Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-pynitrokey for openSUSE:Factory checked in at 2024-01-07 21:40:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-pynitrokey (Old) and /work/SRC/openSUSE:Factory/.python-pynitrokey.new.28375 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-pynitrokey" Sun Jan 7 21:40:42 2024 rev:7 rq:1137391 version:0.4.44 Changes: -------- --- /work/SRC/openSUSE:Factory/python-pynitrokey/python-pynitrokey.changes 2023-12-04 23:01:29.591582306 +0100 +++ /work/SRC/openSUSE:Factory/.python-pynitrokey.new.28375/python-pynitrokey.changes 2024-01-07 21:40:56.353409198 +0100 @@ -1,0 +2,10 @@ +Fri Jan 5 16:01:32 UTC 2024 - Dirk Müller <dmuel...@suse.com> + +- update to 0.4.44: + * This release updates the `nk3 set-config` command for the + upcoming Nitrokey 3 test firmware release. + * nk3 set-config: Add support for opcard.use_se050_backend + * **Full Changelog**: https://github.com/Nitrokey/pynitrokey/co + mpare/v0.4.43...v0.4.44 + +------------------------------------------------------------------- Old: ---- pynitrokey-0.4.43.tar.gz New: ---- pynitrokey-0.4.44.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-pynitrokey.spec ++++++ --- /var/tmp/diff_new_pack.FQ1640/_old 2024-01-07 21:40:57.057434807 +0100 +++ /var/tmp/diff_new_pack.FQ1640/_new 2024-01-07 21:40:57.061434952 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-pynitrokey # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,7 +23,7 @@ %endif Name: python-pynitrokey -Version: 0.4.43 +Version: 0.4.44 Release: 0 Summary: Python Library for Nitrokey devices License: Apache-2.0 OR MIT ++++++ pynitrokey-0.4.43.tar.gz -> pynitrokey-0.4.44.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pynitrokey-0.4.43/PKG-INFO new/pynitrokey-0.4.44/PKG-INFO --- old/pynitrokey-0.4.43/PKG-INFO 1970-01-01 01:00:00.000000000 +0100 +++ new/pynitrokey-0.4.44/PKG-INFO 1970-01-01 01:00:00.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: pynitrokey -Version: 0.4.43 +Version: 0.4.44 Summary: Python Library for Nitrokey devices. Author-email: Nitrokey <p...@nitrokey.com> Requires-Python: >=3.9 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pynitrokey-0.4.43/pynitrokey/VERSION new/pynitrokey-0.4.44/pynitrokey/VERSION --- old/pynitrokey-0.4.43/pynitrokey/VERSION 2023-11-30 14:01:14.000000000 +0100 +++ new/pynitrokey-0.4.44/pynitrokey/VERSION 2023-12-18 23:49:57.000000000 +0100 @@ -1 +1 @@ -0.4.43 +0.4.44 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pynitrokey-0.4.43/pynitrokey/cli/nk3/__init__.py new/pynitrokey-0.4.44/pynitrokey/cli/nk3/__init__.py --- old/pynitrokey-0.4.43/pynitrokey/cli/nk3/__init__.py 2023-11-30 14:01:14.000000000 +0100 +++ new/pynitrokey-0.4.44/pynitrokey/cli/nk3/__init__.py 2023-12-18 23:49:57.000000000 +0100 @@ -489,35 +489,104 @@ @click.pass_obj @click.argument("key") @click.argument("value") -def set_config(ctx: Context, key: str, value: str) -> None: +@click.option( + "-f", + "--force", + is_flag=True, + default=False, + help="Set the config value even if it is not known to pynitrokey", +) +@click.option( + "--dry-run", + is_flag=True, + default=False, + help="Perform all checks but donât execute the configuration change", +) +def set_config(ctx: Context, key: str, value: str, force: bool, dry_run: bool) -> None: """ Set a config value. - This command should not be used directly as it may have unexpected - side effects, for example resetting an application. It is only intended - for development and testing. - """ - - # config fields that donât have side effects - whitelist = [ - "fido.disable_skip_up_timeout", - ] - - if key not in whitelist: - print( - "Changing configuration values can have unexpected side effects, including data loss.", - file=sys.stderr, - ) - print( - "This command should only be used for development and testing.", - file=sys.stderr, - ) + Per default, this command can only be used with configuration values that + are known to pynitrokey. Changing some configuration values can have side + effects. For these values, a summary of the effects of the change and a + confirmation prompt will be printed. + + If you use the --force/-f flag, you can also set configuration values that + are not known to pynitrokey. This may have unexpected side effects, for + example resetting an application. It is only intended for development and + testing. - click.confirm("Do you want to continue anyway?", abort=True) + To see the information about a config value without actually performing the + change, use the --dry-run flag. + """ with ctx.connect_device() as device: admin = AdminApp(device) + + # before the confirmation prompt, check if the config value is supported + if not admin.has_config(key): + raise CliException( + f"The configuration option '{key}' is not supported by the device.", + support_hint=False, + ) + + # config fields that donât have side effects + whitelist = [ + "fido.disable_skip_up_timeout", + ] + requires_touch = False + requires_reboot = False + + if key == "opcard.use_se050_backend": + requires_touch = True + requires_reboot = True + print( + "This configuration values determines whether the OpenPGP Card " + "application uses a software implementation or the secure element.", + file=sys.stderr, + ) + print( + "Changing this configuration value will cause a factory reset of " + "the OpenPGP card application and destroy all OpenPGP keys and " + "user data currently stored on the device.", + file=sys.stderr, + ) + elif key not in whitelist: + pass + print( + "Changing configuration values can have unexpected side effects, including data loss.", + file=sys.stderr, + ) + print( + "This should only be used for development and testing.", + file=sys.stderr, + ) + + if not force: + raise CliException( + "Unknown config values can only be set if the --force/-f flag is set. Aborting.", + support_hint=False, + ) + + if key not in whitelist: + click.confirm("Do you want to continue anyway?", abort=True) + + if dry_run: + print("Stopping dry run.", file=sys.stderr) + raise click.Abort() + + if requires_touch: + print( + "Press the touch button to confirm the configuration change.", + file=sys.stderr, + ) + admin.set_config(key, value) + + if requires_reboot: + print("Rebooting device to apply config change.") + device.reboot() + print(f"Updated configuration {key}.") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pynitrokey-0.4.43/pynitrokey/nk3/admin_app.py new/pynitrokey-0.4.44/pynitrokey/nk3/admin_app.py --- old/pynitrokey-0.4.43/pynitrokey/nk3/admin_app.py 2023-11-30 14:01:14.000000000 +0100 +++ new/pynitrokey-0.4.44/pynitrokey/nk3/admin_app.py 2023-12-18 23:49:57.000000000 +0100 @@ -169,6 +169,12 @@ def se050_tests(self) -> Optional[bytes]: return self._call(AdminCommand.TEST_SE050) + def has_config(self, key: str) -> bool: + reply = self._call(AdminCommand.GET_CONFIG, data=key.encode()) + if not reply or len(reply) < 1: + return False + return ConfigStatus.from_int(reply[0]) == ConfigStatus.SUCCESS + def get_config(self, key: str) -> str: reply = self._call(AdminCommand.GET_CONFIG, data=key.encode()) if not reply or len(reply) < 1: