Skip to content

Fixes to run python with --enable-all #9831

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
julek-wolfssl wants to merge 1 commit into
base: master
Choose a base branch
from
+349 −111
Open

Fixes to run python with --enable-all #9831

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
156 changes: 156 additions & 0 deletions .github/workflows/python.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,156 @@
name: Python Tests

# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION

jobs:
build_wolfssl:
name: Build wolfSSL
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-24.04
timeout-minutes: 10
steps:
- name: Build wolfSSL
uses: wolfSSL/actions-build-autotools-project@v1
with:
path: wolfssl
configure: >-
--enable-all --enable-tlsv10
'CPPFLAGS=-DHAVE_SECRET_CALLBACK -DWOLFSSL_PYTHON'
check: false
install: true

- name: tar build-dir
run: tar -zcf build-dir.tgz build-dir

- name: Upload built lib
uses: actions/upload-artifact@v4
with:
name: wolf-install-python
path: build-dir.tgz
retention-days: 5

python_check:
strategy:
fail-fast: false
matrix:
include:
- python_ver: 3.12.11
tests: >-
test_ssl
test.test_asyncio.test_ssl
test.test_asyncio.test_sslproto
test_hashlib
test_hmac
test_secrets
test_ftplib
test_imaplib
test_poplib
test_smtplib
test_httplib
test_urllib2_localnet
test_xmlrpc
test_docxmlrpc
- python_ver: 3.13.4
tests: >-
test_ssl
test.test_asyncio.test_ssl
test.test_asyncio.test_sslproto
test_hashlib
test_hmac
test_secrets
test_ftplib
test_imaplib
test_poplib
test_smtplib
test_httplib
test_urllib2_localnet
test_xmlrpc
test_docxmlrpc
- python_ver: 3.13.7
tests: >-
test_ssl
test.test_asyncio.test_ssl
test.test_asyncio.test_sslproto
test_hashlib
test_hmac
test_secrets
test_ftplib
test_imaplib
test_poplib
test_smtplib
test_httplib
test_urllib2_localnet
test_xmlrpc
test_docxmlrpc
name: Python ${{ matrix.python_ver }}
if: github.repository_owner == 'wolfssl'
runs-on: ubuntu-24.04
timeout-minutes: 60
needs: build_wolfssl
steps:
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y \
build-essential autoconf automake autoconf-archive pkgconf \
libffi-dev libbz2-dev libreadline-dev libsqlite3-dev \
zlib1g-dev libncursesw5-dev libgdbm-dev libnss3-dev \
liblzma-dev uuid-dev pkg-config

- name: Download wolfSSL
uses: actions/download-artifact@v4
with:
name: wolf-install-python

- name: Untar wolfSSL build
run: tar -xf build-dir.tgz

- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp

- name: Checkout CPython
uses: actions/checkout@v4
with:
repository: python/cpython
ref: v${{ matrix.python_ver }}
path: cpython

- name: Apply wolfSSL patch
working-directory: cpython
run: patch -p1 < $GITHUB_WORKSPACE/osp/Python/wolfssl-python-${{ matrix.python_ver }}.patch

- name: Build CPython and run SSL and crypto tests
working-directory: cpython
run: |
export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
rm aclocal.m4
autoreconf -if
./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir
make -j test TESTOPTS="-v \
test_ssl \
test.test_asyncio.test_ssl \
test.test_asyncio.test_sslproto \
test_hashlib \
test_hmac \
test_secrets \
test_ftplib \
test_imaplib \
test_poplib \
test_smtplib \
test_httplib \
test_urllib2_localnet \
test_xmlrpc \
test_docxmlrpc"
5 changes: 5 additions & 0 deletions src/internal.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26285,6 +26285,11 @@ int SendData(WOLFSSL* ssl, const void* data, size_t sz)
if (sent == (word32)sz) break;

buffSz = (word32)sz - sent;
{
int maxFrag = wolfSSL_GetMaxFragSize(ssl);
if (maxFrag > 0 && (int)buffSz > maxFrag)
buffSz = (word32)maxFrag;
}
outputSz = wolfssl_local_GetRecordSize(ssl, (word32)buffSz, 1);
#if defined(WOLFSSL_DTLS)
if (ssl->options.dtls) {
Expand Down
17 changes: 5 additions & 12 deletions src/ocsp.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1995,18 +1995,11 @@ int wolfSSL_OCSP_id_get0_info(WOLFSSL_ASN1_STRING **name,
ser->dataMax = WOLFSSL_ASN1_INTEGER_MAX;
}

#if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY)
/* Serial number starts at 0 index of ser->data */
XMEMCPY(&ser->data[i], cid->status->serial,
(size_t)cid->status->serialSz);
ser->length = cid->status->serialSz;
#else
ser->data[i++] = ASN_INTEGER;
i += SetLength(cid->status->serialSz, ser->data + i);
XMEMCPY(&ser->data[i], cid->status->serial,
(size_t)cid->status->serialSz);
ser->length = i + cid->status->serialSz;
#endif
ser->data[i++] = ASN_INTEGER;
i += SetLength(cid->status->serialSz, ser->data + i);
XMEMCPY(&ser->data[i], cid->status->serial,
(size_t)cid->status->serialSz);
ser->length = i + cid->status->serialSz;

cid->status->serialInt = ser;
*serial = ser;
Expand Down
69 changes: 29 additions & 40 deletions src/ssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10450,8 +10450,7 @@ const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher)
return NULL;
}

#if !defined(WOLFSSL_CIPHER_INTERNALNAME) && !defined(NO_ERROR_STRINGS) && \
!defined(WOLFSSL_QT)
#if !defined(WOLFSSL_CIPHER_INTERNALNAME) && !defined(NO_ERROR_STRINGS)
return GetCipherNameIana(cipher->cipherSuite0, cipher->cipherSuite);
#else
return wolfSSL_get_cipher_name_from_suite(cipher->cipherSuite0,
Expand Down Expand Up @@ -14021,12 +14020,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
}
if (i == (int)WOLFSSL_OBJECT_INFO_SZ) {
WOLFSSL_MSG("NID not in table");
#ifdef WOLFSSL_QT
sName = NULL;
type = (word32)id;
#else
return NULL;
#endif
}

#ifdef HAVE_ECC
Expand Down Expand Up @@ -16016,9 +16010,8 @@ static WC_INLINE int sslCipherMinMaxCheck(const WOLFSSL *ssl, byte suite0,
*/
WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl)
{
WOLF_STACK_OF(WOLFSSL_CIPHER)* ret = NULL;
const Suites* suites;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if defined(OPENSSL_ALL)
const CipherSuiteInfo* cipher_names = GetCipherNames();
int cipherSz = GetCipherNamesSize();
#endif
Expand All @@ -16034,15 +16027,20 @@ WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl)
/* check if stack needs populated */
if (ssl->suitesStack == NULL) {
int i;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
int j;

((WOLFSSL*)ssl)->suitesStack =
wolfssl_sk_new_type_ex(STACK_TYPE_CIPHER, ssl->heap);
if (ssl->suitesStack == NULL)
return NULL;

/* higher priority of cipher suite will be on top of stack */
for (i = suites->suiteSz - 2; i >=0; i-=2) {
#if defined(OPENSSL_ALL)
for (i = suites->suiteSz - 2; i >=0; i-=2)
#else
for (i = 0; i < suites->suiteSz; i+=2) {
for (i = 0; i < suites->suiteSz; i+=2)
#endif
WOLFSSL_STACK* add;
{
struct WOLFSSL_CIPHER cipher;

/* A couple of suites are placeholders for special options,
* skip those. */
Expand All @@ -16052,39 +16050,30 @@ WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl)
continue;
}

add = wolfSSL_sk_new_node(ssl->heap);
if (add != NULL) {
add->type = STACK_TYPE_CIPHER;
add->data.cipher.cipherSuite0 = suites->suites[i];
add->data.cipher.cipherSuite = suites->suites[i+1];
add->data.cipher.ssl = ssl;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
XMEMSET(&cipher, 0, sizeof(cipher));
cipher.cipherSuite0 = suites->suites[i];
cipher.cipherSuite = suites->suites[i+1];
cipher.ssl = ssl;
#if defined(OPENSSL_ALL)
cipher.in_stack = 1;
{
int j;
for (j = 0; j < cipherSz; j++) {
if (cipher_names[j].cipherSuite0 ==
add->data.cipher.cipherSuite0 &&
cipher_names[j].cipherSuite ==
add->data.cipher.cipherSuite) {
add->data.cipher.offset = (unsigned long)j;
if (cipher_names[j].cipherSuite0 == cipher.cipherSuite0 &&
cipher_names[j].cipherSuite == cipher.cipherSuite) {
cipher.offset = (unsigned long)j;
break;
}
}
}
#endif
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
/* in_stack is checked in wolfSSL_CIPHER_description */
add->data.cipher.in_stack = 1;
#endif

add->next = ret;
if (ret != NULL) {
add->num = ret->num + 1;
}
else {
add->num = 1;
}
ret = add;
if (wolfSSL_sk_insert(ssl->suitesStack, &cipher, 0) <= 0) {
WOLFSSL_MSG("Error inserting cipher onto stack");
wolfSSL_sk_CIPHER_free(ssl->suitesStack);
((WOLFSSL*)ssl)->suitesStack = NULL;
break;
}
}
((WOLFSSL*)ssl)->suitesStack = ret;
}
return ssl->suitesStack;
}
Expand Down
Loading
Loading