import python-oauthlib-3.1.1-2.el9

This commit is contained in:
CentOS Sources 2021-11-02 11:54:17 -04:00 committed by Stepan Oksanichenko
commit 468dd990b5
4 changed files with 495 additions and 0 deletions

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/oauthlib-3.1.1.tar.gz

View File

@ -0,0 +1 @@
e0be72ebcdc058174c2d8f2967818c2028f9e984 SOURCES/oauthlib-3.1.1.tar.gz

View File

@ -0,0 +1,282 @@
From 6284bb10c4b67a9254cc6452efc99a4174607a36 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Wed, 23 Jun 2021 22:37:42 +0200
Subject: [PATCH] Rip out RSA-SHA1
---
oauthlib/oauth1/__init__.py | 2 --
oauthlib/oauth1/rfc5849/__init__.py | 2 ++
oauthlib/oauth1/rfc5849/endpoints/base.py | 11 +++---
oauthlib/oauth1/rfc5849/signature.py | 37 +++------------------
tests/oauth1/rfc5849/endpoints/test_base.py | 9 -----
tests/oauth1/rfc5849/test_client.py | 17 ++++------
tests/oauth1/rfc5849/test_signatures.py | 33 +++++++++---------
7 files changed, 36 insertions(+), 75 deletions(-)
diff --git a/oauthlib/oauth1/__init__.py b/oauthlib/oauth1/__init__.py
index 07ef422..5573ed6 100644
--- a/oauthlib/oauth1/__init__.py
+++ b/oauthlib/oauth1/__init__.py
@@ -10,8 +10,6 @@ from .rfc5849 import (SIGNATURE_HMAC,
SIGNATURE_HMAC_SHA1,
SIGNATURE_HMAC_SHA256,
SIGNATURE_HMAC_SHA512,
- SIGNATURE_RSA,
- SIGNATURE_RSA_SHA1,
SIGNATURE_RSA_SHA256,
SIGNATURE_RSA_SHA512,
SIGNATURE_PLAINTEXT)
diff --git a/oauthlib/oauth1/rfc5849/__init__.py b/oauthlib/oauth1/rfc5849/__init__.py
index c559251..1a56728 100644
--- a/oauthlib/oauth1/rfc5849/__init__.py
+++ b/oauthlib/oauth1/rfc5849/__init__.py
@@ -78,6 +78,8 @@ class Client:
SIGNATURE_HMAC_SHA1: signature.sign_hmac_sha1_with_client,
SIGNATURE_HMAC_SHA256: signature.sign_hmac_sha256_with_client,
SIGNATURE_HMAC_SHA512: signature.sign_hmac_sha512_with_client,
+ # sign_rsa_sha1_with_client actually points out to a dummy method
+ # that just throws an exception
SIGNATURE_RSA_SHA1: signature.sign_rsa_sha1_with_client,
SIGNATURE_RSA_SHA256: signature.sign_rsa_sha256_with_client,
SIGNATURE_RSA_SHA512: signature.sign_rsa_sha512_with_client,
diff --git a/oauthlib/oauth1/rfc5849/endpoints/base.py b/oauthlib/oauth1/rfc5849/endpoints/base.py
index 3a8c267..f1694d4 100644
--- a/oauthlib/oauth1/rfc5849/endpoints/base.py
+++ b/oauthlib/oauth1/rfc5849/endpoints/base.py
@@ -180,9 +180,12 @@ class BaseEndpoint:
description='Invalid nonce format.')
def _check_signature(self, request, is_token_request=False):
+ # ---- RSA-SHA1 is not allowed ------
+ if request.signature_method == SIGNATURE_RSA_SHA1:
+ raise ValueError("Using RSA-SHA1 is deprecated, use HMAC-SHA1 or a stronger RSA-SHA***")
+
# ---- RSA Signature verification ----
- if request.signature_method == SIGNATURE_RSA_SHA1 or \
- request.signature_method == SIGNATURE_RSA_SHA256 or \
+ if request.signature_method == SIGNATURE_RSA_SHA256 or \
request.signature_method == SIGNATURE_RSA_SHA512:
# RSA-based signature method
@@ -192,9 +195,7 @@ class BaseEndpoint:
rsa_key = self.request_validator.get_rsa_key(
request.client_key, request)
- if request.signature_method == SIGNATURE_RSA_SHA1:
- valid_signature = signature.verify_rsa_sha1(request, rsa_key)
- elif request.signature_method == SIGNATURE_RSA_SHA256:
+ if request.signature_method == SIGNATURE_RSA_SHA256:
valid_signature = signature.verify_rsa_sha256(request, rsa_key)
elif request.signature_method == SIGNATURE_RSA_SHA512:
valid_signature = signature.verify_rsa_sha512(request, rsa_key)
diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py
index a370ccd..d8f2761 100644
--- a/oauthlib/oauth1/rfc5849/signature.py
+++ b/oauthlib/oauth1/rfc5849/signature.py
@@ -561,7 +561,6 @@ def _get_jwt_rsa_algorithm(hash_algorithm_name: str):
# PyJWT has some nice pycrypto/cryptography abstractions
import jwt.algorithms as jwt_algorithms
m = {
- 'SHA-1': jwt_algorithms.hashes.SHA1,
'SHA-256': jwt_algorithms.hashes.SHA256,
'SHA-512': jwt_algorithms.hashes.SHA512,
}
@@ -727,44 +726,16 @@ def _verify_rsa(hash_algorithm_name: str,
return False
-# ==== RSA-SHA1 ==================================================
+# ==== RSA-SHA1 DEPRECATED ================================================
def sign_rsa_sha1_with_client(sig_base_str, client):
- # For some reason, this function originally accepts both str and bytes.
- # This behaviour is preserved here. But won't be done for the newer
- # sign_rsa_sha256_with_client and sign_rsa_sha512_with_client functions,
- # which will only accept strings. The function to calculate a
- # "signature base string" always produces a string, so it is not clear
- # why support for bytes would ever be needed.
- sig_base_str = sig_base_str.decode('ascii')\
- if isinstance(sig_base_str, bytes) else sig_base_str
-
- return _sign_rsa('SHA-1', sig_base_str, client.rsa_key)
-
+ raise ValueError("RSA-SHA1 is deprecated, use a stronger hash or HMAC-SHA1")
def verify_rsa_sha1(request, rsa_public_key: str):
- return _verify_rsa('SHA-1', request, rsa_public_key)
-
+ raise ValueError("RSA-SHA1 is deprecated, use a stronger hash or HMAC-SHA1")
def sign_rsa_sha1(base_string, rsa_private_key):
- """
- Deprecated function for calculating a RSA-SHA1 signature.
-
- This function has been replaced by invoking ``sign_rsa`` with "SHA-1"
- as the hash algorithm name.
-
- This function was invoked by sign_rsa_sha1_with_client and
- test_signatures.py, but does any application invoke it directly? If not,
- it can be removed.
- """
- warnings.warn('use _sign_rsa("SHA-1", ...) instead of sign_rsa_sha1',
- DeprecationWarning)
-
- if isinstance(base_string, bytes):
- base_string = base_string.decode('ascii')
-
- return _sign_rsa('SHA-1', base_string, rsa_private_key)
-
+ raise ValueError("RSA-SHA1 is deprecated, use a stronger hash or HMAC-SHA1")
# ==== RSA-SHA256 ================================================
diff --git a/tests/oauth1/rfc5849/endpoints/test_base.py b/tests/oauth1/rfc5849/endpoints/test_base.py
index e87f359..2d0d213 100644
--- a/tests/oauth1/rfc5849/endpoints/test_base.py
+++ b/tests/oauth1/rfc5849/endpoints/test_base.py
@@ -390,15 +390,6 @@ class SignatureVerificationTest(TestCase):
r = self.e._create_request(self.uri, 'GET', sig, URLENCODED)
self.assertTrue(self.e._check_signature(r))
- def test_rsa_signature(self):
- rsa_sig = ("fxFvCx33oKlR9wDquJ%2FPsndFzJphyBa3RFPPIKi3flqK%2BJ7yIrMVbH"
- "YTM%2FLHPc7NChWz4F4%2FzRA%2BDN1k08xgYGSBoWJUOW6VvOQ6fbYhMA"
- "FkOGYbuGDbje487XMzsAcv6ZjqZHCROSCk5vofgLk2SN7RZ3OrgrFzf4in"
- "xetClqA%3D")
- sig = self.sig % (rsa_sig, "RSA-SHA1")
- r = self.e._create_request(self.uri, 'GET', sig, URLENCODED)
- self.assertTrue(self.e._check_signature(r))
-
def test_plaintext_signature(self):
plain_sig = "super%252520secret%26even%252520more%252520secret"
sig = self.sig % (plain_sig, "PLAINTEXT")
diff --git a/tests/oauth1/rfc5849/test_client.py b/tests/oauth1/rfc5849/test_client.py
index f7c997f..d167652 100644
--- a/tests/oauth1/rfc5849/test_client.py
+++ b/tests/oauth1/rfc5849/test_client.py
@@ -2,7 +2,7 @@
from oauthlib.common import Request
from oauthlib.oauth1 import (
SIGNATURE_HMAC_SHA1, SIGNATURE_HMAC_SHA256, SIGNATURE_PLAINTEXT,
- SIGNATURE_RSA, SIGNATURE_TYPE_BODY, SIGNATURE_TYPE_QUERY,
+ SIGNATURE_RSA_SHA256, SIGNATURE_TYPE_BODY, SIGNATURE_TYPE_QUERY,
)
from oauthlib.oauth1.rfc5849 import Client
@@ -75,9 +75,9 @@ class ClientConstructorTests(TestCase):
client.SIGNATURE_METHODS[client.signature_method])
def test_rsa(self):
- client = Client('client_key', signature_method=SIGNATURE_RSA)
+ client = Client('client_key', signature_method=SIGNATURE_RSA_SHA256)
# instance is using the correct signer method
- self.assertEqual(Client.SIGNATURE_METHODS[SIGNATURE_RSA],
+ self.assertEqual(Client.SIGNATURE_METHODS[SIGNATURE_RSA_SHA256],
client.SIGNATURE_METHODS[client.signature_method])
# don't need an RSA key to instantiate
self.assertIsNone(client.rsa_key)
@@ -124,16 +124,13 @@ class SignatureMethodTest(TestCase):
"LVduVgh4v5yLT\nGa6FHdjGPcfajt+nrpB1n8UQBEH9ZxniokR/IPv"
"dMlxqXA==\n-----END RSA PRIVATE KEY-----"
)
- client = Client('client_key', signature_method=SIGNATURE_RSA,
+ client = Client('client_key', signature_method=SIGNATURE_RSA_SHA256,
rsa_key=private_key, timestamp='1234567890', nonce='abc')
u, h, b = client.sign('http://example.com')
correct = ('OAuth oauth_nonce="abc", oauth_timestamp="1234567890", '
- 'oauth_version="1.0", oauth_signature_method="RSA-SHA1", '
+ 'oauth_version="1.0", oauth_signature_method="RSA-SHA256", '
'oauth_consumer_key="client_key", '
- 'oauth_signature="ktvzkUhtrIawBcq21DRJrAyysTc3E1Zq5GdGu8EzH'
- 'OtbeaCmOBDLGHAcqlm92mj7xp5E1Z6i2vbExPimYAJL7FzkLnkRE5YEJR4'
- 'rNtIgAf1OZbYsIUmmBO%2BCLuStuu5Lg3tAluwC7XkkgoXCBaRKT1mUXzP'
- 'HJILzZ8iFOvS6w5E%3D"')
+ 'oauth_signature="hJE2IGqCn3bw7ecu6psnsImrvERhTd667aIENzWbzdRGxEWwvAwJvWWCffD8P0Ox9IEu3gKD%2FzYdr36tBhW%2FMvdFsOAr4F41ojznv1urY6%2FD9FRs1py9dYuj1vdFYFUzziMBDv2w2emidDk8PqfHT1we5%2FIcH%2FKNCjMbkQgxsqE%3D"')
self.assertEqual(h['Authorization'], correct)
def test_plaintext_method(self):
@@ -155,7 +152,7 @@ class SignatureMethodTest(TestCase):
self.assertRaises(ValueError, client.sign, 'http://example.com')
def test_rsa_no_key(self):
- client = Client('client_key', signature_method=SIGNATURE_RSA)
+ client = Client('client_key', signature_method=SIGNATURE_RSA_SHA256)
self.assertRaises(ValueError, client.sign, 'http://example.com')
def test_register_method(self):
diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py
index 3e84f24..c505a38 100644
--- a/tests/oauth1/rfc5849/test_signatures.py
+++ b/tests/oauth1/rfc5849/test_signatures.py
@@ -640,18 +640,20 @@ GLYT3Jw1Lfb1bbuck9Y0JsRJO7uydWUbxXyZ+8YaDfE2NMw7sh2vAgMBAAE=
def test_sign_rsa_sha1_with_client(self):
"""
- Test sign and verify with RSA-SHA1.
+ Test that sign and verify with RSA-SHA1 throws an exception
"""
- self.assertEqual(
- self.expected_signature_rsa_sha1,
- sign_rsa_sha1_with_client(self.eg_signature_base_string,
- self.rsa_private_client))
- self.assertTrue(verify_rsa_sha1(
- MockRequest('POST',
- 'http://example.com/request',
- self.eg_params,
- self.expected_signature_rsa_sha1),
- self.rsa_public_client.rsa_key))
+ self.assertRaises(ValueError,
+ sign_rsa_sha1_with_client,
+ self.eg_signature_base_string,
+ self.rsa_private_client)
+
+ self.assertRaises(ValueError,
+ verify_rsa_sha1,
+ MockRequest('POST',
+ 'http://example.com/request',
+ self.eg_params,
+ self.expected_signature_rsa_sha1),
+ self.rsa_public_client.rsa_key)
def test_sign_rsa_sha256_with_client(self):
"""
@@ -707,7 +709,6 @@ MmgDHR2tt8KeYTSgfU+BAkBcaVF91EQ7VXhvyABNYjeYP7lU7orOgdWMa/zbLXSU
''')
for functions in [
- (sign_rsa_sha1_with_client, verify_rsa_sha1),
(sign_rsa_sha256_with_client, verify_rsa_sha256),
(sign_rsa_sha512_with_client, verify_rsa_sha512),
]:
@@ -757,12 +758,12 @@ MmgDHR2tt8KeYTSgfU+BAkBcaVF91EQ7VXhvyABNYjeYP7lU7orOgdWMa/zbLXSU
for bad_value in [None, '', 'foobar']:
self.assertRaises(ValueError,
- sign_rsa_sha1_with_client,
+ sign_rsa_sha256_with_client,
self.eg_signature_base_string,
MockClient(rsa_key=bad_value))
self.assertRaises(AttributeError,
- sign_rsa_sha1_with_client,
+ sign_rsa_sha256_with_client,
self.eg_signature_base_string,
self.rsa_public_client) # public key doesn't sign
@@ -770,11 +771,11 @@ MmgDHR2tt8KeYTSgfU+BAkBcaVF91EQ7VXhvyABNYjeYP7lU7orOgdWMa/zbLXSU
for bad_value in [None, '', 'foobar', self.rsa_private_client.rsa_key]:
self.assertRaises(TypeError,
- verify_rsa_sha1,
+ verify_rsa_sha256,
MockRequest('POST',
'http://example.com/request',
self.eg_params,
- self.expected_signature_rsa_sha1),
+ self.expected_signature_rsa_sha256),
MockClient(rsa_key=bad_value))
# For completeness, this text could repeat the above for RSA-SHA256 and
--
2.26.3

211
SPECS/python-oauthlib.spec Normal file
View File

@ -0,0 +1,211 @@
%global modname oauthlib
Name: python-oauthlib
Version: 3.1.1
Release: 2%{?dist}
Summary: An implementation of the OAuth request-signing logic
License: BSD
URL: https://github.com/oauthlib/oauthlib
Source0: https://github.com/oauthlib/oauthlib/archive/v%{version}/%{modname}-%{version}.tar.gz
Patch0001: 0001-Rip-out-RSA-SHA1.patch
BuildArch: noarch
%description
OAuthLib is a generic utility which implements the logic of OAuth without
assuming a specific HTTP request object or web framework. Use it to graft
OAuth client support onto your favorite HTTP library, or provider support
onto your favourite web framework. If you're a maintainer of such a
library, write a thin veneer on top of OAuthLib and get OAuth support for
very little effort.
%package -n python3-oauthlib
Summary: An implementation of the OAuth request-signing logic
%{?python_provide:%python_provide python3-oauthlib}
Obsoletes: python3-oauthlib+signedtoken < 3.1.0-2
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: python3-pytest
BuildRequires: python3-blinker
BuildRequires: python3-cryptography >= 1.4.0
%description -n python3-oauthlib
OAuthLib is a generic utility which implements the logic of OAuth without
assuming a specific HTTP request object or web framework. Use it to graft
OAuth client support onto your favorite HTTP library, or provider support
onto your favourite web framework. If you're a maintainer of such a
library, write a thin veneer on top of OAuthLib and get OAuth support for
very little effort.
%prep
%setup -q -n %{modname}-%{version}
%patch0001 -p1
# python-unittest2 is now provided by "python" package and python-unittest is retired
# adapt setup.py to reflect this fact downstream
sed -i "s/'unittest2', //" setup.py
# Remove bundled egg-info in case it exists
rm -rf %{modname}.egg-info
%build
%py3_build
%install
%py3_install
%check
echo 'import pytest; __getattr__ = lambda _: pytest.skip("this test needs jwt")' > jwt.py
%pytest -rs --ignore tests/oauth2/rfc6749/clients/test_service_application.py
rm jwt.py
%files -n python3-oauthlib
%doc README.rst
%license LICENSE
%{python3_sitelib}/%{modname}/
%{python3_sitelib}/%{modname}-%{version}-*
%changelog
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.1.1-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Jun 28 2021 Jakub Hrozek <jhrozek@redhat.com> - 3.1.1-1
- Resolves: rhbz#1935433 - python-oauthlib implements and/or uses the
deprecated SHA1 algorithm by default
* Mon May 31 2021 Miro Hrončok <mhroncok@redhat.com> - 3.1.0-2
- Remove the python3-oauthlib+signedtoken package
- When building, skip tests that require jwt
- Resolves: rhbz#1966407 - Drop python-jwt dependency from python-oauthlib
* Tue May 25 2021 Jakub Hrozek <jhrozek@redhat.com> - 3.1.0-1
- Resolves: rhbz#1922352 - python-oauthlib requires python-mock
- Update to upstream 3.1.0
- Gets rid of obsolete python-nose dependency
- Nuke the python2/python3 conditionals, let's only support python3
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.0.2-10
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 10 2020 Miro Hrončok <mhroncok@redhat.com> - 3.0.2-7
- Add oauthlib[signedtoken] subpackage
* Sat May 23 2020 Miro Hrončok <mhroncok@redhat.com> - 3.0.2-6
- Rebuilt for Python 3.9
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 3.0.2-4
- Rebuilt for Python 3.8.0rc1 (#1748018)
* Fri Aug 16 2019 Miro Hrončok <mhroncok@redhat.com> - 3.0.2-3
- Rebuilt for Python 3.8
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Mon Jul 15 2019 <jdennis@redhat.com> - 3.0.2-1
- Update to upstream 3.0.2
- Resolves: rhbz#1730033
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Aug 3 2018 <jdennis@redhat.com> - 2.1.0-1
- upgrade to latest upstream 2.1.0
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.1-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jul 10 2018 <jdennis@redhat.com> - 2.0.1-10
- Restore use of bcond for python conditionals
* Tue Jul 10 2018 <jdennis@redhat.com> - 2.0.1-9
- Unify spec file between Fedora and RHEL
* Fri Jun 15 2018 Miro Hrončok <mhroncok@redhat.com> - 2.0.1-8
- Rebuilt for Python 3.7
* Mon Feb 12 2018 Iryna Shcherbina <ishcherb@redhat.com> - 2.0.1-7
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Fri Sep 29 2017 Troy Dawson <tdawson@redhat.com> - 0.7.19-5
- Cleanup spec file conditionals
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Mon Apr 17 2017 John Dennis <jdennis@redhat.com> - 2.0.1-3
- fix dependency on python2-jwt, should be python-jwt
* Thu Apr 13 2017 Dennis Gilmore <dennis@ausil.us> - 2.0.1-2
- add spaces around the >= for Requires
* Thu Mar 16 2017 John Dennis <jdennis@redhat.com> - 2.0.1-1
- Upgrade to upstream 2.0.1
- port from jwt to jwcrypto (conditional build)
- bring into alignment with rhel spec file
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Dec 13 2016 Stratakis Charalampos <cstratak@redhat.com> - 1.0.3-4
- Rebuild for Python 3.6
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.3-3
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
* Tue Jun 28 2016 Ralph Bean <rbean@redhat.com> - 1.0.3-2
- Modernize python macros.
* Sun Apr 10 2016 Kevin Fenzi <kevin@scrye.com> - 1.0.3-1
- Update to 1.0.3
- Add python2 provides (fixes bug #1313235 and #1314349)
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.2-5.20150520git514cad7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Tue Nov 10 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.2-4.20150520git514cad7
- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.2-3.20150520git514cad7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Wed Feb 18 2015 Ralph Bean <rbean@redhat.com> - 0.7.2-2.20150520git514cad7
- new version, from a git checkout
- Replace our patch with a sed statement.
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May 14 2014 Bohuslav Kabrda <bkabrda@redhat.com> - 0.6.0-5
- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4
* Fri Apr 11 2014 Ralph Bean <rbean@redhat.com> - 0.6.0-4
- Use forward-compat python-crypto2.6 package for el6.
* Tue Jan 21 2014 Ralph Bean <rbean@redhat.com> - 0.6.0-3
- Compat macros for el6.
* Fri Nov 01 2013 Ralph Bean <rbean@redhat.com> - 0.6.0-2
- Modernized python2 rpmmacros.
* Thu Oct 31 2013 Ralph Bean <rbean@redhat.com> - 0.6.0-1
- Initial package for Fedora