pkgs/development/python-modules/pyopenssl/default.nix at domenkozar-patch-1

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
nixpkgs / pkgs / development / python-modules / pyopenssl / default.nix
at domenkozar-patch-1 88 lines 2.5 kB view raw
wrap content
 1{ lib
 2, stdenv
 3, buildPythonPackage
 4, fetchPypi
 5, fetchpatch
 6, openssl
 7, cryptography
 8, pytestCheckHook
 9, pretend
10, flaky
11}:
12
13buildPythonPackage rec {
14  pname = "pyopenssl";
15  version = "22.1.0";
16
17  outputs = [ "out" "dev" ];
18
19  src = fetchPypi {
20    pname = "pyOpenSSL";
21    inherit version;
22    sha256 = "sha256-eoO3snLdWVIi1nL1zimqAw8fuDdjDvIp9i5y45XOiWg=";
23  };
24
25  patches = [
26    (fetchpatch {
27      name = "fix-flaky-darwin-handshake-tests.patch";
28      url = "https://github.com/pyca/pyopenssl/commit/8a75898356806784caf742e8277ef03de830ce11.patch";
29      hash = "sha256-UVsZ8Nq1jUTZhOUAilRgdtqMYp4AN7qvWHqc6RleqRI=";
30    })
31  ];
32
33  postPatch = ''
34    # remove cryptography pin
35    sed "/cryptography/ s/,<[0-9]*//g" setup.py
36  '';
37
38  nativeBuildInputs = [ openssl ];
39  propagatedBuildInputs = [ cryptography ];
40
41  checkInputs = [ pytestCheckHook pretend flaky ];
42
43  preCheck = ''
44    export LANG="en_US.UTF-8"
45  '';
46
47  disabledTests = [
48    # https://github.com/pyca/pyopenssl/issues/692
49    # These tests, we disable always.
50    "test_set_default_verify_paths"
51    "test_fallback_default_verify_paths"
52    # https://github.com/pyca/pyopenssl/issues/768
53    "test_wantWriteError"
54    # https://github.com/pyca/pyopenssl/issues/1043
55    "test_alpn_call_failure"
56  ] ++ lib.optionals (lib.hasPrefix "libressl" openssl.meta.name) [
57    # https://github.com/pyca/pyopenssl/issues/791
58    # These tests, we disable in the case that libressl is passed in as openssl.
59    "test_op_no_compression"
60    "test_npn_advertise_error"
61    "test_npn_select_error"
62    "test_npn_client_fail"
63    "test_npn_success"
64    "test_use_certificate_chain_file_unicode"
65    "test_use_certificate_chain_file_bytes"
66    "test_add_extra_chain_cert"
67    "test_set_session_id_fail"
68    "test_verify_with_revoked"
69    "test_set_notAfter"
70    "test_set_notBefore"
71  ] ++ lib.optionals (lib.versionAtLeast (lib.getVersion openssl.name) "1.1") [
72    # these tests are extremely tightly wed to the exact output of the openssl cli tool, including exact punctuation.
73    "test_dump_certificate"
74    "test_dump_privatekey_text"
75    "test_dump_certificate_request"
76    "test_export_text"
77  ] ++ lib.optionals stdenv.is32bit [
78    # https://github.com/pyca/pyopenssl/issues/974
79    "test_verify_with_time"
80  ];
81
82  meta = with lib; {
83    description = "Python wrapper around the OpenSSL library";
84    homepage = "https://github.com/pyca/pyopenssl";
85    license = licenses.asl20;
86    maintainers = with maintainers; [ SuperSandro2000 ];
87  };
88}