Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 528738 - dev-python/twisted-core-14.0.0 should depend on dev-python/service_identity
Summary: dev-python/twisted-core-14.0.0 should depend on dev-python/service_identity
Status: RESOLVED TEST-REQUEST
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Development (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Python Gentoo Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-11-09 14:50 UTC by poncho
Modified: 2014-11-13 17:06 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description poncho 2014-11-09 14:50:19 UTC 
I maintain an ebuild for the torbrowser-launcher application in the torbrowser-overlay ( https://github.com/MeisterP/torbrowser-overlay/tree/master/www-client/torbrowser-launcher )

With dev-python/twisted-core-14.0.0 and dev-python/service_identity missing, users get the following error:

$ torbrowser-launcher
/usr/lib64/python2.7/site-packages/twisted/internet/_sslverify.py:184: UserWarning: You do not have the service_identity module installed. Please install it from https://pypi.python.org/pypi/service_identity. Without the service_identity module and a recent enough pyOpenSSL tosupport it, Twisted can perform only rudimentary TLS client hostnameverification. Many valid certificate/hostname mappings may be rejected.
verifyHostname, VerificationError = _selectVerifyImplementation()


Please depend on dev-python/service_identity in dev-python/twisted-core-14.0.0 probably depending on the crypt useflag.

from https://mail.python.org/pipermail/python-list/2014-May/671942.html

Twisted 14.0.0 Release Announcement
[...]
- A wealth of SSL/TLS improvements, including ECDHE support, TLS Service Identity (with service_identity on PyPI), a stronger default set of ciphers, and strengthening against attacks such as CRIME. A Twisted Web server with pyOpenSSL 0.14 is capable of getting an A in Qualys SSL Labs tests out of the box, and A+ with small application modifications. Twisted Agent can also now do HTTPS hostname verification.
[..]

Reproducible: Always
Comment 1 Ian Delaney (RETIRED) gentoo-dev 2014-11-10 05:53:22 UTC 
This is no minor addition. The package service_identity I presume was not made apparent as a dep in the bump to 14.0.0.  It has only 3 keywords present. The version 14.0.1 has been released so all twisted ebuilds require bumping and this addition is best added in the bump, plus all consequent re-keywording
Comment 2 Ian Delaney (RETIRED) gentoo-dev 2014-11-11 07:06:45 UTC 
*twisted-core-14.0.1 (11 Nov 2014)

  11 Nov 2014; Ian Delaney <idella4@gentoo.org> +twisted-core-14.0.1.ebuild:
  bump; minor bump with no major changes, remove keywords alpha hppa ia64 mips
  ppc ppc64 s390 sh sparc to accommadate new dep service_identity, fixes bug
  #528738, minor edits to test phase

just in case
Comment 3 Karl-Johan Karlsson 2014-11-13 17:06:57 UTC 
I'm the one who reported the original bug to the overlay, and I can confirm that this change solves the problem.