diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-02-21 09:52:10 +0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-02-20 20:52:10 -0500 |
| commit | 5cfaa5b79d446e1c63de3948e7558cd00561ea1f (patch) | |
| tree | 75cbee0953f498757b8758f76b439f897c40d9e5 /src/cryptography/hazmat | |
| parent | 20a441870be8dce22cb9cc2046b3c6cb3736e629 (diff) | |
| download | cryptography-5cfaa5b79d446e1c63de3948e7558cd00561ea1f.tar.gz cryptography-5cfaa5b79d446e1c63de3948e7558cd00561ea1f.tar.bz2 cryptography-5cfaa5b79d446e1c63de3948e7558cd00561ea1f.zip | |
encode the package version in the shared object (#4756)
* encode the package version in the shared object
* review feedback
* move into build_ffi so the symbol is in all shared objects
* review feedback
Diffstat (limited to 'src/cryptography/hazmat')
| -rw-r--r-- | src/cryptography/hazmat/bindings/openssl/binding.py | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 0824ea88..1115acbf 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -9,6 +9,7 @@ import threading import types import warnings +import cryptography from cryptography import utils from cryptography.exceptions import InternalError from cryptography.hazmat.bindings._openssl import ffi, lib @@ -164,6 +165,29 @@ def _verify_openssl_version(lib): ) +def _verify_package_version(version): + # Occasionally we run into situations where the version of the Python + # package does not match the version of the shared object that is loaded. + # This may occur in environments where multiple versions of cryptography + # are installed and available in the python path. To avoid errors cropping + # up later this code checks that the currently imported package and the + # shared object that were loaded have the same version and raise an + # ImportError if they do not + so_package_version = ffi.string(lib.CRYPTOGRAPHY_PACKAGE_VERSION) + if version.encode("ascii") != so_package_version: + raise ImportError( + "The version of cryptography does not match the loaded " + "shared object. This can happen if you have multiple copies of " + "cryptography installed in your Python path. Please try creating " + "a new virtual environment to resolve this issue. " + "Loaded python version: {}, shared object version: {}".format( + version, so_package_version + ) + ) + + +_verify_package_version(cryptography.__version__) + # OpenSSL is not thread safe until the locks are initialized. We call this # method in module scope so that it executes with the import lock. On # Pythons < 3.4 this import lock is a global lock, which can prevent a race |