pool/python-pyOpenSSL
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove patches

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyOpenSSL?expand=0&rev=59
This commit is contained in:
Ondřej Súkup 2019-03-02 16:34:16 +00:00 committed by Git OBS Bridge
parent d631fa8ab1
commit 693ef40809
2 changed files with 0 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
openssl-1.1.1.patch
View File

@ -1,66 +0,0 @@
From 4725d76eb4a1c0e7b7b6de6e4a8e95d6f076b50b Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Tue, 11 Sep 2018 17:35:31 -0400
Subject: [PATCH 1/7] Attempt to fix CRL tests under OpenSSL 1.1.1
---
tests/test_crypto.py | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
Index: pyOpenSSL-19.0.0/tests/test_ssl.py
===================================================================
--- pyOpenSSL-19.0.0.orig/tests/test_ssl.py
+++ pyOpenSSL-19.0.0/tests/test_ssl.py
@@ -410,18 +410,17 @@ class TestContext(object):
assert "AES128-SHA" in conn.get_cipher_list()
- @pytest.mark.parametrize("cipher_list,error", [
- (object(), TypeError),
- ("imaginary-cipher", Error),
- ])
- def test_set_cipher_list_wrong_args(self, context, cipher_list, error):
+ def test_set_cipher_list_imaginary(self, context):
+ # Doesn't raise an exception
+ context.set_cipher_list(b"gibberish")
+
+ def test_set_cipher_list_wrong_args(self, context):
"""
`Context.set_cipher_list` raises `TypeError` when passed a non-string
- argument and raises `OpenSSL.SSL.Error` when passed an incorrect cipher
- list string.
+ argument.
"""
- with pytest.raises(error):
- context.set_cipher_list(cipher_list)
+ with pytest.raises(TypeError):
+ context.set_cipher_list(object())
def test_load_client_ca(self, context, ca_file):
"""
@@ -3836,7 +3835,7 @@ class TestOCSP(object):
:param request_ocsp: Whether the client will actually ask for OCSP
stapling. Useful for testing only.
"""
- ctx = Context(SSLv23_METHOD)
+ ctx = Context(TLSv1_2_METHOD)
ctx.set_ocsp_client_callback(callback, data)
client = Connection(ctx)
Index: pyOpenSSL-19.0.0/src/OpenSSL/SSL.py
===================================================================
--- pyOpenSSL-19.0.0.orig/src/OpenSSL/SSL.py
+++ pyOpenSSL-19.0.0/src/OpenSSL/SSL.py
@@ -1182,9 +1182,9 @@ class Context(object):
if not isinstance(cipher_list, bytes):
raise TypeError("cipher_list must be a byte string.")
- _openssl_assert(
- _lib.SSL_CTX_set_cipher_list(self._context, cipher_list) == 1
- )
+ # This can return an error if there's no ciphersuites, but we don't
+ # care.
+ _lib.SSL_CTX_set_cipher_list(self._context, cipher_list)
# In OpenSSL 1.1.1 setting the cipher list will always return TLS 1.3
# ciphers even if you pass an invalid cipher. Applications (like
# Twisted) have tests that depend on an error being raised if an

38
tls13-renegotiation.patch
View File

@ -1,38 +0,0 @@
Index: pyOpenSSL-19.0.0/tests/test_ssl.py
===================================================================
--- pyOpenSSL-19.0.0.orig/tests/test_ssl.py
+++ pyOpenSSL-19.0.0/tests/test_ssl.py
@@ -3181,6 +3181,7 @@ class TestConnectionRenegotiate(object):
"""
Tests for SSL renegotiation APIs.
"""
+
def test_total_renegotiations(self):
"""
`Connection.total_renegotiations` returns `0` before any renegotiations
@@ -3219,6 +3220,25 @@ class TestConnectionRenegotiate(object):
while False is server.renegotiate_pending():
pass
+ # renegotiation is forbidden in TLS 1.3
+ server, client = loopback()
+
+ server.send(b"hello world")
+
+ assert b"hello world" == client.recv(len(b"hello world"))
+
+ assert 0 == server.total_renegotiations()
+ assert False is server.renegotiate_pending()
+
+ # renegotian under TLS 1.3 must fail
+
+ if client.get_protocol_version_name() == "TLSv1.3":
+ try:
+ assert False is server.renegotiate()
+ #error ('SSL routines', 'SSL_renegotiate', 'wrong ssl version')
+ except SSL.Error:
+ pass
+
class TestError(object):
"""