pool/python-M2Crypto
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- add openssl-stop-parsing-header.patch (bsc#1205042)

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-M2Crypto?expand=0&rev=113
This commit is contained in:
Dirk Mueller 2022-11-07 20:14:29 +00:00 committed by Git OBS Bridge
parent 85680b0b27
commit ce1c77ebf3
3 changed files with 71 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
openssl-stop-parsing-header.patch Normal file
View File

@ -0,0 +1,64 @@
From 1a746c6d01eff4863c116e279756a1035fd5feb0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mat=C4=9Bj=20Cepl?= <mcepl@cepl.eu>
Date: Mon, 22 Nov 2021 23:05:41 +0100
Subject: [PATCH] Use OpenSSL_version_num() instead of unrealiable parsing of
.h file.
Fixes #302
---
setup.py | 39 ++++++++++++++++++++++++---------------
1 file changed, 24 insertions(+), 15 deletions(-)
diff --git a/setup.py b/setup.py
index a1d58f25..04ac8c77 100644
--- a/setup.py
+++ b/setup.py
@@ -75,21 +75,30 @@ def openssl_version(ossldir, req_ver, required=False):
:return: Boolean indicating whether the satisfying version of
OpenSSL has been installed.
"""
- ver = None
- file = os.path.join(ossldir, 'include', 'openssl', 'opensslv.h')
-
- with open(file) as origin_file:
- for line in origin_file:
- m = re.match(
- r'^# *define *OPENSSL_VERSION_NUMBER *(0x[0-9a-fA-F]*)',
- line)
- if m:
- log.debug('found version number: %s\n', m.group(1))
- ver = int(m.group(1), base=16)
- break
-
- if ver is None:
- raise OSError('Unknown format of file %s\n' % file)
+ try:
+ import ctypes
+ libssl = ctypes.cdll.LoadLibrary("libssl.so")
+ ver = libssl.OpenSSL_version_num()
+ log.debug("ctypes: ver = %s", hex(ver))
+ # for OpenSSL < 1.1.0
+ except AttributeError:
+ ver = None
+ file = os.path.join(ossldir, 'include', 'openssl', 'opensslv.h')
+
+ with open(file) as origin_file:
+ for line in origin_file:
+ m = re.match(
+ r'^# *define *OPENSSL_VERSION_NUMBER *(0x[0-9a-fA-F]*)',
+ line)
+ if m:
+ log.debug('found version number: %s\n', m.group(1))
+ ver = int(m.group(1), base=16)
+ break
+
+ log.debug("parsing header file: ver = %s", hex(ver))
+
+ if ver is None:
+ raise OSError('Unknown format of file %s\n' % file)
if required:
return ver >= req_ver
--
GitLab

5
python-M2Crypto.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Mon Nov 7 20:14:16 UTC 2022 - Dirk Müller <dmueller@suse.com>
- add openssl-stop-parsing-header.patch (bsc#1205042)
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Aug 3 16:48:00 UTC 2022 - Dirk Müller <dmueller@suse.com> Wed Aug 3 16:48:00 UTC 2022 - Dirk Müller <dmueller@suse.com>

2
python-M2Crypto.spec
View File

@ -31,6 +31,8 @@ Source99: python-M2Crypto.keyring
# PATCH-FIX-UPSTREAM CVE-2020-25657-Bleichenbacher-attack.patch bsc#1178829 mcepl@suse.com # PATCH-FIX-UPSTREAM CVE-2020-25657-Bleichenbacher-attack.patch bsc#1178829 mcepl@suse.com
# Mitigate the Bleichenbacher timing attacks in the RSA decryption API # Mitigate the Bleichenbacher timing attacks in the RSA decryption API
Patch0: CVE-2020-25657-Bleichenbacher-attack.patch Patch0: CVE-2020-25657-Bleichenbacher-attack.patch
# PATCH-FIX-UPSTREAM https://gitlab.com/m2crypto/m2crypto/-/merge_requests/271
Patch1: openssl-stop-parsing-header.patch
BuildRequires: %{python_module devel} BuildRequires: %{python_module devel}
BuildRequires: %{python_module parameterized} BuildRequires: %{python_module parameterized}
BuildRequires: %{python_module pytest} BuildRequires: %{python_module pytest}