10 changed files with 4 additions and 238 deletions
--- a/.fmf/version
+++ b/.fmf/version
@ -1 +0,0 @@
 1
--- a/.gitignore
+++ b/.gitignore
@ -1,63 +1,2 @@
-/results_python-cryptography
+SOURCES/cryptography-41.0.7-vendor.tar.bz2
-/*.src.rpm
+SOURCES/cryptography-41.0.7.tar.gz
 /cryptography-1.3.1.tar.gz
 /cryptography-1.5.3.tar.gz
 /cryptography-1.7.1.tar.gz
 /cryptography-1.7.2.tar.gz
 /cryptography-1.9.tar.gz
 /cryptography-2.0.2.tar.gz
 /cryptography-2.1.tar.gz
 /cryptography-2.1.3.tar.gz
 /cryptography-2.1.4.tar.gz
 /cryptography-2.2.1.tar.gz
 /cryptography-2.3.tar.gz
 /cryptography-2.5.tar.gz
 /cryptography-2.6.1.tar.gz
 /cryptography-2.7.tar.gz
 /cryptography-2.8.tar.gz
 /cryptography-2.9.tar.gz
 /cryptography-2.9.tar.gz.asc
 /cryptography-3.0.tar.gz
 /cryptography-3.0.tar.gz.asc
 /cryptography-3.1.tar.gz
 /cryptography-3.1.tar.gz.asc
 /cryptography-3.2.tar.gz
 /cryptography-3.2.tar.gz.asc
 /cryptography-3.2.1.tar.gz
 /cryptography-3.2.1.tar.gz.asc
 /cryptography-3.3.1.tar.gz
 /cryptography-3.3.1.tar.gz.asc
 /cryptography-3.4.tar.gz
 /cryptography-3.4.tar.gz.asc
 /cryptography-3.4.1.tar.gz
 /cryptography-3.4.1.tar.gz.asc
 /cryptography-3.4.2.tar.gz
 /cryptography-3.4.2.tar.gz.asc
 /cryptography-3.4.4.tar.gz
 /cryptography-3.4.4.tar.gz.asc
 /cryptography-3.4.5.tar.gz
 /cryptography-3.4.5.tar.gz.asc
 /cryptography-3.4.6.tar.gz
 /cryptography-3.4.6.tar.gz.asc
 /cryptography-3.4.7.tar.gz
 /cryptography-3.4.7-vendor.tar.bz2
 /cryptography-35.0.0.tar.gz
 /cryptography-35.0.0-vendor.tar.bz2
 /cryptography-36.0.0.tar.gz
 /cryptography-36.0.0-vendor.tar.bz2
 /cryptography-37.0.2.tar.gz
 /cryptography-37.0.2-vendor.tar.bz2
 /cryptography-39.0.2.tar.gz
 /cryptography-39.0.2-vendor.tar.bz2
 /cryptography-40.0.0.tar.gz
 /cryptography-40.0.0-vendor.tar.bz2
 /cryptography-40.0.1.tar.gz
 /cryptography-40.0.1-vendor.tar.bz2
 /cryptography-40.0.2.tar.gz
 /cryptography-40.0.2-vendor.tar.bz2
 /cryptography-41.0.3.tar.gz
 /cryptography-41.0.3-vendor.tar.bz2
 /cryptography-41.0.5-vendor.tar.bz2
 /cryptography-41.0.5.tar.gz
 /cryptography-41.0.7.tar.gz
 /cryptography-41.0.7-vendor.tar.bz2
--- a/.python3.12-cryptography.metadata
+++ b/.python3.12-cryptography.metadata
@ -0,0 +1,2 @@
 94ad9fc97d92aae28d40392189655dbf932a1803 SOURCES/cryptography-41.0.7-vendor.tar.bz2
 fd245c3045ca9b3861f794d1a54cf97e629c19bf SOURCES/cryptography-41.0.7.tar.gz
--- a/SOURCES/conftest-skipper.py
+++ b/SOURCES/conftest-skipper.py
--- a/SOURCES/raise-an-exception-for-CVE-2023-49083.patch
+++ b/SOURCES/raise-an-exception-for-CVE-2023-49083.patch
--- a/SPECS/python3.12-cryptography.spec
+++ b/SPECS/python3.12-cryptography.spec
--- a/gating.yaml
+++ b/gating.yaml
@ -1,7 +0,0 @@
 --- !Policy
 product_versions:
  - rhel-9
 decision_context: osci_compose_gate
 rules:
  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
--- a/plan.fmf
+++ b/plan.fmf
@ -1,53 +0,0 @@
 execute:
  how: tmt
 discover:
  how: shell
  dist-git-source: true
  tests:
  - name: bundled tests - Prepare part
    require:
    - patch
    - python3.12-pytest
    - python3.12-cryptography
    - python3.12-pip
    test: |
      cd $(dirname $TMT_SOURCE_DIR/cryptography-*/tests) &&
      rm -rf tests/hypothesis/ tests/test_fernet.py \
        tests/hazmat/primitives/test_scrypt.py &&
      cat $TMT_TREE/conftest-skipper.py  >> tests/conftest.py &&
      sed -i -e 's/ --benchmark-disable//' pyproject.toml &&
      pip3.12 install pytz==2022.7.1 pytest-subtests==0.11.0
  - name: unittests-basic
    test: |
      cd $(dirname $TMT_SOURCE_DIR/cryptography-*/tests) &&
      PYTHONPATH=./vectors pytest-3.12 tests/test_*.py
  - name: unittests-x509
    test: |
      cd $(dirname $TMT_SOURCE_DIR/cryptography-*/tests) &&
      PYTHONPATH=./vectors OPENSSL_ENABLE_SHA1_SIGNATURES=yes pytest-3.12 tests/x509/
  - name: unittests-hazmat
    test: |
      cd $(dirname $TMT_SOURCE_DIR/cryptography-*/tests) &&
      PYTHONPATH=./vectors pytest-3.12 -k 'not test_openssl_memleak' tests/hazmat/backends/ tests/hazmat/bindings/
  - name: unittests-primitives-aead
    test: |
      cd $(dirname $TMT_SOURCE_DIR/cryptography-*/tests) &&
      PYTHONPATH=./vectors pytest-3.12 tests/hazmat/primitives/test_aead.py
  - name: unittests-primitives-aes
    test: |
      cd $(dirname $TMT_SOURCE_DIR/cryptography-*/tests) &&
      PYTHONPATH=./vectors pytest-3.12 tests/hazmat/primitives/test_aes.py::TestAESModeCBC \
            tests/hazmat/primitives/test_aes.py::TestAESModeCTR \
            tests/hazmat/primitives/test_aes_gcm.py::TestAESModeGCM
  - name: unittests-primitives-a-e
    test: |
      cd $(dirname $TMT_SOURCE_DIR/cryptography-*/tests) &&
      PYTHONPATH=./vectors pytest-3.12 tests/hazmat/primitives/test_arc4.py \
            tests/hazmat/primitives/test_asym_utils.py \
            tests/hazmat/primitives/test_[b-e]*.py
  - name: unittests-primitives-f-z
    test: |
      cd $(dirname $TMT_SOURCE_DIR/cryptography-*/tests) &&
      patch -p1 < $TMT_TREE/raise-an-exception-for-CVE-2023-49083.patch &&
      PYTHONPATH=./vectors OPENSSL_ENABLE_SHA1_SIGNATURES=yes pytest-3.12 tests/hazmat/primitives/test_[f-z]*.py \
            tests/hazmat/primitives/twofactor
--- a/2
+++ b/2
@ -1,2 +0,0 @@
 SHA512 (cryptography-41.0.7.tar.gz) = 9a870d45296de6af1331e73b102226b8269892216cd7bc0adfb2f63ce1ca7021d338effd09182128253d8d8df154bbd19d46c47f10ddac86e739fcbf6df78307
 SHA512 (cryptography-41.0.7-vendor.tar.bz2) = dbf750a1ada4a9330939e3dae8311007a9e25808eb64c124c99981187d1bc04baba3a7d3b838c0cd9491e8350c382fb0f789a11abb21c633f2d78e8aba819b9e
--- a/vendor_rust.py
+++ b/vendor_rust.py
@ -1,112 +0,0 @@
 #!/usr/bin/python3
 """Vendor PyCA cryptography's Rust crates
 """
 import argparse
 import os
 import re
 import tarfile
 import tempfile
 import shutil
 import subprocess
 import sys
 VENDOR_DIR = "vendor"
 CARGO_TOML = "src/rust/Cargo.toml"
 RE_VERSION = re.compile("Version:\s*(.*)")
 parser = argparse.ArgumentParser(description="Vendor Rust packages")
 parser.add_argument(
    "--spec", default="python-cryptography.spec", help="cryptography source tar bundle"
 )
 def cargo(cmd, manifest):
    args = ["cargo", cmd, f"--manifest-path={manifest}"]
    return subprocess.check_call(
        args, stdout=subprocess.DEVNULL, stderr=sys.stderr, env={}
    )
 def tar_reset(tarinfo):
    """Reset user, group, mtime, and mode to create reproducible tar"""
    tarinfo.uid = 0
    tarinfo.gid = 0
    tarinfo.uname = "root"
    tarinfo.gname = "root"
    tarinfo.mtime = 0
    if tarinfo.type == tarfile.DIRTYPE:
        tarinfo.mode = 0o755
    else:
        tarinfo.mode = 0o644
    if tarinfo.pax_headers:
        raise ValueError(tarinfo.name, tarinfo.pax_headers)
    return tarinfo
 def tar_reproducible(tar, basedir):
    """Create reproducible tar file"""
    content = [basedir]
    for root, dirs, files in os.walk(basedir):
        for directory in dirs:
            content.append(os.path.join(root, directory))
        for filename in files:
            content.append(os.path.join(root, filename))
    content.sort()
    for fn in content:
        tar.add(fn, filter=tar_reset, recursive=False, arcname=fn)
 def main():
    args = parser.parse_args()
    spec = args.spec
    # change cwd to work in bundle directory
    here = os.path.dirname(os.path.abspath(spec))
    os.chdir(here)
    # extract version number from bundle name
    with open(spec) as f:
        for line in f:
            mo = RE_VERSION.search(line)
            if mo is not None:
                version = mo.group(1)
                break
        else:
            raise ValueError(f"Cannot find version in {spec}")
    bundle_file = f"cryptography-{version}.tar.gz"
    vendor_file = f"cryptography-{version}-vendor.tar.bz2"
    # remove existing vendor directory and file
    if os.path.isdir(VENDOR_DIR):
        shutil.rmtree(VENDOR_DIR)
    try:
        os.unlink(vendor_file)
    except FileNotFoundError:
        pass
    print(f"Getting crates for {bundle_file}", file=sys.stderr)
    # extract tar file in tempdir
    # fetch and vendor Rust crates
    with tempfile.TemporaryDirectory(dir=here) as tmp:
        with tarfile.open(bundle_file) as tar:
            tar.extractall(path=tmp)
        manifest = os.path.join(tmp, f"cryptography-{version}", CARGO_TOML)
        cargo("fetch", manifest)
        cargo("vendor", manifest)
    print("\nCreating tar ball...", file=sys.stderr)
    with tarfile.open(vendor_file, "x:bz2") as tar:
        tar_reproducible(tar, VENDOR_DIR)
    # remove vendor dir
    shutil.rmtree(VENDOR_DIR)
    parser.exit(0, f"Created {vendor_file}\n")
 if __name__ == "__main__":
    main()
		`@ -0,0 +1,2 @@`
							`94ad9fc97d92aae28d40392189655dbf932a1803 SOURCES/cryptography-41.0.7-vendor.tar.bz2`
							`fd245c3045ca9b3861f794d1a54cf97e629c19bf SOURCES/cryptography-41.0.7.tar.gz`
		`@ -1,2 +0,0 @@`
			`SHA512 (cryptography-41.0.7.tar.gz) = 9a870d45296de6af1331e73b102226b8269892216cd7bc0adfb2f63ce1ca7021d338effd09182128253d8d8df154bbd19d46c47f10ddac86e739fcbf6df78307`
			`SHA512 (cryptography-41.0.7-vendor.tar.bz2) = dbf750a1ada4a9330939e3dae8311007a9e25808eb64c124c99981187d1bc04baba3a7d3b838c0cd9491e8350c382fb0f789a11abb21c633f2d78e8aba819b9e`