Open kloczek opened 1 day ago
Regarding the error related to SHA-1 not being supported, that's caused by the security policies on some systems. I've tried to make changes in other cases to skip SHA-1 in my unit tests to avoid this issue, but I don't know of a way on macOS (my primary testing platform) to trigger this issue. So, there may be places I missed.
If you try the following patch, does it resolve this issue?
diff --git a/tests/test_pkcs11.py b/tests/test_pkcs11.py
index 4044506..45f969d 100644
--- a/tests/test_pkcs11.py
+++ b/tests/test_pkcs11.py
@@ -165,6 +165,9 @@ class _TestPKCS11Auth(_CheckPKCS11Auth):
for sig_alg in key.sig_algorithms:
sig_alg = sig_alg.decode('ascii')
+ if sig_alg == 'ssh-rsa':
+ continue
+
with self.subTest(key=key.get_comment(), sig_alg=sig_alg):
async with self.connect(
username='ckey', pkcs11_provider='xxx',
Regarding the warning about Queue.join, that seems to be a race condition in the cleanup of one of the unit tests which I see on occasion but haven't tracked down yet. Since it is only a warning, this may be something you can ignore for now, though.
Regarding dropping Python 3.7 support, I've generally not been in a hurry to intentionally force the use of newer Python versions, at least not until "cryptography" drops support. So, I'm not sure I want to make the other changes here. That said, some of the modifications you proposed look like they could be beneficial, and not break Python 3.6 or 3.7 support, and I'd consider those. Were you using some kind of automated tool to generate these?
One change I'd prefer not to include is splitting the "import" lines in the "examples" directory. I do split imports onto their own lines elsewhere in the code, but I intentionally use the comma-separated version of the imports in examples to reduce the amount of space they take up when viewing examples in the top-level AsyncSSH doc page. So, I'd want to remove those changes.
I'm packaging your module as an rpm package so I'm using the typical PEP517 based build, install and test cycle used on building packages from non-root account.
python3 -sBm build -w --no-isolation
build
with--no-isolation
I'm using during all processes only locally installed modulesinstaller
modulecut off from access to the public network
(pytest is executed with-m "not network"
)Here is pytest output:
```console + PYTHONPATH=/home/tkloczko/rpmbuild/BUILDROOT/python-asyncssh-2.17.0-2.fc37.x86_64/usr/lib64/python3.10/site-packages:/home/tkloczko/rpmbuild/BUILDROOT/python-asyncssh-2.17.0-2.fc37.x86_64/usr/lib/python3.10/site-packages + /usr/bin/pytest -ra -m 'not network' ============================= test session starts ============================== platform linux -- Python 3.10.14, pytest-8.2.2, pluggy-1.5.0 rootdir: /home/tkloczko/rpmbuild/BUILD/asyncssh-2.17.0 configfile: tox.ini testpaths: tests collected 1608 items tests/test_agent.py sssssssssssssssssss [ 1%] tests/test_asn1.py . [ 1%] tests/test_auth.py ........ [ 1%] tests/test_auth_keys.py ......... [ 2%] tests/test_channel.py s...s............................................. [ 5%] ........................................................ [ 8%] tests/test_compression.py . [ 8%] tests/test_config.py ................................................... [ 12%] ......... [ 12%] tests/test_connection.py ...................................ss.......... [ 15%] ........................................................................ [ 20%] .............................s.......................................... [ 24%] .......... [ 25%] tests/test_connection_auth.py ..............................s........... [ 27%] ....................s..........ss.sssss..s..s........................... [ 32%] ss.sssss..s..s................................s......................... [ 36%] .............................................. [ 39%] tests/test_editor.py .................... [ 40%] tests/test_encryption.py .. [ 40%] tests/test_forward.py .................................................. [ 44%] ........................................................................ [ 48%] .................. [ 49%] tests/test_kex.py ..........s [ 50%] tests/test_known_hosts.py ................ [ 51%] tests/test_logging.py ......... [ 51%] tests/test_mac.py .. [ 52%] tests/test_packet.py .. [ 52%] tests/test_pkcs11.py ..........F. [ 52%] tests/test_process.py .................................................. [ 56%] .................................... [ 58%] tests/test_public_key.py ........s....... [ 59%] tests/test_saslprep.py ....... [ 59%] tests/test_sftp.py ..................................................... [ 62%] ........................................................................ [ 67%] ........................................................................ [ 71%] ........................................................................ [ 76%] ........................................................................ [ 80%] ........................................................................ [ 85%] ........................................................................ [ 89%] ......... [ 90%] tests/test_sk.py ............................. [ 92%] tests/test_stream.py ....................... [ 93%] tests/test_subprocess.py ............ [ 94%] tests/test_tuntap.py sssssssssssss.............. [ 96%] tests/test_x11.py ...................................... [ 98%] tests/test_x509.py ......................... [100%] =================================== FAILURES =================================== ____________________ _TestPKCS11Auth.test_pkcs11_load_keys _____________________ self =List of installed modules in build env:
```console Package Version ------------------ ----------- aiofiles 24.1.0 asn1crypto 1.5.1 bcrypt 4.2.0 build 1.2.2 cached-property 1.5.2 cffi 1.16.0 cryptography 42.0.8 decorator 5.1.1 distro 1.9.0 exceptiongroup 1.1.3 fido2 1.1.3 gssapi 1.8.3 importlib_metadata 8.0.0 iniconfig 2.0.0 installer 0.7.0 packaging 24.0 pluggy 1.5.0 ply 3.11 pycparser 2.22 pyOpenSSL 24.1.0 pyproject_hooks 1.0.0 pytest 8.2.2 python-dateutil 2.9.0.post0 python-pkcs11 0.7.0 setuptools 75.1.0 tokenize_rt 6.0.0 tomli 2.0.1 typing_extensions 4.12.2 wheel 0.44.0 zipp 3.19.2 ```Please let me know if you need more details or want me to perform some diagnostics.