[gentoo-commits] repo/gentoo:master commit in: dev-python/trustme/files/, dev-python/trustme/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] repo/gentoo:master commit in: dev-python/trustme/files/, dev-python/trustme/
@ 2024-10-26 13:07 Michał Górny
  0 siblings, 0 replies; only message in thread
From: Michał Górny @ 2024-10-26 13:07 UTC (permalink / raw
  To: gentoo-commits

commit:     3bf107d61424eefe895bb742e4dd436025037238
Author:     Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Sat Oct 26 13:04:07 2024 +0000
Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Sat Oct 26 13:04:07 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3bf107d6

dev-python/trustme: Remove old

Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>

 dev-python/trustme/Manifest                      |  1 -
 dev-python/trustme/files/trustme-1.1.0-aki.patch | 96 ------------------------
 dev-python/trustme/trustme-1.1.0-r1.ebuild       | 43 -----------
 3 files changed, 140 deletions(-)

diff --git a/dev-python/trustme/Manifest b/dev-python/trustme/Manifest
index 86478191e038..0a4ccbf3ad6c 100644
--- a/dev-python/trustme/Manifest
+++ b/dev-python/trustme/Manifest
@@ -1,2 +1 @@
-DIST trustme-1.1.0.tar.gz 29611 BLAKE2B 71210845c3bb919b731ab14db72376aa701c547c4b062e4dab9ccbb6b97c3416cb48b92a998aa26c85720b38514998e62005dd310513fc80a54502432ee4000b SHA512 f0ad39ffd9f4074107c90258738412ff8ca8ed1b4138e38edc6edad9a5cb8787a53a47fa78b12eba189774902ee3728961feed54b3b5e944e4737749912627b2
 DIST trustme-1.2.0.tar.gz 26350 BLAKE2B 885b96d8ef63a8bf0b96583ecac2c19148f7df28a9e2ad8816fe0d0f752718bb91d84f3d01a7e73663133a3094eb8199ad6eea609e27958db4720a14ff62b1be SHA512 84cfa02cf00bac1a304dacbae8b3d673307d066116e38c396f25fb868174f020c415921d4c56a6a37354e5205f294cf95611a8c4f2b02f82dda2aa9b2e80192b

diff --git a/dev-python/trustme/files/trustme-1.1.0-aki.patch b/dev-python/trustme/files/trustme-1.1.0-aki.patch
deleted file mode 100644
index a00fc85229a9..000000000000
--- a/dev-python/trustme/files/trustme-1.1.0-aki.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-From 84e347d9221e304f0158330e5101d23969d424d0 Mon Sep 17 00:00:00 2001
-From: Illia Volochii <illia.volochii@gmail.com>
-Date: Wed, 27 Mar 2024 11:45:41 +0000
-Subject: [PATCH 1/3] Add AKI to child CA certificates
-
----
- src/trustme/__init__.py | 14 +++++++++++---
- tests/test_trustme.py   |  5 +++++
- 2 files changed, 16 insertions(+), 3 deletions(-)
-
-diff --git a/src/trustme/__init__.py b/src/trustme/__init__.py
-index 5fb24fb..0db1bb0 100644
---- a/src/trustme/__init__.py
-+++ b/src/trustme/__init__.py
-@@ -250,14 +250,22 @@ def __init__(
-             sign_key = parent_cert._private_key
-             parent_certificate = parent_cert._certificate
-             issuer = parent_certificate.subject
--
--        self._certificate = (
-+            ski_ext = parent_certificate.extensions.get_extension_for_class(
-+                x509.SubjectKeyIdentifier)
-+            aki = x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier(ski_ext.value)
-+        else:
-+            aki = None
-+        cert_builder = (
-             _cert_builder_common(name, issuer, self._private_key.public_key())
-             .add_extension(
-                 x509.BasicConstraints(ca=True, path_length=path_length),
-                 critical=True,
-             )
--            .add_extension(
-+        )
-+        if aki:
-+            cert_builder = cert_builder.add_extension(aki, critical=False)
-+        self._certificate = (
-+            cert_builder.add_extension(
-                 x509.KeyUsage(
-                     digital_signature=True,  # OCSP
-                     content_commitment=False,
-diff --git a/tests/test_trustme.py b/tests/test_trustme.py
-index 1d901ad..581716e 100644
---- a/tests/test_trustme.py
-+++ b/tests/test_trustme.py
-@@ -200,6 +200,11 @@ def test_intermediate() -> None:
-     assert_is_ca(child_ca_cert)
-     assert child_ca_cert.issuer == ca_cert.subject
-     assert _path_length(child_ca_cert) == 8
-+    aki = child_ca_cert.extensions.get_extension_for_class(x509.AuthorityKeyIdentifier)
-+    assert aki.critical is False
-+    expected_aki_key_id = ca_cert.extensions.get_extension_for_class(
-+        x509.SubjectKeyIdentifier).value.digest
-+    assert aki.value.key_identifier == expected_aki_key_id
- 
-     child_server = child_ca.issue_cert("test-host.example.org")
-     assert len(child_server.cert_chain_pems) == 2
-
-From f507a28e0f4d97d63716aa5a81669bb747235f07 Mon Sep 17 00:00:00 2001
-From: Illia Volochii <illia.volochii@gmail.com>
-Date: Wed, 27 Mar 2024 12:02:59 +0000
-Subject: [PATCH 2/3] Fix a typing issue
-
----
- src/trustme/__init__.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/trustme/__init__.py b/src/trustme/__init__.py
-index 0db1bb0..d126180 100644
---- a/src/trustme/__init__.py
-+++ b/src/trustme/__init__.py
-@@ -246,6 +246,7 @@ def __init__(
-         )
-         issuer = name
-         sign_key = self._private_key
-+        aki: Optional[x509.AuthorityKeyIdentifier]
-         if parent_cert is not None:
-             sign_key = parent_cert._private_key
-             parent_certificate = parent_cert._certificate
-
-From cdd2fd61aae9c92f902932bacd6b39189ecde4b1 Mon Sep 17 00:00:00 2001
-From: Illia Volochii <illia.volochii@gmail.com>
-Date: Wed, 27 Mar 2024 12:09:38 +0000
-Subject: [PATCH 3/3] Add a news entry
-
----
- newsfragments/642.bugfix.rst | 1 +
- 1 file changed, 1 insertion(+)
- create mode 100644 newsfragments/642.bugfix.rst
-
-diff --git a/newsfragments/642.bugfix.rst b/newsfragments/642.bugfix.rst
-new file mode 100644
-index 0000000..9d75e7a
---- /dev/null
-+++ b/newsfragments/642.bugfix.rst
-@@ -0,0 +1 @@
-+Add the Authority Key Identifier extension to child CA certificates.

diff --git a/dev-python/trustme/trustme-1.1.0-r1.ebuild b/dev-python/trustme/trustme-1.1.0-r1.ebuild
deleted file mode 100644
index 4a3e6481b916..000000000000
--- a/dev-python/trustme/trustme-1.1.0-r1.ebuild
+++ /dev/null
@@ -1,43 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-DISTUTILS_USE_PEP517=setuptools
-PYTHON_COMPAT=( python3_{10..13} pypy3 )
-
-inherit distutils-r1 pypi
-
-DESCRIPTION="#1 quality TLS certs while you wait, for the discerning tester"
-HOMEPAGE="
-	https://github.com/python-trio/trustme/
-	https://pypi.org/project/trustme/
-"
-
-LICENSE="|| ( Apache-2.0 MIT )"
-SLOT="0"
-KEYWORDS="amd64 arm arm64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~ppc-macos ~x64-macos ~x64-solaris"
-
-RDEPEND="
-	>=dev-python/cryptography-3.1[${PYTHON_USEDEP}]
-	>=dev-python/idna-2.0[${PYTHON_USEDEP}]
-"
-BDEPEND="
-	test? (
-		dev-python/pyopenssl[${PYTHON_USEDEP}]
-		dev-python/service-identity[${PYTHON_USEDEP}]
-	)
-"
-
-distutils_enable_tests pytest
-
-PATCHES=(
-	# https://github.com/python-trio/trustme/pull/642
-	# (also fixes py3.13)
-	"${FILESDIR}/${P}-aki.patch"
-)
-
-python_test() {
-	local -x PYTEST_DISABLE_PLUGIN_AUTOLOAD=1
-	epytest
-}


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2024-10-26 13:07 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-10-26 13:07 [gentoo-commits] repo/gentoo:master commit in: dev-python/trustme/files/, dev-python/trustme/ Michał Górny

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox