Bug 2029015
| Summary: | Please branch and build pyOpenSSL in epel9 | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Carl George 🤠<carl> |
| Component: | pyOpenSSL | Assignee: | Paul Wouters <paul.wouters> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | crypto-team, dradez, jlieskov, lewk, paul.wouters, tm |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | pyOpenSSL-21.0.0-1.el9 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-01-06 16:58:02 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2029011, 2041988 | ||
|
Description
Carl George ðŸ¤
2021-12-04 04:40:40 UTC
as per upstream https://pypi.org/project/pyOpenSSL/ The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where possible. If you are using pyOpenSSL for anything other than making a TLS connection you should move to cryptography and drop your pyOpenSSL dependency. So before just blindly adding this to epel9, is it feasable to try and switch and not add this package to epel9 ? Thanks for pointing that out. I've opened an issue with centpkg upstream to request this. https://git.centos.org/centos/centpkg/issue/52 That said, there are a significant number of Fedora packages that still buildrequire or require pyOpenSSL. All of them are currently blocked from being added to EPEL9 just like centpkg is unless pyOpenSSL is added to EPEL9. It would be great if they can all port to cryptography, but I doubt that will happen quickly. For posterity here is the current list: PyDrive2 azure-cli centpkg ceph-mgr-modules-core conda deluge-common fedmsg fedora-messaging gajim gphotoframe lecm matrix-synapse module-build-service nordugrid-arc nordugrid-arc-acix-core odcs openvswitch ovn python-acme python-aioopenssl python-aiosasl python-asyncssh python-certbot-nginx python-cheroot python-etcd python-eventlet python-gear python-glanceclient python-josepy python-ndg_httpsclient python-paste python-pem python-requests-credssp python-requests-toolbelt python-service-identity python-trustme python-twisted python-txtorcon python3-PyDrive2 python3-acme python3-aioopenssl python3-azure-cli-core python3-azure-sdk-tools python3-certbot-nginx python3-cheroot python3-conda python3-edgegrid python3-fedmsg python3-fedora-messaging python3-glanceclient python3-impacket python3-josepy python3-nbxmpp python3-ndg_httpsclient python3-oauth2client python3-odcs-common python3-paste python3-pyaib python3-pysaml2 python3-rdopkg python3-requests-credssp python3-requests-pkcs12 python3-scrapy python3-service-identity python3-twisted+tls python3-yubikey-manager sagemath yubikey-manager If we want to push these various upstreams into following the upstream pyOpenSSL guidance of porting to cryptography, we should start by deprecating pyOpenSSL in Fedora. https://docs.fedoraproject.org/en-US/packaging-guidelines/deprecating-packages/ ugh. okay, that's way too many packages to fixup, so I'll just branch for now. *** Bug 2041992 has been marked as a duplicate of this bug. *** |