Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bpo-9146: Raise a ValueError if OpenSSL fails to init a hash function #1777

Merged
merged 1 commit into from
May 24, 2017
Merged

bpo-9146: Raise a ValueError if OpenSSL fails to init a hash function #1777

merged 1 commit into from
May 24, 2017

Conversation

gpshead
Copy link
Member

@gpshead gpshead commented May 23, 2017

This helps people in weird FIPS mode environments where common algorithms
such as MD5 or SHA1 are not available in the binary as a matter of policy.

This is https://bugs.python.org/file46765/hashopenssl-fips-exceptions.patch from bpo by @kscguru.

@gpshead
bpo-9146: Raise a ValueError if OpenSSL fails to init a hash func.
5e3e356 
This helps people in weird FIPS mode environments where common things
like MD5 are not available in the binary as a matter of policy.
@mention-bot
Copy link

@gpshead, thanks for your PR! By analyzing the history of the files in this pull request, we identified @loewis, @tiran and @teoliphant to be potential reviewers.

tiran
tiran approved these changes May 23, 2017
View reviewed changes
Copy link
Member

@tiran tiran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

test_hashlib passes with OpenSSL 0.9.8zh, 1.0.1u, 1.0.2k, 1.1.0e, LibreSSL 2.3.10, 2.4.5, 2,5.3

@gpshead gpshead merged commit 07244a8 into python:master May 24, 2017
@gpshead gpshead deleted the fiiiiiiiiiips branch May 24, 2017 07:04
@gpshead
Copy link
Member Author

gpshead commented May 24, 2017

assigning to tiran for the backports.

gpshead added a commit to gpshead/cpython that referenced this pull request Sep 3, 2017
@gpshead
[3.6] bpo-9146: Raise a ValueError if OpenSSL fails to init a hash fu…
f6d32e6 
…nc. (pythonGH-1777)

This helps people in weird FIPS mode environments where common things
like MD5 are not available in the binary as a matter of policy.
(cherry picked from commit 07244a8)
@gpshead gpshead mentioned this pull request Sep 3, 2017
Merged
@gpshead
Copy link
Member Author

gpshead commented Sep 3, 2017

looks like we still need a Misc/NEWS.d entry for this

@gpshead gpshead self-assigned this Sep 3, 2017
gpshead added a commit that referenced this pull request Sep 3, 2017
@gpshead
[3.6] bpo-9146: Raise a ValueError if OpenSSL fails to init a hash fu…
31b8efe 
…nc (#3274)

* [3.6] bpo-9146: Raise a ValueError if OpenSSL fails to init a hash func. (GH-1777)

This helps people in weird FIPS mode environments where common things
like MD5 are not available in the binary as a matter of policy.
(cherry picked from commit 07244a8)

* Include a NEWS entry.
@gpshead gpshead removed their assignment Sep 3, 2017
@miss-islington
Copy link
Contributor

Thanks @gpshead for the PR 🌮🎉.. I'm working now to backport this PR to: 2.7.
🐍🍒⛏🤖

@miss-islington
Copy link
Contributor

Sorry, @gpshead, I could not cleanly backport this to 2.7 due to a conflict.
Please backport using cherry_picker on command line.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tiran tiran tiran approved these changes

Assignees

@tiran tiran

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@gpshead @mention-bot @miss-islington @tiran @Mariatta @the-knights-who-say-ni