pkgs/development/python-modules/pyopenssl/default.nix at 22.05-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / development / python-modules / pyopenssl / default.nix
at 22.05-pre 2.5 kB view raw
 1{ lib
 2, stdenv
 3, buildPythonPackage
 4, fetchPypi
 5, openssl
 6, cryptography
 7, pyasn1
 8, idna
 9, pytest
10, pretend
11, flaky
12, glibcLocales
13, six
14}:
15
16let
17  # https://github.com/pyca/pyopenssl/issues/791
18  # These tests, we disable in the case that libressl is passed in as openssl.
19  failingLibresslTests = [
20    "test_op_no_compression"
21    "test_npn_advertise_error"
22    "test_npn_select_error"
23    "test_npn_client_fail"
24    "test_npn_success"
25    "test_use_certificate_chain_file_unicode"
26    "test_use_certificate_chain_file_bytes"
27    "test_add_extra_chain_cert"
28    "test_set_session_id_fail"
29    "test_verify_with_revoked"
30    "test_set_notAfter"
31    "test_set_notBefore"
32  ];
33
34  # these tests are extremely tightly wed to the exact output of the openssl cli tool,
35  # including exact punctuation.
36  failingOpenSSL_1_1Tests = [
37    "test_dump_certificate"
38    "test_dump_privatekey_text"
39    "test_dump_certificate_request"
40    "test_export_text"
41  ];
42
43  disabledTests = [
44    # https://github.com/pyca/pyopenssl/issues/692
45    # These tests, we disable always.
46    "test_set_default_verify_paths"
47    "test_fallback_default_verify_paths"
48    # https://github.com/pyca/pyopenssl/issues/768
49    "test_wantWriteError"
50  ] ++ (
51    lib.optionals (lib.hasPrefix "libressl" openssl.meta.name) failingLibresslTests
52  ) ++ (
53    lib.optionals (lib.versionAtLeast (lib.getVersion openssl.name) "1.1") failingOpenSSL_1_1Tests
54  ) ++ (
55    # https://github.com/pyca/pyopenssl/issues/974
56    lib.optionals stdenv.is32bit [ "test_verify_with_time" ]
57  );
58
59  # Compose the final string expression, including the "-k" and the single quotes.
60  testExpression = lib.optionalString (disabledTests != [])
61    "-k 'not ${lib.concatStringsSep " and not " disabledTests}'";
62
63in
64
65buildPythonPackage rec {
66  pname = "pyopenssl";
67  version = "20.0.1";
68
69  src = fetchPypi {
70    pname = "pyOpenSSL";
71    inherit version;
72    sha256 = "4c231c759543ba02560fcd2480c48dcec4dae34c9da7d3747c508227e0624b51";
73  };
74
75  outputs = [ "out" "dev" ];
76
77  checkPhase = ''
78    runHook preCheck
79    export LANG="en_US.UTF-8"
80    py.test tests ${testExpression}
81    runHook postCheck
82  '';
83
84  # Seems to fail unpredictably on Darwin. See https://hydra.nixos.org/build/49877419/nixlog/1
85  # for one example, but I've also seen ContextTests.test_set_verify_callback_exception fail.
86  doCheck = !stdenv.isDarwin;
87
88  nativeBuildInputs = [ openssl ];
89  propagatedBuildInputs = [ cryptography pyasn1 idna six ];
90
91  checkInputs = [ pytest pretend flaky glibcLocales ];
92}