From nobody Thu Mar 24 11:30:47 2022
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id AEA961A212DF;
	Thu, 24 Mar 2022 11:30:56 +0000 (UTC)
	(envelope-from sbrabez@gmail.com)
Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4KPNMM5Wgwz4rjv;
	Thu, 24 Mar 2022 11:30:55 +0000 (UTC)
	(envelope-from sbrabez@gmail.com)
Received: by mail-wr1-x434.google.com with SMTP id b19so6161644wrh.11;
        Thu, 24 Mar 2022 04:30:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=sender:date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to;
        bh=Ne6s5YKTj24uATILUycJcTMBriwehh58NBIGTnhXmIc=;
        b=HxtlFssB0nL9if74kUQxlJwMk5SWjI51URIc67stNUwfjCGC1kML+1naxA3vpscr52
         Mqg0s1Q34Mu5lpHcxq8u7o+ufKXgodV+QG0bagedzsOLc7LzbJx0cI8dNsx7SrOokSkN
         6mvxATZ/fZNQrfBz+B5VXzxn9EVimpeBXLvTUl9UZVnWcJayF4dN3tVTLL0gepH3siMN
         8wfMHAHbckQ3VMm56NZmqmr5i1NnJuDeTiYw5FKKRxirgMUejJ886nAFi3bZ7v6gXmtI
         nzIjbwk0NrfEw5TmDAQPsA4rW2AYmudnmGpAO30gwm1ogBmXD4Z3WxBCqjWyenE8kq3s
         V3iA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:sender:date:from:to:cc:subject:message-id
         :references:mime-version:content-disposition:in-reply-to;
        bh=Ne6s5YKTj24uATILUycJcTMBriwehh58NBIGTnhXmIc=;
        b=AbIywRb60+aZPH+Gi/PzIRGRrHbSkmIsiJALKGnExrP5EpA6VFeZk3w5wrH7FqkZZT
         xNy9JUrNQD1DXWq6GhbN8MkH8zcTJaFefvZEasjpDm+wUQ3C1J15xa6op1E3/r/GM/aU
         Yv0C8Rwp0JvutoJ07u23EFGhm6kC4wK6hPD0uM2WgR/rqc+ZRvma+gTxvFYo0VkJFKmU
         ZCPcZzQFHSr/XA2FgcxDHmOcgTK3/BTMCA7OBllI2Q8G5IwV2rxJqO6XswjVPpy/xoFg
         /+QRtb+ZebvcSK1hRe0eNww6F6jddf4LVIiGtLD89H22HJqNjqPwat33zCCY5EhdCrno
         /ZAg==
X-Gm-Message-State: AOAM530KsjrpIzSWeLwLbP+lK4fjsNT10/e9xL5rGb/mSx+0RVjj8g5z
	hmOQqi1fURSsayrPeqdgDh0wXVHWH/G1bQ==
X-Google-Smtp-Source: ABdhPJzEhJmuadlJIaUvstBjqIQssDLn+jsMDhONFIx7R465pJ+QxFh5Rxgt3v/I4UtsWXWnHldHMA==
X-Received: by 2002:a5d:4245:0:b0:203:dc49:2604 with SMTP id s5-20020a5d4245000000b00203dc492604mr4521756wrr.32.1648121454049;
        Thu, 24 Mar 2022 04:30:54 -0700 (PDT)
Received: from mbp (rbl63-h01-176-130-73-189.dsl.sta.abo.bbox.fr. [176.130.73.189])
        by smtp.gmail.com with ESMTPSA id 14-20020a056000154e00b00203f8adde0csm3174789wry.32.2022.03.24.04.30.52
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 24 Mar 2022 04:30:52 -0700 (PDT)
Date: Thu, 24 Mar 2022 12:30:47 +0100
From: Sofian Brabez <sbz@FreeBSD.org>
To: Yasuhiro Kimura <yasu@FreeBSD.org>
Cc: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
	dev-commits-ports-main@FreeBSD.org,
	Po-Chuan Hsieh <sunpoet@FreeBSD.org>
Subject: Re: git: ad1bc60d6ae8 - main - security/py-openssl: update to 22.0.0
Message-ID: <YjxWZ+LKrx2CDyg4@mbp>
References: <202203221607.22MG7Ddg070845@gitrepo.freebsd.org>
 <20220323.184252.1805768179490517862.yasu@FreeBSD.org>
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="WWvYFHHATPmcS2WA"
Content-Disposition: inline
In-Reply-To: <20220323.184252.1805768179490517862.yasu@FreeBSD.org>
X-Rspamd-Queue-Id: 4KPNMM5Wgwz4rjv
X-Spamd-Bar: +
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=HxtlFssB;
	dmarc=none;
	spf=pass (mx1.freebsd.org: domain of sbrabez@gmail.com designates 2a00:1450:4864:20::434 as permitted sender) smtp.mailfrom=sbrabez@gmail.com
X-Spamd-Result: default: False [1.23 / 15.00];
	 RCVD_VIA_SMTP_AUTH(0.00)[];
	 TO_DN_SOME(0.00)[];
	 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36];
	 HAS_ATTACHMENT(0.00)[];
	 RCPT_COUNT_FIVE(0.00)[5];
	 RCVD_COUNT_THREE(0.00)[3];
	 DKIM_TRACE(0.00)[gmail.com:+];
	 CTYPE_MIXED_BOGUS(1.00)[];
	 NEURAL_HAM_SHORT(-1.00)[-0.997];
	 FORGED_SENDER(0.30)[sbz@FreeBSD.org,sbrabez@gmail.com];
	 MIME_TRACE(0.00)[0:+,1:+,2:+];
	 FREEMAIL_ENVFROM(0.00)[gmail.com];
	 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
	 FROM_NEQ_ENVFROM(0.00)[sbz@FreeBSD.org,sbrabez@gmail.com];
	 DWL_DNSWL_NONE(0.00)[gmail.com:dkim];
	 ARC_NA(0.00)[];
	 R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112];
	 FROM_HAS_DN(0.00)[];
	 TO_MATCH_ENVRCPT_ALL(0.00)[];
	 NEURAL_HAM_LONG(-0.07)[-0.069];
	 MIME_GOOD(-0.10)[multipart/mixed,text/plain];
	 DMARC_NA(0.00)[FreeBSD.org];
	 NEURAL_SPAM_MEDIUM(1.00)[1.000];
	 RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::434:from];
	 MLMMJ_DEST(0.00)[dev-commits-ports-all,dev-commits-ports-main];
	 MID_RHS_NOT_FQDN(0.50)[];
	 RCVD_TLS_ALL(0.00)[]
X-ThisMailContainsUnwantedMimeParts: N


--WWvYFHHATPmcS2WA
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline

On 23 Mar 18:42 2022, Yasuhiro Kimura wrote:
> From: Sofian Brabez <sbz@FreeBSD.org>
> Subject: git: ad1bc60d6ae8 - main - security/py-openssl: update to 22.0.0
> Date: Tue, 22 Mar 2022 16:07:13 GMT
> 
> > The branch main has been updated by sbz:
> > 
> > URL: https://cgit.FreeBSD.org/ports/commit/?id=ad1bc60d6ae85090900d90475835894218872b12
> > 
> > commit ad1bc60d6ae85090900d90475835894218872b12
> > Author:     Sofian Brabez <sbz@FreeBSD.org>
> > AuthorDate: 2022-03-22 15:26:35 +0000
> > Commit:     Sofian Brabez <sbz@FreeBSD.org>
> > CommitDate: 2022-03-22 16:06:19 +0000
> > 
> >     security/py-openssl: update to 22.0.0
> 
> According to the Release information of 22.0.0, minimum version of
> py-cryptography has changed to 35.0.
> 
> https://pypi.org/project/pyOpenSSL/#id1
> 
> Actually after this commit runtime error of certbot happens as following.
> 
> root@rolling-vm-freebsd2[861]# certbot certonly --dns-rfc2136 --dns-rfc2136-credentials /usr/local/etc/letsencrypt/dns-rfc2136.ini -d '*.test.example.org'
> Traceback (most recent call last):
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 568, in _build_master
>     ws.require(__requires__)
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 886, in require
>     needed = self.resolve(parse_requirements(requirements))
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 777, in resolve
>     raise VersionConflict(dist, req).with_context(dependent_req)
> pkg_resources.ContextualVersionConflict: (cryptography 3.3.2 (/usr/local/lib/python3.10/site-packages), Requirement.parse('cryptography>=35.0'), {'PyOpenSSL'})
> 
> During handling of the above exception, another exception occurred:
> 
> Traceback (most recent call last):
>   File "/usr/local/bin/certbot", line 33, in <module>
>     sys.exit(load_entry_point('certbot==1.25.0', 'console_scripts', 'certbot')())
>   File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point
>     return next(matches).load()
>   File "/usr/local/lib/python3.10/importlib/metadata/__init__.py", line 171, in load
>     module = import_module(match.group('module'))
>   File "/usr/local/lib/python3.10/importlib/__init__.py", line 126, in import_module
>     return _bootstrap._gcd_import(name[level:], package, level)
>   File "<frozen importlib._bootstrap>", line 1050, in _gcd_import
>   File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
>   File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
>   File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
>   File "<frozen importlib._bootstrap_external>", line 883, in exec_module
>   File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
>   File "/usr/local/lib/python3.10/site-packages/certbot/main.py", line 6, in <module>
>     from certbot._internal import main as internal_main
>   File "/usr/local/lib/python3.10/site-packages/certbot/_internal/main.py", line 25, in <module>
>     from certbot import configuration
>   File "/usr/local/lib/python3.10/site-packages/certbot/configuration.py", line 10, in <module>
>     from certbot import util
>   File "/usr/local/lib/python3.10/site-packages/certbot/util.py", line 27, in <module>
>     from certbot._internal import constants
>   File "/usr/local/lib/python3.10/site-packages/certbot/_internal/constants.py", line 6, in <module>
>     import pkg_resources
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 3243, in <module>
>     def _initialize_master_working_set():
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 3226, in _call_aside
>     f(*args, **kwargs)
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 3255, in _initialize_master_working_set
>     working_set = WorkingSet._build_master()
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 570, in _build_master
>     return cls._build_from_requirements(__requires__)
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 583, in _build_from_requirements
>     dists = ws.resolve(reqs, Environment())
>   File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 777, in resolve
>     raise VersionConflict(dist, req).with_context(dependent_req)
> pkg_resources.ContextualVersionConflict: (cryptography 3.3.2 (/usr/local/lib/python3.10/site-packages), Requirement.parse('cryptography>=35.0'), {'PyOpenSSL'})
> root@rolling-vm-freebsd2[862]#
> 
> ---
> Yasuhiro Kimura

Hi Yasuhiro,

I don't use certbot so I take a look at that problem and even with the correct
minimum version with this diff applied, it fails on another error related to
rust bindings:

With the following version installed

sbz@freebsd13:~/git/ports $ pkg info |egrep 'py.*(crypto|openssl|certbot)'
py38-certbot-1.22.0,1          Let's Encrypt client
py38-cryptography-36.0.2       Cryptographic recipes and primitives for Python developers
py38-cryptography-vectors-36.0.2 Test vectors for the cryptography package
py38-openssl-22.0.0            Python interface to the OpenSSL library

Then I run your given command

sbz@freebsd13:~/git/ports $ certbot certonly --dns-rfc2136 --dns-rfc2136-credentials /usr/local/etc/letsencrypt/dns-rfc2136.ini -d '*.test.example.org'
Traceback (most recent call last):
  File "/usr/local/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==1.22.0', 'console_scripts', 'certbot')())
  File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point
    return next(matches).load()
  File "/usr/local/lib/python3.8/importlib/metadata.py", line 77, in load
    module = import_module(match.group('module'))
  File "/usr/local/lib/python3.8/importlib/__init__.py", line 127, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 1014, in _gcd_import
  File "<frozen importlib._bootstrap>", line 991, in _find_and_load
  File "<frozen importlib._bootstrap>", line 975, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 671, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 843, in exec_module
  File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
  File "/usr/local/lib/python3.8/site-packages/certbot/main.py", line 6, in <module>
    from certbot._internal import main as internal_main
  File "/usr/local/lib/python3.8/site-packages/certbot/_internal/main.py", line 18, in <module>
    import josepy as jose
  File "/usr/local/lib/python3.8/site-packages/josepy/__init__.py", line 43, in <module>
    from josepy.json_util import (
  File "/usr/local/lib/python3.8/site-packages/josepy/json_util.py", line 14, in <module>
    from OpenSSL import crypto
  File "/usr/local/lib/python3.8/site-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import crypto, SSL
  File "/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 8, in <module>
    from cryptography import utils, x509
  File "/usr/local/lib/python3.8/site-packages/cryptography/x509/__init__.py", line 6, in <module>
    from cryptography.x509 import certificate_transparency
  File "/usr/local/lib/python3.8/site-packages/cryptography/x509/certificate_transparency.py", line 10, in <module>
    from cryptography.hazmat.bindings._rust import x509 as rust_x509
ImportError: cannot import name 'x509' from 'cryptography.hazmat.bindings._rust' (unknown location)

At the moment, it seems we are not ready to update security/py-openssl to the
latest version yet, so I have restored the previous version in
0e63dc8634485b1b16e1b11e56580b482cc5c3bd.

I will wait sunpoet@ update security/py-cryptography* ports to do it.  Recent
versions after 35.0.0 need rust extensions to be built and I am not familiar
with it.

Thanks for the report.

Regards

-- 
Sofian Brabez

--WWvYFHHATPmcS2WA
Content-Type: text/plain; charset=utf-8
Content-Disposition: attachment; filename="py-cryptography-update.diff"

diff --git a/security/py-cryptography-vectors/Makefile b/security/py-cryptography-vectors/Makefile
index 6b8187dfa9..660d7f79c1 100644
--- a/security/py-cryptography-vectors/Makefile
+++ b/security/py-cryptography-vectors/Makefile
@@ -1,7 +1,7 @@
 # Created by: Po-Chuan Hsieh <sunpoet@FreeBSD.org>
 
 PORTNAME=	cryptography-vectors
-PORTVERSION=	3.4.8
+PORTVERSION=	36.0.2
 CATEGORIES=	security python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
diff --git a/security/py-cryptography-vectors/distinfo b/security/py-cryptography-vectors/distinfo
index 60e5faf5ee..4d3fe6f701 100644
--- a/security/py-cryptography-vectors/distinfo
+++ b/security/py-cryptography-vectors/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1632037228
-SHA256 (cryptography_vectors-3.4.8.tar.gz) = 4c84410257993d3de058b44b777a49e1da2ae35ebea2970a360c7e3aa0f580f2
-SIZE (cryptography_vectors-3.4.8.tar.gz) = 35168097
+TIMESTAMP = 1648061540
+SHA256 (cryptography_vectors-36.0.2.tar.gz) = 2a7924449a03025faf7f8754a6f4200001cab210734a6ce6ac1f6bdacd3a68e4
+SIZE (cryptography_vectors-36.0.2.tar.gz) = 35227191
diff --git a/security/py-cryptography/Makefile b/security/py-cryptography/Makefile
index 306d5d7a42..f57dfe0b3e 100644
--- a/security/py-cryptography/Makefile
+++ b/security/py-cryptography/Makefile
@@ -1,7 +1,7 @@
 # Created by: Kubilay Kocak <koobs@FreeBSD.org>
 
 PORTNAME=	cryptography
-PORTVERSION=	3.3.2
+PORTVERSION=	36.0.2
 CATEGORIES=	security python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
@@ -14,7 +14,8 @@ LICENSE_COMB=			dual
 LICENSE_FILE_APACHE20=		${WRKSRC}/LICENSE.APACHE
 LICENSE_FILE_BSD3CLAUSE=	${WRKSRC}/LICENSE.BSD
 
-BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}cffi>=1.8:devel/py-cffi@${PY_FLAVOR}
+BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}cffi>=1.8:devel/py-cffi@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}setuptools-rust>0:devel/py-setuptools-rust@${PY_FLAVOR}
 RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}cffi>=1.8:devel/py-cffi@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}six>=1.4.1:devel/py-six@${PY_FLAVOR}
 TEST_DEPENDS=	${PYTHON_PKGNAMEPREFIX}cryptography-vectors>=${PORTVERSION}:security/py-cryptography-vectors@${PY_FLAVOR} \
diff --git a/security/py-cryptography/distinfo b/security/py-cryptography/distinfo
index a2ec744712..68ec599738 100644
--- a/security/py-cryptography/distinfo
+++ b/security/py-cryptography/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1614253508
-SHA256 (cryptography-3.3.2.tar.gz) = 5a60d3780149e13b7a6ff7ad6526b38846354d11a15e21068e57073e29e19bed
-SIZE (cryptography-3.3.2.tar.gz) = 539883
+TIMESTAMP = 1648061557
+SHA256 (cryptography-36.0.2.tar.gz) = 70f8f4f7bb2ac9f340655cbac89d68c527af5bb4387522a8413e841e3e6628c9
+SIZE (cryptography-36.0.2.tar.gz) = 572053
diff --git a/security/py-openssl/Makefile b/security/py-openssl/Makefile
index 79371eeebb..ba0cf01c2a 100644
--- a/security/py-openssl/Makefile
+++ b/security/py-openssl/Makefile
@@ -13,7 +13,7 @@ COMMENT=	Python interface to the OpenSSL library
 LICENSE=	APACHE20
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
-RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}cryptography>=2.8:security/py-cryptography@${PY_FLAVOR} \
+RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}cryptography>=35.0.0:security/py-cryptography@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}six>=1.5.2:devel/py-six@${PY_FLAVOR}
 TEST_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pytest>=3.0.1:devel/py-pytest@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}flaky>0:devel/py-flaky@${PY_FLAVOR} \

--WWvYFHHATPmcS2WA--