mirror of https://github.com/python/cpython.git
[3.11] gh-103142: Upgrade binary builds and CI to OpenSSL 1.1.1u (GH-105174) (#105200)
Upgrade builds to OpenSSL 1.1.1u.
This OpenSSL version addresses a pile if less-urgent CVEs since 1.1.1t.
The Mac/BuildScript/build-installer.py was already updated.
Also updates _ssl_data_111.h from OpenSSL 1.1.1u, _ssl_data_300.h from 3.0.9.
Manual edits to the _ssl_data_300.h file prevent it from removing any existing definitions in case those exist in some peoples builds and were important (avoiding regressions during backporting).
(cherry picked from commit ede89af)
This commit is contained in:
Gregory P. Smith
GitHub
parent
3b0747af90
commit
a5d2b546c1
|
|
@ -57,7 +57,7 @@ jobs:
|
|||
variables:
|
||||
testRunTitle: '$(build.sourceBranchName)-linux'
|
||||
testRunPlatform: linux
|
||||
openssl_version: 1.1.1t
|
||||
openssl_version: 1.1.1u
|
||||
|
||||
steps:
|
||||
- template: ./posix-steps.yml
|
||||
|
|
@ -83,7 +83,7 @@ jobs:
|
|||
variables:
|
||||
testRunTitle: '$(Build.SourceBranchName)-linux-coverage'
|
||||
testRunPlatform: linux-coverage
|
||||
openssl_version: 1.1.1t
|
||||
openssl_version: 1.1.1u
|
||||
|
||||
steps:
|
||||
- template: ./posix-steps.yml
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ jobs:
|
|||
variables:
|
||||
testRunTitle: '$(system.pullRequest.TargetBranch)-linux'
|
||||
testRunPlatform: linux
|
||||
openssl_version: 1.1.1t
|
||||
openssl_version: 1.1.1u
|
||||
|
||||
steps:
|
||||
- template: ./posix-steps.yml
|
||||
|
|
@ -83,7 +83,7 @@ jobs:
|
|||
variables:
|
||||
testRunTitle: '$(Build.SourceBranchName)-linux-coverage'
|
||||
testRunPlatform: linux-coverage
|
||||
openssl_version: 1.1.1t
|
||||
openssl_version: 1.1.1u
|
||||
|
||||
steps:
|
||||
- template: ./posix-steps.yml
|
||||
|
|
|
|||
|
|
@ -250,7 +250,7 @@ jobs:
|
|||
needs: check_source
|
||||
if: needs.check_source.outputs.run_tests == 'true'
|
||||
env:
|
||||
OPENSSL_VER: 1.1.1t
|
||||
OPENSSL_VER: 1.1.1u
|
||||
PYTHONSTRICTEXTENSIONBUILD: 1
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
|
@ -319,7 +319,7 @@ jobs:
|
|||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
openssl_ver: [1.1.1t, 3.0.8, 3.1.0-beta1]
|
||||
openssl_ver: [1.1.1u, 3.0.9, 3.1.1]
|
||||
env:
|
||||
OPENSSL_VER: ${{ matrix.openssl_ver }}
|
||||
MULTISSL_DIR: ${{ github.workspace }}/multissl
|
||||
|
|
@ -371,7 +371,7 @@ jobs:
|
|||
needs: check_source
|
||||
if: needs.check_source.outputs.run_tests == 'true'
|
||||
env:
|
||||
OPENSSL_VER: 1.1.1t
|
||||
OPENSSL_VER: 1.1.1u
|
||||
PYTHONSTRICTEXTENSIONBUILD: 1
|
||||
ASAN_OPTIONS: detect_leaks=0:allocator_may_return_null=1:handle_segv=0
|
||||
steps:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,2 @@
|
|||
The version of OpenSSL used in our binary builds has been upgraded to 1.1.1u
|
||||
to address several CVEs.
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
/* File generated by Tools/ssl/make_ssl_data.py *//* Generated on 2021-04-09T09:36:21.493286 */
|
||||
/* File generated by Tools/ssl/make_ssl_data.py *//* Generated on 2023-06-01T02:58:04.081473 */
|
||||
static struct py_ssl_library_code library_codes[] = {
|
||||
#ifdef ERR_LIB_ASN1
|
||||
{"ASN1", ERR_LIB_ASN1},
|
||||
|
|
@ -1375,6 +1375,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"UNSUPPORTED_COMPRESSION_ALGORITHM", 46, 151},
|
||||
#endif
|
||||
#ifdef CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM
|
||||
{"UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM", ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM},
|
||||
#else
|
||||
{"UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM", 46, 194},
|
||||
#endif
|
||||
#ifdef CMS_R_UNSUPPORTED_CONTENT_TYPE
|
||||
{"UNSUPPORTED_CONTENT_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_TYPE},
|
||||
#else
|
||||
|
|
@ -4860,6 +4865,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"MISSING_PARAMETERS", 20, 290},
|
||||
#endif
|
||||
#ifdef SSL_R_MISSING_PSK_KEX_MODES_EXTENSION
|
||||
{"MISSING_PSK_KEX_MODES_EXTENSION", ERR_LIB_SSL, SSL_R_MISSING_PSK_KEX_MODES_EXTENSION},
|
||||
#else
|
||||
{"MISSING_PSK_KEX_MODES_EXTENSION", 20, 310},
|
||||
#endif
|
||||
#ifdef SSL_R_MISSING_RSA_CERTIFICATE
|
||||
{"MISSING_RSA_CERTIFICATE", ERR_LIB_SSL, SSL_R_MISSING_RSA_CERTIFICATE},
|
||||
#else
|
||||
|
|
@ -5065,6 +5075,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"NULL_SSL_METHOD_PASSED", 20, 196},
|
||||
#endif
|
||||
#ifdef SSL_R_OCSP_CALLBACK_FAILURE
|
||||
{"OCSP_CALLBACK_FAILURE", ERR_LIB_SSL, SSL_R_OCSP_CALLBACK_FAILURE},
|
||||
#else
|
||||
{"OCSP_CALLBACK_FAILURE", 20, 294},
|
||||
#endif
|
||||
#ifdef SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED
|
||||
{"OLD_SESSION_CIPHER_NOT_RETURNED", ERR_LIB_SSL, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED},
|
||||
#else
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* File generated by Tools/ssl/make_ssl_data.py *//* Generated on 2021-04-09T09:44:43.288448 */
|
||||
/* File generated by Tools/ssl/make_ssl_data.py *//* Generated on 2023-06-01T03:03:52.163218 */
|
||||
static struct py_ssl_library_code library_codes[] = {
|
||||
#ifdef ERR_LIB_ASN1
|
||||
{"ASN1", ERR_LIB_ASN1},
|
||||
|
|
@ -1035,6 +1035,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"NO_INVERSE", 3, 108},
|
||||
#endif
|
||||
#ifdef BN_R_NO_PRIME_CANDIDATE
|
||||
{"NO_PRIME_CANDIDATE", ERR_LIB_BN, BN_R_NO_PRIME_CANDIDATE},
|
||||
#else
|
||||
{"NO_PRIME_CANDIDATE", 3, 121},
|
||||
#endif
|
||||
#ifdef BN_R_NO_SOLUTION
|
||||
{"NO_SOLUTION", ERR_LIB_BN, BN_R_NO_SOLUTION},
|
||||
#else
|
||||
|
|
@ -1255,6 +1260,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"INVALID_OPTION", 58, 174},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_CERTID
|
||||
{"MISSING_CERTID", ERR_LIB_CMP, CMP_R_MISSING_CERTID},
|
||||
#else
|
||||
{"MISSING_CERTID", 58, 165},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION
|
||||
{"MISSING_KEY_INPUT_FOR_CREATING_PROTECTION", ERR_LIB_CMP, CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION},
|
||||
#else
|
||||
|
|
@ -1280,21 +1290,41 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"MISSING_PRIVATE_KEY", 58, 131},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_PRIVATE_KEY_FOR_POPO
|
||||
{"MISSING_PRIVATE_KEY_FOR_POPO", ERR_LIB_CMP, CMP_R_MISSING_PRIVATE_KEY_FOR_POPO},
|
||||
#else
|
||||
{"MISSING_PRIVATE_KEY_FOR_POPO", 58, 190},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_PROTECTION
|
||||
{"MISSING_PROTECTION", ERR_LIB_CMP, CMP_R_MISSING_PROTECTION},
|
||||
#else
|
||||
{"MISSING_PROTECTION", 58, 143},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_PUBLIC_KEY
|
||||
{"MISSING_PUBLIC_KEY", ERR_LIB_CMP, CMP_R_MISSING_PUBLIC_KEY},
|
||||
#else
|
||||
{"MISSING_PUBLIC_KEY", 58, 183},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_REFERENCE_CERT
|
||||
{"MISSING_REFERENCE_CERT", ERR_LIB_CMP, CMP_R_MISSING_REFERENCE_CERT},
|
||||
#else
|
||||
{"MISSING_REFERENCE_CERT", 58, 168},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_SECRET
|
||||
{"MISSING_SECRET", ERR_LIB_CMP, CMP_R_MISSING_SECRET},
|
||||
#else
|
||||
{"MISSING_SECRET", 58, 178},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_SENDER_IDENTIFICATION
|
||||
{"MISSING_SENDER_IDENTIFICATION", ERR_LIB_CMP, CMP_R_MISSING_SENDER_IDENTIFICATION},
|
||||
#else
|
||||
{"MISSING_SENDER_IDENTIFICATION", 58, 111},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_TRUST_ANCHOR
|
||||
{"MISSING_TRUST_ANCHOR", ERR_LIB_CMP, CMP_R_MISSING_TRUST_ANCHOR},
|
||||
#else
|
||||
{"MISSING_TRUST_ANCHOR", 58, 179},
|
||||
#endif
|
||||
#ifdef CMP_R_MISSING_TRUST_STORE
|
||||
{"MISSING_TRUST_STORE", ERR_LIB_CMP, CMP_R_MISSING_TRUST_STORE},
|
||||
#else
|
||||
|
|
@ -1455,6 +1485,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"WRONG_ALGORITHM_OID", 58, 138},
|
||||
#endif
|
||||
#ifdef CMP_R_WRONG_CERTID
|
||||
{"WRONG_CERTID", ERR_LIB_CMP, CMP_R_WRONG_CERTID},
|
||||
#else
|
||||
{"WRONG_CERTID", 58, 189},
|
||||
#endif
|
||||
#ifdef CMP_R_WRONG_CERTID_IN_RP
|
||||
{"WRONG_CERTID_IN_RP", ERR_LIB_CMP, CMP_R_WRONG_CERTID_IN_RP},
|
||||
#else
|
||||
|
|
@ -1885,6 +1920,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"UNSUPPORTED_COMPRESSION_ALGORITHM", 46, 151},
|
||||
#endif
|
||||
#ifdef CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM
|
||||
{"UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM", ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM},
|
||||
#else
|
||||
{"UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM", 46, 194},
|
||||
#endif
|
||||
#ifdef CMS_R_UNSUPPORTED_CONTENT_TYPE
|
||||
{"UNSUPPORTED_CONTENT_TYPE", ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_TYPE},
|
||||
#else
|
||||
|
|
@ -2045,6 +2085,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"RECURSIVE_DIRECTORY_INCLUDE", 14, 111},
|
||||
#endif
|
||||
#ifdef CONF_R_RELATIVE_PATH
|
||||
{"RELATIVE_PATH", ERR_LIB_CONF, CONF_R_RELATIVE_PATH},
|
||||
#else
|
||||
{"RELATIVE_PATH", 14, 125},
|
||||
#endif
|
||||
#ifdef CONF_R_SSL_COMMAND_SECTION_EMPTY
|
||||
{"SSL_COMMAND_SECTION_EMPTY", ERR_LIB_CONF, CONF_R_SSL_COMMAND_SECTION_EMPTY},
|
||||
#else
|
||||
|
|
@ -2235,6 +2280,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"INSUFFICIENT_SECURE_DATA_SPACE", 15, 108},
|
||||
#endif
|
||||
#ifdef CRYPTO_R_INVALID_NEGATIVE_VALUE
|
||||
{"INVALID_NEGATIVE_VALUE", ERR_LIB_CRYPTO, CRYPTO_R_INVALID_NEGATIVE_VALUE},
|
||||
#else
|
||||
{"INVALID_NEGATIVE_VALUE", 15, 122},
|
||||
#endif
|
||||
#ifdef CRYPTO_R_INVALID_NULL_ARGUMENT
|
||||
{"INVALID_NULL_ARGUMENT", ERR_LIB_CRYPTO, CRYPTO_R_INVALID_NULL_ARGUMENT},
|
||||
#else
|
||||
|
|
@ -2605,6 +2655,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"SEED_LEN_SMALL", 10, 110},
|
||||
#endif
|
||||
#ifdef DSA_R_TOO_MANY_RETRIES
|
||||
{"TOO_MANY_RETRIES", ERR_LIB_DSA, DSA_R_TOO_MANY_RETRIES},
|
||||
#else
|
||||
{"TOO_MANY_RETRIES", 10, 116},
|
||||
#endif
|
||||
#ifdef DSO_R_CTRL_FAILED
|
||||
{"CTRL_FAILED", ERR_LIB_DSO, DSO_R_CTRL_FAILED},
|
||||
#else
|
||||
|
|
@ -2745,6 +2800,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"EC_GROUP_NEW_BY_NAME_FAILURE", 16, 119},
|
||||
#endif
|
||||
#ifdef EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED
|
||||
{"EXPLICIT_PARAMS_NOT_SUPPORTED", ERR_LIB_EC, EC_R_EXPLICIT_PARAMS_NOT_SUPPORTED},
|
||||
#else
|
||||
{"EXPLICIT_PARAMS_NOT_SUPPORTED", 16, 127},
|
||||
#endif
|
||||
#ifdef EC_R_FAILED_MAKING_PUBLIC_KEY
|
||||
{"FAILED_MAKING_PUBLIC_KEY", ERR_LIB_EC, EC_R_FAILED_MAKING_PUBLIC_KEY},
|
||||
#else
|
||||
|
|
@ -2850,6 +2910,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"INVALID_KEY", 16, 116},
|
||||
#endif
|
||||
#ifdef EC_R_INVALID_LENGTH
|
||||
{"INVALID_LENGTH", ERR_LIB_EC, EC_R_INVALID_LENGTH},
|
||||
#else
|
||||
{"INVALID_LENGTH", 16, 117},
|
||||
#endif
|
||||
#ifdef EC_R_INVALID_NAMED_GROUP_CONVERSION
|
||||
{"INVALID_NAMED_GROUP_CONVERSION", ERR_LIB_EC, EC_R_INVALID_NAMED_GROUP_CONVERSION},
|
||||
#else
|
||||
|
|
@ -3010,6 +3075,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"SLOT_FULL", 16, 108},
|
||||
#endif
|
||||
#ifdef EC_R_TOO_MANY_RETRIES
|
||||
{"TOO_MANY_RETRIES", ERR_LIB_EC, EC_R_TOO_MANY_RETRIES},
|
||||
#else
|
||||
{"TOO_MANY_RETRIES", 16, 176},
|
||||
#endif
|
||||
#ifdef EC_R_UNDEFINED_GENERATOR
|
||||
{"UNDEFINED_GENERATOR", ERR_LIB_EC, EC_R_UNDEFINED_GENERATOR},
|
||||
#else
|
||||
|
|
@ -3690,6 +3760,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"PUBLIC_KEY_NOT_RSA", 6, 106},
|
||||
#endif
|
||||
#ifdef EVP_R_SETTING_XOF_FAILED
|
||||
{"SETTING_XOF_FAILED", ERR_LIB_EVP, EVP_R_SETTING_XOF_FAILED},
|
||||
#else
|
||||
{"SETTING_XOF_FAILED", 6, 227},
|
||||
#endif
|
||||
#ifdef EVP_R_SET_DEFAULT_PROPERTY_FAILURE
|
||||
{"SET_DEFAULT_PROPERTY_FAILURE", ERR_LIB_EVP, EVP_R_SET_DEFAULT_PROPERTY_FAILURE},
|
||||
#else
|
||||
|
|
@ -3865,6 +3940,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"FAILED_READING_DATA", 61, 128},
|
||||
#endif
|
||||
#ifdef HTTP_R_HEADER_PARSE_ERROR
|
||||
{"HEADER_PARSE_ERROR", ERR_LIB_HTTP, HTTP_R_HEADER_PARSE_ERROR},
|
||||
#else
|
||||
{"HEADER_PARSE_ERROR", 61, 126},
|
||||
#endif
|
||||
#ifdef HTTP_R_INCONSISTENT_CONTENT_LENGTH
|
||||
{"INCONSISTENT_CONTENT_LENGTH", ERR_LIB_HTTP, HTTP_R_INCONSISTENT_CONTENT_LENGTH},
|
||||
#else
|
||||
|
|
@ -3935,6 +4015,16 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"RESPONSE_PARSE_ERROR", 61, 104},
|
||||
#endif
|
||||
#ifdef HTTP_R_RETRY_TIMEOUT
|
||||
{"RETRY_TIMEOUT", ERR_LIB_HTTP, HTTP_R_RETRY_TIMEOUT},
|
||||
#else
|
||||
{"RETRY_TIMEOUT", 61, 129},
|
||||
#endif
|
||||
#ifdef HTTP_R_SERVER_CANCELED_CONNECTION
|
||||
{"SERVER_CANCELED_CONNECTION", ERR_LIB_HTTP, HTTP_R_SERVER_CANCELED_CONNECTION},
|
||||
#else
|
||||
{"SERVER_CANCELED_CONNECTION", 61, 127},
|
||||
#endif
|
||||
#ifdef HTTP_R_SOCK_NOT_SUPPORTED
|
||||
{"SOCK_NOT_SUPPORTED", ERR_LIB_HTTP, HTTP_R_SOCK_NOT_SUPPORTED},
|
||||
#else
|
||||
|
|
@ -4100,6 +4190,16 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"UNSUPPORTED_REQUESTORNAME_TYPE", 39, 129},
|
||||
#endif
|
||||
#ifdef OSSL_DECODER_R_COULD_NOT_DECODE_OBJECT
|
||||
{"COULD_NOT_DECODE_OBJECT", ERR_LIB_OSSL_DECODER, OSSL_DECODER_R_COULD_NOT_DECODE_OBJECT},
|
||||
#else
|
||||
{"COULD_NOT_DECODE_OBJECT", 60, 101},
|
||||
#endif
|
||||
#ifdef OSSL_DECODER_R_DECODER_NOT_FOUND
|
||||
{"DECODER_NOT_FOUND", ERR_LIB_OSSL_DECODER, OSSL_DECODER_R_DECODER_NOT_FOUND},
|
||||
#else
|
||||
{"DECODER_NOT_FOUND", 60, 102},
|
||||
#endif
|
||||
#ifdef OSSL_DECODER_R_MISSING_GET_PARAMS
|
||||
{"MISSING_GET_PARAMS", ERR_LIB_OSSL_DECODER, OSSL_DECODER_R_MISSING_GET_PARAMS},
|
||||
#else
|
||||
|
|
@ -4190,6 +4290,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"NOT_PARAMETERS", 44, 104},
|
||||
#endif
|
||||
#ifdef OSSL_STORE_R_NO_LOADERS_FOUND
|
||||
{"NO_LOADERS_FOUND", ERR_LIB_OSSL_STORE, OSSL_STORE_R_NO_LOADERS_FOUND},
|
||||
#else
|
||||
{"NO_LOADERS_FOUND", 44, 123},
|
||||
#endif
|
||||
#ifdef OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR
|
||||
{"PASSPHRASE_CALLBACK_ERROR", ERR_LIB_OSSL_STORE, OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR},
|
||||
#else
|
||||
|
|
@ -4935,6 +5040,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"INVALID_DIGEST_SIZE", 57, 218},
|
||||
#endif
|
||||
#ifdef PROV_R_INVALID_INPUT_LENGTH
|
||||
{"INVALID_INPUT_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_INPUT_LENGTH},
|
||||
#else
|
||||
{"INVALID_INPUT_LENGTH", 57, 230},
|
||||
#endif
|
||||
#ifdef PROV_R_INVALID_ITERATION_COUNT
|
||||
{"INVALID_ITERATION_COUNT", ERR_LIB_PROV, PROV_R_INVALID_ITERATION_COUNT},
|
||||
#else
|
||||
|
|
@ -4970,6 +5080,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"INVALID_MODE", 57, 125},
|
||||
#endif
|
||||
#ifdef PROV_R_INVALID_OUTPUT_LENGTH
|
||||
{"INVALID_OUTPUT_LENGTH", ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH},
|
||||
#else
|
||||
{"INVALID_OUTPUT_LENGTH", 57, 217},
|
||||
#endif
|
||||
#ifdef PROV_R_INVALID_PADDING_MODE
|
||||
{"INVALID_PADDING_MODE", ERR_LIB_PROV, PROV_R_INVALID_PADDING_MODE},
|
||||
#else
|
||||
|
|
@ -5035,6 +5150,16 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"KEY_SIZE_TOO_SMALL", 57, 171},
|
||||
#endif
|
||||
#ifdef PROV_R_LENGTH_TOO_LARGE
|
||||
{"LENGTH_TOO_LARGE", ERR_LIB_PROV, PROV_R_LENGTH_TOO_LARGE},
|
||||
#else
|
||||
{"LENGTH_TOO_LARGE", 57, 202},
|
||||
#endif
|
||||
#ifdef PROV_R_MISMATCHING_DOMAIN_PARAMETERS
|
||||
{"MISMATCHING_DOMAIN_PARAMETERS", ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS},
|
||||
#else
|
||||
{"MISMATCHING_DOMAIN_PARAMETERS", 57, 203},
|
||||
#endif
|
||||
#ifdef PROV_R_MISSING_CEK_ALG
|
||||
{"MISSING_CEK_ALG", ERR_LIB_PROV, PROV_R_MISSING_CEK_ALG},
|
||||
#else
|
||||
|
|
@ -5695,6 +5820,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"INVALID_LABEL", 4, 160},
|
||||
#endif
|
||||
#ifdef RSA_R_INVALID_LENGTH
|
||||
{"INVALID_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_LENGTH},
|
||||
#else
|
||||
{"INVALID_LENGTH", 4, 181},
|
||||
#endif
|
||||
#ifdef RSA_R_INVALID_MESSAGE_LENGTH
|
||||
{"INVALID_MESSAGE_LENGTH", ERR_LIB_RSA, RSA_R_INVALID_MESSAGE_LENGTH},
|
||||
#else
|
||||
|
|
@ -5880,6 +6010,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"Q_NOT_PRIME", 4, 129},
|
||||
#endif
|
||||
#ifdef RSA_R_RANDOMNESS_SOURCE_STRENGTH_INSUFFICIENT
|
||||
{"RANDOMNESS_SOURCE_STRENGTH_INSUFFICIENT", ERR_LIB_RSA, RSA_R_RANDOMNESS_SOURCE_STRENGTH_INSUFFICIENT},
|
||||
#else
|
||||
{"RANDOMNESS_SOURCE_STRENGTH_INSUFFICIENT", 4, 180},
|
||||
#endif
|
||||
#ifdef RSA_R_RSA_OPERATIONS_NOT_SUPPORTED
|
||||
{"RSA_OPERATIONS_NOT_SUPPORTED", ERR_LIB_RSA, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED},
|
||||
#else
|
||||
|
|
@ -6680,6 +6815,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"INVALID_TICKET_KEYS_LENGTH", 20, 325},
|
||||
#endif
|
||||
#ifdef SSL_R_LEGACY_SIGALG_DISALLOWED_OR_UNSUPPORTED
|
||||
{"LEGACY_SIGALG_DISALLOWED_OR_UNSUPPORTED", ERR_LIB_SSL, SSL_R_LEGACY_SIGALG_DISALLOWED_OR_UNSUPPORTED},
|
||||
#else
|
||||
{"LEGACY_SIGALG_DISALLOWED_OR_UNSUPPORTED", 20, 333},
|
||||
#endif
|
||||
#ifdef SSL_R_LENGTH_MISMATCH
|
||||
{"LENGTH_MISMATCH", ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH},
|
||||
#else
|
||||
|
|
@ -6725,6 +6865,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"MISSING_PARAMETERS", 20, 290},
|
||||
#endif
|
||||
#ifdef SSL_R_MISSING_PSK_KEX_MODES_EXTENSION
|
||||
{"MISSING_PSK_KEX_MODES_EXTENSION", ERR_LIB_SSL, SSL_R_MISSING_PSK_KEX_MODES_EXTENSION},
|
||||
#else
|
||||
{"MISSING_PSK_KEX_MODES_EXTENSION", 20, 310},
|
||||
#endif
|
||||
#ifdef SSL_R_MISSING_RSA_CERTIFICATE
|
||||
{"MISSING_RSA_CERTIFICATE", ERR_LIB_SSL, SSL_R_MISSING_RSA_CERTIFICATE},
|
||||
#else
|
||||
|
|
@ -6940,6 +7085,11 @@ static struct py_ssl_error_code error_codes[] = {
|
|||
#else
|
||||
{"NULL_SSL_METHOD_PASSED", 20, 196},
|
||||
#endif
|
||||
#ifdef SSL_R_OCSP_CALLBACK_FAILURE
|
||||
{"OCSP_CALLBACK_FAILURE", ERR_LIB_SSL, SSL_R_OCSP_CALLBACK_FAILURE},
|
||||
#else
|
||||
{"OCSP_CALLBACK_FAILURE", 20, 305},
|
||||
#endif
|
||||
#ifdef SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED
|
||||
{"OLD_SESSION_CIPHER_NOT_RETURNED", ERR_LIB_SSL, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED},
|
||||
#else
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ echo.Fetching external libraries...
|
|||
set libraries=
|
||||
set libraries=%libraries% bzip2-1.0.8
|
||||
if NOT "%IncludeLibffiSrc%"=="false" set libraries=%libraries% libffi-3.4.4
|
||||
if NOT "%IncludeSSLSrc%"=="false" set libraries=%libraries% openssl-1.1.1t
|
||||
if NOT "%IncludeSSLSrc%"=="false" set libraries=%libraries% openssl-1.1.1u
|
||||
set libraries=%libraries% sqlite-3.42.0.0
|
||||
if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tcl-core-8.6.12.1
|
||||
if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tk-8.6.12.1
|
||||
|
|
@ -77,7 +77,7 @@ echo.Fetching external binaries...
|
|||
|
||||
set binaries=
|
||||
if NOT "%IncludeLibffi%"=="false" set binaries=%binaries% libffi-3.4.4
|
||||
if NOT "%IncludeSSL%"=="false" set binaries=%binaries% openssl-bin-1.1.1t
|
||||
if NOT "%IncludeSSL%"=="false" set binaries=%binaries% openssl-bin-1.1.1u
|
||||
if NOT "%IncludeTkinter%"=="false" set binaries=%binaries% tcltk-8.6.12.1
|
||||
if NOT "%IncludeSSLSrc%"=="false" set binaries=%binaries% nasm-2.11.06
|
||||
|
||||
|
|
|
|||
|
|
@ -74,8 +74,8 @@
|
|||
<libffiDir Condition="$(libffiDir) == ''">$(ExternalsDir)libffi-3.4.4\</libffiDir>
|
||||
<libffiOutDir Condition="$(libffiOutDir) == ''">$(libffiDir)$(ArchName)\</libffiOutDir>
|
||||
<libffiIncludeDir Condition="$(libffiIncludeDir) == ''">$(libffiOutDir)include</libffiIncludeDir>
|
||||
<opensslDir Condition="$(opensslDir) == ''">$(ExternalsDir)openssl-1.1.1t\</opensslDir>
|
||||
<opensslOutDir Condition="$(opensslOutDir) == ''">$(ExternalsDir)openssl-bin-1.1.1t\$(ArchName)\</opensslOutDir>
|
||||
<opensslDir Condition="$(opensslDir) == ''">$(ExternalsDir)openssl-1.1.1u\</opensslDir>
|
||||
<opensslOutDir Condition="$(opensslOutDir) == ''">$(ExternalsDir)openssl-bin-1.1.1u\$(ArchName)\</opensslOutDir>
|
||||
<opensslIncludeDir Condition="$(opensslIncludeDir) == ''">$(opensslOutDir)include</opensslIncludeDir>
|
||||
<nasmDir Condition="$(nasmDir) == ''">$(ExternalsDir)\nasm-2.11.06\</nasmDir>
|
||||
<zlibDir Condition="$(zlibDir) == ''">$(ExternalsDir)\zlib-1.2.13\</zlibDir>
|
||||
|
|
|
|||
|
|
@ -168,7 +168,7 @@ _lzma
|
|||
Homepage:
|
||||
https://tukaani.org/xz/
|
||||
_ssl
|
||||
Python wrapper for version 1.1.1t of the OpenSSL secure sockets
|
||||
Python wrapper for version 1.1.1u of the OpenSSL secure sockets
|
||||
library, which is downloaded from our binaries repository at
|
||||
https://github.com/python/cpython-bin-deps.
|
||||
|
||||
|
|
|
|||
|
|
@ -75,6 +75,7 @@ def clean_lines(text):
|
|||
# only huge constants (safe but parsing is slow)
|
||||
Modules/_blake2/impl/blake2-kat.h
|
||||
Modules/_ssl_data.h
|
||||
Modules/_ssl_data_31.h
|
||||
Modules/_ssl_data_300.h
|
||||
Modules/_ssl_data_111.h
|
||||
Modules/cjkcodecs/mappings_*.h
|
||||
|
|
|
|||
|
|
@ -47,8 +47,9 @@
|
|||
]
|
||||
|
||||
OPENSSL_RECENT_VERSIONS = [
|
||||
"1.1.1t",
|
||||
"3.0.8"
|
||||
"1.1.1u",
|
||||
"3.0.9",
|
||||
"3.1.1",
|
||||
]
|
||||
|
||||
LIBRESSL_OLD_VERSIONS = [
|
||||
|
|
|
|||
Loading…
Reference in New Issue