Site Navigation

Date:      Fri, 9 Dec 2016 11:12:32 +0100
From:      Mathieu Arnold <mat@FreeBSD.org>
To:        Mark Felder <feld@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   Re: svn commit: r428138 - head/security/py-cryptography
Message-ID:  <4649c489-221b-8d65-acb5-6e75832bfc28@FreeBSD.org>
In-Reply-To: <201612081707.uB8H7Ntk058921@repo.freebsd.org>
References:  <201612081707.uB8H7Ntk058921@repo.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--sgRS4ljsvi4wa8Rfua6tBPGjawaPgU7Pe
Content-Type: multipart/mixed; boundary="ljepp3RmE0m2RB9OeKXqmqG5r9Sb9fvkv";
 protected-headers="v1"
From: Mathieu Arnold <mat@FreeBSD.org>
To: Mark Felder <feld@FreeBSD.org>, ports-committers@freebsd.org,
 svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Message-ID: <4649c489-221b-8d65-acb5-6e75832bfc28@FreeBSD.org>
Subject: Re: svn commit: r428138 - head/security/py-cryptography
References: <201612081707.uB8H7Ntk058921@repo.freebsd.org>
In-Reply-To: <201612081707.uB8H7Ntk058921@repo.freebsd.org>

--ljepp3RmE0m2RB9OeKXqmqG5r9Sb9fvkv
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Le 08/12/2016 =C3=A0 18:07, Mark Felder a =C3=A9crit :
> Author: feld
> Date: Thu Dec  8 17:07:22 2016
> New Revision: 428138
> URL: https://svnweb.freebsd.org/changeset/ports/428138
>
> Log:
>   security/py-pycryptography: Fix build on FreeBSD 9.3
>  =20
>   Modern py-cryptography requires a more modern OpenSSL. This switch to=

>   requiring OpenSSL from ports is a disruptive change, but it will prot=
ect
>   these users from the recently patched vulnerabilites.
>  =20
>   Support for OpenSSL 0.9.8 was removed in pycryptography as of version=
 1.4.
>   The last release to support OpenSSL 0.9.8 was 1.3.4 which is still
>   vulnerable to the HDKF key generation bug. It appears that version 1.=
4
>   did build successfully on FreeBSD 9.3, but upstream had abandoned
>   support for OpenSSL 0.9.8 at that point so it is unclear if it was fu=
lly
>   functional.
>  =20
>   PR:		214915
>   MFH:		2016Q4
>
> Modified:
>   head/security/py-cryptography/Makefile
>
> Modified: head/security/py-cryptography/Makefile
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> --- head/security/py-cryptography/Makefile	Thu Dec  8 17:05:45 2016	(r4=
28137)
> +++ head/security/py-cryptography/Makefile	Thu Dec  8 17:07:22 2016	(r4=
28138)
> @@ -27,6 +27,11 @@ USE_PYTHON=3D	autoplist distutils
>  CFLAGS+=3D	-I${OPENSSLINC}
>  LDFLAGS+=3D	-L${OPENSSLLIB}
> =20
> +# Modern py-cyptography requires newer OpenSSL
> +.if ${OSVERSION} < 1000000
> +WITH_OPENSSL_PORT=3D	yes
> +.endif
> +

The correct fix is:

=2Eif ${OSVERSION} < 1000000 && ${SSL_DEFAULT:Mbase}
IGNORE=3D Needs a more recent OpenSSL
=2Eendif


--=20
Mathieu Arnold



--ljepp3RmE0m2RB9OeKXqmqG5r9Sb9fvkv--

--sgRS4ljsvi4wa8Rfua6tBPGjawaPgU7Pe
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJYSoORXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzQUI2OTc4OUQyRUQxMjEwNjQ0MEJBNUIz
QTQ1MTZGMzUxODNDRTQ4AAoJEDpFFvNRg85IkVAP/jcs8qbp+K/YK2/kqLOhI14d
bLpTLlKVBw2Xjrb71V3zpYyAN7l57TTBs8WfN0TqO+wKYkkwFj+oUwvCYxCyPyWS
SL87ml9wEJs3chrgdgHS3cN4CdB3hWJS2is0o4ltNmaGK7rt8hyl09vM5qmbLH1h
uMkuKE04ZrsGfejS6KC9W1Y3u2/l9ZK30E9j31u45+RZkbiSaONhUF/3aP6qn22T
AZEIK/6xl5JK5kdFxIw56kF+EtJ2nN7GD6xeAXVKj1qWYn/yGLsTutIbtiU7jIhr
rMkNG3igycQBMxatM/iG+H2QKq4tz9xZ4b/3mvdKc+73sALBL8tI0nQ6XrTE9vGy
Qqg8YZ76twP1yknbwB/o6w6scGLdoG+mrOtOdvK88zZC2V/A4nYAsQgmdixwicsW
l1VTj9lMGFS1eGb+/hTPuOc/Sao1PJOd29L/xdjebT6skMc2r5Ssne+t2ryjsD4f
iw0L2X6exkOCMomurNWj0mZ9SLl58rfg0bLNKHzbUmduF8uvQ9XuUHsT2jYnXEYn
NJY3/2F7kjstBwcdiLIbginK8MmzGmMsPXWsJH/Rr1g8hBjsDvjlkDR29gmcVglU
lgglPvgaxI2WeT5mWYHveEIXbZqkObIcnDjD2dzdfH7x8+jKgZk6lP5gAyv3gv6l
ERXQa7u0JjqsQ7tet7pK
=6feY
-----END PGP SIGNATURE-----

--sgRS4ljsvi4wa8Rfua6tBPGjawaPgU7Pe--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4649c489-221b-8d65-acb5-6e75832bfc28>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact