[pypy-commit] pypy detect_egd2: Detect RAND_egd() and make ssl.RAND_egd() raise if not found.
vext01
noreply at buildbot.pypy.org
Wed Sep 9 10:16:49 CEST 2015
Author: Edd Barrett <vext01 at gmail.com>
Branch: detect_egd2
Changeset: r79557:506d9ba2b5f8
Date: 2015-09-09 09:16 +0100
http://bitbucket.org/pypy/pypy/changeset/506d9ba2b5f8/
Log: Detect RAND_egd() and make ssl.RAND_egd() raise if not found.
diff --git a/pypy/module/_ssl/interp_ssl.py b/pypy/module/_ssl/interp_ssl.py
--- a/pypy/module/_ssl/interp_ssl.py
+++ b/pypy/module/_ssl/interp_ssl.py
@@ -241,20 +241,26 @@
res = libssl_RAND_status()
return space.wrap(res)
- @unwrap_spec(path=str)
- def RAND_egd(space, path):
- """RAND_egd(path) -> bytes
+ if HAVE_OPENSSL_RAND_EGD:
+ @unwrap_spec(path=str)
+ def RAND_egd(space, path):
+ """RAND_egd(path) -> bytes
- Queries the entropy gather daemon (EGD) on socket path. Returns number
- of bytes read. Raises socket.sslerror if connection to EGD fails or
- if it does provide enough data to seed PRNG."""
- with rffi.scoped_str2charp(path) as socket_path:
- bytes = libssl_RAND_egd(socket_path)
- if bytes == -1:
- raise ssl_error(space,
- "EGD connection failed or EGD did not return "
- "enough data to seed the PRNG")
- return space.wrap(bytes)
+ Queries the entropy gather daemon (EGD) on socket path. Returns number
+ of bytes read. Raises socket.sslerror if connection to EGD fails or
+ if it does provide enough data to seed PRNG."""
+ with rffi.scoped_str2charp(path) as socket_path:
+ bytes = libssl_RAND_egd(socket_path)
+ if bytes == -1:
+ raise ssl_error(space,
+ "EGD connection failed or EGD did not return "
+ "enough data to seed the PRNG")
+ return space.wrap(bytes)
+ else:
+ # Dummy func for platforms missing RAND_egd(). Most likely LibreSSL.
+ @unwrap_spec(path=str)
+ def RAND_egd(space, path):
+ raise ssl_error(space, "RAND_egd unavailable")
class _SSLSocket(W_Root):
diff --git a/rpython/rlib/ropenssl.py b/rpython/rlib/ropenssl.py
--- a/rpython/rlib/ropenssl.py
+++ b/rpython/rlib/ropenssl.py
@@ -264,6 +264,9 @@
OPENSSL_NO_ECDH = True
HAS_ALPN = OPENSSL_VERSION_NUMBER >= 0x1000200fL and not OPENSSL_NO_TLSEXT
+HAVE_OPENSSL_RAND_EGD = rffi_platform.has('RAND_egd("/")',
+ '#include <openssl/rand.h>',
+ libraries=['ssl', 'crypto'])
def external(name, argtypes, restype, **kw):
kw['compilation_info'] = eci
@@ -288,7 +291,8 @@
if HAVE_OPENSSL_RAND:
ssl_external('RAND_add', [rffi.CCHARP, rffi.INT, rffi.DOUBLE], lltype.Void)
ssl_external('RAND_status', [], rffi.INT)
- ssl_external('RAND_egd', [rffi.CCHARP], rffi.INT)
+ if HAVE_OPENSSL_RAND_EGD:
+ ssl_external('RAND_egd', [rffi.CCHARP], rffi.INT)
ssl_external('SSL_CTX_new', [SSL_METHOD], SSL_CTX)
ssl_external('SSL_get_SSL_CTX', [SSL], SSL_CTX)
ssl_external('SSL_set_SSL_CTX', [SSL, SSL_CTX], SSL_CTX)
diff --git a/rpython/rtyper/tool/rffi_platform.py b/rpython/rtyper/tool/rffi_platform.py
--- a/rpython/rtyper/tool/rffi_platform.py
+++ b/rpython/rtyper/tool/rffi_platform.py
@@ -17,12 +17,15 @@
#
# Helpers for simple cases
-def eci_from_header(c_header_source, include_dirs=None):
+def eci_from_header(c_header_source, include_dirs=None, libraries=None):
if include_dirs is None:
include_dirs = []
+ if libraries is None:
+ libraries = []
return ExternalCompilationInfo(
post_include_bits=[c_header_source],
- include_dirs=include_dirs
+ include_dirs=include_dirs,
+ libraries=libraries,
)
def getstruct(name, c_header_source, interesting_fields):
@@ -75,9 +78,10 @@
CConfig._compilation_info_.includes = includes
return configure(CConfig)['RESULT']
-def has(name, c_header_source, include_dirs=None):
+def has(name, c_header_source, include_dirs=None, libraries=None):
class CConfig:
- _compilation_info_ = eci_from_header(c_header_source, include_dirs)
+ _compilation_info_ = \
+ eci_from_header(c_header_source, include_dirs, libraries)
HAS = Has(name)
return configure(CConfig)['HAS']
More information about the pypy-commit
mailing list