Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Tree: 898f7adcb1
Branches Tags
buildroot
/
package
/
ca-certificates
/
0002-mozilla-certdata2pem.py-Fix-compat-with-cryptography.patch

0002-mozilla-certdata2pem.py-Fix-compat-with-cryptography.patch 1.1 KB
History Raw

1234567891011121314151617181920212223242526272829 
  1. From 5e493ca307a031e81528ceddb96f3da40bc062cf Mon Sep 17 00:00:00 2001
    2. 

  2. From: Wataru Ashihara <wsh@iij.ad.jp>
    3. 

  3. Date: Wed, 2 Nov 2022 12:40:05 -0400
    4. 

  4. Subject: [PATCH] mozilla/certdata2pem.py: Fix compat with cryptography > 3.0
    5. 

  5. 

  6. In newer cryptography packages, load_der_x509_certificate is enforced to be 'bytes' rather than currently used 'bytearray'.  This fixes that.
    7. 

  7. 

  8. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008244
    9. 

  9. Signed-off-by: Justin Wood <jwood@starry.com>
    10. 

  10. ---
    11. 

  11.  mozilla/certdata2pem.py | 2 +-
    12. 

  12.  1 file changed, 1 insertion(+), 1 deletion(-)
    13. 

  13. 

  14. diff --git a/mozilla/certdata2pem.py b/mozilla/certdata2pem.py
    15. 

  15. index a6261f8..c0fa52c 100644
    16. 

  16. --- a/mozilla/certdata2pem.py
    17. 

  17. +++ b/mozilla/certdata2pem.py
    18. 

  18. @@ -122,7 +122,7 @@ for obj in objects:
    19. 

  19.          try:
    20. 

  20.              from cryptography import x509
    21. 

  21.  
    22. 

  22. -            cert = x509.load_der_x509_certificate(obj['CKA_VALUE'])
    23. 

  23. +            cert = x509.load_der_x509_certificate(bytes(obj['CKA_VALUE']))
    24. 

  24.              if cert.not_valid_after < datetime.datetime.now():
    25. 

  25.                  print('!'*74)
    26. 

  26.                  print('Trusted but expired certificate found: %s' % obj['CKA_LABEL'])
    27. 

  27. -- 
    28. 

  28. 2.38.1
    29. 

  29.