STINNER Victor <vstin...@redhat.com> added the comment: Oh, the Fedora package of OpenSSL 1.1.1b includes this downstream patch:
https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-evp-kdf.patch Extract of the changelog: * Thu Feb 28 2019 Tomáš Mráz <tm...@redhat.com> 1.1.1b-1 - update to the 1.1.1b release - EVP_KDF API backport from master - SSH KDF implementation for EVP_KDF API backport from master The patch changes the behavior for (salt=NULL, saltlen=0). Previously, it was handled as (salt="", saltlen=0), but now the function fails with "missing salt". The patch has code to handle (pass=NULL, passlen=any value) as (pass="", passlen=0): https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-evp-kdf.patch#_705 + /* Maintain existing behaviour. */ + if (pass == NULL) { + pass = empty; + passlen = 0; } ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue36263> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
