Index: security/py-cryptography/Makefile =================================================================== --- security/py-cryptography/Makefile (revision 470520) +++ security/py-cryptography/Makefile (working copy) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= cryptography -PORTVERSION= 2.1.4 +PORTVERSION= 2.2.2 CATEGORIES= security python MASTER_SITES= CHEESESHOP PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} Index: security/py-cryptography/distinfo =================================================================== --- security/py-cryptography/distinfo (revision 470520) +++ security/py-cryptography/distinfo (working copy) @@ -1,3 +1,3 @@ -TIMESTAMP = 1516631948 -SHA256 (cryptography-2.1.4.tar.gz) = e4d967371c5b6b2e67855066471d844c5d52d210c36c28d49a8507b96e2c5291 -SIZE (cryptography-2.1.4.tar.gz) = 441557 +TIMESTAMP = 1528014655 +SHA256 (cryptography-2.2.2.tar.gz) = 9fc295bf69130a342e7a19a39d7bbeb15c0bcaabc7382ec33ef3b2b7d18d2f63 +SIZE (cryptography-2.2.2.tar.gz) = 443822 Index: security/py-cryptography/files/patch-issue4270 =================================================================== --- security/py-cryptography/files/patch-issue4270 (nonexistent) +++ security/py-cryptography/files/patch-issue4270 (working copy) @@ -0,0 +1,178 @@ +From 611fa5a0458a36bb8b13b3e251a5cd359fa34296 Mon Sep 17 00:00:00 2001 +From: Paul Kehrer +Date: Thu, 31 May 2018 11:39:12 +0800 +Subject: [PATCH] LibreSSL 2.7.x support (#4270) + +* libre 2.7.3 compatibility + +* add a changelog + +* actually build against 2.7.3 +--- CHANGELOG.rst.orig 2018-03-27 16:42:49 UTC ++++ CHANGELOG.rst +@@ -1,7 +1,8 @@ + Changelog + ========= + +-.. _v2-2-2: ++* Fixed multiple issues preventing ``cryptography`` from compiling against ++ LibreSSL 2.7.x. + + 2.2.2 - 2018-03-27 + ~~~~~~~~~~~~~~~~~~ +--- src/_cffi_src/openssl/bio.py.orig 2018-03-27 14:12:05 UTC ++++ src/_cffi_src/openssl/bio.py +@@ -144,7 +144,7 @@ void BIO_clear_retry_flags(BIO *); + """ + + CUSTOMIZATIONS = """ +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE4 ++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + int BIO_up_ref(BIO *b) { + CRYPTO_add(&b->references, 1, CRYPTO_LOCK_BIO); + return 1; +--- src/_cffi_src/openssl/cryptography.py.orig 2018-03-27 14:12:05 UTC ++++ src/_cffi_src/openssl/cryptography.py +@@ -25,6 +25,9 @@ INCLUDES = """ + #include + #endif + ++#define CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER \ ++ (CRYPTOGRAPHY_IS_LIBRESSL && LIBRESSL_VERSION_NUMBER >= 0x2070000fL) ++ + #define CRYPTOGRAPHY_OPENSSL_102_OR_GREATER \ + (OPENSSL_VERSION_NUMBER >= 0x10002000 && !CRYPTOGRAPHY_IS_LIBRESSL) + #define CRYPTOGRAPHY_OPENSSL_102L_OR_GREATER \ +--- src/_cffi_src/openssl/dh.py.orig 2018-03-27 14:12:05 UTC ++++ src/_cffi_src/openssl/dh.py +@@ -46,7 +46,7 @@ int Cryptography_i2d_DHxparams_bio(BIO * + + CUSTOMIZATIONS = """ + /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */ +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 ++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + void DH_get0_pqg(const DH *dh, + const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) + { +--- src/_cffi_src/openssl/dsa.py.orig 2018-03-27 14:12:05 UTC ++++ src/_cffi_src/openssl/dsa.py +@@ -35,7 +35,7 @@ int DSA_generate_parameters_ex(DSA *, in + + CUSTOMIZATIONS = """ + /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */ +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 ++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + void DSA_get0_pqg(const DSA *d, + const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) + { +--- src/_cffi_src/openssl/rsa.py.orig 2018-03-27 14:12:05 UTC ++++ src/_cffi_src/openssl/rsa.py +@@ -87,7 +87,7 @@ int (*EVP_PKEY_CTX_set0_rsa_oaep_label)( + #endif + + /* These functions were added in OpenSSL 1.1.0-pre5 (beta2) */ +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 ++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) + { + /* If the fields n and e in r are NULL, the corresponding input +--- src/_cffi_src/openssl/ssl.py.orig 2018-03-27 14:12:05 UTC ++++ src/_cffi_src/openssl/ssl.py +@@ -502,7 +502,7 @@ const SSL_METHOD *SSL_CTX_get_ssl_method + + /* Added in 1.1.0 in the great opaquing, but we need to define it for older + OpenSSLs. Such is our burden. */ +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 ++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + /* from ssl/ssl_lib.c */ + size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen) + { +--- src/_cffi_src/openssl/x509.py.orig 2018-03-27 14:12:05 UTC ++++ src/_cffi_src/openssl/x509.py +@@ -340,7 +340,7 @@ void X509_REQ_get0_signature(const X509_ + CUSTOMIZATIONS = """ + /* Added in 1.0.2 beta but we need it in all versions now due to the great + opaquing. */ +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 ++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + /* from x509/x_x509.c version 1.0.2 */ + void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg, + const X509 *x) +@@ -387,7 +387,17 @@ X509_REVOKED *Cryptography_X509_REVOKED_ + /* Added in 1.1.0 but we need it in all versions now due to the great + opaquing. */ + #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 ++int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp) ++{ ++ req->req_info->enc.modified = 1; ++ return i2d_X509_REQ_INFO(req->req_info, pp); ++} ++int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) { ++ crl->crl->enc.modified = 1; ++ return i2d_X509_CRL_INFO(crl->crl, pp); ++} + ++#if !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + int X509_up_ref(X509 *x) { + return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); + } +@@ -406,16 +416,6 @@ void X509_REQ_get0_signature(const X509_ + if (palg != NULL) + *palg = req->sig_alg; + } +-int i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp) +-{ +- req->req_info->enc.modified = 1; +- return i2d_X509_REQ_INFO(req->req_info, pp); +-} +-int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp) { +- crl->crl->enc.modified = 1; +- return i2d_X509_CRL_INFO(crl->crl, pp); +-} +- + void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, + const X509_ALGOR **palg) + { +@@ -433,4 +433,5 @@ const ASN1_INTEGER *X509_REVOKED_get0_se + return x->serialNumber; + } + #endif ++#endif + """ +--- src/_cffi_src/openssl/x509_vfy.py.orig 2018-03-27 14:12:05 UTC ++++ src/_cffi_src/openssl/x509_vfy.py +@@ -246,6 +246,7 @@ static const long X509_V_FLAG_SUITEB_128 + static const long X509_V_FLAG_SUITEB_192_LOS = 0; + static const long X509_V_FLAG_SUITEB_128_LOS = 0; + ++#if !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *, + size_t) = NULL; + int (*X509_VERIFY_PARAM_set1_email)(X509_VERIFY_PARAM *, const char *, +@@ -256,6 +257,7 @@ int (*X509_VERIFY_PARAM_set1_ip_asc)(X50 + void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PARAM *, + unsigned int) = NULL; + #endif ++#endif + + /* OpenSSL 1.0.2+ or Solaris's backport */ + #ifdef X509_V_FLAG_PARTIAL_CHAIN +@@ -273,7 +275,7 @@ static const long Cryptography_HAS_X509_ + static const long X509_V_FLAG_TRUSTED_FIRST = 0; + #endif + +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE6 ++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 && !CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER + Cryptography_STACK_OF_X509_OBJECT *X509_STORE_get0_objects(X509_STORE *ctx) { + return ctx->objs; + } +@@ -283,9 +285,7 @@ X509_VERIFY_PARAM *X509_STORE_get0_param + int X509_OBJECT_get_type(const X509_OBJECT *x) { + return x->type; + } +-#endif + +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110PRE5 + /* from x509/x509_vfy.c */ + X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx) + { Property changes on: security/py-cryptography/files/patch-issue4270 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property