diff --git a/293_sslv23_padding.patch b/293_sslv23_padding.patch new file mode 100644 index 0000000..79d2084 --- /dev/null +++ b/293_sslv23_padding.patch @@ -0,0 +1,14 @@ +--- a/tests/test_rsa.py ++++ b/tests/test_rsa.py +@@ -124,11 +124,6 @@ class RSATestCase(unittest.TestCase): + ptxt = priv.private_decrypt(ctxt, p) + self.assertEqual(ptxt, self.data) + +- # sslv23_padding +- ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding) +- res = priv.private_decrypt(ctxt, RSA.sslv23_padding) +- self.assertEqual(res, self.data) +- + # no_padding + with six.assertRaisesRegex(self, RSA.RSAError, 'data too small'): + priv.public_encrypt(self.data, RSA.no_padding) diff --git a/python-M2Crypto.changes b/python-M2Crypto.changes index d3d65e0..443b58c 100644 --- a/python-M2Crypto.changes +++ b/python-M2Crypto.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Feb 19 12:56:50 UTC 2021 - Matej Cepl + +- Add 293_sslv23_padding.patch to avoid using RSA_SSLV23_PADDING + (gl#m2crypto/m2crypto#293, gh#openssl/openssl#14216). + ------------------------------------------------------------------- Wed Feb 17 11:18:07 UTC 2021 - Pedro Monreal diff --git a/python-M2Crypto.spec b/python-M2Crypto.spec index 78d44e0..cfd7ab7 100644 --- a/python-M2Crypto.spec +++ b/python-M2Crypto.spec @@ -31,6 +31,9 @@ Source1: https://files.pythonhosted.org/packages/source/M/M2Crypto/M2Cryp # https://salsa.debian.org/python-team/packages/m2crypto/-/commit/e0e9ad5cfff86383dabbb92540c0a4892cb4c456 # Fixes incompatibility with the modern crypto policies Patch0: python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch +# PATCH-FIX-UPSTREAM 293_sslv23_padding.patch gl#m2crypto/m2crypto#293 mcepl@suse.com +# RSA_SSLV23_PADDING is evil and should be avoided. +Patch1: 293_sslv23_padding.patch BuildRequires: %{python_module devel} BuildRequires: %{python_module parameterized} BuildRequires: %{python_module pytest}