Created attachment 203369 [details] port patch Update security/py-openssl to 19.0.0 Changelog https://pyopenssl.org/en/stable/changelog.html
Take this PR due maintainer timeout.
Hi Kai, Patch LGTM. Approved. You can commit it, thanks!
(In reply to Sofian Brabez from comment #2) Hi Sofian, thank you for the approval and thanks to timp87@gmail.com for submitting the patch. Here's a list of ports that depends on security/py-openssl (just for the record): audio/py-gmusicapi: N/A -> Not defined anywhere databases/py-riak: >=0.14 -> setup.py devel/py-aiortc: N/A -> Given as 'pyopenssl' in setup.py devel/py-epsilon: >=0.13 -> setup.py devel/py-foolscap: N/A -> Given as 'pyOpenSSL' in setup.py finance/py-stripe: N/A -> For Python 2.7 only due requests[security] in setup.py finance/trytond28: N/A -> Not defined anywhere but required in the sources ftp/py-pyftpdlib: N/A -> Given as 'PyOpenSSL' in setup.py misc/py-glance: >=16.2.0 -> requirements.txt misc/veles: N/A -> Given as 'PyOpenSSL' in python/requirements.txt multimedia/syncplay: N/A -> Not defined anywhere but required in the sources multimedia/tautulli: N/A -> Not defined anywhere but required in the sources net-im/gajim: >=0.12 -> Given in setup.cfg net-im/proxy65: N/A -> Not defined anywhere, only referenced in the Readme net-im/py-matrix-synapse: >= -> synapse/python_requirements.py net-im/py-nbxmpp: N/A -> Not defined anywhere but required in the sources net-p2p/couchpotato: N/A -> No specific version defined but required in the sources net-p2p/deluge-cli: N/A -> No specific version defined but required in the sources net-p2p/py-vertex: >=0.13 -> setup.py net/py-ldaptor: N/A -> No specific version defined but required in the sources net/py-ndg_httpsclient: N/A -> Given as 'PyOpenSSL' in setup.py net/py-netlib: >=0.12 -> setup.py net/py-python-glanceclient: >=16.2.0 -> requirements.txt net/py-ripe.atlas.tools: >=0.13 -> setup.py net/py-urllib3: >=0.14 -> setup.py security/cowrie: N/A -> Given as 'pyopenssl' in setup.py security/py-acme: >=0.13.1 -> setup.py security/py-certbot: N/A -> Noted in setup.py security/py-certbot-nginx: N/A -> Given as 'PyOpenSSL' in setup.py security/py-gpsoauth: N/A -> No specific version defined anywhere and might not be required security/py-josepy: >=0.13 -> setup.py security/py-pyelliptic: N/A -> No specific version defined but required in the sources security/py-pysaml2: N/A -> No specific version defined but required in the sources security/py-requests-credssp: >=16.0.0 -> setup.py security/py-sslstrip: >=0 -> No specific version defined but required in the sources security/py-trustme: >=19.0.0 -> test-requirements.txt security/py-yubikey-manager: N/A -> Given as 'pyopenssl' in setup.py security/spike-proxy: N/A -> No specific version defined but required in the sources security/w3af: N/A -> No specific version defined but required in the sources sysutils/py-azure-cli-appservice: N/A -> Given as 'pyOpenSSL' in setup.py sysutils/py-azure-cli-core: >=17.1.0 -> setup.py sysutils/py-azure-cli-dms: N/A -> Given as 'pyOpenSSL' in setup.py sysutils/py-azure-cli-iot: N/A -> Given as 'pyOpenSSL' in setup.py sysutils/py-azure-cli-keyvault: N/A -> Given as 'pyOpenSSL' in setup.py sysutils/py-azure-cli-servicefabric: N/A -> Given as 'pyOpenSSL' in setup.py www/butterfly: N/A -> Given as 'pyOpenSSL' in setup.py www/calendarserver: >=0.15.1 -> setup.py www/mitmproxy: >=17.5,<18.1 -> setup.py (builds fine but gives errors at runtime as expected) www/py-autobahn: >=16.2.0 -> setup.py www/py-google-api-python-client: N/A -> No specific version defined but required in the sources www/py-scrapy: N/A -> Given as 'pyOpenSSL' in setup.py www/py-treq: N/A -> No specific version defined but required in the sources www/py-werkzeug: N/A -> No specific version defined but required in the sources www/searx: ==18.0.0 -> requirements.txt, patched out to ">=" to remove the hard limit (no action required) One port, www/mitmproxy, needs to be patched before security/py-openssl 19.0.0 can land. The following ports of the list from above make explicit use of the "X509Store.add_cert" function that has changed slightly in 19.0.0. It produces no longer an error if a duplicate cert is added to the cert store: - net-im/gajim - net-im/py-nbxmpp - security/py-trustme - www/mitmproxy As far I can see from the sources this shouldn't lead to any problems during runtime.
A commit references this bug: Author: kai Date: Mon Aug 5 09:11:11 UTC 2019 New revision: 508146 URL: https://svnweb.freebsd.org/changeset/ports/508146 Log: security/py-openssl: Update to 19.0.0 While I'm here: * Improve the "do-test" target to easen future QA and add the required dependencies for it. * Sort variables a bit according to the PHB to pet portclippy/portlint. Changelog: Backward-incompatible changes: * X509Store.add_cert no longer raises an error if one add a duplicate cert * pyOpenSSL now works with OpenSSL 1.1.1 * pyOpenSSL now handles NUL bytes in X509Name.get_components() PR: 237006 Submitted by: timp87@gmail.com (based on) Approved by: sbz (maintainer) Changes: head/security/py-openssl/Makefile head/security/py-openssl/distinfo
Committed, thank you both for the patch and the approval! Just for the record, here are the test results from "make test": 11.2-, 11.3-, 12.0-RELEASE, 13.0-CURRENT@r349352 amd64: - py36: 483 passed, 14 skipped, 2 deselected, 20 warnings - py27: 496 passed, 1 skipped, 2 deselected, 17 warnings 11.2-, 11.3-, 12.0-RELEASE, 13.0-CURRENT@r349352 i386: - py36: 482 passed, 15 skipped, 2 deselected, 20 warnings - py27: 495 passed, 2 skipped, 2 deselected, 17 warnings
A commit references this bug: Author: kai Date: Tue Aug 6 10:19:32 UTC 2019 New revision: 508245 URL: https://svnweb.freebsd.org/changeset/ports/508245 Log: MFH: r508128 r508146 [NEW PORT] devel/py-flaky * Merge devel/py-flaky to 2019Q3 to cover the TEST_DEPENDS for security/py-openssl. security/py-openssl: Update to 19.0.0 While I'm here: * Improve the "do-test" target to easen future QA and add the required dependencies for it. * Sort variables a bit according to the PHB to pet portclippy/portlint. Changelog: Backward-incompatible changes: * X509Store.add_cert no longer raises an error if one add a duplicate cert * pyOpenSSL now works with OpenSSL 1.1.1 * pyOpenSSL now handles NUL bytes in X509Name.get_components() PR: 237006 Submitted by: timp87@gmail.com (based on) Approved by: sbz (maintainer) Approved by: ports-secteam (joneum) Changes: _U branches/2019Q3/ branches/2019Q3/devel/Makefile branches/2019Q3/devel/py-flaky/ branches/2019Q3/security/py-openssl/Makefile branches/2019Q3/security/py-openssl/distinfo