[gentoo-commits] repo/gentoo:master commit in: dev-python/twisted/, dev-python/twisted/files/

Wed, 31 Jul 2024 22:07:15 -0700 

commit:     4e9a65f827401a6888820c1557109f8a441a550c
Author:     Petr Vaněk <arkamar <AT> gentoo <DOT> org>
AuthorDate: Thu Aug  1 04:37:51 2024 +0000
Commit:     Petr Vaněk <arkamar <AT> gentoo <DOT> org>
CommitDate: Thu Aug  1 05:05:45 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e9a65f8

dev-python/twisted: skip DSA tests rather than restricting openssh

Skipping related tests is preferable to restricting openssh, as
downgrade may brick it.

Signed-off-by: Petr Vaněk <arkamar <AT> gentoo.org>

 .../files/twisted-24.3.0-skip-dsa-tests.patch      | 75 ++++++++++++++++++++++
 dev-python/twisted/twisted-24.3.0.ebuild           |  6 +-
 dev-python/twisted/twisted-24.3.0_p20240628.ebuild |  3 +-
 dev-python/twisted/twisted-24.7.0_rc1.ebuild       |  3 +-
 4 files changed, 81 insertions(+), 6 deletions(-)

diff --git a/dev-python/twisted/files/twisted-24.3.0-skip-dsa-tests.patch 
b/dev-python/twisted/files/twisted-24.3.0-skip-dsa-tests.patch
new file mode 100644
index 000000000000..9dabba43391a
--- /dev/null
+++ b/dev-python/twisted/files/twisted-24.3.0-skip-dsa-tests.patch
@@ -0,0 +1,75 @@
+From b948467c3f01cc46b5dcda8802b913295b7c8999 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20Van=C4=9Bk?= <[email protected]>
+Date: Wed, 31 Jul 2024 18:05:01 +0200
+Subject: [PATCH] Skip tests requiring DSA if SSH does not support DSS
+
+Modern OpenSSH no longer supports DSA/DSS. We need to skip tests that
+use DSA if it is not supported by the installed SSH. The availability of
+DSA can be checked by querying `ssh -Q key`, which includes `ssh-dss` in
+the output if DSS is available, as suggested in [1].
+
+[1] https://github.com/twisted/twisted/issues/12273#issuecomment-2260799255
+
+Issue: https://github.com/twisted/twisted/issues/12273
+
+Based on upstream PR https://github.com/twisted/twisted/pull/12274
+
+diff --git a/src/twisted/conch/test/test_cftp.py 
b/src/twisted/conch/test/test_cftp.py
+index 40b2deaedb..51a978de4b 100644
+--- a/src/twisted/conch/test/test_cftp.py
++++ b/src/twisted/conch/test/test_cftp.py
+@@ -20,6 +20,7 @@ from zope.interface import implementer
+ 
+ from twisted.conch import ls
+ from twisted.conch.interfaces import ISFTPFile
++from twisted.conch.test.test_conch import HAS_DSA
+ from twisted.conch.test.test_filetransfer import FileTransferTestAvatar, 
SFTPTestBase
+ from twisted.cred import portal
+ from twisted.internet import defer, error, interfaces, protocol, reactor
+@@ -1436,6 +1437,7 @@ exit
+ @skipIf(skipTests, "don't run w/o spawnProcess or cryptography")
+ @skipIf(not which("ssh"), "no ssh command-line client available")
+ @skipIf(not which("sftp"), "no sftp command-line client available")
++@skipIf(not HAS_DSA, "needs ssh supporting dsa")
+ class OurServerSftpClientTests(CFTPClientTestBase):
+     """
+     Test the sftp server against sftp command line client.
+diff --git a/src/twisted/conch/test/test_conch.py 
b/src/twisted/conch/test/test_conch.py
+index 45b357c995..9e77c9b2e9 100644
+--- a/src/twisted/conch/test/test_conch.py
++++ b/src/twisted/conch/test/test_conch.py
+@@ -59,6 +59,21 @@ except ImportError as e:
+ else:
+     StdioInteractingSession = _StdioInteractingSession
+ 
++def _has_dsa():
++    has_dsa = False
++    try:
++        output = subprocess.check_output(
++            [which("ssh")[0], "-Q", "key"], stderr=subprocess.STDOUT, 
text=True
++        )
++        keys = output.split()
++        if "ssh-dss" in keys:
++            has_dsa = True
++    except BaseException:
++        pass
++    return has_dsa
++
++HAS_DSA = _has_dsa()
++
+ 
+ def _has_ipv6():
+     """Returns True if the system can bind an IPv6 address."""
+@@ -551,6 +566,9 @@ class OpenSSHClientMixin:
+     if not which("ssh"):
+         skip = "no ssh command-line client available"
+ 
++    if not HAS_DSA:
++        skip = "needs ssh supporting dsa"
++
+     def execute(self, remoteCommand, process, sshArgs=""):
+         """
+         Connects to the SSH server started in L{ConchServerSetupMixin.setUp} 
by
+-- 
+2.44.2
+

diff --git a/dev-python/twisted/twisted-24.3.0.ebuild 
b/dev-python/twisted/twisted-24.3.0.ebuild
index ef1b40fca895..bc02689ec2f8 100644
--- a/dev-python/twisted/twisted-24.3.0.ebuild
+++ b/dev-python/twisted/twisted-24.3.0.ebuild
@@ -55,7 +55,6 @@ RDEPEND="
                >=dev-python/idna-2.4[${PYTHON_USEDEP}]
        )
 "
-# tests fail with openssh-9.8, see 
https://github.com/twisted/twisted/issues/12273
 BDEPEND="
        >=dev-python/hatch-fancy-pypi-readme-22.5.0[${PYTHON_USEDEP}]
        >=dev-python/incremental-22.10.0[${PYTHON_USEDEP}]
@@ -73,7 +72,6 @@ BDEPEND="
                        >=dev-python/pyhamcrest-2[${PYTHON_USEDEP}]
                        >=dev-python/pyserial-3.0[${PYTHON_USEDEP}]
                        virtual/openssh
-                       <net-misc/openssh-9.8
                        ssl? (
                                >=dev-python/pyopenssl-21.0.0[${PYTHON_USEDEP}]
                                
>=dev-python/service-identity-18.1.0[${PYTHON_USEDEP}]
@@ -82,6 +80,10 @@ BDEPEND="
        )
 "
 
+PATCHES=(
+       "${FILESDIR}/${PN}-24.3.0-skip-dsa-tests.patch"
+)
+
 python_prepare_all() {
        # upstream test for making releases; not very useful and requires
        # sphinx (including on py2)

diff --git a/dev-python/twisted/twisted-24.3.0_p20240628.ebuild 
b/dev-python/twisted/twisted-24.3.0_p20240628.ebuild
index 044b23c244e6..3e145cb0de1f 100644
--- a/dev-python/twisted/twisted-24.3.0_p20240628.ebuild
+++ b/dev-python/twisted/twisted-24.3.0_p20240628.ebuild
@@ -61,7 +61,6 @@ RDEPEND="
                >=dev-python/idna-2.4[${PYTHON_USEDEP}]
        )
 "
-# tests fail with openssh-9.8, see 
https://github.com/twisted/twisted/issues/12273
 BDEPEND="
        >=dev-python/hatch-fancy-pypi-readme-22.5.0[${PYTHON_USEDEP}]
        >=dev-python/incremental-22.10.0[${PYTHON_USEDEP}]
@@ -79,7 +78,6 @@ BDEPEND="
                        >=dev-python/pyhamcrest-2[${PYTHON_USEDEP}]
                        >=dev-python/pyserial-3.0[${PYTHON_USEDEP}]
                        virtual/openssh
-                       <net-misc/openssh-9.8
                        ssl? (
                                >=dev-python/pyopenssl-21.0.0[${PYTHON_USEDEP}]
                                
>=dev-python/service-identity-18.1.0[${PYTHON_USEDEP}]
@@ -89,6 +87,7 @@ BDEPEND="
 "
 
 PATCHES=(
+       "${FILESDIR}/${PN}-24.3.0-skip-dsa-tests.patch"
        "${FILESDIR}/${P}-skip-py313-test.patch"
 )
 

diff --git a/dev-python/twisted/twisted-24.7.0_rc1.ebuild 
b/dev-python/twisted/twisted-24.7.0_rc1.ebuild
index ceb4aee19fe2..ba4dbbbf84fe 100644
--- a/dev-python/twisted/twisted-24.7.0_rc1.ebuild
+++ b/dev-python/twisted/twisted-24.7.0_rc1.ebuild
@@ -55,7 +55,6 @@ RDEPEND="
                >=dev-python/idna-2.4[${PYTHON_USEDEP}]
        )
 "
-# tests fail with openssh-9.8, see 
https://github.com/twisted/twisted/issues/12273
 BDEPEND="
        >=dev-python/hatch-fancy-pypi-readme-22.5.0[${PYTHON_USEDEP}]
        >=dev-python/incremental-22.10.0[${PYTHON_USEDEP}]
@@ -73,7 +72,6 @@ BDEPEND="
                        >=dev-python/pyhamcrest-2[${PYTHON_USEDEP}]
                        >=dev-python/pyserial-3.0[${PYTHON_USEDEP}]
                        virtual/openssh
-                       <net-misc/openssh-9.8
                        ssl? (
                                >=dev-python/pyopenssl-21.0.0[${PYTHON_USEDEP}]
                                
>=dev-python/service-identity-18.1.0[${PYTHON_USEDEP}]
@@ -83,6 +81,7 @@ BDEPEND="
 "
 
 PATCHES=(
+       "${FILESDIR}/${PN}-24.3.0-skip-dsa-tests.patch"
        "${FILESDIR}/${PN}-24.3.0_p20240628-skip-py313-test.patch"
        "${FILESDIR}/${PN}-24.7.0_rc1-skip-py313-tests.patch"
 )

Reply via email to