Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-asyncssh for openSUSE:Factory
checked in at 2023-01-25 17:44:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-asyncssh (Old)
and /work/SRC/openSUSE:Factory/.python-asyncssh.new.32243 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-asyncssh"
Wed Jan 25 17:44:23 2023 rev:21 rq:1060882 version:2.13.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-asyncssh/python-asyncssh.changes
2023-01-06 17:06:35.416529978 +0100
+++
/work/SRC/openSUSE:Factory/.python-asyncssh.new.32243/python-asyncssh.changes
2023-01-25 17:54:09.111578837 +0100
@@ -1,0 +2,6 @@
+Wed Jan 25 12:18:38 UTC 2023 - Daniel Garcia <daniel.gar...@suse.com>
+
+- Add remove-sha1.patch to make it compatible with latests versions of
+ cryptography gh#ronf/asyncssh@fae5a9e8baad
+
+-------------------------------------------------------------------
New:
----
remove-sha1.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-asyncssh.spec ++++++
--- /var/tmp/diff_new_pack.ilOmCr/_old 2023-01-25 17:54:09.823582637 +0100
+++ /var/tmp/diff_new_pack.ilOmCr/_new 2023-01-25 17:54:09.835582701 +0100
@@ -16,7 +16,6 @@
#
-%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%define skip_python2 1
%define skip_python36 1
Name: python-asyncssh
@@ -28,6 +27,8 @@
URL: https://github.com/ronf/asyncssh
Source:
https://files.pythonhosted.org/packages/source/a/asyncssh/asyncssh-%{version}.tar.gz
Patch0: gss_test.patch
+# PATCH-FIX-UPSTREAM remove-sha1.patch gh#ronf/asyncssh@fae5a9e8baad
+Patch1: remove-sha1.patch
# SECTION test requirements
BuildRequires: %{python_module bcrypt >= 3.1.3}
BuildRequires: %{python_module cryptography >= 2.8}
@@ -75,6 +76,7 @@
%files %{python_files}
%license LICENSE COPYRIGHT
%doc README.rst
-%{python_sitelib}/*
+%{python_sitelib}/asyncssh
+%{python_sitelib}/asyncssh-%{version}*-info
%changelog
++++++ gss_test.patch ++++++
--- /var/tmp/diff_new_pack.ilOmCr/_old 2023-01-25 17:54:09.871582893 +0100
+++ /var/tmp/diff_new_pack.ilOmCr/_new 2023-01-25 17:54:09.915583129 +0100
@@ -2,9 +2,11 @@
tests/test_connection.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
---- a/tests/test_connection.py
-+++ b/tests/test_connection.py
-@@ -1470,7 +1470,7 @@ class _TestConnectionAsyncAcceptor(Serve
+Index: asyncssh-2.13.0/tests/test_connection.py
+===================================================================
+--- asyncssh-2.13.0.orig/tests/test_connection.py
++++ asyncssh-2.13.0/tests/test_connection.py
+@@ -1546,7 +1546,7 @@ class _TestConnectionAsyncAcceptor(Serve
conn.logger.info('Acceptor called')
++++++ remove-sha1.patch ++++++
>From fae5a9e8baad8bd505b43e14fc13b9010789865c Mon Sep 17 00:00:00 2001
From: Ron Frederick <r...@timeheart.net>
Date: Sat, 7 Jan 2023 21:02:01 -0800
Subject: [PATCH] Handle elimination of SHA-1 for digital signatures in
cryptograhy 39.0.0
This commit changes the default X.509 signature algorithm for DSA and
some unit test code to avoid attempting to use SHA-1 for X.509 certificate
signing, as this is no longer allowed in cryptography 39.0.0.
---
asyncssh/dsa.py | 2 +-
asyncssh/ecdsa.py | 2 +-
asyncssh/public_key.py | 4 ++--
asyncssh/rsa.py | 2 +-
tests/test_public_key.py | 2 +-
5 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/asyncssh/dsa.py b/asyncssh/dsa.py
index d3f95196..1972e1d0 100644
--- a/asyncssh/dsa.py
+++ b/asyncssh/dsa.py
@@ -41,7 +41,7 @@ class _DSAKey(SSHKey):
_key: Union[DSAPrivateKey, DSAPublicKey]
algorithm = b'ssh-dss'
- default_hash_name = 'sha1'
+ default_x509_hash = 'sha256'
pem_name = b'DSA'
pkcs8_oid = ObjectIdentifier('1.2.840.10040.4.1')
sig_algorithms = (algorithm,)
diff --git a/asyncssh/ecdsa.py b/asyncssh/ecdsa.py
index 25bad399..57d8d821 100644
--- a/asyncssh/ecdsa.py
+++ b/asyncssh/ecdsa.py
@@ -54,7 +54,7 @@ class _ECKey(SSHKey):
_key: Union[ECDSAPrivateKey, ECDSAPublicKey]
- default_hash_name = 'sha256'
+ default_x509_hash = 'sha256'
pem_name = b'EC'
pkcs8_oid = ObjectIdentifier('1.2.840.10045.2.1')
diff --git a/asyncssh/public_key.py b/asyncssh/public_key.py
index 75672ed4..a744b3d7 100644
--- a/asyncssh/public_key.py
+++ b/asyncssh/public_key.py
@@ -240,7 +240,7 @@ class SSHKey:
sig_algorithms: Sequence[bytes] = ()
x509_algorithms: Sequence[bytes] = ()
all_sig_algorithms: Set[bytes] = set()
- default_hash_name: str = ''
+ default_x509_hash: str = ''
pem_name: bytes = b''
pkcs8_oid: Optional[ObjectIdentifier] = None
use_executor: bool = False
@@ -385,7 +385,7 @@ def _generate_x509_certificate(self, key: 'SSHKey',
subject: str,
'valid after time')
if hash_name == ():
- hash_name = key.default_hash_name
+ hash_name = key.default_x509_hash
if comment == ():
comment = key.get_comment_bytes()
diff --git a/asyncssh/rsa.py b/asyncssh/rsa.py
index 09edc59d..ccfbaa2d 100644
--- a/asyncssh/rsa.py
+++ b/asyncssh/rsa.py
@@ -52,7 +52,7 @@ class RSAKey(SSHKey):
_key: Union[RSAPrivateKey, RSAPublicKey]
algorithm = b'ssh-rsa'
- default_hash_name = 'sha256'
+ default_x509_hash = 'sha256'
pem_name = b'RSA'
pkcs8_oid = ObjectIdentifier('1.2.840.113549.1.1.1')
sig_algorithms = (b'rsa-sha2-256', b'rsa-sha2-512',
diff --git a/tests/test_public_key.py b/tests/test_public_key.py
index ad288203..091531a4 100644
--- a/tests/test_public_key.py
+++ b/tests/test_public_key.py
@@ -2358,7 +2358,7 @@ def test_x509_certificate_hashes(self):
privkey = get_test_key('ssh-rsa')
pubkey = privkey.convert_to_public()
- for hash_alg in ('sha1', 'sha256', 'sha512'):
+ for hash_alg in ('sha256', 'sha512'):
cert = privkey.generate_x509_user_certificate(
pubkey, 'OU=user', hash_alg=hash_alg)
