File move_cryptography_backend_import.patch of Package python-pyOpenSSL.9233

From a84a52ceeb8deb602515ebf76d3de3ec0e24ba56 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Thu, 6 Oct 2016 09:25:40 +0200
Subject: [PATCH] move our cryptography backend import

sad trombone
---
 src/OpenSSL/crypto.py | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

--- a/src/OpenSSL/crypto.py
+++ b/src/OpenSSL/crypto.py
@@ -39,6 +39,18 @@ class Error(Exception):
 _raise_current_error = partial(_exception_from_error_queue, Error)


+def _get_backend():
+    """
+    Importing the backend from cryptography has the side effect of activating
+    the osrandom engine. This mutates the global state of OpenSSL in the
+    process and causes issues for various programs that use subinterpreters or
+    embed Python. By putting the import in this function we can avoid
+    triggering this side effect unless _get_backend is called.
+    """
+    from cryptography.hazmat.backends.openssl.backend import backend
+    return backend
+
+
 def _untested_error(where):
     """
     An OpenSSL API failed somehow.  Additionally, the failure which was
@@ -251,6 +263,7 @@ class PKey(object):
         :raise TypeError: if the key is of a type which cannot be checked.
             Only RSA keys can currently be checked.
         """
+        backend = _get_backend()
         if self._only_public:
             raise TypeError("public key only")