diff --git a/nixos/openssl-111k.nix b/nixos/openssl-111k.nix
index cc4b98e4d3bad20477fba3127ff5f6f593458385..4bc5934fdc1c4270eb6bed0329bd29ec2d43121e 100644
--- a/nixos/openssl-111k.nix
+++ b/nixos/openssl-111k.nix
@@ -12,7 +12,14 @@ self: super: rec {
python2 = super.python2.override (old: {
packageOverrides = python-self: python-super: {
- pyopenssl = python-super.callPackage ./pkgs/pyopenssl.nix { };
+ pyopenssl = python-super.pyopenssl.overridePythonAttrs (old: {
+ version = "20.0.1";
+ src = python-super.fetchPypi {
+ pname = "pyOpenSSL";
+ version = "20.0.1";
+ sha256 = "0labcbh2g0jhgisd79wx9kixmi6fip28096d1xb05fj3jmsiq8sc";
+ };
+ });
cryptography = python-super.cryptography.overridePythonAttrs (old: {
version = "3.2.1";
src = python-super.fetchPypi {
@@ -35,7 +42,14 @@ self: super: rec {
python3 = super.python3.override (old: {
packageOverrides = python-self: python-super: {
- pyopenssl = python-super.callPackage ./pkgs/pyopenssl.nix { };
+ pyopenssl = python-super.pyopenssl.overridePythonAttrs (old: {
+ version = "20.0.1";
+ src = python-super.fetchPypi {
+ pname = "pyOpenSSL";
+ version = "20.0.1";
+ sha256 = "0labcbh2g0jhgisd79wx9kixmi6fip28096d1xb05fj3jmsiq8sc";
+ };
+ });
cryptography = python-super.cryptography.overridePythonAttrs (old: {
version = "3.2.1";
src = python-super.fetchPypi {
diff --git a/nixos/pkgs/pyopenssl.nix b/nixos/pkgs/pyopenssl.nix
deleted file mode 100644
index db8dd0c025ac0a75186d9148e088bbcf8c20119b..0000000000000000000000000000000000000000
--- a/nixos/pkgs/pyopenssl.nix
+++ /dev/null
@@ -1,90 +0,0 @@
-{ stdenv
-, buildPythonPackage
-, fetchPypi
-, openssl
-, cryptography
-, pyasn1
-, idna
-, pytest
-, pretend
-, flaky
-, glibcLocales
-}:
-
-with stdenv.lib;
-
-
-let
- # https://github.com/pyca/pyopenssl/issues/791
- # These tests, we disable in the case that libressl is passed in as openssl.
- failingLibresslTests = [
- "test_op_no_compression"
- "test_npn_advertise_error"
- "test_npn_select_error"
- "test_npn_client_fail"
- "test_npn_success"
- "test_use_certificate_chain_file_unicode"
- "test_use_certificate_chain_file_bytes"
- "test_add_extra_chain_cert"
- "test_set_session_id_fail"
- "test_verify_with_revoked"
- "test_set_notAfter"
- "test_set_notBefore"
- ];
-
- # these tests are extremely tightly wed to the exact output of the openssl cli tool,
- # including exact punctuation.
- failingOpenSSL_1_1Tests = [
- "test_dump_certificate"
- "test_dump_privatekey_text"
- "test_dump_certificate_request"
- "test_export_text"
- ];
-
- disabledTests = [
- # https://github.com/pyca/pyopenssl/issues/692
- # These tests, we disable always.
- "test_set_default_verify_paths"
- "test_fallback_default_verify_paths"
- # https://github.com/pyca/pyopenssl/issues/768
- "test_wantWriteError"
- ] ++ (
- optionals (hasPrefix "libressl" openssl.meta.name) failingLibresslTests
- ) ++ (
- optionals (versionAtLeast (getVersion openssl.name) "1.1") failingOpenSSL_1_1Tests
- );
-
- # Compose the final string expression, including the "-k" and the single quotes.
- testExpression = optionalString (disabledTests != [])
- "-k 'not ${concatStringsSep " and not " disabledTests}'";
-
-in
-
-
-buildPythonPackage rec {
- pname = "pyOpenSSL";
- version = "20.0.1";
-
- src = fetchPypi {
- inherit pname version;
- sha256 = "0labcbh2g0jhgisd79wx9kixmi6fip28096d1xb05fj3jmsiq8sc";
- };
-
- outputs = [ "out" "dev" ];
-
- checkPhase = ''
- runHook preCheck
- export LANG="en_US.UTF-8"
- py.test tests ${testExpression}
- runHook postCheck
- '';
-
- # Seems to fail unpredictably on Darwin. See http://hydra.nixos.org/build/49877419/nixlog/1
- # for one example, but I've also seen ContextTests.test_set_verify_callback_exception fail.
- doCheck = !stdenv.isDarwin;
-
- nativeBuildInputs = [ openssl ];
- propagatedBuildInputs = [ cryptography pyasn1 idna ];
-
- checkInputs = [ pytest pretend flaky glibcLocales ];
-}