Skip to content

Commit

Permalink
alvistack/4.1.2
Browse files Browse the repository at this point in the history
    git clean -xdf
    mkdir -p .cargo
    cargo vendor --manifest-path ./src/_bcrypt/Cargo.toml > .cargo/config.toml
    tar zcvf ../python-bcrypt_4.1.2.orig.tar.gz --exclude=.git .
    debuild -uc -us
    cp python-bcrypt.spec ../python-bcrypt_4.1.2-1.spec
    cp ../python*-bcrypt*4.1.2*.{gz,xz,spec,dsc} /osc/home\:alvistack/pyca-bcrypt-4.1.2/
    rm -rf ../python*-bcrypt*4.1.2*.*

See pyca#714

Signed-off-by: Wong Hoi Sing Edison <[email protected]>
  • Loading branch information
hswong3i committed Jan 3, 2024
1 parent b9223e6 commit 11b6db6
Show file tree
Hide file tree
Showing 16 changed files with 204 additions and 51 deletions.
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -27,3 +27,7 @@ pip-log.txt

#Translations
*.mo

.cargo/
vendor/
.pybuild/
6 changes: 6 additions & 0 deletions debian/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
*.substvars
*debhelper*
.debhelper
files
python3-bcrypt
tmp
5 changes: 5 additions & 0 deletions debian/changelog
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
python-bcrypt (100:4.1.2-1) UNRELEASED; urgency=medium

* https://github.com/pyca/bcrypt/releases/tag/4.1.2

-- Wong Hoi Sing Edison <[email protected]> Mon, 01 Jan 2024 18:00:27 +0800
30 changes: 30 additions & 0 deletions debian/control
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
Source: python-bcrypt
Section: python
Priority: optional
Standards-Version: 4.5.0
Maintainer: Wong Hoi Sing Edison <[email protected]>
Homepage: https://github.com/pyca/bcrypt/tags
Vcs-Browser: https://github.com/alvistack/pyca-bcrypt
Vcs-Git: https://github.com/alvistack/pyca-bcrypt.git
Build-Depends:
cargo,
cython3,
debhelper,
debhelper-compat (= 10),
dh-python,
fdupes,
python3-dev,
python3-pycparser,
python3-setuptools (>= 42.0.0),
python3-setuptools-rust (>= 0.11.4),
rustc (>= 1.64.0),

Package: python3-bcrypt
Architecture: amd64
Description: Modern(-ish) password hashing for your software and your servers
Good password hashing for your software and your servers.
Depends:
${misc:Depends},
${shlibs:Depends},
${python3:Depends},
python3,
21 changes: 21 additions & 0 deletions debian/copyright
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/

Files: debian/*
Copyright: 2024 Wong Hoi Sing Edison <[email protected]>
License: Apache-2.0

License: Apache-2.0
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
.
http://www.apache.org/licenses/LICENSE-2.0
.
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
.
The complete text of the Apache version 2.0 license
can be found in "/usr/share/common-licenses/Apache-2.0".
1 change: 1 addition & 0 deletions debian/python3-bcrypt.install
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
usr/lib/python*/*-packages/*
4 changes: 4 additions & 0 deletions debian/python3-bcrypt.lintian-overrides
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
python3-bcrypt: copyright-without-copyright-notice
python3-bcrypt: initial-upload-closes-no-bugs
python3-bcrypt: no-manual-page
python3-bcrypt: zero-byte-file-in-doc-directory
15 changes: 15 additions & 0 deletions debian/rules
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
#!/usr/bin/make -f

SHELL := /bin/bash

override_dh_auto_install:
dh_auto_install --destdir=debian/tmp
find debian/tmp/usr/lib/python*/*-packages -type f -name '*.pyc' -exec rm -rf {} \;
fdupes -qnrps debian/tmp/usr/lib/python*/*-packages

override_dh_auto_test:

override_dh_auto_clean:

%:
dh $@ --buildsystem=pybuild --with python3
1 change: 1 addition & 0 deletions debian/source/format
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
3.0 (quilt)
5 changes: 5 additions & 0 deletions debian/source/lintian-overrides
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
python-bcrypt source: file-without-copyright-information
python-bcrypt source: no-debian-changes
python-bcrypt source: source-contains-prebuilt-windows-binary
python-bcrypt source: source-package-encodes-python-version
python-bcrypt source: unpack-message-for-orig
91 changes: 91 additions & 0 deletions python-bcrypt.spec
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
# Copyright 2024 Wong Hoi Sing Edison <[email protected]>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

%global debug_package %{nil}

Name: python-bcrypt
Epoch: 100
Version: 4.1.2
Release: 1%{?dist}
Summary: Modern(-ish) password hashing for your software and your servers
License: Apache-2.0
URL: https://github.com/pyca/bcrypt/tags
Source0: %{name}_%{version}.orig.tar.gz
BuildRequires: cargo
BuildRequires: fdupes
BuildRequires: gcc
BuildRequires: python-rpm-macros
BuildRequires: python3-Cython3
BuildRequires: python3-devel
BuildRequires: python3-pycparser
BuildRequires: python3-setuptools >= 42.0.0
BuildRequires: python3-setuptools-rust >= 0.11.4
BuildRequires: rust >= 1.64.0

%description
Good password hashing for your software and your servers.

%prep
%autosetup -T -c -n %{name}_%{version}-%{release}
tar -zx -f %{S:0} --strip-components=1 -C .

%build
%py3_build

%install
%py3_install
find %{buildroot}%{python3_sitearch} -type f -name '*.pyc' -exec rm -rf {} \;
fdupes -qnrps %{buildroot}%{python3_sitearch}

%check

%if 0%{?suse_version} > 1500
%package -n python%{python3_version_nodots}-bcrypt
Summary: Modern(-ish) password hashing for your software and your servers
Requires: python3
Provides: python3-bcrypt = %{epoch}:%{version}-%{release}
Provides: python3dist(bcrypt) = %{epoch}:%{version}-%{release}
Provides: python%{python3_version}-bcrypt = %{epoch}:%{version}-%{release}
Provides: python%{python3_version}dist(bcrypt) = %{epoch}:%{version}-%{release}
Provides: python%{python3_version_nodots}-bcrypt = %{epoch}:%{version}-%{release}
Provides: python%{python3_version_nodots}dist(bcrypt) = %{epoch}:%{version}-%{release}

%description -n python%{python3_version_nodots}-bcrypt
Good password hashing for your software and your servers.

%files -n python%{python3_version_nodots}-bcrypt
%license LICENSE
%{python3_sitearch}/*
%endif

%if !(0%{?suse_version} > 1500)
%package -n python3-bcrypt
Summary: Modern(-ish) password hashing for your software and your servers
Requires: python3
Provides: python3-bcrypt = %{epoch}:%{version}-%{release}
Provides: python3dist(bcrypt) = %{epoch}:%{version}-%{release}
Provides: python%{python3_version}-bcrypt = %{epoch}:%{version}-%{release}
Provides: python%{python3_version}dist(bcrypt) = %{epoch}:%{version}-%{release}
Provides: python%{python3_version_nodots}-bcrypt = %{epoch}:%{version}-%{release}
Provides: python%{python3_version_nodots}dist(bcrypt) = %{epoch}:%{version}-%{release}

%description -n python3-bcrypt
Good password hashing for your software and your servers.

%files -n python3-bcrypt
%license LICENSE
%{python3_sitearch}/*
%endif

%changelog
4 changes: 4 additions & 0 deletions setup.cfg
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
[egg_info]
tag_build =
tag_date = 0

49 changes: 16 additions & 33 deletions src/_bcrypt/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion src/_bcrypt/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ edition = "2018"
publish = false

[dependencies]
pyo3 = { version = "0.20.0", features = ["abi3"] }
pyo3 = { version = "0.16.6", features = ["abi3"] }
bcrypt = "0.15"
bcrypt-pbkdf = "0.10.0"
base64 = "0.21.5"
Expand Down
12 changes: 0 additions & 12 deletions src/_bcrypt/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -151,18 +151,6 @@ fn kdf<'p>(
));
}

if rounds < 50 && !ignore_few_rounds {
// They probably think bcrypt.kdf()'s rounds parameter is logarithmic,
// expecting this value to be slow enough (it probably would be if this
// were bcrypt). Emit a warning.
pyo3::PyErr::warn(
py,
pyo3::exceptions::PyUserWarning::type_object(py),
&format!("Warning: bcrypt.kdf() called with only {rounds} round(s). This few is not secure: the parameter is linear, like PBKDF2."),
3
)?;
}

pyo3::types::PyBytes::new_with(py, desired_key_bytes, |output| {
py.allow_threads(|| {
bcrypt_pbkdf::bcrypt_pbkdf(password, salt, rounds, output).unwrap();
Expand Down
5 changes: 0 additions & 5 deletions tests/test_bcrypt.py
Original file line number Diff line number Diff line change
Expand Up @@ -462,11 +462,6 @@ def test_kdf_no_warn_rounds():
bcrypt.kdf(b"password", b"salt", 10, 10, True)


def test_kdf_warn_rounds():
with pytest.warns(UserWarning):
bcrypt.kdf(b"password", b"salt", 10, 10)


@pytest.mark.parametrize(
("password", "salt", "desired_key_bytes", "rounds", "error"),
[
Expand Down

0 comments on commit 11b6db6

Please sign in to comment.