FreeBSD Bugzilla – Attachment 193965 Details for
Bug 226906
security/py-cryptography: Update to 2.3 (Fixes build with libressl* 2.7)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
svn diff for security/py-cryptography
patch-security_py-cryptography-2.2.2+LibreSSL2.7 (text/plain), 8.18 KB, created by
Bernard Spil
on 2018-06-03 10:34:47 UTC
(
hide
)
Description:
svn diff for security/py-cryptography
Filename:
MIME Type:
Creator:
Bernard Spil
Created:
2018-06-03 10:34:47 UTC
Size:
8.18 KB
patch
obsolete
>Index: security/py-cryptography/Makefile >=================================================================== >--- security/py-cryptography/Makefile (revision 470520) >+++ security/py-cryptography/Makefile (working copy) >@@ -2,7 +2,7 @@ > # $FreeBSD$ > > PORTNAME= cryptography >-PORTVERSION= 2.1.4 >+PORTVERSION= 2.2.2 > CATEGORIES= security python > MASTER_SITES= CHEESESHOP > PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} >Index: security/py-cryptography/distinfo >=================================================================== >--- security/py-cryptography/distinfo (revision 470520) >+++ security/py-cryptography/distinfo (working copy) >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1516631948 >-SHA256 (cryptography-2.1.4.tar.gz) = e4d967371c5b6b2e67855066471d844c5d52d210c36c28d49a8507b96e2c5291 >-SIZE (cryptography-2.1.4.tar.gz) = 441557 >+TIMESTAMP = 1528014655 >+SHA256 (cryptography-2.2.2.tar.gz) = 9fc295bf69130a342e7a19a39d7bbeb15c0bcaabc7382ec33ef3b2b7d18d2f63 >+SIZE (cryptography-2.2.2.tar.gz) = 443822 >Index: security/py-cryptography/files/patch-issue4270 >=================================================================== >--- security/py-cryptography/files/patch-issue4270 (nonexistent) >+++ security/py-cryptography/files/patch-issue4270 (working copy) >@@ -0,0 +1,178 @@ >+From 611fa5a0458a36bb8b13b3e251a5cd359fa34296 Mon Sep 17 00:00:00 2001 >+From: Paul Kehrer <paul.l.kehrer@gmail.com> >+Date: Thu, 31 May 2018 11:39:12 +0800 >+Subject: [PATCH] LibreSSL 2.7.x support (#4270) >+ >+* libre 2.7.3 compatibility >+ >+* add a changelog >+ >+* actually build against 2.7.3 >+--- CHANGELOG.rst.orig 2018-03-27 16:42:49 UTC >++++ CHANGELOG.rst >+@@ -1,7 +1,8 @@ >+ Changelog >+ ========= >+ >+-.. _v2-2-2: >++* Fixed multiple issues preventing ``cryptography`` from compiling against >++ LibreSSL 2.7.x. >+ >+ 2.2.2 - 2018-03-27 >+ ~~~~~~~~~~~~~~~~~~ >+--- src/_cffi_src/openssl/bio.py.orig 2018-03-27 14:12:05 UTC >++++ src/_cffi_src/openssl/bio.py >+@@ -144,7 +144,7 @@ void BIO_clear_retry_flags(BIO *); >+ """ >+ >+ CUSTOMIZATIONS = """ >+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE4 >++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ int BIO_up_ref(BIO *b) { >+ CRYPTO_add(&b->references, 1, CRYPTO_LOCK_BIO); >+ return 1; >+--- src/_cffi_src/openssl/cryptography.py.orig 2018-03-27 14:12:05 UTC >++++ src/_cffi_src/openssl/cryptography.py >+@@ -25,6 +25,9 @@ INCLUDES = """ >+ #include <windows.h> >+ #endif >+ >++#define CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER \ >++ (CRYPTOGRAPHY_IS_LIBRESSL && LIBRESSL_VERSION_NUMBER >= 0x2070000fL) >++ >+ #define CRYPTOGRAPHY_OPENSSL_102_OR_GREATER \ >+ (OPENSSL_VERSION_NUMBER >= 0x10002000 && !CRYPTOGRAPHY_IS_LIBRESSL) >+ #define CRYPTOGRAPHY_OPENSSL_102L_OR_GREATER \ >+--- src/_cffi_src/openssl/dh.py.orig 2018-03-27 14:12:05 UTC >++++ src/_cffi_src/openssl/dh.py >+@@ -46,7 +46,7 @@ int Cryptography_i2d_DHxparams_bio(BIO * >+ >+ CUSTOMIZATIONS = """ >+ /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */ >+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 >++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ void DH_get0_pqg(const DH *dh, >+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) >+ { >+--- src/_cffi_src/openssl/dsa.py.orig 2018-03-27 14:12:05 UTC >++++ src/_cffi_src/openssl/dsa.py >+@@ -35,7 +35,7 @@ int DSA_generate_parameters_ex(DSA *, in >+ >+ CUSTOMIZATIONS = """ >+ /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */ >+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 >++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ void DSA_get0_pqg(const DSA *d, >+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) >+ { >+--- src/_cffi_src/openssl/rsa.py.orig 2018-03-27 14:12:05 UTC >++++ src/_cffi_src/openssl/rsa.py >+@@ -87,7 +87,7 @@ int (*EVP_PKEY_CTX_set0_rsa_oaep_label)( >+ #endif >+ >+ /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */ >+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 >++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) >+ { >+ /* If the fields n and e in r are NULL, the corresponding input >+--- src/_cffi_src/openssl/ssl.py.orig 2018-03-27 14:12:05 UTC >++++ src/_cffi_src/openssl/ssl.py >+@@ -502,7 +502,7 @@ const SSL_METHOD *SSL_CTX_get_ssl_method >+ >+ /* Added in 1.1.0 in the great opaquing, but we need to define it for older >+ OpenSSLs. Such is our burden. */ >+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 >++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ /* from ssl/ssl_lib.c */ >+ size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen) >+ { >+--- src/_cffi_src/openssl/x509.py.orig 2018-03-27 14:12:05 UTC >++++ src/_cffi_src/openssl/x509.py >+@@ -340,7 +340,7 @@ void X509_REQ_get0_signature(const X509_ >+ CUSTOMIZATIONS = """ >+ /* Added in 1.0.2 beta but we need it in all versions now due to the great >+ opaquing. */ >+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 >++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ /* from x509/x_x509.c version 1.0.2 */ >+ void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, >+ const X509 *x) >+@@ -387,7 +387,17 @@ X509_REVOKED *Cryptography_X509_REVOKED_ >+ /* Added in 1.1.0 but we need it in all versions now due to the great >+ opaquing. */ >+ #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 >++int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp) >++{ >++ req->req_info->enc.modified = 1; >++ return i2d_X509_REQ_INFO(req->req_info, pp); >++} >++int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) { >++ crl->crl->enc.modified = 1; >++ return i2d_X509_CRL_INFO(crl->crl, pp); >++} >+ >++#if !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ int X509_up_ref(X509 *x) { >+ return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); >+ } >+@@ -406,16 +416,6 @@ void X509_REQ_get0_signature(const X509_ >+ if (palg != NULL) >+ *palg = req->sig_alg; >+ } >+-int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp) >+-{ >+- req->req_info->enc.modified = 1; >+- return i2d_X509_REQ_INFO(req->req_info, pp); >+-} >+-int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) { >+- crl->crl->enc.modified = 1; >+- return i2d_X509_CRL_INFO(crl->crl, pp); >+-} >+- >+ void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, >+ const X509_ALGOR **palg) >+ { >+@@ -433,4 +433,5 @@ const ASN1_INTEGER *X509_REVOKED_get0_se >+ return x->serialNumber; >+ } >+ #endif >++#endif >+ """ >+--- src/_cffi_src/openssl/x509_vfy.py.orig 2018-03-27 14:12:05 UTC >++++ src/_cffi_src/openssl/x509_vfy.py >+@@ -246,6 +246,7 @@ static const long X509_V_FLAG_SUITEB_128 >+ static const long X509_V_FLAG_SUITEB_192_LOS = 0; >+ static const long X509_V_FLAG_SUITEB_128_LOS = 0; >+ >++#if !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *, >+ size_t) = NULL; >+ int (*X509_VERIFY_PARAM_set1_email)(X509_VERIFY_PARAM *, const char *, >+@@ -256,6 +257,7 @@ int (*X509_VERIFY_PARAM_set1_ip_asc)(X50 >+ void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PARAM *, >+ unsigned int) = NULL; >+ #endif >++#endif >+ >+ /* OpenSSL 1.0.2+ or Solaris's backport */ >+ #ifdef X509_V_FLAG_PARTIAL_CHAIN >+@@ -273,7 +275,7 @@ static const long Cryptography_HAS_X509_ >+ static const long X509_V_FLAG_TRUSTED_FIRST = 0; >+ #endif >+ >+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE6 >++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER >+ Cryptography_STACK_OF_X509_OBJECT *X509_STORE_get0_objects(X509_STORE *ctx) { >+ return ctx->objs; >+ } >+@@ -283,9 +285,7 @@ X509_VERIFY_PARAM *X509_STORE_get0_param >+ int X509_OBJECT_get_type(const X509_OBJECT *x) { >+ return x->type; >+ } >+-#endif >+ >+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 >+ /* from x509/x509_vfy.c */ >+ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx) >+ { > >Property changes on: security/py-cryptography/files/patch-issue4270 >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=193965">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 226906
:
191799
|
192331
|
192933
|
193350
|
193351
|
193887
|
193965
|
195386