diff options
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/python2-pyopenssl-openssl-compat.patch | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch b/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch new file mode 100644 index 0000000000..a185f4172d --- /dev/null +++ b/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch @@ -0,0 +1,51 @@ +Adjust for OpenSSL 1.1.1: + + https://github.com/pyca/pyopenssl/issues/1043 + +Taken from upstream: + + https://github.com/pyca/pyopenssl/commit/cc5c00ae5fd3c19d07fff79b5c4a08f5e58697ad + +diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py +index 59f21cec..fcdee047 100644 +--- a/src/OpenSSL/SSL.py ++++ b/src/OpenSSL/SSL.py +@@ -1421,6 +1421,12 @@ def set_alpn_protos(self, protos): + This list should be a Python list of bytestrings representing the + protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``. + """ ++ # Different versions of OpenSSL are inconsistent about how they handle empty ++ # proto lists (see #1043), so we avoid the problem entirely by rejecting them ++ # ourselves. ++ if not protos: ++ raise ValueError("at least one protocol must be specified") ++ + # Take the list of protocols and join them together, prefixing them + # with their lengths. + protostr = b"".join( +@@ -2449,6 +2455,12 @@ def set_alpn_protos(self, protos): + This list should be a Python list of bytestrings representing the + protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``. + """ ++ # Different versions of OpenSSL are inconsistent about how they handle empty ++ # proto lists (see #1043), so we avoid the problem entirely by rejecting them ++ # ourselves. ++ if not protos: ++ raise ValueError("at least one protocol must be specified") ++ + # Take the list of protocols and join them together, prefixing them + # with their lengths. + protostr = b"".join( +diff --git a/tests/test_ssl.py b/tests/test_ssl.py +index ffc505d8..ca363b45 100644 +--- a/tests/test_ssl.py ++++ b/tests/test_ssl.py +@@ -1928,7 +1928,7 @@ def test_alpn_call_failure(self): + protocols list. Ensure that we produce a user-visible error. + """ + context = Context(SSLv23_METHOD) +- with pytest.raises(Error): ++ with pytest.raises(ValueError): + context.set_alpn_protos([]) + + def test_alpn_set_on_connection(self): |