mirror of
https://github.com/gentoo-mirror/gentoo.git
synced 2026-04-30 04:47:28 -07:00
38ba232d78
Configuration optimised for making anitya (https://release-monitoring.org) work out of the box: This includes disabling verification by default, as its currently impossible to get x509 verification working on Python 3.5 People who want signature verification enabled are encouraged to install for python 2.7, and RDEPEND is configured to automatically pull in m2crypto if you opt to build for python 2.7 However, getting it working will still require m2ext being added to tree somewhere, which is dubious given m2ext hasn't been touched since 2012 Package-Manager: portage-2.3.2
30 lines
820 B
Diff
30 lines
820 B
Diff
From 8f61441ba94f7f0bd2b2a1c900e20db038b7085f Mon Sep 17 00:00:00 2001
|
|
From: Kent Fredric <kentfredric@gmail.com>
|
|
Date: Sun, 13 Nov 2016 09:23:58 +1300
|
|
Subject: [PATCH 2/2] Disable signature validation
|
|
|
|
Signature validation currently requires M2Crypto and M2Ext,
|
|
which are *only* available on Python2
|
|
|
|
Python3 Implementations of Signature Validation appear currently broken
|
|
---
|
|
fedmsg.d/ssl.py | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/fedmsg.d/ssl.py b/fedmsg.d/ssl.py
|
|
index c148667..f635ffb 100644
|
|
--- a/fedmsg.d/ssl.py
|
|
+++ b/fedmsg.d/ssl.py
|
|
@@ -25,7 +25,7 @@ here = os.getcwd()
|
|
|
|
config = dict(
|
|
sign_messages=False,
|
|
- validate_signatures=True,
|
|
+ validate_signatures=False,
|
|
|
|
# Use these implementations to sign and validate messages
|
|
crypto_backend='x509',
|
|
--
|
|
2.10.2
|
|
|