diff options
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/patches/python-pyopenssl-skip-network-test.patch | 43 | ||||
-rw-r--r-- | gnu/packages/python.scm | 19 |
3 files changed, 13 insertions, 50 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 22df8dfdda..3b68a4d48c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -952,7 +952,6 @@ dist_patch_DATA = \ %D%/packages/patches/python-paste-remove-timing-test.patch \ %D%/packages/patches/python-pillow-freetype-2.7-test-failure.patch \ %D%/packages/patches/python-pygit2-disable-network-tests.patch \ - %D%/packages/patches/python-pyopenssl-skip-network-test.patch \ %D%/packages/patches/python-pycrypto-CVE-2013-7459.patch \ %D%/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \ %D%/packages/patches/python-pygpgme-fix-pinentry-tests.patch \ diff --git a/gnu/packages/patches/python-pyopenssl-skip-network-test.patch b/gnu/packages/patches/python-pyopenssl-skip-network-test.patch deleted file mode 100644 index 1ac7324c8b..0000000000 --- a/gnu/packages/patches/python-pyopenssl-skip-network-test.patch +++ /dev/null @@ -1,43 +0,0 @@ -This test tries connecting to an external server which is not supported -in the build environment. See discussion at: - -https://lists.gnu.org/archive/html/guix-devel/2016-12/msg00650.html - -diff --git a/tests/test_ssl.py b/tests/test_ssl.py -index ee849fd..60048b8 100644 ---- a/tests/test_ssl.py -+++ b/tests/test_ssl.py -@@ -1113,33 +1113,6 @@ class TestContext(object): - reason="set_default_verify_paths appears not to work on Windows. " - "See LP#404343 and LP#404344." - ) -- def test_set_default_verify_paths(self): -- """ -- `Context.set_default_verify_paths` causes the platform-specific CA -- certificate locations to be used for verification purposes. -- """ -- # Testing this requires a server with a certificate signed by one -- # of the CAs in the platform CA location. Getting one of those -- # costs money. Fortunately (or unfortunately, depending on your -- # perspective), it's easy to think of a public server on the -- # internet which has such a certificate. Connecting to the network -- # in a unit test is bad, but it's the only way I can think of to -- # really test this. -exarkun -- -- # Arg, verisign.com doesn't speak anything newer than TLS 1.0 -- context = Context(SSLv23_METHOD) -- context.set_default_verify_paths() -- context.set_verify( -- VERIFY_PEER, -- lambda conn, cert, errno, depth, preverify_ok: preverify_ok) -- -- client = socket() -- client.connect(("encrypted.google.com", 443)) -- clientSSL = Connection(context, client) -- clientSSL.set_connect_state() -- clientSSL.do_handshake() -- clientSSL.send(b"GET / HTTP/1.0\r\n\r\n") -- assert clientSSL.recv(1024) - - def test_add_extra_chain_cert_invalid_cert(self): - """ diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 5ddb82ed47..f34f2d39f6 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -7459,16 +7459,14 @@ message digests and key derivation functions.") (define-public python-pyopenssl (package (name "python-pyopenssl") - (version "17.0.0") + (version "17.1.0") (source (origin (method url-fetch) (uri (pypi-uri "pyOpenSSL" version)) (sha256 (base32 - "1pdg1gpmkzj8yasg6cmkhcivxcdp4c12nif88y4qvsxq5ffzxas8")) - (patches - (search-patches "python-pyopenssl-skip-network-test.patch")))) + "0qwmqhfsq84ydir9dz273ypmlcvs7v71m1jns0sd4k0h6lfsa82s")))) (build-system python-build-system) (arguments '(#:phases @@ -7477,14 +7475,23 @@ message digests and key derivation functions.") (add-after 'install 'check (lambda* (#:key inputs outputs #:allow-other-keys) (add-installed-pythonpath inputs outputs) - (zero? (system* "py.test" "-v"))))))) + (zero? (system* "py.test" "-v" "-k" + (string-append + ;; This test tries to look up certificates from + ;; the compiled-in default path in OpenSSL, which + ;; does not exist in the build environment. + "not test_fallback_default_verify_paths " + ;; This test attempts to make a connection to + ;; an external web service. + "and not test_set_default_verify_paths")))))))) (propagated-inputs `(("python-cryptography" ,python-cryptography) ("python-six" ,python-six))) (inputs `(("openssl" ,openssl))) (native-inputs - `(("python-pytest" ,python-pytest-3.0))) + `(("python-pretend" ,python-pretend) + ("python-pytest" ,python-pytest-3.0))) (home-page "https://github.com/pyca/pyopenssl") (synopsis "Python wrapper module around the OpenSSL library") (description |