[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-09-27 Thread Roundup Robot 

Roundup Robot added the comment:

New changeset 38a5b0f6531b by Benjamin Peterson in branch '3.5':
detect alpn by feature flag not openssl version (closes #23329)
https://hg.python.org/cpython/rev/38a5b0f6531b

New changeset 747996431c7e by Benjamin Peterson in branch 'default':
merge 3.5 (#23329)
https://hg.python.org/cpython/rev/747996431c7e

--
resolution:  -> fixed
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-09-26 Thread Remi Pointel 

Remi Pointel added the comment:

Good, I think we should test on a machine with a version of openssl that does 
not support ALPN to be sure.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-09-25 Thread Martin Panter 

Martin Panter added the comment:

I just tested your patch on Arch Linux with the default 3.6 Python branch. The 
test suite passed happily and all seems to be well:

Python 3.6.0a0 (python_have_alpn.diff qbase qtip tip:eb8ee60ace13, Sep 25 2015, 
22:53:15) 
[GCC 5.1.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import ssl
>>> ssl.HAS_ALPN
True
>>> ssl.OPENSSL_VERSION
'OpenSSL 1.0.2d 9 Jul 2015'

--
nosy: +martin.panter

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-09-23 Thread STINNER Victor 

Changes by STINNER Victor :


--
resolution: fixed -> 
status: closed -> open

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-09-23 Thread Remi Pointel 

Remi Pointel added the comment:

With this patch it works fine on OpenBSD with LibreSSL.
Could you test on a Linux machine with OpenSSL supporting ALPN please?

Thanks spil@ for the idea.

--
keywords: +patch
Added file: http://bugs.python.org/file40556/python_have_alpn.diff

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-09-23 Thread Bernard Spil 

Bernard Spil added the comment:

Checking if the method is actually defined is the smart way to go

>From include/openssl/tls1.h
# define TLSEXT_TYPE_application_layer_protocol_negotiation

So #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
would show you if the feature is available regardless of the implementation 
(Open|Boring|Libre)SSL

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-09-22 Thread Remi Pointel 

Remi Pointel added the comment:

Maybe we could check if the functionality is available instead of checking a 
version? What do you think about that?

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-09-22 Thread Bernard Spil 

Bernard Spil added the comment:

ALPN was removed originally but added again later
http://marc.info/?l=openbsd-announce&m=142193407304782

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-01-27 Thread Benjamin Peterson 

Benjamin Peterson added the comment:

(Thanks for pointing out the problem and the fix.)

--
nosy: +benjamin.peterson

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-01-27 Thread STINNER Victor 

STINNER Victor added the comment:

Cool, the issue looks like the issue has been fixed: the _ssl module can be 
build again.
http://buildbot.python.org/all/builders/x86%20OpenBSD%205.5%203.x/builds/1334/steps/compile/logs/stdio

Thanks for the quick fix.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-01-27 Thread Roundup Robot 

Roundup Robot added the comment:

New changeset 53e94a687570 by Benjamin Peterson in branch 'default':
disable ALPN on LibreSSL, which has a large version number, but not ALPN 
support (closes #23329)
https://hg.python.org/cpython/rev/53e94a687570

New changeset f7fd2776e80d by Benjamin Peterson in branch '2.7':
disable ALPN on LibreSSL, which has a large version number, but not ALPN 
support (closes #23329)
https://hg.python.org/cpython/rev/f7fd2776e80d

--
nosy: +python-dev
resolution:  -> fixed
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-01-27 Thread Arfrever Frehtes Taifersar Arahesis 

Changes by Arfrever Frehtes Taifersar Arahesis :


--
nosy: +Arfrever

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue23329] _ssl cannot be compiled with LibreSSL anymore (on OpenBSD 5.5) because of ALPN

2015-01-27 Thread STINNER Victor 

New submission from STINNER Victor:

Recently, the issue #20188 "ALPN support for TLS" was fixed. The problem is 
that the check for the ALPN feature doesn't work with LibreSSL:

/* ALPN added in OpenSSL 1.0.2 */
#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT)
# define HAVE_ALPN
#endif

On the buildbot OpenBSD 5.5 with LibreSSL, OPENSSL_VERSION_NUMBER is 2.x 
instead of 1.0.x. See also the issue #23177.

A workaround would be to disable the feature if LIBRESSL_VERSION_NUMBER is 
defined.

http://buildbot.python.org/all/builders/x86%20OpenBSD%205.5%203.x/builds/1333/steps/test/logs/stdio

 using PTY: False
running build
running build_ext
ldd: /usr/lib/libreadline.a: not an ELF executable
INFO: Can't locate Tcl/Tk libs and/or headers
building '_ssl' extension
gcc -pthread -fPIC -fno-strict-aliasing -Wsign-compare -g -O0 -Wall 
-Wstrict-prototypes -Werror=declaration-after-statement -I./Include -I. 
-IInclude -I/usr/local/include 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Include 
-I/home/python-builds/3.x.borja-openbsd-x86/build -c 
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ssl.c -o 
build/temp.openbsd-5.6-i386-3.5-pydebug/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ssl.o
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ssl.c: In function 
'PySSL_selected_alpn_protocol':
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ssl.c:1481: warning: 
implicit declaration of function 'SSL_get0_alpn_selected'
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ssl.c: In function 
'_set_alpn_protocols':
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ssl.c:2404: warning: 
implicit declaration of function 'SSL_CTX_set_alpn_protos'
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ssl.c:2406: warning: 
implicit declaration of function 'SSL_CTX_set_alpn_select_cb'
gcc -pthread -shared -fPIC 
build/temp.openbsd-5.6-i386-3.5-pydebug/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ssl.o
 -L/usr/local/lib -lssl -lcrypto -o 
build/lib.openbsd-5.6-i386-3.5-pydebug/_ssl.so
building '_ctypes' extension
gcc -pthread -fPIC -fno-strict-aliasing -Wsign-compare -g -O0 -Wall 
-Wstrict-prototypes -Werror=declaration-after-statement 
-Ibuild/temp.openbsd-5.6-i386-3.5-pydebug/libffi/include 
-Ibuild/temp.openbsd-5.6-i386-3.5-pydebug/libffi 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/libffi/src 
-I./Include -I. -IInclude -I/usr/local/include 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Include 
-I/home/python-builds/3.x.borja-openbsd-x86/build -c 
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/_ctypes.c -o 
build/temp.openbsd-5.6-i386-3.5-pydebug/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/_ctypes.o
 -Wall -fexceptions
gcc -pthread -fPIC -fno-strict-aliasing -Wsign-compare -g -O0 -Wall 
-Wstrict-prototypes -Werror=declaration-after-statement 
-Ibuild/temp.openbsd-5.6-i386-3.5-pydebug/libffi/include 
-Ibuild/temp.openbsd-5.6-i386-3.5-pydebug/libffi 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/libffi/src 
-I./Include -I. -IInclude -I/usr/local/include 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Include 
-I/home/python-builds/3.x.borja-openbsd-x86/build -c 
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/callbacks.c -o 
build/temp.openbsd-5.6-i386-3.5-pydebug/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/callbacks.o
 -Wall -fexceptions
gcc -pthread -fPIC -fno-strict-aliasing -Wsign-compare -g -O0 -Wall 
-Wstrict-prototypes -Werror=declaration-after-statement 
-Ibuild/temp.openbsd-5.6-i386-3.5-pydebug/libffi/include 
-Ibuild/temp.openbsd-5.6-i386-3.5-pydebug/libffi 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/libffi/src 
-I./Include -I. -IInclude -I/usr/local/include 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Include 
-I/home/python-builds/3.x.borja-openbsd-x86/build -c 
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/callproc.c -o 
build/temp.openbsd-5.6-i386-3.5-pydebug/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/callproc.o
 -Wall -fexceptions
gcc -pthread -fPIC -fno-strict-aliasing -Wsign-compare -g -O0 -Wall 
-Wstrict-prototypes -Werror=declaration-after-statement 
-Ibuild/temp.openbsd-5.6-i386-3.5-pydebug/libffi/include 
-Ibuild/temp.openbsd-5.6-i386-3.5-pydebug/libffi 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/libffi/src 
-I./Include -I. -IInclude -I/usr/local/include 
-I/home/python-builds/3.x.borja-openbsd-x86/build/Include 
-I/home/python-builds/3.x.borja-openbsd-x86/build -c 
/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/stgdict.c -o 
build/temp.openbsd-5.6-i386-3.5-pydebug/home/python-builds/3.x.borja-openbsd-x86/build/Modules/_ctypes/stgdict.o
 -Wall -fexceptions
gcc -pthread -fPIC -fno-strict-aliasing -Wsign-compare -g -O0 -Wall 
-Wstrict-prototypes -Werror=declaration-after-statement 
-Ibuild/temp.