The python-cryptography rpms
f06f4c2804This update includes two backwards-incompatible changes with v44:
- Made SSH private key loading more consistent with other private key
loading:
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`
now raises a TypeError if the key is unencrypted but a password is
provided (previously no exception was raised), and raises a
TypeError if the key is encrypted but no password is provided
(previously a ValueError was raised).
- The :meth:`VerifiedClient.subject
<cryptography.x509.verification.VerifiedClient.subjects>` property
can now be None since a custom extension policy may allow
certificates without a Subject Alternative Name extension.
Full changelog: https://github.com/pyca/cryptography/blob/45.0.2/CHANGELOG.rst
|
||
|---|---|---|
| .gitignore | ||
| changelog | ||
| conftest-skipper.py | ||
| python-cryptography.spec | ||
| README.md | ||
| sources | ||
| vendor_rust.py | ||
PyCA cryptography
https://cryptography.io/en/latest/
Packaging python-cryptography
The example assumes
- Fedora Rawhide (f34)
- PyCA cryptography release
3.4 - Update Bugzilla issue is
RHBZ#00000001
Build new python-cryptography
Switch and update branch
fedpkg switch-branch rawhide
fedpkg pull
Bump version and get sources
rpmdev-bumpspec -c "Update to 3.4 (#00000001)" -n 3.4 python-cryptography.spec
spectool -gf python-cryptography.spec
Upload new source
fedpkg new-sources cryptography-3.4.tar.gz
Commit changes
fedpkg commit --clog
fedpkg push
Build
fedpkg build
RHEL/CentOS builds
RHEL and CentOS use a different approach for Rust crates packaging than
Fedora. On Fedora Rust dependencies are packaged as RPMs, e.g.
rust-pyo3+default-devel RPM. These packages don't exist on RHEL and
CentOS. Instead python-cryptography uses a tar ball with vendored crates.
The tar ball is created by a script:
./vendor_rust.py
rhpkg upload cryptography-3.4-vendor.tar.bz2