This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

classification
Title: Refactor LibreSSL / EGD detection
Type: enhancement Stage: resolved
Components: Library (Lib) Versions: Python 3.6, Python 3.5, Python 2.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: Alex.Willmer, barry, dstufft, eric.araujo, ezio.melotti, koobs, ned.deily, python-dev, r.david.murray, ronaldoussoren, spil, steve.dower, tim.golden, vstinner, willingc, yselivanov
Priority: normal Keywords: easy, needs review

Created on 2015-07-03 12:32 by spil, last changed 2022-04-11 14:58 by admin. This issue is now closed.

Files
File name Uploaded Description Edit
patch-RAND_egd spil, 2015-07-03 12:36 Patch for configure.ac and Modules/_ssl.c
Messages (7)
msg246169 - (view) Author: Bernard Spil (spil) * Date: 2015-07-03 12:32
LibreSSL added a define OPENSSL_NO_EGD to their headers in version 2.2.0 in line with the defines of the other removed features.

These patches remove detection of RAND_egd from configure and replace the detection in the source code.
msg263146 - (view) Author: Bernard Spil (spil) * Date: 2016-04-10 19:04
This is now also required for the upcoming OpenSSL 1.1.0 which also removed EGD by default
msg269848 - (view) Author: Bernard Spil (spil) * Date: 2016-07-05 20:08
It's been a year since this was created. Can we move this forward?

For the OpenSSL 1.1 changes, see
https://github.com/openssl/openssl/blob/master/Configure#L363
(egd is disabled in the default configuration)

and
https://github.com/openssl/openssl/blob/master/include/openssl/rand.h#L61
When OPENSSL_NO_EGD is defined, the EGD related methods are rempved.

This is still causing build problems on some isntallations, seems there can be diffences in detection between configure and build phase.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205960#
msg269853 - (view) Author: Brett Cannon (brett.cannon) * (Python committer) Date: 2016-07-05 21:05
You could try bringing this up on the security-sig to see if there is enough interest: https://mail.python.org/mailman/listinfo/security-sig
msg269867 - (view) Author: Larry Hastings (larry) * (Python committer) Date: 2016-07-06 03:10
At this point you're not adding this to 3.5.
msg269923 - (view) Author: Roundup Robot (python-dev) (Python triager) Date: 2016-07-07 07:03
New changeset 7c0432cf1f2e by Benjamin Peterson in branch '3.5':
assume egd unless OPENSSL_NO_EGD is defined—remove configure check (closes #24557)
https://hg.python.org/cpython/rev/7c0432cf1f2e

New changeset fe168c2b5e95 by Benjamin Peterson in branch 'default':
merge 3.5 (#24557)
https://hg.python.org/cpython/rev/fe168c2b5e95

New changeset 676486e1a94f by Benjamin Peterson in branch '2.7':
assume egd unless OPENSSL_NO_EGD is defined—remove configure check (closes #24557)
https://hg.python.org/cpython/rev/676486e1a94f
msg269924 - (view) Author: Kubilay Kocak (koobs) (Python triager) Date: 2016-07-07 07:06
Thank you Benjamin :)
History
Date User Action Args
2022-04-11 14:58:18adminsetgithub: 68745
2016-07-07 07:06:44koobssetmessages: + msg269924
versions: + Python 3.5
2016-07-07 07:03:02python-devsetstatus: open -> closed

nosy: + python-dev
messages: + msg269923

resolution: fixed
stage: patch review -> resolved
2016-07-06 03:11:39larrysetnosy: - larry
2016-07-06 03:10:58larrysetnosy: barry, ronaldoussoren, vstinner, larry, tim.golden, ned.deily, ezio.melotti, eric.araujo, r.david.murray, yselivanov, koobs, steve.dower, dstufft, willingc, Alex.Willmer, spil
messages: + msg269867
versions: - Python 3.5
2016-07-05 21:10:43pitrousetnosy: - pitrou
2016-07-05 21:05:43brett.cannonsetnosy: - brett.cannon
2016-07-05 21:05:31brett.cannonsetnosy: barry, brett.cannon, ronaldoussoren, pitrou, vstinner, larry, tim.golden, ned.deily, ezio.melotti, eric.araujo, r.david.murray, yselivanov, koobs, steve.dower, dstufft, willingc, Alex.Willmer, spil
messages: + msg269853
2016-07-05 20:08:07spilsetmessages: + msg269848
2016-04-12 21:49:13paul.mooresetnosy: - paul.moore
2016-04-12 20:22:14gvanrossumsetnosy: - gvanrossum
2016-04-12 20:16:49mrabarnettsetnosy: - mrabarnett
2016-04-12 18:52:44zach.waresethgrepos: - hgrepo337
2016-04-12 18:52:33zach.waresetassignee: docs@python ->

nosy: - docs@python, zach.ware, supriyanto maftuh, supriyantomaftuh
versions: + Python 2.7
2016-04-12 16:26:05SilentGhostsetmessages: - msg263251
2016-04-12 16:23:45berker.peksagsetstage: patch review
components: - Build, Demos and Tools, Distutils, Documentation, Extension Modules, IDLE, Installation, Interpreter Core, macOS, Regular Expressions, Tests, Tkinter, Unicode, Windows, XML, 2to3 (2.x to 3.x conversion tool), ctypes, IO, Benchmarks, Devguide, Cross-Build, email, asyncio, Argument Clinic
versions: - Python 2.7, Python 3.2, Python 3.3, Python 3.4
2016-04-12 15:40:56supriyantomaftuhsetassignee: docs@python
components: + Demos and Tools, Distutils, Documentation, Extension Modules, IDLE, Installation, Interpreter Core, macOS, Regular Expressions, Tests, Tkinter, Unicode, Windows, XML, 2to3 (2.x to 3.x conversion tool), ctypes, IO, Benchmarks, Devguide, Cross-Build, email, asyncio, Argument Clinic
versions: + Python 3.2, Python 3.6
nosy: + larry, willingc, paul.moore, tim.golden, dstufft, supriyantomaftuh, eric.araujo, yselivanov, zach.ware, steve.dower, ned.deily, pitrou, barry, Alex.Willmer, brett.cannon, ezio.melotti, gvanrossum, supriyanto maftuh, r.david.murray, docs@python, vstinner, ronaldoussoren, mrabarnett
hgrepos: + hgrepo337

messages: + msg263251
2016-04-10 19:04:59spilsetmessages: + msg263146
2015-07-03 12:41:12koobssetkeywords: + easy, needs review
nosy: + koobs
components: + Build, Library (Lib)
2015-07-03 12:39:30spilsetversions: + Python 3.3, Python 3.4
2015-07-03 12:36:21spilsetfiles: + patch-RAND_egd
2015-07-03 12:32:31spilcreate