Page MenuHomeFreeBSD
Differential D4695 Diff 11661 lang/python33/files/patch-PR195511

Changeset View

Standalone View

View Options

lang/python33/files/patch-PR195511

  • This file was added.
PropertyOld ValueNew Value
fbsd:nokeywordsnullyes
\ No newline at end of property
svn:eol-stylenullnative
\ No newline at end of property
svn:mime-typenulltext/plain
\ No newline at end of property
--- Modules/_ssl.c.orig 2014-03-09 09:40:26.000000000 +0100
+++ Modules/_ssl.c 2015-09-26 15:53:49.266985391 +0200
@@ -1746,8 +1746,10 @@ context_new(PyTypeObject *type, PyObject
PySSL_BEGIN_ALLOW_THREADS
if (proto_version == PY_SSL_VERSION_TLS1)
ctx = SSL_CTX_new(TLSv1_method());
+#ifndef OPENSSL_NO_SSL3
else if (proto_version == PY_SSL_VERSION_SSL3)
ctx = SSL_CTX_new(SSLv3_method());
+#endif
#ifndef OPENSSL_NO_SSL2
else if (proto_version == PY_SSL_VERSION_SSL2)
ctx = SSL_CTX_new(SSLv2_method());
@@ -2559,6 +2561,9 @@ Returns 1 if the OpenSSL PRNG has been s
It is necessary to seed the PRNG with RAND_add() on some platforms before\n\
using the ssl() function.");
+/* ### Fix build with LibreSSL (does not have RAND_egd)
+ ### PR195511, http://bugs.python.org/issue21356 */
+#ifndef OPENSSL_NO_EGD
static PyObject *
PySSL_RAND_egd(PyObject *self, PyObject *args)
{
@@ -2586,6 +2591,8 @@ PyDoc_STRVAR(PySSL_RAND_egd_doc,
Queries the entropy gather daemon (EGD) on the socket named by 'path'.\n\
Returns number of bytes read. Raises SSLError if connection to EGD\n\
fails or if it does not provide enough data to seed PRNG.");
+#endif /* OPENSSL_NO_EGD */
+/* ### End PR195511 */
#endif /* HAVE_OPENSSL_RAND */
@@ -2604,8 +2611,13 @@ static PyMethodDef PySSL_methods[] = {
PySSL_RAND_bytes_doc},
{"RAND_pseudo_bytes", PySSL_RAND_pseudo_bytes, METH_VARARGS,
PySSL_RAND_pseudo_bytes_doc},
+/* ### Fix build with LibreSSL (does not have RAND_egd)
+ ### PR195511, http://bugs.python.org/issue21356 */
+#ifndef OPENSSL_NO_EGD
{"RAND_egd", PySSL_RAND_egd, METH_VARARGS,
PySSL_RAND_egd_doc},
+#endif /* OPENSSL_NO_EGD */
+/* ### End PR195511 */
{"RAND_status", (PyCFunction)PySSL_RAND_status, METH_NOARGS,
PySSL_RAND_status_doc},
#endif
@@ -2842,8 +2854,10 @@ PyInit__ssl(void)
PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
PY_SSL_VERSION_SSL2);
#endif
+#ifndef OPENSSL_NO_SSL3
PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
PY_SSL_VERSION_SSL3);
+#endif
PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
PY_SSL_VERSION_SSL23);
PyModule_AddIntConstant(m, "PROTOCOL_TLSv1",
--- Lib/ssl.py.orig 2014-03-09 09:40:13.000000000 +0100
+++ Lib/ssl.py 2015-09-26 15:55:40.209981202 +0200
@@ -78,7 +78,15 @@ try:
from _ssl import OP_SINGLE_ECDH_USE
except ImportError:
pass
-from _ssl import RAND_status, RAND_egd, RAND_add, RAND_bytes, RAND_pseudo_bytes
+### Fix build with LibreSSL (does not have RAND_egd)
+### PR195511, http://bugs.python.org/issue21356
+from _ssl import RAND_status, RAND_add, RAND_bytes, RAND_pseudo_bytes
+try:
+ from _ssl import RAND_egd
+except ImportError:
+ # LibreSSL does not provide RAND_egd
+ pass
+### End PR195511
from _ssl import (
SSL_ERROR_ZERO_RETURN,
SSL_ERROR_WANT_READ,
@@ -91,14 +99,13 @@ from _ssl import (
SSL_ERROR_INVALID_ERROR_CODE,
)
from _ssl import HAS_SNI, HAS_ECDH, HAS_NPN
-from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+from _ssl import (PROTOCOL_SSLv23,
PROTOCOL_TLSv1)
from _ssl import _OPENSSL_API_VERSION
_PROTOCOL_NAMES = {
PROTOCOL_TLSv1: "TLSv1",
PROTOCOL_SSLv23: "SSLv23",
- PROTOCOL_SSLv3: "SSLv3",
}
try:
from _ssl import PROTOCOL_SSLv2
@@ -107,6 +114,13 @@ except ImportError:
_SSLv2_IF_EXISTS = None
else:
_PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+try:
+ from _ssl import PROTOCOL_SSLv3
+ _SSLv3_IF_EXISTS = PROTOCOL_SSLv3
+except ImportError:
+ _SSLv3_IF_EXISTS = None
+else:
+ _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv3"
from socket import getnameinfo as _getnameinfo
from socket import error as socket_error
@@ -664,7 +678,7 @@ def PEM_cert_to_DER_cert(pem_cert_string
d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)]
return base64.decodebytes(d.encode('ASCII', 'strict'))
-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
+def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
"""Retrieve the certificate from the server at the specified address,
and return it as a PEM-encoded string.
If 'ca_certs' is specified, validate the server cert against it.
--- Lib/test/test_ssl.py.orig 2014-03-09 09:40:19.000000000 +0100
+++ Lib/test/test_ssl.py 2015-09-26 15:58:58.264964564 +0200
@@ -21,11 +21,12 @@ import functools
ssl = support.import_module("ssl")
PROTOCOLS = [
- ssl.PROTOCOL_SSLv3,
ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1
]
if hasattr(ssl, 'PROTOCOL_SSLv2'):
PROTOCOLS.append(ssl.PROTOCOL_SSLv2)
+if hasattr(ssl, 'PROTOCOL_SSLv3'):
+ PROTOCOLS.append(ssl.PROTOCOL_SSLv3)
HOST = support.HOST
@@ -96,7 +97,8 @@ class BasicSocketTests(unittest.TestCase
def test_constants(self):
#ssl.PROTOCOL_SSLv2
ssl.PROTOCOL_SSLv23
- ssl.PROTOCOL_SSLv3
+ if hasattr(ssl, 'PROTOCOL_SSLv3'):
+ ssl.PROTOCOL_SSLv3
ssl.PROTOCOL_TLSv1
ssl.CERT_NONE
ssl.CERT_OPTIONAL
@@ -130,8 +132,12 @@ class BasicSocketTests(unittest.TestCase
self.assertRaises(ValueError, ssl.RAND_bytes, -5)
self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5)
- self.assertRaises(TypeError, ssl.RAND_egd, 1)
- self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
+### Fix build with LibreSSL (does not have RAND_egd)
+### PR195511, http://bugs.python.org/issue21356
+ if hasattr(ssl, 'RAND_egd'):
+ self.assertRaises(TypeError, ssl.RAND_egd, 1)
+ self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
+### End PR195511
ssl.RAND_add("this is a random string", 75.0)
@unittest.skipUnless(os.name == 'posix', 'requires posix')
@@ -512,7 +518,8 @@ class ContextTests(unittest.TestCase):
if hasattr(ssl, 'PROTOCOL_SSLv2'):
ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv2)
ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
- ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv3)
+ if hasattr(ssl, 'PROTOCOL_SSLv3'):
+ ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv3)
ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
self.assertRaises(TypeError, ssl.SSLContext)
self.assertRaises(ValueError, ssl.SSLContext, -1)