File python-Twisted.spec of Package python-Twisted.34938
#
# spec file for package python-Twisted
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: python-Twisted
Version: 15.2.1
Release: 0
URL: http://twistedmatrix.com/
Summary: An asynchronous networking framework written in Python
License: MIT
Group: Development/Languages/Python
Source: http://pypi.python.org/packages/source/T/Twisted/Twisted-%{version}.tar.bz2
# PATCH-FIX-UPSTREAM -- https://twistedmatrix.com/trac/ticket/6280
Patch0: lp1102685.diff
# PATCH-FIX-UPSTREAM 69707bb1aa.patch -- http://twistedmatrix.com/trac/ticket/8623
Patch1: 69707bb1aa.patch
# PATCH-FIX-UPSTREAM 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch -- https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2
Patch2: 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
Patch3: PR-1147.patch
# PATCH-FIX-UPSTREAM CVE-2022-21712-sec-expo-CO-redirect.patch bsc#1195667 mcepl@suse.com
# properly remove sensitive headers when redirecting to a different origin
Patch4: CVE-2022-21712-sec-expo-CO-redirect.patch
# PATCH-FIX-UPSTREAM CVE-2022-24801 bsc#1198086
Patch5: CVE-2022-24801-http-1.1-leniency.patch
# PATCH-FIX-UPSTREAM CVE-2022-21716-ssh-inf-data.patch bsc#1196739 mcepl@suse.com
# protect against receiving inf amount of data SSH
Patch6: CVE-2022-21716-ssh-inf-data.patch
# PATCH-FIX-UPSTREAM CVE-2020-10108-http-req-headers.patch bsc#1166457 mcepl@suse.com
# insecure handling of HTTP request headers
Patch7: CVE-2020-10108-http-req-headers.patch
# PATCH-FIX-UPSTREAM CVE-2022-39348 bsc#1204781 do not echo Host header in HTML
Patch8: CVE-2022-39348-do-not-echo-host-header.patch
# PATCH-FIX-UPSTREAM CVE-2024-41671.patch gh#twisted/twisted@4a930de12fb6
Patch9: CVE-2024-41671.patch
# PATCH-FIX-UPSTREAM CVE-2024-41810.patch gh#twisted/twisted@046a164f89a0
Patch10: CVE-2024-41810.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: fdupes
BuildRequires: python-devel
BuildRequires: python-pam
BuildRequires: python-pyOpenSSL
BuildRequires: python-pyserial
BuildRequires: python-xml
BuildRequires: python-zope.interface
Requires: python-pam
Requires: python-pyOpenSSL
Requires: python-pycrypto
Requires: python-pyserial
Requires: python-zope.interface
Provides: python-twisted = %{version}
Obsoletes: python-twisted < %{version}
Provides: python-twisted-core = %{version}
Obsoletes: python-twisted-core < %{version}
Provides: python-twisted-conch = %{version}
Obsoletes: python-twisted-conch < %{version}
Provides: python-twisted-lore = %{version}
Obsoletes: python-twisted-lore < %{version}
Provides: python-twisted-mail = %{version}
Obsoletes: python-twisted-mail < %{version}
Provides: python-twisted-names = %{version}
Obsoletes: python-twisted-names < %{version}
Provides: python-twisted-news = %{version}
Obsoletes: python-twisted-news < %{version}
Provides: python-twisted-runner = %{version}
Obsoletes: python-twisted-runner < %{version}
Provides: python-twisted-web = %{version}
Obsoletes: python-twisted-web < %{version}
Provides: python-twisted-words = %{version}
Obsoletes: python-twisted-words < %{version}
Provides: python-twisted-xish = %{version}
Obsoletes: python-twisted-xish < %{version}
%if 0%{?suse_version} && 0%{?suse_version} <= 1110
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
%endif
%description
An extensible framework for Python programming, with special focus
on event-based network programming and multiprotocol integration.
%package doc
Summary: An asynchronous networking framework written in Python - Documentation
Group: Development/Languages/Python
%description doc
An extensible framework for Python programming, with special focus
on event-based network programming and multiprotocol integration.
This package contains the documentation for python-Twisted
%prep
%setup -q -n Twisted-%{version}
%autopatch -p1
sed -i "1d" twisted/{mail/test/pop3testserver,trial/test/scripttest}.py
%build
CFLAGS="%{optflags}" python setup.py build
%install
python setup.py install --prefix=%{_prefix} --root=%{buildroot}
find %{buildroot} -regex '.*\.[ch]' -exec rm {} ";" # Remove leftover C sources
install -dm0755 %{buildroot}/%{_mandir}/man1/
install -m0644 doc/*/man/*.1 %{buildroot}/%{_mandir}/man1/ # Install man pages
find doc -type f -print0 | xargs -0 chmod a-x # Fix doc-file dependency by removing x flags
sed -i "s/\r//" doc/_downloads/{MulticastClient,MulticastServer}.py
%fdupes %{buildroot}%{python_sitearch}
%check
# CVE-2024-41810 tests
./bin/trial twisted/web/test/test_util.py
# CVE-2024-41671 tests
./bin/trial twisted/web/test/test_http.py
%files doc
%defattr(-,root,root,-)
%doc doc/*
%files
%defattr(-,root,root,-)
%license LICENSE
%doc NEWS README
%{_bindir}/cftp
%{_bindir}/ckeygen
%{_bindir}/conch
%{_bindir}/lore
%{_bindir}/mailmail
%{_bindir}/manhole
%{_bindir}/pyhtmlizer
%{_bindir}/tap2deb
%{_bindir}/tap2rpm
%{_bindir}/tkconch
%{_bindir}/trial
%{_bindir}/twistd
%{_mandir}/man1/*
%{python_sitearch}/twisted/
%{python_sitearch}/Twisted-%{version}*info
%changelog
