summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorKubilay Kocak <koobs@FreeBSD.org>2015-01-18 09:38:15 +0000
committerKubilay Kocak <koobs@FreeBSD.org>2015-01-18 09:38:15 +0000
commit43650faa385d829f61cda181e62f1fb6e0547afe (patch)
treeff11f1e025d74f17033bfed63f052e8e4688b96b /security
parent11686073866c95ca4bd3243e9c80712566779f22 (diff)
downloadfreebsd-ports-43650faa385d829f61cda181e62f1fb6e0547afe.zip
security/py-cryptography: Update to 0.7.2, Fix LibreSSL
- Update to 0.7.2 - Update BUILD_DEPENDS and TEST_DEPENDS - Patch upstream sources to fix LibreSSL: * Remove EGD (Perl Entropy Gathering Daemon) support. This hasn't been needed on FreeBSD since FreeBSD 4.2 * Disable compression conditionally using OPENSSL_NO_COMP * Check features, not version for x509_vfy [1] https://github.com/pyca/cryptography/issues/928 PR: 196827 Submitted by: Bernard Spil <spil.oss gmail com>
Diffstat (limited to 'security')
-rw-r--r--security/py-cryptography/Makefile18
-rw-r--r--security/py-cryptography/distinfo4
-rw-r--r--security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py10
-rw-r--r--security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py12
-rw-r--r--security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py30
-rw-r--r--security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py20
6 files changed, 87 insertions, 7 deletions
diff --git a/security/py-cryptography/Makefile b/security/py-cryptography/Makefile
index 01e533181e3f..941c4bd55043 100644
--- a/security/py-cryptography/Makefile
+++ b/security/py-cryptography/Makefile
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= cryptography
-PORTVERSION= 0.5.4
+PORTVERSION= 0.7.2
CATEGORIES= security python
MASTER_SITES= CHEESESHOP
PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
@@ -14,10 +14,12 @@ LICENSE= APACHE20
LICENSE_FILE= ${WRKSRC}/LICENSE
BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}cffi>=0.8:${PORTSDIR}/devel/py-cffi \
- ${PYTHON_PKGNAMEPREFIX}six>=1.4.1:${PORTSDIR}/devel/py-six
+ ${PYTHON_PKGNAMEPREFIX}six>=1.4.1:${PORTSDIR}/devel/py-six \
+ ${PYTHON_PKGNAMEPREFIX}asn1>0:${PORTSDIR}/devel/py-asn1
+
RUN_DEPENDS:= ${BUILD_DEPENDS}
TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pytest>0:${PORTSDIR}/devel/py-pytest \
- ${PYTHON_PKGNAMEPREFIX}asn1>0:${PORTSDIR}/devel/py-asn1
+ ${PYTHON_PKGNAMEPREFIX}iso8601>0:${PORTSDIR}/devel/py-iso8601
USES= python
USE_OPENSSL= yes
@@ -26,7 +28,13 @@ USE_PYTHON= autoplist distutils
CFLAGS+= -I${OPENSSLINC}
LDFLAGS+= -L${OPENSSLLIB}
+.include <bsd.port.pre.mk>
+
+.if ${PYTHON_REL} < 340
+BUILD_DEPENDS+= ${PYTHON_PKGNAMEPREFIX}enum34>0:${PORTSDIR}/devel/py-enum34
+.endif
+
regression-test: build
- @cd ${WRKSRC} && ${PYTHON_CMD} ${PYSETUP} test
+ @cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test
-.include <bsd.port.mk>
+.include <bsd.port.post.mk>
diff --git a/security/py-cryptography/distinfo b/security/py-cryptography/distinfo
index 94851ffb68af..89a2851d228e 100644
--- a/security/py-cryptography/distinfo
+++ b/security/py-cryptography/distinfo
@@ -1,2 +1,2 @@
-SHA256 (cryptography-0.5.4.tar.gz) = 5675999f3744cbc32a60cb0bba64de21405abced32ce19655212612262dd270d
-SIZE (cryptography-0.5.4.tar.gz) = 320104
+SHA256 (cryptography-0.7.2.tar.gz) = fab7fcdde360ec6614442d0321dcd0eff5e43544cb30d975e9d75a914a4cdf78
+SIZE (cryptography-0.7.2.tar.gz) = 247477
diff --git a/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py b/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py
new file mode 100644
index 000000000000..9f05a871fad1
--- /dev/null
+++ b/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py
@@ -0,0 +1,10 @@
+--- src/cryptography/hazmat/bindings/openssl/engine.py.orig 2015-01-16 13:26:59 UTC
++++ src/cryptography/hazmat/bindings/openssl/engine.py
+@@ -49,7 +49,6 @@ int ENGINE_init(ENGINE *);
+ int ENGINE_finish(ENGINE *);
+ void ENGINE_load_openssl(void);
+ void ENGINE_load_dynamic(void);
+-void ENGINE_load_cryptodev(void);
+ void ENGINE_load_builtin_engines(void);
+ void ENGINE_cleanup(void);
+ ENGINE *ENGINE_get_default_RSA(void);
diff --git a/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py b/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py
new file mode 100644
index 000000000000..6534af9bb538
--- /dev/null
+++ b/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py
@@ -0,0 +1,12 @@
+--- src/cryptography/hazmat/bindings/openssl/rand.py.orig 2015-01-16 13:26:59 UTC
++++ src/cryptography/hazmat/bindings/openssl/rand.py
+@@ -16,9 +16,6 @@ void ERR_load_RAND_strings(void);
+ void RAND_seed(const void *, int);
+ void RAND_add(const void *, int, double);
+ int RAND_status(void);
+-int RAND_egd(const char *);
+-int RAND_egd_bytes(const char *, int);
+-int RAND_query_egd_bytes(const char *, unsigned char *, int);
+ const char *RAND_file_name(char *, size_t);
+ int RAND_load_file(const char *, long);
+ int RAND_write_file(const char *);
diff --git a/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py b/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py
new file mode 100644
index 000000000000..e84838f20e14
--- /dev/null
+++ b/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py
@@ -0,0 +1,30 @@
+--- src/cryptography/hazmat/bindings/openssl/ssl.py.orig 2015-01-16 13:26:59 UTC
++++ src/cryptography/hazmat/bindings/openssl/ssl.py
+@@ -189,10 +189,6 @@ int SSL_shutdown(SSL *);
+ const char *SSL_get_cipher_list(const SSL *, int);
+ Cryptography_STACK_OF_SSL_CIPHER *SSL_get_ciphers(const SSL *);
+
+-const COMP_METHOD *SSL_get_current_compression(SSL *);
+-const COMP_METHOD *SSL_get_current_expansion(SSL *);
+-const char *SSL_COMP_get_name(const COMP_METHOD *);
+-
+ /* context */
+ void SSL_CTX_free(SSL_CTX *);
+ long SSL_CTX_set_timeout(SSL_CTX *, long);
+@@ -415,6 +411,16 @@ static const long Cryptography_HAS_RELEA
+ const long SSL_MODE_RELEASE_BUFFERS = 0;
+ #endif
+
++#ifndef OPENSSL_NO_COMP
++const COMP_METHOD *SSL_get_current_compression(SSL *s);
++const COMP_METHOD *SSL_get_current_expansion(SSL *s);
++const char *SSL_COMP_get_name(const COMP_METHOD *comp);
++#else
++const void *SSL_get_current_compression(SSL *s);
++const void *SSL_get_current_expansion(SSL *s);
++const char *SSL_COMP_get_name(const void *comp);
++#endif
++
+ #ifdef SSL_OP_NO_COMPRESSION
+ static const long Cryptography_HAS_OP_NO_COMPRESSION = 1;
+ #else
diff --git a/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py b/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py
new file mode 100644
index 000000000000..3159a2add63b
--- /dev/null
+++ b/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py
@@ -0,0 +1,20 @@
+--- src/cryptography/hazmat/bindings/openssl/x509_vfy.py.orig 2015-01-16 13:26:59 UTC
++++ src/cryptography/hazmat/bindings/openssl/x509_vfy.py
+@@ -191,7 +191,7 @@ int X509_VERIFY_PARAM_set1_ip_asc(X509_V
+
+ CUSTOMIZATIONS = """
+ /* OpenSSL 1.0.2+ verification error codes */
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if X509_V_ERR_EMAIL_MISMATCH
+ static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 1;
+ #else
+ static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0;
+@@ -207,7 +207,7 @@ static const long X509_V_ERR_IP_ADDRESS_
+ #endif
+
+ /* OpenSSL 1.0.2+ verification parameters */
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if X509_V_FLAG_PARTIAL_CHAIN
+ static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
+ #else
+ static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0;