calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0ea617facf'
${ noResults }
gentoo-overlay/dev-python/m2crypto/files/m2crypto-0.37.1-openssl-fix...

77 lines
3.0 KiB
Raw Blame History

From 73fbd1e646f6bbf202d4418bae80eb9941fbf552 Mon Sep 17 00:00:00 2001
From: Casey Deccio <casey@deccio.net>
Date: Fri, 8 Jan 2021 12:43:09 -0700
Subject: [PATCH] Allow verify_cb_* to be called with ok=True
With https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
OpenSSL allowed verificaton to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE
---
tests/test_ssl.py | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/tests/test_ssl.py b/tests/test_ssl.py
index 92b6942..7a3271a 100644
--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py
@@ -59,8 +59,13 @@ def allocate_srv_port():
def verify_cb_new_function(ok, store):
- assert not ok
err = store.get_error()
+ # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
+ # aborting, this callback is called to retrieve additional error
+ # information. In this case, ok might not be False.
+ # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
+ if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ assert not ok
assert err in [m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
m2.X509_V_ERR_CERT_UNTRUSTED,
@@ -618,7 +623,12 @@ class MiscSSLClientTestCase(BaseSSLClientTestCase):
def verify_cb_old(self, ctx_ptr, x509_ptr, err, depth, ok):
try:
- self.assertFalse(ok)
+ # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
+ # aborting, this callback is called to retrieve additional error
+ # information. In this case, ok might not be False.
+ # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
+ if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ self.assertFalse(ok)
self.assertIn(err,
[m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
--
2.31.1
From d06eaa88a5f491827733f32027c46de3557fbd05 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mat=C4=9Bj=20Cepl?= <mcepl@cepl.eu>
Date: Fri, 19 Feb 2021 15:53:02 +0100
Subject: [PATCH] Use of RSA_SSLV23_PADDING has been deprecated.
Fixes #293.
---
tests/test_rsa.py | 5 -----
1 file changed, 5 deletions(-)
diff --git a/tests/test_rsa.py b/tests/test_rsa.py
index 3de5016..7299785 100644
--- a/tests/test_rsa.py
+++ b/tests/test_rsa.py
@@ -124,11 +124,6 @@ class RSATestCase(unittest.TestCase):
ptxt = priv.private_decrypt(ctxt, p)
self.assertEqual(ptxt, self.data)
- # sslv23_padding
- ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding)
- res = priv.private_decrypt(ctxt, RSA.sslv23_padding)
- self.assertEqual(res, self.data)
-
# no_padding
with six.assertRaisesRegex(self, RSA.RSAError, 'data too small'):
priv.public_encrypt(self.data, RSA.no_padding)
--
2.31.1
Reference in new issue View Git Blame Copy Permalink