[Buildroot] [PATCH 1/4] python-pycryptodomex: new package

[Buildroot] [PATCH 1/4] python-pycryptodomex: new package

[Asaf Kahlon]

Cryptographic library for Python

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
---
 DEVELOPERS                                         |  1 +
 package/Config.in                                  |  1 +
 package/python-pycryptodomex/Config.in             |  6 ++++++
 .../python-pycryptodomex/python-pycryptodomex.hash |  5 +++++
 .../python-pycryptodomex/python-pycryptodomex.mk   | 14 ++++++++++++++
 5 files changed, 27 insertions(+)
 create mode 100644 package/python-pycryptodomex/Config.in
 create mode 100644 package/python-pycryptodomex/python-pycryptodomex.hash
 create mode 100644 package/python-pycryptodomex/python-pycryptodomex.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index 84129553c5..4c49cc3908 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -205,6 +205,7 @@ F:	package/python-fire/
 F:	package/python-jsonmodels/
 F:	package/python-paramiko/
 F:	package/python-pyasn1/
+F:	package/python-pycryptodomex/
 F:	package/python-pyroute2/
 F:	package/python-pytz/
 F:	package/python-reentry/
diff --git a/package/Config.in b/package/Config.in
index c04645a30b..826182cdb3 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -922,6 +922,7 @@ menu "External python modules"
 	source "package/python-pycli/Config.in"
 	source "package/python-pycparser/Config.in"
 	source "package/python-pycrypto/Config.in"
+	source "package/python-pycryptodomex/Config.in"
 	source "package/python-pydal/Config.in"
 	source "package/python-pyelftools/Config.in"
 	source "package/python-pyftpdlib/Config.in"
diff --git a/package/python-pycryptodomex/Config.in b/package/python-pycryptodomex/Config.in
new file mode 100644
index 0000000000..c7127fee59
--- /dev/null
+++ b/package/python-pycryptodomex/Config.in
@@ -0,0 +1,6 @@
+config BR2_PACKAGE_PYTHON_PYCRYPTODOMEX
+	bool "python-pycryptodomex"
+	help
+	  Cryptographic library for Python.
+
+	  http://www.pycryptodome.org
diff --git a/package/python-pycryptodomex/python-pycryptodomex.hash b/package/python-pycryptodomex/python-pycryptodomex.hash
new file mode 100644
index 0000000000..3dec1a1442
--- /dev/null
+++ b/package/python-pycryptodomex/python-pycryptodomex.hash
@@ -0,0 +1,5 @@
+# md5, sha256 from https://pypi.org/pypi/pycryptodomex/json
+md5	7e1884f55077ed2e48d36565525b1657  pycryptodomex-3.6.6.tar.gz
+sha256	d0d448484e161786922b41e112b5d7cf76ef5f0c725ea5107ef866bb14a38b12  pycryptodomex-3.6.6.tar.gz
+# Locally computed sha256 checksums
+sha256	fc884f6492490d0f227613ee900ff2a27e6879b79ee637c53a4697238bf12970  LICENSE.rst
diff --git a/package/python-pycryptodomex/python-pycryptodomex.mk b/package/python-pycryptodomex/python-pycryptodomex.mk
new file mode 100644
index 0000000000..aa1293df6b
--- /dev/null
+++ b/package/python-pycryptodomex/python-pycryptodomex.mk
@@ -0,0 +1,14 @@
+################################################################################
+#
+# python-pycryptodomex
+#
+################################################################################
+
+PYTHON_PYCRYPTODOMEX_VERSION = 3.6.6
+PYTHON_PYCRYPTODOMEX_SOURCE = pycryptodomex-$(PYTHON_PYCRYPTODOMEX_VERSION).tar.gz
+PYTHON_PYCRYPTODOMEX_SITE = https://files.pythonhosted.org/packages/95/10/f3bd758050da1c08ea30c8b4daf9ff895f306b780f07430fcc9b38722e1b
+PYTHON_PYCRYPTODOMEX_SETUP_TYPE = setuptools
+PYTHON_PYCRYPTODOMEX_LICENSE = Apache-2.0
+PYTHON_PYCRYPTODOMEX_LICENSE_FILES = LICENSE.rst
+
+$(eval $(python-package))
-- 
2.17.1

[Buildroot] [PATCH 2/4] python-ply: new package

[Asaf Kahlon]

No license file was found in the repo and README.md seems
to be the closest (license type was mentioned in setup.py).

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
---
 DEVELOPERS                         |  1 +
 package/Config.in                  |  1 +
 package/python-ply/Config.in       |  6 ++++++
 package/python-ply/python-ply.hash |  5 +++++
 package/python-ply/python-ply.mk   | 14 ++++++++++++++
 5 files changed, 27 insertions(+)
 create mode 100644 package/python-ply/Config.in
 create mode 100644 package/python-ply/python-ply.hash
 create mode 100644 package/python-ply/python-ply.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index 4c49cc3908..03ea952377 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -204,6 +204,7 @@ F:	package/python-engineio/
 F:	package/python-fire/
 F:	package/python-jsonmodels/
 F:	package/python-paramiko/
+F:	package/python-ply/
 F:	package/python-pyasn1/
 F:	package/python-pycryptodomex/
 F:	package/python-pyroute2/
diff --git a/package/Config.in b/package/Config.in
index 826182cdb3..cdfdcbe726 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -907,6 +907,7 @@ menu "External python modules"
 	source "package/python-pickleshare/Config.in"
 	source "package/python-pillow/Config.in"
 	source "package/python-pip/Config.in"
+	source "package/python-ply/Config.in"
 	source "package/python-portend/Config.in"
 	source "package/python-posix-ipc/Config.in"
 	source "package/python-priority/Config.in"
diff --git a/package/python-ply/Config.in b/package/python-ply/Config.in
new file mode 100644
index 0000000000..d6d265ad1c
--- /dev/null
+++ b/package/python-ply/Config.in
@@ -0,0 +1,6 @@
+config BR2_PACKAGE_PYTHON_PLY
+	bool "python-ply"
+	help
+	  Python Lex & Yacc.
+
+	  http://www.dabeaz.com/ply/
diff --git a/package/python-ply/python-ply.hash b/package/python-ply/python-ply.hash
new file mode 100644
index 0000000000..1eba3b0ffe
--- /dev/null
+++ b/package/python-ply/python-ply.hash
@@ -0,0 +1,5 @@
+# md5, sha256 from https://pypi.org/pypi/ply/json
+md5	6465f602e656455affcd7c5734c638f8  ply-3.11.tar.gz
+sha256	00c7c1aaa88358b9c765b6d3000c6eec0ba42abca5351b095321aef446081da3  ply-3.11.tar.gz
+# Locally computed sha256 checksums
+sha256	1095b93b81d2043c5c55e0859875b416f75edb6d5eccb4bf2ace1b5445d1c84f  README.md
diff --git a/package/python-ply/python-ply.mk b/package/python-ply/python-ply.mk
new file mode 100644
index 0000000000..bf4c9d6a4f
--- /dev/null
+++ b/package/python-ply/python-ply.mk
@@ -0,0 +1,14 @@
+################################################################################
+#
+# python-ply
+#
+################################################################################
+
+PYTHON_PLY_VERSION = 3.11
+PYTHON_PLY_SOURCE = ply-$(PYTHON_PLY_VERSION).tar.gz
+PYTHON_PLY_SITE = https://files.pythonhosted.org/packages/e5/69/882ee5c9d017149285cab114ebeab373308ef0f874fcdac9beb90e0ac4da
+PYTHON_PLY_SETUP_TYPE = setuptools
+PYTHON_PLY_LICENSE = BSD
+PYTHON_PLY_LICENSE_FILES = README.md
+
+$(eval $(python-package))
-- 
2.17.1

[Buildroot] [PATCH 3/4] python-pysmi: new package

[Asaf Kahlon]

SNMP SMI/MIB Parser.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
---
 DEVELOPERS                             |  1 +
 package/Config.in                      |  1 +
 package/python-pysmi/Config.in         |  7 +++++++
 package/python-pysmi/python-pysmi.hash |  5 +++++
 package/python-pysmi/python-pysmi.mk   | 14 ++++++++++++++
 5 files changed, 28 insertions(+)
 create mode 100644 package/python-pysmi/Config.in
 create mode 100644 package/python-pysmi/python-pysmi.hash
 create mode 100644 package/python-pysmi/python-pysmi.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index 03ea952377..451fa59ac5 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -208,6 +208,7 @@ F:	package/python-ply/
 F:	package/python-pyasn1/
 F:	package/python-pycryptodomex/
 F:	package/python-pyroute2/
+F:	package/python-pysmi/
 F:	package/python-pytz/
 F:	package/python-reentry/
 F:	package/python-subprocess32/
diff --git a/package/Config.in b/package/Config.in
index cdfdcbe726..5bb16a12c8 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -948,6 +948,7 @@ menu "External python modules"
 	source "package/python-pyroute2/Config.in"
 	source "package/python-pysendfile/Config.in"
 	source "package/python-pysmb/Config.in"
+	source "package/python-pysmi/Config.in"
 	source "package/python-pysnmp/Config.in"
 	source "package/python-pysnmp-apps/Config.in"
 	source "package/python-pysnmp-mibs/Config.in"
diff --git a/package/python-pysmi/Config.in b/package/python-pysmi/Config.in
new file mode 100644
index 0000000000..2e4453d886
--- /dev/null
+++ b/package/python-pysmi/Config.in
@@ -0,0 +1,7 @@
+config BR2_PACKAGE_PYTHON_PYSMI
+	bool "python-pysmi"
+	select BR2_PACKAGE_PYTHON_PLY # runtime
+	help
+	  SNMP SMI/MIB Parser.
+
+	  https://github.com/etingof/pysmi
diff --git a/package/python-pysmi/python-pysmi.hash b/package/python-pysmi/python-pysmi.hash
new file mode 100644
index 0000000000..f3ca8a9e6a
--- /dev/null
+++ b/package/python-pysmi/python-pysmi.hash
@@ -0,0 +1,5 @@
+# md5, sha256 from https://pypi.org/pypi/pysmi/json
+md5	3293518c06b90bb45856cb0e0deb71d1  pysmi-0.3.1.tar.gz
+sha256	b1746f559b0d3dbaa6b7993936f215617271efde022dc3eb3166fd62380d8887  pysmi-0.3.1.tar.gz
+# Locally computed sha256 checksums
+sha256	ac2f8f67cae76e36a25496fbdf3293dd14b3d6db63f1ce4242ae9dd4fb7b90fd  LICENSE.rst
diff --git a/package/python-pysmi/python-pysmi.mk b/package/python-pysmi/python-pysmi.mk
new file mode 100644
index 0000000000..3aa4f76474
--- /dev/null
+++ b/package/python-pysmi/python-pysmi.mk
@@ -0,0 +1,14 @@
+################################################################################
+#
+# python-pysmi
+#
+################################################################################
+
+PYTHON_PYSMI_VERSION = 0.3.1
+PYTHON_PYSMI_SOURCE = pysmi-$(PYTHON_PYSMI_VERSION).tar.gz
+PYTHON_PYSMI_SITE = https://files.pythonhosted.org/packages/8f/14/68331f94a5cd94e00ff064c9a790e6d7b0a0ade8c66deafa543398ca72ee
+PYTHON_PYSMI_SETUP_TYPE = setuptools
+PYTHON_PYSMI_LICENSE = BSD-2-Clause
+PYTHON_PYSMI_LICENSE_FILES = LICENSE.rst
+
+$(eval $(python-package))
-- 
2.17.1

[Buildroot] [PATCH 4/4] python-pysnmp: bump to version 4.4.6

[Asaf Kahlon]

Update dependencies.
License was renamed to LICENSE.rst (no content changed).
Add hash for license.

Fixes:
http://autobuild.buildroot.org/results/9b3/9b3bcd761aa35d9fdf4acc05258cc87e8c36fb14/

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
---
 package/python-pysnmp/Config.in          | 9 +++------
 package/python-pysnmp/python-pysnmp.hash | 8 +++++---
 package/python-pysnmp/python-pysnmp.mk   | 8 +++-----
 3 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/package/python-pysnmp/Config.in b/package/python-pysnmp/Config.in
index c7cdf3892d..a034b16852 100644
--- a/package/python-pysnmp/Config.in
+++ b/package/python-pysnmp/Config.in
@@ -1,13 +1,10 @@
 config BR2_PACKAGE_PYTHON_PYSNMP
 	bool "python-pysnmp"
-	depends on BR2_INSTALL_LIBSTDCPP # pyasn
-	select BR2_PACKAGE_PYTHON_PYASN
-	select BR2_PACKAGE_PYTHON_PYCRYPTO
+	select BR2_PACKAGE_PYTHON_PYSMI # runtime
+	select BR2_PACKAGE_PYTHON_PYCRYPTODOMEX # runtime
+	select BR2_PACKAGE_PYTHON_PYASN1 # runtime
 	help
 	  PySNMP is a cross-platform, pure-Python SNMP engine
 	  implementation.
 
 	  http://pysnmp.sf.net
-
-comment "python-pysnmp needs a toolchain w/ C++"
-	depends on !BR2_INSTALL_LIBSTDCPP
diff --git a/package/python-pysnmp/python-pysnmp.hash b/package/python-pysnmp/python-pysnmp.hash
index 7ecbf4c480..bb5fc24834 100644
--- a/package/python-pysnmp/python-pysnmp.hash
+++ b/package/python-pysnmp/python-pysnmp.hash
@@ -1,3 +1,5 @@
-# md5 from https://pypi.python.org/pypi/pysnmp/json, sha256 locally computed
-md5 cc0838cdf3f2d34539f478942f648384 pysnmp-4.3.3.tar.gz
-sha256 c837d35cbb2c1e067b7b8ed752d962481ef8d7ff11e4cdd8bfb0840c4a786318 pysnmp-4.3.3.tar.gz
+# md5, sha256 from https://pypi.org/pypi/pysnmp/json
+md5	9eaed18907d9b15828f138471b187e8f  pysnmp-4.4.6.tar.gz
+sha256	e34ffa0dce5f69adabd478ff76c3e1b08e32ebb0767df8b178d0704f4a1ac406  pysnmp-4.4.6.tar.gz
+# Locally computed sha256 checksums
+sha256	4781cdf5b05a40b8c36f2e71e248dac621762bc8e8482fa5fddab5053e2cdace  LICENSE.rst
diff --git a/package/python-pysnmp/python-pysnmp.mk b/package/python-pysnmp/python-pysnmp.mk
index 2721ba8a7b..0a916119df 100644
--- a/package/python-pysnmp/python-pysnmp.mk
+++ b/package/python-pysnmp/python-pysnmp.mk
@@ -4,14 +4,12 @@
 #
 ################################################################################
 
-PYTHON_PYSNMP_VERSION = 4.3.3
+PYTHON_PYSNMP_VERSION = 4.4.6
 PYTHON_PYSNMP_SOURCE = pysnmp-$(PYTHON_PYSNMP_VERSION).tar.gz
-PYTHON_PYSNMP_SITE = https://pypi.python.org/packages/47/b5/c65b9b6fcc36d3f4caca30d3314920f1ca75f5ceecc1f6ae2538ede24511
+PYTHON_PYSNMP_SITE = https://files.pythonhosted.org/packages/8b/66/96a49bf1d64ad1e005a8455644523b7e09663a405eb20a4599fb219e4c95
 PYTHON_PYSNMP_SETUP_TYPE = setuptools
 
 PYTHON_PYSNMP_LICENSE = BSD-3-Clause
-PYTHON_PYSNMP_LICENSE_FILES = LICENSE.txt
-
-PYTHON_PYSNMP_DEPENDENCIES = python-pyasn python-pycrypto
+PYTHON_PYSNMP_LICENSE_FILES = LICENSE.rst
 
 $(eval $(python-package))
-- 
2.17.1

[Buildroot] [PATCH 1/4] python-pycryptodomex: new package

[Thomas Petazzoni]

Hello,

On Sat, 22 Sep 2018 22:36:28 +0300, Asaf Kahlon wrote:
> Cryptographic library for Python
> 
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>

Let's add some license experts in the loop.

> +PYTHON_PYCRYPTODOMEX_LICENSE = Apache-2.0

I am not sure this is an accurate description of the license terms.
Reading https://pycryptodome.readthedocs.io/en/latest/src/license.html
(which is the same as the LICENSE.rst you use as a license file), it
says:

"""
The source code in PyCryptodome is partially in the public domain and
partially released under the BSD 2-Clause license.
"""

There is also the text of the Apache 2.0 license, but it doesn't say to
which part of the code it applies.

And there is a special constraint for the OCB cipher, that it cannot be
used for military purposes. I am not sure how Debian accepts that, but
they do accept it:
https://metadata.ftp-master.debian.org/changelogs/main/p/pycryptodome/pycryptodome_3.6.1-2_copyright.

Yann, Arnout, I'm interested by your opinion on this package.

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 2/4] python-ply: new package

[Thomas Petazzoni]

Hello,

Thanks for this patch. I've applied to master, with one change, see
below.

On Sat, 22 Sep 2018 22:36:29 +0300, Asaf Kahlon wrote:

> +PYTHON_PLY_LICENSE = BSD

"BSD" as a value for license is always wrong, because it's not specific
enough. We need to know the variant of BSD license being used.

Yegor: the scanpypi script needs to be updated to not put "BSD", but
something that includes a warning that ensures that the user of
scanpypi will know he will have to do additional research to find what
is the exact license. I think we discussed this already, but we had
some similar discussion on scancpan with Fran?ois, so I'm not sure to
remember :)

In this case, the license was BSD-3-Clause. Applied with this fixed.

Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 3/4] python-pysmi: new package

[Thomas Petazzoni]

Hello,

On Sat, 22 Sep 2018 22:36:30 +0300, Asaf Kahlon wrote:
> SNMP SMI/MIB Parser.
> 
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
> ---
>  DEVELOPERS                             |  1 +
>  package/Config.in                      |  1 +
>  package/python-pysmi/Config.in         |  7 +++++++
>  package/python-pysmi/python-pysmi.hash |  5 +++++
>  package/python-pysmi/python-pysmi.mk   | 14 ++++++++++++++
>  5 files changed, 28 insertions(+)
>  create mode 100644 package/python-pysmi/Config.in
>  create mode 100644 package/python-pysmi/python-pysmi.hash
>  create mode 100644 package/python-pysmi/python-pysmi.mk

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 4/4] python-pysnmp: bump to version 4.4.6

[Thomas Petazzoni]

Hello,

On Sat, 22 Sep 2018 22:36:31 +0300, Asaf Kahlon wrote:
> Update dependencies.
> License was renamed to LICENSE.rst (no content changed).
> Add hash for license.
> 
> Fixes:
> http://autobuild.buildroot.org/results/9b3/9b3bcd761aa35d9fdf4acc05258cc87e8c36fb14/
> 
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>

This looks good, but we need to solve the python-cryptodomex licensing
question before this patch can be applied.


> -PYTHON_PYSNMP_VERSION = 4.3.3
> +PYTHON_PYSNMP_VERSION = 4.4.6
>  PYTHON_PYSNMP_SOURCE = pysnmp-$(PYTHON_PYSNMP_VERSION).tar.gz
> -PYTHON_PYSNMP_SITE = https://pypi.python.org/packages/47/b5/c65b9b6fcc36d3f4caca30d3314920f1ca75f5ceecc1f6ae2538ede24511
> +PYTHON_PYSNMP_SITE = https://files.pythonhosted.org/packages/8b/66/96a49bf1d64ad1e005a8455644523b7e09663a405eb20a4599fb219e4c95
>  PYTHON_PYSNMP_SETUP_TYPE = setuptools
>  
>  PYTHON_PYSNMP_LICENSE = BSD-3-Clause
> -PYTHON_PYSNMP_LICENSE_FILES = LICENSE.txt
> -
> -PYTHON_PYSNMP_DEPENDENCIES = python-pyasn python-pycrypto

So these were build time dependencies, and now there are no build time
dependencies anymore ? Or was it a bug to list them as build time
dependencies ?

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 2/4] python-ply: new package

[Yegor Yefremov]

On Tue, Oct 9, 2018 at 9:27 PM Thomas Petazzoni
<thomas.petazzoni@bootlin.com> wrote:
>
> Hello,
>
> Thanks for this patch. I've applied to master, with one change, see
> below.
>
> On Sat, 22 Sep 2018 22:36:29 +0300, Asaf Kahlon wrote:
>
> > +PYTHON_PLY_LICENSE = BSD
>
> "BSD" as a value for license is always wrong, because it's not specific
> enough. We need to know the variant of BSD license being used.
>
> Yegor: the scanpypi script needs to be updated to not put "BSD", but
> something that includes a warning that ensures that the user of
> scanpypi will know he will have to do additional research to find what
> is the exact license. I think we discussed this already, but we had
> some similar discussion on scancpan with Fran?ois, so I'm not sure to
> remember :)

Yes, we have discussed the issue :-)

@Asaf have you installed spdx_lookup [1] package?

[1] https://pypi.org/project/spdx-lookup/

Yegor

> In this case, the license was BSD-3-Clause. Applied with this fixed.
>
> Thanks!
>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com

[Buildroot] [PATCH 2/4] python-ply: new package

[Asaf Kahlon]

Hello,

On Tue, Oct 9, 2018 at 10:39 PM Yegor Yefremov
<yegorslists@googlemail.com> wrote:
>
> On Tue, Oct 9, 2018 at 9:27 PM Thomas Petazzoni
> <thomas.petazzoni@bootlin.com> wrote:
> >
> > Hello,
> >
> > Thanks for this patch. I've applied to master, with one change, see
> > below.
> >
> > On Sat, 22 Sep 2018 22:36:29 +0300, Asaf Kahlon wrote:
> >
> > > +PYTHON_PLY_LICENSE = BSD
> >
> > "BSD" as a value for license is always wrong, because it's not specific
> > enough. We need to know the variant of BSD license being used.
> >
> > Yegor: the scanpypi script needs to be updated to not put "BSD", but
> > something that includes a warning that ensures that the user of
> > scanpypi will know he will have to do additional research to find what
> > is the exact license. I think we discussed this already, but we had
> > some similar discussion on scancpan with Fran?ois, so I'm not sure to
> > remember :)
>
> Yes, we have discussed the issue :-)
>
> @Asaf have you installed spdx_lookup [1] package?
I'm not 100% sure, but if I remember correctly, I have.

>
> [1] https://pypi.org/project/spdx-lookup/
>
> Yegor
>
> > In this case, the license was BSD-3-Clause. Applied with this fixed.
> >
> > Thanks!
> >
> > Thomas
> > --
> > Thomas Petazzoni, CTO, Bootlin
> > Embedded Linux and Kernel engineering
> > https://bootlin.com

[Buildroot] [PATCH 4/4] python-pysnmp: bump to version 4.4.6

[Asaf Kahlon]

Hello,

On Tue, Oct 9, 2018 at 10:37 PM Thomas Petazzoni
<thomas.petazzoni@bootlin.com> wrote:
>
> Hello,
>
> On Sat, 22 Sep 2018 22:36:31 +0300, Asaf Kahlon wrote:
> > Update dependencies.
> > License was renamed to LICENSE.rst (no content changed).
> > Add hash for license.
> >
> > Fixes:
> > http://autobuild.buildroot.org/results/9b3/9b3bcd761aa35d9fdf4acc05258cc87e8c36fb14/
> >
> > Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
>
> This looks good, but we need to solve the python-cryptodomex licensing
> question before this patch can be applied.
>
>
> > -PYTHON_PYSNMP_VERSION = 4.3.3
> > +PYTHON_PYSNMP_VERSION = 4.4.6
> >  PYTHON_PYSNMP_SOURCE = pysnmp-$(PYTHON_PYSNMP_VERSION).tar.gz
> > -PYTHON_PYSNMP_SITE = https://pypi.python.org/packages/47/b5/c65b9b6fcc36d3f4caca30d3314920f1ca75f5ceecc1f6ae2538ede24511
> > +PYTHON_PYSNMP_SITE = https://files.pythonhosted.org/packages/8b/66/96a49bf1d64ad1e005a8455644523b7e09663a405eb20a4599fb219e4c95
> >  PYTHON_PYSNMP_SETUP_TYPE = setuptools
> >
> >  PYTHON_PYSNMP_LICENSE = BSD-3-Clause
> > -PYTHON_PYSNMP_LICENSE_FILES = LICENSE.txt
> > -
> > -PYTHON_PYSNMP_DEPENDENCIES = python-pyasn python-pycrypto
>
> So these were build time dependencies, and now there are no build time
> dependencies anymore ? Or was it a bug to list them as build time
> dependencies ?
>
These packages were not needed as runtime dependencies at all.
When updating the package dependencies, I also validated that
python-pysnmp can be built without them.

> Best regards,
>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com

[Buildroot] [PATCH 4/4] python-pysnmp: bump to version 4.4.6

[Thomas Petazzoni]

Hello,

On Tue, 9 Oct 2018 22:54:06 +0300, Asaf Kahlon wrote:

> > > -PYTHON_PYSNMP_VERSION = 4.3.3
> > > +PYTHON_PYSNMP_VERSION = 4.4.6
> > >  PYTHON_PYSNMP_SOURCE = pysnmp-$(PYTHON_PYSNMP_VERSION).tar.gz
> > > -PYTHON_PYSNMP_SITE = https://pypi.python.org/packages/47/b5/c65b9b6fcc36d3f4caca30d3314920f1ca75f5ceecc1f6ae2538ede24511
> > > +PYTHON_PYSNMP_SITE = https://files.pythonhosted.org/packages/8b/66/96a49bf1d64ad1e005a8455644523b7e09663a405eb20a4599fb219e4c95
> > >  PYTHON_PYSNMP_SETUP_TYPE = setuptools
> > >
> > >  PYTHON_PYSNMP_LICENSE = BSD-3-Clause
> > > -PYTHON_PYSNMP_LICENSE_FILES = LICENSE.txt
> > > -
> > > -PYTHON_PYSNMP_DEPENDENCIES = python-pyasn python-pycrypto  
> >
> > So these were build time dependencies, and now there are no build time
> > dependencies anymore ? Or was it a bug to list them as build time
> > dependencies ?
> >  
> These packages were not needed as runtime dependencies at all.

As *runtime* dependencies, or *build time* dependencies?

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 1/4] python-pycryptodomex: new package

[Yann E. MORIN]

Thomas, Asaf, All,

On 2018-10-09 15:56 +0200, Thomas Petazzoni spake thusly:
> On Sat, 22 Sep 2018 22:36:28 +0300, Asaf Kahlon wrote:
> > Cryptographic library for Python
> > +PYTHON_PYCRYPTODOMEX_LICENSE = Apache-2.0
> 
> I am not sure this is an accurate description of the license terms.
> Reading https://pycryptodome.readthedocs.io/en/latest/src/license.html
> (which is the same as the LICENSE.rst you use as a license file), it
> says:
> 
> """
> The source code in PyCryptodome is partially in the public domain and
> partially released under the BSD 2-Clause license.
> """
> 
> There is also the text of the Apache 2.0 license, but it doesn't say to
> which part of the code it applies.

It states:   Apache 2.0 license (Wycheproof)
And by grepping the source tree, it seems that 'Wycheproof' is the
slef-test test harness, as we can only find it in lib/Crypto/SelfTest/
and in setup.py, supposedly to ignore warnign from said test harness, and
to list it as the data to package.

So, I think we can ignore the Apache-2.0 license, as it does not cover
stuff that goes on the target.

> And there is a special constraint for the OCB cipher, that it cannot be
> used for military purposes. I am not sure how Debian accepts that, but
> they do accept it:
> https://metadata.ftp-master.debian.org/changelogs/main/p/pycryptodome/pycryptodome_3.6.1-2_copyright.

In fact, there are 3 licenses under which OCB is made available;
    http://web.cs.ucdavis.edu/~rogaway/ocb/license.htm

  * License 1 ? License for Open-Source Software Implementations of OCB
    (Jan 9, 2013)

  * License 2 ? General License for Non-Military Software Implementations
    OCB (Jan 10, 2013).

  * License 3 ? Patent License for OpenSSL (Nov 13, 2013).

As far as I understand the licensing terms, OCB is available udner any
license to the choosing of the user of OCB. The pycryptodome developpers
have not choosen a license, and instead decided to propagate that choice
down to the user of pycryptodome.

> Yann, Arnout, I'm interested by your opinion on this package.

So, I would state something like:

    PYTHON_PYCRYPTODOMEX_LICENSE = \
        BSD-2c, \
        Public Domain (pycrypto original code), \
        OCB license (OCB cypher)

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

[Buildroot] [PATCH 4/4] python-pysnmp: bump to version 4.4.6

[Asaf Kahlon]

On Tue, Oct 9, 2018, 23:00 Thomas Petazzoni <thomas.petazzoni@bootlin.com>
wrote:

> Hello,
>
> On Tue, 9 Oct 2018 22:54:06 +0300, Asaf Kahlon wrote:
>
> > > > -PYTHON_PYSNMP_VERSION = 4.3.3
> > > > +PYTHON_PYSNMP_VERSION = 4.4.6
> > > >  PYTHON_PYSNMP_SOURCE = pysnmp-$(PYTHON_PYSNMP_VERSION).tar.gz
> > > > -PYTHON_PYSNMP_SITE =
> https://pypi.python.org/packages/47/b5/c65b9b6fcc36d3f4caca30d3314920f1ca75f5ceecc1f6ae2538ede24511
> > > > +PYTHON_PYSNMP_SITE =
> https://files.pythonhosted.org/packages/8b/66/96a49bf1d64ad1e005a8455644523b7e09663a405eb20a4599fb219e4c95
> > > >  PYTHON_PYSNMP_SETUP_TYPE = setuptools
> > > >
> > > >  PYTHON_PYSNMP_LICENSE = BSD-3-Clause
> > > > -PYTHON_PYSNMP_LICENSE_FILES = LICENSE.txt
> > > > -
> > > > -PYTHON_PYSNMP_DEPENDENCIES = python-pyasn python-pycrypto
> > >
> > > So these were build time dependencies, and now there are no build time
> > > dependencies anymore ? Or was it a bug to list them as build time
> > > dependencies ?
> > >
> > These packages were not needed as runtime dependencies at all.
>
> As *runtime* dependencies, or *build time* dependencies?
>

Oh sorry, they are not needed as build time dependencies, of course.

>
> Thomas
> --
> Thomas Petazzoni, CTO, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20181010/a552ad20/attachment.html>

[Buildroot] [PATCH 1/4] python-pycryptodomex: new package

[Thomas Petazzoni]

Hello,

On Sat, 22 Sep 2018 22:36:28 +0300, Asaf Kahlon wrote:
> Cryptographic library for Python
> 
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
> ---
>  DEVELOPERS                                         |  1 +
>  package/Config.in                                  |  1 +
>  package/python-pycryptodomex/Config.in             |  6 ++++++
>  .../python-pycryptodomex/python-pycryptodomex.hash |  5 +++++
>  .../python-pycryptodomex/python-pycryptodomex.mk   | 14 ++++++++++++++
>  5 files changed, 27 insertions(+)
>  create mode 100644 package/python-pycryptodomex/Config.in
>  create mode 100644 package/python-pycryptodomex/python-pycryptodomex.hash
>  create mode 100644 package/python-pycryptodomex/python-pycryptodomex.mk

Applied to master with the license information fixed, as per the
discussion with Yann.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 4/4] python-pysnmp: bump to version 4.4.6

[Thomas Petazzoni]

Hello,

On Sat, 22 Sep 2018 22:36:31 +0300, Asaf Kahlon wrote:
> Update dependencies.
> License was renamed to LICENSE.rst (no content changed).
> Add hash for license.
> 
> Fixes:
> http://autobuild.buildroot.org/results/9b3/9b3bcd761aa35d9fdf4acc05258cc87e8c36fb14/
> 
> Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
> ---
>  package/python-pysnmp/Config.in          | 9 +++------
>  package/python-pysnmp/python-pysnmp.hash | 8 +++++---
>  package/python-pysnmp/python-pysnmp.mk   | 8 +++-----
>  3 files changed, 11 insertions(+), 14 deletions(-)

Applied to master, thanks. Hopefully this is the last package that was
causing issues with Python 3.7.0. In any case, thanks a lot for all
your work in relation to the Python 3.7.0 update, it was much
appreciated.

Thanks,

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

[Buildroot] [PATCH 1/4] python-pycryptodomex: new package

[Arnout Vandecappelle]

On 9/10/18 22:19, Yann E. MORIN wrote:
> Thomas, Asaf, All,
> 
> On 2018-10-09 15:56 +0200, Thomas Petazzoni spake thusly:
>> On Sat, 22 Sep 2018 22:36:28 +0300, Asaf Kahlon wrote:
>>> Cryptographic library for Python
>>> +PYTHON_PYCRYPTODOMEX_LICENSE = Apache-2.0
>>
>> I am not sure this is an accurate description of the license terms.
>> Reading https://pycryptodome.readthedocs.io/en/latest/src/license.html
>> (which is the same as the LICENSE.rst you use as a license file), it
>> says:
>>
>> """
>> The source code in PyCryptodome is partially in the public domain and
>> partially released under the BSD 2-Clause license.
>> """
>>
>> There is also the text of the Apache 2.0 license, but it doesn't say to
>> which part of the code it applies.
> 
> It states:   Apache 2.0 license (Wycheproof)
> And by grepping the source tree, it seems that 'Wycheproof' is the
> slef-test test harness, as we can only find it in lib/Crypto/SelfTest/
> and in setup.py, supposedly to ignore warnign from said test harness, and
> to list it as the data to package.
> 
> So, I think we can ignore the Apache-2.0 license, as it does not cover
> stuff that goes on the target.

 Ack that. Si Apache-2.0 is definitely wrong.


>> And there is a special constraint for the OCB cipher, that it cannot be
>> used for military purposes. I am not sure how Debian accepts that, but
>> they do accept it:
>> https://metadata.ftp-master.debian.org/changelogs/main/p/pycryptodome/pycryptodome_3.6.1-2_copyright.
> 
> In fact, there are 3 licenses under which OCB is made available;
>     http://web.cs.ucdavis.edu/~rogaway/ocb/license.htm
> 
>   * License 1 ? License for Open-Source Software Implementations of OCB
>     (Jan 9, 2013)
> 
>   * License 2 ? General License for Non-Military Software Implementations
>     OCB (Jan 10, 2013).
> 
>   * License 3 ? Patent License for OpenSSL (Nov 13, 2013).

 Note that all three of them are *patent* licenses. That's why Debian doesn't
make a problem of it. Debian only uses license 1.

 The OCB *code* is all under BSD-2-Clause, as far as I can see. There are
actually 2 implementations: one in python that does not come from pycrypto
AFAICS, and one from libtom.

> 
> As far as I understand the licensing terms, OCB is available udner any
> license to the choosing of the user of OCB. The pycryptodome developpers
> have not choosen a license, and instead decided to propagate that choice
> down to the user of pycryptodome.

 Ack.

> 
>> Yann, Arnout, I'm interested by your opinion on this package.
> 
> So, I would state something like:
> 
>     PYTHON_PYCRYPTODOMEX_LICENSE = \
>         BSD-2c, \

 BSD-2-Clause

>         Public Domain (pycrypto original code), \
>         OCB license (OCB cypher)

 I would clarify this as "OCB patent license". The (OCB cypher) is not really
useful IMO. Anyway OCB is not a cipher, it's a mode.

 In terms of license files, in addition to LICENSE.rst, I think we also need
Doc/LEGAL/COPYRIGHT.pycrypto

 Regards,
 Arnout

> 
> Regards,
> Yann E. MORIN.
> 

-- 
Arnout Vandecappelle                          arnout at mind be
Senior Embedded Software Architect            +32-16-286500
Essensium/Mind                                http://www.mind.be
G.Geenslaan 9, 3001 Leuven, Belgium           BE 872 984 063 RPR Leuven
LinkedIn profile: http://www.linkedin.com/in/arnoutvandecappelle
GPG fingerprint:  7493 020B C7E3 8618 8DEC 222C 82EB F404 F9AC 0DDF

[Buildroot] [PATCH 1/4] python-pycryptodomex: new package

[Thomas Petazzoni]

Hello,

On Wed, 10 Oct 2018 23:13:40 +0200, Arnout Vandecappelle wrote:

> >> Yann, Arnout, I'm interested by your opinion on this package.  
> > 
> > So, I would state something like:
> > 
> >     PYTHON_PYCRYPTODOMEX_LICENSE = \
> >         BSD-2c, \  
> 
>  BSD-2-Clause

I fixed that when applying.

> >         Public Domain (pycrypto original code), \
> >         OCB license (OCB cypher)  
> 
>  I would clarify this as "OCB patent license". The (OCB cypher) is not really
> useful IMO. Anyway OCB is not a cipher, it's a mode.
> 
>  In terms of license files, in addition to LICENSE.rst, I think we also need
> Doc/LEGAL/COPYRIGHT.pycrypto

Asaf, could you send a follow-up patch fixing this, according to Arnout
comments ?

Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com