From 2c63c933d1e7faea9fbf858a6c00cf88be0a43e0 Mon Sep 17 00:00:00 2001 From: zhuchunyi Date: Wed, 6 Nov 2019 19:48:59 +0800 Subject: [PATCH] update code --- ...t-assume-TLSv1-is-available-in-OpenS.patch | 20 +++--------- python-cryptography.spec | 31 +++++++++++++++---- sigh-missed-one-TLSv1-4392.patch | 26 ++++++++++++++++ 3 files changed, 56 insertions(+), 21 deletions(-) rename 0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch => Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch (75%) create mode 100644 sigh-missed-one-TLSv1-4392.patch diff --git a/0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch b/Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch similarity index 75% rename from 0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch rename to Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch index 288d3fb..cd4d210 100644 --- a/0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch +++ b/Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch @@ -1,4 +1,4 @@ -From 2716cd2fa55cc867656a3e797797f5a1386afd69 Mon Sep 17 00:00:00 2001 +From 525b6547e918e12c45119685d2e208aa0e51c4c9 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 12 Aug 2018 15:48:24 -0400 Subject: [PATCH] Fixed #4380 -- do not assume TLSv1 is available in OpenSSL @@ -11,8 +11,8 @@ Hallelujah! It's starting to become the case that some OpenSSLs are disabling it * cover this file as well --- tests/hazmat/backends/test_openssl.py | 2 +- - tests/hazmat/bindings/test_openssl.py | 9 ++++++--- - 2 files changed, 7 insertions(+), 4 deletions(-) + tests/hazmat/bindings/test_openssl.py | 6 ++++-- + 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 31b34cd0..e77f5dc3 100644 @@ -28,7 +28,7 @@ index 31b34cd0..e77f5dc3 100644 assert ctx != backend._ffi.NULL backend._lib.SSL_CTX_free(ctx) diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py -index 488f64e1..f317f07f 100644 +index 488f64e1..c0dbc9ba 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -37,7 +37,8 @@ class TestOpenSSL(object): @@ -47,20 +47,10 @@ index 488f64e1..f317f07f 100644 assert b.lib.SSL_OP_ALL > 0 - ctx = b.lib.SSL_CTX_new(b.lib.TLSv1_method()) + ctx = b.lib.SSL_CTX_new(b.lib.SSLv23_method()) -+ assert ctx != b.ffi.NULL - ctx = b.ffi.gc(ctx, b.lib.SSL_CTX_free) - ssl = b.lib.SSL_new(ctx) - ssl = b.ffi.gc(ssl, b.lib.SSL_free) -@@ -63,7 +65,8 @@ class TestOpenSSL(object): - # Test that we're properly handling 32-bit unsigned on all platforms. - b = Binding() - assert b.lib.SSL_OP_ALL > 0 -- ctx = b.lib.SSL_CTX_new(b.lib.TLSv1_method()) -+ ctx = b.lib.SSL_CTX_new(b.lib.SSLv23_method()) + assert ctx != b.ffi.NULL ctx = b.ffi.gc(ctx, b.lib.SSL_CTX_free) ssl = b.lib.SSL_new(ctx) ssl = b.ffi.gc(ssl, b.lib.SSL_free) -- -2.17.1 +2.19.1 diff --git a/python-cryptography.spec b/python-cryptography.spec index f82fcb5..fcc6425 100644 --- a/python-cryptography.spec +++ b/python-cryptography.spec @@ -1,11 +1,12 @@ Name: python-cryptography Version: 2.3 -Release: 3 +Release: 5 Summary: a package designed to expose cryptographic primitives and recipes to Python developers. License: ASL 2.0 or BSD URL: https://cryptography.io Source0: https://pypi.io/packages/source/c/cryptography/cryptography-2.3.tar.gz -Patch0001: 0001-Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch +Patch6000: Fixed-4380-do-not-assume-TLSv1-is-available-in-OpenS.patch +Patch6001: sigh-missed-one-TLSv1-4392.patch BuildRequires: openssl-devel gcc python2-devel python2-pytest >= 3.2.1 BuildRequires: python2-setuptools python2-pretend python2-iso8601 @@ -18,6 +19,7 @@ BuildRequires: python3-pytest >= 3.2.1 python3-pytz python3-idna >= 2.1 BuildRequires: python3-cryptography-vectors = %{version} python3-six >= 1.4.1 BuildRequires: python3-asn1crypto >= 0.21 python3-hypothesis >= 1.11.4 BuildRequires: python3-cffi >= 1.7 +BuildRequires: procps-ng net-tools openssl python2-pycparser python3-pycparser %description cryptography is a package which provides cryptographic recipes and primitives @@ -75,15 +77,23 @@ rm -f tests/hazmat/primitives/test_padding.py %{__python3} setup.py test popd +%pre + +%preun + +%post + +%postun + %files -n python2-cryptography %doc README.rst -%license LICENSE LICENSE.APACHE LICENSE.BSD +%license LICENSE LICENSE.APACHE LICENSE.BSD AUTHORS.rst %{python2_sitearch}/cryptography %{python2_sitearch}/cryptography-%{version}-py*.egg-info %files -n python3-cryptography %doc README.rst -%license LICENSE LICENSE.APACHE LICENSE.BSD +%license LICENSE LICENSE.APACHE LICENSE.BSD AUTHORS.rst %{python3_sitearch}/* %{python3_sitearch}/cryptography-%{version}-py*.egg-info @@ -91,5 +101,14 @@ popd %doc docs %changelog -* Sat Sep 14 2019 openEuler Buildteam - 2.7-1 -- Package init +* Tue Oct 22 2019 openEuler Buildteam - 2.3-5 +- Package rebuild. + +* Sat Oct 19 2019 openEuler Buildteam - 2.3-4 +- Type: enhancement +- ID: NA +- SUG: NA +- DESC: fix build failed. + +* Sat Sep 14 2019 openEuler Buildteam - 2.3-3 +- Package init. diff --git a/sigh-missed-one-TLSv1-4392.patch b/sigh-missed-one-TLSv1-4392.patch new file mode 100644 index 0000000..058dcff --- /dev/null +++ b/sigh-missed-one-TLSv1-4392.patch @@ -0,0 +1,26 @@ +From b1aad8f273dfec7641b31bfbeaebfb921e27122a Mon Sep 17 00:00:00 2001 +From: Alex Gaynor +Date: Sun, 12 Aug 2018 17:39:32 -0400 +Subject: [PATCH] sigh, missed one TLSv1 (#4392) + +--- + tests/hazmat/bindings/test_openssl.py | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py +index c0dbc9ba..f317f07f 100644 +--- a/tests/hazmat/bindings/test_openssl.py ++++ b/tests/hazmat/bindings/test_openssl.py +@@ -65,7 +65,8 @@ class TestOpenSSL(object): + # Test that we're properly handling 32-bit unsigned on all platforms. + b = Binding() + assert b.lib.SSL_OP_ALL > 0 +- ctx = b.lib.SSL_CTX_new(b.lib.TLSv1_method()) ++ ctx = b.lib.SSL_CTX_new(b.lib.SSLv23_method()) ++ assert ctx != b.ffi.NULL + ctx = b.ffi.gc(ctx, b.lib.SSL_CTX_free) + ssl = b.lib.SSL_new(ctx) + ssl = b.ffi.gc(ssl, b.lib.SSL_free) +-- +2.19.1 +