Your message dated Sun, 14 Dec 2014 16:17:29 +0000 with message-id <1418573849.30230.4.camel@adam-barratt.org.uk> and subject line Re: Bug#773093: unblock: python-gevent/1.0.1-2 has caused the Debian Bug report #773093, regarding unblock: python-gevent/1.0.1-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 773093: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773093 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: python-gevent/1.0.1-2
- From: "Laszlo Boszormenyi (GCS)" <gcs@debian.org>
- Date: Sun, 14 Dec 2014 09:24:21 +0100
- Message-id: <[🔎] 1418545461.19738.6.camel@debian.org>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Hi Release Team, Please unblock python-gevent which fixes #770616 [1]. It's a FTBFS due to the SSLv3 removal and the solution is to use the v2 fallback. Debdiff is attached. Thanks, Laszlo/GCS unblock python-gevent/1.0.1-2 [1] https://bugs.debian.org/770616diff -Nru python-gevent-1.0.1/debian/changelog python-gevent-1.0.1/debian/changelog --- python-gevent-1.0.1/debian/changelog 2014-10-09 18:18:32.000000000 +0000 +++ python-gevent-1.0.1/debian/changelog 2014-12-13 06:03:37.000000000 +0000 @@ -1,3 +1,12 @@ +python-gevent (1.0.1-2) unstable; urgency=medium + + * Add dh-python to Build-Depends. + + [ Jan Gerber <j@mailb.org> ] + * Use PROTOCOL_SSLv23 instead of PROTOCOL_SSLv3 (closes: #770616). + + -- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sat, 13 Dec 2014 05:54:50 +0000 + python-gevent (1.0.1-1) unstable; urgency=low * New upstream release, fixes thread switch detection (closes: #694750). diff -Nru python-gevent-1.0.1/debian/control python-gevent-1.0.1/debian/control --- python-gevent-1.0.1/debian/control 2014-10-08 17:23:45.000000000 +0000 +++ python-gevent-1.0.1/debian/control 2014-12-13 01:24:25.000000000 +0000 @@ -1,7 +1,7 @@ Source: python-gevent Priority: extra Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> -Build-Depends: debhelper (>= 9), autotools-dev, python-all-dev, +Build-Depends: debhelper (>= 9), dh-python, autotools-dev, python-all-dev, libevent-dev (>= 1.4), python-greenlet | python-codespeak-lib (<< 1.0), python-sphinx (>= 1.0.7+dfsg), python-all-dbg Standards-Version: 3.9.6 diff -Nru python-gevent-1.0.1/debian/patches/nossl3.patch python-gevent-1.0.1/debian/patches/nossl3.patch --- python-gevent-1.0.1/debian/patches/nossl3.patch 1970-01-01 00:00:00.000000000 +0000 +++ python-gevent-1.0.1/debian/patches/nossl3.patch 2014-12-13 01:30:10.000000000 +0000 @@ -0,0 +1,152 @@ +diff a/gevent/ssl.py b/gevent/ssl.py +--- a/gevent/ssl.py ++++ b/gevent/ssl.py +@@ -382,7 +382,7 @@ def wrap_socket(sock, keyfile=None, certfile=None, + ciphers=ciphers) + + +-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None): ++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None): + """Retrieve the certificate from the server at the specified address, + and return it as a PEM-encoded string. + If 'ca_certs' is specified, validate the server cert against it. +diff a/greentest/2.6/test_ssl.py b/greentest/2.6/test_ssl.py +--- a/greentest/2.6/test_ssl.py ++++ b/greentest/2.6/test_ssl.py +@@ -60,7 +60,6 @@ class BasicTests(unittest.TestCase): + def test_constants(self): + ssl.PROTOCOL_SSLv2 + ssl.PROTOCOL_SSLv23 +- ssl.PROTOCOL_SSLv3 + ssl.PROTOCOL_TLSv1 + ssl.CERT_NONE + ssl.CERT_OPTIONAL +@@ -839,7 +838,7 @@ else: + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True) +- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False) + + def test_protocol_sslv23(self): +@@ -856,15 +855,12 @@ else: + sys.stdout.write( + " SSL2 client to SSL23 server test unexpectedly failed:\n %s\n" + % str(x)) +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True) + +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL) + +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED) + +@@ -874,12 +870,11 @@ else: + sys.stdout.write("\ntest_protocol_sslv3 disabled, " + "as it fails on OpenSSL 1.0.0+") + return +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv2, False) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv23, False) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLSv1, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv2, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, False) + + def test_protocol_tlsv1(self): + """Connecting to a TLSv1 server with various client options""" +@@ -891,7 +886,6 @@ else: + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False) +- try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False) + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv23, False) + + def test_starttls(self): +diff a/greentest/2.7/test_ftplib.py b/greentest/2.7/test_ftplib.py +--- a/greentest/2.7/test_ftplib.py ++++ b/greentest/2.7/test_ftplib.py +@@ -655,7 +655,7 @@ class TestTLS_FTPClass(TestCase): + + def test_auth_ssl(self): + try: +- self.client.ssl_version = ssl.PROTOCOL_SSLv3 ++ self.client.ssl_version = ssl.PROTOCOL_SSLv23 + self.client.auth() + self.assertRaises(ValueError, self.client.auth) + finally: +diff a/greentest/2.7/test_ssl.py b/greentest/2.7/test_ssl.py +--- a/greentest/2.7/test_ssl.py ++++ b/greentest/2.7/test_ssl.py +@@ -83,7 +83,7 @@ class BasicSocketTests(unittest.TestCase): + def test_constants(self): + #ssl.PROTOCOL_SSLv2 + ssl.PROTOCOL_SSLv23 +- ssl.PROTOCOL_SSLv3 ++ #ssl.PROTOCOL_SSLv3 + ssl.PROTOCOL_TLSv1 + ssl.CERT_NONE + ssl.CERT_OPTIONAL +@@ -993,7 +993,8 @@ else: + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True) +- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False) ++ if hasattr(ssl, 'PROTOCOL_SSLv3'): ++ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False) + + @skip_if_broken_ubuntu_ssl +@@ -1001,23 +1002,30 @@ else: + """Connecting to an SSLv23 server with various client options""" + if test_support.verbose: + sys.stdout.write("\n") +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True) ++ if hasattr(ssl, 'PROTOCOL_SSLv3'): ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True) + +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) ++ if hasattr(ssl, 'PROTOCOL_SSLv3'): ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL) + +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) ++ if hasattr(ssl, 'PROTOCOL_SSLv3'): ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED) + + @skip_if_broken_ubuntu_ssl ++ @unittest.skipUnless(hasattr(ssl, 'PROTOCOL_SSLv3'), ++ "OpenSSL is compiled without SSLv3 support") + def test_protocol_sslv3(self): + """Connecting to an SSLv3 server with various client options""" + if test_support.verbose: + sys.stdout.write("\n") ++ if not hasattr(ssl, 'PROTOCOL_SSLv3'): ++ self.skipTest("PROTOCOL_SSLv3 needed") + try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True) + try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) +@@ -1035,7 +1043,8 @@ else: + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED) + if hasattr(ssl, 'PROTOCOL_SSLv2'): + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False) +- try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False) ++ if hasattr(ssl, 'PROTOCOL_SSLv3'): ++ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False) + + def test_starttls(self): + """Switching from clear text to encrypted and back again.""" diff -Nru python-gevent-1.0.1/debian/patches/remove2.patch python-gevent-1.0.1/debian/patches/remove2.patch --- python-gevent-1.0.1/debian/patches/remove2.patch 1970-01-01 00:00:00.000000000 +0000 +++ python-gevent-1.0.1/debian/patches/remove2.patch 2014-12-13 01:18:42.000000000 +0000 @@ -0,0 +1,47 @@ +Description: <short summary of the patch> + TODO: Put a short summary on the line above and replace this paragraph + with a longer explanation of this change. Complete the meta-information + with other relevant fields (see below for details). To make it easier, the + information below has been extracted from the changelog. Adjust it or drop + it. + . + python-gevent (1.0.1-1) unstable; urgency=low + . + * New upstream release, fixes thread switch detection (closes: #694750). + * Fix sphinx build problem (closes: #700731). + * Tighten greenlet dependency (closes: #747283). + * Update Standards-Version to 3.9.6 . + * Sync with Ubuntu. + . + [ Matthias Klose <doko@ubuntu.com> ] + * Fix build failure with python2.7 and PEP 466 (closes: #764499). +Author: Laszlo Boszormenyi (GCS) <gcs@debian.org> +Bug-Debian: https://bugs.debian.org/694750 +Bug-Debian: https://bugs.debian.org/700731 +Bug-Debian: https://bugs.debian.org/747283 +Bug-Debian: https://bugs.debian.org/764499 + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: <vendor|upstream|other>, <url of original patch> +Bug: <url in upstream bugtracker> +Bug-Debian: https://bugs.debian.org/<bugnumber> +Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> +Forwarded: <no|not-needed|url proving that it has been forwarded> +Reviewed-By: <name and email of someone who approved the patch> +Last-Update: <YYYY-MM-DD> + +--- python-gevent-1.0.1.orig/gevent/ssl.py ++++ python-gevent-1.0.1/gevent/ssl.py +@@ -382,7 +382,7 @@ def wrap_socket(sock, keyfile=None, cert + ciphers=ciphers) + + +-def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None): ++def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None): + """Retrieve the certificate from the server at the specified address, + and return it as a PEM-encoded string. + If 'ca_certs' is specified, validate the server cert against it. diff -Nru python-gevent-1.0.1/debian/patches/remove.patch python-gevent-1.0.1/debian/patches/remove.patch --- python-gevent-1.0.1/debian/patches/remove.patch 1970-01-01 00:00:00.000000000 +0000 +++ python-gevent-1.0.1/debian/patches/remove.patch 2014-12-13 01:13:43.000000000 +0000 @@ -0,0 +1,151 @@ +Description: <short summary of the patch> + TODO: Put a short summary on the line above and replace this paragraph + with a longer explanation of this change. Complete the meta-information + with other relevant fields (see below for details). To make it easier, the + information below has been extracted from the changelog. Adjust it or drop + it. + . + python-gevent (1.0.1-1) unstable; urgency=low + . + * New upstream release, fixes thread switch detection (closes: #694750). + * Fix sphinx build problem (closes: #700731). + * Tighten greenlet dependency (closes: #747283). + * Update Standards-Version to 3.9.6 . + * Sync with Ubuntu. + . + [ Matthias Klose <doko@ubuntu.com> ] + * Fix build failure with python2.7 and PEP 466 (closes: #764499). +Author: Laszlo Boszormenyi (GCS) <gcs@debian.org> +Bug-Debian: https://bugs.debian.org/694750 +Bug-Debian: https://bugs.debian.org/700731 +Bug-Debian: https://bugs.debian.org/747283 +Bug-Debian: https://bugs.debian.org/764499 + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: <vendor|upstream|other>, <url of original patch> +Bug: <url in upstream bugtracker> +Bug-Debian: https://bugs.debian.org/<bugnumber> +Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> +Forwarded: <no|not-needed|url proving that it has been forwarded> +Reviewed-By: <name and email of someone who approved the patch> +Last-Update: <YYYY-MM-DD> + +--- python-gevent-1.0.1.orig/greentest/2.6/test_ssl.py ++++ python-gevent-1.0.1/greentest/2.6/test_ssl.py +@@ -839,7 +839,7 @@ else: + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True) +- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False) + + def test_protocol_sslv23(self): +@@ -856,15 +856,15 @@ else: + sys.stdout.write( + " SSL2 client to SSL23 server test unexpectedly failed:\n %s\n" + % str(x)) +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True) + +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL) + +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED) + +@@ -874,12 +874,12 @@ else: + sys.stdout.write("\ntest_protocol_sslv3 disabled, " + "as it fails on OpenSSL 1.0.0+") + return +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv2, False) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv23, False) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLSv1, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv2, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, False) + + def test_protocol_tlsv1(self): + """Connecting to a TLSv1 server with various client options""" +@@ -891,7 +891,7 @@ else: + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False) +- try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False) ++ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv23, False) + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv23, False) + + def test_starttls(self): +--- python-gevent-1.0.1.orig/greentest/2.7/test_ssl.py ++++ python-gevent-1.0.1/greentest/2.7/test_ssl.py +@@ -993,7 +993,7 @@ else: + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv2, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, True) +- try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv23, False) + try_protocol_combo(ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_TLSv1, False) + + @skip_if_broken_ubuntu_ssl +@@ -1001,15 +1001,15 @@ else: + """Connecting to an SSLv23 server with various client options""" + if test_support.verbose: + sys.stdout.write("\n") +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True) + +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_OPTIONAL) + +- try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) + try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED) + +@@ -1018,12 +1018,12 @@ else: + """Connecting to an SSLv3 server with various client options""" + if test_support.verbose: + sys.stdout.write("\n") +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_OPTIONAL) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv3, True, ssl.CERT_REQUIRED) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_OPTIONAL) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv23, True, ssl.CERT_REQUIRED) + if hasattr(ssl, 'PROTOCOL_SSLv2'): +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv2, False) +- try_protocol_combo(ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_TLSv1, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_SSLv2, False) ++ try_protocol_combo(ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1, False) + + @skip_if_broken_ubuntu_ssl + def test_protocol_tlsv1(self): +@@ -1035,7 +1035,7 @@ else: + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_TLSv1, True, ssl.CERT_REQUIRED) + if hasattr(ssl, 'PROTOCOL_SSLv2'): + try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, False) +- try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv3, False) ++ try_protocol_combo(ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv23, False) + + def test_starttls(self): + """Switching from clear text to encrypted and back again.""" diff -Nru python-gevent-1.0.1/debian/patches/series python-gevent-1.0.1/debian/patches/series --- python-gevent-1.0.1/debian/patches/series 2014-10-08 16:29:43.000000000 +0000 +++ python-gevent-1.0.1/debian/patches/series 2014-12-13 01:30:36.000000000 +0000 @@ -3,3 +3,6 @@ use-local-intersphinx-inventory.patch #fix-gcc-ftbfs.diff sslwrap.py +#remove.patch +#remove2.patch +nossl3.patchAttachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---
--- Begin Message ---
- To: László Böszörményi <gcs@debian.org>, 773093-done@bugs.debian.org
- Subject: Re: Bug#773093: unblock: python-gevent/1.0.1-2
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sun, 14 Dec 2014 16:17:29 +0000
- Message-id: <1418573849.30230.4.camel@adam-barratt.org.uk>
- In-reply-to: <[🔎] CAKjSHr1x0qoXwFf6RRhz0Mwp-9B8DmVhLVigFgt4d5dAXp1VqQ@mail.gmail.com>
- References: <[🔎] 1418545461.19738.6.camel@debian.org> <[🔎] 1418555089.21268.3.camel@adam-barratt.org.uk> <[🔎] CAKjSHr1e_7mYQ3bNWwfMGxhN16k427E9TzKu_CwAYb-scXfT6Q@mail.gmail.com> <[🔎] CAKjSHr1x0qoXwFf6RRhz0Mwp-9B8DmVhLVigFgt4d5dAXp1VqQ@mail.gmail.com>
On Sun, 2014-12-14 at 13:02 +0100, László Böszörményi wrote: > On Sun, Dec 14, 2014 at 12:58 PM, László Böszörményi (GCS) > <gcs@debian.org> wrote: > > The "patches" remove and remove2 were for some local testing for > > myself. Those were removed as patches and _not_ present in any > > uploaded versions. > Shame on me. I left those in as well. :( Please ignore them, those > should not be part of the package. Unblocked, thanks. Regards, Adam
--- End Message ---