Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 401076 Details for
Bug 546330
dev-python/m2crypto: Add use flags to disable insecure protocols/ciphers
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch the code to compile with openssl[-ssl2]
m2crypto-remove-ssl2.patch (text/plain), 2.50 KB, created by
Thomas Bettler
on 2015-04-12 08:55:38 UTC
(
hide
)
Description:
patch the code to compile with openssl[-ssl2]
Filename:
MIME Type:
Creator:
Thomas Bettler
Created:
2015-04-12 08:55:38 UTC
Size:
2.50 KB
patch
obsolete
>--- tests/test_ssl.py.orig 2015-04-12 08:28:26.792975524 +0200 >+++ tests/test_ssl.py 2015-04-12 08:28:54.654975272 +0200 >@@ -400,23 +400,6 @@ > finally: > self.stop_server(pid) > >- def test_sslv23_weak_crypto(self): >- if fips_mode: # TLS is required in FIPS mode >- return >- self.args = self.args + ['-no_tls1', '-no_ssl3'] >- pid = self.start_server(self.args) >- try: >- ctx = SSL.Context('sslv23', weak_crypto=1) >- s = SSL.Connection(ctx) >- if m2.OPENSSL_VERSION_NUMBER < 0x10000000: # SSLv2 ciphers disabled by default in newer OpenSSL >- s.connect(self.srv_addr) >- self.failUnlessEqual(s.get_version(), 'SSLv2') >- else: >- self.assertRaises(SSL.SSLError, s.connect, self.srv_addr) >- s.close() >- finally: >- self.stop_server(pid) >- > def test_cipher_mismatch(self): > self.args = self.args + ['-cipher', 'AES256-SHA'] > pid = self.start_server(self.args) >--- M2Crypto/SSL/Context.py.orig 2015-04-12 08:34:22.632972311 +0200 >+++ M2Crypto/SSL/Context.py 2015-04-12 08:37:32.655970595 +0200 >@@ -46,7 +46,7 @@ > m2.ssl_ctx_set_cache_size(self.ctx, 128L) > if weak_crypto is None: > if protocol == 'sslv23': >- self.set_options(m2.SSL_OP_ALL | m2.SSL_OP_NO_SSLv2) >+ self.set_options(m2.SSL_OP_ALL) > self.set_cipher_list('ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH') > > def __del__(self): >--- M2Crypto/SSL/__init__.py.orig 2015-04-12 08:36:18.676971263 +0200 >+++ M2Crypto/SSL/__init__.py 2015-04-12 08:36:43.149971042 +0200 >@@ -25,4 +25,3 @@ > SSL_RECEIVED_SHUTDOWN = m2.SSL_RECEIVED_SHUTDOWN > > op_all = m2.SSL_OP_ALL >-op_no_sslv2 = m2.SSL_OP_NO_SSLv2 >--- SWIG/_ssl.i.orig 2015-04-12 08:38:48.062969914 +0200 >+++ SWIG/_ssl.i 2015-04-12 08:39:25.590969576 +0200 >@@ -48,8 +48,6 @@ > %rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long; > extern const char *SSL_alert_desc_string_long(int); > >-%rename(sslv2_method) SSLv2_method; >-extern SSL_METHOD *SSLv2_method(void); > %rename(sslv3_method) SSLv3_method; > extern SSL_METHOD *SSLv3_method(void); > %rename(sslv23_method) SSLv23_method; >@@ -201,7 +199,6 @@ > > %constant int SSL_OP_ALL = 0x00000FFFL; > >-%constant int SSL_OP_NO_SSLv2 = 0x01000000L; > %constant int SSL_OP_NO_SSLv3 = 0x02000000L; > %constant int SSL_OP_NO_TLSv1 = 0x04000000L; > %constant int SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 0x00000800L;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=401076">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 546330
:
401074
| 401076
