diff options
| author | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2022-03-21 23:39:43 -0400 |
|---|---|---|
| committer | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2022-03-21 23:39:43 -0400 |
| commit | a9429c8f2207841c649438187d6e19046d323a16 (patch) | |
| tree | a06e4b8a87b6a42742cf6750276746a10b6c2139 /gnu/packages/patches/python2-pyopenssl-openssl-compat.patch | |
| parent | f0136b36ae8c1e9c174043bd50e0e24413c0f345 (diff) | |
| parent | 49b350fafc2c3ea1db66461b73d4e304cd13ec92 (diff) | |
| download | guix-a9429c8f2207841c649438187d6e19046d323a16.tar.gz | |
Merge branch 'staging' into core-updates.
Diffstat (limited to 'gnu/packages/patches/python2-pyopenssl-openssl-compat.patch')
| -rw-r--r-- | gnu/packages/patches/python2-pyopenssl-openssl-compat.patch | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch b/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch new file mode 100644 index 0000000000..a185f4172d --- /dev/null +++ b/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch @@ -0,0 +1,51 @@ +Adjust for OpenSSL 1.1.1: + + https://github.com/pyca/pyopenssl/issues/1043 + +Taken from upstream: + + https://github.com/pyca/pyopenssl/commit/cc5c00ae5fd3c19d07fff79b5c4a08f5e58697ad + +diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py +index 59f21cec..fcdee047 100644 +--- a/src/OpenSSL/SSL.py ++++ b/src/OpenSSL/SSL.py +@@ -1421,6 +1421,12 @@ def set_alpn_protos(self, protos): + This list should be a Python list of bytestrings representing the + protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``. + """ ++ # Different versions of OpenSSL are inconsistent about how they handle empty ++ # proto lists (see #1043), so we avoid the problem entirely by rejecting them ++ # ourselves. ++ if not protos: ++ raise ValueError("at least one protocol must be specified") ++ + # Take the list of protocols and join them together, prefixing them + # with their lengths. + protostr = b"".join( +@@ -2449,6 +2455,12 @@ def set_alpn_protos(self, protos): + This list should be a Python list of bytestrings representing the + protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``. + """ ++ # Different versions of OpenSSL are inconsistent about how they handle empty ++ # proto lists (see #1043), so we avoid the problem entirely by rejecting them ++ # ourselves. ++ if not protos: ++ raise ValueError("at least one protocol must be specified") ++ + # Take the list of protocols and join them together, prefixing them + # with their lengths. + protostr = b"".join( +diff --git a/tests/test_ssl.py b/tests/test_ssl.py +index ffc505d8..ca363b45 100644 +--- a/tests/test_ssl.py ++++ b/tests/test_ssl.py +@@ -1928,7 +1928,7 @@ def test_alpn_call_failure(self): + protocols list. Ensure that we produce a user-visible error. + """ + context = Context(SSLv23_METHOD) +- with pytest.raises(Error): ++ with pytest.raises(ValueError): + context.set_alpn_protos([]) + + def test_alpn_set_on_connection(self): |