Hello community, here is the log from the commit of package mailman checked in at Mon Nov 17 17:23:11 CET 2008. -------- --- mailman/mailman.changes 2008-08-27 12:03:20.000000000 +0200 +++ /mounts/work_src_done/STABLE/mailman/mailman.changes 2008-11-17 17:22:17.414245000 +0100 @@ -1,0 +2,8 @@ +Wed Nov 12 09:05:26 CET 2008 - rommel@suse.de + +- added fix to work around md5/sha deprecation warning when hashlib is available + (mailman-python-26-deprecation-md5-sha.diff) +- removed group writable bit from /usr/lib/mailman/Mailman/ +- removing Mailman's own version of email when building against >= Python 2.6 + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- mailman-python-26-deprecation-md5-sha.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mailman.spec ++++++ --- /var/tmp/diff_new_pack.Uq7606/_old 2008-11-17 17:22:53.000000000 +0100 +++ /var/tmp/diff_new_pack.Uq7606/_new 2008-11-17 17:22:53.000000000 +0100 @@ -31,7 +31,7 @@ PreReq: permissions Summary: The GNU Mailing List Manager Version: 2.1.11 -Release: 1 +Release: 7 Source: %{name}-%{version}.tgz Source1: README.SuSE Source2: mailman-2.1-manpages.tgz @@ -66,6 +66,7 @@ %else Patch20: mailman-SuSE2.patch %endif +Patch21: mailman-python-26-deprecation-md5-sha.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %define m_uid 72 %define m_gid 67 @@ -106,6 +107,7 @@ %else %patch20 %endif +%patch21 cp -av %{S:1} . # ---------------------------------------------------------------------------- @@ -161,6 +163,11 @@ install -d $RPM_BUILD_ROOT%{_mandir}/man8/ tar xz -C $RPM_BUILD_ROOT%{_mandir}/man8/ -f %SOURCE2 install -m 644 %{S:11} $RPM_BUILD_ROOT/etc/logrotate.d/mailman +PYTHONVER=$(python -V 2>&1 | awk '{ print $2; }') +PYTHONMAJOR=${PYTHONVER%%.*} +PYTHONMINOR=${PYTHONVER#*.} +PYTHONMINOR=${PYTHONMINOR%%.*} +if [ "$PYTHONMAJOR" -gt 1 -a "$PYTHONMINOR" -gt 5 ]; then rm -rf $RPM_BUILD_ROOT/usr/lib/mailman/pythonlib/email*; fi %if %DISTRIBUTABLE %else cp %SOURCE12 $RPM_BUILD_ROOT/usr/lib/mailman/icons/ @@ -229,7 +236,7 @@ %attr(-, root, mailman) /usr/lib/mailman/cron %dir %attr(-, root, mailman) /usr/lib/mailman/cgi-bin %verify(not mode) %attr(2755, root, mailman) /usr/lib/mailman/cgi-bin/* -%dir %attr(2775, root, mailman) /usr/lib/mailman/Mailman/ +%dir %attr(2755, root, mailman) /usr/lib/mailman/Mailman/ %attr(-, root, mailman) /usr/lib/mailman/Mailman/[^m]* %attr(-, root, mailman) /usr/lib/mailman/messages %dir %attr(-, root, mailman) /usr/lib/mailman/mail @@ -254,6 +261,11 @@ # ---------------------------------------------------------------------------- %changelog +* Wed Nov 12 2008 rommel@suse.de +- added fix to work around md5/sha deprecation warning when hashlib is available + (mailman-python-26-deprecation-md5-sha.diff) +- removed group writable bit from /usr/lib/mailman/Mailman/ +- removing Mailman's own version of email when building against >= Python 2.6 * Tue Aug 26 2008 rommel@suse.de - version update to 2.1.11 (security fixes and small, but compatible enhancements) - removed outdated (>4y) extra FAQ @@ -330,7 +342,7 @@ - package according to permissions * Wed Nov 10 2004 rommel@suse.de - reworked start script (bug #42652) -* Fri Sep 17 2004 mmj@suse.de +* Thu Sep 16 2004 mmj@suse.de - Include latest and greatest FAQ [#38461] * Thu Sep 02 2004 mmj@suse.de - Remove mail to root telling him to RTFM [#44365] @@ -395,7 +407,7 @@ - added apache2 config (bug #33187) * Sat Nov 01 2003 adrian@suse.de - update to version 2.1.3 -* Fri Aug 22 2003 mmj@suse.de +* Thu Aug 21 2003 mmj@suse.de - The fix below from mcihar@suse.cz was a little to rough, since mailman broke without it's own copy of email. So include email in the installation, but keep korean and japanese disabled. ++++++ mailman-python-26-deprecation-md5-sha.diff ++++++ --- Mailman/Cgi/admin.py +++ Mailman/Cgi/admin.py @@ -24,7 +24,6 @@ import os import re import cgi -import sha import urllib import signal from types import * @@ -42,6 +41,7 @@ from Mailman.htmlformat import * from Mailman.Cgi import Auth from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_constructor # Set up i18n _ = i18n._ @@ -1276,7 +1276,7 @@ confirm = cgidata.getvalue('confirmmodpw', '').strip() if new or confirm: if new == confirm: - mlist.mod_password = sha.new(new).hexdigest() + mlist.mod_password = sha_constructor(new).hexdigest() # No re-authentication necessary because the moderator's # password doesn't get you into these pages. else: @@ -1286,7 +1286,7 @@ confirm = cgidata.getvalue('confirmpw', '').strip() if new or confirm: if new == confirm: - mlist.password = sha.new(new).hexdigest() + mlist.password = sha_constructor(new).hexdigest() # Set new cookie print mlist.MakeCookie(mm_cfg.AuthListAdmin) else: --- Mailman/Cgi/create.py +++ Mailman/Cgi/create.py @@ -21,7 +21,6 @@ import os import signal import cgi -import sha from types import ListType from Mailman import mm_cfg @@ -31,6 +30,7 @@ from Mailman import i18n from Mailman.htmlformat import * from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_constructor # Set up i18n _ = i18n._ @@ -180,7 +180,7 @@ # Install the emergency shutdown signal handler signal.signal(signal.SIGTERM, sigterm_handler) - pw = sha.new(password).hexdigest() + pw = sha_constructor(password).hexdigest() # Guarantee that all newly created files have the proper permission. # proper group ownership should be assured by the autoconf script # enforcing that all directories have the group sticky bit set --- Mailman/Handlers/Scrubber.py +++ Mailman/Handlers/Scrubber.py @@ -21,7 +21,6 @@ import os import re -import sha import time import errno import binascii @@ -41,6 +40,7 @@ from Mailman.Errors import DiscardMessage from Mailman.i18n import _ from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_constructor # Path characters for common platforms pre = re.compile(r'[/\\:]') @@ -158,7 +158,7 @@ if msgid is None: msgid = msg['Message-ID'] = Utils.unique_message_id(mlist) # We assume that the message id actually /is/ unique! - digest = sha.new(msgid).hexdigest() + digest = sha_constructor(msgid).hexdigest() return os.path.join('attachments', datedir, digest[:4] + digest[-4:]) --- Mailman/LockFile.py +++ Mailman/LockFile.py @@ -546,8 +546,8 @@ except EnvironmentError, e: if e.errno <> errno.ENOENT: raise - import sha - d = sha.new(`os.getpid()`+`time.time()`).hexdigest() + from Mailman.Utils import sha_constructor + d = sha_constructor(`os.getpid()`+`time.time()`).hexdigest() random.seed(d) --- Mailman/Pending.py +++ Mailman/Pending.py @@ -17,13 +17,13 @@ """Track pending actions which require confirmation.""" import os -import sha import time import errno import random import cPickle from Mailman import mm_cfg +from Mailman.Utils import sha_constructor # Types of pending records SUBSCRIPTION = 'S' @@ -72,7 +72,7 @@ while True: now = time.time() x = random.random() + now % 1.0 + time.clock() % 1.0 - cookie = sha.new(repr(x)).hexdigest() + cookie = sha_constructor(repr(x)).hexdigest() # We'll never get a duplicate, but we'll be anal about checking # anyway. if not db.has_key(cookie): --- Mailman/Queue/Switchboard.py +++ Mailman/Queue/Switchboard.py @@ -35,7 +35,6 @@ # needs. import os -import sha import time import email import errno @@ -46,6 +45,7 @@ from Mailman import Utils from Mailman import Message from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_constructor # 20 bytes of all bits set, maximum sha.digest() value shamax = 0xffffffffffffffffffffffffffffffffffffffffL @@ -118,7 +118,7 @@ # this system) and the sha hex digest. #rcvtime = data.setdefault('received_time', now) rcvtime = data.setdefault('received_time', now) - filebase = `rcvtime` + '+' + sha.new(hashfood).hexdigest() + filebase = `rcvtime` + '+' + sha_constructor(hashfood).hexdigest() filename = os.path.join(self.__whichq, filebase + '.pck') tmpfile = filename + '.tmp' # Always add the metadata schema version number --- Mailman/SecurityManager.py +++ Mailman/SecurityManager.py @@ -49,7 +49,6 @@ import os import re -import sha import time import Cookie import marshal @@ -62,12 +61,13 @@ import crypt except ImportError: crypt = None -import md5 from Mailman import mm_cfg from Mailman import Utils from Mailman import Errors from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_constructor +from Mailman.Utils import md5_constructor try: True, False @@ -171,11 +171,11 @@ key, secret = self.AuthContextInfo(ac) if secret is None: continue - sharesponse = sha.new(response).hexdigest() + sharesponse = sha_constructor(response).hexdigest() upgrade = ok = False if sharesponse == secret: ok = True - elif md5.new(response).digest() == secret: + elif md5_constructor(response).digest() == secret: ok = upgrade = True elif cryptmatchp(response, secret): ok = upgrade = True @@ -196,7 +196,7 @@ elif ac == mm_cfg.AuthListModerator: # The list moderator password must be sha'd key, secret = self.AuthContextInfo(ac) - if secret and sha.new(response).hexdigest() == secret: + if secret and sha_constructor(response).hexdigest() == secret: return ac elif ac == mm_cfg.AuthUser: if user is not None: @@ -237,7 +237,7 @@ # Timestamp issued = int(time.time()) # Get a digest of the secret, plus other information. - mac = sha.new(secret + `issued`).hexdigest() + mac = sha_constructor(secret + `issued`).hexdigest() # Create the cookie object. c = Cookie.SimpleCookie() c[key] = binascii.hexlify(marshal.dumps((issued, mac))) @@ -336,7 +336,7 @@ return False # Calculate what the mac ought to be based on the cookie's timestamp # and the shared secret. - mac = sha.new(secret + `issued`).hexdigest() + mac = sha_constructor(secret + `issued`).hexdigest() if mac <> received_mac: return False # Authenticated! --- Mailman/Utils.py +++ Mailman/Utils.py @@ -27,9 +27,9 @@ from __future__ import nested_scopes import os +import sys import re import cgi -import sha import time import errno import base64 @@ -56,6 +56,16 @@ from Mailman.Logging.Syslog import syslog try: + import hashlib + md5_constructor = hashlib.md5 + sha_constructor = hashlib.sha1 +except ImportError: + import md5 + md5_constructor = md5.new + import sha + sha_constructor = sha.new + +try: True, False except NameError: True = 1 @@ -384,7 +394,7 @@ omask = os.umask(026) try: fp = open(filename, 'w') - fp.write(sha.new(pw).hexdigest() + '\n') + fp.write(sha_constructor(pw).hexdigest() + '\n') fp.close() finally: os.umask(omask) @@ -410,7 +420,7 @@ challenge = get_global_password(siteadmin) if challenge is None: return None - return challenge == sha.new(response).hexdigest() + return challenge == sha_constructor(response).hexdigest() @@ -1034,3 +1044,4 @@ return True else: return False + --- bin/change_pw +++ bin/change_pw @@ -66,7 +66,6 @@ """ import sys -import sha import getopt import paths @@ -76,6 +75,7 @@ from Mailman import Errors from Mailman import Message from Mailman import i18n +from Mailman.Utils import sha_constructor _ = i18n._ @@ -147,7 +147,7 @@ if password is not None: if not password: usage(1, _('Empty list passwords are not allowed')) - shapassword = sha.new(password).hexdigest() + shapassword = sha_constructor(password).hexdigest() if domains: for name in Utils.list_names(): @@ -167,7 +167,7 @@ if password is None: randompw = Utils.MakeRandomPassword( mm_cfg.ADMIN_PASSWORD_LENGTH) - shapassword = sha.new(randompw).hexdigest() + shapassword = sha_constructor(randompw).hexdigest() notifypassword = randompw else: notifypassword = password --- bin/export.py +++ bin/export.py @@ -21,7 +21,6 @@ import os import sys -import sha import base64 import codecs import datetime @@ -37,6 +36,7 @@ from Mailman import mm_cfg from Mailman.MailList import MailList from Mailman.i18n import _ +from Mailman.Utils import sha_constructor __i18n_templates__ = True @@ -289,13 +289,13 @@ def sha_password(password): - h = sha.new(password) + h = sha_constructor(password) return '{SHA}' + base64.b64encode(h.digest()) def ssha_password(password): salt = os.urandom(SALT_LENGTH) - h = sha.new(password) + h = sha_constructor(password) h.update(salt) return '{SSHA}' + base64.b64encode(h.digest() + salt) --- bin/newlist +++ bin/newlist @@ -93,7 +93,6 @@ import os import getpass import getopt -import sha import paths from Mailman import mm_cfg @@ -102,6 +101,7 @@ from Mailman import Errors from Mailman import Message from Mailman import i18n +from Mailman.Utils import sha_constructor _ = i18n._ @@ -186,7 +186,7 @@ mlist = MailList.MailList() try: - pw = sha.new(listpasswd).hexdigest() + pw = sha_constructor(listpasswd).hexdigest() # Guarantee that all newly created files have the proper permission. # proper group ownership should be assured by the autoconf script # enforcing that all directories have the group sticky bit set --- bin/update +++ bin/update @@ -34,7 +34,6 @@ """ import os -import md5 import sys import time import errno @@ -56,6 +55,7 @@ from Mailman.Queue.Switchboard import Switchboard from Mailman.OldStyleMemberships import OldStyleMemberships from Mailman.MemberAdaptor import BYBOUNCE, ENABLED +from Mailman.Utils import md5_constructor FRESH = 0 NOTFRESH = -1 @@ -131,7 +131,7 @@ # No global template continue - gcksum = md5.new(fp.read()).digest() + gcksum = md5_constructor(fp.read()).digest() fp.close() # Match against the lists/<list>/* template try: @@ -139,7 +139,7 @@ except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = md5_constructor(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mlist.fullpath(), gtemplate)) @@ -149,7 +149,7 @@ except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = md5_constructor(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mlist.fullpath(), gtemplate + '.prev')) @@ -159,7 +159,7 @@ except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = md5_constructor(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mlist.fullpath(), 'en', gtemplate)) @@ -169,7 +169,7 @@ except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = md5_constructor(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mm_cfg.TEMPLATE_DIR, gtemplate)) @@ -179,7 +179,7 @@ except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = md5_constructor(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mm_cfg.TEMPLATE_DIR, --- tests/test_handlers.py +++ tests/test_handlers.py @@ -18,7 +18,6 @@ """ import os -import sha import time import email import errno @@ -53,13 +52,14 @@ from Mailman.Handlers import ToDigest from Mailman.Handlers import ToOutgoing from Mailman.Handlers import ToUsenet +from Mailman.Utils import sha_constructor from TestBase import TestBase def password(plaintext): - return sha.new(plaintext).hexdigest() + return sha_constructor(plaintext).hexdigest() --- tests/test_security_mgr.py +++ tests/test_security_mgr.py @@ -20,8 +20,6 @@ import os import unittest import errno -import md5 -import sha import Cookie try: import crypt @@ -33,13 +31,15 @@ from Mailman import mm_cfg from Mailman import Utils from Mailman import Errors +from Mailman.Utils import sha_constructor +from Mailman.Utils import md5_constructor from TestBase import TestBase def password(plaintext): - return sha.new(plaintext).hexdigest() + return sha_constructor(plaintext).hexdigest() @@ -132,7 +132,7 @@ def test_list_admin_upgrade(self): eq = self.assertEqual mlist = self._mlist - mlist.password = md5.new('ssSSss').digest() + mlist.password = md5_constructor('ssSSss').digest() eq(mlist.Authenticate( [mm_cfg.AuthListAdmin], 'ssSSss'), mm_cfg.AuthListAdmin) eq(mlist.password, password('ssSSss')) @@ -146,10 +146,10 @@ def test_list_admin_oldstyle_unauth(self): eq = self.assertEqual mlist = self._mlist - mlist.password = md5.new('ssSSss').digest() + mlist.password = md5_constructor('ssSSss').digest() eq(mlist.Authenticate( [mm_cfg.AuthListAdmin], 'xxxxxx'), mm_cfg.UnAuthorized) - eq(mlist.password, md5.new('ssSSss').digest()) + eq(mlist.password, md5_constructor('ssSSss').digest()) # Test crypt upgrades if crypt is supported if crypt: mlist.password = crypted = crypt.crypt('rrRRrr', 'zc') ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org