From bbadbea3e9d5aede5a784703145c8232fe2f7c81aad72bb1c563604549230212 Mon Sep 17 00:00:00 2001
From: Matej Cepl <mcepl@suse.com>
Date: Fri, 11 Dec 2020 07:54:16 +0000
Subject: [PATCH] Accepting request 854677 from
 home:bnavigator:branches:devel:languages:python

- Add twisted-pr1369-remove-pyopenssl-npn.patch to support
  pyOpenSSL 20
- Add twisted-pr1487-increase-ffdh-keysize.patch to support
  crpytography 3.3
- Fix the update-alternatives setup
  * manpages were cloned but never registerd with u-a
  * install alternatives as master and slave links now

OBS-URL: https://build.opensuse.org/request/show/854677
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=96
---
 python-Twisted.changes                     | 11 ++++
 python-Twisted.spec                        | 30 +++++-----
 twisted-pr1369-remove-pyopenssl-npn.patch  | 32 +++++++++++
 twisted-pr1487-increase-ffdh-keysize.patch | 67 ++++++++++++++++++++++
 4 files changed, 123 insertions(+), 17 deletions(-)
 create mode 100644 twisted-pr1369-remove-pyopenssl-npn.patch
 create mode 100644 twisted-pr1487-increase-ffdh-keysize.patch

diff --git a/python-Twisted.changes b/python-Twisted.changes
index 883ece1..8a51e24 100644
--- a/python-Twisted.changes
+++ b/python-Twisted.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Fri Dec 11 00:02:02 UTC 2020 - Benjamin Greiner <code@bnavigator.de>
+
+- Add twisted-pr1369-remove-pyopenssl-npn.patch to support 
+  pyOpenSSL 20
+- Add twisted-pr1487-increase-ffdh-keysize.patch to support
+  crpytography 3.3
+- Fix the update-alternatives setup
+  * manpages were cloned but never registerd with u-a
+  * install alternatives as master and slave links now
+
 -------------------------------------------------------------------
 Mon Oct 12 21:14:33 UTC 2020 - Matej Cepl <mcepl@suse.com>
 
diff --git a/python-Twisted.spec b/python-Twisted.spec
index 997b690..6373336 100644
--- a/python-Twisted.spec
+++ b/python-Twisted.spec
@@ -36,6 +36,10 @@ Patch7:         true-binary.patch
 # PATCH-FIX-UPSTREAM no-test_successResultOfWithFailureHasTraceback.patch https://twistedmatrix.com/trac/ticket/9665 mcepl@suse.com
 # skip over the test test_successResultOfWithFailureHasTraceback
 Patch8:         no-test_successResultOfWithFailureHasTraceback.patch
+# PATCH-FIX-UPSTREAM gh#twisted/twisted#1369 https://twistedmatrix.com/trac/ticket/9928
+Patch9:         twisted-pr1369-remove-pyopenssl-npn.patch
+# PATCH-FIX-UPSTRAM gh#twisted/twisted#1487 https://twistedmatrix.com/trac/ticket/10061
+Patch10:        twisted-pr1487-increase-ffdh-keysize.patch
 BuildRequires:  %{python_module Automat >= 0.3.0}
 BuildRequires:  %{python_module PyHamcrest >= 1.9.0}
 BuildRequires:  %{python_module appdirs >= 1.4.0}
@@ -129,24 +133,15 @@ export PYTHONDONTWRITEBYTECODE=1
 %python_expand PYTHONPATH=%{buildroot}%{$python_sitearch} $python -m twisted.trial twisted
 
 %post
-%python_install_alternative twist
-%python_install_alternative trial
-%python_install_alternative tkconch
-%python_install_alternative pyhtmlizer
-%python_install_alternative conch
-%python_install_alternative ckeygen
-%python_install_alternative cftp
-%python_install_alternative twistd
+# these were master alternatives until Dec 2020. Remove before the install as slave links
+for f in cftp ckeygen conch pyhtmlizer tkconch trial twist; do
+  (update-alternatives --quiet --list $f 2>&1 >/dev/null) && update-alternatives --remove-all $f
+done
+%{python_install_alternative twistd cftp ckeygen conch pyhtmlizer tkconch trial twist 
+                             twistd.1 cftp.1 ckeygen.1 conch.1 pyhtmlizer.1 tkconch.1 trial.1}
 
 %postun
-%python_uninstall_alternative twist
-%python_uninstall_alternative trial trial.1
-%python_uninstall_alternative tkconch tkconch.1
-%python_uninstall_alternative pyhtmlizer pyhtmlizer.1
-%python_uninstall_alternative conch conch.1
-%python_uninstall_alternative ckeygen ckeygen.1
-%python_uninstall_alternative cftp cftp.1
-%python_uninstall_alternative twistd twistd.1
+%python_uninstall_alternative twistd
 
 %files -n %{name}-doc
 %doc docs/*
@@ -169,6 +164,7 @@ export PYTHONDONTWRITEBYTECODE=1
 %python_alternative %{_mandir}/man1/pyhtmlizer.1%{?ext_man}
 %python_alternative %{_mandir}/man1/tkconch.1%{?ext_man}
 %python_alternative %{_mandir}/man1/trial.1%{?ext_man}
-%{python_sitearch}/*
+%{python_sitearch}/twisted
+%{python_sitearch}/Twisted-%{version}*-info
 
 %changelog
diff --git a/twisted-pr1369-remove-pyopenssl-npn.patch b/twisted-pr1369-remove-pyopenssl-npn.patch
new file mode 100644
index 0000000..331791b
--- /dev/null
+++ b/twisted-pr1369-remove-pyopenssl-npn.patch
@@ -0,0 +1,32 @@
+From 895a9a0c7141646847a8c798f695c92e543af035 Mon Sep 17 00:00:00 2001
+From: Alex Gaynor <alex.gaynor@gmail.com>
+Date: Mon, 3 Aug 2020 21:00:25 -0400
+Subject: [PATCH] Make the twisted tests work when pyOpenSSL deletes NPN
+
+---
+ src/twisted/newsfragments/9928.misc | 0
+ src/twisted/test/test_sslverify.py  | 7 +++++--
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+ create mode 100644 src/twisted/newsfragments/9928.misc
+
+diff --git a/src/twisted/newsfragments/9928.misc b/src/twisted/newsfragments/9928.misc
+new file mode 100644
+index 00000000000..e69de29bb2d
+diff --git a/src/twisted/test/test_sslverify.py b/src/twisted/test/test_sslverify.py
+index 4a1e082737f..a8992741d55 100644
+--- a/src/twisted/test/test_sslverify.py
++++ b/src/twisted/test/test_sslverify.py
+@@ -62,8 +62,11 @@
+     try:
+         ctx = SSL.Context(SSL.SSLv23_METHOD)
+         ctx.set_npn_advertise_callback(lambda c: None)
+-    except NotImplementedError:
+-        skipNPN = "OpenSSL 1.0.1 or greater required for NPN support"
++    except (NotImplementedError, AttributeError):
++        skipNPN = (
++            "NPN is deprecated (and OpenSSL 1.0.1 or greater required for NPN"
++            " support)"
++        )
+ 
+     try:
+         ctx = SSL.Context(SSL.SSLv23_METHOD)
diff --git a/twisted-pr1487-increase-ffdh-keysize.patch b/twisted-pr1487-increase-ffdh-keysize.patch
new file mode 100644
index 0000000..ec3f7cd
--- /dev/null
+++ b/twisted-pr1487-increase-ffdh-keysize.patch
@@ -0,0 +1,67 @@
+From d3a97b7f9e536af0103940afe670817fd2ff1393 Mon Sep 17 00:00:00 2001
+From: Paul Kehrer <paul.l.kehrer@gmail.com>
+Date: Sat, 28 Nov 2020 22:56:28 -0600
+Subject: [PATCH] increase size of FFDH keys for conch testing
+
+---
+ src/twisted/conch/test/test_transport.py | 29 ++++++++++++++++++------
+ src/twisted/newsfragments/10061.misc     |  0
+ 2 files changed, 22 insertions(+), 7 deletions(-)
+ create mode 100644 src/twisted/newsfragments/10061.misc
+
+Index: Twisted-20.3.0/src/twisted/conch/test/test_transport.py
+===================================================================
+--- Twisted-20.3.0.orig/src/twisted/conch/test/test_transport.py
++++ Twisted-20.3.0/src/twisted/conch/test/test_transport.py
+@@ -2267,6 +2267,21 @@ class ClientSSHTransportDHGroupExchangeB
+     Diffie-Hellman group exchange tests for SSHClientTransport.
+     """
+ 
++    """
++    1536-bit modulus from RFC 3526
++    """
++    P1536 = int(
++        "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
++        "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
++        "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
++        "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
++        "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
++        "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
++        "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
++        "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF",
++        16,
++    )
++
+     def test_KEXINIT_groupexchange(self):
+         """
+         KEXINIT packet with a group-exchange key exchange results
+@@ -2286,14 +2301,14 @@ class ClientSSHTransportDHGroupExchangeB
+         KEX_DH_GEX_INIT message with the client's Diffie-Hellman public key.
+         """
+         self.test_KEXINIT_groupexchange()
+-        self.proto.ssh_KEX_DH_GEX_GROUP(
+-            b'\x00\x00\x00\x03\x00\xfe\xf3\x00\x00\x00\x01\x02')
+-        self.assertEqual(self.proto.p, 65267)
++        self.proto.ssh_KEX_DH_GEX_GROUP(common.MP(self.P1536) + common.MP(2))
++        self.assertEqual(self.proto.p, self.P1536)
+         self.assertEqual(self.proto.g, 2)
+         x = self.proto.dhSecretKey.private_numbers().x
+-        self.assertEqual(common.MP(x)[5:], b'\x99' * 2)
+-        self.assertEqual(self.proto.dhSecretKeyPublicMP,
+-                         common.MP(pow(2, x, 65267)))
++        self.assertEqual(common.MP(x)[5:], b"\x99" * 192)
++        self.assertEqual(
++            self.proto.dhSecretKeyPublicMP, common.MP(pow(2, x, self.P1536))
++        )
+         self.assertEqual(self.packets[1:], [(transport.MSG_KEX_DH_GEX_INIT,
+                                              self.proto.dhSecretKeyPublicMP)])
+ 
+@@ -2322,7 +2337,7 @@ class ClientSSHTransportDHGroupExchangeB
+         # Here is the wire format for advertised min, pref and max DH sizes.
+         h.update(b'\x00\x00\x04\x00\x00\x00\x08\x00\x00\x00\x20\x00')
+         # And the selected group parameters.
+-        h.update(b'\x00\x00\x00\x03\x00\xfe\xf3\x00\x00\x00\x01\x02')
++        h.update(common.MP(self.P1536) + common.MP(2))
+         h.update(self.proto.dhSecretKeyPublicMP)
+         h.update(fMP)
+         h.update(sharedSecret)