diff options
Diffstat (limited to 'app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch')
-rw-r--r-- | app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch b/app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch deleted file mode 100644 index ecaf4830eb24..000000000000 --- a/app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch +++ /dev/null @@ -1,36 +0,0 @@ -https://github.com/certbot/certbot/issues/9967 -https://bugs.gentoo.org/937889 ---- a/certbot/ocsp.py -+++ b/certbot/ocsp.py -@@ -4,6 +4,7 @@ from datetime import timedelta - import logging - import re - import subprocess -+import warnings - from subprocess import PIPE - from typing import Optional - from typing import Tuple -@@ -235,12 +236,17 @@ def _check_ocsp_response(response_ocsp: 'ocsp.OCSPResponse', request_ocsp: 'ocsp - # https://github.com/openssl/openssl/blob/ef45aa14c5af024fcb8bef1c9007f3d1c115bd85/crypto/ocsp/ocsp_cl.c#L338-L391 - # thisUpdate/nextUpdate are expressed in UTC/GMT time zone - now = datetime.now(pytz.UTC).replace(tzinfo=None) -- if not response_ocsp.this_update: -- raise AssertionError('param thisUpdate is not set.') -- if response_ocsp.this_update > now + timedelta(minutes=5): -- raise AssertionError('param thisUpdate is in the future.') -- if response_ocsp.next_update and response_ocsp.next_update < now - timedelta(minutes=5): -- raise AssertionError('param nextUpdate is in the past.') -+ with warnings.catch_warnings(): -+ # Workaround for deprecation warnings w/ newer cryptography -+ # https://github.com/certbot/certbot/issues/9967 (bug #937889) -+ warnings.filterwarnings("ignore", category=CryptographyDeprecationWarning) -+ -+ if not response_ocsp.this_update: -+ raise AssertionError('param thisUpdate is not set.') -+ if response_ocsp.this_update > now + timedelta(minutes=5): -+ raise AssertionError('param thisUpdate is in the future.') -+ if response_ocsp.next_update and response_ocsp.next_update < now - timedelta(minutes=5): -+ raise AssertionError('param nextUpdate is in the past.') - - - def _check_ocsp_response_signature(response_ocsp: 'ocsp.OCSPResponse', |