commit python-cryptography for openSUSE:Factory
Hello community, here is the log from the commit of package python-cryptography for openSUSE:Factory checked in at 2015-10-17 16:37:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-cryptography (Old) and /work/SRC/openSUSE:Factory/.python-cryptography.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python-cryptography" Changes: -------- --- /work/SRC/openSUSE:Factory/python-cryptography/python-cryptography.changes 2015-09-24 07:16:48.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.python-cryptography.new/python-cryptography.changes 2015-10-17 16:37:54.000000000 +0200 @@ -1,0 +2,10 @@ +Wed Sep 30 12:01:27 UTC 2015 - dmueller@suse.com + +- require the cffi version it was built against to avoid (bsc#948198) + +------------------------------------------------------------------- +Tue Sep 29 13:54:24 UTC 2015 - tbechtold@suse.com + +- Add 2293.patch for "osrandom engine already registered" (bnc#947679) + +------------------------------------------------------------------- New: ---- 2293.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-cryptography.spec ++++++ --- /var/tmp/diff_new_pack.qPntD0/_old 2015-10-17 16:37:55.000000000 +0200 +++ /var/tmp/diff_new_pack.qPntD0/_new 2015-10-17 16:37:55.000000000 +0200 @@ -30,6 +30,8 @@ Source4: https://pypi.python.org/packages/source/c/cryptography-vectors/cryptography_vectors-%{version}.tar.gz.asc # PATCH-FIX-SLE disable-uneven-sizes-tests.patch bnc#944204 Patch1: disable-uneven-sizes-tests.patch +# PATCH-FIX-UPSTREAM 2293.patch bnc#947679 -- https://github.com/pyca/cryptography/pull/2293 +Patch2: 2293.patch BuildRequires: libopenssl-devel BuildRequires: python-cffi >= 1.1.0 BuildRequires: python-devel @@ -45,7 +47,7 @@ BuildRequires: python-pyasn1 >= 0.1.8 BuildRequires: python-pytest BuildRequires: python-virtualenv -Requires: python-cffi >= 1.1.0 +%requires_eq python-cffi Requires: python-enum34 Requires: python-idna >= 2.0 Requires: python-ipaddress @@ -71,6 +73,7 @@ tar xvzf %{SOURCE3} %patch1 -p1 +%patch2 -p1 %build CFLAGS="%{optflags} -fno-strict-aliasing" python setup.py build ++++++ 2293.patch ++++++
From 9578e4cadb09f4bca86d66c8f5d7a9370f5bf41e Mon Sep 17 00:00:00 2001 From: Paul Kehrer
Date: Mon, 24 Aug 2015 08:00:10 -0500 Subject: [PATCH 1/2] make engine addition idempotent
Weird threading issues keep cropping up. ENGINE_add already acquires a lock at the C layer via CRYPTO_w_lock (provided you have registered the locking callbacks) so let's just use that --- src/cryptography/hazmat/bindings/openssl/binding.py | 19 ++++++++++++++----- tests/hazmat/bindings/test_openssl.py | 4 ++-- 2 files changed, 16 insertions(+), 7 deletions(-) Index: cryptography-1.0/src/cryptography/hazmat/bindings/openssl/binding.py =================================================================== --- cryptography-1.0.orig/src/cryptography/hazmat/bindings/openssl/binding.py +++ cryptography-1.0/src/cryptography/hazmat/bindings/openssl/binding.py @@ -65,10 +65,6 @@ class Binding(object): @classmethod def _register_osrandom_engine(cls): assert cls.lib.ERR_peek_error() == 0 - looked_up_engine = cls.lib.ENGINE_by_id(cls._osrandom_engine_id) - if looked_up_engine != ffi.NULL: - raise RuntimeError("osrandom engine already registered") - cls.lib.ERR_clear_error() engine = cls.lib.ENGINE_new() @@ -81,7 +77,20 @@ class Binding(object): result = cls.lib.ENGINE_set_RAND(engine, cls._osrandom_method) assert result == 1 result = cls.lib.ENGINE_add(engine) - assert result == 1 + if result != 1: + # Engine already added. Clear the error stack. + errors = [] + while True: + code = cls.lib.ERR_get_error() + if code == 0: + break + + errors.append(code) + + # the following error code corresponds to "conflicting engine + # id" in ENGINE_LIST_ADD + assert 638025831 in errors + finally: result = cls.lib.ENGINE_free(engine) assert result == 1 @@ -133,3 +142,6 @@ class Binding(object): mode, n, file, line ) ) + +# init the static locks so we have a locking callback in C for engine init +Binding.init_static_locks() Index: cryptography-1.0/tests/hazmat/bindings/test_openssl.py =================================================================== --- cryptography-1.0.orig/tests/hazmat/bindings/test_openssl.py +++ cryptography-1.0/tests/hazmat/bindings/test_openssl.py @@ -89,8 +89,8 @@ class TestOpenSSL(object): def test_add_engine_more_than_once(self): b = Binding() - with pytest.raises(RuntimeError): - b._register_osrandom_engine() + b._register_osrandom_engine() + assert b.lib.ERR_get_error() == 0 def test_ssl_ctx_options(self): # Test that we're properly handling 32-bit unsigned on all platforms.
participants (1)
-
root@hilbert.suse.de