diff --git a/.gitignore b/.gitignore index 4ad8197..314afe5 100644 --- a/.gitignore +++ b/.gitignore @@ -1,77 +1,6 @@ -/results_python-cryptography -/*.src.rpm /cryptography-1.3.1.tar.gz /cryptography-1.5.3.tar.gz /cryptography-1.7.1.tar.gz /cryptography-1.7.2.tar.gz /cryptography-1.9.tar.gz /cryptography-2.0.2.tar.gz -/cryptography-2.1.tar.gz -/cryptography-2.1.3.tar.gz -/cryptography-2.1.4.tar.gz -/cryptography-2.2.1.tar.gz -/cryptography-2.3.tar.gz -/cryptography-2.5.tar.gz -/cryptography-2.6.1.tar.gz -/cryptography-2.7.tar.gz -/cryptography-2.8.tar.gz -/cryptography-2.9.tar.gz -/cryptography-2.9.tar.gz.asc -/cryptography-3.0.tar.gz -/cryptography-3.0.tar.gz.asc -/cryptography-3.1.tar.gz -/cryptography-3.1.tar.gz.asc -/cryptography-3.2.tar.gz -/cryptography-3.2.tar.gz.asc -/cryptography-3.2.1.tar.gz -/cryptography-3.2.1.tar.gz.asc -/cryptography-3.3.1.tar.gz -/cryptography-3.3.1.tar.gz.asc -/cryptography-3.4.tar.gz -/cryptography-3.4.tar.gz.asc -/cryptography-3.4.1.tar.gz -/cryptography-3.4.1.tar.gz.asc -/cryptography-3.4.2.tar.gz -/cryptography-3.4.2.tar.gz.asc -/cryptography-3.4.4.tar.gz -/cryptography-3.4.4.tar.gz.asc -/cryptography-3.4.5.tar.gz -/cryptography-3.4.5.tar.gz.asc -/cryptography-3.4.6.tar.gz -/cryptography-3.4.6.tar.gz.asc -/cryptography-3.4.7.tar.gz -/cryptography-3.4.7-vendor.tar.bz2 -/cryptography-35.0.0.tar.gz -/cryptography-35.0.0-vendor.tar.bz2 -/cryptography-36.0.0.tar.gz -/cryptography-36.0.0-vendor.tar.bz2 -/cryptography-37.0.2.tar.gz -/cryptography-37.0.2-vendor.tar.bz2 -/cryptography-39.0.2.tar.gz -/cryptography-39.0.2-vendor.tar.bz2 -/cryptography-40.0.0.tar.gz -/cryptography-40.0.0-vendor.tar.bz2 -/cryptography-40.0.1.tar.gz -/cryptography-40.0.1-vendor.tar.bz2 -/cryptography-40.0.2.tar.gz -/cryptography-40.0.2-vendor.tar.bz2 -/cryptography-41.0.3.tar.gz -/cryptography-41.0.3-vendor.tar.bz2 -/cryptography-41.0.5-vendor.tar.bz2 -/cryptography-41.0.5.tar.gz -/cryptography-41.0.7.tar.gz -/cryptography-41.0.7-vendor.tar.bz2 -/cryptography-42.0.5.tar.gz -/cryptography-42.0.5-vendor.tar.bz2 -/cryptography-42.0.8.tar.gz -/cryptography-42.0.8-vendor.tar.bz2 -/cryptography-43.0.0.tar.gz -/cryptography-43.0.0-vendor.tar.bz2 -/cryptography-44.0.0.tar.gz -/cryptography-44.0.0-vendor.tar.bz2 -/cryptography-45.0.2.tar.gz -/cryptography-45.0.2-vendor.tar.bz2 -/cryptography-45.0.3.tar.gz -/cryptography-45.0.3-vendor.tar.bz2 -/cryptography-45.0.4.tar.gz -/cryptography-45.0.4-vendor.tar.bz2 diff --git a/README.md b/README.md deleted file mode 100644 index 33554c0..0000000 --- a/README.md +++ /dev/null @@ -1,59 +0,0 @@ -# PyCA cryptography - -https://cryptography.io/en/latest/ - -## Packaging python-cryptography - -The example assumes - -* Fedora Rawhide (f34) -* PyCA cryptography release ``3.4`` -* Update Bugzilla issue is ``RHBZ#00000001`` - -### Build new python-cryptography - -Switch and update branch - -```shell -fedpkg switch-branch rawhide -fedpkg pull -``` - -Bump version and get sources - -```shell -rpmdev-bumpspec -c "Update to 3.4 (#00000001)" -n 3.4 python-cryptography.spec -spectool -gf python-cryptography.spec -``` - -Upload new source - -```shell -fedpkg new-sources cryptography-3.4.tar.gz -``` - -Commit changes - -```shell -fedpkg commit --clog -fedpkg push -``` - -Build - -```shell -fedpkg build -``` - -## RHEL/CentOS builds - -RHEL and CentOS use a different approach for Rust crates packaging than -Fedora. On Fedora Rust dependencies are packaged as RPMs, e.g. -``rust-pyo3+default-devel`` RPM. These packages don't exist on RHEL and -CentOS. Instead python-cryptography uses a tar ball with vendored crates. -The tar ball is created by a script: - -```shell -./vendor_rust.py -rhpkg upload cryptography-3.4-vendor.tar.bz2 -``` diff --git a/changelog b/changelog deleted file mode 100644 index fa06f3e..0000000 --- a/changelog +++ /dev/null @@ -1,248 +0,0 @@ -* Tue Jul 02 2024 Jeremy Cline - 42.0.8-1 -- Update to 42.0.8, fixes rhbz#2251816 - -* Sat Jun 08 2024 Python Maint - 41.0.7-3 -- Rebuilt for Python 3.13 - -* Fri Jun 07 2024 Python Maint - 41.0.7-2 -- Bootstrap for Python 3.13 - -* Thu Feb 01 2024 Benjamin A. Beasley - 41.0.7-1 -- Update to 41.0.7, fixes rhbz#2255351, CVE-2023-49083 - -* Fri Jan 26 2024 Fedora Release Engineering - 41.0.5-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Mon Jan 22 2024 Fedora Release Engineering - 41.0.5-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Fri Dec 01 2023 Fabio Valentini - 41.0.5-2 -- Rebuild for openssl crate >= v0.10.60 (RUSTSEC-2023-0044, RUSTSEC-2023-0072) - -* Thu Oct 26 2023 Christian Heimes - 41.0.5-1 -- Update to 41.0.5, resolves RHBZ#2239707 - -* Mon Aug 14 2023 Christian Heimes - 41.0.3-2 -- Build with ouroboros 0.17, fixes rhbz#2214228 / RUSTSEC-2023-0042 - -* Wed Aug 09 2023 Christian Heimes - 41.0.3-1 -- Update to 41.0.3, resolves rhbz#2211237 -- Use pyo3 0.19 - -* Fri Jul 21 2023 Fedora Release Engineering - 40.0.2-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Mon Jul 10 2023 Python Maint - 40.0.2-4 -- Rebuilt for Python 3.12 - -* Wed Jun 14 2023 Python Maint - 40.0.2-3 -- Bootstrap for Python 3.12 - -* Tue Jun 13 2023 Yaakov Selkowitz - 40.0.2-2 -- Use vendored rust-pem in RHEL builds - -* Tue Apr 18 2023 Christian Heimes - 40.0.2-1 -- Update to 40.0.2, resolves rhbz#2181430 - -* Thu Mar 09 2023 Miro Hrončok - 39.0.2-2 -- Don't run tests requiring pytz on RHEL -- Don't try to run tests of vendored dependencies in %%check - -* Sat Mar 04 2023 Christian Heimes - 39.0.2-1 -- Update to 39.0.2, resolves rhbz#2124729 - -* Tue Feb 28 2023 Fabio Valentini - 37.0.2-9 -- Ensure correct compiler flags are used for Rust code. - -* Wed Feb 22 2023 Christian Heimes - 37.0.2-8 -- Fix CVE-2023-23931: Don't allow update_into to mutate immutable objects, resolves rhbz#2171820 -- Fix FTBFS due to failing test_load_invalid_ec_key_from_pem and test_decrypt_invalid_decrypt, resolves rhbz#2171661 - -* Fri Jan 20 2023 Fedora Release Engineering - 37.0.2-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Fri Dec 09 2022 Christian Heimes - 37.0.2-6 -- Enable SHA1 signatures in test suite (ELN-only) - -* Wed Aug 17 2022 Miro Hrončok - 37.0.2-5 -- Drop unused requirement of python3-six - -* Fri Jul 22 2022 Fedora Release Engineering - 37.0.2-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Tue Jun 14 2022 Python Maint - 37.0.2-3 -- Rebuilt for Python 3.11 - -* Tue Jun 14 2022 Python Maint - 37.0.2-2 -- Bootstrap for Python 3.11 - -* Thu May 05 2022 Christian Heimes - 37.0.2-1 -- Update to 37.0.2, resolves rhbz#2078968 - -* Thu Jan 27 2022 Christian Heimes - 36.0.0-3 -- Skip unstable memleak tests, resolves: RHBZ#2042413 - -* Fri Jan 21 2022 Fedora Release Engineering - 36.0.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - -* Mon Nov 22 2021 Christian Heimes - 36.0.0-1 -- Update to 36.0.0, fixes RHBZ#2025347 - -* Thu Sep 30 2021 Christian Heimes - 35.0.0-2 -- Require rust-asn1 >= 0.6.4 - -* Thu Sep 30 2021 Christian Heimes - 35.0-1 -- Update to 35.0.0 (#2009117) - -* Tue Sep 14 2021 Sahana Prasad - 3.4.7-6 -- Rebuilt with OpenSSL 3.0.0 - -* Fri Jul 23 2021 Fedora Release Engineering - 3.4.7-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - -* Thu Jun 10 2021 Stephen Gallagher - 3.4.7-4 -- Don't conditionalize Source: directives - -* Wed Jun 02 2021 Python Maint - 3.4.7-3 -- Rebuilt for Python 3.10 - -* Tue May 11 2021 Christian Heimes - 3.4.7-2 -- Fix compatibility issue with Python 3.10. Enums now use same - representation as on Python 3.9. (#1952522) -- Backport OpenSSL 3.0.0 compatibility patches. - -* Wed Apr 21 2021 Christian Heimes - 3.4.7-1 -- Update to 3.4.7 -- Remove dependency on python-cryptography-vectors package and use vectors - directly from Github source tar ball. (#1952024) - -* Wed Mar 03 2021 Christian Heimes - 3.4.6-1 -- Update to 3.4.6 (#1927044) - -* Mon Feb 15 2021 Christian Heimes - 3.4.5-1 -- Update to 3.4.5 (#1927044) - -* Fri Feb 12 2021 Christian Heimes - 3.4.4-3 -- Skip iso8601 and pretend tests on RHEL - -* Fri Feb 12 2021 Christian Heimes - 3.4.4-2 -- Provide RHEL build infrastructure - -* Wed Feb 10 2021 Christian Heimes - 3.4.4-1 -- Update to 3.4.4 (#1927044) - -* Mon Feb 08 2021 Christian Heimes - 3.4.2-1 -- Update to 3.4.2 (#1926339) -- Package no longer depends on Rust (#1926181) - -* Mon Feb 08 2021 Fabio Valentini - 3.4.1-2 -- Use dynamically generated BuildRequires for PyO3 Rust module. -- Drop unnecessary CARGO_NET_OFFLINE environment variable. - -* Sun Feb 07 2021 Christian Heimes - 3.4.1-1 -- Update to 3.4.1 (#1925953) - -* Sun Feb 07 2021 Christian Heimes - 3.4-2 -- Add missing abi3 and pytest dependencies - -* Sun Feb 07 2021 Christian Heimes - 3.4-1 -- Update to 3.4 (#1925953) -- Remove Python 2 support -- Remove unused python-idna dependency -- Add Rust support - -* Wed Jan 27 2021 Fedora Release Engineering - 3.3.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Thu Dec 10 2020 Christian Heimes - 3.3.1-1 -- Update to 3.3.1 (#1905756) - -* Wed Oct 28 2020 Christian Heimes - 3.2.1-1 -- Update to 3.2.1 (#1892153) - -* Mon Oct 26 2020 Christian Heimes - 3.2-1 -- Update to 3.2 (#1891378) - -* Mon Sep 07 2020 Christian Heimes - 3.1-1 -- Update to 3.1 (#1872978) - -* Wed Jul 29 2020 Fedora Release Engineering - 3.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Tue Jul 21 2020 Christian Heimes - 3.0-1 -- Update to 3.0 (#185897) - -* Sat May 23 2020 Miro Hrončok - 2.9-3 -- Rebuilt for Python 3.9 - -* Tue May 12 2020 Felix Schwarz - 2.9-2 -- add source file verification - -* Fri Apr 03 2020 Christian Heimes - 2.9-1 -- Update to 2.9 (#1820348) - -* Thu Jan 30 2020 Fedora Release Engineering - 2.8-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Mon Jan 13 2020 Christian Heimes - 2.8-2 -- cryptography 2.8+ no longer depends on python-asn1crypto - -* Thu Oct 17 2019 Christian Heimes - 2.8-1 -- Update to 2.8 -- Resolves: rhbz#1762779 - -* Sun Oct 13 2019 Christian Heimes - 2.7-3 -- Skip unit tests that fail with OpenSSL 1.1.1.d -- Resolves: rhbz#1761194 -- Fix and simplify Python 3 packaging - -* Sat Oct 12 2019 Christian Heimes - 2.7-2 -- Drop Python 2 package -- Resolves: rhbz#1761081 - -* Tue Sep 03 2019 Randy Barlow - 2.7-1 -- Update to 2.7 (#1715680). - -* Fri Aug 16 2019 Miro Hrončok - 2.6.1-3 -- Rebuilt for Python 3.8 - -* Fri Jul 26 2019 Fedora Release Engineering - 2.6.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Thu Feb 28 2019 Christian Heimes - 2.6.1-1 -- New upstream release 2.6.1, resolves RHBZ#1683691 - -* Wed Feb 13 2019 Alfredo Moralejo - 2.5-1 -- Updated to 2.5. - -* Sat Feb 02 2019 Fedora Release Engineering - 2.3-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Mon Aug 13 2018 Christian Heimes - 2.3-2 -- Use TLSv1.2 in test as workaround for RHBZ#1615143 - -* Wed Jul 18 2018 Christian Heimes - 2.3-1 -- New upstream release 2.3 -- Fix AEAD tag truncation bug, RHBZ#1602752 - -* Fri Jul 13 2018 Fedora Release Engineering - 2.2.1-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Fri Jun 15 2018 Miro Hrončok - 2.2.1-2 -- Rebuilt for Python 3.7 - -* Wed Mar 21 2018 Christian Heimes - 2.2.1-1 -- New upstream release 2.2.1 - -* Sun Feb 18 2018 Christian Heimes - 2.1.4-1 -- New upstream release 2.1.4 - -* Sun Feb 18 2018 Christian Heimes - 2.1.3-4 -- Build requires gcc - -* Mon Feb 12 2018 Iryna Shcherbina - 2.1.3-3 -- Update Python 2 dependency declarations to new packaging standards - (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) - -* Fri Feb 09 2018 Fedora Release Engineering - 2.1.3-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild diff --git a/conftest-skipper.py b/conftest-skipper.py deleted file mode 100644 index 5a1de83..0000000 --- a/conftest-skipper.py +++ /dev/null @@ -1,22 +0,0 @@ - -class Skipper: - """Skip iso8601 and pretend tests - - RHEL buildroot doesn't have python-iso8601 and python-pretend. Skip - all tests that use the excluded modules. - """ - - def parse_date(self, datestring): - pytest.skip(f"iso8601 module is not available.") - - def stub(self, **kwargs): - pytest.skip(f"pretend module is not available.") - - def raiser(self, exc): - pytest.skip(f"pretend module is not available.") - - -import sys - -sys.modules["iso8601"] = sys.modules["pretend"] = Skipper() - diff --git a/python-cryptography.spec b/python-cryptography.spec index 16b4d7e..4076051 100644 --- a/python-cryptography.spec +++ b/python-cryptography.spec @@ -1,154 +1,280 @@ -%bcond_without tests +%if 0%{?fedora} > 20 +%global with_python3 1 +%else +%{!?__python2: %global __python2 /usr/bin/python2} +%{!?python2_sitearch: %global python2_sitearch %(%{__python2} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")} +%endif %{!?python3_pkgversion:%global python3_pkgversion 3} %global srcname cryptography Name: python-%{srcname} -Version: 45.0.4 -Release: %autorelease +Version: 2.0.2 +Release: 2%{?dist} Summary: PyCA's cryptography library -# cryptography is dual licensed under the Apache-2.0 and BSD-3-Clause, -# as well as the Python Software Foundation license for the OS random -# engine derived by CPython. -# Rust crate dependency licenses: -# Apache-2.0 -# Apache-2.0 OR MIT -# BSD-3-Clause -# MIT -# MIT OR Apache-2.0 -License: (Apache-2.0 OR BSD-3-Clause) AND PSF-2.0 AND Apache-2.0 AND BSD-3-Clause AND MIT AND (MIT OR Apache-2.0) +Group: Development/Libraries +License: ASL 2.0 or BSD URL: https://cryptography.io/en/latest/ -Source0: https://github.com/pyca/cryptography/archive/%{version}/%{srcname}-%{version}.tar.gz - # created by ./vendor_rust.py helper script -Source1: cryptography-%{version}-vendor.tar.bz2 -Source2: conftest-skipper.py - -ExclusiveArch: %{rust_arches} +Source0: https://pypi.io/packages/source/c/%{srcname}/%{srcname}-%{version}.tar.gz BuildRequires: openssl-devel -BuildRequires: gcc -BuildRequires: gnupg2 -%if 0%{?fedora} -BuildRequires: rust-packaging -%else -BuildRequires: rust-toolset -%endif -BuildRequires: python%{python3_pkgversion}-cffi >= 1.12 +BuildRequires: python2-devel +BuildRequires: python2-pytest +BuildRequires: python2-setuptools +BuildRequires: python-pretend +BuildRequires: python2-iso8601 +BuildRequires: python2-cryptography-vectors = %{version} +BuildRequires: python2-asn1crypto >= 0.21 +BuildRequires: python2-hypothesis >= 1.11.4 +BuildRequires: pytz + +BuildRequires: python2-idna >= 2.1 +BuildRequires: python2-six >= 1.4.1 +BuildRequires: python2-cffi >= 1.7 +BuildRequires: python-enum34 +BuildRequires: python-ipaddress + +%if 0%{?with_python3} BuildRequires: python%{python3_pkgversion}-devel +BuildRequires: python%{python3_pkgversion}-pytest >= 2.9 BuildRequires: python%{python3_pkgversion}-setuptools -BuildRequires: python%{python3_pkgversion}-setuptools-rust >= 0.11.4 - -%if %{with tests} -%if 0%{?fedora} -BuildRequires: python%{python3_pkgversion}-certifi -BuildRequires: python%{python3_pkgversion}-hypothesis >= 1.11.4 -BuildRequires: python%{python3_pkgversion}-iso8601 BuildRequires: python%{python3_pkgversion}-pretend -BuildRequires: python%{python3_pkgversion}-pytest-benchmark -BuildRequires: python%{python3_pkgversion}-pytest-xdist -%endif -BuildRequires: python%{python3_pkgversion}-pytest >= 6.2.0 +BuildRequires: python%{python3_pkgversion}-iso8601 +BuildRequires: python%{python3_pkgversion}-cryptography-vectors = %{version} +BuildRequires: python%{python3_pkgversion}-asn1crypto >= 0.21 +BuildRequires: python%{python3_pkgversion}-hypothesis >= 1.11.4 +BuildRequires: python%{python3_pkgversion}-pytz + +BuildRequires: python%{python3_pkgversion}-idna >= 2.1 +BuildRequires: python%{python3_pkgversion}-six >= 1.4.1 +BuildRequires: python%{python3_pkgversion}-cffi >= 1.7 %endif %description cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. +%package -n python2-%{srcname} +Group: Development/Libraries +Summary: PyCA's cryptography library + +%if 0%{?fedora} +%{?python_provide:%python_provide python2-%{srcname}} +%else +Provides: python-%{srcname} +%endif + +Requires: openssl +Requires: python2-idna >= 2.1 +Requires: python2-asn1crypto >= 0.21 +Requires: python2-six >= 1.4.1 +Requires: python2-cffi >= 1.7 +Requires: python-enum34 +Requires: python-ipaddress + +%description -n python2-%{srcname} +cryptography is a package designed to expose cryptographic primitives and +recipes to Python developers. + +%if 0%{?with_python3} %package -n python%{python3_pkgversion}-%{srcname} +Group: Development/Libraries Summary: PyCA's cryptography library %{?python_provide:%python_provide python%{python3_pkgversion}-%{srcname}} -Requires: openssl-libs -%if 0%{?fedora} >= 35 || 0%{?rhel} >= 9 -# Can be safely removed in Fedora 37 -Obsoletes: python%{python3_pkgversion}-cryptography-vectors < 3.4.7 -%endif +Requires: openssl +Requires: python%{python3_pkgversion}-idna >= 2.1 +Requires: python%{python3_pkgversion}-asn1crypto >= 0.21 +Requires: python%{python3_pkgversion}-six >= 1.4.1 +Requires: python%{python3_pkgversion}-cffi >= 1.7 %description -n python%{python3_pkgversion}-%{srcname} cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. +%endif %prep -%autosetup -p1 %{!?fedora:-a1} -n %{srcname}-%{version} -%if 0%{?fedora} -%cargo_prep -sed -i 's/locked = true//g' pyproject.toml -%else -# RHEL: use vendored Rust crates -%cargo_prep -v vendor +%autosetup -p1 -n %{srcname}-%{version} + +%if 0%{?with_python3} +rm -rf %{py3dir} +cp -a . %{py3dir} +find %{py3dir} -name '*.py' | xargs sed -i '1s|^#!/usr/bin/python|#!%{__python3}|' %endif -%if ! 0%{?fedora} -sed -i 's,--benchmark-disable,,' pyproject.toml -%endif - - -%generate_buildrequires -%pyproject_buildrequires -%if 0%{?fedora} -# Fedora: use RPMified crates -%cargo_generate_buildrequires -%endif - - %build -export RUSTFLAGS="%build_rustflags" -export OPENSSL_NO_VENDOR=1 -export CFLAGS="${CFLAGS} -DOPENSSL_NO_ENGINE=1 " -%pyproject_wheel - -%cargo_license_summary -%{cargo_license} > LICENSE.dependencies -%if ! 0%{?fedora} -%cargo_vendor_manifest -%endif - +%if 0%{?fedora} +%py2_build +%if 0%{?with_python3} +pushd %{py3dir} +%py3_build +popd +%endif # with_python3 +%else +%{__python2} setup.py build +%endif # fedora %install # Actually other *.c and *.h are appropriate # see https://github.com/pyca/cryptography/issues/1463 find . -name .keep -print -delete -find . -name Cargo.toml -print -delete -%pyproject_install -%pyproject_save_files %{srcname} + +%if 0%{?fedora} +%py2_install +%if 0%{?with_python3} +pushd %{py3dir} +%py3_install +popd +%endif # with_python3 +%else +%{__python2} setup.py install --skip-build --prefix=%{_prefix} --root %{buildroot} +%endif # fedora %check -%if %{with tests} -%if 0%{?rhel} -# skip benchmark and hypothesis tests on RHEL -rm -rf tests/bench tests/hypothesis -# append skipper to skip iso8601 and pretend tests -cat < %{SOURCE2} >> tests/conftest.py -%endif +# workaround for pytest 3.2.0 bug https://github.com/pytest-dev/pytest/issues/2644 +rm -f tests/hazmat/primitives/test_padding.py +%{__python} setup.py test -# enable SHA-1 signatures for RSA tests -# also see https://github.com/pyca/cryptography/pull/6931 and rhbz#2060343 -export OPENSSL_ENABLE_SHA1_SIGNATURES=yes - -# see https://github.com/pyca/cryptography/issues/4885 and -# see https://bugzilla.redhat.com/show_bug.cgi?id=1761194 for deselected tests -# see rhbz#2042413 for memleak. It's unstable under Python 3.11 and makes -# not much sense for downstream testing. -# see rhbz#2171661 for test_load_invalid_ec_key_from_pem: error:030000CD:digital envelope routines::keymgmt export failure -PYTHONPATH=${PWD}/vectors:%{buildroot}%{python3_sitearch} \ - %{__python3} -m pytest \ - --ignore vendor \ - -k "not (test_buffer_protocol_alternate_modes or test_dh_parameters_supported or test_load_ecdsa_no_named_curve or test_decrypt_invalid_decrypt or test_openssl_memleak or test_load_invalid_ec_key_from_pem)" +%if 0%{?with_python3} +pushd %{py3dir} +# workaround for pytest 3.2.0 bug https://github.com/pytest-dev/pytest/issues/2644 +rm -f tests/hazmat/primitives/test_padding.py +%{__python3} setup.py test +popd %endif -%files -n python%{python3_pkgversion}-%{srcname} -f %{pyproject_files} +%files -n python2-%{srcname} +%doc LICENSE LICENSE.APACHE LICENSE.BSD README.rst docs +%{python2_sitearch}/%{srcname} +%{python2_sitearch}/%{srcname}-%{version}-py*.egg-info + + +%if 0%{?with_python3} +%files -n python%{python3_pkgversion}-%{srcname} %doc README.rst docs %license LICENSE LICENSE.APACHE LICENSE.BSD -%license LICENSE.dependencies -%if ! 0%{?fedora} -%license cargo-vendor.txt +%{python3_sitearch}/* +%{python3_sitearch}/%{srcname}-%{version}-py*.egg-info %endif %changelog -%autochangelog +* Thu Aug 03 2017 Christian Heimes - 2.0.2-2 +- Add workaround for pytest bug + +* Thu Aug 03 2017 Christian Heimes - 2.0.2-1 +- New upstream release 2.0.2 +- Modernize spec + +* Thu Aug 03 2017 Fedora Release Engineering - 1.9-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 1.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Tue Jun 27 2017 Christian Heimes - 1.9-1 +- Upstream release 1.9 + +* Wed Feb 15 2017 Christian Heimes - 1.7.2-1 +- Update to latest upstream + +* Sat Feb 11 2017 Fedora Release Engineering - 1.7.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Jan 05 2017 Matěj Cepl - 1.7.1-1 +- Update to the latest upstream. +- Add a patch from https://github.com/pyca/cryptography/pull/3328 + +* Tue Dec 13 2016 Charalampos Stratakis - 1.5.3-5 +- Enable tests + +* Mon Dec 12 2016 Charalampos Stratakis - 1.5.3-4 +- Rebuild for Python 3.6 +- Disable python3 tests for now + +* Thu Nov 10 2016 Nathaniel McCallum - 1.5.3-3 +- Revert previous change + +* Thu Nov 10 2016 Nathaniel McCallum - 1.5.3-2 +- Disable tests on releases earlier than 24 + +* Mon Nov 07 2016 Nathaniel McCallum - 1.5.3-1 +- Update to v1.5.3 +- Update source URL +- Add BR for pytz + +* Tue Jul 19 2016 Fedora Release Engineering - 1.3.1-4 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Tue May 10 2016 Nathaniel McCallum - 1.3.1-3 +- Remove versioned setuptools dependency + +* Tue May 10 2016 Nathaniel McCallum - 1.3.1-2 +- Make it easier to build on EL7 + +* Tue May 03 2016 Nathaniel McCallum - 1.3.1-1 +- Update to v1.3.1 + +* Thu Feb 04 2016 Fedora Release Engineering - 1.2.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Jan 11 2016 Nathaniel McCallum - 1.2.1-2 +- Move python-cryptograph => python2-cryptography + +* Sat Jan 09 2016 Nathaniel McCallum - 1.2.1-1 +- Update to v1.2.1 + +* Wed Nov 11 2015 Robert Kuska - 1.1-1 +- Update to v1.1 + +* Wed Nov 04 2015 Robert Kuska - 1.0.2-2 +- Rebuilt for Python3.5 rebuild + +* Wed Sep 30 2015 Matěj Cepl - 1.0.2-1 +- New upstream release (fix #1267548) + +* Wed Aug 12 2015 Nathaniel McCallum - 1.0-1 +- New upstream release + +* Thu Jun 18 2015 Fedora Release Engineering - 0.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Thu May 14 2015 Nathaniel McCallum - 0.9-1 +- New upstream release +- Run tests on RHEL +- New deps: python-idna, python-ipaddress + +* Fri Apr 17 2015 Nathaniel McCallum - 0.8.2-1 +- New upstream release +- Add python3-pyasn1 Requires (#1211073) + +* Tue Apr 14 2015 Matej Cepl - 0.8-2 +- Add python-pyasn1 Requires (#1211073) + +* Fri Mar 13 2015 Nathaniel McCallum - 0.8-1 +- New upstream release +- Remove upstreamed patch + +* Wed Mar 04 2015 Nathaniel McCallum - 0.7.2-2 +- Add python3-cryptography-vectors build requires +- Add python-enum34 requires + +* Tue Feb 03 2015 Nathaniel McCallum - 0.7.2-1 +- New upstream release. BSD is now an optional license. +- Fix test running on python3 +- Add upstream patch to fix test paths + +* Fri Nov 07 2014 Matej Cepl - 0.6.1-2 +- Fix requires, for reasons why other development files were not + eliminated see https://github.com/pyca/cryptography/issues/1463. + +* Wed Nov 05 2014 Matej Cepl - 0.6.1-1 +- New upstream release. + +* Sun Jun 29 2014 Terry Chia 0.4-1 +- initial version diff --git a/sources b/sources index e79ea50..1e58366 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -SHA512 (cryptography-45.0.4.tar.gz) = 08b35f414d81f83ee242f5d208f8aabc12dc53f1a0cbffc5be1ed7f9173e9c9863225a7eb5cff4e9f3dacf5e9fcb3e8701e33c441e1562ee13f9e3927fafb3df -SHA512 (cryptography-45.0.4-vendor.tar.bz2) = 5ff616412e65bd342d2b98110d0b058aaa1719ddf0d1a1164b49451b8f5bc49def81cf4913b6b4c2917f28a33cef28a74ad4391b303c2e36752b81f491a4da06 +SHA512 (cryptography-2.0.2.tar.gz) = a71219ff52006a7c8bf1553d0f132c747566c630281ef89aac40c65b193b1f0074fc9cda1de7057c76b452113dfb6188c83baef3ed9c05ff18adbc8b7bba646b diff --git a/vendor_rust.py b/vendor_rust.py deleted file mode 100755 index eb53abd..0000000 --- a/vendor_rust.py +++ /dev/null @@ -1,112 +0,0 @@ -#!/usr/bin/python3 -"""Vendor PyCA cryptography's Rust crates -""" -import argparse -import os -import re -import tarfile -import tempfile -import shutil -import subprocess -import sys - -VENDOR_DIR = "vendor" -CARGO_TOML = "src/rust/Cargo.toml" -RE_VERSION = re.compile(r"Version:\s*(.*)") - -parser = argparse.ArgumentParser(description="Vendor Rust packages") -parser.add_argument( - "--spec", default="python-cryptography.spec", help="cryptography source tar bundle" -) - - -def cargo(cmd, manifest): - args = ["cargo", cmd, f"--manifest-path={manifest}"] - return subprocess.check_call( - args, stdout=subprocess.DEVNULL, stderr=sys.stderr, env={} - ) - - -def tar_reset(tarinfo): - """Reset user, group, mtime, and mode to create reproducible tar""" - tarinfo.uid = 0 - tarinfo.gid = 0 - tarinfo.uname = "root" - tarinfo.gname = "root" - tarinfo.mtime = 0 - if tarinfo.type == tarfile.DIRTYPE: - tarinfo.mode = 0o755 - else: - tarinfo.mode = 0o644 - if tarinfo.pax_headers: - raise ValueError(tarinfo.name, tarinfo.pax_headers) - return tarinfo - - -def tar_reproducible(tar, basedir): - """Create reproducible tar file""" - - content = [basedir] - for root, dirs, files in os.walk(basedir): - for directory in dirs: - content.append(os.path.join(root, directory)) - for filename in files: - content.append(os.path.join(root, filename)) - content.sort() - - for fn in content: - tar.add(fn, filter=tar_reset, recursive=False, arcname=fn) - - -def main(): - args = parser.parse_args() - spec = args.spec - - # change cwd to work in bundle directory - here = os.path.dirname(os.path.abspath(spec)) - os.chdir(here) - - # extract version number from bundle name - with open(spec) as f: - for line in f: - mo = RE_VERSION.search(line) - if mo is not None: - version = mo.group(1) - break - else: - raise ValueError(f"Cannot find version in {spec}") - - bundle_file = f"cryptography-{version}.tar.gz" - vendor_file = f"cryptography-{version}-vendor.tar.bz2" - - # remove existing vendor directory and file - if os.path.isdir(VENDOR_DIR): - shutil.rmtree(VENDOR_DIR) - try: - os.unlink(vendor_file) - except FileNotFoundError: - pass - - print(f"Getting crates for {bundle_file}", file=sys.stderr) - - # extract tar file in tempdir - # fetch and vendor Rust crates - with tempfile.TemporaryDirectory(dir=here) as tmp: - with tarfile.open(bundle_file) as tar: - tar.extractall(path=tmp) - manifest = os.path.join(tmp, f"cryptography-{version}", CARGO_TOML) - cargo("fetch", manifest) - cargo("vendor", manifest) - - print("\nCreating tar ball...", file=sys.stderr) - with tarfile.open(vendor_file, "x:bz2") as tar: - tar_reproducible(tar, VENDOR_DIR) - - # remove vendor dir - shutil.rmtree(VENDOR_DIR) - - parser.exit(0, f"Created {vendor_file}\n") - - -if __name__ == "__main__": - main()