package changes are done, we just need the ACK's

re comment #2

Hi Karel

The changes for any given release are always documented in the ChangeLog. This is installed with the main package under /usr/share/doc/python-nss*/ChangLog or in the source tree under doc/ChangeLog. I've included the 0.15.0 section below. A unit test (test_cert_request.py) was added to exercise the bug and the new functionality. I don't see any major risk, this is mostly characterized as a bug fix due to inadequences in NSS itself that we can work around inside the Python binding. Given there is a unit test to cover changes restricted to one small area I feel the risk is small. I'll comment on the test plan in a seperate comment.

2014-01-29  John Dennis  <jdennis> 0.15.0

  External Changes
  ----------------

  The primary enhancements in this version is fixing access to extensions
  in a CertificateRequest and giving access to CertificateRequest attributes.
  There is a bug in NSS which hides the existence of extensions in a
  CSR if the extensions are not contained in the first CSR
  attribute. This was fixable in python-nss without requiring a patch
  to NSS. Formerly python-nss did not provide access to the attributes
  in a CSR only the extensions, with this release all components of a
  CSR can be accessed. See test/test_cert_request.py for examples.

  * Add ability to read PEM data from a string.

  * Add more build instructions to README. Source README into package
    long description.

  * A SecItem now converts almost all DER encoded data to a string
    when it's str method is invoked, formerly it was limited to only a
    few objects.

  * The following classes were added:

    - CERTAttribute

  * The following class methods were added:

    - CertAttribute.format_lines
    - CertAttribute.format
    - nss.SecItem.get_integer

  * The following class properties were added:

    - CertificateRequest.attributes
    - CertAttribute.type_oid
    - CertAttribute.type_tag
    - CertAttribute.type_str
    - CertAttribute.values

  * The following module functions were added:

    - base64_to_binary

  * The following files were added:

    - test_cert_request

Hi John,

it seems that the run_tests script is not included in the binary rpm package (but it is present in srpm). Was it excluded intentionally?

Hi Karel:

No, it was not intentional the run_tests script is absent. It's a bug in the upstream setup.py install_doc command. The install_doc command has a manifest of files to install specified by a regular expression, the regular expression omitted the run_tests script.

I've patched the manifest to fix the problem. Do you want a new build that includes the run_tests script or is a new build more trouble than it's worth? I can do either.

Also, we're up to python-nss version 0.16.0 in RHEL7 due to bug #1155703, the errata does have the correct 0.16.0 builds.

missing run_tests script reported as bug 1179573.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0443.html