diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..19b532f --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/oauthlib-3.1.1.tar.gz diff --git a/.python-oauthlib.metadata b/.python-oauthlib.metadata new file mode 100644 index 0000000..6b778de --- /dev/null +++ b/.python-oauthlib.metadata @@ -0,0 +1 @@ +e0be72ebcdc058174c2d8f2967818c2028f9e984 SOURCES/oauthlib-3.1.1.tar.gz diff --git a/SOURCES/0001-Rip-out-RSA-SHA1.patch b/SOURCES/0001-Rip-out-RSA-SHA1.patch new file mode 100644 index 0000000..92a3096 --- /dev/null +++ b/SOURCES/0001-Rip-out-RSA-SHA1.patch @@ -0,0 +1,282 @@ +From 6284bb10c4b67a9254cc6452efc99a4174607a36 Mon Sep 17 00:00:00 2001 +From: Jakub Hrozek +Date: Wed, 23 Jun 2021 22:37:42 +0200 +Subject: [PATCH] Rip out RSA-SHA1 + +--- + oauthlib/oauth1/__init__.py | 2 -- + oauthlib/oauth1/rfc5849/__init__.py | 2 ++ + oauthlib/oauth1/rfc5849/endpoints/base.py | 11 +++--- + oauthlib/oauth1/rfc5849/signature.py | 37 +++------------------ + tests/oauth1/rfc5849/endpoints/test_base.py | 9 ----- + tests/oauth1/rfc5849/test_client.py | 17 ++++------ + tests/oauth1/rfc5849/test_signatures.py | 33 +++++++++--------- + 7 files changed, 36 insertions(+), 75 deletions(-) + +diff --git a/oauthlib/oauth1/__init__.py b/oauthlib/oauth1/__init__.py +index 07ef422..5573ed6 100644 +--- a/oauthlib/oauth1/__init__.py ++++ b/oauthlib/oauth1/__init__.py +@@ -10,8 +10,6 @@ from .rfc5849 import (SIGNATURE_HMAC, + SIGNATURE_HMAC_SHA1, + SIGNATURE_HMAC_SHA256, + SIGNATURE_HMAC_SHA512, +- SIGNATURE_RSA, +- SIGNATURE_RSA_SHA1, + SIGNATURE_RSA_SHA256, + SIGNATURE_RSA_SHA512, + SIGNATURE_PLAINTEXT) +diff --git a/oauthlib/oauth1/rfc5849/__init__.py b/oauthlib/oauth1/rfc5849/__init__.py +index c559251..1a56728 100644 +--- a/oauthlib/oauth1/rfc5849/__init__.py ++++ b/oauthlib/oauth1/rfc5849/__init__.py +@@ -78,6 +78,8 @@ class Client: + SIGNATURE_HMAC_SHA1: signature.sign_hmac_sha1_with_client, + SIGNATURE_HMAC_SHA256: signature.sign_hmac_sha256_with_client, + SIGNATURE_HMAC_SHA512: signature.sign_hmac_sha512_with_client, ++ # sign_rsa_sha1_with_client actually points out to a dummy method ++ # that just throws an exception + SIGNATURE_RSA_SHA1: signature.sign_rsa_sha1_with_client, + SIGNATURE_RSA_SHA256: signature.sign_rsa_sha256_with_client, + SIGNATURE_RSA_SHA512: signature.sign_rsa_sha512_with_client, +diff --git a/oauthlib/oauth1/rfc5849/endpoints/base.py b/oauthlib/oauth1/rfc5849/endpoints/base.py +index 3a8c267..f1694d4 100644 +--- a/oauthlib/oauth1/rfc5849/endpoints/base.py ++++ b/oauthlib/oauth1/rfc5849/endpoints/base.py +@@ -180,9 +180,12 @@ class BaseEndpoint: + description='Invalid nonce format.') + + def _check_signature(self, request, is_token_request=False): ++ # ---- RSA-SHA1 is not allowed ------ ++ if request.signature_method == SIGNATURE_RSA_SHA1: ++ raise ValueError("Using RSA-SHA1 is deprecated, use HMAC-SHA1 or a stronger RSA-SHA***") ++ + # ---- RSA Signature verification ---- +- if request.signature_method == SIGNATURE_RSA_SHA1 or \ +- request.signature_method == SIGNATURE_RSA_SHA256 or \ ++ if request.signature_method == SIGNATURE_RSA_SHA256 or \ + request.signature_method == SIGNATURE_RSA_SHA512: + # RSA-based signature method + +@@ -192,9 +195,7 @@ class BaseEndpoint: + rsa_key = self.request_validator.get_rsa_key( + request.client_key, request) + +- if request.signature_method == SIGNATURE_RSA_SHA1: +- valid_signature = signature.verify_rsa_sha1(request, rsa_key) +- elif request.signature_method == SIGNATURE_RSA_SHA256: ++ if request.signature_method == SIGNATURE_RSA_SHA256: + valid_signature = signature.verify_rsa_sha256(request, rsa_key) + elif request.signature_method == SIGNATURE_RSA_SHA512: + valid_signature = signature.verify_rsa_sha512(request, rsa_key) +diff --git a/oauthlib/oauth1/rfc5849/signature.py b/oauthlib/oauth1/rfc5849/signature.py +index a370ccd..d8f2761 100644 +--- a/oauthlib/oauth1/rfc5849/signature.py ++++ b/oauthlib/oauth1/rfc5849/signature.py +@@ -561,7 +561,6 @@ def _get_jwt_rsa_algorithm(hash_algorithm_name: str): + # PyJWT has some nice pycrypto/cryptography abstractions + import jwt.algorithms as jwt_algorithms + m = { +- 'SHA-1': jwt_algorithms.hashes.SHA1, + 'SHA-256': jwt_algorithms.hashes.SHA256, + 'SHA-512': jwt_algorithms.hashes.SHA512, + } +@@ -727,44 +726,16 @@ def _verify_rsa(hash_algorithm_name: str, + return False + + +-# ==== RSA-SHA1 ================================================== ++# ==== RSA-SHA1 DEPRECATED ================================================ + + def sign_rsa_sha1_with_client(sig_base_str, client): +- # For some reason, this function originally accepts both str and bytes. +- # This behaviour is preserved here. But won't be done for the newer +- # sign_rsa_sha256_with_client and sign_rsa_sha512_with_client functions, +- # which will only accept strings. The function to calculate a +- # "signature base string" always produces a string, so it is not clear +- # why support for bytes would ever be needed. +- sig_base_str = sig_base_str.decode('ascii')\ +- if isinstance(sig_base_str, bytes) else sig_base_str +- +- return _sign_rsa('SHA-1', sig_base_str, client.rsa_key) +- ++ raise ValueError("RSA-SHA1 is deprecated, use a stronger hash or HMAC-SHA1") + + def verify_rsa_sha1(request, rsa_public_key: str): +- return _verify_rsa('SHA-1', request, rsa_public_key) +- ++ raise ValueError("RSA-SHA1 is deprecated, use a stronger hash or HMAC-SHA1") + + def sign_rsa_sha1(base_string, rsa_private_key): +- """ +- Deprecated function for calculating a RSA-SHA1 signature. +- +- This function has been replaced by invoking ``sign_rsa`` with "SHA-1" +- as the hash algorithm name. +- +- This function was invoked by sign_rsa_sha1_with_client and +- test_signatures.py, but does any application invoke it directly? If not, +- it can be removed. +- """ +- warnings.warn('use _sign_rsa("SHA-1", ...) instead of sign_rsa_sha1', +- DeprecationWarning) +- +- if isinstance(base_string, bytes): +- base_string = base_string.decode('ascii') +- +- return _sign_rsa('SHA-1', base_string, rsa_private_key) +- ++ raise ValueError("RSA-SHA1 is deprecated, use a stronger hash or HMAC-SHA1") + + # ==== RSA-SHA256 ================================================ + +diff --git a/tests/oauth1/rfc5849/endpoints/test_base.py b/tests/oauth1/rfc5849/endpoints/test_base.py +index e87f359..2d0d213 100644 +--- a/tests/oauth1/rfc5849/endpoints/test_base.py ++++ b/tests/oauth1/rfc5849/endpoints/test_base.py +@@ -390,15 +390,6 @@ class SignatureVerificationTest(TestCase): + r = self.e._create_request(self.uri, 'GET', sig, URLENCODED) + self.assertTrue(self.e._check_signature(r)) + +- def test_rsa_signature(self): +- rsa_sig = ("fxFvCx33oKlR9wDquJ%2FPsndFzJphyBa3RFPPIKi3flqK%2BJ7yIrMVbH" +- "YTM%2FLHPc7NChWz4F4%2FzRA%2BDN1k08xgYGSBoWJUOW6VvOQ6fbYhMA" +- "FkOGYbuGDbje487XMzsAcv6ZjqZHCROSCk5vofgLk2SN7RZ3OrgrFzf4in" +- "xetClqA%3D") +- sig = self.sig % (rsa_sig, "RSA-SHA1") +- r = self.e._create_request(self.uri, 'GET', sig, URLENCODED) +- self.assertTrue(self.e._check_signature(r)) +- + def test_plaintext_signature(self): + plain_sig = "super%252520secret%26even%252520more%252520secret" + sig = self.sig % (plain_sig, "PLAINTEXT") +diff --git a/tests/oauth1/rfc5849/test_client.py b/tests/oauth1/rfc5849/test_client.py +index f7c997f..d167652 100644 +--- a/tests/oauth1/rfc5849/test_client.py ++++ b/tests/oauth1/rfc5849/test_client.py +@@ -2,7 +2,7 @@ + from oauthlib.common import Request + from oauthlib.oauth1 import ( + SIGNATURE_HMAC_SHA1, SIGNATURE_HMAC_SHA256, SIGNATURE_PLAINTEXT, +- SIGNATURE_RSA, SIGNATURE_TYPE_BODY, SIGNATURE_TYPE_QUERY, ++ SIGNATURE_RSA_SHA256, SIGNATURE_TYPE_BODY, SIGNATURE_TYPE_QUERY, + ) + from oauthlib.oauth1.rfc5849 import Client + +@@ -75,9 +75,9 @@ class ClientConstructorTests(TestCase): + client.SIGNATURE_METHODS[client.signature_method]) + + def test_rsa(self): +- client = Client('client_key', signature_method=SIGNATURE_RSA) ++ client = Client('client_key', signature_method=SIGNATURE_RSA_SHA256) + # instance is using the correct signer method +- self.assertEqual(Client.SIGNATURE_METHODS[SIGNATURE_RSA], ++ self.assertEqual(Client.SIGNATURE_METHODS[SIGNATURE_RSA_SHA256], + client.SIGNATURE_METHODS[client.signature_method]) + # don't need an RSA key to instantiate + self.assertIsNone(client.rsa_key) +@@ -124,16 +124,13 @@ class SignatureMethodTest(TestCase): + "LVduVgh4v5yLT\nGa6FHdjGPcfajt+nrpB1n8UQBEH9ZxniokR/IPv" + "dMlxqXA==\n-----END RSA PRIVATE KEY-----" + ) +- client = Client('client_key', signature_method=SIGNATURE_RSA, ++ client = Client('client_key', signature_method=SIGNATURE_RSA_SHA256, + rsa_key=private_key, timestamp='1234567890', nonce='abc') + u, h, b = client.sign('http://example.com') + correct = ('OAuth oauth_nonce="abc", oauth_timestamp="1234567890", ' +- 'oauth_version="1.0", oauth_signature_method="RSA-SHA1", ' ++ 'oauth_version="1.0", oauth_signature_method="RSA-SHA256", ' + 'oauth_consumer_key="client_key", ' +- 'oauth_signature="ktvzkUhtrIawBcq21DRJrAyysTc3E1Zq5GdGu8EzH' +- 'OtbeaCmOBDLGHAcqlm92mj7xp5E1Z6i2vbExPimYAJL7FzkLnkRE5YEJR4' +- 'rNtIgAf1OZbYsIUmmBO%2BCLuStuu5Lg3tAluwC7XkkgoXCBaRKT1mUXzP' +- 'HJILzZ8iFOvS6w5E%3D"') ++ 'oauth_signature="hJE2IGqCn3bw7ecu6psnsImrvERhTd667aIENzWbzdRGxEWwvAwJvWWCffD8P0Ox9IEu3gKD%2FzYdr36tBhW%2FMvdFsOAr4F41ojznv1urY6%2FD9FRs1py9dYuj1vdFYFUzziMBDv2w2emidDk8PqfHT1we5%2FIcH%2FKNCjMbkQgxsqE%3D"') + self.assertEqual(h['Authorization'], correct) + + def test_plaintext_method(self): +@@ -155,7 +152,7 @@ class SignatureMethodTest(TestCase): + self.assertRaises(ValueError, client.sign, 'http://example.com') + + def test_rsa_no_key(self): +- client = Client('client_key', signature_method=SIGNATURE_RSA) ++ client = Client('client_key', signature_method=SIGNATURE_RSA_SHA256) + self.assertRaises(ValueError, client.sign, 'http://example.com') + + def test_register_method(self): +diff --git a/tests/oauth1/rfc5849/test_signatures.py b/tests/oauth1/rfc5849/test_signatures.py +index 3e84f24..c505a38 100644 +--- a/tests/oauth1/rfc5849/test_signatures.py ++++ b/tests/oauth1/rfc5849/test_signatures.py +@@ -640,18 +640,20 @@ GLYT3Jw1Lfb1bbuck9Y0JsRJO7uydWUbxXyZ+8YaDfE2NMw7sh2vAgMBAAE= + + def test_sign_rsa_sha1_with_client(self): + """ +- Test sign and verify with RSA-SHA1. ++ Test that sign and verify with RSA-SHA1 throws an exception + """ +- self.assertEqual( +- self.expected_signature_rsa_sha1, +- sign_rsa_sha1_with_client(self.eg_signature_base_string, +- self.rsa_private_client)) +- self.assertTrue(verify_rsa_sha1( +- MockRequest('POST', +- 'http://example.com/request', +- self.eg_params, +- self.expected_signature_rsa_sha1), +- self.rsa_public_client.rsa_key)) ++ self.assertRaises(ValueError, ++ sign_rsa_sha1_with_client, ++ self.eg_signature_base_string, ++ self.rsa_private_client) ++ ++ self.assertRaises(ValueError, ++ verify_rsa_sha1, ++ MockRequest('POST', ++ 'http://example.com/request', ++ self.eg_params, ++ self.expected_signature_rsa_sha1), ++ self.rsa_public_client.rsa_key) + + def test_sign_rsa_sha256_with_client(self): + """ +@@ -707,7 +709,6 @@ MmgDHR2tt8KeYTSgfU+BAkBcaVF91EQ7VXhvyABNYjeYP7lU7orOgdWMa/zbLXSU + ''') + + for functions in [ +- (sign_rsa_sha1_with_client, verify_rsa_sha1), + (sign_rsa_sha256_with_client, verify_rsa_sha256), + (sign_rsa_sha512_with_client, verify_rsa_sha512), + ]: +@@ -757,12 +758,12 @@ MmgDHR2tt8KeYTSgfU+BAkBcaVF91EQ7VXhvyABNYjeYP7lU7orOgdWMa/zbLXSU + + for bad_value in [None, '', 'foobar']: + self.assertRaises(ValueError, +- sign_rsa_sha1_with_client, ++ sign_rsa_sha256_with_client, + self.eg_signature_base_string, + MockClient(rsa_key=bad_value)) + + self.assertRaises(AttributeError, +- sign_rsa_sha1_with_client, ++ sign_rsa_sha256_with_client, + self.eg_signature_base_string, + self.rsa_public_client) # public key doesn't sign + +@@ -770,11 +771,11 @@ MmgDHR2tt8KeYTSgfU+BAkBcaVF91EQ7VXhvyABNYjeYP7lU7orOgdWMa/zbLXSU + + for bad_value in [None, '', 'foobar', self.rsa_private_client.rsa_key]: + self.assertRaises(TypeError, +- verify_rsa_sha1, ++ verify_rsa_sha256, + MockRequest('POST', + 'http://example.com/request', + self.eg_params, +- self.expected_signature_rsa_sha1), ++ self.expected_signature_rsa_sha256), + MockClient(rsa_key=bad_value)) + + # For completeness, this text could repeat the above for RSA-SHA256 and +-- +2.26.3 + diff --git a/SPECS/python-oauthlib.spec b/SPECS/python-oauthlib.spec new file mode 100644 index 0000000..81cace1 --- /dev/null +++ b/SPECS/python-oauthlib.spec @@ -0,0 +1,211 @@ +%global modname oauthlib + +Name: python-oauthlib +Version: 3.1.1 +Release: 2%{?dist} +Summary: An implementation of the OAuth request-signing logic + +License: BSD +URL: https://github.com/oauthlib/oauthlib + +Source0: https://github.com/oauthlib/oauthlib/archive/v%{version}/%{modname}-%{version}.tar.gz +Patch0001: 0001-Rip-out-RSA-SHA1.patch + +BuildArch: noarch + +%description +OAuthLib is a generic utility which implements the logic of OAuth without +assuming a specific HTTP request object or web framework. Use it to graft +OAuth client support onto your favorite HTTP library, or provider support +onto your favourite web framework. If you're a maintainer of such a +library, write a thin veneer on top of OAuthLib and get OAuth support for +very little effort. + +%package -n python3-oauthlib +Summary: An implementation of the OAuth request-signing logic +%{?python_provide:%python_provide python3-oauthlib} + +Obsoletes: python3-oauthlib+signedtoken < 3.1.0-2 + +BuildRequires: python3-devel +BuildRequires: python3-setuptools + +BuildRequires: python3-pytest +BuildRequires: python3-blinker +BuildRequires: python3-cryptography >= 1.4.0 + +%description -n python3-oauthlib +OAuthLib is a generic utility which implements the logic of OAuth without +assuming a specific HTTP request object or web framework. Use it to graft +OAuth client support onto your favorite HTTP library, or provider support +onto your favourite web framework. If you're a maintainer of such a +library, write a thin veneer on top of OAuthLib and get OAuth support for +very little effort. + +%prep +%setup -q -n %{modname}-%{version} +%patch0001 -p1 + +# python-unittest2 is now provided by "python" package and python-unittest is retired +# adapt setup.py to reflect this fact downstream +sed -i "s/'unittest2', //" setup.py + +# Remove bundled egg-info in case it exists +rm -rf %{modname}.egg-info + +%build +%py3_build + +%install +%py3_install + +%check +echo 'import pytest; __getattr__ = lambda _: pytest.skip("this test needs jwt")' > jwt.py +%pytest -rs --ignore tests/oauth2/rfc6749/clients/test_service_application.py +rm jwt.py + +%files -n python3-oauthlib +%doc README.rst +%license LICENSE +%{python3_sitelib}/%{modname}/ +%{python3_sitelib}/%{modname}-%{version}-* + +%changelog +* Tue Aug 10 2021 Mohan Boddu - 3.1.1-2 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Mon Jun 28 2021 Jakub Hrozek - 3.1.1-1 +- Resolves: rhbz#1935433 - python-oauthlib implements and/or uses the + deprecated SHA1 algorithm by default + +* Mon May 31 2021 Miro Hrončok - 3.1.0-2 +- Remove the python3-oauthlib+signedtoken package +- When building, skip tests that require jwt +- Resolves: rhbz#1966407 - Drop python-jwt dependency from python-oauthlib + +* Tue May 25 2021 Jakub Hrozek - 3.1.0-1 +- Resolves: rhbz#1922352 - python-oauthlib requires python-mock +- Update to upstream 3.1.0 +- Gets rid of obsolete python-nose dependency +- Nuke the python2/python3 conditionals, let's only support python3 + +* Fri Apr 16 2021 Mohan Boddu - 3.0.2-10 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Wed Jan 27 2021 Fedora Release Engineering - 3.0.2-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 3.0.2-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Fri Jul 10 2020 Miro Hrončok - 3.0.2-7 +- Add oauthlib[signedtoken] subpackage + +* Sat May 23 2020 Miro Hrončok - 3.0.2-6 +- Rebuilt for Python 3.9 + +* Thu Jan 30 2020 Fedora Release Engineering - 3.0.2-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Oct 03 2019 Miro Hrončok - 3.0.2-4 +- Rebuilt for Python 3.8.0rc1 (#1748018) + +* Fri Aug 16 2019 Miro Hrončok - 3.0.2-3 +- Rebuilt for Python 3.8 + +* Fri Jul 26 2019 Fedora Release Engineering - 3.0.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jul 15 2019 - 3.0.2-1 +- Update to upstream 3.0.2 +- Resolves: rhbz#1730033 + +* Sat Feb 02 2019 Fedora Release Engineering - 2.1.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Aug 3 2018 - 2.1.0-1 +- upgrade to latest upstream 2.1.0 + +* Sat Jul 14 2018 Fedora Release Engineering - 2.0.1-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Jul 10 2018 - 2.0.1-10 +- Restore use of bcond for python conditionals + +* Tue Jul 10 2018 - 2.0.1-9 +- Unify spec file between Fedora and RHEL + +* Fri Jun 15 2018 Miro Hrončok - 2.0.1-8 +- Rebuilt for Python 3.7 + +* Mon Feb 12 2018 Iryna Shcherbina - 2.0.1-7 +- Update Python 2 dependency declarations to new packaging standards + (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) + +* Fri Feb 09 2018 Fedora Release Engineering - 2.0.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Sep 29 2017 Troy Dawson - 0.7.19-5 +- Cleanup spec file conditionals + +* Thu Jul 27 2017 Fedora Release Engineering - 2.0.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Apr 17 2017 John Dennis - 2.0.1-3 +- fix dependency on python2-jwt, should be python-jwt + +* Thu Apr 13 2017 Dennis Gilmore - 2.0.1-2 +- add spaces around the >= for Requires + +* Thu Mar 16 2017 John Dennis - 2.0.1-1 +- Upgrade to upstream 2.0.1 +- port from jwt to jwcrypto (conditional build) +- bring into alignment with rhel spec file + +* Sat Feb 11 2017 Fedora Release Engineering - 1.0.3-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Dec 13 2016 Stratakis Charalampos - 1.0.3-4 +- Rebuild for Python 3.6 + +* Tue Jul 19 2016 Fedora Release Engineering - 1.0.3-3 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Tue Jun 28 2016 Ralph Bean - 1.0.3-2 +- Modernize python macros. + +* Sun Apr 10 2016 Kevin Fenzi - 1.0.3-1 +- Update to 1.0.3 +- Add python2 provides (fixes bug #1313235 and #1314349) + +* Thu Feb 04 2016 Fedora Release Engineering - 0.7.2-5.20150520git514cad7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Nov 10 2015 Fedora Release Engineering - 0.7.2-4.20150520git514cad7 +- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 + +* Thu Jun 18 2015 Fedora Release Engineering - 0.7.2-3.20150520git514cad7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Wed Feb 18 2015 Ralph Bean - 0.7.2-2.20150520git514cad7 +- new version, from a git checkout +- Replace our patch with a sed statement. + +* Sat Jun 07 2014 Fedora Release Engineering - 0.6.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 14 2014 Bohuslav Kabrda - 0.6.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 + +* Fri Apr 11 2014 Ralph Bean - 0.6.0-4 +- Use forward-compat python-crypto2.6 package for el6. + +* Tue Jan 21 2014 Ralph Bean - 0.6.0-3 +- Compat macros for el6. + +* Fri Nov 01 2013 Ralph Bean - 0.6.0-2 +- Modernized python2 rpmmacros. + +* Thu Oct 31 2013 Ralph Bean - 0.6.0-1 +- Initial package for Fedora