From 3491ecdb522dedef7c0f21ee324ad3f1fdd99400 Mon Sep 17 00:00:00 2001 From: Stewart Adam Date: Feb 16 2009 14:06:07 +0000 Subject: - Use patches in upstream git to fix #484473 --- diff --git a/pycrypto-2.0.1-hashlib.patch b/pycrypto-2.0.1-hashlib.patch deleted file mode 100644 index 33bda64..0000000 --- a/pycrypto-2.0.1-hashlib.patch +++ /dev/null @@ -1,53 +0,0 @@ ---- Hash/HMAC.py.old 2002-07-25 13:19:02.000000000 -0400 -+++ Hash/HMAC.py 2009-02-07 12:32:36.000000000 -0500 -@@ -33,8 +33,8 @@ - digestmod: A module supporting PEP 247. Defaults to the md5 module. - """ - if digestmod == None: -- import md5 -- digestmod = md5 -+ import MD5 -+ digestmod = MD5 - - self.digestmod = digestmod - self.outer = digestmod.new() ---- Hash/MD5.py.old 2002-07-11 10:31:19.000000000 -0400 -+++ Hash/MD5.py 2009-02-07 12:50:48.000000000 -0500 -@@ -3,11 +3,10 @@ - - __revision__ = "$Id: MD5.py,v 1.4 2002/07/11 14:31:19 akuchling Exp $" - --from md5 import * -+import hashlib - --import md5 --if hasattr(md5, 'digestsize'): -- digest_size = digestsize -- del digestsize --del md5 -+new = hashlib.md5 -+md5 = hashlib.md5 - -+blocksize = hashlib.md5().block_size -+digest_size = hashlib.md5().digest_size ---- Hash/SHA.py.old 2002-07-11 10:31:19.000000000 -0400 -+++ Hash/SHA.py 2009-02-07 12:50:17.000000000 -0500 -@@ -3,9 +3,10 @@ - - __revision__ = "$Id: SHA.py,v 1.4 2002/07/11 14:31:19 akuchling Exp $" - --from sha import * --import sha --if hasattr(sha, 'digestsize'): -- digest_size = digestsize -- del digestsize --del sha -+import hashlib -+ -+new = hashlib.sha1 -+sha = hashlib.sha1 -+ -+blocksize = hashlib.sha1().block_size -+digest_size = hashlib.sha1().digest_size -o - diff --git a/python-crypto-hmac_md5.patch b/python-crypto-hmac_md5.patch new file mode 100644 index 0000000..22ac8f8 --- /dev/null +++ b/python-crypto-hmac_md5.patch @@ -0,0 +1,13 @@ +--- pycrypto-2.0.1.orig/Hash/HMAC.py 2002-07-25 13:19:02.000000000 -0400 ++++ pycrypto-2.0.1/Hash/HMAC.py 2009-02-13 14:11:10.000000000 -0500 +@@ -33,8 +33,8 @@ + digestmod: A module supporting PEP 247. Defaults to the md5 module. + """ + if digestmod == None: +- import md5 +- digestmod = md5 ++ import MD5 ++ digestmod = MD5 + + self.digestmod = digestmod + self.outer = digestmod.new() diff --git a/python-crypto-use_hashlib_when_possible.patch b/python-crypto-use_hashlib_when_possible.patch new file mode 100644 index 0000000..5f2527b --- /dev/null +++ b/python-crypto-use_hashlib_when_possible.patch @@ -0,0 +1,58 @@ +--- pycrypto-2.0.1.orig/Hash/MD5.py 2002-07-11 10:31:19.000000000 -0400 ++++ pycrypto-2.0.1/Hash/MD5.py 2009-02-13 14:07:52.000000000 -0500 +@@ -3,11 +3,21 @@ + + __revision__ = "$Id: MD5.py,v 1.4 2002/07/11 14:31:19 akuchling Exp $" + +-from md5 import * ++__all__ = ['new', 'digest_size'] + +-import md5 +-if hasattr(md5, 'digestsize'): +- digest_size = digestsize +- del digestsize +-del md5 ++try: ++ # The md5 module is deprecated in Python 2.6, so use hashlib when possible. ++ import hashlib ++ def new(data=""): ++ return hashlib.md5(data) ++ digest_size = new().digest_size ++ ++except ImportError: ++ from md5 import * ++ ++ import md5 ++ if hasattr(md5, 'digestsize'): ++ digest_size = digestsize ++ del digestsize ++ del md5 + +--- pycrypto-2.0.1.orig/Hash/SHA.py 2002-07-11 10:31:19.000000000 -0400 ++++ pycrypto-2.0.1/Hash/SHA.py 2009-02-13 14:13:09.000000000 -0500 +@@ -3,9 +3,19 @@ + + __revision__ = "$Id: SHA.py,v 1.4 2002/07/11 14:31:19 akuchling Exp $" + +-from sha import * +-import sha +-if hasattr(sha, 'digestsize'): +- digest_size = digestsize +- del digestsize +-del sha ++__all__ = ['new', 'digest_size'] ++ ++try: ++ # The md5 module is deprecated in Python 2.6, so use hashlib when possible. ++ import hashlib ++ def new(data=""): ++ return hashlib.sha1(data) ++ digest_size = new().digest_size ++ ++except ImportError: ++ from sha import * ++ import sha ++ if hasattr(sha, 'digestsize'): ++ digest_size = digestsize ++ del digestsize ++ del sha diff --git a/python-crypto.spec b/python-crypto.spec index aeab902..9136423 100644 --- a/python-crypto.spec +++ b/python-crypto.spec @@ -1,4 +1,5 @@ -%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} +%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from +distutils.sysconfig import get_python_lib; print get_python_lib()")} %{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} Summary: Cryptography library for Python @@ -13,10 +14,12 @@ Source: http://www.amk.ca/files/python/crypto/pycrypto-2.0.1.tar.gz # patch taken from # http://gitweb2.dlitz.net/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=d1c4875e1f220652fe7ff8358f56dee3b2aba31b Patch0: %{name}-fix_buffer_overflow.patch -# similar patches upstream already -# http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=d2311689910240e425741a546576129f4c9735e2 +# Python 2.6 compatibility: Use Hash.MD5 instead of Python "md5" module in the HMAC... # http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=84b793416b52311643bfd456a4544444afbfb5da -Patch1: pycrypto-2.0.1-hashlib.patch +Patch1: python-crypto-hmac_md5.patch +# Python 2.6 compatibility: When possible, use hashlib instead of the deprecated 'md5... +# http://gitweb.pycrypto.org/?p=crypto/pycrypto-2.x.git;a=commitdiff;h=d2311689910240e425741a546576129f4c9735e2 +Patch2: python-crypto-use_hashlib_when_possible.patch Provides: pycrypto = %{version}-%{release} BuildRequires: python >= 2.2 @@ -26,15 +29,15 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot-%(%{__id_u} -n) %description Python-crypto is a collection of both secure hash functions (such as MD5 and -SHA), and various encryption algorithms (AES, DES, IDEA, RSA, ElGamal, -etc.). +SHA), and various encryption algorithms (AES, DES, IDEA, RSA, ElGamal, etc.). %prep %setup -n pycrypto-%{version} -q sed -i s:/lib:/%_lib:g setup.py %patch0 -b .patch0 -p1 -%patch1 -b .hashlib +%patch1 -b .patch1 -p1 +%patch2 -b .patch2 -p1 %build CFLAGS="$RPM_OPT_FLAGS" %{__python} setup.py build @@ -72,6 +75,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Fri Feb 13 2009 Stewart Adam - 2.0.1-16.1 +- Use patches in upstream git to fix #484473 + * Fri Feb 13 2009 Thorsten Leemhuis - 2.0.1-16 - add patch to fix #485298 / CVE-2009-0544