svn commit: r566534 - in head/security: py-cryptography py-openssl

Dima Panov fluffy at FreeBSD.org
Thu Feb 25 13:32:27 UTC 2021 

Author: fluffy
Date: Thu Feb 25 13:32:25 2021
New Revision: 566534
URL: https://svnweb.freebsd.org/changeset/ports/566534

Log:
  security/py-openssl: unbreak run for consumers
  
  Partially revert r566075 to previous py-openssl release only for
  ${OSVERSION} < 1200085 and base OpenSSL 1.0.2 with PORTEPOCH bump
  
  This step is needed because since 20.0 release py-openssl have dropped off support
  for openssl < 1.1.0 which still in base fo FreeBSD 11.4+ branch
  
  Due to dependency on recent cryptography, bump py-cryptography to 3.3.2 release
  under same conditions as py-openssl. 3.3.2 was last release which not requred Rust to build
  
  With hat:	ports-secteam
  Pointy hat to:	sbz (for skip dependencies verification and no reaction to complains)
  Reported by:	many via ML

Modified:
  head/security/py-cryptography/Makefile
  head/security/py-cryptography/distinfo
  head/security/py-openssl/Makefile
  head/security/py-openssl/distinfo

Modified: head/security/py-cryptography/Makefile
==============================================================================
--- head/security/py-cryptography/Makefile	Thu Feb 25 12:51:30 2021	(r566533)
+++ head/security/py-cryptography/Makefile	Thu Feb 25 13:32:25 2021	(r566534)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	cryptography
-PORTVERSION=	2.9.2
+PORTVERSION=	3.3.2
 CATEGORIES=	security python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
@@ -43,10 +43,14 @@ TEST_ENV=	PYTHONPATH=${STAGEDIR}${PYTHONPREFIX_SITELIB
 # This has been fixed in 3.0-23-g241f8450 of security/py-cryptography and to be
 # clear: It isn't a security fix but rather a workaround to handle unnamed but
 # really named curves with OpenSSL 1.0.2t/u .
+
+# We need to keep old py-cryptography and py-openssl for 11.x release
+# due to outdated OpenSSL version in base
 .if ${OPSYS} == FreeBSD && ${SSL_DEFAULT} == "base"
 . if ${OSVERSION} >= 1103500 && ${OSVERSION} < 1200085
 # 1103500	352193 2019-09-10	11.3-STABLE got OpenSSL 1.0.2t
 # 1200085	339270 2018-10-19	12.0-STABLE got OpenSSL 1.1.1
+PORTVERSION=	2.9.2
 EXTRA_PATCHES=	${PATCHDIR}/openssl102u
 . endif
 .endif

Modified: head/security/py-cryptography/distinfo
==============================================================================
--- head/security/py-cryptography/distinfo	Thu Feb 25 12:51:30 2021	(r566533)
+++ head/security/py-cryptography/distinfo	Thu Feb 25 13:32:25 2021	(r566534)
@@ -1,3 +1,5 @@
-TIMESTAMP = 1596263213
+TIMESTAMP = 1614253508
 SHA256 (cryptography-2.9.2.tar.gz) = a0c30272fb4ddda5f5ffc1089d7405b7a71b0b0f51993cb4e5dbb4590b2fc229
 SIZE (cryptography-2.9.2.tar.gz) = 517571
+SHA256 (cryptography-3.3.2.tar.gz) = 5a60d3780149e13b7a6ff7ad6526b38846354d11a15e21068e57073e29e19bed
+SIZE (cryptography-3.3.2.tar.gz) = 539883

Modified: head/security/py-openssl/Makefile
==============================================================================
--- head/security/py-openssl/Makefile	Thu Feb 25 12:51:30 2021	(r566533)
+++ head/security/py-openssl/Makefile	Thu Feb 25 13:32:25 2021	(r566534)
@@ -29,6 +29,21 @@ NO_ARCH=	yes
 CPE_VENDOR=	jean-paul_calderone
 CPE_PRODUCT=	py${PORTNAME}
 
+# Use options.mk to use OSVERSION and handle redefine PORTEPOCH
+.include <bsd.port.options.mk>
+
+# We need to keep old py-cryptography and py-penssl for 11.x release
+# due to outdated OpenSSL version in base
+.if ${OPSYS} == FreeBSD && ${SSL_DEFAULT} == "base"
+. if ${OSVERSION} >= 1103500 && ${OSVERSION} < 1200085
+# 1103500	352193 2019-09-10	11.3-STABLE got OpenSSL 1.0.2t
+# 1200085	339270 2018-10-19	12.0-STABLE got OpenSSL 1.1.1
+#.sinclude "${.CURDIR}/Makefile.${OPSYS}-${OSREL:R}" 
+PORTVERSION=	19.1.0
+PORTEPOCH=	1
+. endif
+.endif
+
 # These tests will be skipped due the following reasons:
 #
 # * test_connect_refused: Avoid stalling in build environments that don't have

Modified: head/security/py-openssl/distinfo
==============================================================================
--- head/security/py-openssl/distinfo	Thu Feb 25 12:51:30 2021	(r566533)
+++ head/security/py-openssl/distinfo	Thu Feb 25 13:32:25 2021	(r566534)
@@ -1,3 +1,5 @@
 TIMESTAMP = 1613747780
+SHA256 (pyOpenSSL-19.1.0.tar.gz) = 9a24494b2602aaf402be5c9e30a0b82d4a5c67528fe8fb475e3f3bc00dd69507
+SIZE (pyOpenSSL-19.1.0.tar.gz) = 160510
 SHA256 (pyOpenSSL-20.0.1.tar.gz) = 4c231c759543ba02560fcd2480c48dcec4dae34c9da7d3747c508227e0624b51
 SIZE (pyOpenSSL-20.0.1.tar.gz) = 173736

More information about the svn-ports-all mailing list