Package: src:certipy
Version: 0.2.2-1
Severity: serious
Tags: ftbfs forky sid

Dear maintainer:

During a rebuild of all packages in unstable, this package failed to build.

Below you will find the last part of the build log (probably the most
relevant part, but not necessarily). If required, the full build log
is available here:

https://people.debian.org/~sanvila/build-logs/202606/

About the archive rebuild: The build was made on virtual machines from AWS,
using sbuild and a reduced chroot with only build-essential packages.

If you cannot reproduce the bug please contact me privately, as I
am willing to provide ssh access to a virtual machine where the bug is
fully reproducible.

If this is really a bug in one of the build-depends, please use
reassign and add an affects on src:certipy, so that this is still
visible in the BTS web page for this package.

Thanks.

--------------------------------------------------------------------------------
[...]
 debian/rules clean
dh clean --buildsystem=pybuild
   dh_auto_clean -O--buildsystem=pybuild
   dh_autoreconf_clean -O--buildsystem=pybuild
   dh_clean -O--buildsystem=pybuild
 debian/rules binary
dh binary --buildsystem=pybuild
   dh_update_autotools_config -O--buildsystem=pybuild
   dh_autoreconf -O--buildsystem=pybuild
   dh_auto_configure -O--buildsystem=pybuild
   dh_auto_build -O--buildsystem=pybuild
I: pybuild plugin_pyproject:142: Building wheel for python3.13 with "build" 
module
I: pybuild base:385: python3.13 -m build --skip-dependency-check --no-isolation 
--wheel --outdir /<<PKGBUILDDIR>>/.pybuild/cpython3_3.13  
* Building wheel...
/usr/lib/python3/dist-packages/setuptools/config/_apply_pyprojecttoml.py:82: 
SetuptoolsDeprecationWarning: `project.license` as a TOML table is deprecated

[... snipped ...]

    
        self.file_path = file_path
        self.containing_dir = os.path.dirname(self.file_path)
>       self.encoding = serialization.Encoding(encoding)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
E       TypeError: cannot create 
'cryptography.hazmat.primitives._serialization.Encoding' instances

certipy/certipy.py:171: TypeError
_________________________________ test_certipy _________________________________

    def test_certipy():
        # FIXME: unfortunately similar names...either separate tests or rename
        with TemporaryDirectory() as td:
            # create a CA
            ca_name = "foo"
            certipy = Certipy(store_dir=td)
>           ca_record = certipy.create_ca(ca_name, pathlen=None)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

test/test_certipy.py:238: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
certipy/certipy.py:864: in create_ca
    self.store.add_files(
certipy/certipy.py:480: in add_files
    bundle = TLSFileBundle(
certipy/certipy.py:281: in __init__
    self._setup_tls_files(files)
certipy/certipy.py:290: in _setup_tls_files
    setattr(self, file_type.value, TLSFile(file_path, file_type=file_type))
                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <certipy.certipy.TLSFile object at 0x7f5283139e00>
file_path = '/tmp/tmp57onkvc0/foo/foo.key', encoding = Encoding.PEM
file_type = <TLSFileType.KEY: 'key'>, x509 = None

    def __init__(
        self,
        file_path,
        encoding=serialization.Encoding.PEM,
        file_type=TLSFileType.CERT,
        x509=None,
    ):
        if isinstance(encoding, int):
            warnings.warn(
                "OpenSSL.crypto.TYPE_* encoding arguments are deprecated. Use 
cryptography.hazmat.primitives.serialization.Encoding enum or string 'PEM'",
                DeprecationWarning,
                stacklevel=2,
            )
            # match values in OpenSSL.crypto
            if encoding == 1:
                # PEM
                encoding = serialization.Encoding.PEM
            elif encoding == 2:
                # ASN / DER
                encoding = serialization.Encoding.DER
    
        self.file_path = file_path
        self.containing_dir = os.path.dirname(self.file_path)
>       self.encoding = serialization.Encoding(encoding)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
E       TypeError: cannot create 
'cryptography.hazmat.primitives._serialization.Encoding' instances

certipy/certipy.py:171: TypeError
___________________________ test_certipy_trust_graph ___________________________

self = <certipy.certipy.CertStore object at 0x7f528317f890>, common_name = 'baz'

    def get_record(self, common_name):
        """Return the record associated with this common name
    
        In most cases, all that's really needed to use an existing cert are
        the file paths to the files that make up that cert. This method
        returns just that and doesn't bother loading the associated files.
        """
    
        try:
>           record = self.store[common_name]
                     ^^^^^^^^^^^^^^^^^^^^^^^
E           KeyError: 'baz'

certipy/certipy.py:386: KeyError

During handling of the above exception, another exception occurred:

self = <certipy.certipy.Certipy object at 0x7f528317fb10>
graph = {'foo': ['foo', 'bar'], 'bar': ['foo'], 'baz': ['bar']}

    def trust_from_graph(self, graph):
        """Create a set of trust bundles from a relationship graph.
    
        Components in this sense are defined by unique CAs. This method assists
        in setting up complicated trust between various components that need
        to do TLS auth.
        Arguments: graph - dict component:list(components)
        Returns:   dict component:trust bundle file path
        """
    
        # Ensure there are CAs backing all graph components
        def distinct_components(graph):
            """Return a set of components from the provided graph."""
            components = set(graph.keys())
            for trusts in graph.values():
                components |= set(trusts)
            return components
    
        # Default to creating a CA (incapable of signing intermediaries) to
        # identify a component not known to Certipy
        for component in distinct_components(graph):
            try:
>               self.store.get_record(component)

certipy/certipy.py:755: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <certipy.certipy.CertStore object at 0x7f528317f890>, common_name = 'baz'

    def get_record(self, common_name):
        """Return the record associated with this common name
    
        In most cases, all that's really needed to use an existing cert are
        the file paths to the files that make up that cert. This method
        returns just that and doesn't bother loading the associated files.
        """
    
        try:
            record = self.store[common_name]
            return record
        except KeyError as e:
>           raise CertNotFoundError(
                "Unable to find record of {name}".format(name=common_name), 
errors=e
            )
E           certipy.certipy.CertNotFoundError: Unable to find record of baz

certipy/certipy.py:389: CertNotFoundError

During handling of the above exception, another exception occurred:

    def test_certipy_trust_graph():
        trust_graph = {
            "foo": ["foo", "bar"],
            "bar": ["foo"],
            "baz": ["bar"],
        }
    
        def distinct_components(graph):
            """Return a set of components from the provided graph."""
            components = set(graph.keys())
            for trusts in graph.values():
                components |= set(trusts)
            return components
    
        with TemporaryDirectory() as td:
            certipy = Certipy(store_dir=td)
            # after this, all components in the graph should exist in certipy
>           trust_files = certipy.trust_from_graph(trust_graph)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

test/test_certipy.py:337: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
certipy/certipy.py:757: in trust_from_graph
    self.create_ca(component)
certipy/certipy.py:864: in create_ca
    self.store.add_files(
certipy/certipy.py:480: in add_files
    bundle = TLSFileBundle(
certipy/certipy.py:281: in __init__
    self._setup_tls_files(files)
certipy/certipy.py:290: in _setup_tls_files
    setattr(self, file_type.value, TLSFile(file_path, file_type=file_type))
                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <certipy.certipy.TLSFile object at 0x7f528313ba80>
file_path = '/tmp/tmpq2ttedgq/baz/baz.key', encoding = Encoding.PEM
file_type = <TLSFileType.KEY: 'key'>, x509 = None

    def __init__(
        self,
        file_path,
        encoding=serialization.Encoding.PEM,
        file_type=TLSFileType.CERT,
        x509=None,
    ):
        if isinstance(encoding, int):
            warnings.warn(
                "OpenSSL.crypto.TYPE_* encoding arguments are deprecated. Use 
cryptography.hazmat.primitives.serialization.Encoding enum or string 'PEM'",
                DeprecationWarning,
                stacklevel=2,
            )
            # match values in OpenSSL.crypto
            if encoding == 1:
                # PEM
                encoding = serialization.Encoding.PEM
            elif encoding == 2:
                # ASN / DER
                encoding = serialization.Encoding.DER
    
        self.file_path = file_path
        self.containing_dir = os.path.dirname(self.file_path)
>       self.encoding = serialization.Encoding(encoding)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
E       TypeError: cannot create 
'cryptography.hazmat.primitives._serialization.Encoding' instances

certipy/certipy.py:171: TypeError
__________________________________ test_certs __________________________________

    def test_certs():
        with TemporaryDirectory() as td:
            # Setup
            ca_name = "foo"
            certipy = Certipy(store_dir=td)
>           ca_record = certipy.create_ca(ca_name, pathlen=-1)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

test/test_certipy.py:364: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
certipy/certipy.py:864: in create_ca
    self.store.add_files(
certipy/certipy.py:480: in add_files
    bundle = TLSFileBundle(
certipy/certipy.py:281: in __init__
    self._setup_tls_files(files)
certipy/certipy.py:290: in _setup_tls_files
    setattr(self, file_type.value, TLSFile(file_path, file_type=file_type))
                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <certipy.certipy.TLSFile object at 0x7f528308d910>
file_path = '/tmp/tmp97hpqsth/foo/foo.key', encoding = Encoding.PEM
file_type = <TLSFileType.KEY: 'key'>, x509 = None

    def __init__(
        self,
        file_path,
        encoding=serialization.Encoding.PEM,
        file_type=TLSFileType.CERT,
        x509=None,
    ):
        if isinstance(encoding, int):
            warnings.warn(
                "OpenSSL.crypto.TYPE_* encoding arguments are deprecated. Use 
cryptography.hazmat.primitives.serialization.Encoding enum or string 'PEM'",
                DeprecationWarning,
                stacklevel=2,
            )
            # match values in OpenSSL.crypto
            if encoding == 1:
                # PEM
                encoding = serialization.Encoding.PEM
            elif encoding == 2:
                # ASN / DER
                encoding = serialization.Encoding.DER
    
        self.file_path = file_path
        self.containing_dir = os.path.dirname(self.file_path)
>       self.encoding = serialization.Encoding(encoding)
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
E       TypeError: cannot create 
'cryptography.hazmat.primitives._serialization.Encoding' instances

certipy/certipy.py:171: TypeError
=============================== warnings summary ===============================
.pybuild/cpython3_3.14/build/test/test_certipy.py::test_certs
  /<<PKGBUILDDIR>>/.pybuild/cpython3_3.14/build/test/test_certipy.py:364: 
DeprecationWarning: negative pathlen is deprecated. Use pathlen=None
    ca_record = certipy.create_ca(ca_name, pathlen=-1)

-- Docs: https://docs.pytest.org/en/stable/how-to/capture-warnings.html
=========================== short test summary info ============================
FAILED test/test_certipy.py::test_tls_file - TypeError: cannot create 'crypto...
FAILED test/test_certipy.py::test_tls_file_bundle - TypeError: cannot create ...
FAILED test/test_certipy.py::test_certipy_store - TypeError: cannot create 'c...
FAILED test/test_certipy.py::test_certipy - TypeError: cannot create 'cryptog...
FAILED test/test_certipy.py::test_certipy_trust_graph - TypeError: cannot cre...
FAILED test/test_certipy.py::test_certs - TypeError: cannot create 'cryptogra...
==================== 6 failed, 1 passed, 1 warning in 0.40s ====================
E: pybuild pybuild:485: test: plugin pyproject failed with: exit code=1: cd 
/<<PKGBUILDDIR>>/.pybuild/cpython3_3.14/build; python3.14 -m pytest 
dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.13 
3.14" --parallel=2 returned exit code 13
make: *** [debian/rules:6: binary] Error 25
dpkg-buildpackage: error: debian/rules binary subprocess failed with exit 
status 2
--------------------------------------------------------------------------------

Reply via email to