MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-07-19 15:29:08 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
d32bb7dbc0
meta-openembedded/meta-python/recipes-devtools/python/python3-cryptography/openssl3.patch
Ross Burton cd430556f8 python3-cryptography: backport patches to make this work against OpenSSL 3 
Backport just enough changes that python3-cryptography doesn't crash on
startup when linked against OpenSSL 3.

This is very much not complete, and the upgrade to the latest version of
python3-crytography has to happen soon.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
2021-11-09 06:52:28 -08:00

63 lines
2.3 KiB
Diff
Raw Blame History

Encourage our old python3-cryptography to at least start to work with OpenSSL 3.
- Backport one patch to err.py to remove a symbol which has been removed in
OpenSSL 3, and isn't used in python3-cryptography.
(50ec692749b7e2e62685b443f5e629627b03987e)
- Backport the detection of OpenSSL 3 and don't link to FIPS_mode/FIPS_mode_set
(parts of f08a7de651f9e6475c8c0a67d2a61ed8b669ddf6)
This is *not* a complete backport of the 3.0 support, but is enough that packages
such as imgtool can import python3-cryptography and operate until the upgrade is
ready.
Upstream-Status: Inappropriate
Signed-off-by: Ross Burton <ross.burton@arm.com>
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py
index f24bee5a..920a86de 100644
--- a/src/_cffi_src/openssl/cryptography.py
+++ b/src/_cffi_src/openssl/cryptography.py
@@ -35,6 +35,8 @@ INCLUDES = """
#define CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER \
(OPENSSL_VERSION_NUMBER >= 0x1010006f && !CRYPTOGRAPHY_IS_LIBRESSL)
+#define CRYPTOGRAPHY_OPENSSL_300_OR_GREATER \
+ (OPENSSL_VERSION_NUMBER >= 0x30000000 && !CRYPTOGRAPHY_IS_LIBRESSL)
#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110J \
(OPENSSL_VERSION_NUMBER < 0x101000af || CRYPTOGRAPHY_IS_LIBRESSL)
@@ -54,6 +56,7 @@ INCLUDES = """
TYPES = """
static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER;
+static const int CRYPTOGRAPHY_OPENSSL_300_OR_GREATER;
static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111;
static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B;
diff --git a/src/_cffi_src/openssl/err.py b/src/_cffi_src/openssl/err.py
index 0dd74146..42bab4d9 100644
--- a/src/_cffi_src/openssl/err.py
+++ b/src/_cffi_src/openssl/err.py
@@ -40,7 +40,6 @@ void ERR_clear_error(void);
void ERR_put_error(int, int, int, const char *, int);
int ERR_GET_LIB(unsigned long);
-int ERR_GET_FUNC(unsigned long);
int ERR_GET_REASON(unsigned long);
"""
diff --git a/src/_cffi_src/openssl/fips.py b/src/_cffi_src/openssl/fips.py
index c92bca49..38bfa231 100644
--- a/src/_cffi_src/openssl/fips.py
+++ b/src/_cffi_src/openssl/fips.py
@@ -18,7 +18,7 @@ int FIPS_mode(void);
"""
CUSTOMIZATIONS = """
-#if CRYPTOGRAPHY_IS_LIBRESSL
+#if CRYPTOGRAPHY_IS_LIBRESSL || CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
static const long Cryptography_HAS_FIPS = 0;
int (*FIPS_mode_set)(int) = NULL;
int (*FIPS_mode)(void) = NULL;
Reference in New Issue View Git Blame Copy Permalink