aboutsummaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
Diffstat (limited to 'gnu')
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/python2-pyopenssl-openssl-compat.patch51
-rw-r--r--gnu/packages/python-crypto.scm22
3 files changed, 8 insertions, 66 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 436b6b9e81..eeb26d34d0 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1756,7 +1756,6 @@ dist_patch_DATA = \
%D%/packages/patches/python-pillow-CVE-2022-45199.patch \
%D%/packages/patches/python-pyfakefs-remove-bad-test.patch \
%D%/packages/patches/python-pyflakes-test-location.patch \
- %D%/packages/patches/python2-pyopenssl-openssl-compat.patch \
%D%/packages/patches/python-flint-includes.patch \
%D%/packages/patches/python-libxml2-utf8.patch \
%D%/packages/patches/python-magic-python-bytecode.patch \
diff --git a/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch b/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch
deleted file mode 100644
index a185f4172d..0000000000
--- a/gnu/packages/patches/python2-pyopenssl-openssl-compat.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-Adjust for OpenSSL 1.1.1:
-
- https://github.com/pyca/pyopenssl/issues/1043
-
-Taken from upstream:
-
- https://github.com/pyca/pyopenssl/commit/cc5c00ae5fd3c19d07fff79b5c4a08f5e58697ad
-
-diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
-index 59f21cec..fcdee047 100644
---- a/src/OpenSSL/SSL.py
-+++ b/src/OpenSSL/SSL.py
-@@ -1421,6 +1421,12 @@ def set_alpn_protos(self, protos):
- This list should be a Python list of bytestrings representing the
- protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
- """
-+ # Different versions of OpenSSL are inconsistent about how they handle empty
-+ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
-+ # ourselves.
-+ if not protos:
-+ raise ValueError("at least one protocol must be specified")
-+
- # Take the list of protocols and join them together, prefixing them
- # with their lengths.
- protostr = b"".join(
-@@ -2449,6 +2455,12 @@ def set_alpn_protos(self, protos):
- This list should be a Python list of bytestrings representing the
- protocols to offer, e.g. ``[b'http/1.1', b'spdy/2']``.
- """
-+ # Different versions of OpenSSL are inconsistent about how they handle empty
-+ # proto lists (see #1043), so we avoid the problem entirely by rejecting them
-+ # ourselves.
-+ if not protos:
-+ raise ValueError("at least one protocol must be specified")
-+
- # Take the list of protocols and join them together, prefixing them
- # with their lengths.
- protostr = b"".join(
-diff --git a/tests/test_ssl.py b/tests/test_ssl.py
-index ffc505d8..ca363b45 100644
---- a/tests/test_ssl.py
-+++ b/tests/test_ssl.py
-@@ -1928,7 +1928,7 @@ def test_alpn_call_failure(self):
- protocols list. Ensure that we produce a user-visible error.
- """
- context = Context(SSLv23_METHOD)
-- with pytest.raises(Error):
-+ with pytest.raises(ValueError):
- context.set_alpn_protos([])
-
- def test_alpn_set_on_connection(self):
diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm
index a9355d134f..b3c9e57d70 100644
--- a/gnu/packages/python-crypto.scm
+++ b/gnu/packages/python-crypto.scm
@@ -654,19 +654,17 @@ ciphers, message digests and key derivation functions.")
(propagated-inputs '())
(synopsis "Core implementation of the Cryptography Python library")))
-;; This is the last version which is compatable with python-cryptography < 35.
(define-public python-pyopenssl
(package
(name "python-pyopenssl")
- (version "21.0.0")
+ (version "23.1.1")
(source
(origin
(method url-fetch)
(uri (pypi-uri "pyOpenSSL" version))
(sha256
(base32
- "1cqcc20fwl521z3fxsc1c98gbnhb14q55vrvjfp6bn6h8rg8qbay"))
- (patches (search-patches "python2-pyopenssl-openssl-compat.patch"))))
+ "1dxhip610zw1j2bz35g1w1h7vh374g0bnzn4nsqj65n6pswrh544"))))
(build-system python-build-system)
(arguments
(list
@@ -678,7 +676,7 @@ ciphers, message digests and key derivation functions.")
;; PyOpenSSL runs tests against a certificate with a fixed
;; expiry time. To ensure successful builds in the future,
;; set the time to roughly the release date.
- (invoke "faketime" "2022-02-01" "py.test" "-v" "-k"
+ (invoke "faketime" "2023-03-25" "pytest" "-vv" "-k"
(string-append
;; This test tries to look up certificates from
;; the compiled-in default path in OpenSSL, which
@@ -690,17 +688,13 @@ ciphers, message digests and key derivation functions.")
;; Fails on i686-linux and possibly other 32-bit platforms
;; https://github.com/pyca/pyopenssl/issues/974
"and not test_verify_with_time"))))))))
- (propagated-inputs
- (list python-cryptography python-six))
- (inputs
- (list openssl))
- (native-inputs
- (list libfaketime python-flaky python-pretend python-pytest))
+ (propagated-inputs (list python-cryptography))
+ (inputs (list openssl))
+ (native-inputs (list libfaketime python-flaky python-pretend python-pytest))
(home-page "https://github.com/pyca/pyopenssl")
(synopsis "Python wrapper module around the OpenSSL library")
- (description
- "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
-library.")
+ (description "PyOpenSSL is a high-level wrapper around a subset of the
+OpenSSL library.")
(license license:asl2.0)))
(define-public python-ed25519