Univention Bugzilla – Bug 40291
import up2date crypto packages for office365
Last modified: 2023-03-25 06:42:38 CET
To verify the JWT tokens signature the packages * python-cryptography from at least jessie-backports (0.8.2-2) and * python-jwt from at least stretch (1.3.0-1) are needed. Those have dependencies: python-cffi | 0.8.6-1~bpo70+1 | wheezy-backports python-six | 1.8.0-1~bpo70+1 | wheezy-backports python-cryptography-vectors | 0.8.2-2~bpo8+1 | jessie-backports python-pretend | 1.0.8-1 | jessie python-enum34 | 1.0.3-1 | jessie I've had my share of fight yesterday with patch and quilt, so making this an extra bug. When resolved, the ImportError code at the beginning of azure_auth.py and AzureAuth.parse_id_token()._old_cryptography_checks() can be removed.
Created attachment 7381 [details] remove python3 dependencies and build targets # grep 'diff -Naur' no-python3.patch diff -Naur ./python-cffi-0.8.6.ori/debian/control ./python-cffi-0.8.6/debian/control diff -Naur ./python-cffi-0.8.6.ori/debian/rules ./python-cffi-0.8.6/debian/rules diff -Naur ./python-cryptography-0.8.2.ori/debian/control ./python-cryptography-0.8.2/debian/control diff -Naur ./python-cryptography-0.8.2.ori/debian/rules ./python-cryptography-0.8.2/debian/rules diff -Naur ./python-cryptography-vectors-0.8.2.ori/debian/control ./python-cryptography-vectors-0.8.2/debian/control diff -Naur ./python-cryptography-vectors-0.8.2.ori/debian/rules ./python-cryptography-vectors-0.8.2/debian/rules diff -Naur ./python-pretend-1.0.8.ori/debian/control ./python-pretend-1.0.8/debian/control diff -Naur ./python-pretend-1.0.8.ori/debian/rules ./python-pretend-1.0.8/debian/rules diff -Naur ./pyjwt-1.3.0.ori/debian/control ./pyjwt-1.3.0/debian/control diff -Naur ./pyjwt-1.3.0.ori/debian/rules ./pyjwt-1.3.0/debian/rules diff -Naur ./six-1.8.0.ori/debian/control ./six-1.8.0/debian/control diff -Naur ./six-1.8.0.ori/debian/rules ./six-1.8.0/debian/rules diff -Naur ./enum34-1.0.3.ori/debian/control ./enum34-1.0.3/debian/control diff -Naur ./enum34-1.0.3.ori/debian/rules ./enum34-1.0.3/debian/rules
python-rsa must be imported from jessie too
pyjwt, python-cryptography and its dependencies python-cryptography-vectors, python-cffi, python-hypothesis, python-idna, python-ipaddress, python-pyasn1, python-pyasn1-modules, python-mccabe, python-flake8, pep8, pyflakes, python-pretend, six, python-rsa, enum34 were patched to not depend on Python3 or PyPy and added to the office365 scope.
huh?
OK: Packages imported and available in office365 app Verified