Attachment #150007 for bug #195513

Lines 2007-2012 Link Here

(-)configure.ac (+7 lines)
2007	AC_CHECK_LIB(dl, dlopen) # Dynamic linking for SunOS/Solaris and SYSV	2007	AC_CHECK_LIB(dl, dlopen) # Dynamic linking for SunOS/Solaris and SYSV
2008	AC_CHECK_LIB(dld, shl_load) # Dynamic linking for HP-UX	2008	AC_CHECK_LIB(dld, shl_load) # Dynamic linking for HP-UX
2009		2009
		2010	### Fix build with LibreSSL (does not have RAND_egd)
		2011	### PR195513, http://bugs.python.org/issue21356
		2012	AC_CHECK_LIB(crypto, RAND_egd,
		2013	AC_DEFINE(HAVE_RAND_EGD, 1,
		2014	[Define if the libcrypto has RAND_egd]))
		2015	### PR195513
		2016
2010	# only check for sem_init if thread support is requested	2017	# only check for sem_init if thread support is requested
2011	if test "$with_threads" = "yes" -o -z "$with_threads"; then	2018	if test "$with_threads" = "yes" -o -z "$with_threads"; then
2012	AC_SEARCH_LIBS(sem_init, pthread rt posix4) # 'Real Time' functions on Solaris	2019	AC_SEARCH_LIBS(sem_init, pthread rt posix4) # 'Real Time' functions on Solaris




fi
	# Dynamic linking for HP-UX

### Fix build with LibreSSL (does not have RAND_egd)
### PR195513, http://bugs.python.org/issue21356
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for RAND_egd in -lcrypto" >&5
$as_echo_n "checking for RAND_egd in -lcrypto... " >&6; }
if ${ac_cv_lib_crypto_RAND_egd+:} false; then :
  $as_echo_n "(cached) " >&6
else
  ac_check_lib_save_LIBS=$LIBS
LIBS="-lcrypto  $LIBS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h.  */

/* Override any GCC internal prototype to avoid an error.
   Use char because int might match the return type of a GCC
   builtin and then its argument prototype would still apply.  */
#ifdef __cplusplus
extern "C"
#endif
char RAND_egd ();
int
main ()
{
return RAND_egd ();
  ;
  return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
  ac_cv_lib_crypto_RAND_egd=yes
else
  ac_cv_lib_crypto_RAND_egd=no
fi
rm -f core conftest.err conftest.$ac_objext \
    conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_RAND_egd" >&5
$as_echo "$ac_cv_lib_crypto_RAND_egd" >&6; }
if test "x$ac_cv_lib_crypto_RAND_egd" = xyes; then :

$as_echo "#define HAVE_RAND_EGD 1" >>confdefs.h

fi

### PR195513

# only check for sem_init if thread support is requested
if test "$with_threads" = "yes" -o -z "$with_threads"; then
    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing sem_init" >&5

Lines 545-550 Link Here

(-)pyconfig.h.in (+6 lines)
545	/* Define to 1 if you have the `putenv' function. */	545	/* Define to 1 if you have the `putenv' function. */
546	#undef HAVE_PUTENV	546	#undef HAVE_PUTENV
547		547
		548	/* ### Fix build with LibreSSL (does not have RAND_egd)
		549	### PR195513, http://bugs.python.org/issue21356 */
		550	/* Define if the libcrypto has RAND_egd */
		551	#undef HAVE_RAND_EGD
		552	/* ### PR195513 */
		553
548	/* Define to 1 if you have the `readlink' function. */	554	/* Define to 1 if you have the `readlink' function. */
549	#undef HAVE_READLINK	555	#undef HAVE_READLINK
550		556

Lines 1911-1916 Link Here

(-)Modules/_ssl.c (+9 lines)
1911	It is necessary to seed the PRNG with RAND_add() on some platforms before\n\	1911	It is necessary to seed the PRNG with RAND_add() on some platforms before\n\
1912	using the ssl() function.");	1912	using the ssl() function.");
1913		1913
		1914	/* ### Fix build with LibreSSL (does not have RAND_egd)
		1915	### PR195513, http://bugs.python.org/issue21356 */
		1916	#ifdef HAVE_RAND_EGD
1914	static PyObject *	1917	static PyObject *
1915	PySSL_RAND_egd(PyObject self, PyObject args)	1918	PySSL_RAND_egd(PyObject self, PyObject args)
1916	{	1919	{
Lines 1938-1943 Link Here
1938	Queries the entropy gather daemon (EGD) on the socket named by 'path'.\n\	1941	Queries the entropy gather daemon (EGD) on the socket named by 'path'.\n\
1939	Returns number of bytes read. Raises SSLError if connection to EGD\n\	1942	Returns number of bytes read. Raises SSLError if connection to EGD\n\
1940	fails or if it does provide enough data to seed PRNG.");	1943	fails or if it does provide enough data to seed PRNG.");
		1944	#endif /* HAVE_RAND_EGD */
		1945	/* ### End PR195513 */
1941		1946
1942	#endif	1947	#endif
1943		1948
Lines 1951-1958 Link Here
1951	#ifdef HAVE_OPENSSL_RAND	1956	#ifdef HAVE_OPENSSL_RAND
1952	{"RAND_add", PySSL_RAND_add, METH_VARARGS,	1957	{"RAND_add", PySSL_RAND_add, METH_VARARGS,
1953	PySSL_RAND_add_doc},	1958	PySSL_RAND_add_doc},
		1959	/* ### Fix build with LibreSSL (does not have RAND_egd)
		1960	### PR195513, http://bugs.python.org/issue21356 */
		1961	#ifdef HAVE_RAND_EGD
1954	{"RAND_egd", PySSL_RAND_egd, METH_VARARGS,	1962	{"RAND_egd", PySSL_RAND_egd, METH_VARARGS,
1955	PySSL_RAND_egd_doc},	1963	PySSL_RAND_egd_doc},
		1964	#endif /* HAVE_RAND_EGD */
1956	{"RAND_status", (PyCFunction)PySSL_RAND_status, METH_NOARGS,	1965	{"RAND_status", (PyCFunction)PySSL_RAND_status, METH_NOARGS,
1957	PySSL_RAND_status_doc},	1966	PySSL_RAND_status_doc},
1958	#endif	1967	#endif




from _ssl import _SSLContext, SSLError
from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
### Fix build with LibreSSL (does not have RAND_egd)
### PR195513, http://bugs.python.org/issue21356
from _ssl import RAND_status, RAND_add
try:
    from _ssl import RAND_egd
except ImportError:
    # LibreSSL does not provide RAND_egd
    pass
### End PR195513

from _ssl import (
    SSL_ERROR_ZERO_RETURN,
    SSL_ERROR_WANT_READ,

Lines 103-110 Link Here

(-)Lib/test/test_ssl.py (-2 / +6 lines)
103	sys.stdout.write("\n RAND_status is %d (%s)\n"	103	sys.stdout.write("\n RAND_status is %d (%s)\n"
104	% (v, (v and "sufficient randomness") or	104	% (v, (v and "sufficient randomness") or
105	"insufficient randomness"))	105	"insufficient randomness"))
106	self.assertRaises(TypeError, ssl.RAND_egd, 1)	106	### Fix build with LibreSSL (does not have RAND_egd)
107	self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)	107	### PR195513, http://bugs.python.org/issue21356
		108	if hasattr(ssl, 'RAND_egd'):
		109	self.assertRaises(TypeError, ssl.RAND_egd, 1)
		110	self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
		111	### End PR195513
108	ssl.RAND_add("this is a random string", 75.0)	112	ssl.RAND_add("this is a random string", 75.0)
109		113
110	def test_parse_cert(self):	114	def test_parse_cert(self):

Return to bug 195513

Lines 8081-8086 Link Here

(-)configure (+46 lines)
8081	fi	8081	fi
8082	# Dynamic linking for HP-UX	8082	# Dynamic linking for HP-UX
8083		8083
		8084	### Fix build with LibreSSL (does not have RAND_egd)
		8085	### PR195513, http://bugs.python.org/issue21356
		8086	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for RAND_egd in -lcrypto" >&5
		8087	$as_echo_n "checking for RAND_egd in -lcrypto... " >&6; }
		8088	if ${ac_cv_lib_crypto_RAND_egd+:} false; then :
		8089	$as_echo_n "(cached) " >&6
		8090	else
		8091	ac_check_lib_save_LIBS=$LIBS
		8092	LIBS="-lcrypto $LIBS"
		8093	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
		8094	/* end confdefs.h. */
		8095
		8096	/* Override any GCC internal prototype to avoid an error.
		8097	Use char because int might match the return type of a GCC
		8098	builtin and then its argument prototype would still apply. */
		8099	#ifdef __cplusplus
		8100	extern "C"
		8101	#endif
		8102	char RAND_egd ();
		8103	int
		8104	main ()
		8105	{
		8106	return RAND_egd ();
		8107	;
		8108	return 0;
		8109	}
		8110	_ACEOF
		8111	if ac_fn_c_try_link "$LINENO"; then :
		8112	ac_cv_lib_crypto_RAND_egd=yes
		8113	else
		8114	ac_cv_lib_crypto_RAND_egd=no
		8115	fi
		8116	rm -f core conftest.err conftest.$ac_objext \
		8117	conftest$ac_exeext conftest.$ac_ext
		8118	LIBS=$ac_check_lib_save_LIBS
		8119	fi
		8120	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_RAND_egd" >&5
		8121	$as_echo "$ac_cv_lib_crypto_RAND_egd" >&6; }
		8122	if test "x$ac_cv_lib_crypto_RAND_egd" = xyes; then :
		8123
		8124	$as_echo "#define HAVE_RAND_EGD 1" >>confdefs.h
		8125
		8126	fi
		8127
		8128	### PR195513
		8129
8084	# only check for sem_init if thread support is requested	8130	# only check for sem_init if thread support is requested
8085	if test "$with_threads" = "yes" -o -z "$with_threads"; then	8131	if test "$with_threads" = "yes" -o -z "$with_threads"; then
8086	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing sem_init" >&5	8132	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing sem_init" >&5

Lines 63-69 Link Here

(-)Lib/ssl.py (-1 / +10 lines)
63	from _ssl import _SSLContext, SSLError	63	from _ssl import _SSLContext, SSLError
64	from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED	64	from _ssl import CERT_NONE, CERT_OPTIONAL, CERT_REQUIRED
65	from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1	65	from _ssl import OP_ALL, OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_TLSv1
66	from _ssl import RAND_status, RAND_egd, RAND_add	66	### Fix build with LibreSSL (does not have RAND_egd)
		67	### PR195513, http://bugs.python.org/issue21356
		68	from _ssl import RAND_status, RAND_add
		69	try:
		70	from _ssl import RAND_egd
		71	except ImportError:
		72	# LibreSSL does not provide RAND_egd
		73	pass
		74	### End PR195513
		75
67	from _ssl import (	76	from _ssl import (
68	SSL_ERROR_ZERO_RETURN,	77	SSL_ERROR_ZERO_RETURN,
69	SSL_ERROR_WANT_READ,	78	SSL_ERROR_WANT_READ,