alvistack/4.1.1

    git clean -xdf
    mkdir -p .cargo
    cargo vendor --manifest-path ./src/_bcrypt/Cargo.toml > .cargo/config.toml
    tar zcvf ../python-bcrypt_4.1.1.orig.tar.gz --exclude=.git .
    debuild -uc -us
    cp python-bcrypt.spec ../python-bcrypt_4.1.1-1.spec
    cp ../python*-bcrypt*4.1.1*.{gz,xz,spec,dsc} /osc/home\:alvistack/pyca-bcrypt-4.1.1/
    rm -rf ../python*-bcrypt*4.1.1*.*

See pyca#695
See pyca#714

Signed-off-by: Wong Hoi Sing Edison <[email protected]>

Author: hswong3i

.gitignore

@@ -27,3 +27,7 @@ pip-log.txt
 
 #Translations
 *.mo
+
+.cargo/
+vendor/
+.pybuild/

debian/.gitignore

@@ -0,0 +1,6 @@
+*.substvars
+*debhelper*
+.debhelper
+files
+python3-bcrypt
+tmp

debian/changelog

@@ -0,0 +1,5 @@
+python-bcrypt (100:4.1.1-1) UNRELEASED; urgency=medium
+
+  * https://github.com/pyca/bcrypt/releases/tag/4.1.1
+
+ -- Wong Hoi Sing Edison <[email protected]>  Mon, 01 Jan 2024 17:59:55 +0800

debian/control

@@ -0,0 +1,30 @@
+Source: python-bcrypt
+Section: python
+Priority: optional
+Standards-Version: 4.5.0
+Maintainer: Wong Hoi Sing Edison <[email protected]>
+Homepage: https://github.com/pyca/bcrypt/tags
+Vcs-Browser: https://github.com/alvistack/pyca-bcrypt
+Vcs-Git: https://github.com/alvistack/pyca-bcrypt.git
+Build-Depends:
+ cargo,
+ cython3,
+ debhelper,
+ debhelper-compat (= 10),
+ dh-python,
+ fdupes,
+ python3-dev,
+ python3-pycparser,
+ python3-setuptools (>= 42.0.0),
+ python3-setuptools-rust (>= 0.11.4),
+ rustc (>= 1.64.0),
+
+Package: python3-bcrypt
+Architecture: amd64
+Description: Modern(-ish) password hashing for your software and your servers
+ Good password hashing for your software and your servers.
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+ ${python3:Depends},
+ python3,

debian/copyright

@@ -0,0 +1,21 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+
+Files: debian/*
+Copyright: 2024 Wong Hoi Sing Edison <[email protected]>
+License: Apache-2.0
+
+License: Apache-2.0
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ .
+ http://www.apache.org/licenses/LICENSE-2.0
+ .
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ .
+ The complete text of the Apache version 2.0 license
+ can be found in "/usr/share/common-licenses/Apache-2.0".

debian/python3-bcrypt.install

@@ -0,0 +1 @@
+usr/lib/python*/*-packages/*

debian/python3-bcrypt.lintian-overrides

@@ -0,0 +1,4 @@
+python3-bcrypt: copyright-without-copyright-notice
+python3-bcrypt: initial-upload-closes-no-bugs
+python3-bcrypt: no-manual-page
+python3-bcrypt: zero-byte-file-in-doc-directory

debian/rules

@@ -0,0 +1,15 @@
+#!/usr/bin/make -f
+
+SHELL := /bin/bash
+
+override_dh_auto_install:
+	dh_auto_install --destdir=debian/tmp
+	find debian/tmp/usr/lib/python*/*-packages -type f -name '*.pyc' -exec rm -rf {} \;
+	fdupes -qnrps debian/tmp/usr/lib/python*/*-packages
+
+override_dh_auto_test:
+
+override_dh_auto_clean:
+
+%:
+	dh $@ --buildsystem=pybuild --with python3

debian/source/format

@@ -0,0 +1 @@
+3.0 (quilt)

debian/source/lintian-overrides

@@ -0,0 +1,5 @@
+python-bcrypt source: file-without-copyright-information
+python-bcrypt source: no-debian-changes
+python-bcrypt source: source-contains-prebuilt-windows-binary
+python-bcrypt source: source-package-encodes-python-version
+python-bcrypt source: unpack-message-for-orig

python-bcrypt.spec

@@ -0,0 +1,93 @@
+# Copyright 2024 Wong Hoi Sing Edison <[email protected]>
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+%global debug_package %{nil}
+
+%global source_date_epoch_from_changelog 0
+
+Name: python-bcrypt
+Epoch: 100
+Version: 4.1.1
+Release: 1%{?dist}
+Summary: Modern(-ish) password hashing for your software and your servers
+License: Apache-2.0
+URL: https://github.com/pyca/bcrypt/tags
+Source0: %{name}_%{version}.orig.tar.gz
+BuildRequires: cargo
+BuildRequires: fdupes
+BuildRequires: gcc
+BuildRequires: python-rpm-macros
+BuildRequires: python3-Cython3
+BuildRequires: python3-devel
+BuildRequires: python3-pycparser
+BuildRequires: python3-setuptools >= 42.0.0
+BuildRequires: python3-setuptools-rust >= 0.11.4
+BuildRequires: rust >= 1.64.0
+
+%description
+Good password hashing for your software and your servers.
+
+%prep
+%autosetup -T -c -n %{name}_%{version}-%{release}
+tar -zx -f %{S:0} --strip-components=1 -C .
+
+%build
+%py3_build
+
+%install
+%py3_install
+find %{buildroot}%{python3_sitearch} -type f -name '*.pyc' -exec rm -rf {} \;
+fdupes -qnrps %{buildroot}%{python3_sitearch}
+
+%check
+
+%if 0%{?suse_version} > 1500
+%package -n python%{python3_version_nodots}-bcrypt
+Summary: Modern(-ish) password hashing for your software and your servers
+Requires: python3
+Provides: python3-bcrypt = %{epoch}:%{version}-%{release}
+Provides: python3dist(bcrypt) = %{epoch}:%{version}-%{release}
+Provides: python%{python3_version}-bcrypt = %{epoch}:%{version}-%{release}
+Provides: python%{python3_version}dist(bcrypt) = %{epoch}:%{version}-%{release}
+Provides: python%{python3_version_nodots}-bcrypt = %{epoch}:%{version}-%{release}
+Provides: python%{python3_version_nodots}dist(bcrypt) = %{epoch}:%{version}-%{release}
+
+%description -n python%{python3_version_nodots}-bcrypt
+Good password hashing for your software and your servers.
+
+%files -n python%{python3_version_nodots}-bcrypt
+%license LICENSE
+%{python3_sitearch}/*
+%endif
+
+%if !(0%{?suse_version} > 1500)
+%package -n python3-bcrypt
+Summary: Modern(-ish) password hashing for your software and your servers
+Requires: python3
+Provides: python3-bcrypt = %{epoch}:%{version}-%{release}
+Provides: python3dist(bcrypt) = %{epoch}:%{version}-%{release}
+Provides: python%{python3_version}-bcrypt = %{epoch}:%{version}-%{release}
+Provides: python%{python3_version}dist(bcrypt) = %{epoch}:%{version}-%{release}
+Provides: python%{python3_version_nodots}-bcrypt = %{epoch}:%{version}-%{release}
+Provides: python%{python3_version_nodots}dist(bcrypt) = %{epoch}:%{version}-%{release}
+
+%description -n python3-bcrypt
+Good password hashing for your software and your servers.
+
+%files -n python3-bcrypt
+%license LICENSE
+%{python3_sitearch}/*
+%endif
+
+%changelog

setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

setup.py

@@ -37,7 +37,7 @@
             RustExtension(
                 "bcrypt._bcrypt",
                 "src/_bcrypt/Cargo.toml",
-                py_limited_api=True,
+                py_limited_api="auto",
                 rust_version=(
                     ">=1.64.0"
                     if os.environ.get("BCRYPT_ALLOW_RUST_163", "0") != "0"

src/_bcrypt/Cargo.lock

@@ -6,7 +6,7 @@ edition = "2018"
 publish = false
 
 [dependencies]
-pyo3 = { version = "0.20.0", features = ["abi3-py37"] }
+pyo3 = { version = "0.16.6", features = ["abi3"] }
 bcrypt = "0.15"
 bcrypt-pbkdf = "0.10.0"
 base64 = "0.21.5"

src/_bcrypt/Cargo.toml

@@ -151,18 +151,6 @@ fn kdf<'p>(
         ));
     }
 
-    if rounds < 50 && !ignore_few_rounds {
-        // They probably think bcrypt.kdf()'s rounds parameter is logarithmic,
-        // expecting this value to be slow enough (it probably would be if this
-        // were bcrypt). Emit a warning.
-        pyo3::PyErr::warn(
-            py,
-            pyo3::exceptions::PyUserWarning::type_object(py),
-            &format!("Warning: bcrypt.kdf() called with only {rounds} round(s). This few is not secure: the parameter is linear, like PBKDF2."),
-            3
-        )?;
-    }
-
     pyo3::types::PyBytes::new_with(py, desired_key_bytes, |output| {
         py.allow_threads(|| {
             bcrypt_pbkdf::bcrypt_pbkdf(password, salt, rounds, output).unwrap();

src/_bcrypt/src/lib.rs

@@ -462,11 +462,6 @@ def test_kdf_no_warn_rounds():
     bcrypt.kdf(b"password", b"salt", 10, 10, True)
 
 
-def test_kdf_warn_rounds():
-    with pytest.warns(UserWarning):
-        bcrypt.kdf(b"password", b"salt", 10, 10)
-
-
 @pytest.mark.parametrize(
     ("password", "salt", "desired_key_bytes", "rounds", "error"),
     [