Bug 40291 – import up2date crypto packages for office365

Bug 40291 - import up2date crypto packages for office365


Summary:	import up2date crypto packages for office365

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	App Center
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Daniel Tröder
QA Contact:	Erik Damrose

URL:
Keywords:

Depends on:
Blocks:	38950
	Show dependency tree / graph

Reported:	2015-12-18 08:29 CET by Daniel Tröder
Modified:	2023-03-25 06:42 CET (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
remove python3 dependencies and build targets (15.73 KB, patch) 2015-12-18 08:50 CET, Daniel Tröder	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Tröder

2015-12-18 08:29:41 CET

To verify the JWT tokens signature the packages
* python-cryptography from at least jessie-backports (0.8.2-2) and
* python-jwt from at least stretch (1.3.0-1)
are needed.

Those have dependencies:
python-cffi                 | 0.8.6-1~bpo70+1 | wheezy-backports
python-six                  | 1.8.0-1~bpo70+1 | wheezy-backports
python-cryptography-vectors | 0.8.2-2~bpo8+1  | jessie-backports
python-pretend              | 1.0.8-1         | jessie
python-enum34               | 1.0.3-1         | jessie

I've had my share of fight yesterday with patch and quilt, so making this an extra bug.

When resolved, the ImportError code at the beginning of azure_auth.py and AzureAuth.parse_id_token()._old_cryptography_checks() can be removed.

Comment 1 Daniel Tröder

2015-12-18 08:50:20 CET

Created attachment 7381 [details]
remove python3 dependencies and build targets

# grep 'diff -Naur' no-python3.patch
diff -Naur ./python-cffi-0.8.6.ori/debian/control ./python-cffi-0.8.6/debian/control
diff -Naur ./python-cffi-0.8.6.ori/debian/rules ./python-cffi-0.8.6/debian/rules
diff -Naur ./python-cryptography-0.8.2.ori/debian/control ./python-cryptography-0.8.2/debian/control
diff -Naur ./python-cryptography-0.8.2.ori/debian/rules ./python-cryptography-0.8.2/debian/rules
diff -Naur ./python-cryptography-vectors-0.8.2.ori/debian/control ./python-cryptography-vectors-0.8.2/debian/control
diff -Naur ./python-cryptography-vectors-0.8.2.ori/debian/rules ./python-cryptography-vectors-0.8.2/debian/rules
diff -Naur ./python-pretend-1.0.8.ori/debian/control ./python-pretend-1.0.8/debian/control
diff -Naur ./python-pretend-1.0.8.ori/debian/rules ./python-pretend-1.0.8/debian/rules
diff -Naur ./pyjwt-1.3.0.ori/debian/control ./pyjwt-1.3.0/debian/control
diff -Naur ./pyjwt-1.3.0.ori/debian/rules ./pyjwt-1.3.0/debian/rules
diff -Naur ./six-1.8.0.ori/debian/control ./six-1.8.0/debian/control
diff -Naur ./six-1.8.0.ori/debian/rules ./six-1.8.0/debian/rules
diff -Naur ./enum34-1.0.3.ori/debian/control ./enum34-1.0.3/debian/control
diff -Naur ./enum34-1.0.3.ori/debian/rules ./enum34-1.0.3/debian/rules

Comment 2 Daniel Tröder

2016-01-06 11:32:32 CET

python-rsa must be imported from jessie too

Comment 3 Daniel Tröder

2016-02-01 16:26:53 CET

pyjwt, python-cryptography and its dependencies python-cryptography-vectors, python-cffi, python-hypothesis, python-idna, python-ipaddress, python-pyasn1, python-pyasn1-modules, python-mccabe, python-flake8, pep8, pyflakes, python-pretend, six, python-rsa, enum34 were patched to not depend on Python3 or PyPy and added to the office365 scope.

Comment 4 Daniel Tröder

2016-02-01 16:43:23 CET

huh?

Comment 5 Erik Damrose

2016-05-02 10:31:51 CEST

OK: Packages imported and available in office365 app
Verified