From c845b5b97329a8bbc7ed995e8227eab0a085d3457a0a8f69bb276f0f17e41e29 Mon Sep 17 00:00:00 2001
From: Matej Cepl <mcepl@suse.com>
Date: Mon, 14 Jun 2021 21:07:13 +0000
Subject: [PATCH] - Update to 0.38.0:     - Remove the last use of setup.py
 test idiom.     - Use m2_PyObject_AsReadBuffer instead of
 PyObject_AsReadBuffer.     - Add support for arm64 big endian <Steev
 Klimaszewski>     - Make support of RSA_SSLV23_PADDING optional (it has been
 deprecated).     - Move project to src/ layout     - Allow verify_cb_* to be
 called with ok=True  <Casey Deccio>     - Be prepared if any of constants in
 x509_vfy.h is not available.     - But we do support 3.8     - We DO NOT
 support Python 2.6. - All patches were upstreamed:     -
 293_sslv23_padding.patch     - no-need-parameterized.patch     -
 python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-M2Crypto?expand=0&rev=103
---
 293_sslv23_padding.patch                      | 14 ------
 M2Crypto-0.37.1.tar.gz                        |  3 --
 M2Crypto-0.37.1.tar.gz.asc                    |  6 ---
 M2Crypto-0.38.0.tar.gz                        |  3 ++
 M2Crypto-0.38.0.tar.gz.asc                    |  6 +++
 no-need-parameterized.patch                   | 14 ------
 ...w-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch | 47 -------------------
 python-M2Crypto.changes                       | 18 +++++++
 python-M2Crypto.spec                          | 12 +----
 9 files changed, 28 insertions(+), 95 deletions(-)
 delete mode 100644 293_sslv23_padding.patch
 delete mode 100644 M2Crypto-0.37.1.tar.gz
 delete mode 100644 M2Crypto-0.37.1.tar.gz.asc
 create mode 100644 M2Crypto-0.38.0.tar.gz
 create mode 100644 M2Crypto-0.38.0.tar.gz.asc
 delete mode 100644 no-need-parameterized.patch
 delete mode 100644 python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch

diff --git a/293_sslv23_padding.patch b/293_sslv23_padding.patch
deleted file mode 100644
index 79d2084..0000000
--- a/293_sslv23_padding.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- a/tests/test_rsa.py
-+++ b/tests/test_rsa.py
-@@ -124,11 +124,6 @@ class RSATestCase(unittest.TestCase):
-             ptxt = priv.private_decrypt(ctxt, p)
-             self.assertEqual(ptxt, self.data)
- 
--        # sslv23_padding
--        ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding)
--        res = priv.private_decrypt(ctxt, RSA.sslv23_padding)
--        self.assertEqual(res, self.data)
--
-         # no_padding
-         with six.assertRaisesRegex(self, RSA.RSAError, 'data too small'):
-             priv.public_encrypt(self.data, RSA.no_padding)
diff --git a/M2Crypto-0.37.1.tar.gz b/M2Crypto-0.37.1.tar.gz
deleted file mode 100644
index 81dfc6c..0000000
--- a/M2Crypto-0.37.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e4e42f068b78ccbf113e5d0a72ae5f480f6c3ace4940b91e4fff5598cfff6fb3
-size 1247031
diff --git a/M2Crypto-0.37.1.tar.gz.asc b/M2Crypto-0.37.1.tar.gz.asc
deleted file mode 100644
index c4ab463..0000000
--- a/M2Crypto-0.37.1.tar.gz.asc
+++ /dev/null
@@ -1,6 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iF0EABECAB0WIQSJ70vGKIq/QxurJcPgn+8l2WSErAUCX8/GrwAKCRDgn+8l2WSE
-rAITAJ95Tn9v9Mr0kBf6bbbzEk6vYxV1hQCeLpgKge5XRjV3hse/9PBvzZRvZTo=
-=6EAh
------END PGP SIGNATURE-----
diff --git a/M2Crypto-0.38.0.tar.gz b/M2Crypto-0.38.0.tar.gz
new file mode 100644
index 0000000..9720428
--- /dev/null
+++ b/M2Crypto-0.38.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:99f2260a30901c949a8dc6d5f82cd5312ffb8abc92e76633baf231bbbcb2decb
+size 1241269
diff --git a/M2Crypto-0.38.0.tar.gz.asc b/M2Crypto-0.38.0.tar.gz.asc
new file mode 100644
index 0000000..9c1649e
--- /dev/null
+++ b/M2Crypto-0.38.0.tar.gz.asc
@@ -0,0 +1,6 @@
+-----BEGIN PGP SIGNATURE-----
+
+iF0EABECAB0WIQSJ70vGKIq/QxurJcPgn+8l2WSErAUCYMfDmAAKCRDgn+8l2WSE
+rJjeAJ9020kzL4u/p/KNnH3ei4EKFeJJhQCfcHKVJ0exSXSIj8/xbAdSKRvl8uQ=
+=Q+r2
+-----END PGP SIGNATURE-----
diff --git a/no-need-parameterized.patch b/no-need-parameterized.patch
deleted file mode 100644
index 6daaa45..0000000
--- a/no-need-parameterized.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- a/setup.py
-+++ b/setup.py
-@@ -33,9 +33,9 @@ logging.basicConfig(format='%(levelname)
-                     stream=sys.stdout, level=logging.INFO)
- log = logging.getLogger('setup')
- 
--requires_list = ['parameterized']
-+requires_list = []
- if (2, 6) < sys.version_info[:2] < (3, 5):
--    requires_list = ['typing']
-+    requires_list.append('typing')
- if sys.version_info[0] > 2:
-     from typing import Dict, List
- 
diff --git a/python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch b/python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch
deleted file mode 100644
index cce3d08..0000000
--- a/python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 73fbd1e646f6bbf202d4418bae80eb9941fbf552 Mon Sep 17 00:00:00 2001
-From: Casey Deccio <casey@deccio.net>
-Date: Fri, 8 Jan 2021 12:43:09 -0700
-Subject: [PATCH] Allow verify_cb_* to be called with ok=True
-
-With https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
-OpenSSL allowed verificaton to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE
----
- tests/test_ssl.py | 14 ++++++++++++--
- 1 file changed, 12 insertions(+), 2 deletions(-)
-
-diff --git a/tests/test_ssl.py b/tests/test_ssl.py
-index 92b6942c..7a3271aa 100644
---- a/tests/test_ssl.py
-+++ b/tests/test_ssl.py
-@@ -59,8 +59,13 @@ def allocate_srv_port():
- 
- 
- def verify_cb_new_function(ok, store):
--    assert not ok
-     err = store.get_error()
-+    # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
-+    # aborting, this callback is called to retrieve additional error
-+    # information.  In this case, ok might not be False.
-+    # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
-+    if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-+        assert not ok
-     assert err in [m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
-                    m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
-                    m2.X509_V_ERR_CERT_UNTRUSTED,
-@@ -618,7 +623,12 @@ class MiscSSLClientTestCase(BaseSSLClientTestCase):
- 
-     def verify_cb_old(self, ctx_ptr, x509_ptr, err, depth, ok):
-         try:
--            self.assertFalse(ok)
-+            # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
-+            # aborting, this callback is called to retrieve additional error
-+            # information.  In this case, ok might not be False.
-+            # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
-+            if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-+                self.assertFalse(ok)
-             self.assertIn(err,
-                           [m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
-                            m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
--- 
-GitLab
-
diff --git a/python-M2Crypto.changes b/python-M2Crypto.changes
index 8d54e31..7ff7699 100644
--- a/python-M2Crypto.changes
+++ b/python-M2Crypto.changes
@@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Mon Jun 14 21:04:54 UTC 2021 - Matej Cepl <mcepl@suse.com>
+
+- Update to 0.38.0:
+    - Remove the last use of setup.py test idiom.
+    - Use m2_PyObject_AsReadBuffer instead of PyObject_AsReadBuffer.
+    - Add support for arm64 big endian <Steev Klimaszewski>
+    - Make support of RSA_SSLV23_PADDING optional (it has been deprecated).
+    - Move project to src/ layout
+    - Allow verify_cb_* to be called with ok=True  <Casey Deccio>
+    - Be prepared if any of constants in x509_vfy.h is not available.
+    - But we do support 3.8
+    - We DO NOT support Python 2.6.
+- All patches were upstreamed:
+    - 293_sslv23_padding.patch
+    - no-need-parameterized.patch
+    - python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch
+
 -------------------------------------------------------------------
 Thu Apr 22 22:33:46 UTC 2021 - Matej Cepl <mcepl@suse.com>
 
diff --git a/python-M2Crypto.spec b/python-M2Crypto.spec
index 6166663..3d81431 100644
--- a/python-M2Crypto.spec
+++ b/python-M2Crypto.spec
@@ -19,7 +19,7 @@
 %define oldpython python
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-M2Crypto
-Version:        0.37.1
+Version:        0.38.0
 Release:        0
 Summary:        Crypto and SSL toolkit for Python
 License:        MIT
@@ -27,16 +27,6 @@ Group:          Development/Languages/Python
 URL:            https://gitlab.com/m2crypto/m2crypto
 Source0:        https://files.pythonhosted.org/packages/source/M/M2Crypto/M2Crypto-%{version}.tar.gz
 Source1:        https://files.pythonhosted.org/packages/source/M/M2Crypto/M2Crypto-%{version}.tar.gz.asc
-# PATCH-FIX-UPSTREAM python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch mcepl@suse.com
-# https://salsa.debian.org/python-team/packages/m2crypto/-/commit/e0e9ad5cfff86383dabbb92540c0a4892cb4c456
-# Fixes incompatibility with the modern crypto policies
-Patch0:         python-M2Crypto-Allow-on-UNABLE_TO_VERIFY_LEAF_SIGNATURE.patch
-# PATCH-FIX-UPSTREAM 293_sslv23_padding.patch gl#m2crypto/m2crypto#293 mcepl@suse.com
-# RSA_SSLV23_PADDING is evil and should be avoided.
-Patch1:         293_sslv23_padding.patch
-# PATCH-FIX-OPENSUSE no-need-parameterized.patch bsc#1185150 mcepl@suse.com
-# no need to require parameterized for normal use
-Patch2:         no-need-parameterized.patch
 BuildRequires:  %{python_module devel}
 BuildRequires:  %{python_module parameterized}
 BuildRequires:  %{python_module pytest}