Accepting request 934514 from home:dirkmueller:Factory

- update to 36.0.0: * FINAL DEPRECATION Support for verifier and signer on our asymmetric key classes was deprecated in version 2.1. These functions had an extended deprecation due to usage, however the next version of cryptography will drop support. Users should migrate to sign and verify. * The entire X.509 layer is now written in Rust. This allows alternate asymmetric key implementations that can support cloud key management services or hardware security modules provided they implement the necessary interface (for example: EllipticCurvePrivateKey). * Deprecated the backend argument for all functions. * Added support for AESOCB3. * Added support for iterating over arbitrary request attributes. * Deprecated the get_attribute_for_oid method on CertificateSigningRequest in favor of get_attribute_for_oid() on the new Attributes object. * Fixed handling of PEM files to allow loading when certificate and key are in the same file. * Fixed parsing of CertificatePolicies extensions containing legacy BMPString values in their explicitText. * Allow parsing of negative serial numbers in certificates. Negative serial numbers are prohibited by RFC 5280 so a deprecation warning will be raised whenever they are encountered. A future version of cryptography will drop support for parsing them. * Added support for parsing PKCS12 files with friendly names for all certificates with load_pkcs12(), which will return an object of type PKCS12KeyAndCertificates. * rfc4514_string() and related methods now have an optional attr_name_overrides parameter to supply custom OID to name mappings, which can be used to match vendor-specific extensions. * BACKWARDS INCOMPATIBLE: Reverted the nonstandard formatting of email address fields as E in rfc4514_string() methods from version 35.0. * The previous behavior can be restored with: OBS-URL: https://build.opensuse.org/request/show/934514 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-cryptography?expand=0&rev=140
2021-11-29 11:07:36 +00:00
parent f943f3caf8
commit 86a0858977
11 changed files with 127 additions and 94 deletions
--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@@ -18,10 +18,9 @@

 %{?!python_module:%define python_module() python3-%{**}}
 %define skip_python2 1
-# disabled in order to avoid pulling dependencies -- adrian@suse.de
-%bcond_with rust
+%global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
 Name:           python-cryptography
-Version:        3.4.8
+Version:        36.0.0
 Release:        0
 Summary:        Python library which exposes cryptographic recipes and primitives
 License:        Apache-2.0 OR BSD-3-Clause
@@ -29,22 +28,24 @@ Group:          Development/Languages/Python
 URL:            https://cryptography.io/en/latest/
 Source0:        https://files.pythonhosted.org/packages/source/c/cryptography/cryptography-%{version}.tar.gz
 Source1:        https://files.pythonhosted.org/packages/source/c/cryptography/cryptography-%{version}.tar.gz.asc
-Source2:        %{name}.keyring
+# use `osc service disabledrun` to regenerate
+Source2:        vendor.tar.xz
+# use `osc service disabledrun` to regenerate
+Source3:        cargo_config
+Source4:        %{name}.keyring
 # PATCH-FIX-SLE disable-uneven-sizes-tests.patch bnc#944204
-Patch1:         disable-uneven-sizes-tests.patch
+#Patch1:         disable-uneven-sizes-tests.patch
 Patch2:         skip_openssl_memleak_test.patch
-# PATCH-FEATURE-OPENSUSE disable-RustExtension.patch -- disable setuptools_rust requirement if not building with rust
-Patch3:         disable-RustExtension.patch
 BuildRequires:  %{python_module cffi >= 1.12}
 BuildRequires:  %{python_module devel}
+BuildRequires:  %{python_module setuptools-rust}
 BuildRequires:  %{python_module setuptools}
-%if %{with rust}
-BuildRequires:  %{python_module setuptools_rust}
-%endif
+BuildRequires:  cargo >= 1.41.0
 BuildRequires:  fdupes
 BuildRequires:  libopenssl-devel
 BuildRequires:  pkgconfig
 BuildRequires:  python-rpm-macros
+BuildRequires:  rust >= 1.41.0
 BuildRequires:  pkgconfig(libffi)
 %requires_eq    python-cffi
 # python-base is not enough, we need the _ssl module
@@ -73,23 +74,21 @@ symmetric ciphers, message digests and key derivation
 functions.

 %prep
-%autosetup -p1 -n cryptography-%{version}
+%autosetup -a2 -p1 -n cryptography-%{version}
+mkdir .cargo
+cp %{SOURCE3} .cargo/config

 %build
-%if ! %{with rust}
-export CRYPTOGRAPHY_DONT_BUILD_RUST=1
-%endif
+export RUSTFLAGS=%{rustflags}
 export CFLAGS="%{optflags} -fno-strict-aliasing"
 %python_build

 %install
+export RUSTFLAGS=%{rustflags}
 # Actually other *.c and *.h are appropriate
 # see https://github.com/pyca/cryptography/issues/1463
 find . -name .keep -print -delete

-%if ! %{with rust}
-export CRYPTOGRAPHY_DONT_BUILD_RUST=1
-%endif
 %python_install
 %python_expand %fdupes %{buildroot}%{$python_sitearch}