From owner-svn-ports-head@FreeBSD.ORG Sun Jan 18 09:38:18 2015 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2C8C42BC; Sun, 18 Jan 2015 09:38:18 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0C7551DC; Sun, 18 Jan 2015 09:38:18 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t0I9cHpe018270; Sun, 18 Jan 2015 09:38:17 GMT (envelope-from koobs@FreeBSD.org) Received: (from koobs@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t0I9cGuK018262; Sun, 18 Jan 2015 09:38:16 GMT (envelope-from koobs@FreeBSD.org) Message-Id: <201501180938.t0I9cGuK018262@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: koobs set sender to koobs@FreeBSD.org using -f From: Kubilay Kocak Date: Sun, 18 Jan 2015 09:38:16 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r377287 - in head/security/py-cryptography: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jan 2015 09:38:18 -0000 Author: koobs Date: Sun Jan 18 09:38:15 2015 New Revision: 377287 URL: https://svnweb.freebsd.org/changeset/ports/377287 QAT: https://qat.redports.org/buildarchive/r377287/ Log: security/py-cryptography: Update to 0.7.2, Fix LibreSSL - Update to 0.7.2 - Update BUILD_DEPENDS and TEST_DEPENDS - Patch upstream sources to fix LibreSSL: * Remove EGD (Perl Entropy Gathering Daemon) support. This hasn't been needed on FreeBSD since FreeBSD 4.2 * Disable compression conditionally using OPENSSL_NO_COMP * Check features, not version for x509_vfy [1] https://github.com/pyca/cryptography/issues/928 PR: 196827 Submitted by: Bernard Spil Added: head/security/py-cryptography/files/ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py (contents, props changed) head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py (contents, props changed) head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py (contents, props changed) head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py (contents, props changed) Modified: head/security/py-cryptography/Makefile head/security/py-cryptography/distinfo Modified: head/security/py-cryptography/Makefile ============================================================================== --- head/security/py-cryptography/Makefile Sun Jan 18 09:26:22 2015 (r377286) +++ head/security/py-cryptography/Makefile Sun Jan 18 09:38:15 2015 (r377287) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= cryptography -PORTVERSION= 0.5.4 +PORTVERSION= 0.7.2 CATEGORIES= security python MASTER_SITES= CHEESESHOP PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -14,10 +14,12 @@ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}cffi>=0.8:${PORTSDIR}/devel/py-cffi \ - ${PYTHON_PKGNAMEPREFIX}six>=1.4.1:${PORTSDIR}/devel/py-six + ${PYTHON_PKGNAMEPREFIX}six>=1.4.1:${PORTSDIR}/devel/py-six \ + ${PYTHON_PKGNAMEPREFIX}asn1>0:${PORTSDIR}/devel/py-asn1 + RUN_DEPENDS:= ${BUILD_DEPENDS} TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pytest>0:${PORTSDIR}/devel/py-pytest \ - ${PYTHON_PKGNAMEPREFIX}asn1>0:${PORTSDIR}/devel/py-asn1 + ${PYTHON_PKGNAMEPREFIX}iso8601>0:${PORTSDIR}/devel/py-iso8601 USES= python USE_OPENSSL= yes @@ -26,7 +28,13 @@ USE_PYTHON= autoplist distutils CFLAGS+= -I${OPENSSLINC} LDFLAGS+= -L${OPENSSLLIB} +.include + +.if ${PYTHON_REL} < 340 +BUILD_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}enum34>0:${PORTSDIR}/devel/py-enum34 +.endif + regression-test: build - @cd ${WRKSRC} && ${PYTHON_CMD} ${PYSETUP} test + @cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test -.include +.include Modified: head/security/py-cryptography/distinfo ============================================================================== --- head/security/py-cryptography/distinfo Sun Jan 18 09:26:22 2015 (r377286) +++ head/security/py-cryptography/distinfo Sun Jan 18 09:38:15 2015 (r377287) @@ -1,2 +1,2 @@ -SHA256 (cryptography-0.5.4.tar.gz) = 5675999f3744cbc32a60cb0bba64de21405abced32ce19655212612262dd270d -SIZE (cryptography-0.5.4.tar.gz) = 320104 +SHA256 (cryptography-0.7.2.tar.gz) = fab7fcdde360ec6614442d0321dcd0eff5e43544cb30d975e9d75a914a4cdf78 +SIZE (cryptography-0.7.2.tar.gz) = 247477 Added: head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py Sun Jan 18 09:38:15 2015 (r377287) @@ -0,0 +1,10 @@ +--- src/cryptography/hazmat/bindings/openssl/engine.py.orig 2015-01-16 13:26:59 UTC ++++ src/cryptography/hazmat/bindings/openssl/engine.py +@@ -49,7 +49,6 @@ int ENGINE_init(ENGINE *); + int ENGINE_finish(ENGINE *); + void ENGINE_load_openssl(void); + void ENGINE_load_dynamic(void); +-void ENGINE_load_cryptodev(void); + void ENGINE_load_builtin_engines(void); + void ENGINE_cleanup(void); + ENGINE *ENGINE_get_default_RSA(void); Added: head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py Sun Jan 18 09:38:15 2015 (r377287) @@ -0,0 +1,12 @@ +--- src/cryptography/hazmat/bindings/openssl/rand.py.orig 2015-01-16 13:26:59 UTC ++++ src/cryptography/hazmat/bindings/openssl/rand.py +@@ -16,9 +16,6 @@ void ERR_load_RAND_strings(void); + void RAND_seed(const void *, int); + void RAND_add(const void *, int, double); + int RAND_status(void); +-int RAND_egd(const char *); +-int RAND_egd_bytes(const char *, int); +-int RAND_query_egd_bytes(const char *, unsigned char *, int); + const char *RAND_file_name(char *, size_t); + int RAND_load_file(const char *, long); + int RAND_write_file(const char *); Added: head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py Sun Jan 18 09:38:15 2015 (r377287) @@ -0,0 +1,30 @@ +--- src/cryptography/hazmat/bindings/openssl/ssl.py.orig 2015-01-16 13:26:59 UTC ++++ src/cryptography/hazmat/bindings/openssl/ssl.py +@@ -189,10 +189,6 @@ int SSL_shutdown(SSL *); + const char *SSL_get_cipher_list(const SSL *, int); + Cryptography_STACK_OF_SSL_CIPHER *SSL_get_ciphers(const SSL *); + +-const COMP_METHOD *SSL_get_current_compression(SSL *); +-const COMP_METHOD *SSL_get_current_expansion(SSL *); +-const char *SSL_COMP_get_name(const COMP_METHOD *); +- + /* context */ + void SSL_CTX_free(SSL_CTX *); + long SSL_CTX_set_timeout(SSL_CTX *, long); +@@ -415,6 +411,16 @@ static const long Cryptography_HAS_RELEA + const long SSL_MODE_RELEASE_BUFFERS = 0; + #endif + ++#ifndef OPENSSL_NO_COMP ++const COMP_METHOD *SSL_get_current_compression(SSL *s); ++const COMP_METHOD *SSL_get_current_expansion(SSL *s); ++const char *SSL_COMP_get_name(const COMP_METHOD *comp); ++#else ++const void *SSL_get_current_compression(SSL *s); ++const void *SSL_get_current_expansion(SSL *s); ++const char *SSL_COMP_get_name(const void *comp); ++#endif ++ + #ifdef SSL_OP_NO_COMPRESSION + static const long Cryptography_HAS_OP_NO_COMPRESSION = 1; + #else Added: head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py Sun Jan 18 09:38:15 2015 (r377287) @@ -0,0 +1,20 @@ +--- src/cryptography/hazmat/bindings/openssl/x509_vfy.py.orig 2015-01-16 13:26:59 UTC ++++ src/cryptography/hazmat/bindings/openssl/x509_vfy.py +@@ -191,7 +191,7 @@ int X509_VERIFY_PARAM_set1_ip_asc(X509_V + + CUSTOMIZATIONS = """ + /* OpenSSL 1.0.2+ verification error codes */ +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++#if X509_V_ERR_EMAIL_MISMATCH + static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 1; + #else + static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0; +@@ -207,7 +207,7 @@ static const long X509_V_ERR_IP_ADDRESS_ + #endif + + /* OpenSSL 1.0.2+ verification parameters */ +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++#if X509_V_FLAG_PARTIAL_CHAIN + static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1; + #else + static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0;