSSL (does not have RAND_egd)
	++### PR195513, http://bugs.python.org/issue21356
	++ if hasattr(ssl, 'RAND_egd'):
	++ self.assertRaises(TypeError, ssl.RAND_egd, 1)
	++ self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
	++### End PR195513
	+ ssl.RAND_add("this is a random string", 75.0)
	+
	+ def test_parse_cert(self):
	+@@ -380,7 +385,8 @@ class ContextTests(unittest.TestCase):
	+ if hasattr(ssl, 'PROTOCOL_SSLv2'):
	+ ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv2)
	+ ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
	+- ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv3)
	++ if hasattr(ssl, 'PROTOCOL_SSLv3'):
	++ ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv3)
	+ ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
	+ self.assertRaises(TypeError, ssl.SSLContext)
	+ self.assertRaises(ValueError, ssl.SSLContext, -1)
	+@@ -1372,6 +1378,7 @@ else:
	+
	+
	+ @skip_if_broken_ubuntu_ssl
	++ @unittest.skipUnless(hasattr(ssl, 'PROTOCOL_SSLv3'), "need SSLv3")
	+ def test_protocol_sslv3(self):
	+ """Connecting to an SSLv3 server with various client options"""
	+ if support.verbose:
	+--- Modules/_ssl.c.orig 2014-10-12 08:52:03.000000000 +0200
	++++ Modules/_ssl.c 2015-12-23 11:29:24.242085898 +0100
	+@@ -66,7 +66,9 @@ enum py_ssl_version {
	+ #ifndef OPENSSL_NO_SSL2
	+ PY_SSL_VERSION_SSL2,
	+ #endif
	+- PY_SSL_VERSION_SSL3=1,
	++#ifndef OPENSSL_NO_SSL3
	++ PY_SSL_VERSION_SSL3,
	++#endif
	+ PY_SSL_VERSION_SSL23,
	+ PY_SSL_VERSION_TLS1
	+ };
	+@@ -1512,8 +1514,10 @@ context_new(PyTypeObject *type, PyObject
	+ PySSL_BEGIN_ALLOW_THREADS
	+ if (proto_version == PY_SSL_VERSION_TLS1)
	+ ctx = SSL_CTX_new(TLSv1_method());
	++#ifndef OPENSSL_NO_SSL3
	+ else if (proto_version == PY_SSL_VERSION_SSL3)
	+ ctx = SSL_CTX_new(SSLv3_method());
	++#endif
	+ #ifndef OPENSSL_NO_SSL2
	+ else if (proto_version == PY_SSL_VERSION_SSL2)
	+ ctx = SSL_CTX_new(SSLv2_method());
	+@@ -1965,6 +1969,9 @@ Returns 1 if the OpenSSL PRNG has been s
	+ It is necessary to seed the PRNG with RAND_add() on some platforms before\n\
	+ using the ssl() function.");
	+
	++/* ### Fix build with LibreSSL (does not have RAND_egd)
	++ ### PR195513, http://bugs.python.org/issue21356 */
	++#ifndef OPENSSL_NO_EGD
	+ static PyObject *
	+ PySSL_RAND_egd(PyObject self, PyObject args)
	+ {
	+@@ -1992,6 +1999,8 @@ PyDoc_STRVAR(PySSL_RAND_egd_doc,
	+ Queries the entropy gather daemon (EGD) on the socket named by 'path'.\n\
	+ Returns number of bytes read. Raises SSLError if connection to EGD\n\
	+ fails or if it does provide enough data to seed PRNG.");
	++#endif /* OPENSSL_NO_EGD */
	++/* ### End PR195513 */
	+
	+ #endif
	+
	+@@ -2005,8 +2014,12 @@ static PyMethodDef PySSL_methods[] = {
	+ #ifdef HAVE_OPENSSL_RAND
	+ {"RAND_add", PySSL_RAND_add, METH_VARARGS,
	+ PySSL_RAND_add_doc},
	++/* ### Fix build with LibreSSL (does not have RAND_egd)
	++ ### PR195513, http://bugs.python.org/issue21356 */
	++#ifndef OPENSSL_NO_EGD
	+ {"RAND_egd", PySSL_RAND_egd, METH_VARARGS,
	+ PySSL_RAND_egd_doc},
	++#endif /* OPENSSL_NO_EGD */
	+ {"RAND_status", (PyCFunction)PySSL_RAND_status, METH_NOARGS,
	+ PySSL_RAND_status_doc},
	+ #endif
	+@@ -2199,8 +2212,10 @@ PyInit__ssl(void)
	+ PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
	+ PY_SSL_VERSION_SSL2);
	+ #endif
	++#ifndef OPENSSL_NO_SSL3
	+ PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
	+ PY_SSL_VERSION_SSL3);
	++#endif
	+ PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
	+ PY_SSL_VERSION_SSL23);
	+ PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",

File Metadata

Mime Type: text/plain
Expires: Mon, Mar 30, 4:57 PM (18 h, 21 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 30593214
Default Alt Text: D4701.id11666.diff (7 KB)

D4701.id11666.diffNo OneTemporaryActions

D4701.id11666.diffView Options

File Metadata

Event Timeline

D4701.id11666.diff
No OneTemporary
Actions

D4701.id11666.diff
View Options