aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/python2-pyopenssl-openssl-compat.patch51
1 files changed, 51 insertions, 0 deletions
diff --git a/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch b/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch
new file mode 100644
index 0000000000..a185f4172d
--- /dev/null
+++ b/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch
@@ -0,0 +1,51 @@
+Adjust for OpenSSL 1.1.1:
+
+ https://github.com/pyca/pyopenssl/issues/1043
+
+Taken from upstream:
+
+ https://github.com/pyca/pyopenssl/commit/cc5c00ae5fd3c19d07fff79b5c4a08f5e58697ad
+
+diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
+index 59f21cec..fcdee047 100644
+--- a/src/OpenSSL/SSL.py
++++ b/src/OpenSSL/SSL.py
+@@ -1421,6 +1421,12 @@ def set_alpn_protos(self, protos):
+ This list should be a Python list of bytestrings representing the
+ protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
+ """
++ # Different versions of OpenSSL are inconsistent about how they handle empty
++ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
++ # ourselves.
++ if not protos:
++ raise ValueError("at least one protocol must be specified")
++
+ # Take the list of protocols and join them together, prefixing them
+ # with their lengths.
+ protostr = b"".join(
+@@ -2449,6 +2455,12 @@ def set_alpn_protos(self, protos):
+ This list should be a Python list of bytestrings representing the
+ protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
+ """
++ # Different versions of OpenSSL are inconsistent about how they handle empty
++ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
++ # ourselves.
++ if not protos:
++ raise ValueError("at least one protocol must be specified")
++
+ # Take the list of protocols and join them together, prefixing them
+ # with their lengths.
+ protostr = b"".join(
+diff --git a/tests/test_ssl.py b/tests/test_ssl.py
+index ffc505d8..ca363b45 100644
+--- a/tests/test_ssl.py
++++ b/tests/test_ssl.py
+@@ -1928,7 +1928,7 @@ def test_alpn_call_failure(self):
+ protocols list. Ensure that we produce a user-visible error.
+ """
+ context = Context(SSLv23_METHOD)
+- with pytest.raises(Error):
++ with pytest.raises(ValueError):
+ context.set_alpn_protos([])
+
+ def test_alpn_set_on_connection(self):