basebuilder_pel7x64builder0
4 years ago
7 changed files with 1314 additions and 0 deletions
@ -0,0 +1,77 @@ |
|||||||
|
diff -up pyOpenSSL-0.13/OpenSSL/crypto/crypto.c.error pyOpenSSL-0.13/OpenSSL/crypto/crypto.c |
||||||
|
--- pyOpenSSL-0.13/OpenSSL/crypto/crypto.c.error 2011-09-02 17:46:13.000000000 +0200 |
||||||
|
+++ pyOpenSSL-0.13/OpenSSL/crypto/crypto.c 2013-04-04 14:25:17.405118204 +0200 |
||||||
|
@@ -45,12 +45,15 @@ global_passphrase_callback(char *buf, in |
||||||
|
|
||||||
|
func = (PyObject *)cb_arg; |
||||||
|
argv = Py_BuildValue("(i)", rwflag); |
||||||
|
+ if (argv == NULL) |
||||||
|
+ return 0; |
||||||
|
ret = PyEval_CallObject(func, argv); |
||||||
|
Py_DECREF(argv); |
||||||
|
if (ret == NULL) |
||||||
|
return 0; |
||||||
|
if (!PyBytes_Check(ret)) |
||||||
|
{ |
||||||
|
+ Py_DECREF(ret); |
||||||
|
PyErr_SetString(PyExc_ValueError, "String expected"); |
||||||
|
return 0; |
||||||
|
} |
||||||
|
@@ -58,6 +61,7 @@ global_passphrase_callback(char *buf, in |
||||||
|
if (nchars > len) |
||||||
|
nchars = len; |
||||||
|
strncpy(buf, PyBytes_AsString(ret), nchars); |
||||||
|
+ Py_DECREF(ret); |
||||||
|
return nchars; |
||||||
|
} |
||||||
|
|
||||||
|
@@ -637,7 +641,10 @@ crypto_sign(PyObject *spam, PyObject *ar |
||||||
|
return NULL; |
||||||
|
} |
||||||
|
|
||||||
|
- EVP_SignInit(&md_ctx, digest); |
||||||
|
+ if (EVP_SignInit(&md_ctx, digest) <= 0) { |
||||||
|
+ exception_from_error_queue(crypto_Error); |
||||||
|
+ return NULL; |
||||||
|
+ } |
||||||
|
EVP_SignUpdate(&md_ctx, data, data_len); |
||||||
|
sig_len = sizeof(sig_buf); |
||||||
|
err = EVP_SignFinal(&md_ctx, sig_buf, &sig_len, pkey->pkey); |
||||||
|
@@ -692,7 +699,11 @@ crypto_verify(PyObject *spam, PyObject * |
||||||
|
return NULL; |
||||||
|
} |
||||||
|
|
||||||
|
- EVP_VerifyInit(&md_ctx, digest); |
||||||
|
+ if (EVP_VerifyInit(&md_ctx, digest) <= 0) { |
||||||
|
+ exception_from_error_queue(crypto_Error); |
||||||
|
+ EVP_PKEY_free(pkey); |
||||||
|
+ return NULL; |
||||||
|
+ } |
||||||
|
EVP_VerifyUpdate(&md_ctx, data, data_len); |
||||||
|
err = EVP_VerifyFinal(&md_ctx, signature, sig_len, pkey); |
||||||
|
EVP_PKEY_free(pkey); |
||||||
|
diff -up pyOpenSSL-0.13/OpenSSL/crypto/x509.c.error pyOpenSSL-0.13/OpenSSL/crypto/x509.c |
||||||
|
--- pyOpenSSL-0.13/OpenSSL/crypto/x509.c.error 2011-09-02 17:46:13.000000000 +0200 |
||||||
|
+++ pyOpenSSL-0.13/OpenSSL/crypto/x509.c 2013-04-04 14:02:34.932847551 +0200 |
||||||
|
@@ -656,6 +656,7 @@ crypto_X509_digest(crypto_X509Obj *self, |
||||||
|
if (!X509_digest(self->x509,digest,fp,&len)) |
||||||
|
{ |
||||||
|
exception_from_error_queue(crypto_Error); |
||||||
|
+ return NULL; |
||||||
|
} |
||||||
|
tmp = malloc(3*len+1); |
||||||
|
memset(tmp, 0, 3*len+1); |
||||||
|
diff -up pyOpenSSL-0.13/OpenSSL/ssl/context.c.error pyOpenSSL-0.13/OpenSSL/ssl/context.c |
||||||
|
--- pyOpenSSL-0.13/OpenSSL/ssl/context.c.error 2011-09-02 17:46:13.000000000 +0200 |
||||||
|
+++ pyOpenSSL-0.13/OpenSSL/ssl/context.c 2013-04-04 14:02:34.932847551 +0200 |
||||||
|
@@ -1215,6 +1215,10 @@ ssl_Context_init(ssl_ContextObj *self, i |
||||||
|
} |
||||||
|
|
||||||
|
self->ctx = SSL_CTX_new(method); |
||||||
|
+ if (self->ctx == NULL) { |
||||||
|
+ exception_from_error_queue(ssl_Error); |
||||||
|
+ return NULL; |
||||||
|
+ } |
||||||
|
Py_INCREF(Py_None); |
||||||
|
self->passphrase_callback = Py_None; |
||||||
|
Py_INCREF(Py_None); |
@ -0,0 +1,93 @@ |
|||||||
|
diff -up pyOpenSSL-0.13.1/OpenSSL/crypto/crl.c.digest pyOpenSSL-0.13.1/OpenSSL/crypto/crl.c |
||||||
|
--- pyOpenSSL-0.13.1/OpenSSL/crypto/crl.c.digest 2011-08-15 00:06:11.000000000 +0200 |
||||||
|
+++ pyOpenSSL-0.13.1/OpenSSL/crypto/crl.c 2018-05-04 18:57:37.708913903 +0200 |
||||||
|
@@ -2,7 +2,7 @@ |
||||||
|
#define crypto_MODULE |
||||||
|
#include "crypto.h" |
||||||
|
|
||||||
|
- |
||||||
|
+#if OPENSSL_VERSION_NUMBER<0x10002000L |
||||||
|
static X509_REVOKED * X509_REVOKED_dup(X509_REVOKED *orig) { |
||||||
|
X509_REVOKED *dupe = NULL; |
||||||
|
|
||||||
|
@@ -32,6 +32,7 @@ static X509_REVOKED * X509_REVOKED_dup(X |
||||||
|
dupe->sequence = orig->sequence; |
||||||
|
return dupe; |
||||||
|
} |
||||||
|
+#endif |
||||||
|
|
||||||
|
static char crypto_CRL_get_revoked_doc[] = "\n\ |
||||||
|
Return revoked portion of the CRL structure (by value\n\ |
||||||
|
@@ -130,14 +131,24 @@ crypto_CRL_export(crypto_CRLObj *self, P |
||||||
|
crypto_PKeyObj *key; |
||||||
|
ASN1_TIME *tmptm; |
||||||
|
crypto_X509Obj *x509; |
||||||
|
- static char *kwlist[] = {"cert", "key", "type", "days", NULL}; |
||||||
|
+ const char *mdname = NULL; |
||||||
|
+ const EVP_MD *md; |
||||||
|
+ static char *kwlist[] = {"cert", "key", "type", "days", "digest", NULL}; |
||||||
|
|
||||||
|
- if (!PyArg_ParseTupleAndKeywords(args, keywds, "O!O!|ii:dump_crl", kwlist, |
||||||
|
+ if (!PyArg_ParseTupleAndKeywords(args, keywds, "O!O!|iiz:dump_crl", kwlist, |
||||||
|
&crypto_X509_Type, &x509, |
||||||
|
- &crypto_PKey_Type, &key, &type, &days)) { |
||||||
|
+ &crypto_PKey_Type, &key, &type, &days, &mdname)) { |
||||||
|
+ return NULL; |
||||||
|
+ } |
||||||
|
+ if (mdname == NULL) { |
||||||
|
+ mdname = "sha256"; |
||||||
|
+ } |
||||||
|
+ if ((md = EVP_get_digestbyname(mdname)) == NULL) { |
||||||
|
+ PyErr_SetString( |
||||||
|
+ PyExc_ValueError, |
||||||
|
+ "No such digest method"); |
||||||
|
return NULL; |
||||||
|
} |
||||||
|
- |
||||||
|
bio = BIO_new(BIO_s_mem()); |
||||||
|
tmptm = ASN1_TIME_new(); |
||||||
|
if (!tmptm) { |
||||||
|
@@ -149,7 +160,7 @@ crypto_CRL_export(crypto_CRLObj *self, P |
||||||
|
X509_CRL_set_nextUpdate(self->crl, tmptm); |
||||||
|
ASN1_TIME_free(tmptm); |
||||||
|
X509_CRL_set_issuer_name(self->crl, X509_get_subject_name(x509->x509)); |
||||||
|
- X509_CRL_sign(self->crl, key->pkey, EVP_md5()); |
||||||
|
+ X509_CRL_sign(self->crl, key->pkey, md); |
||||||
|
switch (type) { |
||||||
|
case X509_FILETYPE_PEM: |
||||||
|
ret = PEM_write_bio_X509_CRL(bio, self->crl); |
||||||
|
diff -up pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py.digest pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py |
||||||
|
--- pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py.digest 2018-05-04 18:57:37.707913880 +0200 |
||||||
|
+++ pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py 2018-05-04 18:55:09.360484497 +0200 |
||||||
|
@@ -2628,11 +2628,12 @@ class CRLTests(TestCase): |
||||||
|
crl.add_revoked(revoked) |
||||||
|
|
||||||
|
# PEM format |
||||||
|
- dumped_crl = crl.export(self.cert, self.pkey, days=20) |
||||||
|
+ dumped_crl = crl.export(self.cert, self.pkey, days=20, digest="sha1") |
||||||
|
text = _runopenssl(dumped_crl, "crl", "-noout", "-text") |
||||||
|
text.index(b('Serial Number: 03AB')) |
||||||
|
text.index(b('Superseded')) |
||||||
|
text.index(b('Issuer: /C=US/ST=IL/L=Chicago/O=Testing/CN=Testing Root CA')) |
||||||
|
+ text.index(b('Signature Algorithm: sha1WithRSAEncryption')) |
||||||
|
|
||||||
|
# DER format |
||||||
|
dumped_crl = crl.export(self.cert, self.pkey, FILETYPE_ASN1) |
||||||
|
@@ -2662,14 +2663,14 @@ class CRLTests(TestCase): |
||||||
|
def test_export_wrong_args(self): |
||||||
|
""" |
||||||
|
Calling L{OpenSSL.CRL.export} with fewer than two or more than |
||||||
|
- four arguments, or with arguments other than the certificate, |
||||||
|
- private key, integer file type, and integer number of days it |
||||||
|
+ five arguments, or with arguments other than the certificate, |
||||||
|
+ private key, integer file type, integer number of days, and digest it |
||||||
|
expects, results in a L{TypeError} being raised. |
||||||
|
""" |
||||||
|
crl = CRL() |
||||||
|
self.assertRaises(TypeError, crl.export) |
||||||
|
self.assertRaises(TypeError, crl.export, self.cert) |
||||||
|
- self.assertRaises(TypeError, crl.export, self.cert, self.pkey, FILETYPE_PEM, 10, "foo") |
||||||
|
+ self.assertRaises(TypeError, crl.export, self.cert, self.pkey, FILETYPE_PEM, 10, "foo", "boo") |
||||||
|
|
||||||
|
self.assertRaises(TypeError, crl.export, None, self.pkey, FILETYPE_PEM, 10) |
||||||
|
self.assertRaises(TypeError, crl.export, self.cert, None, FILETYPE_PEM, 10) |
@ -0,0 +1,389 @@ |
|||||||
|
diff -up pyOpenSSL-0.13.1/OpenSSL/crypto/crypto.c.exception pyOpenSSL-0.13.1/OpenSSL/crypto/crypto.c |
||||||
|
--- pyOpenSSL-0.13.1/OpenSSL/crypto/crypto.c.exception 2018-05-04 18:56:35.946486574 +0200 |
||||||
|
+++ pyOpenSSL-0.13.1/OpenSSL/crypto/crypto.c 2018-05-04 18:56:35.950486667 +0200 |
||||||
|
@@ -45,26 +45,72 @@ global_passphrase_callback(char *buf, in |
||||||
|
|
||||||
|
func = (PyObject *)cb_arg; |
||||||
|
argv = Py_BuildValue("(i)", rwflag); |
||||||
|
- if (argv == NULL) |
||||||
|
+ if (argv == NULL) { |
||||||
|
return 0; |
||||||
|
+ } |
||||||
|
ret = PyEval_CallObject(func, argv); |
||||||
|
Py_DECREF(argv); |
||||||
|
- if (ret == NULL) |
||||||
|
+ if (ret == NULL) { |
||||||
|
return 0; |
||||||
|
- if (!PyBytes_Check(ret)) |
||||||
|
- { |
||||||
|
+ } |
||||||
|
+ if (!PyBytes_Check(ret)) { |
||||||
|
Py_DECREF(ret); |
||||||
|
PyErr_SetString(PyExc_ValueError, "String expected"); |
||||||
|
return 0; |
||||||
|
} |
||||||
|
nchars = PyBytes_Size(ret); |
||||||
|
- if (nchars > len) |
||||||
|
- nchars = len; |
||||||
|
+ if (nchars > len) { |
||||||
|
+ Py_DECREF(ret); |
||||||
|
+ PyErr_SetString(PyExc_ValueError, |
||||||
|
+ "passphrase returned by callback is too long"); |
||||||
|
+ return 0; |
||||||
|
+ } |
||||||
|
strncpy(buf, PyBytes_AsString(ret), nchars); |
||||||
|
Py_DECREF(ret); |
||||||
|
return nchars; |
||||||
|
} |
||||||
|
|
||||||
|
+static PyObject * |
||||||
|
+raise_current_error(void) |
||||||
|
+{ |
||||||
|
+ if (PyErr_Occurred()) { |
||||||
|
+ /* |
||||||
|
+ * The python exception from callback is more informative than |
||||||
|
+ * OpenSSL's error. |
||||||
|
+ */ |
||||||
|
+ flush_error_queue(); |
||||||
|
+ return NULL; |
||||||
|
+ } |
||||||
|
+ exception_from_error_queue(crypto_Error); |
||||||
|
+ return NULL; |
||||||
|
+} |
||||||
|
+ |
||||||
|
+static int |
||||||
|
+setup_callback(int type, PyObject *pw, pem_password_cb **cb, void **cb_arg) { |
||||||
|
+ if (pw == NULL) { |
||||||
|
+ *cb = NULL; |
||||||
|
+ *cb_arg = NULL; |
||||||
|
+ return 1; |
||||||
|
+ } |
||||||
|
+ if (type != X509_FILETYPE_PEM) { |
||||||
|
+ PyErr_SetString(PyExc_ValueError, |
||||||
|
+ "only FILETYPE_PEM key format supports encryption"); |
||||||
|
+ return 0; |
||||||
|
+ } |
||||||
|
+ if (PyBytes_Check(pw)) { |
||||||
|
+ *cb = NULL; |
||||||
|
+ *cb_arg = PyBytes_AsString(pw); |
||||||
|
+ } else if (PyCallable_Check(pw)) { |
||||||
|
+ *cb = global_passphrase_callback; |
||||||
|
+ *cb_arg = pw; |
||||||
|
+ } else { |
||||||
|
+ PyErr_SetString(PyExc_TypeError, |
||||||
|
+ "Last argument must be string or callable"); |
||||||
|
+ return 0; |
||||||
|
+ } |
||||||
|
+ return 1; |
||||||
|
+} |
||||||
|
+ |
||||||
|
static char crypto_load_privatekey_doc[] = "\n\ |
||||||
|
Load a private key from a buffer\n\ |
||||||
|
\n\ |
||||||
|
@@ -89,31 +135,20 @@ crypto_load_privatekey(PyObject *spam, P |
||||||
|
BIO *bio; |
||||||
|
EVP_PKEY *pkey; |
||||||
|
|
||||||
|
- if (!PyArg_ParseTuple(args, "is#|O:load_privatekey", &type, &buffer, &len, &pw)) |
||||||
|
+ if (!PyArg_ParseTuple(args, "is#|O:load_privatekey", |
||||||
|
+ &type, &buffer, &len, &pw)) { |
||||||
|
+ return NULL; |
||||||
|
+ } |
||||||
|
+ if (!setup_callback(type, pw, &cb, &cb_arg)) { |
||||||
|
return NULL; |
||||||
|
- |
||||||
|
- if (pw != NULL) |
||||||
|
- { |
||||||
|
- if (PyBytes_Check(pw)) |
||||||
|
- { |
||||||
|
- cb = NULL; |
||||||
|
- cb_arg = PyBytes_AsString(pw); |
||||||
|
- } |
||||||
|
- else if (PyCallable_Check(pw)) |
||||||
|
- { |
||||||
|
- cb = global_passphrase_callback; |
||||||
|
- cb_arg = pw; |
||||||
|
- } |
||||||
|
- else |
||||||
|
- { |
||||||
|
- PyErr_SetString(PyExc_TypeError, "Last argument must be string or callable"); |
||||||
|
- return NULL; |
||||||
|
- } |
||||||
|
} |
||||||
|
|
||||||
|
bio = BIO_new_mem_buf(buffer, len); |
||||||
|
- switch (type) |
||||||
|
- { |
||||||
|
+ if (bio == NULL) { |
||||||
|
+ exception_from_error_queue(crypto_Error); |
||||||
|
+ return NULL; |
||||||
|
+ } |
||||||
|
+ switch (type) { |
||||||
|
case X509_FILETYPE_PEM: |
||||||
|
pkey = PEM_read_bio_PrivateKey(bio, NULL, cb, cb_arg); |
||||||
|
break; |
||||||
|
@@ -129,10 +164,8 @@ crypto_load_privatekey(PyObject *spam, P |
||||||
|
} |
||||||
|
BIO_free(bio); |
||||||
|
|
||||||
|
- if (pkey == NULL) |
||||||
|
- { |
||||||
|
- exception_from_error_queue(crypto_Error); |
||||||
|
- return NULL; |
||||||
|
+ if (pkey == NULL) { |
||||||
|
+ return raise_current_error(); |
||||||
|
} |
||||||
|
|
||||||
|
return (PyObject *)crypto_PKey_New(pkey, 1); |
||||||
|
@@ -168,49 +201,32 @@ crypto_dump_privatekey(PyObject *spam, P |
||||||
|
crypto_PKeyObj *pkey; |
||||||
|
|
||||||
|
if (!PyArg_ParseTuple(args, "iO!|sO:dump_privatekey", &type, |
||||||
|
- &crypto_PKey_Type, &pkey, &cipher_name, &pw)) |
||||||
|
+ &crypto_PKey_Type, &pkey, &cipher_name, &pw)) { |
||||||
|
return NULL; |
||||||
|
- |
||||||
|
- if (cipher_name != NULL && pw == NULL) |
||||||
|
- { |
||||||
|
+ } |
||||||
|
+ if (cipher_name != NULL && pw == NULL) { |
||||||
|
PyErr_SetString(PyExc_ValueError, "Illegal number of arguments"); |
||||||
|
return NULL; |
||||||
|
} |
||||||
|
- if (cipher_name != NULL) |
||||||
|
- { |
||||||
|
+ if (cipher_name != NULL) { |
||||||
|
cipher = EVP_get_cipherbyname(cipher_name); |
||||||
|
- if (cipher == NULL) |
||||||
|
- { |
||||||
|
+ if (cipher == NULL) { |
||||||
|
PyErr_SetString(PyExc_ValueError, "Invalid cipher name"); |
||||||
|
return NULL; |
||||||
|
} |
||||||
|
- if (PyBytes_Check(pw)) |
||||||
|
- { |
||||||
|
- cb = NULL; |
||||||
|
- cb_arg = PyBytes_AsString(pw); |
||||||
|
- } |
||||||
|
- else if (PyCallable_Check(pw)) |
||||||
|
- { |
||||||
|
- cb = global_passphrase_callback; |
||||||
|
- cb_arg = pw; |
||||||
|
- } |
||||||
|
- else |
||||||
|
- { |
||||||
|
- PyErr_SetString(PyExc_TypeError, "Last argument must be string or callable"); |
||||||
|
+ if (!setup_callback(type, pw, &cb, &cb_arg)) { |
||||||
|
return NULL; |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
bio = BIO_new(BIO_s_mem()); |
||||||
|
- switch (type) |
||||||
|
- { |
||||||
|
+ if (bio == NULL) { |
||||||
|
+ exception_from_error_queue(crypto_Error); |
||||||
|
+ return NULL; |
||||||
|
+ } |
||||||
|
+ switch (type) { |
||||||
|
case X509_FILETYPE_PEM: |
||||||
|
ret = PEM_write_bio_PrivateKey(bio, pkey->pkey, cipher, NULL, 0, cb, cb_arg); |
||||||
|
- if (PyErr_Occurred()) |
||||||
|
- { |
||||||
|
- BIO_free(bio); |
||||||
|
- return NULL; |
||||||
|
- } |
||||||
|
break; |
||||||
|
|
||||||
|
case X509_FILETYPE_ASN1: |
||||||
|
@@ -219,8 +235,12 @@ crypto_dump_privatekey(PyObject *spam, P |
||||||
|
|
||||||
|
case X509_FILETYPE_TEXT: |
||||||
|
rsa = EVP_PKEY_get1_RSA(pkey->pkey); |
||||||
|
+ if (rsa == NULL) { |
||||||
|
+ ret = 0; |
||||||
|
+ break; |
||||||
|
+ } |
||||||
|
ret = RSA_print(bio, rsa, 0); |
||||||
|
- RSA_free(rsa); |
||||||
|
+ RSA_free(rsa); |
||||||
|
break; |
||||||
|
|
||||||
|
default: |
||||||
|
@@ -229,11 +249,9 @@ crypto_dump_privatekey(PyObject *spam, P |
||||||
|
return NULL; |
||||||
|
} |
||||||
|
|
||||||
|
- if (ret == 0) |
||||||
|
- { |
||||||
|
+ if (ret == 0) { |
||||||
|
BIO_free(bio); |
||||||
|
- exception_from_error_queue(crypto_Error); |
||||||
|
- return NULL; |
||||||
|
+ return raise_current_error(); |
||||||
|
} |
||||||
|
|
||||||
|
buf_len = BIO_get_mem_data(bio, &temp); |
||||||
|
@@ -513,8 +531,8 @@ crypto_load_pkcs7_data(PyObject *spam, P |
||||||
|
if (!PyArg_ParseTuple(args, "is#:load_pkcs7_data", &type, &buffer, &len)) |
||||||
|
return NULL; |
||||||
|
|
||||||
|
- /* |
||||||
|
- * Try to read the pkcs7 data from the bio |
||||||
|
+ /* |
||||||
|
+ * Try to read the pkcs7 data from the bio |
||||||
|
*/ |
||||||
|
bio = BIO_new_mem_buf(buffer, len); |
||||||
|
switch (type) |
||||||
|
diff -up pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py.exception pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py |
||||||
|
--- pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py.exception 2018-05-04 18:56:35.948486620 +0200 |
||||||
|
+++ pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py 2018-05-04 18:57:16.363420609 +0200 |
||||||
|
@@ -7,7 +7,7 @@ Unit tests for L{OpenSSL.crypto}. |
||||||
|
|
||||||
|
from unittest import main |
||||||
|
|
||||||
|
-import os, re |
||||||
|
+import os, re, sys |
||||||
|
from subprocess import PIPE, Popen |
||||||
|
from datetime import datetime, timedelta |
||||||
|
|
||||||
|
@@ -2038,6 +2038,18 @@ class FunctionTests(TestCase): |
||||||
|
load_privatekey, FILETYPE_PEM, encryptedPrivateKeyPEM, b("quack")) |
||||||
|
|
||||||
|
|
||||||
|
+ def test_load_privatekey_passphraseWrongType(self): |
||||||
|
+ """ |
||||||
|
+ :py:obj:`load_privatekey` raises :py:obj:`ValueError` when it is passed a passphrase |
||||||
|
+ with a private key encoded in a format, that doesn't support |
||||||
|
+ encryption. |
||||||
|
+ """ |
||||||
|
+ key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM) |
||||||
|
+ blob = dump_privatekey(FILETYPE_ASN1, key) |
||||||
|
+ self.assertRaises(ValueError, |
||||||
|
+ load_privatekey, FILETYPE_ASN1, blob, "secret") |
||||||
|
+ |
||||||
|
+ |
||||||
|
def test_load_privatekey_passphrase(self): |
||||||
|
""" |
||||||
|
L{load_privatekey} can create a L{PKey} object from an encrypted PEM |
||||||
|
@@ -2058,7 +2070,7 @@ class FunctionTests(TestCase): |
||||||
|
called = [] |
||||||
|
def cb(*a): |
||||||
|
called.append(None) |
||||||
|
- return "quack" |
||||||
|
+ return b("quack") |
||||||
|
self.assertRaises( |
||||||
|
Error, |
||||||
|
load_privatekey, FILETYPE_PEM, encryptedPrivateKeyPEM, cb) |
||||||
|
@@ -2083,25 +2095,36 @@ class FunctionTests(TestCase): |
||||||
|
def test_load_privatekey_passphrase_exception(self): |
||||||
|
""" |
||||||
|
An exception raised by the passphrase callback passed to |
||||||
|
- L{load_privatekey} causes L{OpenSSL.crypto.Error} to be raised. |
||||||
|
- |
||||||
|
- This isn't as nice as just letting the exception pass through. The |
||||||
|
- behavior might be changed to that eventually. |
||||||
|
+ L{load_privatekey} is propagated. |
||||||
|
""" |
||||||
|
def broken(ignored): |
||||||
|
raise RuntimeError("This is not working.") |
||||||
|
self.assertRaises( |
||||||
|
- Error, |
||||||
|
+ RuntimeError, |
||||||
|
load_privatekey, |
||||||
|
FILETYPE_PEM, encryptedPrivateKeyPEM, broken) |
||||||
|
|
||||||
|
|
||||||
|
+ def test_load_privatekey_passphrase_wrong_return_type(self): |
||||||
|
+ """ |
||||||
|
+ :py:obj:`load_privatekey` raises :py:obj:`ValueError` if the passphrase |
||||||
|
+ callback returns something other than a byte string. |
||||||
|
+ """ |
||||||
|
+ self.assertRaises( |
||||||
|
+ ValueError, |
||||||
|
+ load_privatekey, |
||||||
|
+ FILETYPE_PEM, encryptedPrivateKeyPEM, lambda *args: 3) |
||||||
|
+ |
||||||
|
+ |
||||||
|
def test_dump_privatekey_wrong_args(self): |
||||||
|
""" |
||||||
|
L{dump_privatekey} raises L{TypeError} if called with the wrong number |
||||||
|
of arguments. |
||||||
|
""" |
||||||
|
self.assertRaises(TypeError, dump_privatekey) |
||||||
|
+ # If cipher name is given, password is required. |
||||||
|
+ self.assertRaises( |
||||||
|
+ ValueError, dump_privatekey, FILETYPE_PEM, PKey(), "foo") |
||||||
|
|
||||||
|
|
||||||
|
def test_dump_privatekey_unknown_cipher(self): |
||||||
|
@@ -2138,6 +2161,18 @@ class FunctionTests(TestCase): |
||||||
|
self.assertRaises(ValueError, dump_privatekey, 100, key) |
||||||
|
|
||||||
|
|
||||||
|
+ def test_load_privatekey_passphraseCallbackLength(self): |
||||||
|
+ """ |
||||||
|
+ :py:obj:`crypto.load_privatekey` should raise an error when the passphrase |
||||||
|
+ provided by the callback is too long, not silently truncate it. |
||||||
|
+ """ |
||||||
|
+ def cb(ignored): |
||||||
|
+ return "a" * 1025 |
||||||
|
+ |
||||||
|
+ self.assertRaises(ValueError, |
||||||
|
+ load_privatekey, FILETYPE_PEM, encryptedPrivateKeyPEM, cb) |
||||||
|
+ |
||||||
|
+ |
||||||
|
def test_dump_privatekey_passphrase(self): |
||||||
|
""" |
||||||
|
L{dump_privatekey} writes an encrypted PEM when given a passphrase. |
||||||
|
@@ -2152,6 +2187,17 @@ class FunctionTests(TestCase): |
||||||
|
self.assertEqual(loadedKey.bits(), key.bits()) |
||||||
|
|
||||||
|
|
||||||
|
+ def test_dump_privatekey_passphraseWrongType(self): |
||||||
|
+ """ |
||||||
|
+ :py:obj:`dump_privatekey` raises :py:obj:`ValueError` when it is passed a passphrase |
||||||
|
+ with a private key encoded in a format, that doesn't support |
||||||
|
+ encryption. |
||||||
|
+ """ |
||||||
|
+ key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM) |
||||||
|
+ self.assertRaises(ValueError, |
||||||
|
+ dump_privatekey, FILETYPE_ASN1, key, "blowfish", "secret") |
||||||
|
+ |
||||||
|
+ |
||||||
|
def test_dump_certificate(self): |
||||||
|
""" |
||||||
|
L{dump_certificate} writes PEM, DER, and text. |
||||||
|
@@ -2230,6 +2276,32 @@ class FunctionTests(TestCase): |
||||||
|
self.assertEqual(loadedKey.bits(), key.bits()) |
||||||
|
|
||||||
|
|
||||||
|
+ def test_dump_privatekey_passphrase_exception(self): |
||||||
|
+ """ |
||||||
|
+ :py:obj:`dump_privatekey` should not overwrite the exception raised |
||||||
|
+ by the passphrase callback. |
||||||
|
+ """ |
||||||
|
+ def cb(ignored): |
||||||
|
+ raise ArithmeticError |
||||||
|
+ |
||||||
|
+ key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM) |
||||||
|
+ self.assertRaises(ArithmeticError, |
||||||
|
+ dump_privatekey, FILETYPE_PEM, key, "blowfish", cb) |
||||||
|
+ |
||||||
|
+ |
||||||
|
+ def test_dump_privatekey_passphraseCallbackLength(self): |
||||||
|
+ """ |
||||||
|
+ :py:obj:`crypto.dump_privatekey` should raise an error when the passphrase |
||||||
|
+ provided by the callback is too long, not silently truncate it. |
||||||
|
+ """ |
||||||
|
+ def cb(ignored): |
||||||
|
+ return "a" * 1025 |
||||||
|
+ |
||||||
|
+ key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM) |
||||||
|
+ self.assertRaises(ValueError, |
||||||
|
+ dump_privatekey, FILETYPE_PEM, key, "blowfish", cb) |
||||||
|
+ |
||||||
|
+ |
||||||
|
def test_load_pkcs7_data(self): |
||||||
|
""" |
||||||
|
L{load_pkcs7_data} accepts a PKCS#7 string and returns an instance of |
@ -0,0 +1,333 @@ |
|||||||
|
diff -up pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py.test-failure pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py |
||||||
|
--- pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py.test-failure 2013-08-23 21:48:24.000000000 +0200 |
||||||
|
+++ pyOpenSSL-0.13.1/OpenSSL/test/test_crypto.py 2018-05-04 18:55:55.508551705 +0200 |
||||||
|
@@ -35,22 +35,22 @@ def normalize_privatekey_pem(pem): |
||||||
|
|
||||||
|
|
||||||
|
root_cert_pem = b("""-----BEGIN CERTIFICATE----- |
||||||
|
-MIIC7TCCAlagAwIBAgIIPQzE4MbeufQwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE |
||||||
|
+MIIC6TCCAlKgAwIBAgIIPQzE4MbeufQwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE |
||||||
|
BhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQHEwdDaGljYWdvMRAwDgYDVQQKEwdU |
||||||
|
-ZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3QgQ0EwIhgPMjAwOTAzMjUxMjM2 |
||||||
|
-NThaGA8yMDE3MDYxMTEyMzY1OFowWDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklM |
||||||
|
-MRAwDgYDVQQHEwdDaGljYWdvMRAwDgYDVQQKEwdUZXN0aW5nMRgwFgYDVQQDEw9U |
||||||
|
-ZXN0aW5nIFJvb3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPmaQumL |
||||||
|
-urpE527uSEHdL1pqcDRmWzu+98Y6YHzT/J7KWEamyMCNZ6fRW1JCR782UQ8a07fy |
||||||
|
-2xXsKy4WdKaxyG8CcatwmXvpvRQ44dSANMihHELpANTdyVp6DCysED6wkQFurHlF |
||||||
|
-1dshEaJw8b/ypDhmbVIo6Ci1xvCJqivbLFnbAgMBAAGjgbswgbgwHQYDVR0OBBYE |
||||||
|
-FINVdy1eIfFJDAkk51QJEo3IfgSuMIGIBgNVHSMEgYAwfoAUg1V3LV4h8UkMCSTn |
||||||
|
-VAkSjch+BK6hXKRaMFgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UE |
||||||
|
-BxMHQ2hpY2FnbzEQMA4GA1UEChMHVGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBS |
||||||
|
-b290IENBggg9DMTgxt659DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GB |
||||||
|
-AGGCDazMJGoWNBpc03u6+smc95dEead2KlZXBATOdFT1VesY3+nUOqZhEhTGlDMi |
||||||
|
-hkgaZnzoIq/Uamidegk4hirsCT/R+6vsKAAxNTcBjUeZjlykCJWy5ojShGftXIKY |
||||||
|
-w/njVbKMXrvc83qmTdGl3TAM0fxQIpqgcglFLveEBgzn |
||||||
|
+ZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3QgQ0EwHhcNMTcwNjExMjIzMjU5 |
||||||
|
+WhcNMzcwNjA2MjIzMjU5WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCSUwxEDAO |
||||||
|
+BgNVBAcTB0NoaWNhZ28xEDAOBgNVBAoTB1Rlc3RpbmcxGDAWBgNVBAMTD1Rlc3Rp |
||||||
|
+bmcgUm9vdCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA+ZpC6Yu6ukTn |
||||||
|
+bu5IQd0vWmpwNGZbO773xjpgfNP8nspYRqbIwI1np9FbUkJHvzZRDxrTt/LbFewr |
||||||
|
+LhZ0prHIbwJxq3CZe+m9FDjh1IA0yKEcQukA1N3JWnoMLKwQPrCRAW6seUXV2yER |
||||||
|
+onDxv/KkOGZtUijoKLXG8ImqK9ssWdsCAwEAAaOBuzCBuDAdBgNVHQ4EFgQUg1V3 |
||||||
|
+LV4h8UkMCSTnVAkSjch+BK4wgYgGA1UdIwSBgDB+gBSDVXctXiHxSQwJJOdUCRKN |
||||||
|
+yH4ErqFcpFowWDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQHEwdD |
||||||
|
+aGljYWdvMRAwDgYDVQQKEwdUZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3Qg |
||||||
|
+Q0GCCD0MxODG3rn0MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEANFYQ |
||||||
|
+R+T70VcZ+SnvURnwviFgCXeedBzCr21meo+DNHbkp2gudB9W8Xrned/wtUBVymy9 |
||||||
|
+gjB5jINfU7Lci0H57Evsw96UJJVfhXdUMHpqt1RGCoEd9FWnrDyrSy0NysnBT2bH |
||||||
|
+lEqxh3aFEUx9IOQ4sgnx1/NOFXBpkRtivl6O0Ec= |
||||||
|
-----END CERTIFICATE----- |
||||||
|
""") |
||||||
|
|
||||||
|
@@ -72,18 +72,18 @@ cbvAhow217X9V0dVerEOKxnNYspXRrh36h7k4mQA |
||||||
|
""") |
||||||
|
|
||||||
|
server_cert_pem = b("""-----BEGIN CERTIFICATE----- |
||||||
|
-MIICKDCCAZGgAwIBAgIJAJn/HpR21r/8MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV |
||||||
|
-BAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UEBxMHQ2hpY2FnbzEQMA4GA1UEChMH |
||||||
|
-VGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBSb290IENBMCIYDzIwMDkwMzI1MTIz |
||||||
|
-NzUzWhgPMjAxNzA2MTExMjM3NTNaMBgxFjAUBgNVBAMTDWxvdmVseSBzZXJ2ZXIw |
||||||
|
-gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL6m+G653V0tpBC/OKl22VxOi2Cv |
||||||
|
-lK4TYu9LHSDP9uDVTe7V5D5Tl6qzFoRRx5pfmnkqT5B+W9byp2NU3FC5hLm5zSAr |
||||||
|
-b45meUhjEJ/ifkZgbNUjHdBIGP9MAQUHZa5WKdkGIJvGAvs8UzUqlr4TBWQIB24+ |
||||||
|
-lJ+Ukk/CRgasrYwdAgMBAAGjNjA0MB0GA1UdDgQWBBS4kC7Ij0W1TZXZqXQFAM2e |
||||||
|
-gKEG2DATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOBgQBh30Li |
||||||
|
-dJ+NlxIOx5343WqIBka3UbsOb2kxWrbkVCrvRapCMLCASO4FqiKWM+L0VDBprqIp |
||||||
|
-2mgpFQ6FHpoIENGvJhdEKpptQ5i7KaGhnDNTfdy3x1+h852G99f1iyj0RmbuFcM8 |
||||||
|
-uzujnS8YXWvM7DM1Ilozk4MzPug8jzFp5uhKCQ== |
||||||
|
+MIICJDCCAY2gAwIBAgIJAJn/HpR21r/8MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV |
||||||
|
+BAYTAlVTMQswCQYDVQQIDAJJTDEQMA4GA1UEBwwHQ2hpY2FnbzEQMA4GA1UECgwH |
||||||
|
+VGVzdGluZzEYMBYGA1UEAwwPVGVzdGluZyBSb290IENBMB4XDTE3MDYxMjAwMTA1 |
||||||
|
+N1oXDTM3MDYwNzAwMTA1N1owGDEWMBQGA1UEAwwNbG92ZWx5IHNlcnZlcjCBnzAN |
||||||
|
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvqb4brndXS2kEL84qXbZXE6LYK+UrhNi |
||||||
|
+70sdIM/24NVN7tXkPlOXqrMWhFHHml+aeSpPkH5b1vKnY1TcULmEubnNICtvjmZ5 |
||||||
|
+SGMQn+J+RmBs1SMd0EgY/0wBBQdlrlYp2QYgm8YC+zxTNSqWvhMFZAgHbj6Un5SS |
||||||
|
+T8JGBqytjB0CAwEAAaM2MDQwHQYDVR0OBBYEFINVdy1eIfFJDAkk51QJEo3IfgSu |
||||||
|
+MBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4GBAGki1K6WgHHJ |
||||||
|
+qC6aY2EowjaWOXLO6jUZIhGk7BA7vMRfNug429AOZ4m5F6OQhzmJmlw67Jyu2FeI |
||||||
|
+h0VtBuQoHPtjqZXF59oX6hMMmGLMs9pV0UA3fJs5MYA4/V5ZcQy0Ie0QoJNejLzE |
||||||
|
+6V1Qz1rRTYLUyEcpI7ZCmBg2KQQI8YZI |
||||||
|
-----END CERTIFICATE----- |
||||||
|
""") |
||||||
|
|
||||||
|
@@ -105,18 +105,18 @@ r50+LF74iLXFwqysVCebPKMOpDWp/qQ1BbJQIPs7 |
||||||
|
""")) |
||||||
|
|
||||||
|
client_cert_pem = b("""-----BEGIN CERTIFICATE----- |
||||||
|
-MIICJjCCAY+gAwIBAgIJAKxpFI5lODkjMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV |
||||||
|
-BAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UEBxMHQ2hpY2FnbzEQMA4GA1UEChMH |
||||||
|
-VGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBSb290IENBMCIYDzIwMDkwMzI1MTIz |
||||||
|
-ODA1WhgPMjAxNzA2MTExMjM4MDVaMBYxFDASBgNVBAMTC3VnbHkgY2xpZW50MIGf |
||||||
|
-MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAZh/SRtNm5ntMT4qb6YzEpTroMlq2 |
||||||
|
-rn+GrRHRiZ+xkCw/CGNhbtPir7/QxaUj26BSmQrHw1bGKEbPsWiW7bdXSespl+xK |
||||||
|
-iku4G/KvnnmWdeJHqsiXeUZtqurMELcPQAw9xPHEuhqqUJvvEoMTsnCEqGM+7Dtb |
||||||
|
-oCRajYyHfluARQIDAQABozYwNDAdBgNVHQ4EFgQUNQB+qkaOaEVecf1J3TTUtAff |
||||||
|
-0fAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDQYJKoZIhvcNAQEFBQADgYEAyv/Jh7gM |
||||||
|
-Q3OHvmsFEEvRI+hsW8y66zK4K5de239Y44iZrFYkt7Q5nBPMEWDj4F2hLYWL/qtI |
||||||
|
-9Zdr0U4UDCU9SmmGYh4o7R4TZ5pGFvBYvjhHbkSFYFQXZxKUi+WUxplP6I0wr2KJ |
||||||
|
-PSTJCjJOn3xo2NTKRgV1gaoTf2EhL+RG8TQ= |
||||||
|
+MIICIjCCAYugAwIBAgIJAKxpFI5lODkjMA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNV |
||||||
|
+BAYTAlVTMQswCQYDVQQIDAJJTDEQMA4GA1UEBwwHQ2hpY2FnbzEQMA4GA1UECgwH |
||||||
|
+VGVzdGluZzEYMBYGA1UEAwwPVGVzdGluZyBSb290IENBMB4XDTE3MDYxMjAwMDQx |
||||||
|
+M1oXDTM3MDYwNzAwMDQxM1owFjEUMBIGA1UEAwwLdWdseSBjbGllbnQwgZ8wDQYJ |
||||||
|
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAMBmH9JG02bme0xPipvpjMSlOugyWrauf4at |
||||||
|
+EdGJn7GQLD8IY2Fu0+Kvv9DFpSPboFKZCsfDVsYoRs+xaJbtt1dJ6ymX7EqKS7gb |
||||||
|
+8q+eeZZ14keqyJd5Rm2q6swQtw9ADD3E8cS6GqpQm+8SgxOycISoYz7sO1ugJFqN |
||||||
|
+jId+W4BFAgMBAAGjNjA0MB0GA1UdDgQWBBSDVXctXiHxSQwJJOdUCRKNyH4ErjAT |
||||||
|
+BgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQUFAAOBgQAMqcHyweaCOZNN |
||||||
|
+dWQQOsBKQlL5wqVVZwucHPWqobjxpULKy9gS2ha2zbgkXcB/BnBOSwe0Fm+MJV0T |
||||||
|
+NbnTghcGJNpEH7VKn4xSLvIGZmnZZWgxeIB16z4GhpkK2fShBJ+6GKZjsgjT0lSH |
||||||
|
+JRgjHbWutZfZvbSHXr9n7PIphG1Ojg== |
||||||
|
-----END CERTIFICATE----- |
||||||
|
""") |
||||||
|
|
||||||
|
@@ -138,22 +138,22 @@ f6GGcfNpip0Uk7q7udTKuX7Q/buZi/C4YW7u3VKA |
||||||
|
""")) |
||||||
|
|
||||||
|
cleartextCertificatePEM = b("""-----BEGIN CERTIFICATE----- |
||||||
|
-MIIC7TCCAlagAwIBAgIIPQzE4MbeufQwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE |
||||||
|
+MIIC6TCCAlKgAwIBAgIIPQzE4MbeufQwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE |
||||||
|
BhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQHEwdDaGljYWdvMRAwDgYDVQQKEwdU |
||||||
|
-ZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3QgQ0EwIhgPMjAwOTAzMjUxMjM2 |
||||||
|
-NThaGA8yMDE3MDYxMTEyMzY1OFowWDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklM |
||||||
|
-MRAwDgYDVQQHEwdDaGljYWdvMRAwDgYDVQQKEwdUZXN0aW5nMRgwFgYDVQQDEw9U |
||||||
|
-ZXN0aW5nIFJvb3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPmaQumL |
||||||
|
-urpE527uSEHdL1pqcDRmWzu+98Y6YHzT/J7KWEamyMCNZ6fRW1JCR782UQ8a07fy |
||||||
|
-2xXsKy4WdKaxyG8CcatwmXvpvRQ44dSANMihHELpANTdyVp6DCysED6wkQFurHlF |
||||||
|
-1dshEaJw8b/ypDhmbVIo6Ci1xvCJqivbLFnbAgMBAAGjgbswgbgwHQYDVR0OBBYE |
||||||
|
-FINVdy1eIfFJDAkk51QJEo3IfgSuMIGIBgNVHSMEgYAwfoAUg1V3LV4h8UkMCSTn |
||||||
|
-VAkSjch+BK6hXKRaMFgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJJTDEQMA4GA1UE |
||||||
|
-BxMHQ2hpY2FnbzEQMA4GA1UEChMHVGVzdGluZzEYMBYGA1UEAxMPVGVzdGluZyBS |
||||||
|
-b290IENBggg9DMTgxt659DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GB |
||||||
|
-AGGCDazMJGoWNBpc03u6+smc95dEead2KlZXBATOdFT1VesY3+nUOqZhEhTGlDMi |
||||||
|
-hkgaZnzoIq/Uamidegk4hirsCT/R+6vsKAAxNTcBjUeZjlykCJWy5ojShGftXIKY |
||||||
|
-w/njVbKMXrvc83qmTdGl3TAM0fxQIpqgcglFLveEBgzn |
||||||
|
+ZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3QgQ0EwHhcNMTcwNjExMjIzMjU5 |
||||||
|
+WhcNMzcwNjA2MjIzMjU5WjBYMQswCQYDVQQGEwJVUzELMAkGA1UECBMCSUwxEDAO |
||||||
|
+BgNVBAcTB0NoaWNhZ28xEDAOBgNVBAoTB1Rlc3RpbmcxGDAWBgNVBAMTD1Rlc3Rp |
||||||
|
+bmcgUm9vdCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA+ZpC6Yu6ukTn |
||||||
|
+bu5IQd0vWmpwNGZbO773xjpgfNP8nspYRqbIwI1np9FbUkJHvzZRDxrTt/LbFewr |
||||||
|
+LhZ0prHIbwJxq3CZe+m9FDjh1IA0yKEcQukA1N3JWnoMLKwQPrCRAW6seUXV2yER |
||||||
|
+onDxv/KkOGZtUijoKLXG8ImqK9ssWdsCAwEAAaOBuzCBuDAdBgNVHQ4EFgQUg1V3 |
||||||
|
+LV4h8UkMCSTnVAkSjch+BK4wgYgGA1UdIwSBgDB+gBSDVXctXiHxSQwJJOdUCRKN |
||||||
|
+yH4ErqFcpFowWDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQHEwdD |
||||||
|
+aGljYWdvMRAwDgYDVQQKEwdUZXN0aW5nMRgwFgYDVQQDEw9UZXN0aW5nIFJvb3Qg |
||||||
|
+Q0GCCD0MxODG3rn0MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEANFYQ |
||||||
|
+R+T70VcZ+SnvURnwviFgCXeedBzCr21meo+DNHbkp2gudB9W8Xrned/wtUBVymy9 |
||||||
|
+gjB5jINfU7Lci0H57Evsw96UJJVfhXdUMHpqt1RGCoEd9FWnrDyrSy0NysnBT2bH |
||||||
|
+lEqxh3aFEUx9IOQ4sgnx1/NOFXBpkRtivl6O0Ec= |
||||||
|
-----END CERTIFICATE----- |
||||||
|
""") |
||||||
|
|
||||||
|
@@ -309,7 +309,7 @@ class X509ExtTests(TestCase): |
||||||
|
""" |
||||||
|
# Basic setup stuff to generate a certificate |
||||||
|
self.pkey = PKey() |
||||||
|
- self.pkey.generate_key(TYPE_RSA, 384) |
||||||
|
+ self.pkey.generate_key(TYPE_RSA, 2048) |
||||||
|
self.req = X509Req() |
||||||
|
self.req.set_pubkey(self.pkey) |
||||||
|
# Authority good you have. |
||||||
|
@@ -608,7 +608,7 @@ class PKeyTests(TestCase): |
||||||
|
L{PKeyType.generate_key} generates an RSA key when passed |
||||||
|
L{TYPE_RSA} as a type and a reasonable number of bits. |
||||||
|
""" |
||||||
|
- bits = 128 |
||||||
|
+ bits = 2048 |
||||||
|
key = PKey() |
||||||
|
key.generate_key(TYPE_RSA, bits) |
||||||
|
self.assertEqual(key.type(), TYPE_RSA) |
||||||
|
@@ -624,7 +624,7 @@ class PKeyTests(TestCase): |
||||||
|
# 512 is a magic number. The DSS (Digital Signature Standard) |
||||||
|
# allows a minimum of 512 bits for DSA. DSA_generate_parameters |
||||||
|
# will silently promote any value below 512 to 512. |
||||||
|
- bits = 512 |
||||||
|
+ bits = 1024 |
||||||
|
key = PKey() |
||||||
|
key.generate_key(TYPE_DSA, bits) |
||||||
|
self.assertEqual(key.type(), TYPE_DSA) |
||||||
|
@@ -638,7 +638,7 @@ class PKeyTests(TestCase): |
||||||
|
key to generate new keys. |
||||||
|
""" |
||||||
|
key = PKey() |
||||||
|
- for type, bits in [(TYPE_RSA, 512), (TYPE_DSA, 576)]: |
||||||
|
+ for type, bits in [(TYPE_RSA, 2048), (TYPE_DSA, 1024)]: |
||||||
|
key.generate_key(type, bits) |
||||||
|
self.assertEqual(key.type(), type) |
||||||
|
self.assertEqual(key.bits(), bits) |
||||||
|
@@ -869,7 +869,7 @@ class X509NameTests(TestCase): |
||||||
|
self.assertEqual( |
||||||
|
a.der(), |
||||||
|
b('0\x1b1\x0b0\t\x06\x03U\x04\x06\x13\x02US' |
||||||
|
- '1\x0c0\n\x06\x03U\x04\x03\x13\x03foo')) |
||||||
|
+ '1\x0c0\n\x06\x03U\x04\x03\x0c\x03foo')) |
||||||
|
|
||||||
|
|
||||||
|
def test_get_components(self): |
||||||
|
@@ -926,7 +926,7 @@ class _PKeyInteractionTestsMixin: |
||||||
|
""" |
||||||
|
request = self.signable() |
||||||
|
key = PKey() |
||||||
|
- key.generate_key(TYPE_RSA, 512) |
||||||
|
+ key.generate_key(TYPE_RSA, 2048) |
||||||
|
request.set_pubkey(key) |
||||||
|
pub = request.get_pubkey() |
||||||
|
self.assertRaises(ValueError, request.sign, pub, 'MD5') |
||||||
|
@@ -939,7 +939,7 @@ class _PKeyInteractionTestsMixin: |
||||||
|
""" |
||||||
|
request = self.signable() |
||||||
|
key = PKey() |
||||||
|
- key.generate_key(TYPE_RSA, 512) |
||||||
|
+ key.generate_key(TYPE_RSA, 2048) |
||||||
|
self.assertRaises(ValueError, request.sign, key, "monkeys") |
||||||
|
|
||||||
|
|
||||||
|
@@ -950,16 +950,16 @@ class _PKeyInteractionTestsMixin: |
||||||
|
""" |
||||||
|
request = self.signable() |
||||||
|
key = PKey() |
||||||
|
- key.generate_key(TYPE_RSA, 512) |
||||||
|
+ key.generate_key(TYPE_RSA, 2048) |
||||||
|
request.set_pubkey(key) |
||||||
|
- request.sign(key, 'MD5') |
||||||
|
+ request.sign(key, 'SHA256') |
||||||
|
# If the type has a verify method, cover that too. |
||||||
|
if getattr(request, 'verify', None) is not None: |
||||||
|
pub = request.get_pubkey() |
||||||
|
self.assertTrue(request.verify(pub)) |
||||||
|
# Make another key that won't verify. |
||||||
|
key = PKey() |
||||||
|
- key.generate_key(TYPE_RSA, 512) |
||||||
|
+ key.generate_key(TYPE_RSA, 2048) |
||||||
|
self.assertRaises(Error, request.verify, key) |
||||||
|
|
||||||
|
|
||||||
|
@@ -1257,7 +1257,7 @@ WpOdIpB8KksUTCzV591Nr1wd |
||||||
|
internally. |
||||||
|
""" |
||||||
|
cert = load_certificate(FILETYPE_PEM, self.pemData) |
||||||
|
- self.assertEqual(cert.get_notBefore(), b("20090325123658Z")) |
||||||
|
+ self.assertEqual(cert.get_notBefore(), b("20170611223259Z")) |
||||||
|
|
||||||
|
|
||||||
|
def test_get_notAfter(self): |
||||||
|
@@ -1267,7 +1267,7 @@ WpOdIpB8KksUTCzV591Nr1wd |
||||||
|
internally. |
||||||
|
""" |
||||||
|
cert = load_certificate(FILETYPE_PEM, self.pemData) |
||||||
|
- self.assertEqual(cert.get_notAfter(), b("20170611123658Z")) |
||||||
|
+ self.assertEqual(cert.get_notAfter(), b("20370606223259Z")) |
||||||
|
|
||||||
|
|
||||||
|
def test_gmtime_adj_notBefore_wrong_args(self): |
||||||
|
@@ -1348,10 +1348,10 @@ WpOdIpB8KksUTCzV591Nr1wd |
||||||
|
L{X509.digest} returns a string giving ":"-separated hex-encoded words |
||||||
|
of the digest of the certificate. |
||||||
|
""" |
||||||
|
- cert = X509() |
||||||
|
+ cert = load_certificate(FILETYPE_PEM, self.pemData) |
||||||
|
self.assertEqual( |
||||||
|
- cert.digest("md5"), |
||||||
|
- b("A8:EB:07:F8:53:25:0A:F2:56:05:C5:A5:C4:C4:C7:15")) |
||||||
|
+ cert.digest("SHA256"), |
||||||
|
+ b('65:D6:61:2C:C2:2D:5F:A6:08:76:9A:03:01:B3:71:FF:FD:48:9B:A3:F2:19:B3:84:CF:3F:D0:9E:57:39:6A:7E')) |
||||||
|
|
||||||
|
|
||||||
|
def _extcert(self, pkey, extensions): |
||||||
|
@@ -1364,6 +1364,7 @@ WpOdIpB8KksUTCzV591Nr1wd |
||||||
|
cert.set_notAfter(when) |
||||||
|
|
||||||
|
cert.add_extensions(extensions) |
||||||
|
+ cert.sign(pkey, 'SHA256') |
||||||
|
return load_certificate( |
||||||
|
FILETYPE_PEM, dump_certificate(FILETYPE_PEM, cert)) |
||||||
|
|
||||||
|
@@ -2109,7 +2110,7 @@ class FunctionTests(TestCase): |
||||||
|
cipher name. |
||||||
|
""" |
||||||
|
key = PKey() |
||||||
|
- key.generate_key(TYPE_RSA, 512) |
||||||
|
+ key.generate_key(TYPE_RSA, 2048) |
||||||
|
self.assertRaises( |
||||||
|
ValueError, dump_privatekey, |
||||||
|
FILETYPE_PEM, key, "zippers", "passphrase") |
||||||
|
@@ -2121,7 +2122,7 @@ class FunctionTests(TestCase): |
||||||
|
is neither a C{str} nor a callable. |
||||||
|
""" |
||||||
|
key = PKey() |
||||||
|
- key.generate_key(TYPE_RSA, 512) |
||||||
|
+ key.generate_key(TYPE_RSA, 2048) |
||||||
|
self.assertRaises( |
||||||
|
TypeError, |
||||||
|
dump_privatekey, FILETYPE_PEM, key, "blowfish", object()) |
||||||
|
@@ -2133,7 +2134,7 @@ class FunctionTests(TestCase): |
||||||
|
filetype. |
||||||
|
""" |
||||||
|
key = PKey() |
||||||
|
- key.generate_key(TYPE_RSA, 512) |
||||||
|
+ key.generate_key(TYPE_RSA, 2048) |
||||||
|
self.assertRaises(ValueError, dump_privatekey, 100, key) |
||||||
|
|
||||||
|
|
||||||
|
@@ -2580,6 +2581,8 @@ class CRLTests(TestCase): |
||||||
|
""" |
||||||
|
crl = CRL() |
||||||
|
revoked = Revoked() |
||||||
|
+ revoked.set_serial(b"01") |
||||||
|
+ revoked.set_rev_date(b"20160310020145Z") |
||||||
|
crl.add_revoked(revoked=revoked) |
||||||
|
self.assertTrue(isinstance(crl.get_revoked()[0], Revoked)) |
||||||
|
|
||||||
|
diff -up pyOpenSSL-0.13.1/OpenSSL/test/test_ssl.py.test-failure pyOpenSSL-0.13.1/OpenSSL/test/test_ssl.py |
||||||
|
--- pyOpenSSL-0.13.1/OpenSSL/test/test_ssl.py.test-failure 2011-08-15 00:06:11.000000000 +0200 |
||||||
|
+++ pyOpenSSL-0.13.1/OpenSSL/test/test_ssl.py 2018-05-04 18:53:26.670109705 +0200 |
||||||
|
@@ -282,7 +282,7 @@ class ContextTests(TestCase, _LoopbackMi |
||||||
|
|
||||||
|
try: |
||||||
|
Context(SSLv2_METHOD) |
||||||
|
- except ValueError: |
||||||
|
+ except (ValueError, Error): |
||||||
|
# Some versions of OpenSSL have SSLv2, some don't. |
||||||
|
# Difficult to say in advance. |
||||||
|
pass |
||||||
|
@@ -645,7 +645,7 @@ class ContextTests(TestCase, _LoopbackMi |
||||||
|
self.assertRaises(TypeError, context.load_verify_locations, None, None, None) |
||||||
|
|
||||||
|
|
||||||
|
- if platform == "win32": |
||||||
|
+ if True: |
||||||
|
"set_default_verify_paths appears not to work on Windows. " |
||||||
|
"See LP#404343 and LP#404344." |
||||||
|
else: |
||||||
|
@@ -869,9 +869,9 @@ class ContextTests(TestCase, _LoopbackMi |
||||||
|
connections created with the context object will be able to choose from. |
||||||
|
""" |
||||||
|
context = Context(TLSv1_METHOD) |
||||||
|
- context.set_cipher_list("hello world:EXP-RC4-MD5") |
||||||
|
+ context.set_cipher_list("hello world:AES128-SHA256") |
||||||
|
conn = Connection(context, None) |
||||||
|
- self.assertEquals(conn.get_cipher_list(), ["EXP-RC4-MD5"]) |
||||||
|
+ self.assertEquals(conn.get_cipher_list(), ["AES128-SHA256"]) |
||||||
|
|
||||||
|
|
||||||
|
|
@ -0,0 +1,33 @@ |
|||||||
|
diff -Nur pyOpenSSL-0.5.1.orig/doc/tools/mkhowto pyOpenSSL-0.5.1/doc/tools/mkhowto |
||||||
|
--- pyOpenSSL-0.5.1.orig/doc/tools/mkhowto 2001-07-30 13:31:48.000000000 +0200 |
||||||
|
+++ pyOpenSSL-0.5.1/doc/tools/mkhowto 2003-08-08 16:46:10.000000000 +0200 |
||||||
|
@@ -56,7 +56,7 @@ |
||||||
|
DVIPS_BINARY = "dvips" |
||||||
|
LATEX_BINARY = "latex" |
||||||
|
LATEX2HTML_BINARY = "latex2html" |
||||||
|
-LYNX_BINARY = "lynx" |
||||||
|
+LYNX_BINARY = "elinks" |
||||||
|
MAKEINDEX_BINARY = "makeindex" |
||||||
|
PDFLATEX_BINARY = "pdflatex" |
||||||
|
PERL_BINARY = "perl" |
||||||
|
@@ -397,7 +397,7 @@ |
||||||
|
if tempdir is None: |
||||||
|
tempdir = self.doc |
||||||
|
indexfile = os.path.join(tempdir, "index.html") |
||||||
|
- self.run("%s -nolist -dump %s >%s.txt" |
||||||
|
+ self.run("%s -dump %s >%s.txt" |
||||||
|
% (LYNX_BINARY, indexfile, self.doc)) |
||||||
|
|
||||||
|
def require_temps(self, binary=None): |
||||||
|
diff -Nur pyOpenSSL-0.5.1.orig/setup.cfg pyOpenSSL-0.5.1/setup.cfg |
||||||
|
--- pyOpenSSL-0.5.1.orig/setup.cfg 2002-09-10 00:05:21.000000000 +0200 |
||||||
|
+++ pyOpenSSL-0.5.1/setup.cfg 2003-08-08 16:48:34.000000000 +0200 |
||||||
|
@@ -4,7 +4,7 @@ |
||||||
|
# bdist_rpm settings contributed by Mihai Ibanescu <misa@redhat.com> |
||||||
|
[bdist_rpm] |
||||||
|
release = 1 |
||||||
|
-build-requires = lynx openssl-devel python-devel perl tetex-dvips tetex-latex |
||||||
|
+build-requires = elinks openssl-devel python-devel perl tetex-dvips tetex-latex |
||||||
|
group = Development/Libraries |
||||||
|
build_script = rpm/build_script |
||||||
|
doc-files = doc/pyOpenSSL.txt doc/pyOpenSSL.ps doc/html |
@ -0,0 +1,46 @@ |
|||||||
|
--- pyOpenSSL-0.6/doc/tools/texinputs/howto.cls.nopdfout 2001-07-16 07:53:03.000000000 -0400 |
||||||
|
+++ pyOpenSSL-0.6/doc/tools/texinputs/howto.cls 2005-03-14 20:22:34.745230000 -0500 |
||||||
|
@@ -54,10 +54,16 @@ |
||||||
|
% changes \\ to ', ' (comma-space), making it pass muster for |
||||||
|
% generating document info in the PDF file. |
||||||
|
\def\\{, } |
||||||
|
- \pdfinfo{ |
||||||
|
- /Author (\@author) |
||||||
|
- /Title (\@title) |
||||||
|
- } |
||||||
|
+ \ifx\pdfoutput\relax |
||||||
|
+ \else |
||||||
|
+ \ifcase\pdfoutput |
||||||
|
+ \else |
||||||
|
+ \pdfinfo{ |
||||||
|
+ /Author (\@author) |
||||||
|
+ /Title (\@title) |
||||||
|
+ } |
||||||
|
+ \fi |
||||||
|
+ \fi |
||||||
|
}} |
||||||
|
\begin{flushright} |
||||||
|
{\rm\Huge\py@HeaderFamily \@title} \par |
||||||
|
--- pyOpenSSL-0.6/doc/tools/texinputs/manual.cls.nopdfout 2005-03-14 09:32:50.000000000 -0500 |
||||||
|
+++ pyOpenSSL-0.6/doc/tools/texinputs/manual.cls 2005-03-14 09:34:20.000000000 -0500 |
||||||
|
@@ -69,10 +69,16 @@ |
||||||
|
% changes \\ to ', ' (comma-space), making it pass muster for |
||||||
|
% generating document info in the PDF file. |
||||||
|
\def\\{, } |
||||||
|
- \pdfinfo{ |
||||||
|
- /Author (\@author) |
||||||
|
- /Title (\@title) |
||||||
|
- } |
||||||
|
+ \ifx\pdfoutput\relax |
||||||
|
+ \else |
||||||
|
+ \ifcase\pdfoutput |
||||||
|
+ \else |
||||||
|
+ \pdfinfo{% |
||||||
|
+ /Author (\@author) |
||||||
|
+ /Title (\@title) |
||||||
|
+ } |
||||||
|
+ \fi |
||||||
|
+ \fi |
||||||
|
}} |
||||||
|
\begin{flushright}% |
||||||
|
{\rm\Huge\py@HeaderFamily \@title \par}% |
@ -0,0 +1,343 @@ |
|||||||
|
%if 0%{?fedora} > 12 |
||||||
|
%global with_python3 1 |
||||||
|
%endif |
||||||
|
|
||||||
|
Summary: Python wrapper module around the OpenSSL library |
||||||
|
Name: pyOpenSSL |
||||||
|
Version: 0.13.1 |
||||||
|
Release: 4%{?dist} |
||||||
|
Source0: http://pypi.python.org/packages/source/p/pyOpenSSL/pyOpenSSL-%{version}.tar.gz |
||||||
|
|
||||||
|
# Fedora specific patches |
||||||
|
|
||||||
|
Patch2: pyOpenSSL-elinks.patch |
||||||
|
Patch3: pyOpenSSL-nopdfout.patch |
||||||
|
|
||||||
|
Patch10: pyOpenSSL-0.13-check-error.patch |
||||||
|
Patch11: pyOpenSSL-0.13.1-test-failure.patch |
||||||
|
Patch12: pyOpenSSL-0.13.1-exception.patch |
||||||
|
Patch13: pyOpenSSL-0.13.1-digest.patch |
||||||
|
|
||||||
|
License: ASL 2.0 |
||||||
|
Group: Development/Libraries |
||||||
|
Url: http://pyopenssl.sourceforge.net/ |
||||||
|
|
||||||
|
BuildRequires: elinks |
||||||
|
BuildRequires: openssl-devel |
||||||
|
BuildRequires: tetex-dvips |
||||||
|
BuildRequires: tetex-latex |
||||||
|
BuildRequires: latex2html |
||||||
|
|
||||||
|
BuildRequires: python2-devel |
||||||
|
%if 0%{?with_python3} |
||||||
|
BuildRequires: python3-devel |
||||||
|
%endif |
||||||
|
|
||||||
|
%description |
||||||
|
High-level wrapper around a subset of the OpenSSL library, includes among others |
||||||
|
* SSL.Connection objects, wrapping the methods of Python's portable |
||||||
|
sockets |
||||||
|
* Callbacks written in Python |
||||||
|
* Extensive error-handling mechanism, mirroring OpenSSL's error codes |
||||||
|
|
||||||
|
%if 0%{?with_python3} |
||||||
|
%package -n python3-pyOpenSSL |
||||||
|
Summary: Python wrapper module around the OpenSSL library |
||||||
|
|
||||||
|
%description -n python3-pyOpenSSL |
||||||
|
High-level wrapper around a subset of the OpenSSL library, includes among others |
||||||
|
* SSL.Connection objects, wrapping the methods of Python's portable |
||||||
|
sockets |
||||||
|
* Callbacks written in Python |
||||||
|
* Extensive error-handling mechanism, mirroring OpenSSL's error codes |
||||||
|
%endif |
||||||
|
|
||||||
|
%package doc |
||||||
|
Summary: Documentation for pyOpenSSL |
||||||
|
BuildArch: noarch |
||||||
|
|
||||||
|
%description doc |
||||||
|
Documentation for pyOpenSSL |
||||||
|
|
||||||
|
# we don't want to provide private python extension libs |
||||||
|
%{?filter_setup: |
||||||
|
%filter_provides_in %{python_sitearch}/.*\.so$ |
||||||
|
%if 0%{?with_python3} |
||||||
|
%filter_provides_in %{python3_sitearch}/.*\.so$ |
||||||
|
%endif |
||||||
|
%filter_requires_in %{_datadir}/doc/ |
||||||
|
%filter_setup |
||||||
|
} |
||||||
|
|
||||||
|
%prep |
||||||
|
%setup -q -n pyOpenSSL-%{version} |
||||||
|
%patch2 -p1 -b .elinks |
||||||
|
%patch3 -p1 -b .nopdfout |
||||||
|
%patch10 -p1 -b .error |
||||||
|
%patch11 -p1 -b .test-failure |
||||||
|
%patch12 -p1 -b .exception |
||||||
|
%patch13 -p1 -b .digest |
||||||
|
|
||||||
|
# Fix permissions for debuginfo package |
||||||
|
%{__chmod} -x OpenSSL/ssl/connection.c |
||||||
|
|
||||||
|
%build |
||||||
|
%if 0%{?with_python3} |
||||||
|
rm -rf %{py3dir} |
||||||
|
cp -a . %{py3dir} |
||||||
|
find %{py3dir} -name '*.py' | xargs sed -i '1s|^#!python|#!%{__python3}|' |
||||||
|
%endif |
||||||
|
|
||||||
|
find -name '*.py' | xargs sed -i '1s|^#!python|#!%{__python}|' |
||||||
|
|
||||||
|
CFLAGS="%{optflags} -fno-strict-aliasing" %{__python} setup.py build |
||||||
|
|
||||||
|
%if 0%{?with_python3} |
||||||
|
pushd %{py3dir} |
||||||
|
CFLAGS="%{optflags} -fno-strict-aliasing" %{__python3} setup.py build |
||||||
|
popd |
||||||
|
%endif |
||||||
|
|
||||||
|
#%{__make} -C doc ps |
||||||
|
#%{__make} -C doc text html |
||||||
|
|
||||||
|
%install |
||||||
|
%{__python} setup.py install --skip-build --root %{buildroot} |
||||||
|
|
||||||
|
%if 0%{?with_python3} |
||||||
|
pushd %{py3dir} |
||||||
|
%{__python3} setup.py install --skip-build --root %{buildroot} |
||||||
|
popd |
||||||
|
%endif |
||||||
|
|
||||||
|
%files |
||||||
|
%{python_sitearch}/OpenSSL/ |
||||||
|
%{python_sitearch}/pyOpenSSL-*.egg-info |
||||||
|
|
||||||
|
%if 0%{?with_python3} |
||||||
|
%files -n python3-pyOpenSSL |
||||||
|
%{python3_sitearch}/OpenSSL/ |
||||||
|
%{python3_sitearch}/pyOpenSSL-*.egg-info |
||||||
|
%endif |
||||||
|
|
||||||
|
%files doc |
||||||
|
%doc README doc/pyOpenSSL.* |
||||||
|
|
||||||
|
%changelog |
||||||
|
* Fri May 4 2018 Tomáš Mráz <tmraz@redhat.com> - 0.13.1-4 |
||||||
|
- fix various testsuite failures |
||||||
|
- fix exception propagation from private key passphrase callback (#1227505) |
||||||
|
- add optional digest parameter to CRL.export method (#1523772) |
||||||
|
|
||||||
|
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 0.13.1-3 |
||||||
|
- Mass rebuild 2014-01-24 |
||||||
|
|
||||||
|
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 0.13.1-2 |
||||||
|
- Mass rebuild 2013-12-27 |
||||||
|
|
||||||
|
* Thu Sep 5 2013 Tomáš Mráz <tmraz@redhat.com> - 0.13.1-1 |
||||||
|
- new upstream release fixing a security issue with string |
||||||
|
formatting subjectAltName of a certificate |
||||||
|
|
||||||
|
* Tue Aug 06 2013 Jeffrey C. Ollie <jeff@ocjtech.us> - 0.13-8 |
||||||
|
- Python 3 subpackage |
||||||
|
- Split documentation off into noarch subpackage |
||||||
|
|
||||||
|
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13-7 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild |
||||||
|
|
||||||
|
* Thu Apr 4 2013 Tomáš Mráz <tmraz@redhat.com> - 0.13-6 |
||||||
|
- Check for error returns which cause segfaults in FIPS mode |
||||||
|
- Fix missing error check and leak found by gcc-with-cpychecker (#800086) |
||||||
|
|
||||||
|
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13-5 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild |
||||||
|
|
||||||
|
* Fri Oct 12 2012 Petr Pisar <ppisar@redhat.com> - 0.13-4 |
||||||
|
- Do not scan documentation for dependencies (bug #865806) |
||||||
|
|
||||||
|
* Mon Oct 08 2012 Dan Horák <dan[at]danny.cz> - 0.13-3 |
||||||
|
- rebuilt because ARM packages had wrong Requires autodetected |
||||||
|
|
||||||
|
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13-2 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild |
||||||
|
|
||||||
|
* Wed Jun 20 2012 Tomas Mraz <tmraz@redhat.com> - 0.13-1 |
||||||
|
- New upstream release |
||||||
|
|
||||||
|
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.12-2 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild |
||||||
|
|
||||||
|
* Tue Jun 28 2011 Tomas Mraz <tmraz@redhat.com> - 0.12-1 |
||||||
|
- New upstream release |
||||||
|
|
||||||
|
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.10-3 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild |
||||||
|
|
||||||
|
* Tue Dec 7 2010 Toshio Kuratomi <toshio@fedoraproject.org> - 0.10-2 |
||||||
|
- Fix incompatibility with python-2.7's socket module. |
||||||
|
|
||||||
|
* Mon Oct 4 2010 Tomas Mraz <tmraz@redhat.com> - 0.10-1 |
||||||
|
- Merge-review cleanup by Parag Nemade (#226335) |
||||||
|
- New upstream release |
||||||
|
|
||||||
|
* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 0.9-2 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild |
||||||
|
|
||||||
|
* Tue Sep 29 2009 Matěj Cepl <mcepl@redhat.com> - 0.9-1 |
||||||
|
- New upstream release |
||||||
|
- Fix BuildRequires to make Postscript documentation buildable |
||||||
|
|
||||||
|
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 0.7-7 |
||||||
|
- rebuilt with new openssl |
||||||
|
|
||||||
|
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7-6 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild |
||||||
|
|
||||||
|
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7-5 |
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild |
||||||
|
|
||||||
|
* Thu Jan 15 2009 Dennis Gilmore <dennis@ausil.us> - 0.7-4 |
||||||
|
- rebuild against now openssl |
||||||
|
|
||||||
|
* Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 0.7-3 |
||||||
|
- Rebuild for Python 2.6 |
||||||
|
|
||||||
|
* Fri Sep 19 2008 Dennis Gilmore <dennis@ausil.us> - 0.7-2 |
||||||
|
- update threadsafe patch |
||||||
|
- bug#462807 |
||||||
|
|
||||||
|
* Mon Sep 15 2008 Paul F. Johnson <paul@all-the-johnsons.co.uk> 0.7-1 |
||||||
|
- bump to new release |
||||||
|
- the inevitable patch fixes |
||||||
|
|
||||||
|
|
||||||
|
* Wed Mar 26 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.6-4 |
||||||
|
- fix horrific release tag |
||||||
|
- fix license tag |
||||||
|
- add egg-info |
||||||
|
|
||||||
|
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.6-3.p24.9 |
||||||
|
- Autorebuild for GCC 4.3 |
||||||
|
|
||||||
|
* Wed Dec 5 2007 Jeremy Katz <katzj@redhat.com> - 0.6-2.p24.9 |
||||||
|
- rebuild for new openssl |
||||||
|
|
||||||
|
* Mon Dec 11 2006 Paul Howarth <paul@city-fan.org> - 0.6-1.p24.9 |
||||||
|
- add missing buildreq latex2html, needed to build HTML docs |
||||||
|
- rewrite to be more in line with Fedora python spec template and use |
||||||
|
%%{python_sitearch} rather than a script-generated %%files list |
||||||
|
- package is not relocatable - drop Prefix: tag |
||||||
|
- buildreq perl not necessary |
||||||
|
- fix permissions for files going into debuginfo package |
||||||
|
|
||||||
|
* Thu Dec 7 2006 Jeremy Katz <katzj@redhat.com> - 0.6-1.p24.8 |
||||||
|
- rebuild for python 2.5 |
||||||
|
|
||||||
|
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 0.6-1.p24.7.2.2 |
||||||
|
- rebuild |
||||||
|
|
||||||
|
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 0.6-1.p24.7.2.1 |
||||||
|
- bump again for double-long bug on ppc(64) |
||||||
|
|
||||||
|
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 0.6-1.p24.7.2 |
||||||
|
- rebuilt for new gcc4.1 snapshot and glibc changes |
||||||
|
|
||||||
|
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com> |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Wed Nov 9 2005 Mihai Ibanescu <misa@redhat.com> - 0.6-1.p24.7 |
||||||
|
- rebuilt against newer openssl |
||||||
|
|
||||||
|
* Wed Aug 24 2005 Jeremy Katz <katzj@redhat.com> - 0.6-1.p24.6 |
||||||
|
- add dcbw's patch to fix some threading problems |
||||||
|
|
||||||
|
* Wed Aug 03 2005 Karsten Hopp <karsten@redhat.de> 0.6-1.p24.5 |
||||||
|
- current rpm creates .pyo files, include them in filelist |
||||||
|
|
||||||
|
* Thu Mar 17 2005 Mihai Ibanescu <misa@redhat.com> 0.6-1.p24.4 |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Mon Mar 14 2005 Mihai Ibanescu <misa@redhat.com> 0.6-1.p24.3 |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Mon Mar 7 2005 Tomas Mraz <tmraz@redhat.com> 0.6-1.p23.2 |
||||||
|
- rebuild with openssl-0.9.7e |
||||||
|
|
||||||
|
* Tue Nov 9 2004 Nalin Dahyabhai <nalin@redhat.com> 0.6-1.p23.1 |
||||||
|
- rebuild |
||||||
|
|
||||||
|
* Fri Aug 13 2004 Mihai Ibanescu <misa@redhat.com> 0.6-1 |
||||||
|
- 0.6 is out |
||||||
|
|
||||||
|
* Tue Aug 10 2004 Mihai Ibanescu <misa@redhat.com> 0.6-0.90.rc1 |
||||||
|
- release candidate |
||||||
|
|
||||||
|
* Thu Jun 24 2004 Mihai Ibanescu <misa@redhat.com> 0.5.1-24 |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Mon Jun 21 2004 Mihai Ibanescu <misa@redhat.com> 0.5.1-23 |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com> |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com> |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com> |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Wed Nov 5 2003 Mihai Ibanescu <misa@redhat.com> 0.5.1-20 |
||||||
|
- rebuilt against python 2.3.2 |
||||||
|
|
||||||
|
* Fri Aug 8 2003 Mihai Ibanescu <misa@redhat.com> 0.5.1-12 |
||||||
|
- lynx no longer supported, using elinks instead (patch from |
||||||
|
Michael Redinger <michael.redinger@uibk.ac.at>, bug #101947 ) |
||||||
|
|
||||||
|
* Wed Jun 4 2003 Elliot Lee <sopwith@redhat.com> 0.5.1-11 |
||||||
|
- Rebuilt |
||||||
|
|
||||||
|
* Wed Jun 4 2003 Mihai Ibanescu <misa@redhat.com> 0.5.1-10.7.x |
||||||
|
- Built on 7.x |
||||||
|
|
||||||
|
* Mon Mar 3 2003 Mihai Ibanescu <misa@redhat.com> 0.5.1-9 |
||||||
|
- bug #73967: Added Requires: python |
||||||
|
|
||||||
|
* Mon Feb 24 2003 Elliot Lee <sopwith@redhat.com> |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Fri Feb 21 2003 Mihai Ibanescu <misa@redhat.com> 0.5.1-7 |
||||||
|
- bug #84803: Added patch to expose more flags |
||||||
|
|
||||||
|
* Fri Jan 31 2003 Mihai Ibanescu <misa@redhat.com> 0.5.1-5 |
||||||
|
- installing to %%{_libdir} |
||||||
|
|
||||||
|
* Wed Jan 22 2003 Tim Powers <timp@redhat.com> |
||||||
|
- rebuilt |
||||||
|
|
||||||
|
* Tue Jan 7 2003 Nalin Dahyabhai <nalin@redhat.com> 0.5.1-3 |
||||||
|
- rebuild |
||||||
|
|
||||||
|
* Fri Jan 3 2003 Nalin Dahyabhai <nalin@redhat.com> |
||||||
|
- Add -I and -L flags for finding Kerberos headers and libraries, in case |
||||||
|
they're referenced |
||||||
|
|
||||||
|
* Tue Dec 3 2002 Mihai Ibanescu <misa@redhat.com> |
||||||
|
- Fix for bug 73967: site-packages/OpenSSL not owned by this package |
||||||
|
- Adding hacks around the lack of latex2html on ia64 |
||||||
|
|
||||||
|
* Tue Sep 24 2002 Mihai Ibanescu <misa@redhat.com> |
||||||
|
- 0.5.1 |
||||||
|
|
||||||
|
* Thu Aug 29 2002 Mihai Ibanescu <misa@redhat.com> |
||||||
|
- Building 0.5.1rc1 with version number 0.5.0.91 (this should also fix the big |
||||||
|
error of pushing 0.5pre previously, since it breaks rpm's version comparison |
||||||
|
algorithm). |
||||||
|
- We use %%{__python}. Too bad I can't pass --define's to distutils. |
||||||
|
|
||||||
|
* Fri Aug 16 2002 Mihai Ibanescu <misa@redhat.com> |
||||||
|
- Building 0.5 |
||||||
|
|
||||||
|
* Fri Jun 14 2002 Mihai Ibanescu <misa@redhat.com> |
||||||
|
- Added documentation |
Loading…
Reference in new issue