Bug 29345

Summary: [NEW PKG REQUEST] python3-libnacl
Product: Mageia Reporter: Kristoffer Grundström <lovaren>
Component: New RPM package requestAssignee: All Packagers <pkg-bugs>
Status: NEW --- QA Contact:
Severity: normal    
Priority: Normal CC: davidwhodgins
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: python3-libnacl CVE:
Status comment:
Attachments: Working proposal spec for python-libnacl
libacl patch

Description Kristoffer Grundström 2021-08-09 00:28:35 CEST 
Description of problem: python-libnacl is used to gain direct access to the functions exposed by Daniel J. Bernstein’s nacl library via libsodium. It has been constructed to maintain extensive documentation on how to use nacl as well as being completely portable.

Version-Release number of selected component (if applicable): 1.7.2
Comment 1 Kristoffer Grundström 2021-08-09 00:29:45 CEST 
Created attachment 12894 [details]
Working proposal spec for python-libnacl
Comment 2 Kristoffer Grundström 2021-08-09 00:30:37 CEST 
Created attachment 12895 [details]
libacl patch
Comment 3 Dave Hodgins 2021-08-09 01:15:53 CEST 
New packages are only added in cauldron unless it's needed to fix a bug in an
existing stable release package. Once in cauldron, it can be added as a backport
for the sable release.

Also, what's the difference between this package and the existing package ...
urpmq -i python3-pynacl
Name        : python3-pynacl
Version     : 1.4.0
Release     : 1.mga8
Group       : Development/Python
Size        : 522030                       Architecture: x86_64
Source RPM  : python-pynacl-1.4.0-1.mga8.src.rpm
URL         : https://github.com/pyca/pynacl/
Summary     : Python binding to the Networking and Cryptography (NaCl) library
Description :
PyNaCl is a Python binding to libsodium, which is a fork of the Networking
and Cryptography library.

CC: (none) => davidwhodgins
Version: 8 => Cauldron

Comment 4 Kristoffer Grundström 2021-08-09 03:55:16 CEST 
I could be wrong now so in that case I'm very sorry, but if I compare where they get the source from I see that python3-pynacl uses https://github.com/pyca/pynacl and python3-libnacl uses https://github.com/saltstack/libnacl so I would think there's a difference.
Comment 5 Kristoffer Grundström 2021-08-09 17:35:08 CEST 
pynacl uses cffi to make the calls into libsodium and libnacl uses python ctypes. libnacl presents a more simplified API and a more direct connector into libsodium. I made libnacl because I had packaging issues with pynacl years ago.

Thats the main difference, some people have opted to use libnacl, usually because the API is a little simpler. But libnacl is a little slower because it uses the ctypes interface to call functions.
Comment 6 Kristoffer Grundström 2021-08-09 17:44:47 CEST 
(In reply to Kristoffer Grundström from comment #5)
> pynacl uses cffi to make the calls into libsodium and libnacl uses python
> ctypes. libnacl presents a more simplified API and a more direct connector
> into libsodium. I made libnacl because I had packaging issues with pynacl
> years ago.
> 
> Thats the main difference, some people have opted to use libnacl, usually
> because the API is a little simpler. But libnacl is a little slower because
> it uses the ctypes interface to call functions.

That's the explanation i got from the maker.
Comment 7 Dave Hodgins 2021-08-09 18:27:37 CEST 
Thanks for explaining the difference.

Assigning to all packagers to consider.

Assignee: bugsquad => pkg-bugs