Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Hi Release Team, Please unblock python-gevent which fixes #770616 [1]. It's a FTBFS due to the SSLv3 removal and the solution is to use the v2 fallback. Debdiff is attached. Thanks, Laszlo/GCS unblock python-gevent/1.0.1-2 [1] https://bugs.debian.org/770616
diff -Nru python-gevent-1.0.1/debian/changelog python-gevent-1.0.1/debian/changelog
--- python-gevent-1.0.1/debian/changelog 2014-10-09 18:18:32.000000000 +0000
+++ python-gevent-1.0.1/debian/changelog 2014-12-13 06:03:37.000000000 +0000
@@ -1,3 +1,12 @@
+python-gevent (1.0.1-2) unstable; urgency=medium
+
+ * Add dh-python to Build-Depends.
+
+ [ Jan Gerber <j@mailb.org> ]
+ * Use PROTOCOL_SSLv23 instead of PROTOCOL_SSLv3 (closes: #770616).
+
+ -- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sat, 13 Dec 2014 05:54:50 +0000
+
python-gevent (1.0.1-1) unstable; urgency=low
* New upstream release, fixes thread switch detection (closes: #694750).
diff -Nru python-gevent-1.0.1/debian/control python-gevent-1.0.1/debian/control
--- python-gevent-1.0.1/debian/control 2014-10-08 17:23:45.000000000 +0000
+++ python-gevent-1.0.1/debian/control 2014-12-13 01:24:25.000000000 +0000
@@ -1,7 +1,7 @@
Source: python-gevent
Priority: extra
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
-Build-Depends: debhelper (>= 9), autotools-dev, python-all-dev,
+Build-Depends: debhelper (>= 9), dh-python, autotools-dev, python-all-dev,
libevent-dev (>= 1.4), python-greenlet | python-codespeak-lib (<< 1.0),
python-sphinx (>= 1.0.7+dfsg), python-all-dbg
Standards-Version: 3.9.6
diff -Nru python-gevent-1.0.1/debian/patches/nossl3.patch python-gevent-1.0.1/debian/patches/nossl3.patch
--- python-gevent-1.0.1/debian/patches/nossl3.patch 1970-01-01 00:00:00.000000000 +0000
+++ python-gevent-1.0.1/debian/patches/nossl3.patch 2014-12-13 01:30:10.000000000 +0000
@@ -0,0 +1,152 @@
+diff a/gevent/ssl.py b/gevent/ssl.py
+--- a/gevent/ssl.py
++++ b/gevent/ssl.py
+@@ -382,7 +382,7 @@ def wrap_socket(sock, keyfile=None, certfile=None,
+ ciphers=ciphers)
+
+
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ """Retrieve the certificate from the server at the specified address,
+ and return it as a PEM-encoded string.
+ If 'ca_certs' is specified, validate the server cert against it.
+diff a/greentest/2.6/test_ssl.py b/greentest/2.6/test_ssl.py
+--- a/greentest/2.6/test_ssl.py
++++ b/greentest/2.6/test_ssl.py
+@@ -60,7 +60,6 @@ class BasicTests(unittest.TestCase):
+ def test_constants(self):
+ ssl.PROTOCOL_SSLv2
+ ssl.PROTOCOL_SSLv23
+- ssl.PROTOCOL_SSLv3
+ ssl.PROTOCOL_TLSv1
+ ssl.CERT_NONE
+ ssl.CERT_OPTIONAL
+@@ -839,7 +838,7 @@ else:
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True)
+- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False)
+
+ def test_protocol_sslv23(self):
+@@ -856,15 +855,12 @@ else:
+ sys.stdout.write(
+ " SSL2 client to SSL23 server test unexpectedly failed:\n %s\n"
+ % str(x))
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True)
+
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL)
+
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED)
+
+@@ -874,12 +870,11 @@ else:
+ sys.stdout.write("\ntest_protocol_sslv3 disabled, "
+ "as it fails on OpenSSL 1.0.0+")
+ return
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv2, False)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv23, False)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLSv1, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv2, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, False)
+
+ def test_protocol_tlsv1(self):
+ """Connecting to a TLSv1 server with various client options"""
+@@ -891,7 +886,6 @@ else:
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False)
+- try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False)
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv23, False)
+
+ def test_starttls(self):
+diff a/greentest/2.7/test_ftplib.py b/greentest/2.7/test_ftplib.py
+--- a/greentest/2.7/test_ftplib.py
++++ b/greentest/2.7/test_ftplib.py
+@@ -655,7 +655,7 @@ class TestTLS_FTPClass(TestCase):
+
+ def test_auth_ssl(self):
+ try:
+- self.client.ssl_version = ssl.PROTOCOL_SSLv3
++ self.client.ssl_version = ssl.PROTOCOL_SSLv23
+ self.client.auth()
+ self.assertRaises(ValueError, self.client.auth)
+ finally:
+diff a/greentest/2.7/test_ssl.py b/greentest/2.7/test_ssl.py
+--- a/greentest/2.7/test_ssl.py
++++ b/greentest/2.7/test_ssl.py
+@@ -83,7 +83,7 @@ class BasicSocketTests(unittest.TestCase):
+ def test_constants(self):
+ #ssl.PROTOCOL_SSLv2
+ ssl.PROTOCOL_SSLv23
+- ssl.PROTOCOL_SSLv3
++ #ssl.PROTOCOL_SSLv3
+ ssl.PROTOCOL_TLSv1
+ ssl.CERT_NONE
+ ssl.CERT_OPTIONAL
+@@ -993,7 +993,8 @@ else:
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True)
+- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
++ if hasattr(ssl, 'PROTOCOL_SSLv3'):
++ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False)
+
+ @skip_if_broken_ubuntu_ssl
+@@ -1001,23 +1002,30 @@ else:
+ """Connecting to an SSLv23 server with various client options"""
+ if test_support.verbose:
+ sys.stdout.write("\n")
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True)
++ if hasattr(ssl, 'PROTOCOL_SSLv3'):
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True)
+
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
++ if hasattr(ssl, 'PROTOCOL_SSLv3'):
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL)
+
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
++ if hasattr(ssl, 'PROTOCOL_SSLv3'):
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED)
+
+ @skip_if_broken_ubuntu_ssl
++ @unittest.skipUnless(hasattr(ssl, 'PROTOCOL_SSLv3'),
++ "OpenSSL is compiled without SSLv3 support")
+ def test_protocol_sslv3(self):
+ """Connecting to an SSLv3 server with various client options"""
+ if test_support.verbose:
+ sys.stdout.write("\n")
++ if not hasattr(ssl, 'PROTOCOL_SSLv3'):
++ self.skipTest("PROTOCOL_SSLv3 needed")
+ try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
+@@ -1035,7 +1043,8 @@ else:
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED)
+ if hasattr(ssl, 'PROTOCOL_SSLv2'):
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False)
+- try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False)
++ if hasattr(ssl, 'PROTOCOL_SSLv3'):
++ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False)
+
+ def test_starttls(self):
+ """Switching from clear text to encrypted and back again."""
diff -Nru python-gevent-1.0.1/debian/patches/remove2.patch python-gevent-1.0.1/debian/patches/remove2.patch
--- python-gevent-1.0.1/debian/patches/remove2.patch 1970-01-01 00:00:00.000000000 +0000
+++ python-gevent-1.0.1/debian/patches/remove2.patch 2014-12-13 01:18:42.000000000 +0000
@@ -0,0 +1,47 @@
+Description: <short summary of the patch>
+ TODO: Put a short summary on the line above and replace this paragraph
+ with a longer explanation of this change. Complete the meta-information
+ with other relevant fields (see below for details). To make it easier, the
+ information below has been extracted from the changelog. Adjust it or drop
+ it.
+ .
+ python-gevent (1.0.1-1) unstable; urgency=low
+ .
+ * New upstream release, fixes thread switch detection (closes: #694750).
+ * Fix sphinx build problem (closes: #700731).
+ * Tighten greenlet dependency (closes: #747283).
+ * Update Standards-Version to 3.9.6 .
+ * Sync with Ubuntu.
+ .
+ [ Matthias Klose <doko@ubuntu.com> ]
+ * Fix build failure with python2.7 and PEP 466 (closes: #764499).
+Author: Laszlo Boszormenyi (GCS) <gcs@debian.org>
+Bug-Debian: https://bugs.debian.org/694750
+Bug-Debian: https://bugs.debian.org/700731
+Bug-Debian: https://bugs.debian.org/747283
+Bug-Debian: https://bugs.debian.org/764499
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: https://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- python-gevent-1.0.1.orig/gevent/ssl.py
++++ python-gevent-1.0.1/gevent/ssl.py
+@@ -382,7 +382,7 @@ def wrap_socket(sock, keyfile=None, cert
+ ciphers=ciphers)
+
+
+-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None):
++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None):
+ """Retrieve the certificate from the server at the specified address,
+ and return it as a PEM-encoded string.
+ If 'ca_certs' is specified, validate the server cert against it.
diff -Nru python-gevent-1.0.1/debian/patches/remove.patch python-gevent-1.0.1/debian/patches/remove.patch
--- python-gevent-1.0.1/debian/patches/remove.patch 1970-01-01 00:00:00.000000000 +0000
+++ python-gevent-1.0.1/debian/patches/remove.patch 2014-12-13 01:13:43.000000000 +0000
@@ -0,0 +1,151 @@
+Description: <short summary of the patch>
+ TODO: Put a short summary on the line above and replace this paragraph
+ with a longer explanation of this change. Complete the meta-information
+ with other relevant fields (see below for details). To make it easier, the
+ information below has been extracted from the changelog. Adjust it or drop
+ it.
+ .
+ python-gevent (1.0.1-1) unstable; urgency=low
+ .
+ * New upstream release, fixes thread switch detection (closes: #694750).
+ * Fix sphinx build problem (closes: #700731).
+ * Tighten greenlet dependency (closes: #747283).
+ * Update Standards-Version to 3.9.6 .
+ * Sync with Ubuntu.
+ .
+ [ Matthias Klose <doko@ubuntu.com> ]
+ * Fix build failure with python2.7 and PEP 466 (closes: #764499).
+Author: Laszlo Boszormenyi (GCS) <gcs@debian.org>
+Bug-Debian: https://bugs.debian.org/694750
+Bug-Debian: https://bugs.debian.org/700731
+Bug-Debian: https://bugs.debian.org/747283
+Bug-Debian: https://bugs.debian.org/764499
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: https://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- python-gevent-1.0.1.orig/greentest/2.6/test_ssl.py
++++ python-gevent-1.0.1/greentest/2.6/test_ssl.py
+@@ -839,7 +839,7 @@ else:
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True)
+- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False)
+
+ def test_protocol_sslv23(self):
+@@ -856,15 +856,15 @@ else:
+ sys.stdout.write(
+ " SSL2 client to SSL23 server test unexpectedly failed:\n %s\n"
+ % str(x))
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True)
+
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL)
+
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED)
+
+@@ -874,12 +874,12 @@ else:
+ sys.stdout.write("\ntest_protocol_sslv3 disabled, "
+ "as it fails on OpenSSL 1.0.0+")
+ return
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv2, False)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv23, False)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLSv1, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv2, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, False)
+
+ def test_protocol_tlsv1(self):
+ """Connecting to a TLSv1 server with various client options"""
+@@ -891,7 +891,7 @@ else:
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False)
+- try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False)
++ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv23, False)
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv23, False)
+
+ def test_starttls(self):
+--- python-gevent-1.0.1.orig/greentest/2.7/test_ssl.py
++++ python-gevent-1.0.1/greentest/2.7/test_ssl.py
+@@ -993,7 +993,7 @@ else:
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True)
+- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False)
+ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False)
+
+ @skip_if_broken_ubuntu_ssl
+@@ -1001,15 +1001,15 @@ else:
+ """Connecting to an SSLv23 server with various client options"""
+ if test_support.verbose:
+ sys.stdout.write("\n")
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True)
+
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL)
+
+- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
+ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED)
+
+@@ -1018,12 +1018,12 @@ else:
+ """Connecting to an SSLv3 server with various client options"""
+ if test_support.verbose:
+ sys.stdout.write("\n")
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED)
+ if hasattr(ssl, 'PROTOCOL_SSLv2'):
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv2, False)
+- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLSv1, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv2, False)
++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, False)
+
+ @skip_if_broken_ubuntu_ssl
+ def test_protocol_tlsv1(self):
+@@ -1035,7 +1035,7 @@ else:
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED)
+ if hasattr(ssl, 'PROTOCOL_SSLv2'):
+ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False)
+- try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False)
++ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv23, False)
+
+ def test_starttls(self):
+ """Switching from clear text to encrypted and back again."""
diff -Nru python-gevent-1.0.1/debian/patches/series python-gevent-1.0.1/debian/patches/series
--- python-gevent-1.0.1/debian/patches/series 2014-10-08 16:29:43.000000000 +0000
+++ python-gevent-1.0.1/debian/patches/series 2014-12-13 01:30:36.000000000 +0000
@@ -3,3 +3,6 @@
use-local-intersphinx-inventory.patch
#fix-gcc-ftbfs.diff
sslwrap.py
+#remove.patch
+#remove2.patch
+nossl3.patch
Attachment:
signature.asc
Description: This is a digitally signed message part