diff --git a/Twisted-18.9.0.tar.bz2 b/Twisted-18.9.0.tar.bz2 deleted file mode 100644 index b1ed7c6..0000000 --- a/Twisted-18.9.0.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:294be2c6bf84ae776df2fc98e7af7d6537e1c5e60a46d33c3ce2a197677da395 -size 3088398 diff --git a/Twisted-19.2.0.tar.bz2 b/Twisted-19.2.0.tar.bz2 new file mode 100644 index 0000000..e15eece --- /dev/null +++ b/Twisted-19.2.0.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1708e1928ae84ec9d3ebab0d427e20e1e38ff721b15bbced476d047d4a43abbe +size 3098661 diff --git a/hyperlink.patch b/hyperlink.patch new file mode 100644 index 0000000..1600ecf --- /dev/null +++ b/hyperlink.patch @@ -0,0 +1,36 @@ +From 46fc370d6b49a241fb05815ccdc7406f0e430183 Mon Sep 17 00:00:00 2001 +From: Tom Most +Date: Mon, 8 Apr 2019 22:38:23 -0700 +Subject: [PATCH] Remove test_parseEqualSignInParamValue + +Twisted should not test Hyperlink's behavior so extensively, as +discussed at https://github.com/python-hyper/hyperlink/pull/39 +--- + src/twisted/python/test/test_url.py | 14 -------------- + 1 file changed, 14 deletions(-) + +diff --git a/src/twisted/python/test/test_url.py b/src/twisted/python/test/test_url.py +index e36c2ca01b..7d55f10fd1 100644 +--- a/src/twisted/python/test/test_url.py ++++ b/src/twisted/python/test/test_url.py +@@ -476,20 +476,6 @@ def test_queryRemove(self): + ) + + +- def test_parseEqualSignInParamValue(self): +- """ +- Every C{=}-sign after the first in a query parameter is simply included +- in the value of the parameter. +- """ +- u = URL.fromText('http://localhost/?=x=x=x') +- self.assertEqual(u.get(u''), ['x=x=x']) +- self.assertEqual(u.asText(), 'http://localhost/?=x%3Dx%3Dx') +- u = URL.fromText('http://localhost/?foo=x=x=x&bar=y') +- self.assertEqual(u.query, (('foo', 'x=x=x'), +- ('bar', 'y'))) +- self.assertEqual(u.asText(), 'http://localhost/?foo=x%3Dx%3Dx&bar=y') +- +- + def test_empty(self): + """ + An empty L{URL} should serialize as the empty string. diff --git a/openssl-errormsg.aptch b/openssl-errormsg.aptch deleted file mode 100644 index 1e8d7a9..0000000 --- a/openssl-errormsg.aptch +++ /dev/null @@ -1,171 +0,0 @@ -From a1f400c56c7ad0ca241d044b4d283dc0d2291dbb Mon Sep 17 00:00:00 2001 -From: Mark Williams -Date: Sun, 10 Feb 2019 16:40:10 -0800 -Subject: [PATCH] ProperlyCloseFilesMixin.getHandleErrorCode now returns a - matcher. - -twisted.test.test_ssl.StolenTCPTests checks that the TLS connection is -closed upon when the corresponding transport connection is lost. This -involves checking an error message that varies between OpenSSL -versions. - -getHandleErrorCode becomes getHandleErrorCodeMatcher and returns a -hamcrest Matcher to allow StolenTCPTests to match the possible OpenSSL -error messages. ---- - src/twisted/test/test_ssl.py | 27 +++++++++++++++++++-------- - src/twisted/test/test_tcp.py | 19 ++++++++++++------- - 2 files changed, 31 insertions(+), 15 deletions(-) - -Index: Twisted-18.9.0/src/twisted/test/test_ssl.py -=================================================================== ---- Twisted-18.9.0.orig/src/twisted/test/test_ssl.py -+++ Twisted-18.9.0/src/twisted/test/test_ssl.py -@@ -16,7 +16,8 @@ from twisted.python.runtime import platf - from twisted.test.test_tcp import ProperlyCloseFilesMixin - from twisted.test.proto_helpers import waitUntilAllDisconnected - --import os, errno -+import os -+import hamcrest - - try: - from OpenSSL import SSL, crypto -@@ -309,34 +310,19 @@ class StolenTCPTests(ProperlyCloseFilesM - return SSL.Error - - -- def getHandleErrorCode(self): -- """ -- Return the argument L{OpenSSL.SSL.Error} will be constructed with for -- this case. This is basically just a random OpenSSL implementation -- detail. It would be better if this test worked in a way which did not -- require this. -- """ -- # Windows 2000 SP 4 and Windows XP SP 2 give back WSAENOTSOCK for -- # SSL.Connection.write for some reason. The twisted.protocols.tls -- # implementation of IReactorSSL doesn't suffer from this imprecation, -- # though, since it is isolated from the Windows I/O layer (I suppose?). -- -- # If test_properlyCloseFiles waited for the SSL handshake to complete -- # and performed an orderly shutdown, then this would probably be a -- # little less weird: writing to a shutdown SSL connection has a more -- # well-defined failure mode (or at least it should). -- -- # So figure out if twisted.protocols.tls is in use. If it can be -- # imported, it should be. -- if requireModule('twisted.protocols.tls') is None: -- # It isn't available, so we expect WSAENOTSOCK if we're on Windows. -- if platform.getType() == 'win32': -- return errno.WSAENOTSOCK -- -- # Otherwise, we expect an error about how we tried to write to a -- # shutdown connection. This is terribly implementation-specific. -- return [('SSL routines', 'SSL_write', 'protocol is shutdown')] -- -+ def getHandleErrorCodeMatcher(self): -+ # We expect an error about how we tried to write to a shutdown -+ # connection. This is terribly implementation-specific. -+ return hamcrest.contains( -+ hamcrest.contains( -+ hamcrest.equal_to('SSL routines'), -+ hamcrest.any_of( -+ hamcrest.equal_to('SSL_write'), -+ hamcrest.equal_to('ssl_write_internal'), -+ ), -+ hamcrest.equal_to('protocol is shutdown'), -+ ), -+ ) - - - class TLSTests(unittest.TestCase): -Index: Twisted-18.9.0/src/twisted/test/test_tcp.py -=================================================================== ---- Twisted-18.9.0.orig/src/twisted/test/test_tcp.py -+++ Twisted-18.9.0/src/twisted/test/test_tcp.py -@@ -8,6 +8,7 @@ Tests for implementations of L{IReactorT - from __future__ import division, absolute_import - - import socket, random, errno -+import hamcrest - from functools import wraps - - from zope.interface import implementer -@@ -1135,17 +1136,18 @@ class ProperlyCloseFilesMixin: - raise NotImplementedError() - - -- def getHandleErrorCode(self): -+ def getHandleErrorCodeMatcher(self): - """ -- Return the errno expected to result from writing to a closed -- platform socket handle. -+ Return a L{hamcrest.core.matcher.Matcher} that matches the -+ errno expected to result from writing to a closed platform -+ socket handle. - """ - # Windows and Python 3: returns WSAENOTSOCK - # Windows and Python 2: returns EBADF - # Linux, FreeBSD, macOS: returns EBADF - if platform.isWindows() and _PY3: -- return errno.WSAENOTSOCK -- return errno.EBADF -+ return hamcrest.equal_to(errno.WSAENOTSOCK) -+ return hamcrest.equal_to(errno.EBADF) - - - def test_properlyCloseFiles(self): -@@ -1190,10 +1192,13 @@ class ProperlyCloseFilesMixin: - if not server.lostConnectionReason.check(error.ConnectionClosed): - err(server.lostConnectionReason, - "Server lost connection for unexpected reason") -- expectedErrorCode = self.getHandleErrorCode() -+ errorCodeMatcher = self.getHandleErrorCodeMatcher() - exception = self.assertRaises( - self.getHandleExceptionType(), client.handle.send, b'bytes') -- self.assertEqual(exception.args[0], expectedErrorCode) -+ hamcrest.assert_that( -+ exception.args[0], -+ errorCodeMatcher, -+ ) - clientDeferred.addCallback(clientDisconnected) - - def cleanup(passthrough): -Index: Twisted-18.9.0/src/twisted/test/test_sslverify.py -=================================================================== ---- Twisted-18.9.0.orig/src/twisted/test/test_sslverify.py -+++ Twisted-18.9.0/src/twisted/test/test_sslverify.py -@@ -1645,11 +1645,28 @@ class OpenSSLOptionsECDHIntegrationTests - raise unittest.SkipTest("OpenSSL does not support ECDH.") - - onData = defer.Deferred() -- self.loopback(sslverify.OpenSSLCertificateOptions(privateKey=self.sKey, -- certificate=self.sCert, requireCertificate=False), -- sslverify.OpenSSLCertificateOptions( -- requireCertificate=False), -- onData=onData) -+ # TLS 1.3 cipher suites do not specify the key exchange -+ # mechanism: -+ # https://wiki.openssl.org/index.php/TLS1.3#Differences_with_TLS1.2_and_below -+ # -+ # and OpenSSL only supports ECHDE groups with TLS 1.3: -+ # https://wiki.openssl.org/index.php/TLS1.3#Groups -+ # -+ # so TLS 1.3 implies ECDHE. Force this test to use TLS 1.2 to -+ # ensure ECDH is selected when it might not be. -+ self.loopback( -+ sslverify.OpenSSLCertificateOptions( -+ privateKey=self.sKey, -+ certificate=self.sCert, -+ requireCertificate=False, -+ lowerMaximumSecurityTo=sslverify.TLSVersion.TLSv1_2 -+ ), -+ sslverify.OpenSSLCertificateOptions( -+ requireCertificate=False, -+ lowerMaximumSecurityTo=sslverify.TLSVersion.TLSv1_2, -+ ), -+ onData=onData, -+ ) - - @onData.addCallback - def assertECDH(_): diff --git a/openssl111.patch b/openssl111.patch deleted file mode 100644 index f4f6f1f..0000000 --- a/openssl111.patch +++ /dev/null @@ -1,42 +0,0 @@ -Index: Twisted-18.9.0/src/twisted/test/test_sslverify.py -=================================================================== ---- Twisted-18.9.0.orig/src/twisted/test/test_sslverify.py -+++ Twisted-18.9.0/src/twisted/test/test_sslverify.py -@@ -898,21 +898,6 @@ class OpenSSLOptionsTests(OpenSSLOptions - self.assertEqual(opts._cipherString.encode('ascii'), ctx._cipherList) - - -- def test_givesMeaningfulErrorMessageIfNoCipherMatches(self): -- """ -- If there is no valid cipher that matches the user's wishes, -- a L{ValueError} is raised. -- """ -- self.assertRaises( -- ValueError, -- sslverify.OpenSSLCertificateOptions, -- privateKey=self.sKey, -- certificate=self.sCert, -- acceptableCiphers= -- sslverify.OpenSSLAcceptableCiphers.fromOpenSSLCipherString('') -- ) -- -- - def test_honorsAcceptableCiphersArgument(self): - """ - If acceptable ciphers are passed, they are used. -@@ -2706,15 +2691,6 @@ class ExpandCipherStringTests(unittest.T - if skipSSL: - skip = skipSSL - -- def test_doesNotStumbleOverEmptyList(self): -- """ -- If the expanded cipher list is empty, an empty L{list} is returned. -- """ -- self.assertEqual( -- [], -- sslverify._expandCipherString(u'', SSL.SSLv23_METHOD, 0) -- ) -- - - def test_doesNotSwallowOtherSSLErrors(self): - """ diff --git a/python-Twisted.changes b/python-Twisted.changes index 6291808..0cbac8b 100644 --- a/python-Twisted.changes +++ b/python-Twisted.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Wed May 22 09:59:19 UTC 2019 - Tomáš Chvátal + +- Update to 19.2.0: + * twisted.internet.ssl.CertificateOptions now uses 32 random bytes instead of an MD5 hash for the ssl session identifier context. (#9463) + * DeferredLock and DeferredSemaphore can be used as asynchronous context managers on Python 3.5+. (#9546) + * t.i.b.BaseConnector has custom __repr__ (#9548) + * twisted.internet.ssl.optionsForClientTLS now supports validating IP addresses from the certificate subjectAltName (#9585) + * Twisted's minimum Cryptography requirement is now 2.5. (#9592) + * twisted.conch.ssh.keys can now read private keys in the new "openssh-key-v1" format, introduced in OpenSSH 6.5 and made the default in OpenSSH 7.8. (#9515) + * twisted.web.client.HostnameCachingHTTPSPolicy was added as a new contextFactory option. The policy caches a specified number of twisted.internet.interfaces.IOpenSSLClientConnectionCreator instances to to avoid the cost of instantiating a connection creator for multiple requests to the same host. (#9138) +- Remove merged patches: + * openssl-errormsg.aptch + * openssl111.patch +- Add patch to tests for new hyperlink: + * hyperlink.patch + ------------------------------------------------------------------- Mon Feb 18 11:24:53 UTC 2019 - Tomáš Chvátal diff --git a/python-Twisted.spec b/python-Twisted.spec index 919f836..6b457e7 100644 --- a/python-Twisted.spec +++ b/python-Twisted.spec @@ -20,7 +20,7 @@ %define oldpython python %define modname Twisted Name: python-Twisted -Version: 18.9.0 +Version: 19.2.0 Release: 0 Summary: An asynchronous networking framework written in Python License: MIT @@ -28,16 +28,16 @@ Group: Development/Languages/Python URL: http://twistedmatrix.com/ Source: https://files.pythonhosted.org/packages/source/T/Twisted/%{modname}-%{version}.tar.bz2 Patch1: skip_MultiCast.patch -Patch2: openssl111.patch -Patch3: no-pygtkcompat.patch -Patch4: test-mktime-invalid-tm_isdst.patch -Patch5: openssl-errormsg.aptch +Patch2: no-pygtkcompat.patch +Patch3: test-mktime-invalid-tm_isdst.patch +Patch4: hyperlink.patch BuildRequires: %{python_module Automat >= 0.3.0} BuildRequires: %{python_module PyHamcrest >= 1.9.0} BuildRequires: %{python_module appdirs >= 1.4.0} BuildRequires: %{python_module attrs >= 17.4.0} +BuildRequires: %{python_module bcrypt >= 3.0.0} BuildRequires: %{python_module constantly >= 15.1} -BuildRequires: %{python_module cryptography >= 1.5} +BuildRequires: %{python_module cryptography >= 2.5} BuildRequires: %{python_module devel} BuildRequires: %{python_module h2 >= 3.0} BuildRequires: %{python_module hyperlink >= 17.1.1} @@ -50,7 +50,7 @@ BuildRequires: %{python_module pyserial} BuildRequires: %{python_module pytest} BuildRequires: %{python_module python-subunit} BuildRequires: %{python_module pytz} -BuildRequires: %{python_module service_identity} +BuildRequires: %{python_module service_identity >= 18.1.0} BuildRequires: %{python_module setuptools} BuildRequires: %{python_module zope.interface >= 4.4.2} BuildRequires: fdupes @@ -59,8 +59,9 @@ Requires: python-Automat >= 0.3.0 Requires: python-PyHamcrest >= 1.9.0 Requires: python-appdirs >= 1.4.0 Requires: python-attrs >= 17.4.0 +Requires: python-bcrypt >= 3.0.0 Requires: python-constantly >= 15.1 -Requires: python-cryptography >= 1.5 +Requires: python-cryptography >= 2.5 Requires: python-h2 >= 3.0 Requires: python-hyperlink >= 17.1.1 Requires: python-idna >= 0.6 @@ -68,7 +69,7 @@ Requires: python-incremental >= 16.10.1 Requires: python-pyOpenSSL >= 16.0.0 Requires: python-pyasn1 Requires: python-pyserial >= 3.0 -Requires: python-service_identity +Requires: python-service_identity >= 18.1.0 Requires: python-zope.interface >= 4.4.2 %ifpython2 Provides: %{oldpython}-twisted = %{version} @@ -168,7 +169,7 @@ export PYTHONDONTWRITEBYTECODE=1 %python3_only %{_mandir}/man1/cftp.1%{?ext_man} %python3_only %{_mandir}/man1/ckeygen.1%{?ext_man} %python3_only %{_mandir}/man1/conch.1%{?ext_man} -%python3_only %{_mandir}/man1/mailmail.1%{?ext_man} +%python2_only %{_mandir}/man1/mailmail.1%{?ext_man} %python3_only %{_mandir}/man1/pyhtmlizer.1%{?ext_man} %python3_only %{_mandir}/man1/tkconch.1%{?ext_man} %python3_only %{_mandir}/man1/trial.1%{?ext_man}