Accepting request 645303 from home:vitezslav_cizek:branches:devel:languages:python:Factory

- Enable all the tests in %check - Add more patches to successfully build with openssl 1.1.1 (bsc#1113755) * openssl-111-middlebox-compat.patch * openssl-111-ssl_options.patch OBS-URL: https://build.opensuse.org/request/show/645303 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=235
2018-10-29 15:14:27 +00:00 · 2018-10-29 15:14:27 +00:00 · a74bb24131
commit a74bb24131
parent 20d7b72031
6 changed files with 73 additions and 1 deletions
--- a/openssl-111-middlebox-compat.patch
+++ b/openssl-111-middlebox-compat.patch
@ -0,0 +1,32 @@
 From 4fa35e8b1ebb2a8e88ba7c4c9cd2a17b35638ee6 Mon Sep 17 00:00:00 2001
 From: Dimitri John Ledkov <xnox@ubuntu.com>
 Date: Fri, 28 Sep 2018 16:34:16 +0100
 Subject: [PATCH] bpo-34834: Fix test_ssl.test_options to account for
 OP_ENABLE_MIDDLEBOX_COMPAT.
 Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
 https://bugs.python.org/issue34834
 ---
 Lib/test/test_ssl.py | 5 +++++
 1 file changed, 5 insertions(+)
 Index: Python-2.7.15/Lib/test/test_ssl.py
 ===================================================================
 --- Python-2.7.15.orig/Lib/test/test_ssl.py	2018-10-29 13:32:59.190865648 +0100
 +++ Python-2.7.15/Lib/test/test_ssl.py	2018-10-29 13:41:01.857624490 +0100
@@ -777,8 +777,12 @@ class ContextTests(unittest.TestCase):
         default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3)
         # SSLContext also enables these by default
         default |= (ssl.OP_NO_COMPRESSION | ssl.OP_CIPHER_SERVER_PREFERENCE |
 -                    ssl.OP_SINGLE_DH_USE | ssl.OP_SINGLE_ECDH_USE |
 -                    ssl.OP_ENABLE_MIDDLEBOX_COMPAT)
 +                    ssl.OP_SINGLE_DH_USE | ssl.OP_SINGLE_ECDH_USE)
 +        if not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 1):
 +            # define MIDDLEBOX constant, as python2.7 does not know about it
 +            # but it is used by default.
 +            OP_ENABLE_MIDDLEBOX_COMPAT = 1048576L
 +            default |= OP_ENABLE_MIDDLEBOX_COMPAT
         self.assertEqual(default, ctx.options)
         ctx.options |= ssl.OP_NO_TLSv1
         self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options)
--- a/openssl-111-ssl_options.patch
+++ b/openssl-111-ssl_options.patch
@ -0,0 +1,13 @@
 Index: Python-2.7.15/Lib/test/test_ssl.py
 ===================================================================
 --- Python-2.7.15.orig/Lib/test/test_ssl.py	2018-10-29 13:41:01.857624490 +0100
 +++ Python-2.7.15/Lib/test/test_ssl.py	2018-10-29 14:04:59.674004321 +0100
@@ -776,7 +776,7 @@ class ContextTests(unittest.TestCase):
         # OP_ALL | OP_NO_SSLv2 | OP_NO_SSLv3 is the default value
         default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3)
         # SSLContext also enables these by default
 -        default |= (ssl.OP_NO_COMPRESSION | ssl.OP_CIPHER_SERVER_PREFERENCE |
 +        default |= (ssl.OP_NO_COMPRESSION | 
                     ssl.OP_SINGLE_DH_USE | ssl.OP_SINGLE_ECDH_USE)
         if not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 1):
             # define MIDDLEBOX constant, as python2.7 does not know about it
--- a/python-base.spec
+++ b/python-base.spec
@ -65,6 +65,10 @@ Patch42:        openssl-111.patch
 # PATCH-FIX-UPSTREAM CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch mcepl@suse.com
 # Suggested in https://github.com/python/cpython/commit/add531a1e55b.patch
 Patch43:        CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch
 # https://github.com/python/cpython/pull/9624 (https://bugs.python.org/issue34834)
 Patch47:        openssl-111-middlebox-compat.patch
 # PATCH-FIX-SUSE python default SSLContext doesn't contain OP_CIPHER_SERVER_PREFERENCE
 Patch48:        openssl-111-ssl_options.patch
 # COMMON-PATCH-END
 %define         python_version    %(echo %{tarversion} | head -c 3)
 BuildRequires:  automake
@ -174,6 +178,8 @@ other applications.
 %patch41 -p1
 %patch42 -p1
 %patch43 -p1
 %patch47 -p1
 %patch48 -p1
 # drop Autoconf version requirement
 sed -i 's/^version_required/dnl version_required/' configure.ac
--- a/python-doc.spec
+++ b/python-doc.spec
@ -66,6 +66,10 @@ Patch42:        openssl-111.patch
 # PATCH-FIX-UPSTREAM CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch mcepl@suse.com
 # Suggested in https://github.com/python/cpython/commit/add531a1e55b.patch
 Patch43:        CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch
 # https://github.com/python/cpython/pull/9624 (https://bugs.python.org/issue34834)
 Patch47:        openssl-111-middlebox-compat.patch
 # PATCH-FIX-SUSE python default SSLContext doesn't contain OP_CIPHER_SERVER_PREFERENCE
 Patch48:        openssl-111-ssl_options.patch
 # COMMON-PATCH-END
 Provides:       pyth_doc
 Provides:       pyth_ps
@ -121,6 +125,8 @@ Python, and Macintosh Module Reference in PDF format.
 %patch41 -p1
 %patch42 -p1
 %patch43 -p1
 %patch47 -p1
 %patch48 -p1
 # drop Autoconf version requirement
 sed -i 's/^version_required/dnl version_required/' configure.ac
--- a/python.changes
+++ b/python.changes
@ -1,3 +1,12 @@
 -------------------------------------------------------------------
 Mon Oct 29 13:21:20 UTC 2018 - Vítězslav Čížek <vcizek@suse.com>
 - Enable all the tests in %check
 - Add more patches to successfully build with openssl 1.1.1
  (bsc#1113755)
  * openssl-111-middlebox-compat.patch
  * openssl-111-ssl_options.patch
 -------------------------------------------------------------------
 Fri Oct 26 10:48:44 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
--- a/python.spec
+++ b/python.spec
@ -71,6 +71,10 @@ Patch42:        openssl-111.patch
 # PATCH-FIX-UPSTREAM CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch mcepl@suse.com
 # Suggested in https://github.com/python/cpython/commit/add531a1e55b.patch
 Patch43:        CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch
 # https://github.com/python/cpython/pull/9624 (https://bugs.python.org/issue34834)
 Patch47:        openssl-111-middlebox-compat.patch
 # PATCH-FIX-SUSE python default SSLContext doesn't contain OP_CIPHER_SERVER_PREFERENCE
 Patch48:        openssl-111-ssl_options.patch
 # COMMON-PATCH-END
 BuildRequires:  automake
 BuildRequires:  db-devel
@ -227,6 +231,8 @@ that rely on earlier non-verification behavior.
 %patch41 -p1
 %patch42 -p1
 %patch43 -p1
 %patch47 -p1
 %patch48 -p1
 # drop Autoconf version requirement
 sed -i 's/^version_required/dnl version_required/' configure.ac
@ -264,7 +270,7 @@ if test $(ulimit -v) = unlimited || test $(ulimit -v) -gt 10000000; then
  ulimit -v 10000000 || :
 fi
 LIST="test_urllib test_ssl test_hashlib test_hmac test_urllib2_localnet test_unicodedata test_tarfile test_sqlite test_tcl test_dbm test_anydbm test_dumbdbm test_gdbm test_whichdb test_tk test_ttk_textonly test_bsddb test_bsddb3 test_readline"
-make test TESTOPTS="test_ssl" TESTPYTHONOPTS="-v"
+make test TESTOPTS="$LIST" TESTPYTHONOPTS="-R"
 %endif
 %install