From nobody Sun Mar 12 08:48:28 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PZD30753Nz3xc3X; Sun, 12 Mar 2023 08:48:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PZD306YfGz4CZ9; Sun, 12 Mar 2023 08:48:28 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1678610908; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZifwoI1Zw8Vj96P58M8eFwFzBVpG6kjOxPjnFrkTC6k=; b=nMOFcjFVs5/CYKHmXv55qjKA/DCBtvT++dYQwGY5zKDSPoN5PDEJbe5Jft6alXPvND/c8z Wn3SzZQvhV7uspxZBzrHOUvKcExRKAmgj7bweYPaFxNwXFi6/25LU5GcLZMfEIUog8US5D 8l0SoaS1d5kUU/9yLVhEXamrZlcTquoH5xUTT9dTSliLpEtPb4bZMWgZxDu5syyRmtEnwp 00gD2dmOLcBLbaxeV5Yz+kcG8y0sqZFjMW0tnB30ueX9/3k8v7Vgim3lgD7jLzrYgBqz6A 2ELP0OTJsNZiAJsIq1jdFK60bUzpfMxxiRdZR5gydCeeYruY0Lxi7AAD+qtfHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1678610908; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZifwoI1Zw8Vj96P58M8eFwFzBVpG6kjOxPjnFrkTC6k=; b=UrdFoRqM9i2LoBrpFi5cbcW+RzB1YkxIN/f88k/etAsXswmBYkjsWeUAUILJkAaKISn3ry VsAWhaMS5NLVsXWa0cEqa7oLW+RjoW/9b/BhKEVidKZ14pffPi6Q5HYCaxqhCa8gNPRrCz wbVIJL5p8bRYbVFhi4ZwT6M57bSr8XHto7DPeALkeFTg/J8ls+qBTZ32b33fw7VJLapdrc 7QNiyNBeRSfBj2es5PWHjn+B8t8nkpkKqAMWzrrR9zz1I1y03hgopAVhKk4n8WwzSHYOq+ ovq4uAspLOOq4cHj7FxAJjY93PnFLeIVc7RaYXG13CG1gVElWOv/nOI6j1mweQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1678610908; a=rsa-sha256; cv=none; b=gyHsXWm2cMOgZ7TZz2mQOQXgtUZp14bsB/9zOlD0z6zGmsVuQ+I3XjDwTfa6IyaE3Pmb38 FL5r+6F/pV2ng5cJv1C6AqeJzMuS7ITUy5vJcjy9gX1JMxEIwHYQ3qp4N8zB39EV6L7wMK OeK6tKQZhhMiPLuTzQThsIpOtF6J5PnWpZz/+nkiyCXuTx5H2l5EY1f2CGh0YqScJzLTD1 m9kjCN8tDnFn9d7GUZvjmkpIFfNVJeURryNGP9RF7kSXSm4qwlyGResmq2PiDiECgYgtbD JclLpiXzXyZ2TIlhWWVC0LmuLm4ThA+1L3DvvADJofE1q2IfijGcFHhoaEDggQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PZD305ZcKz14wp; Sun, 12 Mar 2023 08:48:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 32C8mSc9066480; Sun, 12 Mar 2023 08:48:28 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 32C8mSj4066479; Sun, 12 Mar 2023 08:48:28 GMT (envelope-from git) Date: Sun, 12 Mar 2023 08:48:28 GMT Message-Id: <202303120848.32C8mSj4066479@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Felix Palmen Subject: git: f482d5d27c1a - main - security/py-cryptography: Fix runtime /w libressl List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: zirias X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: f482d5d27c1afbbc3b9ed65d31c7eba92fe04393 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by zirias: URL: https://cgit.FreeBSD.org/ports/commit/?id=f482d5d27c1afbbc3b9ed65d31c7eba92fe04393 commit f482d5d27c1afbbc3b9ed65d31c7eba92fe04393 Author: Felix Palmen AuthorDate: 2023-02-25 06:52:40 +0000 Commit: Felix Palmen CommitDate: 2023-03-12 08:47:06 +0000 security/py-cryptography: Fix runtime /w libressl When built with LibreSSL, a few symbols were missing, so consumers failed at runtime. PR: 269705 Approved by: sunpoet (maintainer, timeout) Approved by: tcberner (mentor, implicit: libressl) Differential Revision: https://reviews.freebsd.org/D38765 --- security/py-cryptography/Makefile | 1 + security/py-cryptography/files/patch-libressl35 | 41 ++++++++++++++++++------- 2 files changed, 31 insertions(+), 11 deletions(-) diff --git a/security/py-cryptography/Makefile b/security/py-cryptography/Makefile index 64b8cb08caea..8f06002fbf3c 100644 --- a/security/py-cryptography/Makefile +++ b/security/py-cryptography/Makefile @@ -1,5 +1,6 @@ PORTNAME= cryptography PORTVERSION= 3.4.8 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= security python MASTER_SITES= PYPI diff --git a/security/py-cryptography/files/patch-libressl35 b/security/py-cryptography/files/patch-libressl35 index d0b7d798dc7a..84c9f44a3350 100644 --- a/security/py-cryptography/files/patch-libressl35 +++ b/security/py-cryptography/files/patch-libressl35 @@ -144,6 +144,30 @@ /* These functions were added in OpenSSL 1.1.0f commit d0c50e80a8 */ /* Define our own to simplify support across all versions. */ +--- src/_cffi_src/openssl/evp.py.orig 2023-02-24 07:28:50 UTC ++++ src/_cffi_src/openssl/evp.py +@@ -203,7 +203,20 @@ int (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, cons + size_t) = NULL; + #endif + +-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 ++#if CRYPTOGRAPHY_IS_LIBRESSL ++static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 1; ++static const long Cryptography_HAS_RAW_KEY = 0; ++static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF = 0; ++int (*EVP_DigestFinalXOF)(EVP_MD_CTX *, unsigned char *, size_t) = NULL; ++EVP_PKEY *(*EVP_PKEY_new_raw_private_key)(int, ENGINE *, const unsigned char *, ++ size_t) = NULL; ++EVP_PKEY *(*EVP_PKEY_new_raw_public_key)(int, ENGINE *, const unsigned char *, ++ size_t) = NULL; ++int (*EVP_PKEY_get_raw_private_key)(const EVP_PKEY *, unsigned char *, ++ size_t *) = NULL; ++int (*EVP_PKEY_get_raw_public_key)(const EVP_PKEY *, unsigned char *, ++ size_t *) = NULL; ++#elif CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 + static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 0; + static const long Cryptography_HAS_RAW_KEY = 0; + static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF = 0; --- src/_cffi_src/openssl/fips.py.orig 2022-10-17 11:12:47 UTC +++ src/_cffi_src/openssl/fips.py @@ -17,11 +17,5 @@ int FIPS_mode(void); @@ -246,20 +270,15 @@ #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 static const long Cryptography_HAS_KEYLOG = 0; -@@ -583,13 +578,6 @@ static const long Cryptography_HAS_TLS_ST = 1; - static const long Cryptography_HAS_TLS_ST = 0; - static const long TLS_ST_BEFORE = 0; - static const long TLS_ST_OK = 0; --#endif -- --#if CRYPTOGRAPHY_IS_LIBRESSL +@@ -586,8 +581,6 @@ static const long Cryptography_HAS_TLS_ST = 1; + #endif + + #if CRYPTOGRAPHY_IS_LIBRESSL -static const long SSL_OP_NO_DTLSv1 = 0; -static const long SSL_OP_NO_DTLSv1_2 = 0; --long (*DTLS_set_link_mtu)(SSL *, long) = NULL; --long (*DTLS_get_link_min_mtu)(SSL *) = NULL; + long (*DTLS_set_link_mtu)(SSL *, long) = NULL; + long (*DTLS_get_link_min_mtu)(SSL *) = NULL; #endif - - static const long Cryptography_HAS_DTLS = 1; --- src/_cffi_src/openssl/x509.py.orig 2022-10-17 11:26:23 UTC +++ src/_cffi_src/openssl/x509.py @@ -276,33 +276,8 @@ void X509_REQ_get0_signature(const X509_REQ *, const A