From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id A463C158046 for ; Mon, 14 Oct 2024 00:35:08 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E976AE0824; Mon, 14 Oct 2024 00:35:07 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id CB28EE0824 for ; Mon, 14 Oct 2024 00:35:07 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 0F08C34300E for ; Mon, 14 Oct 2024 00:35:07 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id A5E62AE7 for ; Mon, 14 Oct 2024 00:35:05 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1728866064.6cf1e696cb6a62e70a9f5f9f01933ef571d4109a.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/certbot/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch X-VCS-Directories: app-crypt/certbot/files/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: 6cf1e696cb6a62e70a9f5f9f01933ef571d4109a X-VCS-Branch: master Date: Mon, 14 Oct 2024 00:35:05 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: f57b0773-b756-4f97-98f2-4f7eee3fbe44 X-Archives-Hash: 699e86107db8794ae34aae97fc1e8833 commit: 6cf1e696cb6a62e70a9f5f9f01933ef571d4109a Author: Sam James gentoo org> AuthorDate: Mon Oct 14 00:34:24 2024 +0000 Commit: Sam James gentoo org> CommitDate: Mon Oct 14 00:34:24 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6cf1e696 app-crypt/certbot: drop obsolete patch Signed-off-by: Sam James gentoo.org> ...karound-cryptography-deprecation-warnings.patch | 36 ---------------------- 1 file changed, 36 deletions(-) diff --git a/app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch b/app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch deleted file mode 100644 index ecaf4830eb24..000000000000 --- a/app-crypt/certbot/files/certbot-2.11.0-workaround-cryptography-deprecation-warnings.patch +++ /dev/null @@ -1,36 +0,0 @@ -https://github.com/certbot/certbot/issues/9967 -https://bugs.gentoo.org/937889 ---- a/certbot/ocsp.py -+++ b/certbot/ocsp.py -@@ -4,6 +4,7 @@ from datetime import timedelta - import logging - import re - import subprocess -+import warnings - from subprocess import PIPE - from typing import Optional - from typing import Tuple -@@ -235,12 +236,17 @@ def _check_ocsp_response(response_ocsp: 'ocsp.OCSPResponse', request_ocsp: 'ocsp - # https://github.com/openssl/openssl/blob/ef45aa14c5af024fcb8bef1c9007f3d1c115bd85/crypto/ocsp/ocsp_cl.c#L338-L391 - # thisUpdate/nextUpdate are expressed in UTC/GMT time zone - now = datetime.now(pytz.UTC).replace(tzinfo=None) -- if not response_ocsp.this_update: -- raise AssertionError('param thisUpdate is not set.') -- if response_ocsp.this_update > now + timedelta(minutes=5): -- raise AssertionError('param thisUpdate is in the future.') -- if response_ocsp.next_update and response_ocsp.next_update < now - timedelta(minutes=5): -- raise AssertionError('param nextUpdate is in the past.') -+ with warnings.catch_warnings(): -+ # Workaround for deprecation warnings w/ newer cryptography -+ # https://github.com/certbot/certbot/issues/9967 (bug #937889) -+ warnings.filterwarnings("ignore", category=CryptographyDeprecationWarning) -+ -+ if not response_ocsp.this_update: -+ raise AssertionError('param thisUpdate is not set.') -+ if response_ocsp.this_update > now + timedelta(minutes=5): -+ raise AssertionError('param thisUpdate is in the future.') -+ if response_ocsp.next_update and response_ocsp.next_update < now - timedelta(minutes=5): -+ raise AssertionError('param nextUpdate is in the past.') - - - def _check_ocsp_response_signature(response_ocsp: 'ocsp.OCSPResponse',