aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/python-pyopenssl-skip-network-test.patch43
-rw-r--r--gnu/packages/python.scm19
3 files changed, 13 insertions, 50 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 22df8dfdda..3b68a4d48c 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -952,7 +952,6 @@ dist_patch_DATA = \
%D%/packages/patches/python-paste-remove-timing-test.patch \
%D%/packages/patches/python-pillow-freetype-2.7-test-failure.patch \
%D%/packages/patches/python-pygit2-disable-network-tests.patch \
- %D%/packages/patches/python-pyopenssl-skip-network-test.patch \
%D%/packages/patches/python-pycrypto-CVE-2013-7459.patch \
%D%/packages/patches/python2-pygobject-2-gi-info-type-error-domain.patch \
%D%/packages/patches/python-pygpgme-fix-pinentry-tests.patch \
diff --git a/gnu/packages/patches/python-pyopenssl-skip-network-test.patch b/gnu/packages/patches/python-pyopenssl-skip-network-test.patch
deleted file mode 100644
index 1ac7324c8b..0000000000
--- a/gnu/packages/patches/python-pyopenssl-skip-network-test.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-This test tries connecting to an external server which is not supported
-in the build environment. See discussion at:
-
-https://lists.gnu.org/archive/html/guix-devel/2016-12/msg00650.html
-
-diff --git a/tests/test_ssl.py b/tests/test_ssl.py
-index ee849fd..60048b8 100644
---- a/tests/test_ssl.py
-+++ b/tests/test_ssl.py
-@@ -1113,33 +1113,6 @@ class TestContext(object):
- reason="set_default_verify_paths appears not to work on Windows. "
- "See LP#404343 and LP#404344."
- )
-- def test_set_default_verify_paths(self):
-- """
-- `Context.set_default_verify_paths` causes the platform-specific CA
-- certificate locations to be used for verification purposes.
-- """
-- # Testing this requires a server with a certificate signed by one
-- # of the CAs in the platform CA location. Getting one of those
-- # costs money. Fortunately (or unfortunately, depending on your
-- # perspective), it's easy to think of a public server on the
-- # internet which has such a certificate. Connecting to the network
-- # in a unit test is bad, but it's the only way I can think of to
-- # really test this. -exarkun
--
-- # Arg, verisign.com doesn't speak anything newer than TLS 1.0
-- context = Context(SSLv23_METHOD)
-- context.set_default_verify_paths()
-- context.set_verify(
-- VERIFY_PEER,
-- lambda conn, cert, errno, depth, preverify_ok: preverify_ok)
--
-- client = socket()
-- client.connect(("encrypted.google.com", 443))
-- clientSSL = Connection(context, client)
-- clientSSL.set_connect_state()
-- clientSSL.do_handshake()
-- clientSSL.send(b"GET / HTTP/1.0\r\n\r\n")
-- assert clientSSL.recv(1024)
-
- def test_add_extra_chain_cert_invalid_cert(self):
- """
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 5ddb82ed47..f34f2d39f6 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -7459,16 +7459,14 @@ message digests and key derivation functions.")
(define-public python-pyopenssl
(package
(name "python-pyopenssl")
- (version "17.0.0")
+ (version "17.1.0")
(source
(origin
(method url-fetch)
(uri (pypi-uri "pyOpenSSL" version))
(sha256
(base32
- "1pdg1gpmkzj8yasg6cmkhcivxcdp4c12nif88y4qvsxq5ffzxas8"))
- (patches
- (search-patches "python-pyopenssl-skip-network-test.patch"))))
+ "0qwmqhfsq84ydir9dz273ypmlcvs7v71m1jns0sd4k0h6lfsa82s"))))
(build-system python-build-system)
(arguments
'(#:phases
@@ -7477,14 +7475,23 @@ message digests and key derivation functions.")
(add-after 'install 'check
(lambda* (#:key inputs outputs #:allow-other-keys)
(add-installed-pythonpath inputs outputs)
- (zero? (system* "py.test" "-v")))))))
+ (zero? (system* "py.test" "-v" "-k"
+ (string-append
+ ;; This test tries to look up certificates from
+ ;; the compiled-in default path in OpenSSL, which
+ ;; does not exist in the build environment.
+ "not test_fallback_default_verify_paths "
+ ;; This test attempts to make a connection to
+ ;; an external web service.
+ "and not test_set_default_verify_paths"))))))))
(propagated-inputs
`(("python-cryptography" ,python-cryptography)
("python-six" ,python-six)))
(inputs
`(("openssl" ,openssl)))
(native-inputs
- `(("python-pytest" ,python-pytest-3.0)))
+ `(("python-pretend" ,python-pretend)
+ ("python-pytest" ,python-pytest-3.0)))
(home-page "https://github.com/pyca/pyopenssl")
(synopsis "Python wrapper module around the OpenSSL library")
(description