- Convert to pip-based build

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-httpsig_cffi?expand=0&rev=8
2025-05-28 11:36:21 +00:00
commit fa77a045f4
6 changed files with 185 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
--- a/httpsig_cffi-15.0.0.tar.gz
+++ b/httpsig_cffi-15.0.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:12b61008cd21cb18986de743959d63caaf8ac5b3cf3ee1d49fd1c53fe4f5d47a
+size 22307
--- a/new-cryptography.patch
+++ b/new-cryptography.patch
@@ -0,0 +1,64 @@
+From 87b4a3f9ead574a173bb42e7191fc8b2efad9637 Mon Sep 17 00:00:00 2001
+From: Art Hall III <art.hall.iii@oracle.com>
+Date: Wed, 24 Apr 2019 15:49:54 -0400
+Subject: [PATCH] Fix cryptography deprecation warnings (#1)
+
+* Fix deprecation warnings
+
+The signer and verifier methods have been deprecated in
+cryptography since version 2.0
+
+* Fix futurewarning in regular expression in get_fingerprint
+---
+ httpsig_cffi/sign.py   | 5 ++---
+ httpsig_cffi/utils.py  | 2 +-
+ httpsig_cffi/verify.py | 6 +-----
+ 3 files changed, 4 insertions(+), 9 deletions(-)
+
+diff --git a/httpsig_cffi/sign.py b/httpsig_cffi/sign.py
+index dd5726e..85b14b1 100644
+--- a/httpsig_cffi/sign.py
+++ b/httpsig_cffi/sign.py
+@@ -57,9 +57,8 @@ def algorithm(self):
+ 
+     def _sign_rsa(self, data):
+         if isinstance(data, six.string_types): data = data.encode("ascii")
+-        r = self._rsa_private.signer(padding.PKCS1v15(), self._rsahash())
+-        r.update(data)
+-        return r.finalize()
+        r = self._rsa_private.sign(data, padding.PKCS1v15(), self._rsahash())
+        return r
+ 
+     def _sign_hmac(self, data):
+         if isinstance(data, six.string_types): data = data.encode("ascii")
+diff --git a/httpsig_cffi/utils.py b/httpsig_cffi/utils.py
+index fc5de71..31ef53e 100644
+--- a/httpsig_cffi/utils.py
+++ b/httpsig_cffi/utils.py
+@@ -152,7 +152,7 @@ def get_fingerprint(key):
+     if key.startswith('ssh-rsa'):
+         key = key.split(' ')[1]
+     else:
+-        regex = r'\-{4,5}[\w|| ]+\-{4,5}'
+        regex = r'\-{4,5}[\w\|\| ]+\-{4,5}'
+         key = re.split(regex, key)[1]
+ 
+     key = key.replace('\n', '')
+diff --git a/httpsig_cffi/verify.py b/httpsig_cffi/verify.py
+index 1cd46b2..b6c3faf 100644
+--- a/httpsig_cffi/verify.py
+++ b/httpsig_cffi/verify.py
+@@ -32,12 +32,8 @@ def _verify(self, data, signature):
+ 
+         if self.sign_algorithm == 'rsa':
+ 
+-            h = self._rsa_public.verifier(b64decode(signature),
+-                                          padding.PKCS1v15(),
+-                                          self._rsahash())
+-            h.update(data)
+             try:
+-                h.verify()
+                h = self._rsa_public.verify(b64decode(signature), data, padding.PKCS1v15(), self._rsahash())
+                 return True
+             except InvalidSignature:
+                 return False
--- a/python-httpsig_cffi.changes
+++ b/python-httpsig_cffi.changes
@@ -0,0 +1,26 @@
+-------------------------------------------------------------------
+Wed May 28 11:35:58 UTC 2025 - Markéta Machová <mmachova@suse.com>
+
+- Convert to pip-based build
+
+-------------------------------------------------------------------
+Mon Jul 11 07:41:08 UTC 2022 - Markéta Machová <mmachova@suse.com>
+
+- Fix build with new-cryptography.patch
+
+-------------------------------------------------------------------
+Mon May 31 07:36:02 UTC 2021 - pgajdos@suse.com
+
+- %check: use %pyunittest rpm macro
+
+-------------------------------------------------------------------
+Wed Apr 24 08:40:53 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Add requests to requires as it is used in the package as direct
+  import
+
+-------------------------------------------------------------------
+Wed Apr 17 14:31:44 UTC 2019 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Initial build
+  + Version 15.0.0
--- a/python-httpsig_cffi.spec
+++ b/python-httpsig_cffi.spec
@@ -0,0 +1,68 @@
+#
+# spec file for package python-httpsig_cffi
+#
+# Copyright (c) 2025 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           python-httpsig_cffi
+Version:        15.0.0
+Release:        0
+Summary:        Secure HTTP request signing using the HTTP Signature draft specification
+License:        MIT
+Group:          Development/Languages/Python
+URL:            https://github.com/hawkowl/httpsig_cffi
+Source:         https://files.pythonhosted.org/packages/source/h/httpsig_cffi/httpsig_cffi-%{version}.tar.gz
+# PATCH-FIX-UPSTREAM https://github.com/hawkowl/httpsig_cffi/pull/2 Fix cryptography deprecation warnings and future warning in get_fingerprint
+Patch0:         new-cryptography.patch
+BuildRequires:  %{python_module pip}
+BuildRequires:  %{python_module setuptools}
+BuildRequires:  %{python_module wheel}
+BuildRequires:  fdupes
+BuildRequires:  python-rpm-macros
+Requires:       python-cryptography
+Requires:       python-requests
+Requires:       python-six
+BuildArch:      noarch
+# SECTION test requirements
+BuildRequires:  %{python_module cryptography}
+BuildRequires:  %{python_module requests}
+BuildRequires:  %{python_module six}
+# /SECTION
+%python_subpackages
+
+%description
+Secure HTTP request signing using the HTTP Signature draft specification
+
+%prep
+%setup -q -n httpsig_cffi-%{version}
+%autopatch -p1
+
+%build
+%pyproject_wheel
+
+%install
+%pyproject_install
+%python_expand %fdupes %{buildroot}%{$python_sitelib}
+
+%check
+%pyunittest discover -v
+
+%files %{python_files}
+%doc CHANGELOG.rst README.rst
+%license LICENSE.txt
+%{python_sitelib}/httpsig_cffi
+%{python_sitelib}/httpsig_cffi-%{version}*-info
+
+%changelog