diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-01-06 23:13:57 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-01-06 23:13:57 +0000 |
commit | a8b0d35ab742f31538d515dea39716e566d533c0 (patch) | |
tree | 40c6c87a13f0e5ef1111ed1bdd9191f3bd1c1e59 /dev-python/pyopenssl/files | |
parent | 8fcdcec5fbdd0e3a77391e4f354218014f59f358 (diff) |
gentoo resync : 06.01.2018
Diffstat (limited to 'dev-python/pyopenssl/files')
3 files changed, 0 insertions, 134 deletions
diff --git a/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport-1.patch b/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport-1.patch deleted file mode 100644 index 3e2c06c1abd1..000000000000 --- a/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport-1.patch +++ /dev/null @@ -1,19 +0,0 @@ - OpenSSL/test/test_ssl.py | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py -index bb1c9ae..d3bffe7 100644 ---- a/OpenSSL/test/test_ssl.py -+++ b/OpenSSL/test/test_ssl.py -@@ -1416,6 +1416,11 @@ class ContextTests(TestCase, _LoopbackMixin): - """ - context = Context(TLSv1_METHOD) - for curve in get_elliptic_curves(): -+ if curve.name.startswith(u"Oakley-"): -+ # Setting Oakley-EC2N-4 and Oakley-EC2N-3 adds -+ # ('bignum routines', 'BN_mod_inverse', 'no inverse') to the -+ # error queue on OpenSSL 1.0.2. -+ continue - # The only easily "assertable" thing is that it does not raise an - # exception. - context.set_tmp_ecdh(curve) diff --git a/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport-2.patch b/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport-2.patch deleted file mode 100644 index be3c18039480..000000000000 --- a/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport-2.patch +++ /dev/null @@ -1,31 +0,0 @@ - OpenSSL/crypto.py | 3 +++ - OpenSSL/test/test_crypto.py | 2 +- - 2 files changed, 4 insertions(+), 1 deletion(-) - -diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py -index 555ba24..2c1eddb 100644 ---- a/OpenSSL/crypto.py -+++ b/OpenSSL/crypto.py -@@ -464,6 +464,9 @@ class X509Name(object): - if isinstance(value, _text_type): - value = value.encode('utf-8') - -+ # Make it so OpenSSL generates utf-8 strings. -+ _lib.ASN1_STRING_set_default_mask_asc(b'utf8only') -+ - add_result = _lib.X509_NAME_add_entry_by_NID( - self._name, nid, _lib.MBSTRING_UTF8, value, -1, -1, 0) - if not add_result: -diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py -index 1620623..b817451 100644 ---- a/OpenSSL/test/test_crypto.py -+++ b/OpenSSL/test/test_crypto.py -@@ -1003,7 +1003,7 @@ class X509NameTests(TestCase): - self.assertEqual( - a.der(), - b('0\x1b1\x0b0\t\x06\x03U\x04\x06\x13\x02US' -- '1\x0c0\n\x06\x03U\x04\x03\x13\x03foo')) -+ '1\x0c0\n\x06\x03U\x04\x03\x0c\x03foo')) - - - def test_get_components(self): diff --git a/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport.patch b/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport.patch deleted file mode 100644 index 048ede23786e..000000000000 --- a/dev-python/pyopenssl/files/pyopenssl-0.15.1-openssl-1.0.2-backport.patch +++ /dev/null @@ -1,84 +0,0 @@ -From fc18f7bed12f58100c3a5eef3dbae29c9a26f18a Mon Sep 17 00:00:00 2001 -From: Jeff Tang <mrjefftang@users.noreply.github.com> -Date: Wed, 15 Apr 2015 17:42:33 -0400 -Subject: [PATCH] OpenSSL 1.0.2 Compatibility - -- Perform the time comparison in python to fix #192 -- Add root cert has_expired test -- Self sign test cert to fix issue in #149 -- Change test case to verify digest of a valid certficate ---- - OpenSSL/crypto.py | 9 +++++---- - OpenSSL/test/test_crypto.py | 15 +++++++++++++-- - 2 files changed, 18 insertions(+), 6 deletions(-) - -diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py -index c7bdabc..1b1058e 100644 ---- a/OpenSSL/crypto.py -+++ b/OpenSSL/crypto.py -@@ -1,5 +1,6 @@ --from time import time -+from time import time, strptime - from base64 import b16encode -+from calendar import timegm - from functools import partial - from operator import __eq__, __ne__, __lt__, __le__, __gt__, __ge__ - from warnings import warn as _warn -@@ -1161,10 +1162,10 @@ def has_expired(self): - :return: True if the certificate has expired, false otherwise - """ - now = int(time()) -- notAfter = _lib.X509_get_notAfter(self._x509) -- return _lib.ASN1_UTCTIME_cmp_time_t( -- _ffi.cast('ASN1_UTCTIME*', notAfter), now) < 0 -+ notAfter = self.get_notAfter().decode('utf-8') -+ notAfterSecs = timegm(strptime(notAfter, '%Y%m%d%H%M%SZ')) - -+ return now > notAfterSecs - - def _get_boundary_time(self, which): - return _get_asn1_time(which(self._x509)) -diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py -index 73e9cc7..b817451 100644 ---- a/OpenSSL/test/test_crypto.py -+++ b/OpenSSL/test/test_crypto.py -@@ -1562,19 +1562,29 @@ def test_has_not_expired(self): - cert.gmtime_adj_notAfter(2) - self.assertFalse(cert.has_expired()) - -+ def test_root_has_not_expired(self): -+ """ -+ :py:obj:`X509Type.has_expired` returns :py:obj:`False` if the certificate's not-after -+ time is in the future. -+ """ -+ cert = load_certificate(FILETYPE_PEM, root_cert_pem) -+ self.assertFalse(cert.has_expired()) -+ - - def test_digest(self): - """ - :py:obj:`X509.digest` returns a string giving ":"-separated hex-encoded words - of the digest of the certificate. - """ -- cert = X509() -+ cert = load_certificate(FILETYPE_PEM, root_cert_pem) - self.assertEqual( - # This is MD5 instead of GOOD_DIGEST because the digest algorithm - # actually matters to the assertion (ie, another arbitrary, good - # digest will not product the same digest). -+ # Digest verified with the command: -+ # openssl x509 -in root_cert.pem -noout -fingerprint -md5 - cert.digest("MD5"), -- b("A8:EB:07:F8:53:25:0A:F2:56:05:C5:A5:C4:C4:C7:15")) -+ b("19:B3:05:26:2B:F8:F2:FF:0B:8F:21:07:A8:28:B8:75")) - - - def _extcert(self, pkey, extensions): -@@ -1587,6 +1597,7 @@ def _extcert(self, pkey, extensions): - cert.set_notAfter(when) - - cert.add_extensions(extensions) -+ cert.sign(pkey, 'sha1') - return load_certificate( - FILETYPE_PEM, dump_certificate(FILETYPE_PEM, cert)) - |