On 4/29/20 10:31 AM, Paul Howarth wrote:
Hi Lumir,
On Wed, 29 Apr 2020 07:35:43 +0200
Lumir Balhar <lbalhar@xxxxxxxxxx> wrote:
Hello.
I'd like to switch python-dns crypto backend from pycryptodomex and
ecdsa to python-cryptography. Upstream already did the same in master
branch: https://github.com/rthalley/dnspython/pull/449
But, because python2-cryptography is not available in Fedora anymore,
this change will disable DNSSEC functionality in python2-dns. There
are only two packages depending on python2-dns: mailman and
trac-spamfilter-plugin. I did a check and rebuild of both of them and
it seems that they both work with the new version and there is no
usage of DNSSEC in their codebases. COPR:
https://copr.fedorainfracloud.org/coprs/lbalhar/dns/
PR: https://src.fedoraproject.org/rpms/python-dns/pull-request/5
If you think we should not merge the PR, let us know rather sooner
than later.
No objections from me (trac-spamfilter-plugin maintainer); it uses
python-dns for IP blacklist lookups and I wouldn't be surprised if
mailman did the same.
Great!
On the other hand, maybe the crypto backend could be changed for Python
3 and not for the Python 2 version? I would hope that the Python 2
version wouldn't need to be maintained for too much longer anyway.
That would mean either ship two different codebases from one SRPM
(python-dns) or create a new SRPM just for python2-dns and use old
codebase there. The first one is (in my opinion) a bad idea and would
make the spec file ugly. Second solution is kinda lot of work for
nothing. So I hope nobody will be affected by missing DNSSEC in
python2-dns :)
Paul.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
