entrouvert
/
debian-python-cryptography
17
0
Fork 0
Code Issues Pull Requests Releases Activity

add 0001-clear-openssl-errors-before-initialising-random-engi.patch

This commit is contained in:
Frédéric Péters 2018-03-29 10:52:04 +02:00
parent e591db61f3
commit 578ae2c222
3 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
python-cryptography (1.7.1-3~bpo8+1.1) UNRELEASED; urgency=medium
* add 0001-clear-openssl-errors-before-initialising-random-engi.patch
-- Frederic Peters <fpeters@debian.org> Thu, 29 Mar 2018 10:51:02 +0200
python-cryptography (1.7.1-3~bpo8+1) jessie-backports; urgency=medium
* Rebuild for jessie-backports.

30
debian/patches/0001-clear-openssl-errors-before-initialising-random-engi.patch vendored Normal file
View File

@ -0,0 +1,30 @@
From d07949c3f24471317e027931c51e01e34495ee4f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Thu, 29 Mar 2018 10:43:28 +0200
Subject: [PATCH] clear openssl errors before initialising random engine
---
src/cryptography/hazmat/bindings/openssl/binding.py | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py
index 39750ab..096faf5 100644
--- a/src/cryptography/hazmat/bindings/openssl/binding.py
+++ b/src/cryptography/hazmat/bindings/openssl/binding.py
@@ -111,7 +111,12 @@ class Binding(object):
@classmethod
def _register_osrandom_engine(cls):
- _openssl_assert(cls.lib, cls.lib.ERR_peek_error() == 0)
+ # Clear any errors extant in the queue before we start. In many
+ # scenarios other things may be interacting with OpenSSL in the same
+ # process space and it has proven untenable to assume that they will
+ # reliably clear the error queue. Once we clear it here we will
+ # error on any subsequent unexpected item in the stack.
+ cls.lib.ERR_clear_error()
cls._osrandom_engine_id = cls.lib.Cryptography_osrandom_engine_id
cls._osrandom_engine_name = cls.lib.Cryptography_osrandom_engine_name
result = cls.lib.Cryptography_add_osrandom_engine()
--
2.16.3

1
debian/patches/series vendored
View File

@ -1,2 +1,3 @@
0001-add-memory-limit-check-for-scrypt.patch
0002-fix-compilation-on-1.1.0f-3603.patch
0001-clear-openssl-errors-before-initialising-random-engi.patch