- add openssl-stop-parsing-header.patch (bsc#1205042)

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-M2Crypto?expand=0&rev=113
2022-11-07 20:14:29 +00:00 · 2022-11-07 20:14:29 +00:00 · ce1c77ebf3
commit ce1c77ebf3
parent 85680b0b27
3 changed files with 71 additions and 0 deletions
--- a/openssl-stop-parsing-header.patch
+++ b/openssl-stop-parsing-header.patch
@ -0,0 +1,64 @@
+From 1a746c6d01eff4863c116e279756a1035fd5feb0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Mat=C4=9Bj=20Cepl?= <mcepl@cepl.eu>
+Date: Mon, 22 Nov 2021 23:05:41 +0100
+Subject: [PATCH] Use OpenSSL_version_num() instead of unrealiable parsing of
+ .h file.
+
+Fixes #302
+---
+ setup.py | 39 ++++++++++++++++++++++++---------------
+ 1 file changed, 24 insertions(+), 15 deletions(-)
+
+diff --git a/setup.py b/setup.py
+index a1d58f25..04ac8c77 100644
+--- a/setup.py
+++ b/setup.py
+@@ -75,21 +75,30 @@ def openssl_version(ossldir, req_ver, required=False):
+     :return: Boolean indicating whether the satisfying version of
+              OpenSSL has been installed.
+     """
+-    ver = None
+-    file = os.path.join(ossldir, 'include', 'openssl', 'opensslv.h')
+-
+-    with open(file) as origin_file:
+-        for line in origin_file:
+-            m = re.match(
+-                r'^# *define  *OPENSSL_VERSION_NUMBER  *(0x[0-9a-fA-F]*)',
+-                line)
+-            if m:
+-                log.debug('found version number: %s\n', m.group(1))
+-                ver = int(m.group(1), base=16)
+-                break
+-
+-    if ver is None:
+-        raise OSError('Unknown format of file %s\n' % file)
+    try:
+        import ctypes
+        libssl = ctypes.cdll.LoadLibrary("libssl.so")
+        ver = libssl.OpenSSL_version_num()
+        log.debug("ctypes: ver = %s", hex(ver))
+    # for OpenSSL < 1.1.0
+    except AttributeError:
+        ver = None
+        file = os.path.join(ossldir, 'include', 'openssl', 'opensslv.h')
+
+        with open(file) as origin_file:
+            for line in origin_file:
+                m = re.match(
+                    r'^# *define  *OPENSSL_VERSION_NUMBER  *(0x[0-9a-fA-F]*)',
+                    line)
+                if m:
+                    log.debug('found version number: %s\n', m.group(1))
+                    ver = int(m.group(1), base=16)
+                    break
+
+        log.debug("parsing header file: ver = %s", hex(ver))
+
+        if ver is None:
+            raise OSError('Unknown format of file %s\n' % file)
+ 
+     if required:
+         return ver >= req_ver
+-- 
+GitLab
+
--- a/python-M2Crypto.changes
+++ b/python-M2Crypto.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Nov  7 20:14:16 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- add openssl-stop-parsing-header.patch (bsc#1205042) 
+
 -------------------------------------------------------------------
 Wed Aug  3 16:48:00 UTC 2022 - Dirk Müller <dmueller@suse.com>

--- a/python-M2Crypto.spec
+++ b/python-M2Crypto.spec
@ -31,6 +31,8 @@ Source99:       python-M2Crypto.keyring
 # PATCH-FIX-UPSTREAM CVE-2020-25657-Bleichenbacher-attack.patch bsc#1178829 mcepl@suse.com
 # Mitigate the Bleichenbacher timing attacks in the RSA decryption API
 Patch0:         CVE-2020-25657-Bleichenbacher-attack.patch
+# PATCH-FIX-UPSTREAM https://gitlab.com/m2crypto/m2crypto/-/merge_requests/271
+Patch1:         openssl-stop-parsing-header.patch
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module parameterized}
 BuildRequires:  %{python_module pytest}