Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

backport #7833 #7853

Merged
merged 5 commits into from Nov 27, 2022
Merged

backport #7833 #7853

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
597605c
Update invalid EC key test for compatibility with upcoming OpenSSL ch…
romen Nov 27, 2022
434b3eb
fix CI
reaperhulk Nov 27, 2022
ffd939c
fixes #7653 -- handle OPENSSL_cleanup existing on LibreSSL 3.6.0 (#7654)
alex Sep 28, 2022
607f0fc
kill CI cache
reaperhulk Nov 27, 2022
a5ee003
endless CI fixing
reaperhulk Nov 27, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/workflows/ci.yml
View file
Open in desktop
Expand Up @@ -21,7 +21,7 @@ env:

jobs:
linux:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -70,7 +70,7 @@ jobs:
~/.cargo/registry/src/
~/.cargo/git/db/
src/rust/target/
key: ${{ runner.os }}-${{ matrix.PYTHON.VERSION }}-${{ steps.setup-python.outputs.python-version }}-cargo-3-${{ hashFiles('**/Cargo.lock') }}
key: ${{ runner.os }}-${{ matrix.PYTHON.VERSION }}-${{ steps.setup-python.outputs.python-version }}-cargo-4-${{ hashFiles('**/Cargo.lock') }}

- uses: actions/checkout@v3.0.2
timeout-minutes: 3
Expand Down Expand Up @@ -99,7 +99,7 @@ jobs:
path: ${{ github.workspace }}/osslcache
# When altering the openssl build process you may need to increment the value on the end of this cache key
# so that you can prevent it from fetching the cache and skipping the build step.
key: ${{ matrix.PYTHON.OPENSSL.TYPE }}-${{ matrix.PYTHON.OPENSSL.VERSION }}-${{ env.CONFIG_HASH }}-2
key: ${{ matrix.PYTHON.OPENSSL.TYPE }}-${{ matrix.PYTHON.OPENSSL.VERSION }}-${{ env.CONFIG_HASH }}-3
if: matrix.PYTHON.OPENSSL
- name: Build custom OpenSSL/LibreSSL
run: .github/workflows/build_openssl.sh
Expand Down Expand Up @@ -140,7 +140,7 @@ jobs:
- {IMAGE: "ubuntu-focal", TOXENV: "py38"}
- {IMAGE: "ubuntu-jammy", TOXENV: "py310"}
- {IMAGE: "ubuntu-rolling", TOXENV: "py310"}
- {IMAGE: "fedora", TOXENV: "py310"}
- {IMAGE: "fedora", TOXENV: "py311"}
- {IMAGE: "alpine", TOXENV: "py310"}
name: "${{ matrix.IMAGE.TOXENV }} on ${{ matrix.IMAGE.IMAGE }}"
timeout-minutes: 15
Expand Down Expand Up @@ -502,7 +502,7 @@ jobs:
import pkg_resources
import shutil
import urllib.request

d = pkg_resources.get_distribution("cryptography")
with urllib.request.urlopen("https://pypi.org/pypi/cryptography/json") as r:
latest_version = json.load(r)["info"]["version"]
Expand Down
2 changes: 1 addition & 1 deletion src/_cffi_src/openssl/crypto.py
View file
Open in desktop
Expand Up @@ -75,7 +75,7 @@
# define OPENSSL_DIR SSLEAY_DIR
#endif

#if CRYPTOGRAPHY_IS_LIBRESSL
#if CRYPTOGRAPHY_LIBRESSL_LESS_THAN_360
static const long Cryptography_HAS_OPENSSL_CLEANUP = 0;
void (*OPENSSL_cleanup)(void) = NULL;
#else
Expand Down
3 changes: 3 additions & 0 deletions src/_cffi_src/openssl/cryptography.py
View file
Open in desktop
Expand Up @@ -47,12 +47,15 @@
(LIBRESSL_VERSION_NUMBER < 0x3040000f)
#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_350 \
(LIBRESSL_VERSION_NUMBER < 0x3050000f)
#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_360 \
(LIBRESSL_VERSION_NUMBER < 0x3060000f)

#else
#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_322 (0)
#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 (0)
#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_340 (0)
#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_350 (0)
#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_360 (0)
#endif

#if OPENSSL_VERSION_NUMBER < 0x10100000
Expand Down
4 changes: 3 additions & 1 deletion src/cryptography/hazmat/primitives/serialization/ssh.py
View file
Open in desktop
Expand Up @@ -174,7 +174,9 @@ class _FragList:

flist: typing.List[bytes]

def __init__(self, init: typing.List[bytes] = None) -> None:
def __init__(
self, init: typing.Optional[typing.List[bytes]] = None
) -> None:
self.flist = []
if init:
self.flist.extend(init)
Expand Down
4 changes: 3 additions & 1 deletion tests/hazmat/primitives/test_ec.py
View file
Open in desktop
Expand Up @@ -479,7 +479,9 @@ def test_load_invalid_ec_key_from_pem(self, backend):
# BoringSSL rejects infinity points before it ever gets to us, so it
# uses a more generic error message.
match = (
"infinity" if not backend._lib.CRYPTOGRAPHY_IS_BORINGSSL else None
r"infinity|invalid form"
if not backend._lib.CRYPTOGRAPHY_IS_BORINGSSL
else None
)
with pytest.raises(ValueError, match=match):
serialization.load_pem_public_key(
Expand Down
4 changes: 2 additions & 2 deletions tests/test_interfaces.py
View file
Open in desktop
Expand Up @@ -58,15 +58,15 @@ def property(self):
def test_signature_mismatch(self):
class SimpleInterface(metaclass=abc.ABCMeta):
@abc.abstractmethod
def method(self, other: object) -> int:
def method(self, other: object):
"""Method with signature"""

class ClassWithoutSignature:
def method(self, other):
"""Method without signature"""

class ClassWithSignature:
def method(self, other: object) -> int:
def method(self, other: object):
"""Method with signature"""

verify_interface(SimpleInterface, ClassWithoutSignature)
Expand Down