Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

move our cryptography backend import #552

Merged
merged 1 commit into from
Oct 6, 2016
Merged

move our cryptography backend import #552

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion src/OpenSSL/crypto.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@
text_type as _text_type,
PY3 as _PY3)

from cryptography.hazmat.backends.openssl.backend import backend
from cryptography.hazmat.primitives.asymmetric import dsa, rsa

from OpenSSL._util import (
Expand Down Expand Up @@ -44,6 +43,18 @@ class Error(Exception):
_openssl_assert = _make_assert(Error)


def _get_backend():
"""
Importing the backend from cryptography has the side effect of activating
the osrandom engine. This mutates the global state of OpenSSL in the
process and causes issues for various programs that use subinterpreters or
embed Python. By putting the import in this function we can avoid
triggering this side effect unless _get_backend is called.
"""
from cryptography.hazmat.backends.openssl.backend import backend
return backend


def _untested_error(where):
"""
An OpenSSL API failed somehow. Additionally, the failure which was
Expand Down Expand Up @@ -181,6 +192,7 @@ def to_cryptography_key(self):

.. versionadded:: 16.1.0
"""
backend = _get_backend()
if self._only_public:
return backend._evp_pkey_to_public_key(self._pkey)
else:
Expand Down