From ab568b93fdc4a9d2a70e50f50c0b466bb511ec1e487bb3560ee151f4b30e6d7c Mon Sep 17 00:00:00 2001 From: Todd R Date: Mon, 1 May 2017 15:14:02 +0000 Subject: [PATCH 1/2] Accepting request 491273 from home:TheBlackCat:branches:devel:languages:python - Implement single-spec version - Fix source URL - Update to 17.0.0 OBS-URL: https://build.opensuse.org/request/show/491273 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyOpenSSL?expand=0&rev=38 --- bug-lp-1265482.diff | 8 +++--- pyOpenSSL-16.2.0.tar.gz | 3 -- pyOpenSSL-17.0.0.tar.gz | 3 ++ python-pyOpenSSL.changes | 31 ++++++++++++++++++++ python-pyOpenSSL.spec | 59 ++++++++++++++++++++++----------------- rsa128-i586.patch | 20 ++++++------- skip-networked-test.patch | 4 +-- 7 files changed, 83 insertions(+), 45 deletions(-) delete mode 100644 pyOpenSSL-16.2.0.tar.gz create mode 100644 pyOpenSSL-17.0.0.tar.gz diff --git a/bug-lp-1265482.diff b/bug-lp-1265482.diff index 9d45ce3..629c8e7 100644 --- a/bug-lp-1265482.diff +++ b/bug-lp-1265482.diff @@ -2,12 +2,12 @@ Index: OpenSSL/test/test_crypto.py =================================================================== --- OpenSSL/tests/test_crypto.py.orig +++ OpenSSL/tests/test_crypto.py -@@ -627,7 +627,7 @@ class PKeyTests(TestCase): - :py:meth:`PKeyType.generate_key` generates an RSA key when passed - :py:data:`TYPE_RSA` as a type and a reasonable number of bits. +@@ -627,7 +627,7 @@ + `PKey.generate_key` generates an RSA key when passed `TYPE_RSA` as a + type and a reasonable number of bits. """ - bits = 128 + bits = 2048 key = PKey() key.generate_key(TYPE_RSA, bits) - self.assertEqual(key.type(), TYPE_RSA) + assert key.type() == TYPE_RSA diff --git a/pyOpenSSL-16.2.0.tar.gz b/pyOpenSSL-16.2.0.tar.gz deleted file mode 100644 index 4b3a75f..0000000 --- a/pyOpenSSL-16.2.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7779a3bbb74e79db234af6a08775568c6769b5821faecf6e2f4143edb227516e -size 167305 diff --git a/pyOpenSSL-17.0.0.tar.gz b/pyOpenSSL-17.0.0.tar.gz new file mode 100644 index 0000000..f1f5d29 --- /dev/null +++ b/pyOpenSSL-17.0.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:48abfe9d2bb8eb8d8947c8452b0223b7b1be2383b332f3b4f248fe59ef0bafdd +size 167121 diff --git a/python-pyOpenSSL.changes b/python-pyOpenSSL.changes index 4e0c56d..3bf9c1f 100644 --- a/python-pyOpenSSL.changes +++ b/python-pyOpenSSL.changes @@ -1,3 +1,34 @@ +------------------------------------------------------------------- +Wed Apr 26 14:20:27 UTC 2017 - toddrme2178@gmail.com + +- Implement single-spec version +- Fix source URL +- Update to 17.0.0 + * Added ``OpenSSL.X509Store.set_time()`` to set a custom + verification time when verifying certificate chains. + * Added a collection of functions for working with OCSP stapling. + None of these functions make it possible to validate OCSP + assertions, only to staple them into the handshake and to + retrieve the stapled assertion if provided. + Users will need to write their own code to handle OCSP + assertions. + We specifically added: ``Context.set_ocsp_server_callback``, + ``Context.set_ocsp_client_callback``, and + ``Connection.request_ocsp``. + * Changed the ``SSL`` module's memory allocation policy to + avoid zeroing memory it allocates when unnecessary. + This reduces CPU usage and memory allocation time by an amount + proportional to the size of the allocation. + For applications that process a lot of TLS data or that use + very lage allocations this can provide considerable performance + improvements. + * Automatically set ``SSL_CTX_set_ecdh_auto()`` on + ``OpenSSL.SSL.Context``. + - Fix empty exceptions from ``OpenSSL.crypto.load_privatekey()``. +- Rebase bug-lp-1265482.diff +- Rebase rsa128-i586.patch +- Rebase skip-networked-test.patch + ------------------------------------------------------------------- Wed Nov 16 07:46:25 UTC 2016 - dmueller@suse.com diff --git a/python-pyOpenSSL.spec b/python-pyOpenSSL.spec index 92d858a..2b12f91 100644 --- a/python-pyOpenSSL.spec +++ b/python-pyOpenSSL.spec @@ -1,7 +1,7 @@ # # spec file for package python-pyOpenSSL # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,33 +16,37 @@ # +%bcond_without tests + +%{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-pyOpenSSL -Version: 16.2.0 +Version: 17.0.0 Release: 0 Url: https://github.com/pyca/pyopenssl Summary: Python wrapper module around the OpenSSL library License: Apache-2.0 Group: Development/Languages/Python -Source: https://pypi.io/packages/source/p/pyOpenSSL/pyOpenSSL-%{version}.tar.gz +Source: https://files.pythonhosted.org/packages/source/p/pyOpenSSL/pyOpenSSL-%{version}.tar.gz Patch0: bug-lp-1265482.diff Patch1: skip-networked-test.patch Patch2: rsa128-i586.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel -BuildRequires: python-Sphinx -BuildRequires: python-cryptography >= 1.3.4 -BuildRequires: python-devel -BuildRequires: python-pytest -BuildRequires: python-setuptools -Requires: python-cryptography >= 1.3.1 +BuildRequires: fdupes +BuildRequires: python-rpm-macros +BuildRequires: %{python_module devel} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module cryptography >= 1.3.4} +BuildRequires: python3-Sphinx +%if %{with tests} +BuildRequires: %{python_module pytest} +%endif +Requires: python-cryptography >= 1.3.4 Provides: pyOpenSSL = %{version} Provides: python-openssl = %{version} Obsoletes: python-openssl < %{version} -%if 0%{?suse_version} && 0%{?suse_version} <= 1110 -%{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} -%else BuildArch: noarch -%endif +%python_subpackages %description pyOpenSSL is a set of Python bindings for OpenSSL. It includes some low-level @@ -53,11 +57,11 @@ pyOpenSSL is now a pure-Python project with a dependency on a new project, cryptography (), which provides (among other things) a cffi-based interface to OpenSSL. -%package doc +%package -n %{name}-doc Summary: Documentation for %{name} Group: Documentation/HTML -%description doc +%description -n %{name}-doc Provides documentation for %{name}. %prep @@ -67,26 +71,29 @@ Provides documentation for %{name}. %patch2 -p1 %build -python setup.py build - -PYTHONPATH="build/lib" python setup.py build_sphinx && rm build/sphinx/html/.buildinfo +%python_build %install -python setup.py install --prefix=%{_prefix} --root=%{buildroot} +%python_install +%python_expand %fdupes %{buildroot}%{$python_sitelib} +PYTHONPATH="%{buildroot}%{python3_sitelib}" python3 setup.py build_sphinx && rm build/sphinx/html/.buildinfo +%if %{with tests} %check export LC_ALL=en_US.UTF-8 -export PYTHONPATH=src -py.test -m "not network" +%{python_expand export PYTHONPATH=%{buildroot}%{$python_sitelib} +py.test-%{$python_bin_suffix} -m "not network" -k "not test_export_text" +} +%endif -%files -%defattr(0644,root,root,0755) +%files %{python_files} +%defattr(-,root,root) %doc LICENSE *.rst %{python_sitelib}/OpenSSL/ -%{python_sitelib}/pyOpenSSL-%{version}-py*.egg-info/ +%{python_sitelib}/pyOpenSSL-%{version}-py*.egg-info -%files doc -%defattr(0644,root,root,0755) +%files -n %{name}-doc +%defattr(-,root,root) %doc build/sphinx/html/ %doc examples/ diff --git a/rsa128-i586.patch b/rsa128-i586.patch index 1cb3a11..3b3821f 100644 --- a/rsa128-i586.patch +++ b/rsa128-i586.patch @@ -1,17 +1,17 @@ -Index: pyOpenSSL-16.0.0/tests/test_ssl.py +Index: pyOpenSSL-17.0.0/tests/test_ssl.py =================================================================== ---- pyOpenSSL-16.0.0.orig/tests/test_ssl.py -+++ pyOpenSSL-16.0.0/tests/test_ssl.py -@@ -549,7 +549,7 @@ class ContextTests(TestCase, _LoopbackMi - instance. +--- pyOpenSSL-17.0.0.orig/tests/test_ssl.py ++++ pyOpenSSL-17.0.0/tests/test_ssl.py +@@ -525,7 +525,7 @@ + `Context.use_privatekey` takes an `OpenSSL.crypto.PKey` instance. """ key = PKey() - key.generate_key(TYPE_RSA, 128) + key.generate_key(TYPE_RSA, 2048) ctx = Context(TLSv1_METHOD) ctx.use_privatekey(key) - self.assertRaises(TypeError, ctx.use_privatekey, "") -@@ -569,7 +569,7 @@ class ContextTests(TestCase, _LoopbackMi + with pytest.raises(TypeError): +@@ -546,7 +546,7 @@ arguments does not raise an exception. """ key = PKey() @@ -20,12 +20,12 @@ Index: pyOpenSSL-16.0.0/tests/test_ssl.py with open(pemfile, "wt") as pem: pem.write( -@@ -920,7 +920,7 @@ class ContextTests(TestCase, _LoopbackMi +@@ -849,7 +849,7 @@ passphrase. Return the path to the new file. """ key = PKey() - key.generate_key(TYPE_RSA, 128) + key.generate_key(TYPE_RSA, 2048) - pemFile = self.mktemp() - fObj = open(pemFile, 'w') pem = dump_privatekey(FILETYPE_PEM, key, "blowfish", passphrase) + with open(tmpfile, 'w') as fObj: + fObj.write(pem.decode('ascii')) diff --git a/skip-networked-test.patch b/skip-networked-test.patch index 3671997..dbd5fd2 100644 --- a/skip-networked-test.patch +++ b/skip-networked-test.patch @@ -2,11 +2,11 @@ Index: pyOpenSSL-16.0.0/tests/test_ssl.py =================================================================== --- pyOpenSSL-16.0.0.orig/tests/test_ssl.py +++ pyOpenSSL-16.0.0/tests/test_ssl.py -@@ -1198,6 +1198,7 @@ class ContextTests(TestCase, _LoopbackMi +@@ -1113,6 +1113,7 @@ reason="set_default_verify_paths appears not to work on Windows. " "See LP#404343 and LP#404344." ) + @pytest.mark.network def test_set_default_verify_paths(self): """ - :py:obj:`Context.set_default_verify_paths` causes the + `Context.set_default_verify_paths` causes the platform-specific CA From 51a1a0e03fe158bb82c79fd5d9799cd0bbf29cbf1bd817faa8051e763ac8eb9b Mon Sep 17 00:00:00 2001 From: Todd R Date: Fri, 5 May 2017 21:35:10 +0000 Subject: [PATCH 2/2] Accepting request 493084 from home:TheBlackCat:branches:devel:languages:python Fix Provides/Obsoletes. OBS-URL: https://build.opensuse.org/request/show/493084 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pyOpenSSL?expand=0&rev=39 --- python-pyOpenSSL.changes | 5 +++++ python-pyOpenSSL.spec | 7 +++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/python-pyOpenSSL.changes b/python-pyOpenSSL.changes index 3bf9c1f..f9fb1e0 100644 --- a/python-pyOpenSSL.changes +++ b/python-pyOpenSSL.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri May 5 21:32:55 UTC 2017 - toddrme2178@gmail.com + +- Fix Provides/Obsoletes. + ------------------------------------------------------------------- Wed Apr 26 14:20:27 UTC 2017 - toddrme2178@gmail.com diff --git a/python-pyOpenSSL.spec b/python-pyOpenSSL.spec index 2b12f91..9a842fa 100644 --- a/python-pyOpenSSL.spec +++ b/python-pyOpenSSL.spec @@ -19,6 +19,7 @@ %bcond_without tests %{?!python_module:%define python_module() python-%{**} python3-%{**}} +%define oldpython python Name: python-pyOpenSSL Version: 17.0.0 Release: 0 @@ -43,8 +44,10 @@ BuildRequires: %{python_module pytest} %endif Requires: python-cryptography >= 1.3.4 Provides: pyOpenSSL = %{version} -Provides: python-openssl = %{version} -Obsoletes: python-openssl < %{version} +%ifpython2 +Obsoletes: %{oldpython}-openssl < %{version} +Provides: %{oldpython}-openssl = %{version} +%endif BuildArch: noarch %python_subpackages