add ssl patch for 3.1.3 and 3.2 (#22)

2024-11-21 20:47:00 -05:00 · 2013-05-23 12:07:19 +09:00 · 2013-05-23 12:07:19 +09:00 · 5fbc3ae3d5
commit 5fbc3ae3d5
parent 1ce37e53c7
2 changed files with 150 additions and 0 deletions
--- a/plugins/python-build/share/python-build/patches/3.1.3/Python-3.1.3/001_openssl_no_ssl2.patch
+++ b/plugins/python-build/share/python-build/patches/3.1.3/Python-3.1.3/001_openssl_no_ssl2.patch
@ -0,0 +1,75 @@
+diff -r -u ./Lib/ssl.py ../Python-3.1.3/Lib/ssl.py
+--- ./Lib/ssl.py	2010-09-14 23:47:08.000000000 +0900
+++ ../Python-3.1.3/Lib/ssl.py	2013-05-23 12:03:38.000000000 +0900
+@@ -60,8 +60,20 @@
+ 
+ from _ssl import SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+                   PROTOCOL_TLSv1)
+_PROTOCOL_NAMES = {
+    PROTOCOL_TLSv1: "TLSv1",
+    PROTOCOL_SSLv23: "SSLv23",
+    PROTOCOL_SSLv3: "SSLv3",
+}
+try:
+    from _ssl import PROTOCOL_SSLv2
+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
+except ImportError:
+    _SSLv2_IF_EXISTS = None
+else:
+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ from _ssl import RAND_status, RAND_egd, RAND_add
+ from _ssl import (
+     SSL_ERROR_ZERO_RETURN,
+@@ -427,13 +439,4 @@
+     return DER_cert_to_PEM_cert(dercert)
+ 
+ def get_protocol_name(protocol_code):
+-    if protocol_code == PROTOCOL_TLSv1:
+-        return "TLSv1"
+-    elif protocol_code == PROTOCOL_SSLv23:
+-        return "SSLv23"
+-    elif protocol_code == PROTOCOL_SSLv2:
+-        return "SSLv2"
+-    elif protocol_code == PROTOCOL_SSLv3:
+-        return "SSLv3"
+-    else:
+-        return "<unknown>"
+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
+diff -r -u ./Modules/_ssl.c ../Python-3.1.3/Modules/_ssl.c
+--- ./Modules/_ssl.c	2010-10-14 07:20:48.000000000 +0900
+++ ../Python-3.1.3/Modules/_ssl.c	2013-05-23 12:04:31.000000000 +0900
+@@ -63,7 +63,9 @@
+ };
+ 
+ enum py_ssl_version {
+#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+#endif
+     PY_SSL_VERSION_SSL3,
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+@@ -306,8 +308,10 @@
+         self->ctx = SSL_CTX_new(TLSv1_method()); /* Set up context */
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         self->ctx = SSL_CTX_new(SSLv3_method()); /* Set up context */
+#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
+#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+     PySSL_END_ALLOW_THREADS
+@@ -1785,8 +1789,10 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
+#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",
--- a/plugins/python-build/share/python-build/patches/3.2/Python-3.2/001_openssl_no_ssl2.patch
+++ b/plugins/python-build/share/python-build/patches/3.2/Python-3.2/001_openssl_no_ssl2.patch
@ -0,0 +1,75 @@
+diff -r -u ./Lib/ssl.py ../Python-3.2/Lib/ssl.py
+--- ./Lib/ssl.py	2010-10-23 03:19:07.000000000 +0900
+++ ../Python-3.2/Lib/ssl.py	2013-05-23 11:56:30.000000000 +0900
+@@ -62,8 +62,20 @@
+ from _ssl import OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_INFO, OPENSSL_VERSION
+ from _ssl import _SSLContext, SSLError
+ from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
+-from _ssl import (PROTOCOL_SSLv2, PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23,
+                   PROTOCOL_TLSv1)
+_PROTOCOL_NAMES = {
+    PROTOCOL_TLSv1: "TLSv1",
+    PROTOCOL_SSLv23: "SSLv23",
+    PROTOCOL_SSLv3: "SSLv3",
+}
+try:
+    from _ssl import PROTOCOL_SSLv2
+    _SSLv2_IF_EXISTS = PROTOCOL_SSLv2
+except ImportError:
+    _SSLv2_IF_EXISTS = None
+else:
+    _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2"
+ from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
+ from _ssl import RAND_status, RAND_egd, RAND_add
+ from _ssl import (
+@@ -537,13 +549,4 @@
+     return DER_cert_to_PEM_cert(dercert)
+ 
+ def get_protocol_name(protocol_code):
+-    if protocol_code == PROTOCOL_TLSv1:
+-        return "TLSv1"
+-    elif protocol_code == PROTOCOL_SSLv23:
+-        return "SSLv23"
+-    elif protocol_code == PROTOCOL_SSLv2:
+-        return "SSLv2"
+-    elif protocol_code == PROTOCOL_SSLv3:
+-        return "SSLv3"
+-    else:
+-        return "<unknown>"
+    return _PROTOCOL_NAMES.get(protocol_code, '<unknown>')
+diff -r -u ./Modules/_ssl.c ../Python-3.2/Modules/_ssl.c
+--- ./Modules/_ssl.c	2011-01-29 20:31:20.000000000 +0900
+++ ../Python-3.2/Modules/_ssl.c	2013-05-23 11:57:44.000000000 +0900
+@@ -63,7 +63,9 @@
+ };
+ 
+ enum py_ssl_version {
+#ifndef OPENSSL_NO_SSL2
+     PY_SSL_VERSION_SSL2,
+#endif
+     PY_SSL_VERSION_SSL3,
+     PY_SSL_VERSION_SSL23,
+     PY_SSL_VERSION_TLS1
+@@ -1450,8 +1452,10 @@
+         ctx = SSL_CTX_new(TLSv1_method());
+     else if (proto_version == PY_SSL_VERSION_SSL3)
+         ctx = SSL_CTX_new(SSLv3_method());
+#ifndef OPENSSL_NO_SSL2
+     else if (proto_version == PY_SSL_VERSION_SSL2)
+         ctx = SSL_CTX_new(SSLv2_method());
+#endif
+     else if (proto_version == PY_SSL_VERSION_SSL23)
+         ctx = SSL_CTX_new(SSLv23_method());
+     else
+@@ -2110,8 +2114,10 @@
+                             PY_SSL_CERT_REQUIRED);
+ 
+     /* protocol versions */
+#ifndef OPENSSL_NO_SSL2
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv2",
+                             PY_SSL_VERSION_SSL2);
+#endif
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv3",
+                             PY_SSL_VERSION_SSL3);
+     PyModule_AddIntConstant(m, "PROTOCOL_SSLv23",