Hello community,
here is the log from the commit of package python-acme for openSUSE:Factory checked in at 2019-02-11 21:26:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-acme (Old)
and /work/SRC/openSUSE:Factory/.python-acme.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-acme"
Mon Feb 11 21:26:14 2019 rev:27 rq:673115 version:0.31.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-acme/python-acme.changes 2019-02-02 21:48:48.980003321 +0100
+++ /work/SRC/openSUSE:Factory/.python-acme.new.28833/python-acme.changes 2019-02-11 21:26:17.327051369 +0100
@@ -1,0 +2,15 @@
+Fri Feb 8 10:27:51 UTC 2019 - Marketa Calabkova
+
+- update to 0.31.0
+ * Support for initiating (but not solving end-to-end) TLS-ALPN-01
+ challenges with the acme module.
+ * Fixed accessing josepy contents through acme.jose when the full
+ acme.jose path is used.
+ * Added the update_account subcommand for account management commands.
+
+-------------------------------------------------------------------
+Tue Jan 29 12:02:18 UTC 2019 - Tomáš Chvátal
+
+- Drop pytest-xdist dependency as it is not really needed
+
+-------------------------------------------------------------------
Old:
----
acme-0.30.2.tar.gz
acme-0.30.2.tar.gz.asc
New:
----
acme-0.31.0.tar.gz
acme-0.31.0.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-acme.spec ++++++
--- /var/tmp/diff_new_pack.QQH9Fg/_old 2019-02-11 21:26:18.223050886 +0100
+++ /var/tmp/diff_new_pack.QQH9Fg/_new 2019-02-11 21:26:18.239050877 +0100
@@ -19,7 +19,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%define libname acme
Name: python-%{libname}
-Version: 0.30.2
+Version: 0.31.0
Release: 0
Summary: Python library for the ACME protocol
License: Apache-2.0
@@ -34,7 +34,6 @@
BuildRequires: %{python_module mock}
BuildRequires: %{python_module pyOpenSSL >= 0.13}
BuildRequires: %{python_module pyRFC3339}
-BuildRequires: %{python_module pytest-xdist}
BuildRequires: %{python_module pytest}
BuildRequires: %{python_module pytz}
BuildRequires: %{python_module requests >= 2.4.1}
++++++ acme-0.30.2.tar.gz -> acme-0.31.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/PKG-INFO new/acme-0.31.0/PKG-INFO
--- old/acme-0.30.2/PKG-INFO 2019-01-25 21:15:55.000000000 +0100
+++ new/acme-0.31.0/PKG-INFO 2019-02-07 22:20:40.000000000 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: acme
-Version: 0.30.2
+Version: 0.31.0
Summary: ACME protocol implementation in Python
Home-page: https://github.com/letsencrypt/letsencrypt
Author: Certbot Project
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/__init__.py new/acme-0.31.0/acme/__init__.py
--- old/acme-0.30.2/acme/__init__.py 2019-01-25 21:15:41.000000000 +0100
+++ new/acme-0.31.0/acme/__init__.py 2019-02-07 22:20:29.000000000 +0100
@@ -1,25 +1,20 @@
"""ACME protocol implementation.
-This module is an implementation of the `ACME protocol`_. Latest
-supported version: `draft-ietf-acme-01`_.
-
+This module is an implementation of the `ACME protocol`_.
.. _`ACME protocol`: https://ietf-wg-acme.github.io/acme
-.. _`draft-ietf-acme-01`:
- https://github.com/ietf-wg-acme/acme/tree/draft-ietf-acme-acme-01
-
"""
import sys
-import josepy
-
# This code exists to keep backwards compatibility with people using acme.jose
# before it became the standalone josepy package.
#
# It is based on
# https://github.com/requests/requests/blob/1278ecdf71a312dc2268f3bfc0aabfab3c...
+import josepy as jose
+
for mod in list(sys.modules):
# This traversal is apparently necessary such that the identities are
# preserved (acme.jose.* is josepy.*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/challenges.py new/acme-0.31.0/acme/challenges.py
--- old/acme-0.30.2/acme/challenges.py 2019-01-25 21:15:41.000000000 +0100
+++ new/acme-0.31.0/acme/challenges.py 2019-02-07 22:20:29.000000000 +0100
@@ -513,6 +513,17 @@
return self.response(account_key).gen_cert(key=kwargs.get('cert_key'))
+@ChallengeResponse.register
+class TLSALPN01Response(KeyAuthorizationChallengeResponse):
+ """ACME TLS-ALPN-01 challenge response.
+
+ This class only allows initiating a TLS-ALPN-01 challenge returned from the
+ CA. Full support for responding to TLS-ALPN-01 challenges by generating and
+ serving the expected response certificate is not currently provided.
+ """
+ typ = "tls-alpn-01"
+
+
@Challenge.register # pylint: disable=too-many-ancestors
class TLSALPN01(KeyAuthorizationChallenge):
"""ACME tls-alpn-01 challenge.
@@ -522,6 +533,7 @@
"""
typ = "tls-alpn-01"
+ response_cls = TLSALPN01Response
def validation(self, account_key, **kwargs):
"""Generate validation for the challenge."""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/challenges_test.py new/acme-0.31.0/acme/challenges_test.py
--- old/acme-0.30.2/acme/challenges_test.py 2019-01-25 21:15:41.000000000 +0100
+++ new/acme-0.31.0/acme/challenges_test.py 2019-02-07 22:20:29.000000000 +0100
@@ -402,6 +402,33 @@
KEY, cert_key=mock.sentinel.cert_key))
mock_gen_cert.assert_called_once_with(key=mock.sentinel.cert_key)
+class TLSALPN01ResponseTest(unittest.TestCase):
+ # pylint: disable=too-many-instance-attributes
+
+ def setUp(self):
+ from acme.challenges import TLSALPN01Response
+ self.msg = TLSALPN01Response(key_authorization=u'foo')
+ self.jmsg = {
+ 'resource': 'challenge',
+ 'type': 'tls-alpn-01',
+ 'keyAuthorization': u'foo',
+ }
+
+ from acme.challenges import TLSALPN01
+ self.chall = TLSALPN01(token=(b'x' * 16))
+ self.response = self.chall.response(KEY)
+
+ def test_to_partial_json(self):
+ self.assertEqual(self.jmsg, self.msg.to_partial_json())
+
+ def test_from_json(self):
+ from acme.challenges import TLSALPN01Response
+ self.assertEqual(self.msg, TLSALPN01Response.from_json(self.jmsg))
+
+ def test_from_json_hashable(self):
+ from acme.challenges import TLSALPN01Response
+ hash(TLSALPN01Response.from_json(self.jmsg))
+
class TLSALPN01Test(unittest.TestCase):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/client_test.py new/acme-0.31.0/acme/client_test.py
--- old/acme-0.30.2/acme/client_test.py 2019-01-25 21:15:41.000000000 +0100
+++ new/acme-0.31.0/acme/client_test.py 2019-02-07 22:20:29.000000000 +0100
@@ -707,6 +707,7 @@
self.certr,
self.rsn)
+
class ClientV2Test(ClientTestBase):
"""Tests for acme.client.ClientV2."""
@@ -950,7 +951,6 @@
self.assertEqual(jws.signature.combined.kid, u'acct-uri')
self.assertEqual(jws.signature.combined.url, u'url')
-
def test_check_response_not_ok_jobj_no_error(self):
self.response.ok = False
self.response.json.return_value = {}
@@ -1113,8 +1113,8 @@
# Requests Library Exceptions
except requests.exceptions.ConnectionError as z: #pragma: no cover
- self.assertTrue("('Connection aborted.', error(111, 'Connection refused'))"
- == str(z) or "[WinError 10061]" in str(z))
+ self.assertTrue("'Connection aborted.'" in str(z) or "[WinError 10061]" in str(z))
+
class ClientNetworkWithMockedResponseTest(unittest.TestCase):
"""Tests for acme.client.ClientNetwork which mock out response."""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/jose_test.py new/acme-0.31.0/acme/jose_test.py
--- old/acme-0.30.2/acme/jose_test.py 2019-01-25 21:15:41.000000000 +0100
+++ new/acme-0.31.0/acme/jose_test.py 2019-02-07 22:20:29.000000000 +0100
@@ -12,11 +12,21 @@
else:
acme_jose_path = 'acme.jose'
josepy_path = 'josepy'
- acme_jose = importlib.import_module(acme_jose_path)
- josepy = importlib.import_module(josepy_path)
+ acme_jose_mod = importlib.import_module(acme_jose_path)
+ josepy_mod = importlib.import_module(josepy_path)
- self.assertIs(acme_jose, josepy)
- self.assertIs(getattr(acme_jose, attribute), getattr(josepy, attribute))
+ self.assertIs(acme_jose_mod, josepy_mod)
+ self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
+
+ # We use the imports below with eval, but pylint doesn't
+ # understand that.
+ # pylint: disable=eval-used,unused-variable
+ import acme
+ import josepy
+ acme_jose_mod = eval(acme_jose_path)
+ josepy_mod = eval(josepy_path)
+ self.assertIs(acme_jose_mod, josepy_mod)
+ self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute))
def test_top_level(self):
self._test_it('', 'RS512')
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/messages.py new/acme-0.31.0/acme/messages.py
--- old/acme-0.30.2/acme/messages.py 2019-01-25 21:15:41.000000000 +0100
+++ new/acme-0.31.0/acme/messages.py 2019-02-07 22:20:29.000000000 +0100
@@ -1,7 +1,10 @@
"""ACME protocol messages."""
-import collections
import six
import json
+try:
+ from collections.abc import Hashable # pylint: disable=no-name-in-module
+except ImportError:
+ from collections import Hashable
import josepy as jose
@@ -107,7 +110,7 @@
if part is not None).decode()
-class _Constant(jose.JSONDeSerializable, collections.Hashable): # type: ignore
+class _Constant(jose.JSONDeSerializable, Hashable): # type: ignore
"""ACME constant."""
__slots__ = ('name',)
POSSIBLE_NAMES = NotImplemented
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme.egg-info/PKG-INFO new/acme-0.31.0/acme.egg-info/PKG-INFO
--- old/acme-0.30.2/acme.egg-info/PKG-INFO 2019-01-25 21:15:55.000000000 +0100
+++ new/acme-0.31.0/acme.egg-info/PKG-INFO 2019-02-07 22:20:40.000000000 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: acme
-Version: 0.30.2
+Version: 0.31.0
Summary: ACME protocol implementation in Python
Home-page: https://github.com/letsencrypt/letsencrypt
Author: Certbot Project
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme.egg-info/SOURCES.txt new/acme-0.31.0/acme.egg-info/SOURCES.txt
--- old/acme-0.30.2/acme.egg-info/SOURCES.txt 2019-01-25 21:15:55.000000000 +0100
+++ new/acme-0.31.0/acme.egg-info/SOURCES.txt 2019-02-07 22:20:40.000000000 +0100
@@ -70,7 +70,6 @@
docs/api/messages.rst
docs/api/standalone.rst
docs/man/jws.rst
-examples/example_client.py
examples/standalone/README
examples/standalone/localhost/cert.pem
examples/standalone/localhost/key.pem
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme.egg-info/requires.txt new/acme-0.31.0/acme.egg-info/requires.txt
--- old/acme-0.30.2/acme.egg-info/requires.txt 2019-01-25 21:15:55.000000000 +0100
+++ new/acme-0.31.0/acme.egg-info/requires.txt 2019-02-07 22:20:40.000000000 +0100
@@ -1,10 +1,10 @@
-cryptography>=0.8
+cryptography>=1.2.3
josepy>=1.0.0
mock
-PyOpenSSL>=0.13
+PyOpenSSL>=0.13.1
pyrfc3339
pytz
-requests[security]>=2.4.1
+requests[security]>=2.6.0
requests-toolbelt>=0.3.0
setuptools
six>=1.9.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/docs/index.rst new/acme-0.31.0/docs/index.rst
--- old/acme-0.30.2/docs/index.rst 2019-01-25 21:15:41.000000000 +0100
+++ new/acme-0.31.0/docs/index.rst 2019-02-07 22:20:29.000000000 +0100
@@ -16,13 +16,6 @@
.. automodule:: acme
:members:
-
-Example client:
-
-.. include:: ../examples/example_client.py
- :code: python
-
-
Indices and tables
==================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/examples/example_client.py new/acme-0.31.0/examples/example_client.py
--- old/acme-0.30.2/examples/example_client.py 2019-01-25 21:15:41.000000000 +0100
+++ new/acme-0.31.0/examples/example_client.py 1970-01-01 01:00:00.000000000 +0100
@@ -1,47 +0,0 @@
-"""Example script showing how to use acme client API."""
-import logging
-import os
-import pkg_resources
-
-from cryptography.hazmat.backends import default_backend
-from cryptography.hazmat.primitives.asymmetric import rsa
-import josepy as jose
-import OpenSSL
-
-from acme import client
-from acme import messages
-
-
-logging.basicConfig(level=logging.DEBUG)
-
-
-DIRECTORY_URL = 'https://acme-staging.api.letsencrypt.org/directory'
-BITS = 2048 # minimum for Boulder
-DOMAIN = 'example1.com' # example.com is ignored by Boulder
-
-# generate_private_key requires cryptography>=0.5
-key = jose.JWKRSA(key=rsa.generate_private_key(
- public_exponent=65537,
- key_size=BITS,
- backend=default_backend()))
-acme = client.Client(DIRECTORY_URL, key)
-
-regr = acme.register()
-logging.info('Auto-accepting TOS: %s', regr.terms_of_service)
-acme.agree_to_tos(regr)
-logging.debug(regr)
-
-authzr = acme.request_challenges(
- identifier=messages.Identifier(typ=messages.IDENTIFIER_FQDN, value=DOMAIN))
-logging.debug(authzr)
-
-authzr, authzr_response = acme.poll(authzr)
-
-csr = OpenSSL.crypto.load_certificate_request(
- OpenSSL.crypto.FILETYPE_ASN1, pkg_resources.resource_string(
- 'acme', os.path.join('testdata', 'csr.der')))
-try:
- acme.request_issuance(jose.util.ComparableX509(csr), (authzr,))
-except messages.Error as error:
- print ("This script is doomed to fail as no authorization "
- "challenges are ever solved. Error from server: {0}".format(error))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/setup.py new/acme-0.31.0/setup.py
--- old/acme-0.30.2/setup.py 2019-01-25 21:15:42.000000000 +0100
+++ new/acme-0.31.0/setup.py 2019-02-07 22:20:31.000000000 +0100
@@ -3,21 +3,21 @@
from setuptools.command.test import test as TestCommand
import sys
-version = '0.30.2'
+version = '0.31.0'
# Please update tox.ini when modifying dependency version requirements
install_requires = [
# load_pem_private/public_key (>=0.6)
# rsa_recover_prime_factors (>=0.8)
- 'cryptography>=0.8',
+ 'cryptography>=1.2.3',
# formerly known as acme.jose:
'josepy>=1.0.0',
# Connection.set_tlsext_host_name (>=0.13)
'mock',
- 'PyOpenSSL>=0.13',
+ 'PyOpenSSL>=0.13.1',
'pyrfc3339',
'pytz',
- 'requests[security]>=2.4.1', # security extras added in 2.4.1
+ 'requests[security]>=2.6.0', # security extras added in 2.4.1
'requests-toolbelt>=0.3.0',
'setuptools',
'six>=1.9.0', # needed for python_2_unicode_compatible