[arch-commits] Commit in pypy3/trunk (PKGBUILD disable-sslv3.patch)
Jan Steffens
heftig at archlinux.org
Thu Mar 3 17:15:39 UTC 2016
Date: Thursday, March 3, 2016 @ 18:15:38
Author: heftig
Revision: 164525
Disable SSLv3
Added:
pypy3/trunk/disable-sslv3.patch
Modified:
pypy3/trunk/PKGBUILD
---------------------+
PKGBUILD | 3 +++
disable-sslv3.patch | 32 ++++++++++++++++++++++++++++++++
2 files changed, 35 insertions(+)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-03-03 17:12:48 UTC (rev 164524)
+++ PKGBUILD 2016-03-03 17:15:38 UTC (rev 164525)
@@ -19,12 +19,15 @@
license=('custom:MIT')
#source=("hg+https://bitbucket.org/pypy/pypy#revision=$_hgrev")
source=("https://bitbucket.org/pypy/pypy/downloads/$pkgname-$_pkgver-src.tar.bz2"
+ "disable-sslv3.patch"
"trackgcroot-new-ops.patch")
md5sums=('96ba72916114d16904e12562b5d84e51'
+ '383f6220bb64a963a6c071a62d110ec7'
'3294fd2919c3372615b59c5f82552f64')
prepare() {
cd ${pkgname}-${_pkgver}-src
+ patch -Np1 -i ../disable-sslv3.patch
patch -Np1 -i ../trackgcroot-new-ops.patch
# Hacky fix to allow the curses module to build on x86_64; otherwise we get:
Added: disable-sslv3.patch
===================================================================
--- disable-sslv3.patch (rev 0)
+++ disable-sslv3.patch 2016-03-03 17:15:38 UTC (rev 164525)
@@ -0,0 +1,32 @@
+diff -u -r pypy3-2.4.0-src/pypy/module/_ssl/interp_ssl.py pypy3-2.4.0-src-nossl3/pypy/module/_ssl/interp_ssl.py
+--- pypy3-2.4.0-src/pypy/module/_ssl/interp_ssl.py 2014-10-17 22:09:50.000000000 +0200
++++ pypy3-2.4.0-src-nossl3/pypy/module/_ssl/interp_ssl.py 2016-03-03 18:09:29.810745956 +0100
+@@ -95,7 +95,7 @@
+ def __init__(self, space, protocol):
+ if protocol == PY_SSL_VERSION_TLS1:
+ method = libssl_TLSv1_method()
+- elif protocol == PY_SSL_VERSION_SSL3:
++ elif protocol == PY_SSL_VERSION_SSL3 and not OPENSSL_NO_SSL3:
+ method = libssl_SSLv3_method()
+ elif protocol == PY_SSL_VERSION_SSL2 and not OPENSSL_NO_SSL2:
+ method = libssl_SSLv2_method()
+@@ -110,6 +110,8 @@
+ options = SSL_OP_ALL & ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+ if protocol != PY_SSL_VERSION_SSL2:
+ options |= SSL_OP_NO_SSLv2
++ if protocol != PY_SSL_VERSION_SSL3:
++ options |= SSL_OP_NO_SSLv3
+ libssl_SSL_CTX_set_options(self.ctx, options)
+ libssl_SSL_CTX_set_session_id_context(self.ctx, "Python", len("Python"))
+
+diff -u -r pypy3-2.4.0-src/rpython/rlib/ropenssl.py pypy3-2.4.0-src-nossl3/rpython/rlib/ropenssl.py
+--- pypy3-2.4.0-src/rpython/rlib/ropenssl.py 2014-10-17 22:09:50.000000000 +0200
++++ pypy3-2.4.0-src-nossl3/rpython/rlib/ropenssl.py 2016-03-03 18:07:59.587706148 +0100
+@@ -69,6 +69,7 @@
+ SSLEAY_VERSION = rffi_platform.DefinedConstantString(
+ "SSLEAY_VERSION", "SSLeay_version(SSLEAY_VERSION)")
+ OPENSSL_NO_SSL2 = rffi_platform.Defined("OPENSSL_NO_SSL2")
++ OPENSSL_NO_SSL3 = rffi_platform.Defined("OPENSSL_NO_SSL3")
+ SSL_FILETYPE_PEM = rffi_platform.ConstantInteger("SSL_FILETYPE_PEM")
+ SSL_OP_ALL = rffi_platform.ConstantInteger("SSL_OP_ALL")
+ SSL_OP_NO_SSLv2 = rffi_platform.ConstantInteger("SSL_OP_NO_SSLv2")
More information about the arch-commits
mailing list