June 2016 - openSUSE Commits - openSUSE Mailing Lists

commit python3-testtools for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package python3-testtools for openSUSE:Factory checked in at 2016-06-02 09:37:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-testtools (Old) and /work/SRC/openSUSE:Factory/.python3-testtools.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python3-testtools" Changes: -------- New Changes file: --- /dev/null 2016-04-07 01:36:33.300037506 +0200 +++ /work/SRC/openSUSE:Factory/.python3-testtools.new/python3-testtools-doc.changes 2016-06-02 09:37:57.000000000 +0200 @@ -0,0 +1,643 @@ +------------------------------------------------------------------- +Wed May 25 02:52:11 UTC 2016 - arun(a)gmx.de + +- update to version 2.2.0: + * Twisted support code uses "inlineCallbacks" rather than the + deprecated "deferredGenerator". (Tristan Seligmann) + +------------------------------------------------------------------- +Thu May 19 18:37:25 UTC 2016 - toddrme2178(a)gmail.com + +- Split documentation into own subpackage to speed up build. + +------------------------------------------------------------------- +Sun May 15 06:08:16 UTC 2016 - arun(a)gmx.de + +- update to version 2.1.0: + * "TestResult" objects that don't implement "stop"/"shouldStop" are + now handled sanely. (Jonathan Lange) + * New "Always" and "Never" matchers. (Tristan Seligmann, #947026) + * Fixed example in "failed" docstring. (Jonathan Lange, Github #208) + * Rather than explicitly raising a "KeyboardInterrupt" if we get no + result from a "Deferred", we tell the test result to stop running + tests and report the lack of result as a test error. This ought to + make weird concurrency interaction bugs easier to + understand. (Jonathan Lange) + * Introduce the unique_text_generator generator function. Similar to + the getUniqueString() method, except it creates unique unicode + text strings. (Brant Knudson) + * Previously, when gathering details caused by a setUp() failure, a + traceback occurred if the fixture used the newer _setUp(). This + had the side effect of not clearing up fixtures nor gathering + details properly. This is now fixed. (Julian Edwards, #1469759) + * New "Warnings" matcher, and "WarningMessage" and "IsDeprecated" + functions for matching emitted warnings. (Jonathan Jacobs, Github + #223) + +------------------------------------------------------------------- +Sun May 8 07:06:50 UTC 2016 - arun(a)gmx.de + +- specfile: + * updated source url to files.pythonhosted.org + +------------------------------------------------------------------- +Wed Mar 16 17:18:24 UTC 2016 - toddrme2178(a)gmail.com + +- Break dependency loops with python3-fixtures and + python3-testscenarios by disabling unit tests. + +------------------------------------------------------------------- +Thu Feb 4 17:59:27 UTC 2016 - arun(a)gmx.de + +- specfile: + * requrie python3-fixtures + +- update to version 2.0.0: + * "AsynchronousDeferredRunTest" now has "suppress_twisted_logging" + and "store_twisted_logs" parameters that can be used to override + the default logging behaviour. (Jonathan Lange, #942785) + * New fixture "CaptureTwistedLogs" that can be used with + "AsynchronousDeferredRunTest" to attach a detail containing + everything logged to Twisted during the test run. (Jonathan + Lange, #1515362) + * Python 2.6 and 3.2 are no longer supported. If you want to use + either of these versions of Python, use testtools 1.9.0. (Jonathan + Lange) + * Make "fixtures" a real dependency, not just a test + dependency. (Jonathan Lange) + +------------------------------------------------------------------- +Wed Feb 3 14:10:20 UTC 2016 - toddrme2178(a)gmail.com + +- python3-pyrsistent is also a runtime requirement. + +------------------------------------------------------------------- +Tue Jan 26 05:39:51 UTC 2016 - arun(a)gmx.de + +- specfile: + * update copyright year + * require pyrsistent, testscenarios for tests + +- update to version 1.9.0: + * Many new fixes in this branch, including lots of work around + Twisted support. + * This is the first release that explicitly supports Python 3.5 and + the last release that supports Python 2.6 or 3.2. + * Improvements + + Python 3.5 added to the list of supported platforms. (Jonathan + Lange) + + "MatchesListwise" has more informative error when lengths don't + match. (Jonathan Lange) + + The short form of errors for failed binary comparisions will now + put the expected value on the _right_. This means that + "assertThat(2, Equals(3))" will raise an error saying "2 != + 3". (Jonathan Lange, #1525227) + + Tests for "assertRaisesRegexp". (Julia Varlamova, Jonathan + Lange) + + Tests that customize "skipException" no longer get tracebacks + for skipped tests. (Jonathan Lange, #1518101) + + A failing "expectThat" now fails tests run with + "AsynchronousDeferredRunTest". (Jonathan Lange, #1532452) + + New "testtools.twistedsupport" package that collects all of our + Twisted support code in one place, including that currently + available under "testtools.deferredruntest". (Jonathan Lange) + + New matchers for testing "Deferred" code: "failed", "succeeded", + and "has_no_result". (Jonathan Lange, Tristan Seligmann, + #1369134) + + "TestCase" objects can now be run twice. All internal state is + reset between runs. In particular, testtools tests can now be run + with "trial -u". (Jonathan Lange, #1517879) + + Fixed bug where if an asynchronous "Deferred" test times out but + the "Deferred" then fires, the entire test run would abort with + "KeyboardInterrupt", failing the currently running test. + (Jonathan Lange, James Westby) + * Changes + + Add a new test dependency of testscenarios. (Robert Collins) + + "addCleanup" can now only be called within a test run. + (Jonathan Lange) + + "TestCase.skip" deprecated. Use "skipTest" instead. (Jonathan + Lange, #988893) + + Getting "expected" or "observed" attributes from binary + comparison mismatches (e.g. "Equals(2).match(3).expected") is now + deprecated. (Jonathan Lange) + + Last release of testtools to support Python 3.2. (Jonathan + Lange) + + Last release of testtools to support Python 2.6. (Jonathan + Lange) + + Report on all duplicate test ids when sorting test suites that + contain duplicate ids. (Thomas Bechtold, Jonathan Lange, + #1390082) + + Add "readthedocs-requirements.txt" so readthedocs.org can build + the Twisted API documentation. (Jonathan Lange) + +------------------------------------------------------------------- +Sat Nov 14 20:37:13 UTC 2015 - arun(a)gmx.de + +- update to version 1.8.1: + * Documented more explicitly how to build and install testtools in + the hacking documentation. (Thomi Richards) + * "deferredruntest" now works with Twisted 15.1.0 and later. (Colin + Watson, #1488710) + +------------------------------------------------------------------- +Mon Oct 26 16:05:26 UTC 2015 - toddrme2178(a)gmail.com + +- Use upstream unit test command + +------------------------------------------------------------------- +Sun May 10 00:40:24 UTC 2015 - arun(a)gmx.de + +- specfile: + * added pbr + +- update to version 1.8.0: + * AsynchronousDeferredRunTest now correctly attaches the test log. + Previously it attached an empty file. (Colin Watson) + +------------------------------------------------------------------- +Wed Mar 11 05:36:08 UTC 2015 - arun(a)gmx.de + +- specfile: + * added traceback2 requirement + +- update to version 1.7.1: + * Building a wheel on Python 3 was missing "_compat2x.py" needed + for Python2. This was a side effect of the fix to bug #941958, + where we fixed a cosmetic error. (Robert Collins, #1430534) + * During reporting in "TextTestResult" now always uses "ceil" + rather than depending on the undefined rounding behaviour in + string formatting. (Robert Collins) + +- changes from version 1.7.0: + * Empty attachments to tests were triggering a file payload of None + in the "ExtendedToStreamDecorator" code, which caused multiple + copies of attachments that had been output prior to the empty one. + (Robert Collins, #1378609) + +- changes from version 1.6.1: + * Fix installing when "extras" is not already installed. Our guards + for the absence of unittest2 were not sufficient. (Robert + Collins, #1430076) + +- changes from version 1.6.0: + * "testtools.run" now accepts "--locals" to show local variables in + tracebacks, which can be a significant aid in debugging. In doing + so we've removed the code reimplementing linecache and traceback + by using the new traceback2 and linecache2 packages. (Robert + Collins, github #111) + * "testtools" now depends on "unittest2" 1.0.0 which brings in a + dependency on "traceback2" and via it "linecache2". (Robert + Collins) + +------------------------------------------------------------------- +Sun Jan 25 01:50:02 UTC 2015 - arun(a)gmx.de + +- specfile: + * added unittest2, setuptools requirement + * remove ifdefs to run tests ++++ 446 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Factory/.python3-testtools.new/python3-testtools-doc.changes --- /work/SRC/openSUSE:Factory/python3-testtools/python3-testtools.changes 2015-11-17 14:23:01.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python3-testtools.new/python3-testtools.changes 2016-06-02 09:37:57.000000000 +0200 @@ -1,0 +2,132 @@ +Wed May 25 02:52:11 UTC 2016 - arun(a)gmx.de + +- update to version 2.2.0: + * Twisted support code uses "inlineCallbacks" rather than the + deprecated "deferredGenerator". (Tristan Seligmann) + +------------------------------------------------------------------- +Thu May 19 18:37:25 UTC 2016 - toddrme2178(a)gmail.com + +- Split documentation into own subpackage to speed up build. + +------------------------------------------------------------------- +Sun May 15 06:08:16 UTC 2016 - arun(a)gmx.de + +- update to version 2.1.0: + * "TestResult" objects that don't implement "stop"/"shouldStop" are + now handled sanely. (Jonathan Lange) + * New "Always" and "Never" matchers. (Tristan Seligmann, #947026) + * Fixed example in "failed" docstring. (Jonathan Lange, Github #208) + * Rather than explicitly raising a "KeyboardInterrupt" if we get no + result from a "Deferred", we tell the test result to stop running + tests and report the lack of result as a test error. This ought to + make weird concurrency interaction bugs easier to + understand. (Jonathan Lange) + * Introduce the unique_text_generator generator function. Similar to + the getUniqueString() method, except it creates unique unicode + text strings. (Brant Knudson) + * Previously, when gathering details caused by a setUp() failure, a + traceback occurred if the fixture used the newer _setUp(). This + had the side effect of not clearing up fixtures nor gathering + details properly. This is now fixed. (Julian Edwards, #1469759) + * New "Warnings" matcher, and "WarningMessage" and "IsDeprecated" + functions for matching emitted warnings. (Jonathan Jacobs, Github + #223) + +------------------------------------------------------------------- +Sun May 8 07:06:50 UTC 2016 - arun(a)gmx.de + +- specfile: + * updated source url to files.pythonhosted.org + +------------------------------------------------------------------- +Wed Mar 16 17:18:24 UTC 2016 - toddrme2178(a)gmail.com + +- Break dependency loops with python3-fixtures and + python3-testscenarios by disabling unit tests. + +------------------------------------------------------------------- +Thu Feb 4 17:59:27 UTC 2016 - arun(a)gmx.de + +- specfile: + * requrie python3-fixtures + +- update to version 2.0.0: + * "AsynchronousDeferredRunTest" now has "suppress_twisted_logging" + and "store_twisted_logs" parameters that can be used to override + the default logging behaviour. (Jonathan Lange, #942785) + * New fixture "CaptureTwistedLogs" that can be used with + "AsynchronousDeferredRunTest" to attach a detail containing + everything logged to Twisted during the test run. (Jonathan + Lange, #1515362) + * Python 2.6 and 3.2 are no longer supported. If you want to use + either of these versions of Python, use testtools 1.9.0. (Jonathan + Lange) + * Make "fixtures" a real dependency, not just a test + dependency. (Jonathan Lange) + +------------------------------------------------------------------- +Wed Feb 3 14:10:20 UTC 2016 - toddrme2178(a)gmail.com + +- python3-pyrsistent is also a runtime requirement. + +------------------------------------------------------------------- +Tue Jan 26 05:39:51 UTC 2016 - arun(a)gmx.de + +- specfile: + * update copyright year + * require pyrsistent, testscenarios for tests + +- update to version 1.9.0: + * Many new fixes in this branch, including lots of work around + Twisted support. + * This is the first release that explicitly supports Python 3.5 and + the last release that supports Python 2.6 or 3.2. + * Improvements + + Python 3.5 added to the list of supported platforms. (Jonathan + Lange) + + "MatchesListwise" has more informative error when lengths don't + match. (Jonathan Lange) + + The short form of errors for failed binary comparisions will now + put the expected value on the _right_. This means that + "assertThat(2, Equals(3))" will raise an error saying "2 != + 3". (Jonathan Lange, #1525227) + + Tests for "assertRaisesRegexp". (Julia Varlamova, Jonathan + Lange) + + Tests that customize "skipException" no longer get tracebacks + for skipped tests. (Jonathan Lange, #1518101) + + A failing "expectThat" now fails tests run with + "AsynchronousDeferredRunTest". (Jonathan Lange, #1532452) + + New "testtools.twistedsupport" package that collects all of our + Twisted support code in one place, including that currently + available under "testtools.deferredruntest". (Jonathan Lange) + + New matchers for testing "Deferred" code: "failed", "succeeded", + and "has_no_result". (Jonathan Lange, Tristan Seligmann, + #1369134) + + "TestCase" objects can now be run twice. All internal state is + reset between runs. In particular, testtools tests can now be run + with "trial -u". (Jonathan Lange, #1517879) + + Fixed bug where if an asynchronous "Deferred" test times out but + the "Deferred" then fires, the entire test run would abort with + "KeyboardInterrupt", failing the currently running test. + (Jonathan Lange, James Westby) + * Changes + + Add a new test dependency of testscenarios. (Robert Collins) + + "addCleanup" can now only be called within a test run. + (Jonathan Lange) + + "TestCase.skip" deprecated. Use "skipTest" instead. (Jonathan + Lange, #988893) + + Getting "expected" or "observed" attributes from binary + comparison mismatches (e.g. "Equals(2).match(3).expected") is now + deprecated. (Jonathan Lange) + + Last release of testtools to support Python 3.2. (Jonathan + Lange) + + Last release of testtools to support Python 2.6. (Jonathan + Lange) + + Report on all duplicate test ids when sorting test suites that + contain duplicate ids. (Thomas Bechtold, Jonathan Lange, + #1390082) + + Add "readthedocs-requirements.txt" so readthedocs.org can build + the Twisted API documentation. (Jonathan Lange) + +------------------------------------------------------------------- Old: ---- testtools-1.8.1.tar.gz New: ---- python3-testtools-doc.changes python3-testtools-doc.spec testtools-2.2.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-testtools-doc.spec ++++++ # # spec file for package python3-testtools-doc # # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # A build cycle exists between python-extras and python-testtools. Thus, only # enable testing with a build conditional (off by default): Name: python3-testtools-doc Version: 2.2.0 Release: 0 Summary: Documentation for python3-testtools License: MIT Group: Documentation/HTML Url: https://launchpad.net/testtools Source: https://files.pythonhosted.org/packages/source/t/testtools/testtools-%{vers… BuildRequires: python3-testtools = %{version} # Documentation requirements: BuildRequires: python3-Sphinx # These cause a dependency loop, so run test in this subpackage BuildRequires: python3-fixtures BuildRequires: python3-testscenarios BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %description Documentation and help files for python3-testtools. %prep %setup -q -n testtools-%{version} %build # Not needed %install python3 setup.py build_sphinx rm -rf build/sphinx/html/.buildinfo %check pushd doc python3 -m testtools.run testtools.tests.test_suite popd %files %defattr(-,root,root,-) %doc build/sphinx/html %changelog ++++++ python3-testtools.spec ++++++ --- /var/tmp/diff_new_pack.buIWAT/_old 2016-06-02 09:37:58.000000000 +0200 +++ /var/tmp/diff_new_pack.buIWAT/_new 2016-06-02 09:37:58.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package python3-testtools # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,24 +20,24 @@ # enable testing with a build conditional (off by default): Name: python3-testtools -Version: 1.8.1 +Version: 2.2.0 Release: 0 Summary: Extensions to the Python Standard Library Unit Testing Framework License: MIT Group: Development/Languages/Python Url: https://launchpad.net/testtools -Source: https://pypi.python.org/packages/source/t/testtools/testtools-%{version}.ta… +Source: https://files.pythonhosted.org/packages/source/t/testtools/testtools-%{vers… BuildRequires: python3-devel -BuildRequires: python3-pbr -BuildRequires: python3-setuptools -# Documentation requirements: -BuildRequires: python3-Sphinx -# Test requirements: BuildRequires: python3-extras +BuildRequires: python3-pbr +BuildRequires: python3-pyrsistent BuildRequires: python3-python-mimeparse +BuildRequires: python3-setuptools BuildRequires: python3-traceback2 BuildRequires: python3-unittest2 Requires: python3-extras +Requires: python3-fixtures +Requires: python3-pyrsistent Requires: python3-python-mimeparse Requires: python3-traceback2 Requires: python3-unittest2 @@ -55,19 +55,15 @@ %build python3 setup.py build -python3 setup.py build_sphinx %install python3 setup.py install --prefix=%{_prefix} --root=%{buildroot} -%check -pushd doc -PYTHONPATH=%{buildroot}%{python3_sitelib} python3 -m testtools.run testtools.tests.test_suite -popd +# Tests cause dependency loops with python3-fixtures and python3-testscenarios, so run them in doc subpackage %files %defattr(-,root,root,-) -%doc LICENSE NEWS README.rst build/sphinx/html +%doc LICENSE NEWS README.rst %{python3_sitelib}/testtools %{python3_sitelib}/testtools-%{version}-py%{py3_ver}.egg-info ++++++ testtools-1.8.1.tar.gz -> testtools-2.2.0.tar.gz ++++++ ++++ 10068 lines of diff (skipped)

1 0

commit python3-gunicorn for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package python3-gunicorn for openSUSE:Factory checked in at 2016-06-02 09:37:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-gunicorn (Old) and /work/SRC/openSUSE:Factory/.python3-gunicorn.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python3-gunicorn" Changes: -------- --- /work/SRC/openSUSE:Factory/python3-gunicorn/python3-gunicorn.changes 2016-01-15 10:41:53.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.python3-gunicorn.new/python3-gunicorn.changes 2016-06-02 09:37:54.000000000 +0200 @@ -1,0 +2,68 @@ +Wed May 25 03:11:54 UTC 2016 - arun(a)gmx.de + +- update to version 19.6.0: + * Core & Logging + + improvement of the binary upgrade behaviour using USR2: remove + file lockin (issue 1270) + + add the --capture-output setting to capture stdout/stderr tot + the log + * Workers + + fix: make sure to remove the signal from the worker pipe (issue + 1269) + + fix: gthread worker, handle removed socket in the select loop + +------------------------------------------------------------------- +Sun May 15 23:22:43 UTC 2016 - arun(a)gmx.de + +- update to version 19.5.0: + * Core + + fix: Ensure response to HEAD request won’t have message body + + fix: lock domain socket and remove on last arbiter exit (issue + #1220) + + improvement: use EnvironmentError instead of socket.error (issue + 939) + + add: new $FORWARDDED_ALLOW_IPS environment variable (issue 1205) + + fix: infinite recursion when destroying sockets (issue 1219) + + fix: close sockets on shutdown (issue 922) + + fix: clean up sys.exc_info calls to drop circular refs (issue + 1228) + + fix: do post_worker_init after load_wsgi (issue 1248) + * Workers + + fix access logging in gaiohttp worker (issue #1193) + + eventlet: handle QUIT in a new coroutine (issue #1217) + + gevent: remove obsolete exception clauses in run (issue #1218) + + tornado: fix extra “Server” response header (issue 1246) + + fix: unblock the wait loop under python 3.5 in sync worker + (issue 1256) + * Logging + + fix: log message for listener reloading (issue 1181) + + Let logging module handle traceback printing (issue 1201) + + improvement: Allow configuring logger_class with statsd_host + (issue #1188) + + fix: traceback formatting (issue 1235) + + fix: print error logs on stderr and access logs on stdout (issue + 1184) + * Documentation + + Simplify installation instructions in gunicorn.org (issue 1072) + + Fix URL and default worker type in example_config (issue 1209) + + update django doc url to 1.8 lts (issue 1213) + + fix: miscellaneous wording corrections (issue 1216) + + Add PSF License Agreement of selectors.py to NOTICE (:issue: + 1226) + + document LOGGING overriding (issue 1051) + + put a note that error logs are only errors from Gunicorn (issue + 1124) + + add a note about the requirements of the threads workers under + python 2.x (issue 1200) + + add access_log_format to config example (issue 1251) + * Tests + + Use more pytest.raises() in test_http.py + +------------------------------------------------------------------- +Sun May 8 07:01:50 UTC 2016 - arun(a)gmx.de + +- specfile: + * changed to https for source url + * updated source url to files.pythonhosted.org + +------------------------------------------------------------------- Old: ---- gunicorn-19.4.5.tar.gz New: ---- gunicorn-19.6.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-gunicorn.spec ++++++ --- /var/tmp/diff_new_pack.52idm9/_old 2016-06-02 09:37:55.000000000 +0200 +++ /var/tmp/diff_new_pack.52idm9/_new 2016-06-02 09:37:55.000000000 +0200 @@ -17,13 +17,13 @@ Name: python3-gunicorn -Version: 19.4.5 +Version: 19.6.0 Release: 0 Summary: WSGI HTTP Server for UNIX License: MIT Group: Development/Languages/Python Url: http://gunicorn.org -Source: http://pypi.python.org/packages/source/g/gunicorn/gunicorn-%{version}.tar.gz +Source: https://files.pythonhosted.org/packages/source/g/gunicorn/gunicorn-%{versio… BuildRequires: python3 BuildRequires: python3-Sphinx BuildRequires: python3-devel ++++++ gunicorn-19.4.5.tar.gz -> gunicorn-19.6.0.tar.gz ++++++ ++++ 2437 lines of diff (skipped)

1 0

commit python3-idna for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package python3-idna for openSUSE:Factory checked in at 2016-06-02 09:37:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-idna (Old) and /work/SRC/openSUSE:Factory/.python3-idna.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python3-idna" Changes: -------- New Changes file: --- /dev/null 2016-04-07 01:36:33.300037506 +0200 +++ /work/SRC/openSUSE:Factory/.python3-idna.new/python3-idna.changes 2016-06-02 09:37:38.000000000 +0200 @@ -0,0 +1,29 @@ +------------------------------------------------------------------- +Sun May 8 07:11:22 UTC 2016 - arun(a)gmx.de + +- specfile: + * updated source url to files.pythonhosted.org + + +------------------------------------------------------------------- +Sat Mar 26 04:26:23 UTC 2016 - arun(a)gmx.de + +- specfile: + * update copyright year + +- update to version 2.1: + * Memory consumption optimizations. The library should consume + significantly less memory through smarter data structures being + used to represent relevant Unicode properties. Many thanks to + Shivaram Lingamneni for this patch. + * Patches to make library work better with Python 2.6. The core + library currently works however the unit testing does + not. (Thanks, Robert Buchholz) + * Better affix all Unicode codepoint properties to a specific + version. + +------------------------------------------------------------------- +Mon May 25 06:03:36 UTC 2015 - arun(a)gmx.de + +- initial version + New: ---- idna-2.1.tar.gz python3-idna.changes python3-idna.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-idna.spec ++++++ # # spec file for package python3-idna # # Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: python3-idna Version: 2.1 Release: 0 Summary: Internationalized Domain Names in Applications (IDNA) License: BSD-2-Clause Group: Development/Languages/Python Url: https://github.com/kjd/idna Source: https://files.pythonhosted.org/packages/source/i/idna/idna-%{version}.tar.gz BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %description A library to support the Internationalised Domain Names in Applications (IDNA) protocol as specified in RFC 5891. This version of the protocol is often referred to as “IDNA2008” and can produce different results from the earlier standard from 2003. The library is also intended to act as a suitable drop-in replacement for the “encodings.idna” module that comes with the Python standard library but currently only supports the older 2003 specification. %prep %setup -q -n idna-%{version} %build python3 setup.py build %install python3 setup.py install --prefix=%{_prefix} --root=%{buildroot} %check python3 setup.py test %files %defattr(-,root,root,-) %{python3_sitelib}/* %doc README.rst LICENSE.rst HISTORY.rst %changelog

1 0

commit python3-pexpect for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package python3-pexpect for openSUSE:Factory checked in at 2016-06-02 09:37:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-pexpect (Old) and /work/SRC/openSUSE:Factory/.python3-pexpect.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python3-pexpect" Changes: -------- --- /work/SRC/openSUSE:Factory/python3-pexpect/python3-pexpect.changes 2015-10-22 12:58:59.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.python3-pexpect.new/python3-pexpect.changes 2016-06-02 09:37:36.000000000 +0200 @@ -1,0 +2,13 @@ +Wed May 25 15:08:23 UTC 2016 - toddrme2178(a)gmail.com + +- update to version 4.1.0: + * No upstream changelog + +------------------------------------------------------------------- +Sun May 8 07:12:29 UTC 2016 - arun(a)gmx.de + +- specfile: + * updated source url to files.pythonhosted.org + + +------------------------------------------------------------------- Old: ---- pexpect-4.0.1.tar.gz New: ---- pexpect-4.1.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-pexpect.spec ++++++ --- /var/tmp/diff_new_pack.sQzjw9/_old 2016-06-02 09:37:37.000000000 +0200 +++ /var/tmp/diff_new_pack.sQzjw9/_new 2016-06-02 09:37:37.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package python3-pexpect # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,13 +17,13 @@ Name: python3-pexpect -Version: 4.0.1 +Version: 4.1.0 Release: 0 Summary: Pure Python Expect-like module License: ISC Group: Development/Libraries/Python Url: http://pexpect.readthedocs.org/en/latest/ -Source: https://pypi.python.org/packages/source/p/pexpect/pexpect-%{version}.tar.gz +Source: https://files.pythonhosted.org/packages/source/p/pexpect/pexpect-%{version}… BuildRequires: python3-devel BuildRequires: python3-ptyprocess Requires: python3-ptyprocess ++++++ pexpect-4.0.1.tar.gz -> pexpect-4.1.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/.coveragerc new/pexpect-4.1.0/.coveragerc --- old/pexpect-4.0.1/.coveragerc 1970-01-01 01:00:00.000000000 +0100 +++ new/pexpect-4.1.0/.coveragerc 2015-12-08 19:43:59.000000000 +0100 @@ -0,0 +1,3 @@ +[run] +source = pexpect +parallel = True diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/PKG-INFO new/pexpect-4.1.0/PKG-INFO --- old/pexpect-4.0.1/PKG-INFO 2015-10-06 16:36:49.000000000 +0200 +++ new/pexpect-4.1.0/PKG-INFO 2016-05-21 13:47:06.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: pexpect -Version: 4.0.1 +Version: 4.1.0 Summary: Pexpect allows easy control of interactive console applications. Home-page: http://pexpect.readthedocs.org/ Author: Noah Spurrier; Thomas Kluyver; Jeff Quast @@ -32,7 +32,6 @@ Classifier: Operating System :: POSIX Classifier: Operating System :: MacOS :: MacOS X Classifier: Programming Language :: Python -Classifier: Programming Language :: Python :: 2.6 Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 Classifier: Topic :: Software Development diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/README.rst new/pexpect-4.1.0/README.rst --- old/pexpect-4.0.1/README.rst 1970-01-01 01:00:00.000000000 +0100 +++ new/pexpect-4.1.0/README.rst 2015-12-08 19:43:59.000000000 +0100 @@ -0,0 +1,55 @@ +.. image:: https://travis-ci.org/pexpect/pexpect.png?branch=master + :target: https://travis-ci.org/pexpect/pexpect + :align: right + :alt: Build status + +Pexpect is a Pure Python Expect-like module + +Pexpect makes Python a better tool for controlling other applications. + +Pexpect is a pure Python module for spawning child applications; controlling +them; and responding to expected patterns in their output. Pexpect works like +Don Libes' Expect. Pexpect allows your script to spawn a child application and +control it as if a human were typing commands. + +Pexpect can be used for automating interactive applications such as ssh, ftp, +passwd, telnet, etc. It can be used to a automate setup scripts for duplicating +software package installations on different servers. It can be used for +automated software testing. Pexpect is in the spirit of Don Libes' Expect, but +Pexpect is pure Python. + +The main features of Pexpect require the pty module in the Python standard +library, which is only available on Unix-like systems. Some features—waiting +for patterns from file descriptors or subprocesses—are also available on +Windows. + +If you want to work with the development version of the source code then please +read the DEVELOPERS.rst document in the root of the source code tree. + +Free, open source, and all that good stuff. + +You can install Pexpect using pip:: + + pip install pexpect + +`Docs on ReadTheDocs <http://pexpect.readthedocs.org/>`_ + +PEXPECT LICENSE:: + + http://opensource.org/licenses/isc-license.txt + + Copyright (c) 2013-2014, Pexpect development team + Copyright (c) 2012, Noah Spurrier <noah(a)noah.org> + + PERMISSION TO USE, COPY, MODIFY, AND/OR DISTRIBUTE THIS SOFTWARE FOR ANY + PURPOSE WITH OR WITHOUT FEE IS HEREBY GRANTED, PROVIDED THAT THE ABOVE + COPYRIGHT NOTICE AND THIS PERMISSION NOTICE APPEAR IN ALL COPIES. + THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +This license is approved by the OSI and FSF as GPL-compatible. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/doc/commonissues.rst new/pexpect-4.1.0/doc/commonissues.rst --- old/pexpect-4.0.1/doc/commonissues.rst 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/doc/commonissues.rst 2016-05-21 13:43:27.000000000 +0200 @@ -47,7 +47,7 @@ off:: child = pexpect.spawn ("ssh user(a)example.com") - child.delaybeforesend = 0 + child.delaybeforesend = None Truncated output just before child exits ---------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/doc/conf.py new/pexpect-4.1.0/doc/conf.py --- old/pexpect-4.0.1/doc/conf.py 2015-10-06 16:31:40.000000000 +0200 +++ new/pexpect-4.1.0/doc/conf.py 2016-05-21 13:46:11.000000000 +0200 @@ -52,9 +52,9 @@ # built documents. # # The short X.Y version. -version = '4.0.1' +version = '4.1' # The full version, including alpha/beta/rc tags. -release = '4.0.1' +release = '4.1.0' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/examples/passmass.py new/pexpect-4.1.0/examples/passmass.py --- old/pexpect-4.0.1/examples/passmass.py 2015-09-08 10:49:05.000000000 +0200 +++ new/pexpect-4.1.0/examples/passmass.py 2016-05-21 13:43:27.000000000 +0200 @@ -46,7 +46,7 @@ child = pexpect.spawn('ssh -l %s %s'%(user, host)) fout = file ("LOG.TXT","wb") - child.setlog (fout) + child.logfile = fout i = child.expect([pexpect.TIMEOUT, SSH_NEWKEY, '[Pp]assword: ']) if i == 0: # Timeout diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/pexpect/__init__.py new/pexpect-4.1.0/pexpect/__init__.py --- old/pexpect-4.0.1/pexpect/__init__.py 2015-10-06 16:31:30.000000000 +0200 +++ new/pexpect-4.1.0/pexpect/__init__.py 2016-05-21 13:45:40.000000000 +0200 @@ -75,7 +75,7 @@ from .pty_spawn import spawn, spawnu from .run import run, runu -__version__ = '4.0.1' +__version__ = '4.1.0' __revision__ = '' __all__ = ['ExceptionPexpect', 'EOF', 'TIMEOUT', 'spawn', 'spawnu', 'run', 'runu', 'which', 'split_command_line', '__version__', '__revision__'] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/pexpect/async.py new/pexpect-4.1.0/pexpect/async.py --- old/pexpect-4.0.1/pexpect/async.py 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/pexpect/async.py 2015-12-08 19:43:59.000000000 +0100 @@ -23,6 +23,7 @@ return expecter.timeout(e) class PatternWaiter(asyncio.Protocol): + transport = None def __init__(self, expecter): self.expecter = expecter self.fut = asyncio.Future() @@ -30,10 +31,15 @@ def found(self, result): if not self.fut.done(): self.fut.set_result(result) + self.transport.pause_reading() def error(self, exc): if not self.fut.done(): self.fut.set_exception(exc) + self.transport.pause_reading() + + def connection_made(self, transport): + self.transport = transport def data_received(self, data): spawn = self.expecter.spawn @@ -41,11 +47,11 @@ spawn._log(s, 'read') if self.fut.done(): - spawn.buffer += data + spawn.buffer += s return try: - index = self.expecter.new_data(data) + index = self.expecter.new_data(s) if index is not None: # Found a match self.found(index) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/pexpect/bashrc.sh new/pexpect-4.1.0/pexpect/bashrc.sh --- old/pexpect-4.0.1/pexpect/bashrc.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/pexpect-4.1.0/pexpect/bashrc.sh 2015-12-08 19:43:59.000000000 +0100 @@ -0,0 +1,5 @@ +source /etc/bash.bashrc +source ~/.bashrc + +# Reset PS1 so pexpect can find it +PS1="$" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/pexpect/expect.py new/pexpect-4.1.0/pexpect/expect.py --- old/pexpect-4.0.1/pexpect/expect.py 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/pexpect/expect.py 2016-05-21 13:43:27.000000000 +0200 @@ -44,6 +44,7 @@ spawn.match = None spawn.match_index = None msg = str(spawn) + msg += '\nsearcher: %s' % self.searcher if err is not None: msg = str(err) + '\n' + msg raise EOF(msg) @@ -63,6 +64,7 @@ spawn.match = None spawn.match_index = None msg = str(spawn) + msg += '\nsearcher: %s' % self.searcher if err is not None: msg = str(err) + '\n' + msg raise TIMEOUT(msg) @@ -95,7 +97,8 @@ return self.timeout() # Still have time left, so read more data incoming = spawn.read_nonblocking(spawn.maxread, timeout) - time.sleep(0.0001) + if self.spawn.delayafterread is not None: + time.sleep(self.spawn.delayafterread) if timeout is not None: timeout = end_time - time.time() except EOF as e: @@ -294,4 +297,4 @@ self.start = first_match self.match = the_match self.end = self.match.end() - return best_index \ No newline at end of file + return best_index diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/pexpect/pty_spawn.py new/pexpect-4.1.0/pexpect/pty_spawn.py --- old/pexpect-4.0.1/pexpect/pty_spawn.py 2015-10-06 15:22:14.000000000 +0200 +++ new/pexpect-4.1.0/pexpect/pty_spawn.py 2016-05-21 13:43:27.000000000 +0200 @@ -144,8 +144,7 @@ many users that I decided that the default pexpect behavior should be to sleep just before writing to the child application. 1/20th of a second (50 ms) seems to be enough to clear up the problem. You can set - delaybeforesend to 0 to return to the old behavior. Most Linux machines - don't like this to be below 0.03. I don't know why. + delaybeforesend to None to return to the old behavior. Note that spawn is clever about finding commands on your path. It uses the same logic that "which" uses to find executables. @@ -155,7 +154,12 @@ in self.exitstatus or self.signalstatus. If the child exited normally then exitstatus will store the exit return code and signalstatus will be None. If the child was terminated abnormally with a signal then - signalstatus will store the signal value and exitstatus will be None. + signalstatus will store the signal value and exitstatus will be None:: + + child = pexpect.spawn('some_command') + child.close() + print(child.exitstatus, child.signalstatus) + If you need more detail you can also read the self.status member which stores the status returned by os.waitpid. You can interpret this using os.WIFEXITED/os.WEXITSTATUS or os.WIFSIGNALED/os.TERMSIG. @@ -201,7 +205,6 @@ s.append(repr(self)) s.append('command: ' + str(self.command)) s.append('args: %r' % (self.args,)) - s.append('searcher: %r' % (self.searcher,)) s.append('buffer (last 100 chars): %r' % ( self.buffer[-100:] if self.buffer else self.buffer,)) s.append('before (last 100 chars): %r' % ( @@ -210,7 +213,8 @@ s.append('match: %r' % (self.match,)) s.append('match_index: ' + str(self.match_index)) s.append('exitstatus: ' + str(self.exitstatus)) - s.append('flag_eof: ' + str(self.flag_eof)) + if hasattr(self, 'ptyproc'): + s.append('flag_eof: ' + str(self.flag_eof)) s.append('pid: ' + str(self.pid)) s.append('child_fd: ' + str(self.child_fd)) s.append('closed: ' + str(self.closed)) @@ -285,8 +289,13 @@ if dimensions is not None: kwargs['dimensions'] = dimensions - self.ptyproc = ptyprocess.PtyProcess.spawn(self.args, env=self.env, - cwd=self.cwd, **kwargs) + if self.encoding is not None: + # Encode command line using the specified encoding + self.args = [a if isinstance(a, bytes) else a.encode(self.encoding) + for a in self.args] + + self.ptyproc = self._spawnpty(self.args, env=self.env, + cwd=self.cwd, **kwargs) self.pid = self.ptyproc.pid self.child_fd = self.ptyproc.fd @@ -295,6 +304,10 @@ self.terminated = False self.closed = False + def _spawnpty(self, args, **kwargs): + '''Spawn a pty and return an instance of PtyProcess.''' + return ptyprocess.PtyProcess.spawn(args, **kwargs) + def close(self, force=True): '''This closes the connection with the child application. Note that calling close() more than once is valid. This emulates standard Python @@ -487,9 +500,9 @@ This value may be discovered using fpathconf(3):: - >>> from os import fpathconf - >>> print(fpathconf(0, 'PC_MAX_CANON')) - 256 + >>> from os import fpathconf + >>> print(fpathconf(0, 'PC_MAX_CANON')) + 256 On such a system, only 256 bytes may be received per line. Any subsequent bytes received will be discarded. BEL (``'\a'``) is then @@ -500,13 +513,14 @@ Canonical input processing may be disabled altogether by executing a shell, then stty(1), before executing the final program:: - >>> bash = pexpect.spawn('/bin/bash', echo=False) - >>> bash.sendline('stty -icanon') - >>> bash.sendline('base64') - >>> bash.sendline('x' * 5000) + >>> bash = pexpect.spawn('/bin/bash', echo=False) + >>> bash.sendline('stty -icanon') + >>> bash.sendline('base64') + >>> bash.sendline('x' * 5000) ''' - time.sleep(self.delaybeforesend) + if self.delaybeforesend is not None: + time.sleep(self.delaybeforesend) s = self._coerce_send_string(s) self._log(s, 'send') @@ -520,10 +534,8 @@ written. Only a limited number of bytes may be sent for each line in the default terminal mode, see docstring of :meth:`send`. ''' - - n = self.send(s) - n = n + self.send(self.linesep) - return n + s = self._coerce_send_string(s) + return self.send(s + self.linesep) def _log_control(self, s): """Write control characters to the appropriate log files""" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/pexpect/pxssh.py new/pexpect-4.1.0/pexpect/pxssh.py --- old/pexpect-4.0.1/pexpect/pxssh.py 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/pexpect/pxssh.py 2015-12-08 19:43:59.000000000 +0100 @@ -46,7 +46,7 @@ Example that runs a few commands on a remote server and prints the result:: - import pxssh + from pexpect import pxssh import getpass try: s = pxssh.pxssh() @@ -70,7 +70,7 @@ Example showing how to specify SSH options:: - import pxssh + from pexpect import pxssh s = pxssh.pxssh(options={ "StrictHostKeyChecking": "no", "UserKnownHostsFile": "/dev/null"}) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/pexpect/spawnbase.py new/pexpect-4.1.0/pexpect/spawnbase.py --- old/pexpect-4.0.1/pexpect/spawnbase.py 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/pexpect/spawnbase.py 2016-05-21 13:43:27.000000000 +0200 @@ -62,7 +62,7 @@ # Data before searchwindowsize point is preserved, but not searched. self.searchwindowsize = searchwindowsize # Delay used before sending data to child. Time in seconds. - # Most Linux machines don't like this to be below 0.03 (30 ms). + # Set this to None to skip the time.sleep() call completely. self.delaybeforesend = 0.05 # Used by close() to give kernel time to update process status. # Time in seconds. @@ -70,6 +70,12 @@ # Used by terminate() to give kernel time to update process status. # Time in seconds. self.delayafterterminate = 0.1 + # Delay in seconds to sleep after each call to read_nonblocking(). + # Set this to None to skip the time.sleep() call completely: that + # would restore the behavior from pexpect-2.0 (for performance + # reasons or because you don't want to release Python's global + # interpreter lock). + self.delayafterread = 0.0001 self.softspace = False self.name = '<' + repr(self) + '>' self.closed = True diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/setup.cfg new/pexpect-4.1.0/setup.cfg --- old/pexpect-4.0.1/setup.cfg 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/setup.cfg 2016-05-21 13:43:33.000000000 +0200 @@ -1,2 +1,5 @@ [pytest] norecursedirs = .git + +[bdist_wheel] +universal=1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/setup.py new/pexpect-4.1.0/setup.py --- old/pexpect-4.0.1/setup.py 2015-10-06 16:29:56.000000000 +0200 +++ new/pexpect-4.1.0/setup.py 2016-05-21 13:44:41.000000000 +0200 @@ -2,6 +2,10 @@ from distutils.core import setup import os import re +import sys + +if any(a == 'bdist_wheel' for a in sys.argv): + from setuptools import setup with open(os.path.join(os.path.dirname(__file__), 'pexpect', '__init__.py'), 'r') as f: for line in f: @@ -33,6 +37,7 @@ setup (name='pexpect', version=version, packages=['pexpect'], + package_data={'pexpect': ['bashrc.sh']}, description='Pexpect allows easy control of interactive console applications.', long_description=long_description, author='Noah Spurrier; Thomas Kluyver; Jeff Quast', @@ -49,7 +54,6 @@ 'Operating System :: POSIX', 'Operating System :: MacOS :: MacOS X', 'Programming Language :: Python', - 'Programming Language :: Python :: 2.6', 'Programming Language :: Python :: 2.7', 'Programming Language :: Python :: 3', 'Topic :: Software Development', diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/tests/log new/pexpect-4.1.0/tests/log --- old/pexpect-4.0.1/tests/log 2015-10-03 13:05:43.000000000 +0200 +++ new/pexpect-4.1.0/tests/log 1970-01-01 01:00:00.000000000 +0100 @@ -1,10 +0,0 @@ -\,ESC -P,ESC -\,ESC -P,ESC -\,ESC -P,ESC -\,ESC -P,ESC -\,ESC -r,SEMICOLON diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/tests/test_async.py new/pexpect-4.1.0/tests/test_async.py --- old/pexpect-4.0.1/tests/test_async.py 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/tests/test_async.py 2015-12-08 19:43:59.000000000 +0100 @@ -43,9 +43,15 @@ coro = p.expect('Blah', async=True) with self.assertRaises(pexpect.EOF): run(coro) - + def test_expect_exact(self): p = pexpect.spawn('%s list100.py' % sys.executable) assert run(p.expect_exact(b'5', async=True)) == 0 assert run(p.expect_exact(['wpeok', b'11'], async=True)) == 1 assert run(p.expect_exact([b'foo', pexpect.EOF], async=True)) == 1 + + def test_async_utf8(self): + p = pexpect.spawn('%s list100.py' % sys.executable, encoding='utf8') + assert run(p.expect_exact(u'5', async=True)) == 0 + assert run(p.expect_exact([u'wpeok', u'11'], async=True)) == 1 + assert run(p.expect_exact([u'foo', pexpect.EOF], async=True)) == 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/tests/test_delay.py new/pexpect-4.1.0/tests/test_delay.py --- old/pexpect-4.0.1/tests/test_delay.py 1970-01-01 01:00:00.000000000 +0100 +++ new/pexpect-4.1.0/tests/test_delay.py 2016-05-21 13:43:27.000000000 +0200 @@ -0,0 +1,45 @@ +# -*- coding: utf-8 -*- + +from . import PexpectTestCase +import pexpect + + +class TestCaseDelay(PexpectTestCase.PexpectTestCase): + """ + Tests for various delay attributes. + """ + def test_delaybeforesend(self): + """ + Test various values for delaybeforesend. + """ + p = pexpect.spawn("cat") + + p.delaybeforesend = 1 + p.sendline("line 1") + p.expect("line 1") + + p.delaybeforesend = 0.0 + p.sendline("line 2") + p.expect("line 2") + + p.delaybeforesend = None + p.sendline("line 3") + p.expect("line 3") + + def test_delayafterread(self): + """ + Test various values for delayafterread. + """ + p = pexpect.spawn("cat") + + p.delayafterread = 1 + p.sendline("line 1") + p.expect("line 1") + + p.delayafterread = 0.0 + p.sendline("line 2") + p.expect("line 2") + + p.delayafterread = None + p.sendline("line 3") + p.expect("line 3") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/tests/test_expect.py new/pexpect-4.1.0/tests/test_expect.py --- old/pexpect-4.0.1/tests/test_expect.py 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/tests/test_expect.py 2016-05-21 13:43:27.000000000 +0200 @@ -433,7 +433,7 @@ self._before_after(p) def _ordering(self, p): - p.timeout = 5 + p.timeout = 20 p.expect(b'>>> ') p.sendline('list(range(4*3))') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/tests/test_maxcanon.py new/pexpect-4.1.0/tests/test_maxcanon.py --- old/pexpect-4.0.1/tests/test_maxcanon.py 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/tests/test_maxcanon.py 1970-01-01 01:00:00.000000000 +0100 @@ -1,176 +0,0 @@ -""" Module for canonical-mode tests. """ -# std imports -import sys -import os - -# local -import pexpect -from . import PexpectTestCase - -# 3rd-party -import pytest - - -class TestCaseCanon(PexpectTestCase.PexpectTestCase): - """ - Test expected Canonical mode behavior (limited input line length). - - All systems use the value of MAX_CANON which can be found using - fpathconf(3) value PC_MAX_CANON -- with the exception of Linux - and FreeBSD. - - Linux, though defining a value of 255, actually honors the value - of 4096 from linux kernel include file tty.h definition - N_TTY_BUF_SIZE. - - Linux also does not honor IMAXBEL. termios(3) states, "Linux does not - implement this bit, and acts as if it is always set." Although these - tests ensure it is enabled, this is a non-op for Linux. - - FreeBSD supports neither, and instead uses a fraction (1/5) of the tty - speed which is always 9600. Therefor, the maximum limited input line - length is 9600 / 5 = 1920. - - These tests only ensure the correctness of the behavior described by - the sendline() docstring. pexpect is not particularly involved in - these scenarios, though if we wish to expose some kind of interface - to tty.setraw, for example, these tests may be re-purposed as such. - - Lastly, portions of these tests are skipped on Travis-CI. It produces - unexpected behavior not reproduced on Debian/GNU Linux. - """ - - def setUp(self): - super(TestCaseCanon, self).setUp() - - self.echo = False - if sys.platform.lower().startswith('linux'): - # linux is 4096, N_TTY_BUF_SIZE. - self.max_input = 4096 - self.echo = True - elif sys.platform.lower().startswith('sunos'): - # SunOS allows PC_MAX_CANON + 1; see - # https://bitbucket.org/illumos/illumos-gate/src/d07a59219ab7fd2a7f39eb47c46c… - self.max_input = os.fpathconf(0, 'PC_MAX_CANON') + 1 - elif sys.platform.lower().startswith('freebsd'): - # http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052318.html - self.max_input = 9600 / 5 - else: - # All others (probably) limit exactly at PC_MAX_CANON - self.max_input = os.fpathconf(0, 'PC_MAX_CANON') - - @pytest.mark.skipif( - sys.platform.lower().startswith('freebsd'), - reason='os.write to BLOCK indefinitely on FreeBSD in this case' - ) - def test_under_max_canon(self): - " BEL is not sent by terminal driver at maximum bytes - 1. " - # given, - child = pexpect.spawn('bash', echo=self.echo, timeout=5) - child.sendline('echo READY') - child.sendline('stty icanon imaxbel') - child.sendline('echo BEGIN; cat') - - # some systems BEL on (maximum - 1), not able to receive CR, - # even though all characters up until then were received, they - # simply cannot be transmitted, as CR is part of the transmission. - send_bytes = self.max_input - 1 - - # exercise, - child.sendline('_' * send_bytes) - - # fast forward beyond 'cat' command, as ^G can be found as part of - # set-xterm-title sequence of $PROMPT_COMMAND or $PS1. - child.expect_exact('BEGIN') - - # verify, all input is found in echo output, - child.expect_exact('_' * send_bytes) - - # BEL is not found, - with self.assertRaises(pexpect.TIMEOUT): - child.expect_exact('\a', timeout=1) - - # cleanup, - child.sendeof() # exit cat(1) - child.sendline('exit 0') # exit bash(1) - child.expect(pexpect.EOF) - assert not child.isalive() - assert child.exitstatus == 0 - - @pytest.mark.skipif( - sys.platform.lower().startswith('freebsd'), - reason='os.write to BLOCK indefinitely on FreeBSD in this case' - ) - def test_beyond_max_icanon(self): - " a single BEL is sent when maximum bytes is reached. " - # given, - child = pexpect.spawn('bash', echo=self.echo, timeout=5) - child.sendline('stty icanon imaxbel erase ^H') - child.sendline('cat') - send_bytes = self.max_input - - # exercise, - child.sendline('_' * send_bytes) - child.expect_exact('\a') - - # exercise, we must now backspace to send CR. - child.sendcontrol('h') - child.sendline() - - if os.environ.get('TRAVIS', None) == 'true': - # Travis-CI has intermittent behavior here, possibly - # because the master process is itself, a PTY? - return - - # verify the length of (maximum - 1) received by cat(1), - # which has written it back out, - child.expect_exact('_' * (send_bytes - 1)) - # and not a byte more. - with self.assertRaises(pexpect.TIMEOUT): - child.expect_exact('_', timeout=1) - - # cleanup, - child.sendeof() # exit cat(1) - child.sendline('exit 0') # exit bash(1) - child.expect_exact(pexpect.EOF) - assert not child.isalive() - assert child.exitstatus == 0 - - @pytest.mark.skipif( - sys.platform.lower().startswith('freebsd'), - reason='os.write to BLOCK indefinitely on FreeBSD in this case' - ) - def test_max_no_icanon(self): - " may exceed maximum input bytes if canonical mode is disabled. " - # given, - child = pexpect.spawn('bash', echo=self.echo, timeout=5) - child.sendline('stty -icanon imaxbel') - child.sendline('echo BEGIN; cat') - send_bytes = self.max_input + 11 - - # exercise, - child.sendline('_' * send_bytes) - - # fast forward beyond 'cat' command, as ^G can be found as part of - # set-xterm-title sequence of $PROMPT_COMMAND or $PS1. - child.expect_exact('BEGIN') - - if os.environ.get('TRAVIS', None) == 'true': - # Travis-CI has intermittent behavior here, possibly - # because the master process is itself, a PTY? - return - - # BEL is *not* found, - with self.assertRaises(pexpect.TIMEOUT): - child.expect_exact('\a', timeout=1) - - # verify, all input is found in output, - child.expect_exact('_' * send_bytes) - - # cleanup, - child.sendcontrol('c') # exit cat(1) (eof wont work in -icanon) - child.sendcontrol('c') - child.sendline('exit 0') # exit bash(1) - child.expect(pexpect.EOF) - assert not child.isalive() - assert child.exitstatus == 0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pexpect-4.0.1/tests/test_repr.py new/pexpect-4.1.0/tests/test_repr.py --- old/pexpect-4.0.1/tests/test_repr.py 2015-10-04 10:18:45.000000000 +0200 +++ new/pexpect-4.1.0/tests/test_repr.py 2016-05-21 13:43:27.000000000 +0200 @@ -24,3 +24,14 @@ # verify assert isinstance(value, str) + def test_str_before_spawn(self): + """ Exercise derived spawn.__str__() """ + # given, + child = pexpect.spawn(None, None) + child.read_nonblocking = lambda size, timeout: b'' + try: + child.expect('alpha', timeout=0.1) + except pexpect.TIMEOUT as e: + str(e) # Smoketest + else: + assert False, 'TIMEOUT exception expected. No exception raised.'

1 0

commit python3-backports.ssl_match_hostname for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package python3-backports.ssl_match_hostname for openSUSE:Factory checked in at 2016-06-02 09:36:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-backports.ssl_match_hostname (Old) and /work/SRC/openSUSE:Factory/.python3-backports.ssl_match_hostname.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python3-backports.ssl_match_hostname" Changes: -------- --- /work/SRC/openSUSE:Factory/python3-backports.ssl_match_hostname/python3-backports.ssl_match_hostname.changes 2016-04-28 16:59:23.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.python3-backports.ssl_match_hostname.new/python3-backports.ssl_match_hostname.changes 2016-06-02 09:37:00.000000000 +0200 @@ -1,0 +2,12 @@ +Fri May 20 19:01:56 UTC 2016 - toddrme2178(a)gmail.com + +- Implement update-alternatives. + +------------------------------------------------------------------- +Sun May 8 07:15:35 UTC 2016 - arun(a)gmx.de + +- specfile: + * updated source url to files.pythonhosted.org + + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-backports.ssl_match_hostname.spec ++++++ --- /var/tmp/diff_new_pack.ThEoNL/_old 2016-06-02 09:37:01.000000000 +0200 +++ /var/tmp/diff_new_pack.ThEoNL/_new 2016-06-02 09:37:01.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package python3-backports.ssl_match_hostname # -# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,11 +23,13 @@ License: Python-2.0 Group: Development/Languages/Python Url: http://bitbucket.org/brandon/backports.ssl_match_hostname -Source: https://pypi.python.org/packages/source/b/backports.ssl_match_hostname/back… +Source: https://files.pythonhosted.org/packages/source/b/backports.ssl_match_hostna… BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch +Requires(post): update-alternatives +Requires(postun): update-alternatives %description The Secure Sockets layer is only actually *secure* @@ -45,9 +47,30 @@ %install python3 setup.py install --prefix=%{_prefix} --root=%{buildroot} +# Prepare for update-alternatives usage +mkdir -p %{buildroot}%{_sysconfdir}/alternatives/ +mv %{buildroot}%{python3_sitelib}/backports/__init__.py %{buildroot}%{python3_sitelib}/backports/__init__ssl_match_hostname.py +ln -s -f %{_sysconfdir}/alternatives/__init__.py %{buildroot}%{python3_sitelib}/backports/__init__.py +# create a dummy target for /etc/alternatives/__init__.py +touch %{buildroot}%{_sysconfdir}/alternatives/__init__.py +rm -rf %{buildroot}%{python3_sitelib}/backports/__pycache__/ + +%post +"%_sbindir/update-alternatives" \ + --install %{python3_sitelib}/backports/__init__.py __init__.py %{python3_sitelib}/backports/__init__ssl_match_hostname.py 30 + +%postun +if [ $1 -eq 0 ] ; then + "%_sbindir/update-alternatives" --remove __init__.py %{python3_sitelib}/backports/__init__ssl_match_hostname.py +fi + %files %defattr(-,root,root,-) -%{python3_sitelib}/backports +%dir %{python3_sitelib}/backports/ +%{python3_sitelib}/backports/__init__.py +%{python3_sitelib}/backports/__init__ssl_match_hostname.py +%ghost %{_sysconfdir}/alternatives/__init__.py +%{python3_sitelib}/backports/ssl_match_hostname/ %{python3_sitelib}/backports.ssl_match_hostname-%{version}-py*.egg-info %changelog

1 0

commit python3-recommonmark for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package python3-recommonmark for openSUSE:Factory checked in at 2016-06-02 09:36:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-recommonmark (Old) and /work/SRC/openSUSE:Factory/.python3-recommonmark.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python3-recommonmark" Changes: -------- New Changes file: --- /dev/null 2016-04-07 01:36:33.300037506 +0200 +++ /work/SRC/openSUSE:Factory/.python3-recommonmark.new/python3-recommonmark.changes 2016-06-02 09:36:57.000000000 +0200 @@ -0,0 +1,18 @@ +------------------------------------------------------------------- +Thu May 19 15:16:07 UTC 2016 - toddrme2178(a)gmail.com + +- Update to version 0.4.0 + * No upstream changelog + +------------------------------------------------------------------- +Sun May 8 07:15:20 UTC 2016 - arun(a)gmx.de + +- specfile: + * updated source url to files.pythonhosted.org + + +------------------------------------------------------------------- +Thu Dec 10 13:07:36 UTC 2015 - bruno(a)ioda-net.ch + +- Initial packaging on obs + New: ---- README.md license.md python3-recommonmark.changes python3-recommonmark.spec recommonmark-0.4.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-recommonmark.spec ++++++ # # spec file for package python3-CommonMark # # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: python3-recommonmark Version: 0.4.0 Release: 0 Summary: Python docutils-compatibility bridge to CommonMark License: MIT Group: Development/Languages/Python Url: https://github.com/rtfd/recommonmark Source0: https://files.pythonhosted.org/packages/source/r/recommonmark/recommonmark-… Source1: https://raw.githubusercontent.com/rtfd/recommonmark/master/license.md Source2: https://raw.githubusercontent.com/rtfd/recommonmark/master/README.md BuildRequires: fdupes BuildRequires: python3 BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: python3-docutils BuildRequires: python3-CommonMark Requires: python3-docutils Requires: python3-CommonMark BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch Provides: python3-reCommonMark = %{version} Obsoletes: python3-reCommonMark < %{version} %description A python docutils-compatibility bridge to CommonMark. This allows you to write CommonMark inside of Docutils & Sphinx projects. Documentation is available on Read the Docs: http://recommonmark.readthedocs.org %prep %setup -q -n recommonmark-%{version} # Remove upstream's egg-info rm -rf %{pypi_name}.egg-info #Add missing license and readme cp -a %{SOURCE1} . cp -a %{SOURCE2} . # find and remove unneeded shebangs find recommonmark -name "*.py" | xargs sed -i '1 {/^#!/ d}' # correct shebang sed -i 's@^#!/usr/bin/python2@#!/usr/bin/python3@' recommonmark/scripts.py %build python3 setup.py build %install python3 setup.py install --prefix=%{_prefix} --root=%{buildroot} %fdupes %{buildroot}%{_prefix} # Prepare for update-alternatives usage mkdir -p %{buildroot}%{_sysconfdir}/alternatives for B in cm2html cm2latex cm2man cm2pseudoxml cm2xetex cm2xml; do mv %{buildroot}%{_bindir}/${B} %{buildroot}%{_bindir}/${B}-%{py3_ver} ln -s -f %{_sysconfdir}/alternatives/${B} %{buildroot}%{_bindir}/${B} # create a dummy target for /etc/alternatives/${B} touch %{buildroot}%{_sysconfdir}/alternatives/${B} done %post %_sbindir/update-alternatives \ --install %{_bindir}/cm2man cm2man %{_bindir}/cm2man-%{py3_ver} 30 \ --slave %{_bindir}/cm2latex cm2latex %{_bindir}/cm2latex-%{py3_ver} \ --slave %{_bindir}/cm2xetex cm2xetex %{_bindir}/cm2xetex-%{py3_ver} \ --slave %{_bindir}/cm2pseudoxml cm2pseudoxml %{_bindir}/cm2pseudoxml-%{py3_ver} \ --slave %{_bindir}/cm2html cm2html %{_bindir}/cm2html-%{py3_ver} \ --slave %{_bindir}/cm2xml cm2xml %{_bindir}/cm2xml-%{py3_ver} %postun if [ $1 -eq 0 ] ; then "%_sbindir/update-alternatives" --remove cm2man %{_bindir}/cm2man-%{py3_ver} fi %files %defattr(-,root,root,-) %doc README.md license.md %{_bindir}/cm2html %{_bindir}/cm2latex %{_bindir}/cm2man %{_bindir}/cm2pseudoxml %{_bindir}/cm2xetex %{_bindir}/cm2xml %{_bindir}/cm2html-%{py3_ver} %{_bindir}/cm2latex-%{py3_ver} %{_bindir}/cm2man-%{py3_ver} %{_bindir}/cm2pseudoxml-%{py3_ver} %{_bindir}/cm2xetex-%{py3_ver} %{_bindir}/cm2xml-%{py3_ver} %ghost %{_sysconfdir}/alternatives/cm2html %ghost %{_sysconfdir}/alternatives/cm2latex %ghost %{_sysconfdir}/alternatives/cm2man %ghost %{_sysconfdir}/alternatives/cm2pseudoxml %ghost %{_sysconfdir}/alternatives/cm2xetex %ghost %{_sysconfdir}/alternatives/cm2xml %{python3_sitelib}/recommonmark/ %{python3_sitelib}/recommonmark-%{version}-py*.egg-info %changelog ++++++ README.md ++++++ # recommonmark A `docutils`-compatibility bridge to [CommonMark][cm]. This allows you to write CommonMark inside of Docutils & Sphinx projects. Documentation is available on Read the Docs: <http://recommonmark.readthedocs.org> Contents -------- * [API Reference](api_ref.md) * [AutoStructify Component](auto_structify.md) ## Getting Started To use `recommonmark` inside of Sphinx only takes 2 steps. First you install it: ``` pip install recommonmark ``` Then add this to your Sphinx conf.py: ``` from recommonmark.parser import CommonMarkParser source_parsers = { '.md': CommonMarkParser, } source_suffix = ['.rst', '.md'] ``` This allows you to write both `.md` and `.rst` files inside of the same project. ### AutoStructify To use the advanced markdown to rst transformations you must add `AutoStructify` to your Sphinx conf.py. ```python # At top on conf.py (with other import statements) import recommonmark from recommonmark.transform import AutoStructify # At the bottom of conf.py def setup(app): app.add_config_value('recommonmark_config', { 'url_resolver': lambda url: github_doc_root + url, 'auto_toc_tree_section': 'Contents', }, True) app.add_transform(AutoStructify) ``` See https://github.com/rtfd/recommonmark/blob/master/docs/conf.py for a full example. AutoStructify comes with the following options. See http://recommonmark.readthedocs.org/en/latest/auto_structify.html for more information about the specific features. * __enable_auto_toc_tree__: enable the Auto Toc Tree feature. * __auto_toc_tree_section__: when True, Auto Toc Tree will only be enabled on section that matches the title. * __enable_auto_doc_ref__: enable the Auto Doc Ref feature. * __enable_math__: enable the Math Formula feature. * __enable_inline_math__: enable the Inline Math feature. * __enable_eval_rst__: enable the evaluate embedded reStructuredText feature. * __url_resolver__: a function that maps a existing relative position in the document to a http link ## Development You can run the tests by running `tox` in the top-level of the project. We are working to expand test coverage, but this will at least test basic Python 2 and 3 compatability. ## Why a bridge? Many python tools (mostly for documentation creation) rely on `docutils`. But [docutils][dc] only supports a ReStructuredText syntax. For instance [this issue][sphinx-issue] and [this StackOverflow question][so-question] show that there is an interest in allowing `docutils` to use markdown as an alternative syntax. ## Why another bridge to docutils? recommonmark uses the [python implementation][pcm] of [CommonMark][cm] while [remarkdown][rmd] implements a stand-alone parser leveraging [parsley][prs]. Both output a [`docutils` document tree][dc] and provide scripts that leverage `docutils` for generation of different types of documents. ## Acknowledgement recommonmark is mainly derived from [remarkdown][rmd] by Steve Genoud and leverages the python CommonMark implementation. It was originally created by [Luca Barbato][lu-zero], and is now maintained in the Read the Docs (rtfd) GitHub organization. [cm]: http://commonmark.org [pcm]: https://github.com/rtfd/CommonMark-py [rmd]: https://github.com/sgenoud/remarkdown [prs]: https://github.com/python-parsley/parsley [lu-zero]: https://github.com/lu-zero [dc]: http://docutils.sourceforge.net/docs/ref/doctree.html [sphinx-issue]: https://bitbucket.org/birkenfeld/sphinx/issue/825/markdown-capable-sphinx [so-question]: http://stackoverflow.com/questions/2471804/using-sphinx-with-markdown-inste… ++++++ license.md ++++++ The MIT License (MIT) Copyright (c) 2014 Steve Genoud Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

1 0

commit rubygem-json-schema for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package rubygem-json-schema for openSUSE:Factory checked in at 2016-06-02 09:36:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-json-schema (Old) and /work/SRC/openSUSE:Factory/.rubygem-json-schema.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-json-schema" Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-json-schema/rubygem-json-schema.changes 2016-03-26 15:22:15.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-json-schema.new/rubygem-json-schema.changes 2016-06-02 09:36:54.000000000 +0200 @@ -1,0 +2,6 @@ +Sat May 14 04:40:59 UTC 2016 - coolo(a)suse.com + +- updated to version 2.6.2 + no changelog found + +------------------------------------------------------------------- Old: ---- json-schema-2.6.1.gem New: ---- json-schema-2.6.2.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-json-schema.spec ++++++ --- /var/tmp/diff_new_pack.ja5LnH/_old 2016-06-02 09:36:55.000000000 +0200 +++ /var/tmp/diff_new_pack.ja5LnH/_new 2016-06-02 09:36:55.000000000 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-json-schema -Version: 2.6.1 +Version: 2.6.2 Release: 0 %define mod_name json-schema %define mod_full_name %{mod_name}-%{version} ++++++ json-schema-2.6.1.gem -> json-schema-2.6.2.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2016-02-26 11:03:19.000000000 +0100 +++ new/README.md 2016-05-13 16:54:29.000000000 +0200 @@ -1,5 +1,5 @@ -![https://travis-ci.org/ruby-json-schema/json-schema](https://travis-ci.org/ruby-json-schema/json-schema.svg?branch=master) -![https://codeclimate.com/github/ruby-json-schema/json-schema](https://codeclimate.com/github/ruby-json-schema/json-schema/badges/gpa.svg) +[![Travis](https://travis-ci.org/ruby-json-schema/json-schema.svg?branch=master)](https://travis-ci.org/ruby-json-schema/json-schema) +[![Code Climate](https://codeclimate.com/github/ruby-json-schema/json-schema/badges… Ruby JSON Schema Validator ========================== @@ -42,10 +42,10 @@ $ gem install json-schema-2.5.2.gem ``` -Usage +Validation ----- -Three base validation methods exist: +Three base validation methods exist: 1. `validate`: returns a boolean on whether a validation attempt passes 2. `validate!`: throws a `JSON::Schema::ValidationError` with an appropriate message/trace on where the validation failed @@ -67,79 +67,15 @@ that the `$schema` attribute takes precedence over the `:version` option during parsing and validation. -### Validate Ruby objects against a Ruby schema - For further information on json schema itself refer to <a href="http://spacetelescope.github.io/understanding-json-schema/">Understanding JSON Schema</a>. -```rb -require 'rubygems' -require 'json-schema' - -schema = { - "type" => "object", - "required" => ["a"], - "properties" => { - "a" => {"type" => "integer"} - } -} - -data = { - "a" => 5 -} - -JSON::Validator.validate(schema, data) -``` - -### Validate a JSON string against a JSON schema file - -```rb -require 'rubygems' -require 'json-schema' - -JSON::Validator.validate('schema.json', '{"a" : 5}') -``` - -### Validate a list of objects against a schema that represents the individual objects - -```rb -require 'rubygems' -require 'json-schema' - -data = ['user','user','user'] -JSON::Validator.validate('user.json', data, :list => true) -``` - -### Strictly validate an object's properties - -With the `:strict` option, validation fails when an object contains properties -that are not defined in the schema's property list or doesn't match the -`additionalProperties` property. Furthermore, all properties are treated as -`required` regardless of `required` properties set in the schema. - -```rb -require 'rubygems' -require 'json-schema' - -schema = { - "type" => "object", - "properties" => { - "a" => {"type" => "integer"}, - "b" => {"type" => "integer"} - } -} - -JSON::Validator.validate(schema, {"a" => 1, "b" => 2}, :strict => true) # ==> true -JSON::Validator.validate(schema, {"a" => 1, "b" => 2, "c" => 3}, :strict => true) # ==> false -JSON::Validator.validate(schema, {"a" => 1}, :strict => true) # ==> false -``` - -### Catch a validation error and print it out +Basic Usage +-------------- -```rb -require 'rubygems' -require 'json-schema' +```ruby +require "json-schema" schema = { "type" => "object", @@ -149,215 +85,188 @@ } } -data = { - "a" => "taco" -} +# +# validate ruby objects against a ruby schema +# + +# => true +JSON::Validator.validate(schema, { "a" => 5 }) +# => false +JSON::Validator.validate(schema, {}) + +# +# validate a json string against a json schema file +# + +require "json" +File.write("schema.json", JSON.dump(schema)) + +# => true +JSON::Validator.validate('schema.json', '{ "a": 5 }') + +# +# raise an error when validation fails +# +# => "The property '#/a' of type String did not match the following type: integer" begin - JSON::Validator.validate!(schema, data) -rescue JSON::Schema::ValidationError - puts $!.message + JSON::Validator.validate!(schema, { "a" => "taco" }) +rescue JSON::Schema::ValidationError => e + e.message end -``` - -### Fully validate against a schema and catch all errors - -```rb -require 'rubygems' -require 'json-schema' - -schema = { - "type" => "object", - "required" => ["a","b"], - "properties" => { - "a" => {"type" => "integer"}, - "b" => {"type" => "string"} - } -} - -data = { - "a" => "taco" -} - -errors = JSON::Validator.fully_validate(schema, data) - -# ["The property '#/a' of type String did not match the following type: integer in schema 03179a21-197e-5414-9611-e9f63e8324cd#", "The property '#/' did not contain a required property of 'b' in schema 03179a21-197e-5414-9611-e9f63e8324cd#"] -``` - -### Fully validate against a schema and catch all errors as objects - -```rb -require 'rubygems' -require 'json-schema' - -schema = { - "type" => "object", - "required" => ["a","b"], - "properties" => { - "a" => {"type" => "integer"}, - "b" => {"type" => "string"} - } -} - -data = { - "a" => "taco" -} -errors = JSON::Validator.fully_validate(schema, data, :errors_as_objects => true) +# +# return an array of error messages when validation fails +# -# [{:message=>"The property '#/a' of type String did not match the following type: integer in schema 03179a21-197e-5414-9611-e9f63e8324cd#", :schema=>#, :failed_attribute=>"Type", :fragment=>"#/a"}, {:message=>"The property '#/' did not contain a required property of 'b' in schema 03179a21-197e-5414-9611-e9f63e8324cd#", :schema=>#, :failed_attribute=>"Properties", :fragment=>"#/"}] +# => ["The property '#/a' of type String did not match the following type: integer in schema 18a1ffbb-4681-5b00-bd15-2c76aee4b28f"] +JSON::Validator.fully_validate(schema, { "a" => "taco" }) ``` -### Validate against a fragment of a supplied schema +Advanced Options +----------------- -```rb -require 'rubygems' -require 'json-schema' +```ruby +require "json-schema" schema = { - "type" => "object", - "required" => ["a","b"], + "type"=>"object", + "required" => ["a"], "properties" => { - "a" => {"type" => "integer"}, - "b" => {"type" => "string"}, - "c" => { + "a" => { + "type" => "integer", + "default" => 42 + }, + "b" => { "type" => "object", "properties" => { - "z" => {"type" => "integer"} + "x" => { + "type" => "integer" + } } } } } -data = { - "z" => 1 -} - -JSON::Validator.validate(schema, data, :fragment => "#/properties/c") -``` - -### Validate a JSON object against a JSON schema object, while also validating the schema itself - -```rb -require 'rubygems' -require 'json-schema' - -schema = { - "type" => "object", - "required" => ["a"], - "properties" => { - "a" => {"type" => "integer", "required" => "true"} # This will fail schema validation! - } -} - -data = { - "a" => 5 -} - -JSON::Validator.validate(schema, data, :validate_schema => true) -``` - -### Validate a JSON object against a JSON schema object, while inserting default values from the schema - -With the `:insert_defaults` option set to true any missing property that has a -default value specified in the schema will be inserted into the validated data. -The inserted default value is validated hence catching a schema that specifies -an invalid default value. - -```rb -require 'rubygems' -require 'json-schema' - -schema = { - "type" => "object", - "required" => ["a"], - "properties" => { - "a" => {"type" => "integer", "default" => 42}, - "b" => {"type" => "integer"} - } -} - -# Would not normally validate because "a" is missing and required by schema, -# but "default" option allows insertion of valid default. -data = { - "b" => 5 -} +# +# with the `:list` option, a list can be validated against a schema that represents the individual objects +# + +# => true +JSON::Validator.validate(schema, [{"a" => 1}, {"a" => 2}, {"a" => 3}], :list => true) +# => false +JSON::Validator.validate(schema, [{"a" => 1}, {"a" => 2}, {"a" => 3}]) + +# +# with the `:errors_as_objects` option, `#fully_validate` returns errors as hashes instead of strings +# + +# => [{:schema=>#<Addressable::URI:0x3ffa69cbeed8 URI:18a1ffbb-4681-5b00-bd15-2c76aee4b28f>, :fragment=>"#/a", :message=>"The property '#/a' of type String did not match the following type: integer in schema 18a1ffbb-4681-5b00-bd15-2c76aee4b28f", :failed_attribute=>"TypeV4"}] +JSON::Validator.fully_validate(schema, { "a" => "taco" }, :errors_as_objects => true) + +# +# with the `:strict` option, all properties are condisidered to have `"required": true` and all objects `"additionalProperties": false` +# + +# => true +JSON::Validator.validate(schema, { "a" => 1, "b" => { "x" => 2 } }, :strict => true) +# => false +JSON::Validator.validate(schema, { "a" => 1, "b" => { "x" => 2 }, "c" => 3 }, :strict => true) +# => false +JSON::Validator.validate(schema, { "a" => 1 }, :strict => true) + +# +# with the `:fragment` option, only a fragment of the schema is used for validation +# + +# => true +JSON::Validator.validate(schema, { "x" => 1 }, :fragment => "#/properties/b") +# => false +JSON::Validator.validate(schema, { "x" => 1 }) + +# +# with the `:validate_schema` option, the schema is validated (against the json schema spec) before the json is validated (against the specified schema) +# + +# => true +JSON::Validator.validate(schema, { "a" => 1 }, :validate_schema => true) +# => false +JSON::Validator.validate({ "required" => true }, { "a" => 1 }, :validate_schema => true) + +# +# with the `:insert_defaults` option, any undefined values in the json that have a default in the schema are replaced with the default before validation +# + +# => true +JSON::Validator.validate(schema, {}, :insert_defaults => true) +# => false +JSON::Validator.validate(schema, {}) + +# +# with the `:version` option, schemas conforming to older drafts of the json schema spec can be used +# -JSON::Validator.validate(schema, data) -# false - -JSON::Validator.validate(schema, data, :insert_defaults => true) -# true -# data = { -# "a" => 42, -# "b" => 5 -# } -``` - -### Validate an object against a JSON Schema Draft 2 schema - -```rb -require 'rubygems' -require 'json-schema' - -schema = { +v2_schema = { "type" => "object", "properties" => { - "a" => {"type" => "integer", "optional" => true} + "a" => { + "type" => "integer" + } } } -data = { - "a" => 5 -} - -JSON::Validator.validate(schema, data, :version => :draft2) -``` - -### Explicitly specifying the type of the data - -By default, json-schema accepts a variety of different types for the data -parameter, and it will try to work out what to do with it dynamically. You can -pass it a string uri (in which case it will download the json from that location -before validating), a string of JSON text, or simply a ruby object (such as an -array or hash representing parsed json). However, sometimes the nature of the -data is ambiguous (for example, is "http://github.com" just a string, or is it a -uri?). In other situations, you have already parsed your JSON, and you don't -need to re-parse it. - -If you want to be explict about what kind of data is being parsed, JSON schema -supports a number of options: - -```rb -require 'rubygems' -require 'json-schema' - -schema = { - "type" => "string" -} - -# examines the data, determines it's a uri, then tries to load data from it -JSON::Validator.validate(schema, 'https://api.github.com') # returns false - -# data is already parsed json - just accept it as-is -JSON::Validator.validate(schema, 'https://api.github.com', :parse_data => false) # returns true - -# data is parsed to a json string -JSON::Validator.validate(schema, '"https://api.github.com"', :json => true) # returns true +# => false +JSON::Validator.validate(v2_schema, {}, :version => :draft2) +# => true +JSON::Validator.validate(v2_schema, {}) + +# +# with the `:parse_data` option set to false, the json must be a parsed ruby object (not a json text, a uri or a file path) +# + +# => true +JSON::Validator.validate(schema, { "a" => 1 }, :parse_data => false) +# => false +JSON::Validator.validate(schema, '{ "a": 1 }', :parse_data => false) + +# +# with the `:json` option, the json must be an unparsed json text (not a hash, a uri or a file path) +# + +# => true +JSON::Validator.validate(schema, '{ "a": 1 }', :json => true) +# => "no implicit conversion of Hash into String" +begin + JSON::Validator.validate(schema, { "a" => 1 }, :json => true) +rescue TypeError => e + e.message +end -# loads data from the uri -JSON::Validator.validate(schema, 'https://api.github.com', :uri => true) # returns false +# +# with the `:uri` option, the json must be a uri or file path (not a hash or a json text) +# + +File.write("data.json", '{ "a": 1 }') + +# => true +JSON::Validator.validate(schema, "data.json", :uri => true) +# => "Can't convert Hash into String." +begin + JSON::Validator.validate(schema, { "a" => 1 }, :uri => true) +rescue TypeError => e + e.message +end ``` -### Extend an existing schema and validate against it +Extending Schemas +----------------- For this example, we are going to extend the [JSON Schema Draft 3](http://tools.ietf.org/html/draft-zyp-json-schema-03) specification by adding a 'bitwise-and' property for validation. -```rb -require 'rubygems' -require 'json-schema' +```ruby +require "json-schema" class BitwiseAndAttribute < JSON::Schema::Attribute def self.validate(current_schema, data, fragments, processor, validator, options = {}) @@ -403,7 +312,8 @@ JSON::Validator.validate(schema,data) # => false ``` -### Custom format validation +Custom format validation +------------------------ The JSON schema standard allows custom formats in schema definitions which should be ignored by validators that do not support them. JSON::Schema allows @@ -412,9 +322,8 @@ indicate a format violation. The error message will be prepended by the property name, e.g. [The property '#a']() -```rb -require 'rubygems' -require 'json-schema' +```ruby +require "json-schema" format_proc = -> value { raise JSON::Schema::CustomFormatError.new("must be 42") unless value == "42" @@ -456,7 +365,7 @@ accomplished by registering all referenced schemas with the validator in advance: -```rb +```ruby schema = JSON::Schema.new(some_schema_definition, Addressable::URI.parse('http://example.com/my-schema')) JSON::Validator.add_schema(schema) ``` @@ -464,7 +373,7 @@ If more extensive control is necessary, the `JSON::Schema::Reader` instance used can be configured in a few ways: -```rb +```ruby # Change the default schema reader used JSON::Validator.schema_reader = JSON::Schema::Reader.new(:accept_uri => true, :accept_file => false) @@ -491,7 +400,7 @@ parser is used by default. This can be changed by issuing the following before validation: -```rb +```ruby JSON::Validator.json_backend = :json ``` Files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/json-schema/attributes/ref.rb new/lib/json-schema/attributes/ref.rb --- old/lib/json-schema/attributes/ref.rb 2016-02-26 11:03:19.000000000 +0100 +++ new/lib/json-schema/attributes/ref.rb 2016-05-13 16:54:29.000000000 +0200 @@ -48,11 +48,11 @@ if ref_schema # Perform fragment resolution to retrieve the appropriate level for the schema target_schema = ref_schema.schema - fragments = temp_uri.fragment.split("/") + fragments = JSON::Util::URI.parse(JSON::Util::URI.unescape_uri(temp_uri)).fragment.split("/") fragment_path = '' fragments.each do |fragment| if fragment && fragment != '' - fragment = JSON::Util::URI.unescaped_uri(fragment.gsub('~0', '~').gsub('~1', '/')) + fragment = fragment.gsub('~0', '~').gsub('~1', '/') if target_schema.is_a?(Array) target_schema = target_schema[fragment.to_i] else diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/json-schema/schema/reader.rb new/lib/json-schema/schema/reader.rb --- old/lib/json-schema/schema/reader.rb 2016-02-26 11:03:19.000000000 +0100 +++ new/lib/json-schema/schema/reader.rb 2016-05-13 16:54:29.000000000 +0200 @@ -102,7 +102,7 @@ def read_file(pathname) if accept_file?(pathname) - File.read(JSON::Util::URI.unescaped_uri(pathname.to_s)) + File.read(JSON::Util::URI.unescaped_path(pathname.to_s)) else raise JSON::Schema::ReadRefused.new(pathname.to_s, :file) end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/json-schema/util/uri.rb new/lib/json-schema/util/uri.rb --- old/lib/json-schema/util/uri.rb 2016-02-26 11:03:19.000000000 +0100 +++ new/lib/json-schema/util/uri.rb 2016-05-13 16:54:29.000000000 +0200 @@ -54,7 +54,11 @@ Addressable::URI.convert_path(parsed_uri.path) end - def self.unescaped_uri(uri) + def self.unescape_uri(uri) + Addressable::URI.unescape(uri) + end + + def self.unescaped_path(uri) parsed_uri = parse(uri) Addressable::URI.unescape(parsed_uri.path) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/json-schema/validator.rb new/lib/json-schema/validator.rb --- old/lib/json-schema/validator.rb 2016-02-26 11:03:19.000000000 +0100 +++ new/lib/json-schema/validator.rb 2016-05-13 16:54:29.000000000 +0200 @@ -608,7 +608,7 @@ end else begin - File.read(JSON::Util::URI.unescaped_uri(uri)) + File.read(JSON::Util::URI.unescaped_path(uri)) rescue SystemCallError => e raise JSON::Schema::JsonLoadError, e.message end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2016-02-26 11:03:19.000000000 +0100 +++ new/metadata 2016-05-13 16:54:29.000000000 +0200 @@ -1,14 +1,14 @@ --- !ruby/object:Gem::Specification name: json-schema version: !ruby/object:Gem::Version - version: 2.6.1 + version: 2.6.2 platform: ruby authors: - Kenny Hoxworth autorequire: bindir: bin cert_chain: [] -date: 2016-02-26 00:00:00.000000000 Z +date: 2016-05-13 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: rake @@ -174,4 +174,3 @@ specification_version: 4 summary: Ruby JSON Schema Validator test_files: [] -has_rdoc:

1 0

commit libu2f-host for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package libu2f-host for openSUSE:Factory checked in at 2016-06-02 09:36:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libu2f-host (Old) and /work/SRC/openSUSE:Factory/.libu2f-host.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libu2f-host" Changes: -------- --- /work/SRC/openSUSE:Factory/libu2f-host/libu2f-host.changes 2016-03-26 17:30:38.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libu2f-host.new/libu2f-host.changes 2016-06-02 09:36:48.000000000 +0200 @@ -1,0 +2,8 @@ +Thu May 19 13:33:26 UTC 2016 - t.gruner(a)katodev.de + +- Add buildrequirement for libudev to select the rule for udev. +- Add udev directories in %files +- Add udev rule for Feitian ePass FIDO (udev.patch) +- Change License for the library + +------------------------------------------------------------------- New: ---- udev.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libu2f-host.spec ++++++ --- /var/tmp/diff_new_pack.RolArh/_old 2016-06-02 09:36:49.000000000 +0200 +++ /var/tmp/diff_new_pack.RolArh/_new 2016-06-02 09:36:49.000000000 +0200 @@ -21,17 +21,19 @@ Version: 1.1.1 Release: 0 Summary: Yubico Universal 2nd Factor (U2F) Host C Library -License: GPL-3.0+ +License: LGPL-2.1+ Group: Productivity/Networking/Security Url: https://developers.yubico.com/ Source0: https://developers.yubico.com/libu2f-host/Releases/%{name}-%{version}.tar.xz Source1: https://developers.yubico.com/libu2f-host/Releases/%{name}-%{version}.tar.x… +Patch0: udev.patch BuildRequires: libhidapi-devel BuildRequires: libtool BuildRequires: libzip BuildRequires: openssl-devel BuildRequires: pkg-config BuildRequires: pkgconfig(json-c) >= 0.10 +BuildRequires: pkgconfig(libudev) BuildRequires: pkgconfig(openssl) BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -42,6 +44,7 @@ %package -n %{name}%{sover} Summary: Library for Universal 2nd Factor (U2F) +License: LGPL-2.1+ Group: Productivity/Networking/Security %description -n %{name}%{sover} @@ -51,6 +54,7 @@ %package -n %{name}-devel Summary: Development files for Universal 2nd Factor (U2F) +License: LGPL-2.1+ Group: Development/Libraries/C and C++ Requires: %{name}%{sover} = %{version} @@ -60,6 +64,7 @@ %package -n u2f-host Summary: Tool to support Yubico's Universal 2nd Factor (U2F) +License: GPL-3.0+ Group: Productivity/Networking/Security Requires: %{name}%{sover} = %{version} @@ -68,6 +73,7 @@ %package doc Summary: Documentation for the U2F protocol +License: LGPL-2.1+ Group: Productivity/Networking/Security %description doc @@ -75,6 +81,7 @@ %prep %setup -q +%patch0 %build %configure --disable-static --with-openssl --with-udevrulesdir=%{_udevrulesdir} @@ -96,6 +103,8 @@ %doc AUTHORS COPYING NEWS ChangeLog README %{_bindir}/u2f-host %{_mandir}/man1/u2f-host.1.gz +%dir /usr/lib/udev +%dir %{_udevrulesdir} %{_udevrulesdir}/*-u2f.rules %files doc ++++++ udev.patch ++++++ --- 70-u2f.rules 2015-12-10 14:59:11.000000000 +0100 +++ 70-u2f.rules.new 2016-05-18 12:02:38.740152998 +0200 @@ -13,4 +13,7 @@ KERNEL=="hidraw*", SUBSYSTEM=="hidraw", # HyperSecu HyperFIDO KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="096e", ATTRS{idProduct}=="0880", TAG+="uaccess" +# Feitian ePass FIDO +KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="096e", ATTRS{idProduct}=="0850", TAG+="uaccess" + LABEL="u2f_end"

1 0

commit ykclient for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package ykclient for openSUSE:Factory checked in at 2016-06-02 09:36:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ykclient (Old) and /work/SRC/openSUSE:Factory/.ykclient.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ykclient" Changes: -------- --- /work/SRC/openSUSE:Factory/ykclient/ykclient.changes 2015-04-15 16:27:41.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ykclient.new/ykclient.changes 2016-06-02 09:36:45.000000000 +0200 @@ -1,0 +2,13 @@ +Tue May 17 14:42:29 UTC 2016 - t.gruner(a)katodev.de + +- Add .sig file to ykclient.spec + +------------------------------------------------------------------- +Thu Nov 12 14:42:12 UTC 2015 - t.gruner(a)katodev.de + +- Version 2.15 (released 2015-11-12) + - Add ykclient_get_server_response() to the library. + - Show more information from the commandline on debug. + - Add proxy support via Curl. + +------------------------------------------------------------------- Old: ---- ykclient-2.14.tar.gz New: ---- ykclient-2.15.tar.gz ykclient-2.15.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ykclient.spec ++++++ --- /var/tmp/diff_new_pack.moO9Cb/_old 2016-06-02 09:36:46.000000000 +0200 +++ /var/tmp/diff_new_pack.moO9Cb/_new 2016-06-02 09:36:46.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package ykclient # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,16 +17,18 @@ Name: ykclient -Version: 2.14 +Version: 2.15 Release: 0 Summary: Online validation of Yubikey OTPs License: BSD-2-Clause Group: Productivity/Networking/Security Url: https://developers.yubico.com/ -Source: https://developers.yubico.com/yubico-c-client/Releases/ykclient-%{version}.… +Source0: https://developers.yubico.com/yubico-c-client/Releases/ykclient-%{version}.… +Source1: https://developers.yubico.com/yubico-c-client/Releases/ykclient-%{version}.… BuildRequires: curl-devel BuildRequires: help2man BuildRequires: pkgconfig +Requires: libykclient3 = %{version} Provides: yubico-c-client = %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ ykclient-2.14.tar.gz -> ykclient-2.15.tar.gz ++++++ ++++ 2210 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/ChangeLog new/ykclient-2.15/ChangeLog --- old/ykclient-2.14/ChangeLog 2015-03-05 13:57:25.000000000 +0100 +++ new/ykclient-2.15/ChangeLog 2015-11-12 09:33:27.000000000 +0100 @@ -1,3 +1,45 @@ +2015-11-12 Klas Lindfors <klas(a)yubico.com> + + * NEWS: NEWS for 2.15 + +2015-11-11 Klas Lindfors <klali(a)avm.se> + + * : Merge pull request #36 from mikemn/master Add proxy support via Curl + +2015-07-09 Klas Lindfors <klas(a)yubico.com> + + * ykclient.c: make sure there is always at least one handle found with clang scan-build + +2015-07-05 Klas Lindfors <klas(a)yubico.com> + + * Makefile.am, configure.ac: add help2adoc for releases + +2015-06-24 Klas Lindfors <klas(a)yubico.com> + + * configure.ac: bump libtool variables correctly since a symbol was + added + +2015-06-24 Klas Lindfors <klas(a)yubico.com> + + * tool.c: tool: use server response to print out more debug info + +2015-06-24 Klas Lindfors <klas(a)yubico.com> + + * libykclient.map, ykclient.c, ykclient.h: add an interface to fetch + the last server response + +2015-06-24 Klas Lindfors <klas(a)yubico.com> + + * ykclient.c: add timestamp to the default query + +2015-06-15 Klas Lindfors <klas(a)yubico.com> + + * tool.c: add --cai to commandline tool help + +2015-03-05 Klas Lindfors <klas(a)yubico.com> + + * NEWS, configure.ac: bump versions + 2015-03-05 Klas Lindfors <klas(a)yubico.com> * NEWS: NEWS for 2.14 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/Makefile.am new/ykclient-2.15/Makefile.am --- old/ykclient-2.14/Makefile.am 2015-02-20 09:10:41.000000000 +0100 +++ new/ykclient-2.15/Makefile.am 2015-07-05 18:57:20.000000000 +0200 @@ -134,3 +134,5 @@ cd $(srcdir) && git tag -u $(KEYID) -m $(VERSION) $(PACKAGE)-$(VERSION) cd $(srcdir) && git push --tags $(YUBICO_WWW_REPO)/publish $(PROJECT) $(VERSION) $(PACKAGE)-$(VERSION).tar.gz* + $(HELP2ADOC) -e ./ykclient -n "YubiCloud One-Time-Password Validation Client" > ykclient.1.txt + $(YUBICO_WWW_REPO)/save-mans $(PROJECT) ykclient.1.txt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/NEWS new/ykclient-2.15/NEWS --- old/ykclient-2.14/NEWS 2015-03-05 13:54:14.000000000 +0100 +++ new/ykclient-2.15/NEWS 2015-11-12 09:32:36.000000000 +0100 @@ -1,5 +1,13 @@ Yubikey-c-client NEWS -- History of user-visible changes. -*- outline -*- +* Version 2.15 (released 2015-11-12) + +** Add ykclient_get_server_response() to the library. + +** Show more information from the commandline on debug. + +** Add proxy support via Curl. + * Version 2.14 (released 2015-03-05) ** Switch default templates to https. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/build-aux/ar-lib new/ykclient-2.15/build-aux/ar-lib --- old/ykclient-2.14/build-aux/ar-lib 2015-02-08 21:09:29.000000000 +0100 +++ new/ykclient-2.15/build-aux/ar-lib 2015-11-12 09:33:04.000000000 +0100 @@ -4,7 +4,7 @@ me=ar-lib scriptversion=2012-03-01.08; # UTC -# Copyright (C) 2010-2013 Free Software Foundation, Inc. +# Copyright (C) 2010-2014 Free Software Foundation, Inc. # Written by Peter Rosin <peda(a)lysator.liu.se>. # # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/build-aux/compile new/ykclient-2.15/build-aux/compile --- old/ykclient-2.14/build-aux/compile 2015-02-08 21:09:29.000000000 +0100 +++ new/ykclient-2.15/build-aux/compile 2015-11-12 09:33:04.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2012-10-14.11; # UTC -# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# Copyright (C) 1999-2014 Free Software Foundation, Inc. # Written by Tom Tromey <tromey(a)cygnus.com>. # # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/build-aux/missing new/ykclient-2.15/build-aux/missing --- old/ykclient-2.14/build-aux/missing 2015-02-08 21:09:29.000000000 +0100 +++ new/ykclient-2.15/build-aux/missing 2015-11-12 09:33:04.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2013-10-28.13; # UTC -# Copyright (C) 1996-2013 Free Software Foundation, Inc. +# Copyright (C) 1996-2014 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard <pinard(a)iro.umontreal.ca>, 1996. # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/build-aux/test-driver new/ykclient-2.15/build-aux/test-driver --- old/ykclient-2.14/build-aux/test-driver 2015-02-08 21:09:29.000000000 +0100 +++ new/ykclient-2.15/build-aux/test-driver 2015-11-12 09:33:05.000000000 +0100 @@ -3,7 +3,7 @@ scriptversion=2013-07-13.22; # UTC -# Copyright (C) 2011-2013 Free Software Foundation, Inc. +# Copyright (C) 2011-2014 Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -106,11 +106,14 @@ # Test script is run here. "$@" >$log_file 2>&1 estatus=$? + if test $enable_hard_errors = no && test $estatus -eq 99; then - estatus=1 + tweaked_estatus=1 +else + tweaked_estatus=$estatus fi -case $estatus:$expect_failure in +case $tweaked_estatus:$expect_failure in 0:yes) col=$red res=XPASS recheck=yes gcopy=yes;; 0:*) col=$grn res=PASS recheck=no gcopy=no;; 77:*) col=$blu res=SKIP recheck=no gcopy=yes;; @@ -119,6 +122,12 @@ *:*) col=$red res=FAIL recheck=yes gcopy=yes;; esac +# Report the test outcome and exit status in the logs, so that one can +# know whether the test passed or failed simply by looking at the '.log' +# file, without the need of also peaking into the corresponding '.trs' +# file (automake bug#11814). +echo "$res $test_name (exit status: $estatus)" >>$log_file + # Report outcome to console. echo "${col}${res}${std}: $test_name" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/configure.ac new/ykclient-2.15/configure.ac --- old/ykclient-2.14/configure.ac 2015-02-20 09:10:41.000000000 +0100 +++ new/ykclient-2.15/configure.ac 2015-07-05 18:02:07.000000000 +0200 @@ -26,7 +26,7 @@ # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -AC_INIT([ykclient], [2.14], [yubico-devel(a)googlegroups.com] +AC_INIT([ykclient], [2.15], [yubico-devel(a)googlegroups.com] AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIR([m4]) @@ -34,9 +34,9 @@ # Interfaces changed/added/removed: CURRENT++ REVISION=0 # Interfaces added: AGE++ # Interfaces removed: AGE=0 -AC_SUBST(LT_CURRENT, 8) -AC_SUBST(LT_REVISION, 4) -AC_SUBST(LT_AGE, 5) +AC_SUBST(LT_CURRENT, 9) +AC_SUBST(LT_REVISION, 0) +AC_SUBST(LT_AGE, 6) AM_INIT_AUTOMAKE([1.11 -Wall -Werror]) AM_SILENT_RULES([yes]) @@ -45,6 +45,7 @@ m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) AM_MISSING_PROG(HELP2MAN, help2man, $missing_dir) +AM_MISSING_PROG(HELP2ADOC, help2adoc, $missing_dir) AC_LIBTOOL_WIN32_DLL AC_PROG_LIBTOOL diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/libykclient.map new/ykclient-2.15/libykclient.map --- old/ykclient-2.14/libykclient.map 2014-06-03 09:12:22.000000000 +0200 +++ new/ykclient-2.15/libykclient.map 2015-11-11 12:54:55.000000000 +0100 @@ -65,3 +65,9 @@ ykclient_set_ca_info; ykclient_set_url_bases; } Base; + +YKCLIENT_2.15 { + global: + ykclient_get_server_response; + ykclient_set_proxy; +} YKCLIENT_2.12; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/tool.c new/ykclient-2.15/tool.c --- old/ykclient-2.14/tool.c 2015-02-20 09:10:56.000000000 +0100 +++ new/ykclient-2.15/tool.c 2015-11-11 12:57:54.000000000 +0100 @@ -53,7 +53,11 @@ " \"http://api.yubico.com/wsapi/verify\"\n" " --ca CADIR Path to directory containing Certificate Authoritity,\n" " e.g., \"/usr/local/etc/CERTS\"\n" + " --cai CAFILE Path to a file holding one or more certificated to\n" + " verify the peer with\n" " --apikey Key API key for HMAC validation of request/response\n" + " --proxy ip:port Connect to validation service through a proxy,\n" + " e.g., \"socks5h://user:pass@127.0.0.1:1080\"\n" "\n" "Exit status is 0 on success, 1 if there is a hard failure, 2 if the\n" "OTP was replayed, 3 for other soft OTP-related failures.\n" @@ -64,6 +68,7 @@ {"ca", 1, 0, 'c'}, {"cai", 1, 0, 'i'}, {"apikey", 1, 0, 'a'}, + {"proxy", 1, 0, 'p'}, {"debug", 0, 0, 'd'}, {"help", 0, 0, 'h'}, {"version", 0, 0, 'V'}, @@ -74,7 +79,7 @@ static void parse_args (int argc, char *argv[], unsigned int *client_id, char **token, char **url, char **ca, - char **cai, char **api_key, int *debug) + char **cai, char **api_key, char **proxy, int *debug) { while (1) { @@ -131,6 +136,15 @@ *cai = optarg; break; + case 'p': + if (strlen(optarg) < 1) + { + fprintf (stderr, "error: must give a valid proxy [scheme]://ip:port"); + exit (EXIT_FAILURE); + } + *proxy = optarg; + break; + case 'h': printf ("%s", usage); exit (EXIT_SUCCESS); @@ -172,20 +186,17 @@ main (int argc, char *argv[]) { unsigned int client_id; - char *token, *url = NULL, *ca = NULL, *api_key = NULL, *cai = NULL; + char *token, *url = NULL, *ca = NULL, *api_key = NULL, *cai = NULL, *proxy = NULL; int debug = 0; ykclient_rc ret; ykclient_t *ykc = NULL; - parse_args (argc, argv, &client_id, &token, &url, &ca, &cai, &api_key, + parse_args (argc, argv, &client_id, &token, &url, &ca, &cai, &api_key, &proxy, &debug); - if (ca || cai) - { - ret = ykclient_init (&ykc); - if (ret != YKCLIENT_OK) - return EXIT_FAILURE; - } + ret = ykclient_init (&ykc); + if (ret != YKCLIENT_OK) + return EXIT_FAILURE; if (ca) { @@ -196,6 +207,10 @@ { ykclient_set_ca_info (ykc, cai); } + if (proxy) + { + ykclient_set_proxy (ykc, proxy); + } if (debug) { @@ -210,13 +225,29 @@ fprintf (stderr, " token: %s\n", token); if (api_key != NULL) fprintf (stderr, " api key: %s\n", api_key); + if (proxy != NULL) + fprintf (stderr, "Using proxy: %s\n", proxy); } ret = ykclient_verify_otp_v2 (ykc, token, client_id, NULL, 1, (const char **) &url, api_key); if (debug) - printf ("Verification output (%d): %s\n", ret, ykclient_strerror (ret)); + { + const ykclient_server_response_t *srv_response = ykclient_get_server_response (ykc); + printf ("Response from: %s\n", ykclient_get_last_url (ykc)); + printf ("Verification output (%d): %s\n", ret, ykclient_strerror (ret)); + printf (" otp: %s\n", ykclient_server_response_get (srv_response, "otp")); + printf (" nonce: %s\n", ykclient_server_response_get (srv_response, "nonce")); + printf (" t: %s\n", ykclient_server_response_get (srv_response, "t")); + printf (" timestamp: %s\n", ykclient_server_response_get (srv_response, "timestamp")); + printf (" sessioncounter: %s\n", ykclient_server_response_get (srv_response, "sessioncounter")); + printf (" sessionuse: %s\n", ykclient_server_response_get (srv_response, "sessionuse")); + printf (" sl: %s\n", ykclient_server_response_get (srv_response, "sl")); + printf (" status: %s\n", ykclient_server_response_get (srv_response, "status")); + } + + ykclient_done(&ykc); if (ret == YKCLIENT_REPLAYED_OTP) return 2; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/ykclient.1 new/ykclient-2.15/ykclient.1 --- old/ykclient-2.14/ykclient.1 2015-03-05 13:54:21.000000000 +0100 +++ new/ykclient-2.15/ykclient.1 2015-11-12 09:33:28.000000000 +0100 @@ -1,10 +1,10 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.44.1. -.TH YKCLIENT "1" "March 2015" "ykclient 2.14" "User Commands" +.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.2. +.TH YKCLIENT "1" "November 2015" "ykclient 2.15" "User Commands" .SH NAME ykclient \- YubiCloud One-Time-Password Validation Client .SH SYNOPSIS .B ykclient -[\fIOPTION\fR]... \fICLIENTID YUBIKEYOTP\fR +[\fI\,OPTION\/\fR]... \fI\,CLIENTID YUBIKEYOTP\/\fR .SH DESCRIPTION Validate the YUBIKEYOTP one\-time\-password against the YubiCloud using CLIENTID as the client identifier. @@ -28,8 +28,16 @@ Path to directory containing Certificate Authoritity, e.g., "/usr/local/etc/CERTS" .TP +\fB\-\-cai\fR CAFILE +Path to a file holding one or more certificated to +verify the peer with +.TP \fB\-\-apikey\fR Key API key for HMAC validation of request/response +.TP +\fB\-\-proxy\fR ip:port +Connect to validation service through a proxy, +e.g., "socks5h://user:pass@127.0.0.1:1080" .PP Exit status is 0 on success, 1 if there is a hard failure, 2 if the OTP was replayed, 3 for other soft OTP\-related failures. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/ykclient.c new/ykclient-2.15/ykclient.c --- old/ykclient-2.14/ykclient.c 2015-02-20 09:10:56.000000000 +0100 +++ new/ykclient-2.15/ykclient.c 2015-11-11 12:57:54.000000000 +0100 @@ -52,6 +52,7 @@ #define ADD_OTP "&otp=" #define ADD_HASH "&h=" #define ADD_ID "?id=" +#define ADD_TS "&timestamp=1" #define TEMPLATE_FORMAT_OLD 1 #define TEMPLATE_FORMAT_NEW 2 @@ -60,6 +61,7 @@ { const char *ca_path; const char *ca_info; + const char *proxy; size_t num_templates; char **url_templates; int template_format; @@ -71,6 +73,7 @@ char *nonce; char nonce_supplied; int verify_signature; + ykclient_server_response_t *srv_response; }; struct curl_data @@ -152,6 +155,7 @@ p->ca_path = NULL; p->ca_info = NULL; + p->proxy = NULL; p->key = NULL; p->keylen = 0; @@ -162,6 +166,8 @@ p->nonce = NULL; p->nonce_supplied = 0; + p->srv_response = NULL; + /* * Verification of server signature can only be done if there is * an API key provided @@ -202,6 +208,11 @@ free ((*ykc)->url_templates); } + if ((*ykc)->srv_response) + { + ykclient_server_response_free((*ykc)->srv_response); + } + free ((*ykc)->key_buf); free (*ykc); } @@ -320,6 +331,17 @@ curl_easy_setopt (easy, CURLOPT_CAINFO, ykc->ca_info); } + if (ykc->proxy) + { + /* + * The proxy string may be prefixed with [scheme]://ip:port to specify which kind of proxy is used. + * Valid choices are: socks4://, socks4a://, socks5:// or socks5h:// + * Use socks5h to ask the proxy to do the dns resolving. + * If no scheme or port is specified HTTP proxy port 1080 will be used. + */ + curl_easy_setopt (easy, CURLOPT_PROXY, ykc->proxy); + } + curl_easy_setopt (easy, CURLOPT_WRITEDATA, (void *) data); curl_easy_setopt (easy, CURLOPT_PRIVATE, (void *) data); curl_easy_setopt (easy, CURLOPT_WRITEFUNCTION, curl_callback); @@ -329,6 +351,11 @@ p->easy[p->num_easy] = easy; } + if(p->num_easy == 0) { + ykclient_handle_done (&p); + return YKCLIENT_BAD_INPUT; + } + /* Take this opportunity to allocate the array for expanded URLs */ p->url_exp = malloc (sizeof (char *) * p->num_easy); if (!p->url_exp) @@ -562,6 +589,17 @@ ykc->ca_info = ca_info; } +/** Set the proxy + * + * Must be called before creating handles. + */ +void +ykclient_set_proxy (ykclient_t * ykc, const char *proxy) +{ + ykc->proxy = proxy; +} + + /** Set a single URL template * * @param ykc Yubikey client configuration. @@ -838,7 +876,7 @@ { size_t len = strlen (template) + strlen (encoded_otp) + strlen (ADD_OTP) + - strlen (ADD_ID) + 1; + strlen (ADD_ID) + strlen(ADD_TS) + 1; len += snprintf (NULL, 0, "%d", client_id); if (nonce) @@ -854,12 +892,12 @@ if (nonce) { - snprintf (*url_exp, len, "%s" ADD_ID "%d" ADD_NONCE "%s" ADD_OTP "%s", + snprintf (*url_exp, len, "%s" ADD_ID "%d" ADD_NONCE "%s" ADD_OTP "%s" ADD_TS, template, client_id, nonce, encoded_otp); } else { - snprintf (*url_exp, len, "%s" ADD_ID "%d" ADD_OTP "%s", template, + snprintf (*url_exp, len, "%s" ADD_ID "%d" ADD_OTP "%s" ADD_TS, template, client_id, encoded_otp); } return YKCLIENT_OK; @@ -1162,7 +1200,6 @@ { ykclient_rc out = YKCLIENT_OK; int requests; - ykclient_server_response_t *srv_response = NULL; if (!ykc->num_templates) { @@ -1268,22 +1305,27 @@ curl_easy_getinfo (curl_easy, CURLINFO_EFFECTIVE_URL, &url_used); strncpy (ykc->last_url, url_used, sizeof (ykc->last_url)); - srv_response = ykclient_server_response_init (); - if (srv_response == NULL) + if(ykc->srv_response) + { + ykclient_server_response_free (ykc->srv_response); + } + + ykc->srv_response = ykclient_server_response_init (); + if (ykc->srv_response == NULL) { out = YKCLIENT_PARSE_ERROR; goto finish; } out = ykclient_server_response_parse (data->curl_chunk, - srv_response); + ykc->srv_response); if (out != YKCLIENT_OK) { goto finish; } if (ykc->verify_signature != 0 && - ykclient_server_response_verify_signature (srv_response, + ykclient_server_response_verify_signature (ykc->srv_response, ykc->key, ykc->keylen)) { @@ -1291,7 +1333,7 @@ goto finish; } - status = ykclient_server_response_get (srv_response, "status"); + status = ykclient_server_response_get (ykc->srv_response, "status"); if (!status) { out = YKCLIENT_PARSE_ERROR; @@ -1314,7 +1356,7 @@ if (nonce) { char *server_nonce = - ykclient_server_response_get (srv_response, + ykclient_server_response_get (ykc->srv_response, "nonce"); if (server_nonce == NULL || strcmp (nonce, server_nonce)) { @@ -1323,7 +1365,7 @@ } } - server_otp = ykclient_server_response_get (srv_response, "otp"); + server_otp = ykclient_server_response_get (ykc->srv_response, "otp"); if (server_otp == NULL || strcmp (yubikey, server_otp)) { out = YKCLIENT_HMAC_ERROR; @@ -1337,17 +1379,12 @@ goto finish; } - ykclient_server_response_free (srv_response); - srv_response = NULL; + ykclient_server_response_free (ykc->srv_response); + ykc->srv_response = NULL; } } while (requests); finish: - if (srv_response) - { - ykclient_server_response_free (srv_response); - } - return out; } @@ -1506,3 +1543,11 @@ yubikey_otp, client_id, hexkey, 0, NULL, NULL); } + +/** + * Fetch out server response of last query + */ +const ykclient_server_response_t * +ykclient_get_server_response(ykclient_t *ykc) { + return ykc->srv_response; +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/ykclient.h new/ykclient-2.15/ykclient.h --- old/ykclient-2.14/ykclient.h 2015-02-20 09:09:55.000000000 +0100 +++ new/ykclient-2.15/ykclient.h 2015-11-11 12:54:55.000000000 +0100 @@ -38,6 +38,7 @@ #include <ykclient_errors.h> #include <ykclient_version.h> +#include <ykclient_server_response.h> #ifdef __cplusplus extern "C" @@ -96,6 +97,8 @@ extern void ykclient_set_ca_info (ykclient_t * ykc, const char *ca_info); + extern void ykclient_set_proxy (ykclient_t * ykc, const char *proxy); + /* * Set the nonce. A default nonce is generated in ykclient_init(), but * if you either want to specify your own nonce, or want to remove the @@ -129,6 +132,8 @@ const char **urls, const char *api_key); +/* Fetch out the server response form the last query */ + extern const ykclient_server_response_t *ykclient_get_server_response(ykclient_t *ykc); #ifdef __cplusplus } #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/ykclient-2.14/ykclient_version.h new/ykclient-2.15/ykclient_version.h --- old/ykclient-2.14/ykclient_version.h 2015-02-20 09:11:16.000000000 +0100 +++ new/ykclient-2.15/ykclient_version.h 2015-11-12 09:33:10.000000000 +0100 @@ -42,7 +42,7 @@ * version number. Used together with ykclient_check_version() to * verify header file and run-time library consistency. */ -#define YKCLIENT_VERSION_STRING "2.14" +#define YKCLIENT_VERSION_STRING "2.15" /** * YKCLIENT_VERSION_NUMBER @@ -52,7 +52,7 @@ * this symbol will have the value 0x01020300. The last two digits * are only used between public releases, and will otherwise be 00. */ -#define YKCLIENT_VERSION_NUMBER 0x020e00 +#define YKCLIENT_VERSION_NUMBER 0x020f00 /** * YKCLIENT_VERSION_MAJOR @@ -70,7 +70,7 @@ * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 2. */ -#define YKCLIENT_VERSION_MINOR 14 +#define YKCLIENT_VERSION_MINOR 15 /** * YKCLIENT_VERSION_PATCH

1 0

commit yubico-piv-tool for openSUSE:Factory
by root＠hilbert.suse.de 02 Jun '16

02 Jun '16

Hello community, here is the log from the commit of package yubico-piv-tool for openSUSE:Factory checked in at 2016-06-02 09:36:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yubico-piv-tool (Old) and /work/SRC/openSUSE:Factory/.yubico-piv-tool.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yubico-piv-tool" Changes: -------- --- /work/SRC/openSUSE:Factory/yubico-piv-tool/yubico-piv-tool.changes 2016-04-28 17:02:01.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yubico-piv-tool.new/yubico-piv-tool.changes 2016-06-02 09:36:42.000000000 +0200 @@ -1,0 +2,12 @@ +Tue May 17 14:55:42 UTC 2016 - t.gruner(a)katodev.de + +- Version 1.4.0 (released 2016-05-03) + - Add attest action When used on a slot with a generated key, + outputs a signed x509 certificate for that slot showing that + the key was generated in hardware. Available in firmware 4.3.0 and newer. + - Add cached parameter for touch-policy With cached, the touch is valid + for an additional 15s. Available in firmware 4.3.0 and newer. + - Enforce a minimum PIN length of 6 characters. + - Fix a bug with list-readers action where it fell through processing into write-object. + +------------------------------------------------------------------- Old: ---- yubico-piv-tool-1.3.1.tar.gz yubico-piv-tool-1.3.1.tar.gz.sig New: ---- yubico-piv-tool-1.4.0.tar.gz yubico-piv-tool-1.4.0.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yubico-piv-tool.spec ++++++ --- /var/tmp/diff_new_pack.iw0lpa/_old 2016-06-02 09:36:44.000000000 +0200 +++ /var/tmp/diff_new_pack.iw0lpa/_new 2016-06-02 09:36:44.000000000 +0200 @@ -18,7 +18,7 @@ %define soname 1 Name: yubico-piv-tool -Version: 1.3.1 +Version: 1.4.0 Release: 0 Summary: Yubico YubiKey NEO CCID Manager License: BSD-2-Clause @@ -102,12 +102,12 @@ %files -n libykpiv%{soname} %defattr(-,root,root) %{_libdir}/libykpiv.so.%{soname} -%{_libdir}/libykpiv.so.%{soname}.3.1 +%{_libdir}/libykpiv.so.%{soname}.3.2 %files -n libykcs11-%{soname} %defattr(-,root,root) %{_libdir}/libykcs11.so.%{soname} -%{_libdir}/libykcs11.so.%{soname}.3.1 +%{_libdir}/libykcs11.so.%{soname}.3.2 %files -n libykpiv-devel %defattr(-,root,root) ++++++ yubico-piv-tool-1.3.1.tar.gz -> yubico-piv-tool-1.4.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/ChangeLog new/yubico-piv-tool-1.4.0/ChangeLog --- old/yubico-piv-tool-1.3.1/ChangeLog 2016-04-19 07:39:52.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/ChangeLog 2016-05-03 09:43:07.000000000 +0200 @@ -1,3 +1,43 @@ +2016-05-03 Klas Lindfors <klas(a)yubico.com> + + * NEWS, configure.ac: release 1.4.0 + +2016-05-03 Klas Lindfors <klas(a)yubico.com> + + * Makefile.am: add attest doc to dist + +2016-05-03 Klas Lindfors <klas(a)yubico.com> + + * mac.mk, windows.mk: bump openssl to 1.0.2g + +2016-05-03 Klas Lindfors <klas(a)yubico.com> + + * : commit b1139a516b5a2d9e97ac7cbf8a63f0131b4623df Author: Klas + Lindfors <klas(a)yubico.com> Date: Fri Apr 22 09:41:41 2016 +0200 + +2016-04-19 Klas Lindfors <klas(a)yubico.com> + + * doc/YubiKey_PIV_introduction.adoc: change examples to be with 6 + digit pins + +2016-04-19 Klas Lindfors <klas(a)yubico.com> + + * tool/yubico-piv-tool.c: enforce minimum 6 digits of pin when + changing in the tool + +2016-04-19 Klas Lindfors <klas(a)yubico.com> + + * tool/yubico-piv-tool.c: error isn't an iso error, run + ykpiv_strerror() on it + +2016-04-19 Klas Lindfors <klas(a)yubico.com> + + * .gitignore: ignore more + +2016-04-19 Klas Lindfors <klas(a)yubico.com> + + * NEWS, configure.ac: bump version + 2016-04-19 Klas Lindfors <klas(a)yubico.com> * NEWS: NEWS for 1.3.1 @@ -8,6 +48,10 @@ 2016-03-31 Klas Lindfors <klas(a)yubico.com> + * doc/Attestation.adoc: add some documentation for attestation + +2016-03-31 Klas Lindfors <klas(a)yubico.com> + * tool/cmdline.ggo: change wording in help text authentication key -> management key 2016-03-23 Klas Lindfors <klas(a)yubico.com> @@ -23,9 +67,28 @@ * mac.mk, windows.mk: newer openssl for windows and mac -2016-02-19 Klas Lindfors <klas(a)yubico.com> +2016-03-17 Klas Lindfors <klas(a)yubico.com> + + * lib/ykpiv.c: add ykpiv touchpolicy to ykpiv + +2016-03-17 Klas Lindfors <klas(a)yubico.com> + + * lib/ykpiv.c, lib/ykpiv.h: add YKPIV_KEY_ATTESTATION to + ykpiv_import_key() - * mac.mk, windows.mk: bump openssl to 1.0.1r +2016-03-17 Klas Lindfors <klas(a)yubico.com> + + * lib/ykpiv.h, tool/cmdline.ggo, tool/util.c: add touch-policy + cached + +2016-03-17 Klas Lindfors <klas(a)yubico.com> + + * tool/yubico-piv-tool.c: actually open output_file in attest() + +2016-03-10 Klas Lindfors <klas(a)yubico.com> + + * : commit d52b8bd3efb179f20b5ee5f3bc36c05a6ec29fc7 Author: Klas + Lindfors <klas(a)yubico.com> Date: Fri Feb 19 12:40:23 2016 +0100 2016-02-19 Klas Lindfors <klas(a)yubico.com> @@ -508,6 +571,16 @@ * : Merge pull request #36 from akgood/master Use @loader_path rather than @executable_path for OS X dylib paths +2015-11-18 Klas Lindfors <klas(a)yubico.com> + + * lib/ykpiv.h, tool/cmdline.ggo, tool/yubico-piv-tool.c: add attest + action + +2015-11-18 Klas Lindfors <klas(a)yubico.com> + + * lib/ykpiv.h, tool/cmdline.ggo, tool/util.c: add f9 slot for + attestation + 2015-11-16 Adam Goodman <akgood(a)duosecurity.com> * mac.mk: YKCS11: On OS X, use @loader_path rather than diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/Makefile.am new/yubico-piv-tool-1.4.0/Makefile.am --- old/yubico-piv-tool-1.3.1/Makefile.am 2016-03-10 15:29:26.000000000 +0100 +++ new/yubico-piv-tool-1.4.0/Makefile.am 2016-05-03 09:42:56.000000000 +0200 @@ -31,7 +31,7 @@ EXTRA_DIST = windows.mk mac.mk tool/tests/basic.sh tools/fasc.pl -EXTRA_DIST += doc/Android_code_signing.adoc doc/Certificate_Authority.adoc doc/OS_X_code_signing.adoc doc/SSH_with_PIV_and_PKCS11.adoc doc/Windows_certificate.adoc doc/YKCS11_release_notes.adoc doc/YubiKey_PIV_introduction.adoc +EXTRA_DIST += doc/Android_code_signing.adoc doc/Attestation.adoc doc/Certificate_Authority.adoc doc/OS_X_code_signing.adoc doc/SSH_with_PIV_and_PKCS11.adoc doc/Windows_certificate.adoc doc/YKCS11_release_notes.adoc doc/YubiKey_PIV_introduction.adoc if ENABLE_COV diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/Makefile.in new/yubico-piv-tool-1.4.0/Makefile.in --- old/yubico-piv-tool-1.3.1/Makefile.in 2016-03-21 08:14:22.000000000 +0100 +++ new/yubico-piv-tool-1.4.0/Makefile.in 2016-05-03 09:43:03.000000000 +0200 @@ -382,9 +382,10 @@ SUBDIRS = lib tool ykcs11 ACLOCAL_AMFLAGS = -I m4 EXTRA_DIST = windows.mk mac.mk tool/tests/basic.sh tools/fasc.pl \ - doc/Android_code_signing.adoc doc/Certificate_Authority.adoc \ - doc/OS_X_code_signing.adoc doc/SSH_with_PIV_and_PKCS11.adoc \ - doc/Windows_certificate.adoc doc/YKCS11_release_notes.adoc \ + doc/Android_code_signing.adoc doc/Attestation.adoc \ + doc/Certificate_Authority.adoc doc/OS_X_code_signing.adoc \ + doc/SSH_with_PIV_and_PKCS11.adoc doc/Windows_certificate.adoc \ + doc/YKCS11_release_notes.adoc \ doc/YubiKey_PIV_introduction.adoc all: all-recursive diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/NEWS new/yubico-piv-tool-1.4.0/NEWS --- old/yubico-piv-tool-1.3.1/NEWS 2016-04-19 07:39:07.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/NEWS 2016-05-03 09:42:56.000000000 +0200 @@ -1,5 +1,21 @@ yubico-piv-tool NEWS -- History of user-visible changes. -*- outline -*- +* Version 1.4.0 (released 2016-05-03) + +** Add attest action +Will when used on a slot with a generated key output a signed x509 certificate +for that slot showing that the key was generated in hardware. Available in +firmware 4.3.0 and newer. + +** Add touch-policy cached +Will treat the touch as valid for additional usage for 15s when used. Available +in firmware 4.3.0 and newer. + +** Enforce a minimum PIN length of 6 characters. + +** Fix a bug with list-readers action where it fell through processing into +write-object. + * Version 1.3.1 (released 2016-04-19) ** Fix a bug where unblock pin would instead change puk, introduced in 1.3.0. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/configure new/yubico-piv-tool-1.4.0/configure --- old/yubico-piv-tool-1.3.1/configure 2016-03-21 08:14:22.000000000 +0100 +++ new/yubico-piv-tool-1.4.0/configure 2016-05-03 09:43:03.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for yubico-piv-tool 1.3.1. +# Generated by GNU Autoconf 2.69 for yubico-piv-tool 1.4.0. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ # Identity of this package. PACKAGE_NAME='yubico-piv-tool' PACKAGE_TARNAME='yubico-piv-tool' -PACKAGE_VERSION='1.3.1' -PACKAGE_STRING='yubico-piv-tool 1.3.1' +PACKAGE_VERSION='1.4.0' +PACKAGE_STRING='yubico-piv-tool 1.4.0' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1350,7 +1350,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures yubico-piv-tool 1.3.1 to adapt to many kinds of systems. +\`configure' configures yubico-piv-tool 1.4.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1420,7 +1420,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of yubico-piv-tool 1.3.1:";; + short | recursive ) echo "Configuration of yubico-piv-tool 1.4.0:";; esac cat <<\_ACEOF @@ -1544,7 +1544,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -yubico-piv-tool configure 1.3.1 +yubico-piv-tool configure 1.4.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1909,7 +1909,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by yubico-piv-tool $as_me 1.3.1, which was +It was created by yubico-piv-tool $as_me 1.4.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2294,7 +2294,7 @@ # Interfaces removed: AGE=0 LT_CURRENT=4 -LT_REVISION=1 +LT_REVISION=2 LT_AGE=3 @@ -2785,7 +2785,7 @@ # Define the identity of the package. PACKAGE='yubico-piv-tool' - VERSION='1.3.1' + VERSION='1.4.0' cat >>confdefs.h <<_ACEOF @@ -13631,7 +13631,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by yubico-piv-tool $as_me 1.3.1, which was +This file was extended by yubico-piv-tool $as_me 1.4.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -13688,7 +13688,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -yubico-piv-tool config.status 1.3.1 +yubico-piv-tool config.status 1.4.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/configure.ac new/yubico-piv-tool-1.4.0/configure.ac --- old/yubico-piv-tool-1.3.1/configure.ac 2016-03-21 08:14:17.000000000 +0100 +++ new/yubico-piv-tool-1.4.0/configure.ac 2016-05-03 09:42:56.000000000 +0200 @@ -26,7 +26,7 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -AC_INIT([yubico-piv-tool], [1.3.1]) +AC_INIT([yubico-piv-tool], [1.4.0]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIR([m4]) @@ -35,7 +35,7 @@ # Interfaces added: AGE++ # Interfaces removed: AGE=0 AC_SUBST([LT_CURRENT], 4) -AC_SUBST([LT_REVISION], 1) +AC_SUBST([LT_REVISION], 2) AC_SUBST([LT_AGE], 3) AM_INIT_AUTOMAKE([-Wall -Werror foreign]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/doc/Attestation.adoc new/yubico-piv-tool-1.4.0/doc/Attestation.adoc --- old/yubico-piv-tool-1.3.1/doc/Attestation.adoc 1970-01-01 01:00:00.000000000 +0100 +++ new/yubico-piv-tool-1.4.0/doc/Attestation.adoc 2016-05-03 09:31:21.000000000 +0200 @@ -0,0 +1,20 @@ +Using Attestation +----------------- + +Attestation works through a special key slot called “f9” this comes +pre-loaded from factory with a key and cert signed by Yubico, but can be +overwritten. +After a key has been generated in a normal slot it can be attested by this +special key, this can be realised by using the yubico-piv-tool action attest: + + $ yubico-piv-tool --action=generate --slot=9a + ... + $ yubico-piv-tool --action=attest --slot=9a + +The output of this is a PEM encoded certificate, signed by the key in slot f9. There are a couple of special extensions on this certificate: + +* +1.3.6.1.4.1.41482.3.3+: Firmware version, encoded as 3 bytes, like: 040300 for 4.3.0 +* +1.3.6.1.4.1.41482.3.7+: Serial number, encoded as an integer. +* +1.3.6.1.4.1.41482.3.8+: Two bytes, the first encoding pin policy and the second touch policy +** Pin policy: 01 - never, 02 - once per session, 03 - always +** Touch policy: 01 - never, 02 - always, 03 - cached for 15s diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/doc/YubiKey_PIV_introduction.adoc new/yubico-piv-tool-1.4.0/doc/YubiKey_PIV_introduction.adoc --- old/yubico-piv-tool-1.3.1/doc/YubiKey_PIV_introduction.adoc 2016-03-10 15:29:16.000000000 +0100 +++ new/yubico-piv-tool-1.4.0/doc/YubiKey_PIV_introduction.adoc 2016-04-19 14:23:00.000000000 +0200 @@ -67,14 +67,14 @@ of times -- you need to modify this if you have changed the default number of PIN/PUK retries). - yubico-piv-tool -a verify-pin -P 4711 - yubico-piv-tool -a verify-pin -P 4711 - yubico-piv-tool -a verify-pin -P 4711 - yubico-piv-tool -a verify-pin -P 4711 - yubico-piv-tool -a change-puk -P 4711 -N 67567 - yubico-piv-tool -a change-puk -P 4711 -N 67567 - yubico-piv-tool -a change-puk -P 4711 -N 67567 - yubico-piv-tool -a change-puk -P 4711 -N 67567 + yubico-piv-tool -a verify-pin -P 471112 + yubico-piv-tool -a verify-pin -P 471112 + yubico-piv-tool -a verify-pin -P 471112 + yubico-piv-tool -a verify-pin -P 471112 + yubico-piv-tool -a change-puk -P 471112 -N 6756789 + yubico-piv-tool -a change-puk -P 471112 -N 6756789 + yubico-piv-tool -a change-puk -P 471112 -N 6756789 + yubico-piv-tool -a change-puk -P 471112 -N 6756789 yubico-piv-tool -a reset Software diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/lib/ykpiv-version.h new/yubico-piv-tool-1.4.0/lib/ykpiv-version.h --- old/yubico-piv-tool-1.3.1/lib/ykpiv-version.h 2016-03-21 08:14:27.000000000 +0100 +++ new/yubico-piv-tool-1.4.0/lib/ykpiv-version.h 2016-05-03 09:43:06.000000000 +0200 @@ -43,7 +43,7 @@ * version number. Used together with ykneomgr_check_version() to verify * header file and run-time library consistency. */ -#define YKPIV_VERSION_STRING "1.3.1" +#define YKPIV_VERSION_STRING "1.4.0" /** * YKPIV_VERSION_NUMBER @@ -53,7 +53,7 @@ * this symbol will have the value 0x01020300. The last two digits * are only used between public releases, and will otherwise be 00. */ -#define YKPIV_VERSION_NUMBER 0x010301 +#define YKPIV_VERSION_NUMBER 0x010400 /** * YKPIV_VERSION_MAJOR @@ -71,7 +71,7 @@ * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 2. */ -#define YKPIV_VERSION_MINOR 3 +#define YKPIV_VERSION_MINOR 4 /** * YKPIV_VERSION_PATCH @@ -80,7 +80,7 @@ * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 3. */ -#define YKPIV_VERSION_PATCH 1 +#define YKPIV_VERSION_PATCH 0 const char *ykpiv_check_version (const char *req_version); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/lib/ykpiv.c new/yubico-piv-tool-1.4.0/lib/ykpiv.c --- old/yubico-piv-tool-1.3.1/lib/ykpiv.c 2016-04-18 22:03:38.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/lib/ykpiv.c 2016-05-03 09:31:21.000000000 +0200 @@ -873,7 +873,7 @@ if (key == YKPIV_KEY_CARDMGM || key < YKPIV_KEY_RETIRED1 || (key > YKPIV_KEY_RETIRED20 && key < YKPIV_KEY_AUTHENTICATION) || - key > YKPIV_KEY_CARDAUTH) { + (key > YKPIV_KEY_CARDAUTH && key != YKPIV_KEY_ATTESTATION)) { return YKPIV_KEY_ERROR; } @@ -885,7 +885,8 @@ if (touch_policy != YKPIV_TOUCHPOLICY_DEFAULT && touch_policy != YKPIV_TOUCHPOLICY_NEVER && - touch_policy != YKPIV_TOUCHPOLICY_ALWAYS) + touch_policy != YKPIV_TOUCHPOLICY_ALWAYS && + touch_policy != YKPIV_TOUCHPOLICY_CACHED) return YKPIV_GENERIC_ERROR; if (algorithm == YKPIV_ALGO_RSA1024 || algorithm == YKPIV_ALGO_RSA2048) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/lib/ykpiv.h new/yubico-piv-tool-1.4.0/lib/ykpiv.h --- old/yubico-piv-tool-1.3.1/lib/ykpiv.h 2016-04-18 22:03:38.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/lib/ykpiv.h 2016-05-03 09:31:21.000000000 +0200 @@ -141,6 +141,7 @@ #define YKPIV_KEY_RETIRED18 0x93 #define YKPIV_KEY_RETIRED19 0x94 #define YKPIV_KEY_RETIRED20 0x95 +#define YKPIV_KEY_ATTESTATION 0xf9 #define YKPIV_OBJ_CAPABILITY 0x5fc107 #define YKPIV_OBJ_CHUID 0x5fc102 @@ -177,6 +178,8 @@ #define YKPIV_OBJ_RETIRED19 0x5fc11f #define YKPIV_OBJ_RETIRED20 0x5fc120 +#define YKPIV_OBJ_ATTESTATION 0x5fff01 + #define YKPIV_INS_VERIFY 0x20 #define YKPIV_INS_CHANGE_REFERENCE 0x24 #define YKPIV_INS_RESET_RETRY 0x2c @@ -191,6 +194,7 @@ #define YKPIV_INS_GET_VERSION 0xfd #define YKPIV_INS_RESET 0xfb #define YKPIV_INS_SET_PIN_RETRIES 0xfa +#define YKPIV_INS_ATTEST 0xf9 #define YKPIV_PINPOLICY_TAG 0xaa #define YKPIV_PINPOLICY_DEFAULT 0 @@ -202,6 +206,7 @@ #define YKPIV_TOUCHPOLICY_DEFAULT 0 #define YKPIV_TOUCHPOLICY_NEVER 1 #define YKPIV_TOUCHPOLICY_ALWAYS 2 +#define YKPIV_TOUCHPOLICY_CACHED 3 #define YKPIV_IS_EC(a) ((a == YKPIV_ALGO_ECCP256 || a == YKPIV_ALGO_ECCP384)) #define YKPIV_IS_RSA(a) ((a == YKPIV_ALGO_RSA1024 || a == YKPIV_ALGO_RSA2048)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/mac.mk new/yubico-piv-tool-1.4.0/mac.mk --- old/yubico-piv-tool-1.3.1/mac.mk 2016-04-18 22:03:38.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/mac.mk 2016-05-03 09:33:41.000000000 +0200 @@ -26,7 +26,7 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PACKAGE=yubico-piv-tool -OPENSSLVERSION=1.0.1s +OPENSSLVERSION=1.0.2g CFLAGS="-mmacosx-version-min=10.6" all: usage mac diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/tool/cmdline.c new/yubico-piv-tool-1.4.0/tool/cmdline.c --- old/yubico-piv-tool-1.3.1/tool/cmdline.c 2016-04-18 22:03:40.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/tool/cmdline.c 2016-05-03 09:43:08.000000000 +0200 @@ -40,9 +40,9 @@ " -v, --verbose[=INT] Print more information (default=`0')", " -r, --reader=STRING Only use a matching reader (default=`Yubikey')", " -k, --key[=STRING] Management key to use\n (default=`010203040506070801020304050607080102030405060708')", - " -a, --action=ENUM Action to take (possible values=\"version\",\n \"generate\", \"set-mgm-key\", \"reset\",\n \"pin-retries\", \"import-key\",\n \"import-certificate\", \"set-chuid\",\n \"request-certificate\", \"verify-pin\",\n \"change-pin\", \"change-puk\", \"unblock-pin\",\n \"selfsign-certificate\", \"delete-certificate\",\n \"read-certificate\", \"status\",\n \"test-signature\", \"test-decipher\",\n \"list-readers\", \"set-ccc\", \"write-object\",\n \"read-object\")", + " -a, --action=ENUM Action to take (possible values=\"version\",\n \"generate\", \"set-mgm-key\", \"reset\",\n \"pin-retries\", \"import-key\",\n \"import-certificate\", \"set-chuid\",\n \"request-certificate\", \"verify-pin\",\n \"change-pin\", \"change-puk\", \"unblock-pin\",\n \"selfsign-certificate\", \"delete-certificate\",\n \"read-certificate\", \"status\",\n \"test-signature\", \"test-decipher\",\n \"list-readers\", \"set-ccc\", \"write-object\",\n \"read-object\", \"attest\")", "\n Multiple actions may be given at once and will be executed in order\n for example --action=verify-pin --action=request-certificate\n", - " -s, --slot=ENUM What key slot to operate on (possible\n values=\"9a\", \"9c\", \"9d\", \"9e\", \"82\",\n \"83\", \"84\", \"85\", \"86\", \"87\", \"88\",\n \"89\", \"8a\", \"8b\", \"8c\", \"8d\", \"8e\",\n \"8f\", \"90\", \"91\", \"92\", \"93\", \"94\",\n \"95\")", + " -s, --slot=ENUM What key slot to operate on (possible\n values=\"9a\", \"9c\", \"9d\", \"9e\", \"82\",\n \"83\", \"84\", \"85\", \"86\", \"87\", \"88\",\n \"89\", \"8a\", \"8b\", \"8c\", \"8d\", \"8e\",\n \"8f\", \"90\", \"91\", \"92\", \"93\", \"94\",\n \"95\", \"f9\")", "\n 9a is for PIV Authentication\n 9c is for Digital Signature (PIN always checked)\n 9d is for Key Management\n 9e is for Card Authentication (PIN never checked)\n 82-95 is for Retired Key Management\n", " -A, --algorithm=ENUM What algorithm to use (possible values=\"RSA1024\",\n \"RSA2048\", \"ECCP256\", \"ECCP384\"\n default=`RSA2048')", " -H, --hash=ENUM Hash to use for signatures (possible\n values=\"SHA1\", \"SHA256\", \"SHA384\",\n \"SHA512\" default=`SHA256')", @@ -60,7 +60,7 @@ " -P, --pin=STRING Pin/puk code for verification", " -N, --new-pin=STRING New pin/puk code for changing", " --pin-policy=ENUM Set pin policy for action generate or import-key\n (possible values=\"never\", \"once\", \"always\")", - " --touch-policy=ENUM Set touch policy for action generate, import-key or\n set-mgm-key (possible values=\"never\",\n \"always\")", + " --touch-policy=ENUM Set touch policy for action generate, import-key or\n set-mgm-key (possible values=\"never\",\n \"always\", \"cached\")", " --id=INT Id of object for write/read object", " -f, --format=ENUM Format of data for write/read object (possible\n values=\"hex\", \"base64\", \"binary\"\n default=`hex')", " --sign Sign data (default=off)", @@ -124,13 +124,13 @@ static int cmdline_parser_required2 (struct gengetopt_args_info *args_info, const char *prog_name, const char *additional_error); -const char *cmdline_parser_action_values[] = {"version", "generate", "set-mgm-key", "reset", "pin-retries", "import-key", "import-certificate", "set-chuid", "request-certificate", "verify-pin", "change-pin", "change-puk", "unblock-pin", "selfsign-certificate", "delete-certificate", "read-certificate", "status", "test-signature", "test-decipher", "list-readers", "set-ccc", "write-object", "read-object", 0}; /*< Possible values for action. */ -const char *cmdline_parser_slot_values[] = {"9a", "9c", "9d", "9e", "82", "83", "84", "85", "86", "87", "88", "89", "8a", "8b", "8c", "8d", "8e", "8f", "90", "91", "92", "93", "94", "95", 0}; /*< Possible values for slot. */ +const char *cmdline_parser_action_values[] = {"version", "generate", "set-mgm-key", "reset", "pin-retries", "import-key", "import-certificate", "set-chuid", "request-certificate", "verify-pin", "change-pin", "change-puk", "unblock-pin", "selfsign-certificate", "delete-certificate", "read-certificate", "status", "test-signature", "test-decipher", "list-readers", "set-ccc", "write-object", "read-object", "attest", 0}; /*< Possible values for action. */ +const char *cmdline_parser_slot_values[] = {"9a", "9c", "9d", "9e", "82", "83", "84", "85", "86", "87", "88", "89", "8a", "8b", "8c", "8d", "8e", "8f", "90", "91", "92", "93", "94", "95", "f9", 0}; /*< Possible values for slot. */ const char *cmdline_parser_algorithm_values[] = {"RSA1024", "RSA2048", "ECCP256", "ECCP384", 0}; /*< Possible values for algorithm. */ const char *cmdline_parser_hash_values[] = {"SHA1", "SHA256", "SHA384", "SHA512", 0}; /*< Possible values for hash. */ const char *cmdline_parser_key_format_values[] = {"PEM", "PKCS12", "GZIP", "DER", 0}; /*< Possible values for key-format. */ const char *cmdline_parser_pin_policy_values[] = {"never", "once", "always", 0}; /*< Possible values for pin-policy. */ -const char *cmdline_parser_touch_policy_values[] = {"never", "always", 0}; /*< Possible values for touch-policy. */ +const char *cmdline_parser_touch_policy_values[] = {"never", "always", "cached", 0}; /*< Possible values for touch-policy. */ const char *cmdline_parser_format_values[] = {"hex", "base64", "binary", 0}; /*< Possible values for format. */ static char * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/tool/cmdline.ggo new/yubico-piv-tool-1.4.0/tool/cmdline.ggo --- old/yubico-piv-tool-1.3.1/tool/cmdline.ggo 2016-04-18 22:03:38.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/tool/cmdline.ggo 2016-05-03 09:31:21.000000000 +0200 @@ -33,11 +33,11 @@ "request-certificate","verify-pin","change-pin","change-puk","unblock-pin", "selfsign-certificate","delete-certificate","read-certificate","status", "test-signature","test-decipher","list-readers","set-ccc","write-object", - "read-object" enum multiple + "read-object","attest" enum multiple text " Multiple actions may be given at once and will be executed in order for example --action=verify-pin --action=request-certificate\n" -option "slot" s "What key slot to operate on" values="9a","9c","9d","9e","82","83","84","85","86","87","88","89","8a","8b","8c","8d","8e","8f","90","91","92","93","94","95" enum optional +option "slot" s "What key slot to operate on" values="9a","9c","9d","9e","82","83","84","85","86","87","88","89","8a","8b","8c","8d","8e","8f","90","91","92","93","94","95","f9" enum optional text " 9a is for PIV Authentication 9c is for Digital Signature (PIN always checked) @@ -62,7 +62,7 @@ option "pin" P "Pin/puk code for verification" string optional option "new-pin" N "New pin/puk code for changing" string optional dependon="pin" option "pin-policy" - "Set pin policy for action generate or import-key" values="never","once","always" enum optional -option "touch-policy" - "Set touch policy for action generate, import-key or set-mgm-key" values="never","always" enum optional +option "touch-policy" - "Set touch policy for action generate, import-key or set-mgm-key" values="never","always","cached" enum optional option "id" - "Id of object for write/read object" int optional option "format" f "Format of data for write/read object" values="hex","base64","binary" enum optional default="hex" option "sign" - "Sign data" flag off hidden diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/tool/cmdline.h new/yubico-piv-tool-1.4.0/tool/cmdline.h --- old/yubico-piv-tool-1.3.1/tool/cmdline.h 2016-04-18 22:03:40.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/tool/cmdline.h 2016-05-03 09:43:08.000000000 +0200 @@ -38,13 +38,13 @@ #define CMDLINE_PARSER_VERSION VERSION #endif -enum enum_action { action__NULL = -1, action_arg_version = 0, action_arg_generate, action_arg_setMINUS_mgmMINUS_key, action_arg_reset, action_arg_pinMINUS_retries, action_arg_importMINUS_key, action_arg_importMINUS_certificate, action_arg_setMINUS_chuid, action_arg_requestMINUS_certificate, action_arg_verifyMINUS_pin, action_arg_changeMINUS_pin, action_arg_changeMINUS_puk, action_arg_unblockMINUS_pin, action_arg_selfsignMINUS_certificate, action_arg_deleteMINUS_certificate, action_arg_readMINUS_certificate, action_arg_status, action_arg_testMINUS_signature, action_arg_testMINUS_decipher, action_arg_listMINUS_readers, action_arg_setMINUS_ccc, action_arg_writeMINUS_object, action_arg_readMINUS_object }; -enum enum_slot { slot__NULL = -1, slot_arg_9a = 0, slot_arg_9c, slot_arg_9d, slot_arg_9e, slot_arg_82, slot_arg_83, slot_arg_84, slot_arg_85, slot_arg_86, slot_arg_87, slot_arg_88, slot_arg_89, slot_arg_8a, slot_arg_8b, slot_arg_8c, slot_arg_8d, slot_arg_8e, slot_arg_8f, slot_arg_90, slot_arg_91, slot_arg_92, slot_arg_93, slot_arg_94, slot_arg_95 }; +enum enum_action { action__NULL = -1, action_arg_version = 0, action_arg_generate, action_arg_setMINUS_mgmMINUS_key, action_arg_reset, action_arg_pinMINUS_retries, action_arg_importMINUS_key, action_arg_importMINUS_certificate, action_arg_setMINUS_chuid, action_arg_requestMINUS_certificate, action_arg_verifyMINUS_pin, action_arg_changeMINUS_pin, action_arg_changeMINUS_puk, action_arg_unblockMINUS_pin, action_arg_selfsignMINUS_certificate, action_arg_deleteMINUS_certificate, action_arg_readMINUS_certificate, action_arg_status, action_arg_testMINUS_signature, action_arg_testMINUS_decipher, action_arg_listMINUS_readers, action_arg_setMINUS_ccc, action_arg_writeMINUS_object, action_arg_readMINUS_object, action_arg_attest }; +enum enum_slot { slot__NULL = -1, slot_arg_9a = 0, slot_arg_9c, slot_arg_9d, slot_arg_9e, slot_arg_82, slot_arg_83, slot_arg_84, slot_arg_85, slot_arg_86, slot_arg_87, slot_arg_88, slot_arg_89, slot_arg_8a, slot_arg_8b, slot_arg_8c, slot_arg_8d, slot_arg_8e, slot_arg_8f, slot_arg_90, slot_arg_91, slot_arg_92, slot_arg_93, slot_arg_94, slot_arg_95, slot_arg_f9 }; enum enum_algorithm { algorithm__NULL = -1, algorithm_arg_RSA1024 = 0, algorithm_arg_RSA2048, algorithm_arg_ECCP256, algorithm_arg_ECCP384 }; enum enum_hash { hash__NULL = -1, hash_arg_SHA1 = 0, hash_arg_SHA256, hash_arg_SHA384, hash_arg_SHA512 }; enum enum_key_format { key_format__NULL = -1, key_format_arg_PEM = 0, key_format_arg_PKCS12, key_format_arg_GZIP, key_format_arg_DER }; enum enum_pin_policy { pin_policy__NULL = -1, pin_policy_arg_never = 0, pin_policy_arg_once, pin_policy_arg_always }; -enum enum_touch_policy { touch_policy__NULL = -1, touch_policy_arg_never = 0, touch_policy_arg_always }; +enum enum_touch_policy { touch_policy__NULL = -1, touch_policy_arg_never = 0, touch_policy_arg_always, touch_policy_arg_cached }; enum enum_format { format__NULL = -1, format_arg_hex = 0, format_arg_base64, format_arg_binary }; /** @brief Where the command line options are stored */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/tool/util.c new/yubico-piv-tool-1.4.0/tool/util.c --- old/yubico-piv-tool-1.3.1/tool/util.c 2016-04-18 22:03:38.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/tool/util.c 2016-05-03 09:31:21.000000000 +0200 @@ -330,6 +330,9 @@ case slot_arg_95: object = YKPIV_OBJ_RETIRED20; break; + case slot_arg_f9: + object = YKPIV_OBJ_ATTESTATION; + break; case slot__NULL: default: object = 0; @@ -601,6 +604,8 @@ return YKPIV_TOUCHPOLICY_NEVER; case touch_policy_arg_always: return YKPIV_TOUCHPOLICY_ALWAYS; + case touch_policy_arg_cached: + return YKPIV_TOUCHPOLICY_CACHED; case touch_policy__NULL: default: return 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/tool/yubico-piv-tool.1 new/yubico-piv-tool-1.4.0/tool/yubico-piv-tool.1 --- old/yubico-piv-tool-1.3.1/tool/yubico-piv-tool.1 2016-04-18 22:03:40.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/tool/yubico-piv-tool.1 2016-05-03 09:43:08.000000000 +0200 @@ -1,12 +1,12 @@ .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.2. -.TH YUBICO-PIV-TOOL "1" "April 2016" "yubico-piv-tool 1.3.1" "User Commands" +.TH YUBICO-PIV-TOOL "1" "May 2016" "yubico-piv-tool 1.4.0" "User Commands" .SH NAME yubico-piv-tool \- Yubico PIV tool .SH SYNOPSIS .B yubico-piv-tool [\fI\,OPTIONS\/\fR]... .SH DESCRIPTION -yubico\-piv\-tool 1.3.1 +yubico\-piv\-tool 1.4.0 .TP \fB\-h\fR, \fB\-\-help\fR Print help and exit @@ -38,7 +38,7 @@ "read\-certificate", "status", "test\-signature", "test\-decipher", "list\-readers", "set\-ccc", "write\-object", -"read\-object") +"read\-object", "attest") .IP Multiple actions may be given at once and will be executed in order for example \fB\-\-action\fR=\fI\,verify\-pin\/\fR \fB\-\-action\fR=\fI\,request\-certificate\/\fR @@ -49,7 +49,7 @@ "83", "84", "85", "86", "87", "88", "89", "8a", "8b", "8c", "8d", "8e", "8f", "90", "91", "92", "93", "94", -"95") +"95", "f9") .IP 9a is for PIV Authentication 9c is for Digital Signature (PIN always checked) @@ -118,7 +118,7 @@ \fB\-\-touch\-policy\fR=\fI\,ENUM\/\fR Set touch policy for action generate, import\-key or set\-mgm\-key (possible values="never", -"always") +"always", "cached") .TP \fB\-\-id\fR=\fI\,INT\/\fR Id of object for write/read object diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/tool/yubico-piv-tool.c new/yubico-piv-tool-1.4.0/tool/yubico-piv-tool.c --- old/yubico-piv-tool-1.3.1/tool/yubico-piv-tool.c 2016-04-18 22:03:38.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/tool/yubico-piv-tool.c 2016-05-03 09:31:21.000000000 +0200 @@ -1000,6 +1000,11 @@ return false; } + if(new_len < 6) { + fprintf(stderr, "Minimum 6 digits of PIN supported.\n"); + return false; + } + if(action == action_arg_unblockMINUS_pin) { op = ykpiv_unblock_pin; } @@ -1025,7 +1030,7 @@ return false; default: - fprintf(stderr, "Failed changing/unblocking code, error: %x\n", res); + fprintf(stderr, "Failed changing/unblocking code, error: %s\n", ykpiv_strerror(res)); return false; } } @@ -1646,6 +1651,68 @@ return true; } +static bool attest(ykpiv_state *state, const char *slot, + enum enum_key_format key_format, const char *output_file_name) { + unsigned char data[2048]; + unsigned long len = sizeof(data); + bool ret = false; + X509 *x509 = NULL; + unsigned char templ[] = {0, YKPIV_INS_ATTEST, 0, 0}; + int key; + int sw; + FILE *output_file = open_file(output_file_name, OUTPUT); + if(!output_file) { + return false; + } + + sscanf(slot, "%2x", &key); + templ[2] = key; + + if(key_format != key_format_arg_PEM && key_format != key_format_arg_DER) { + fprintf(stderr, "Only PEM and DER format are supported for attest..\n"); + return false; + } + + if(ykpiv_transfer_data(state, templ, NULL, 0, data, &len, &sw) != YKPIV_OK) { + fprintf(stderr, "Failed to communicate.\n"); + goto attest_out; + } else if(sw != 0x9000) { + fprintf(stderr, "Failed to attest key.\n"); + goto attest_out; + } + + if(data[0] == 0x30) { + if(key_format == key_format_arg_PEM) { + const unsigned char *ptr = data; + int len2 = len; + x509 = X509_new(); + if(!x509) { + fprintf(stderr, "Failed allocating x509 structure.\n"); + goto attest_out; + } + x509 = d2i_X509(NULL, &ptr, len2); + if(!x509) { + fprintf(stderr, "Failed parsing x509 information.\n"); + goto attest_out; + } + PEM_write_X509(output_file, x509); + ret = true; + } else { + fwrite(data, len, 1, output_file); + } + ret = true; + } + +attest_out: + if(output_file != stdout) { + fclose(output_file); + } + if(x509) { + X509_free(x509); + } + return ret; +} + static bool write_object(ykpiv_state *state, int id, const char *input_file_name, int verbosity, enum enum_format format) { bool ret = false; @@ -1748,6 +1815,7 @@ case action_arg_readMINUS_certificate: case action_arg_testMINUS_signature: case action_arg_testMINUS_decipher: + case action_arg_attest: if(args_info.slot_arg == slot__NULL) { fprintf(stderr, "The '%s' action needs a slot (-s) to operate on.\n", cmdline_parser_action_values[action]); @@ -1865,6 +1933,7 @@ case action_arg_testMINUS_signature: case action_arg_testMINUS_decipher: case action_arg_listMINUS_readers: + case action_arg_attest: case action_arg_readMINUS_object: case action__NULL: default: @@ -2042,6 +2111,7 @@ if(list_readers(state) == false) { ret = EXIT_FAILURE; } + break; case action_arg_writeMINUS_object: if(write_object(state, args_info.id_arg, args_info.input_arg, verbosity, args_info.format_arg) == false) { @@ -2054,6 +2124,12 @@ ret = EXIT_FAILURE; } break; + case action_arg_attest: + if(attest(state, args_info.slot_orig, args_info.key_format_arg, + args_info.output_arg) == false) { + ret = EXIT_FAILURE; + } + break; case action__NULL: default: fprintf(stderr, "Wrong action. %d.\n", action); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/windows.mk new/yubico-piv-tool-1.4.0/windows.mk --- old/yubico-piv-tool-1.3.1/windows.mk 2016-04-18 22:03:38.000000000 +0200 +++ new/yubico-piv-tool-1.4.0/windows.mk 2016-05-03 09:33:41.000000000 +0200 @@ -26,7 +26,7 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PACKAGE=yubico-piv-tool -OPENSSLVERSION=1.0.1s +OPENSSLVERSION=1.0.2g all: usage 32bit 64bit diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yubico-piv-tool-1.3.1/ykcs11/ykcs11-version.h new/yubico-piv-tool-1.4.0/ykcs11/ykcs11-version.h --- old/yubico-piv-tool-1.3.1/ykcs11/ykcs11-version.h 2016-03-21 08:14:27.000000000 +0100 +++ new/yubico-piv-tool-1.4.0/ykcs11/ykcs11-version.h 2016-05-03 09:43:06.000000000 +0200 @@ -42,7 +42,7 @@ * version number. Used together with ykneomgr_check_version() to verify * header file and run-time library consistency. */ -#define YKCS11_VERSION_STRING "1.3.1" +#define YKCS11_VERSION_STRING "1.4.0" /** * YKCS11_VERSION_NUMBER @@ -52,7 +52,7 @@ * this symbol will have the value 0x01020300. The last two digits * are only used between public releases, and will otherwise be 00. */ -#define YKCS11_VERSION_NUMBER 0x010301 +#define YKCS11_VERSION_NUMBER 0x010400 /** * YKCS11_VERSION_MAJOR @@ -70,7 +70,7 @@ * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 2. */ -#define YKCS11_VERSION_MINOR 3 +#define YKCS11_VERSION_MINOR 4 /** * YKCS11_VERSION_PATCH @@ -79,7 +79,7 @@ * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 3. */ -#define YKCS11_VERSION_PATCH 1 +#define YKCS11_VERSION_PATCH 0 const char *ykcs11_check_version (const char *req_version);

1 0