pkgsign: prepare for paramiko v2.9.xfuture

1 files changed, 3 insertions, 26 deletions

diff --git a/pkgsign b/pkgsign
index c908ab2..497f09c 100755
--- a/pkgsign
+++ b/pkgsign
@@ -1,4 +1,4 @@
-#!/usr/bin/env python3.7
+#!/usr/bin/env python3.8
 # -*- mode:python; coding:utf-8 -*-
 #
 # NAME
@@ -113,12 +113,10 @@ for key in agent_keys:
         if _DEBUG > 0:
             print("INFO: key match found, signing with %s" % _KEYID)
 
-        # RSA sign flags: 0 (sha1), 2 (sha256), 4 (sha512)
-        # - for widespread use upstream must accept the flags support patch
         try:
-            raw_sig = key.sign_ssh_data(_PKGID, 2)
+            raw_sig = key.sign_ssh_data(_PKGID, "rsa-sha2-256")
         except TypeError:
-            raise SystemExit("ERROR: agent.py missing flags support, see patch at the bottom")
+            raise SystemExit("ERROR: agent.py missing flags support, upgrade to paramiko >=2.9.0")
 
         # Strip fields with the algorithm name and length of the signature
         sig_parts = []
@@ -171,24 +169,3 @@ if _DEBUG > 0:
     raise SystemExit("ERROR: no matching key(s) found for signing, aborting")
 else:
     raise SystemExit(1)
-
-
-# Subject: [PATCH] paramiko agent RSA sign flags support
-#
-#--- paramiko/agent.py  2021-01-15 23:03:50.387801224 +0100
-#+++ paramiko/agent.py  2021-01-15 23:04:34.667800388 +0100
-#@@ -407,12 +407,12 @@
-#     def get_name(self):
-#         return self.name
-#
-#-    def sign_ssh_data(self, data):
-#+    def sign_ssh_data(self, data, flags=0):
-#         msg = Message()
-#         msg.add_byte(cSSH2_AGENTC_SIGN_REQUEST)
-#         msg.add_string(self.blob)
-#         msg.add_string(data)
-#-        msg.add_int(0)
-#+        msg.add_int(flags)
-#         ptype, result = self.agent._send_message(msg)
-#         if ptype != SSH2_AGENT_SIGN_RESPONSE:
-#             raise SSHException("key cannot be used for signing")