Incorrect code or Python regression?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi all,

python-paramiko failed to build in the mass rebuild and I'm wondering
if there's incorrect code in paramiko (or its dependency cryptography),
or whether it's a regression in the current Python beta.

The failures are in the test suite and the failing tests all involve
this error:

  cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by
this backend for RSA signing.

Now I know that sha1 signing has recently been disabled in Rawhide: the
upstream test suite is supposed to skip the tests that require sha1
signing, which is implemented using a decorator @requires_sha1_signing.
This was done following a PR I made upstream in 2022 
(https://github.com/paramiko/paramiko/pull/2011) in order to get the test
suite to pass in EPEL-9, where the same crypto policy has been in
effect for a long time.

The @requires_sha1_signing decorator is implemented using a function
that attempts sha1 signing, catches the UnsupportedAlgorithm exception
from cryptography and checks that the reason code is
_Reasons.UNSUPPORTED_HASH.

_Reasons is an enum class in cryptography. The pythonic way of checking
enum identities is to use "is", since enums are singletons in Python.
Hence the check is:

    except UnsupportedAlgorithm as e:
        return e._reason is _Reasons.UNSUPPORTED_HASH

Except that doesn't work in Rawhide. The exception is being raised
exactly as expected but the identity test fails. However, it passes if
I change it to this:

    except UnsupportedAlgorithm as e:
        return e._reason == _Reasons.UNSUPPORTED_HASH

With that change, the test suite passes.

So my question is: is the python code wrong (test check, enum
implementation in cryptography?) or is this a regression in the latest
Python beta? The latter seems unlikely to me given how this affects
something quite fundamental.

Regards, Paul.
-- 
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux