6f22596b1c
* gnu/packages/python-crypto.scm (python-pyopenssl): Update to 22.0.0. [arguments]: Respect TESTS? in check phase and rewrite in gexp style. (python2-pyopenssl): Update to 21.0.0. [source](patches): New field. * gnu/packages/patches/python2-pyopenssl-openssl-compat.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly.
52 lines
2.0 KiB
Diff
52 lines
2.0 KiB
Diff
Adjust for OpenSSL 1.1.1:
|
|
|
|
https://github.com/pyca/pyopenssl/issues/1043
|
|
|
|
Taken from upstream:
|
|
|
|
https://github.com/pyca/pyopenssl/commit/cc5c00ae5fd3c19d07fff79b5c4a08f5e58697ad
|
|
|
|
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
|
|
index 59f21cec..fcdee047 100644
|
|
--- a/src/OpenSSL/SSL.py
|
|
+++ b/src/OpenSSL/SSL.py
|
|
@@ -1421,6 +1421,12 @@ def set_alpn_protos(self, protos):
|
|
This list should be a Python list of bytestrings representing the
|
|
protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
|
|
"""
|
|
+ # Different versions of OpenSSL are inconsistent about how they handle empty
|
|
+ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
|
|
+ # ourselves.
|
|
+ if not protos:
|
|
+ raise ValueError("at least one protocol must be specified")
|
|
+
|
|
# Take the list of protocols and join them together, prefixing them
|
|
# with their lengths.
|
|
protostr = b"".join(
|
|
@@ -2449,6 +2455,12 @@ def set_alpn_protos(self, protos):
|
|
This list should be a Python list of bytestrings representing the
|
|
protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
|
|
"""
|
|
+ # Different versions of OpenSSL are inconsistent about how they handle empty
|
|
+ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
|
|
+ # ourselves.
|
|
+ if not protos:
|
|
+ raise ValueError("at least one protocol must be specified")
|
|
+
|
|
# Take the list of protocols and join them together, prefixing them
|
|
# with their lengths.
|
|
protostr = b"".join(
|
|
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
|
|
index ffc505d8..ca363b45 100644
|
|
--- a/tests/test_ssl.py
|
|
+++ b/tests/test_ssl.py
|
|
@@ -1928,7 +1928,7 @@ def test_alpn_call_failure(self):
|
|
protocols list. Ensure that we produce a user-visible error.
|
|
"""
|
|
context = Context(SSLv23_METHOD)
|
|
- with pytest.raises(Error):
|
|
+ with pytest.raises(ValueError):
|
|
context.set_alpn_protos([])
|
|
|
|
def test_alpn_set_on_connection(self):
|