Hello community, here is the log from the commit of package python-gpgme for openSUSE:Factory checked in at 2017-06-13 16:06:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-gpgme (Old) and /work/SRC/openSUSE:Factory/.python-gpgme.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-gpgme" Tue Jun 13 16:06:57 2017 rev:16 rq:501741 version:0.3 Changes: -------- --- /work/SRC/openSUSE:Factory/python-gpgme/python-gpgme.changes 2012-02-23 15:34:34.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python-gpgme.new/python-gpgme.changes 2017-06-13 16:07:01.991742904 +0200 @@ -1,0 +2,16 @@ +Tue Jun 6 12:31:55 UTC 2017 - ngomp...@gmail.com + +- Update to 0.3 +- Add patches from Fedora to fix pygpgme with new gpgme + * 0001-reflect-2.1-reporting-for-key-imports.patch + * 0002-passphrase_cb-is-deprecated.patch + * 0003-handle-generic-error-when-no-passphrase-callback-pre.patch + * 0004-add-pubkey_algo-and-hash_algo-attributes-to-signatur.patch + * 0005-add-ENCRYPT_NO_ENCRYPT_TO-constant.patch + * 0006-ignore-STATUS_KEY_CONSIDERED-when-editing.patch +- Drop old patches for pygpgme 0.1 + * pygpgme-0.1-py23.patch + * pygpgme-0.1-context.patch +- Convert to singlespec to build for Python 2 and Python 3 + +------------------------------------------------------------------- Old: ---- pygpgme-0.1-context.patch pygpgme-0.1-py23.patch pygpgme-0.1.tar.bz2 New: ---- 0001-reflect-2.1-reporting-for-key-imports.patch 0002-passphrase_cb-is-deprecated.patch 0003-handle-generic-error-when-no-passphrase-callback-pre.patch 0004-add-pubkey_algo-and-hash_algo-attributes-to-signatur.patch 0005-add-ENCRYPT_NO_ENCRYPT_TO-constant.patch 0006-ignore-STATUS_KEY_CONSIDERED-when-editing.patch pygpgme-0.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-gpgme.spec ++++++ --- /var/tmp/diff_new_pack.ABm8DK/_old 2017-06-13 16:07:02.683645395 +0200 +++ /var/tmp/diff_new_pack.ABm8DK/_new 2017-06-13 16:07:02.683645395 +0200 @@ -1,7 +1,8 @@ # # spec file for package python-gpgme # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 Neal Gompa <ngomp...@gmail.com>. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,19 +17,31 @@ # +%{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-gpgme -Version: 0.1 +Version: 0.3 Release: 0 Summary: A Python module for working with OpenPGP messages License: LGPL-2.1+ Group: Development/Libraries/Python Url: http://pypi.python.org/pypi/pygpgme -Source: pygpgme-%{version}.tar.bz2 -Patch: pygpgme-0.1-py23.patch -Patch1: pygpgme-0.1-context.patch +Source: pygpgme-%{version}.tar.gz +# Upstream is dead, but Fedora maintains a fork +# All patches tracked at: https://pagure.io/pygpgme +# Patches for working with gnupg >= 2.1 +Patch0001: 0001-reflect-2.1-reporting-for-key-imports.patch +Patch0002: 0002-passphrase_cb-is-deprecated.patch +Patch0003: 0003-handle-generic-error-when-no-passphrase-callback-pre.patch +Patch0004: 0004-add-pubkey_algo-and-hash_algo-attributes-to-signatur.patch +Patch0005: 0005-add-ENCRYPT_NO_ENCRYPT_TO-constant.patch +Patch0006: 0006-ignore-STATUS_KEY_CONSIDERED-when-editing.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: gpgme-devel BuildRequires: python-devel +BuildRequires: python-rpm-macros +BuildRequires: python3-devel + +%python_subpackages %description PyGPGME is a Python module that lets you sign, verify, encrypt and @@ -44,23 +57,19 @@ %prep %setup -q -n pygpgme-%{version} -%patch -p1 -%patch1 -p2 +%if 0%{?suse_version} >= 1330 +%autopatch -p1 +%endif %build -#CFLAGS="$RPM_OPT_FLAGS" %{__python} setup.py build +%python_build %install -%{__python} setup.py install --root $RPM_BUILD_ROOT --prefix=%{_prefix} -# No need to ship the tests -rm -rf $RPM_BUILD_ROOT%{py_sitedir}/gpgme/tests/ - -%clean -rm -rf $RPM_BUILD_ROOT +%python_install -%files +%files %{python_files} %defattr(-,root,root,-) -%doc README PKG-INFO -%{py_sitedir}/* +%doc README examples tests +%{python_sitearch}/* %changelog ++++++ 0001-reflect-2.1-reporting-for-key-imports.patch ++++++ >From 4f15b1c042e9cb8c68223c3f78a47b6c18678802 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor <d...@fifthhorseman.net> Date: Tue, 26 Jan 2016 14:24:26 -0500 Subject: [PATCH 1/6] reflect 2.1 reporting for key imports GnuPG 2.1 changes how it reports key imports. These changes should make the pygpgme test suite compatible with GnuPG 2.1. See also: https://lists.gnupg.org/pipermail/gnupg-devel/2016-January/030718.html --- tests/test_import.py | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/test_import.py b/tests/test_import.py index 10eb816..597eb47 100644 --- a/tests/test_import.py +++ b/tests/test_import.py @@ -55,7 +55,7 @@ class ImportTestCase(GpgHomeTestCase): ctx = gpgme.Context() with self.keyfile('key1.sec') as fp: result = ctx.import_(fp) - self.assertEqual(result.considered, 1) + self.assertEqual(result.considered, 3) self.assertEqual(result.no_user_id, 0) self.assertEqual(result.imported, 1) self.assertEqual(result.imported_rsa, 0) @@ -64,18 +64,18 @@ class ImportTestCase(GpgHomeTestCase): self.assertEqual(result.new_sub_keys, 0) self.assertEqual(result.new_signatures, 0) self.assertEqual(result.new_revocations, 0) - self.assertEqual(result.secret_read, 1) - self.assertEqual(result.secret_imported, 1) + self.assertEqual(result.secret_read, 3) + self.assertEqual(result.secret_imported, 2) self.assertEqual(result.secret_unchanged, 0) self.assertEqual(result.skipped_new_keys, 0) self.assertEqual(result.not_imported, 0) self.assertEqual(len(result.imports), 2) self.assertEqual(result.imports[0], ('E79A842DA34A1CA383F64A1546BB55F0885C65A4', - None, gpgme.IMPORT_NEW | gpgme.IMPORT_SECRET)) + None, gpgme.IMPORT_NEW)) self.assertEqual(result.imports[1], ('E79A842DA34A1CA383F64A1546BB55F0885C65A4', - None, gpgme.IMPORT_NEW)) + None, gpgme.IMPORT_NEW | gpgme.IMPORT_SECRET)) # can we get the public key? key = ctx.get_key('E79A842DA34A1CA383F64A1546BB55F0885C65A4') # can we get the secret key? @@ -102,17 +102,17 @@ class ImportTestCase(GpgHomeTestCase): fp = BytesIO(b'\n'.join(keys)) ctx = gpgme.Context() result = ctx.import_(fp) - self.assertEqual(result.considered, 3) + self.assertEqual(result.considered, 5) self.assertEqual(result.no_user_id, 0) self.assertEqual(result.imported, 2) - self.assertEqual(result.imported_rsa, 1) + self.assertEqual(result.imported_rsa, 0) self.assertEqual(result.unchanged, 0) self.assertEqual(result.new_user_ids, 0) self.assertEqual(result.new_sub_keys, 0) self.assertEqual(result.new_signatures, 1) self.assertEqual(result.new_revocations, 0) - self.assertEqual(result.secret_read, 1) - self.assertEqual(result.secret_imported, 1) + self.assertEqual(result.secret_read, 3) + self.assertEqual(result.secret_imported, 2) self.assertEqual(result.secret_unchanged, 0) self.assertEqual(result.skipped_new_keys, 0) self.assertEqual(result.not_imported, 0) @@ -122,10 +122,10 @@ class ImportTestCase(GpgHomeTestCase): None, gpgme.IMPORT_NEW)) self.assertEqual(result.imports[1], ('E79A842DA34A1CA383F64A1546BB55F0885C65A4', - None, gpgme.IMPORT_NEW | gpgme.IMPORT_SECRET)) + None, gpgme.IMPORT_SIG)) self.assertEqual(result.imports[2], ('E79A842DA34A1CA383F64A1546BB55F0885C65A4', - None, gpgme.IMPORT_SIG)) + None, gpgme.IMPORT_NEW | gpgme.IMPORT_SECRET)) self.assertEqual(result.imports[3], ('93C2240D6B8AA10AB28F701D2CF46B7FC97E6B0F', None, gpgme.IMPORT_NEW)) -- 2.7.4 ++++++ 0002-passphrase_cb-is-deprecated.patch ++++++ >From 6648b075fb3d434c599d7e1793bd1f0bbe85dfe3 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor <d...@fifthhorseman.net> Date: Mon, 1 Feb 2016 19:25:12 -0500 Subject: [PATCH 2/6] passphrase_cb is deprecated https://bugs.gnupg.org/gnupg/issue767 indicates that gpgme_set_passphrase_cb is a deprecated corner of the API and that developers using gpgme should really rely on the gpg-agent to handle this stuff. This should actually simplify things for most installations -- just strip out all passphrase handling from your application entirely, relying on gpg to figure out how to find the agent, and relying on the agent figuring out how to prompt the user (if necessary). However, if a developer really wants to use the passphrase callback approach, they'll have to use loopback pinentry. This sets up the test suite to be able to make those tests. --- tests/util.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/util.py b/tests/util.py index cd803c2..86892ca 100644 --- a/tests/util.py +++ b/tests/util.py @@ -28,7 +28,9 @@ keydir = os.path.join(os.path.dirname(__file__), 'keys') class GpgHomeTestCase(unittest.TestCase): - gpg_conf_contents = '' + gpg_conf_contents = 'pinentry-mode loopback' + gpg_agent_conf_contents = 'allow-loopback-pinentry' + import_keys = [] def keyfile(self, key): @@ -41,6 +43,10 @@ class GpgHomeTestCase(unittest.TestCase): fp.write(self.gpg_conf_contents.encode('UTF-8')) fp.close() + fp = open(os.path.join(self._gpghome, 'gpg-agent.conf'), 'wb') + fp.write(self.gpg_agent_conf_contents.encode('UTF-8')) + fp.close() + # import requested keys into the keyring ctx = gpgme.Context() for key in self.import_keys: -- 2.7.4 ++++++ 0003-handle-generic-error-when-no-passphrase-callback-pre.patch ++++++ >From 41a0e04d2e81f58c1aff1338a0c89d49ce399d39 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor <d...@fifthhorseman.net> Date: Mon, 1 Feb 2016 19:27:59 -0500 Subject: [PATCH 3/6] handle generic error when no passphrase callback present apparently gpg 2.1 returns ERR_GENERAL right now if the pinentry was in loopback mode and no passphrase callback was supplied. Earlier versions supplied ERR_BAD_PASSPHRASE. --- tests/test_passphrase.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_passphrase.py b/tests/test_passphrase.py index 0a235e9..35b3c59 100644 --- a/tests/test_passphrase.py +++ b/tests/test_passphrase.py @@ -41,7 +41,7 @@ class PassphraseTestCase(GpgHomeTestCase): new_sigs = ctx.sign(plaintext, signature, gpgme.SIG_MODE_CLEAR) except gpgme.GpgmeError as exc: self.assertEqual(exc.args[0], gpgme.ERR_SOURCE_GPGME) - self.assertEqual(exc.args[1], gpgme.ERR_BAD_PASSPHRASE) + self.assertEqual(exc.args[1], gpgme.ERR_GENERAL) else: self.fail('gpgme.GpgmeError not raised') -- 2.7.4 ++++++ 0004-add-pubkey_algo-and-hash_algo-attributes-to-signatur.patch ++++++ >From 2f902e29ef301ba8a23a7d7bfd0943479107206c Mon Sep 17 00:00:00 2001 From: Till Maas <opensou...@till.name> Date: Wed, 20 Jul 2016 16:17:22 +0200 Subject: [PATCH 4/6] add pubkey_algo and hash_algo attributes to signatures References: https://bugs.launchpad.net/pygpgme/+bug/1002421 Signed-off-by: Igor Gnatenko <ignate...@redhat.com> --- src/pygpgme-signature.c | 6 ++++++ src/pygpgme.h | 2 ++ tests/test_sign_verify.py | 10 ++++++++++ 3 files changed, 18 insertions(+) diff --git a/src/pygpgme-signature.c b/src/pygpgme-signature.c index 7f273a1..1d98dfc 100644 --- a/src/pygpgme-signature.c +++ b/src/pygpgme-signature.c @@ -101,6 +101,8 @@ pygpgme_sig_dealloc(PyGpgmeSignature *self) Py_XDECREF(self->wrong_key_usage); Py_XDECREF(self->validity); Py_XDECREF(self->validity_reason); + Py_XDECREF(self->pubkey_algo); + Py_XDECREF(self->hash_algo); PyObject_Del(self); } @@ -117,6 +119,8 @@ static PyMemberDef pygpgme_sig_members[] = { { "validity", T_OBJECT, offsetof(PyGpgmeSignature, validity), READONLY}, { "validity_reason", T_OBJECT, offsetof(PyGpgmeSignature, validity_reason), READONLY}, + { "pubkey_algo", T_OBJECT, offsetof(PyGpgmeSignature, pubkey_algo), READONLY}, + { "hash_algo", T_OBJECT, offsetof(PyGpgmeSignature, hash_algo), READONLY}, { NULL, 0, 0, 0} }; @@ -173,6 +177,8 @@ pygpgme_siglist_new(gpgme_signature_t siglist) item->wrong_key_usage = PyBool_FromLong(sig->wrong_key_usage); item->validity = PyInt_FromLong(sig->validity); item->validity_reason = pygpgme_error_object(sig->validity_reason); + item->pubkey_algo = PyInt_FromLong(sig->pubkey_algo); + item->hash_algo = PyInt_FromLong(sig->hash_algo); if (PyErr_Occurred()) { Py_DECREF(item); Py_DECREF(list); diff --git a/src/pygpgme.h b/src/pygpgme.h index 8453616..25b9328 100644 --- a/src/pygpgme.h +++ b/src/pygpgme.h @@ -76,6 +76,8 @@ typedef struct { PyObject *wrong_key_usage; PyObject *validity; PyObject *validity_reason; + PyObject *pubkey_algo; + PyObject *hash_algo; } PyGpgmeSignature; typedef struct { diff --git a/tests/test_sign_verify.py b/tests/test_sign_verify.py index 5a90f8c..fb6a27d 100644 --- a/tests/test_sign_verify.py +++ b/tests/test_sign_verify.py @@ -57,6 +57,8 @@ class SignVerifyTestCase(GpgHomeTestCase): self.assertEqual(sigs[0].wrong_key_usage, False) self.assertEqual(sigs[0].validity, gpgme.VALIDITY_UNKNOWN) self.assertEqual(sigs[0].validity_reason, None) + self.assertEqual(sigs[0].pubkey_algo, gpgme.PK_DSA) + self.assertEqual(sigs[0].hash_algo, gpgme.MD_SHA1) def test_verify_detached(self): signature = BytesIO(dedent(''' @@ -83,6 +85,8 @@ class SignVerifyTestCase(GpgHomeTestCase): self.assertEqual(sigs[0].wrong_key_usage, False) self.assertEqual(sigs[0].validity, gpgme.VALIDITY_UNKNOWN) self.assertEqual(sigs[0].validity_reason, None) + self.assertEqual(sigs[0].pubkey_algo, gpgme.PK_DSA) + self.assertEqual(sigs[0].hash_algo, gpgme.MD_SHA1) def test_verify_clearsign(self): signature = BytesIO(dedent(''' @@ -114,6 +118,8 @@ class SignVerifyTestCase(GpgHomeTestCase): self.assertEqual(sigs[0].wrong_key_usage, False) self.assertEqual(sigs[0].validity, gpgme.VALIDITY_UNKNOWN) self.assertEqual(sigs[0].validity_reason, None) + self.assertEqual(sigs[0].pubkey_algo, gpgme.PK_DSA) + self.assertEqual(sigs[0].hash_algo, gpgme.MD_SHA1) def test_verify_multiple_sigs(self): signature = BytesIO(dedent(''' @@ -156,6 +162,8 @@ class SignVerifyTestCase(GpgHomeTestCase): self.assertEqual(sigs[0].wrong_key_usage, False) self.assertEqual(sigs[0].validity, gpgme.VALIDITY_UNKNOWN) self.assertEqual(sigs[0].validity_reason, None) + self.assertEqual(sigs[0].pubkey_algo, gpgme.PK_DSA) + self.assertEqual(sigs[0].hash_algo, gpgme.MD_SHA1) self.assertEqual(sigs[1].summary, 0) self.assertEqual(sigs[1].fpr, @@ -167,6 +175,8 @@ class SignVerifyTestCase(GpgHomeTestCase): self.assertEqual(sigs[1].wrong_key_usage, False) self.assertEqual(sigs[1].validity, gpgme.VALIDITY_UNKNOWN) self.assertEqual(sigs[1].validity_reason, None) + self.assertEqual(sigs[1].pubkey_algo, gpgme.PK_RSA) + self.assertEqual(sigs[1].hash_algo, gpgme.MD_SHA1) def test_verify_no_signature(self): signature = BytesIO(dedent(''' -- 2.7.4 ++++++ 0005-add-ENCRYPT_NO_ENCRYPT_TO-constant.patch ++++++ >From 4cdf2d052bab95eb27de6ca38e52628ba504d639 Mon Sep 17 00:00:00 2001 From: Till Maas <opensou...@till.name> Date: Wed, 20 Jul 2016 16:18:08 +0200 Subject: [PATCH 5/6] add ENCRYPT_NO_ENCRYPT_TO constant References: https://bugs.launchpad.net/pygpgme/+bug/1192545 Signed-off-by: Igor Gnatenko <ignate...@redhat.com> --- src/pygpgme-constants.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/pygpgme-constants.c b/src/pygpgme-constants.c index c8a2e9c..a23b2ef 100644 --- a/src/pygpgme-constants.c +++ b/src/pygpgme-constants.c @@ -157,6 +157,7 @@ static const struct pygpgme_constant constants[] = { /* gpgme_encrypt_flags_t */ CONST(ENCRYPT_ALWAYS_TRUST), + CONST(ENCRYPT_NO_ENCRYPT_TO), /* gpgme_sigsum_t */ CONST(SIGSUM_VALID), -- 2.7.4 ++++++ 0006-ignore-STATUS_KEY_CONSIDERED-when-editing.patch ++++++ >From f14699792622715c9cec372400f9dc38f1122f63 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko <ignate...@redhat.com> Date: Mon, 25 Jul 2016 11:40:34 +0200 Subject: [PATCH 6/6] ignore STATUS_KEY_CONSIDERED when editing KEY_CONSIDERED has 2 meanings: * The key has not been selected * All subkeys of the key are expired or have been revoked Both of them are definitely good candidates for ignoring for edit utils. https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=ff71521d9698c7c5df94831a1398e948213af433 https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=315fb73d4a774e2c699ac1804f5377559b4d0027 References: https://bugzilla.redhat.com/show_bug.cgi?id=1359521 Signed-off-by: Igor Gnatenko <ignate...@redhat.com> --- gpgme/editutil.py | 3 ++- src/pygpgme-constants.c | 1 + tests/test_editkey.py | 4 +++- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/gpgme/editutil.py b/gpgme/editutil.py index 617ddc3..267612f 100644 --- a/gpgme/editutil.py +++ b/gpgme/editutil.py @@ -60,7 +60,8 @@ def key_editor(function): gpgme.STATUS_KEYEXPIRED, gpgme.STATUS_PROGRESS, gpgme.STATUS_KEY_CREATED, - gpgme.STATUS_ALREADY_SIGNED): + gpgme.STATUS_ALREADY_SIGNED, + gpgme.STATUS_KEY_CONSIDERED): return try: data = gen.send((status, args)) diff --git a/src/pygpgme-constants.c b/src/pygpgme-constants.c index a23b2ef..2435346 100644 --- a/src/pygpgme-constants.c +++ b/src/pygpgme-constants.c @@ -141,6 +141,7 @@ static const struct pygpgme_constant constants[] = { CONST(STATUS_POLICY_URL), CONST(STATUS_BEGIN_STREAM), CONST(STATUS_END_STREAM), + CONST(STATUS_KEY_CONSIDERED), CONST(STATUS_KEY_CREATED), CONST(STATUS_USERID_HINT), CONST(STATUS_UNEXPECTED), diff --git a/tests/test_editkey.py b/tests/test_editkey.py index 4bd2730..d6358f4 100644 --- a/tests/test_editkey.py +++ b/tests/test_editkey.py @@ -32,7 +32,9 @@ class EditKeyTestCase(GpgHomeTestCase): 'signonly.pub', 'signonly.sec'] def edit_quit_cb(self, status, args, fd): - if status in [gpgme.STATUS_EOF, gpgme.STATUS_GOT_IT]: + if status in [gpgme.STATUS_EOF, + gpgme.STATUS_GOT_IT, + gpgme.STATUS_KEY_CONSIDERED]: return self.status = status self.args = args -- 2.7.4