Youtube API in NodeJs, Usage with Example
This library is ES6, promise compatible. Or, in your package.json file, include…
March 03, 2021
In previous posts, we saw how to build FIPS enabled Openssl, and how to Patch and Build Python 3.9.2
In this post, we will put all those steps in a Dockerfile
.
Create a file with name: pythonpatch3.9.2.patch
diff -aur Lib/ssl.py Lib/ssl.py
--- Lib/ssl.py 2020-10-05 15:07:58.000000000 +0000
+++ Lib/ssl.py 2021-03-02 04:23:32.026226000 +0000
@@ -111,6 +111,11 @@
# LibreSSL does not provide RAND_egd
pass
+try:
+ from _ssl import FIPS_mode, FIPS_mode_set
+except ImportError as e:
+ sys.stderr.write('error in importing\n')
+ sys.stderr.write(str(e))
from _ssl import (
HAS_SNI, HAS_ECDH, HAS_NPN, HAS_ALPN, HAS_SSLv2, HAS_SSLv3, HAS_TLSv1,
diff -aur Modules/Setup Modules/Setup
--- Modules/Setup 2020-10-05 15:07:58.000000000 +0000
+++ Modules/Setup 2021-03-02 04:24:28.071717000 +0000
@@ -207,14 +207,14 @@
#_csv _csv.c
# Socket module helper for socket(2)
-#_socket socketmodule.c
+_socket socketmodule.c
# Socket module helper for SSL support; you must comment out the other
# socket line above, and possibly edit the SSL variable:
-#SSL=/usr/local/ssl
-#_ssl _ssl.c \
-# -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
-# -L$(SSL)/lib -lssl -lcrypto
+SSL=/usr/local/ssl
+_ssl _ssl.c \
+ -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
+ -L$(SSL)/lib -lssl -lcrypto
# The crypt module is now disabled by default because it breaks builds
# on many systems (where -lcrypt is needed), e.g. Linux (I believe).
diff -aur Modules/_ssl.c Modules/_ssl.c
--- Modules/_ssl.c 2020-10-05 15:07:58.000000000 +0000
+++ Modules/_ssl.c 2021-03-02 04:25:30.930669000 +0000
@@ -5394,6 +5394,20 @@
return PyLong_FromLong(RAND_status());
}
+static PyObject *
+_ssl_FIPS_mode_impl(PyObject *module) {
+ return PyLong_FromLong(FIPS_mode());
+}
+
+static PyObject *
+_ssl_FIPS_mode_set_impl(PyObject *module, int n) {
+ if (FIPS_mode_set(n) == 0) {
+ _setSSLError(ERR_error_string(ERR_get_error(), NULL) , 0, __FILE__, __LINE__);
+ return NULL;
+ }
+ Py_RETURN_NONE;
+}
+
#ifndef OPENSSL_NO_EGD
/* LCOV_EXCL_START */
/*[clinic input]
@@ -5875,6 +5889,8 @@
_SSL_ENUM_CRLS_METHODDEF
_SSL_TXT2OBJ_METHODDEF
_SSL_NID2OBJ_METHODDEF
+ _SSL_FIPS_MODE_METHODDEF
+ _SSL_FIPS_MODE_SET_METHODDEF
{NULL, NULL} /* Sentinel */
};
diff -aur Modules/clinic/_ssl.c.h Modules/clinic/_ssl.c.h
--- Modules/clinic/_ssl.c.h 2020-10-05 15:07:58.000000000 +0000
+++ Modules/clinic/_ssl.c.h 2021-03-02 04:27:06.120295000 +0000
@@ -1204,6 +1204,45 @@
return _ssl_RAND_status_impl(module);
}
+PyDoc_STRVAR(_ssl_FIPS_mode__doc__,
+"FIPS Mode");
+
+#define _SSL_FIPS_MODE_METHODDEF \
+ {"FIPS_mode", (PyCFunction)_ssl_FIPS_mode, METH_NOARGS, _ssl_FIPS_mode__doc__},
+
+static PyObject *
+_ssl_FIPS_mode_impl(PyObject *module);
+
+static PyObject *
+_ssl_FIPS_mode(PyObject *module, PyObject *Py_UNUSED(ignored))
+{
+ return _ssl_FIPS_mode_impl(module);
+}
+
+PyDoc_STRVAR(_ssl_FIPS_mode_set_doc__,
+"FIPS Mode Set");
+
+#define _SSL_FIPS_MODE_SET_METHODDEF \
+ {"FIPS_mode_set", (PyCFunction)_ssl_FIPS_mode_set, METH_O, _ssl_FIPS_mode_set_doc__},
+
+static PyObject *
+_ssl_FIPS_mode_set_impl(PyObject *module, int n);
+
+static PyObject *
+_ssl_FIPS_mode_set(PyObject *module, PyObject *arg)
+{
+ PyObject *return_value = NULL;
+ int n;
+
+ if (!PyArg_Parse(arg, "i:FIPS_mode_set", &n)) {
+ goto exit;
+ }
+ return_value = _ssl_FIPS_mode_set_impl(module, n);
+
+exit:
+ return return_value;
+}
+
#if !defined(OPENSSL_NO_EGD)
PyDoc_STRVAR(_ssl_RAND_egd__doc__,
FROM centos:7
RUN yum update -y
RUN yum -y install git \
libffi-devel libffi libssh2-devel autoconf automake libtool \
libxml2-devel libxslt-devel libjpeg-devel zlib-devel \
make cmake gcc python-devel python-setuptools wget bzip2-devel
# OpenSSL build steps
ENV OPENSSL_FIPS=1
RUN mkdir -p /usr/local/src/ /python_installation \
&& cd /usr/local/src/ \
&& curl -O https://www.openssl.org/source/openssl-fips-2.0.16.tar.gz \
&& curl -O https://www.openssl.org/source/openssl-1.0.2t.tar.gz \
&& tar -xvf openssl-fips-2.0.16.tar.gz \
&& cd openssl-fips-2.0.16 \
&& ./config \
&& make install \
&& cd ../ \
&& tar -xvf openssl-1.0.2t.tar.gz \
&& cd openssl-1.0.2t \
&& ./config shared fips no-ssl2 no-ssl3 \
&& make depend \
&& make install \
&& cd ../ && rm -rf openssl-fips-2.0.16.tar.gz ./openssl-fips-2.0.16 \
&& echo "/usr/local/ssl/lib" > /etc/ld.so.conf.d/openssl-1.0.2t.conf \
&& ldconfig -v \
&& ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl \
&& openssl version
ADD python_patch_3.9.2.patch /python_installation/
ARG PYENV_VERSION=3.9.2
ENV PYENV_INSTALLER_URL=https://raw.githubusercontent.com/pyenv/pyenv-installer/master/bin/pyenv-installer
ENV PYTHON_CONFIGURE_OPTS="--enable-shared"
RUN umask 022 \
&& curl -s -S -L "$PYENV_INSTALLER_URL" -o /usr/bin/pyenv-installer \
&& chmod 0755 /usr/bin/pyenv-installer \
&& /usr/bin/pyenv-installer \
&& eval "$(pyenv init -)" \
&& pyenv install --patch $PYENV_VERSION < /python_installation/python_patch_3.9.2.patch \
&& pyenv global $PYENV_VERSION \
&& pip install --upgrade pip \
&& pip install wheel \
&& CRYPTOGRAPHY_DONT_BUILD_RUST=1 CFLAGS="-I/usr/local/ssl/include" LDFLAGS="-L/usr/local/ssl/lib" pip wheel --no-binary :all: cryptography==3.0 \
&& CRYPTOGRAPHY_DONT_BUILD_RUST=1 CFLAGS="-I/usr/local/ssl/include" LDFLAGS="-L/usr/local/ssl/lib" pip install cryptography-3.0-cp39-cp39-linux_x86_64.whl
This library is ES6, promise compatible. Or, in your package.json file, include…
Introduction to Problem I have some data related to users. For example: which…
This post is dedicated for cases where we intend to append a variable value in a…
Introduction You already have a content type with one or more fields in it…
Introduction In this tutorial we will see: How to instantiate different classes…
Bootstrap has a simple solution to have sticky blocks in your html. I’ve given a…
Introduction Strapi is a backend system provides basic crud operations with…
Introduction I had to create many repositories in an Github organization. I…
Introduction I was trying to download some youtube videos for my kids. As I have…
Introduction In this post, we will explore some useful command line options for…
Introduction In this post, we will see how we can apply a patch to Python and…
Introduction We will introduce a Package Manager for Windows: . In automations…