From owner-svn-ports-head@FreeBSD.ORG  Sun Jan 18 09:38:18 2015
Return-Path: <owner-svn-ports-head@FreeBSD.ORG>
Delivered-To: svn-ports-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 2C8C42BC;
 Sun, 18 Jan 2015 09:38:18 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0C7551DC;
 Sun, 18 Jan 2015 09:38:18 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t0I9cHpe018270;
 Sun, 18 Jan 2015 09:38:17 GMT (envelope-from koobs@FreeBSD.org)
Received: (from koobs@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id t0I9cGuK018262;
 Sun, 18 Jan 2015 09:38:16 GMT (envelope-from koobs@FreeBSD.org)
Message-Id: <201501180938.t0I9cGuK018262@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: koobs set sender to
 koobs@FreeBSD.org using -f
From: Kubilay Kocak <koobs@FreeBSD.org>
Date: Sun, 18 Jan 2015 09:38:16 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r377287 - in head/security/py-cryptography: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Jan 2015 09:38:18 -0000

Author: koobs
Date: Sun Jan 18 09:38:15 2015
New Revision: 377287
URL: https://svnweb.freebsd.org/changeset/ports/377287
QAT: https://qat.redports.org/buildarchive/r377287/

Log:
  security/py-cryptography: Update to 0.7.2, Fix LibreSSL
  
  - Update to 0.7.2
  - Update BUILD_DEPENDS and TEST_DEPENDS
  - Patch upstream sources to fix LibreSSL:
  
    * Remove EGD (Perl Entropy Gathering Daemon) support. This hasn't
      been needed on FreeBSD since FreeBSD 4.2
    * Disable compression conditionally using OPENSSL_NO_COMP
    * Check features, not version for x509_vfy
  
  [1] https://github.com/pyca/cryptography/issues/928
  
  PR:		196827
  Submitted by:	Bernard Spil <spil.oss gmail com>

Added:
  head/security/py-cryptography/files/
  head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py   (contents, props changed)
  head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py   (contents, props changed)
  head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py   (contents, props changed)
  head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py   (contents, props changed)
Modified:
  head/security/py-cryptography/Makefile
  head/security/py-cryptography/distinfo

Modified: head/security/py-cryptography/Makefile
==============================================================================
--- head/security/py-cryptography/Makefile	Sun Jan 18 09:26:22 2015	(r377286)
+++ head/security/py-cryptography/Makefile	Sun Jan 18 09:38:15 2015	(r377287)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	cryptography
-PORTVERSION=	0.5.4
+PORTVERSION=	0.7.2
 CATEGORIES=	security python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
@@ -14,10 +14,12 @@ LICENSE=	APACHE20
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
 BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}cffi>=0.8:${PORTSDIR}/devel/py-cffi \
-		${PYTHON_PKGNAMEPREFIX}six>=1.4.1:${PORTSDIR}/devel/py-six
+		${PYTHON_PKGNAMEPREFIX}six>=1.4.1:${PORTSDIR}/devel/py-six \
+		${PYTHON_PKGNAMEPREFIX}asn1>0:${PORTSDIR}/devel/py-asn1
+
 RUN_DEPENDS:=	${BUILD_DEPENDS}
 TEST_DEPENDS=	${PYTHON_PKGNAMEPREFIX}pytest>0:${PORTSDIR}/devel/py-pytest \
-		${PYTHON_PKGNAMEPREFIX}asn1>0:${PORTSDIR}/devel/py-asn1
+		${PYTHON_PKGNAMEPREFIX}iso8601>0:${PORTSDIR}/devel/py-iso8601
 
 USES=		python
 USE_OPENSSL=	yes
@@ -26,7 +28,13 @@ USE_PYTHON=	autoplist distutils
 CFLAGS+=	-I${OPENSSLINC}
 LDFLAGS+=	-L${OPENSSLLIB}
 
+.include <bsd.port.pre.mk>
+
+.if ${PYTHON_REL} < 340
+BUILD_DEPENDS+=	${PYTHON_PKGNAMEPREFIX}enum34>0:${PORTSDIR}/devel/py-enum34
+.endif
+
 regression-test: build
-	@cd ${WRKSRC} && ${PYTHON_CMD} ${PYSETUP} test
+	@cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test
 
-.include <bsd.port.mk>
+.include <bsd.port.post.mk>

Modified: head/security/py-cryptography/distinfo
==============================================================================
--- head/security/py-cryptography/distinfo	Sun Jan 18 09:26:22 2015	(r377286)
+++ head/security/py-cryptography/distinfo	Sun Jan 18 09:38:15 2015	(r377287)
@@ -1,2 +1,2 @@
-SHA256 (cryptography-0.5.4.tar.gz) = 5675999f3744cbc32a60cb0bba64de21405abced32ce19655212612262dd270d
-SIZE (cryptography-0.5.4.tar.gz) = 320104
+SHA256 (cryptography-0.7.2.tar.gz) = fab7fcdde360ec6614442d0321dcd0eff5e43544cb30d975e9d75a914a4cdf78
+SIZE (cryptography-0.7.2.tar.gz) = 247477

Added: head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_engine.py	Sun Jan 18 09:38:15 2015	(r377287)
@@ -0,0 +1,10 @@
+--- src/cryptography/hazmat/bindings/openssl/engine.py.orig	2015-01-16 13:26:59 UTC
++++ src/cryptography/hazmat/bindings/openssl/engine.py
+@@ -49,7 +49,6 @@ int ENGINE_init(ENGINE *);
+ int ENGINE_finish(ENGINE *);
+ void ENGINE_load_openssl(void);
+ void ENGINE_load_dynamic(void);
+-void ENGINE_load_cryptodev(void);
+ void ENGINE_load_builtin_engines(void);
+ void ENGINE_cleanup(void);
+ ENGINE *ENGINE_get_default_RSA(void);

Added: head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_rand.py	Sun Jan 18 09:38:15 2015	(r377287)
@@ -0,0 +1,12 @@
+--- src/cryptography/hazmat/bindings/openssl/rand.py.orig	2015-01-16 13:26:59 UTC
++++ src/cryptography/hazmat/bindings/openssl/rand.py
+@@ -16,9 +16,6 @@ void ERR_load_RAND_strings(void);
+ void RAND_seed(const void *, int);
+ void RAND_add(const void *, int, double);
+ int RAND_status(void);
+-int RAND_egd(const char *);
+-int RAND_egd_bytes(const char *, int);
+-int RAND_query_egd_bytes(const char *, unsigned char *, int);
+ const char *RAND_file_name(char *, size_t);
+ int RAND_load_file(const char *, long);
+ int RAND_write_file(const char *);

Added: head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_ssl.py	Sun Jan 18 09:38:15 2015	(r377287)
@@ -0,0 +1,30 @@
+--- src/cryptography/hazmat/bindings/openssl/ssl.py.orig	2015-01-16 13:26:59 UTC
++++ src/cryptography/hazmat/bindings/openssl/ssl.py
+@@ -189,10 +189,6 @@ int SSL_shutdown(SSL *);
+ const char *SSL_get_cipher_list(const SSL *, int);
+ Cryptography_STACK_OF_SSL_CIPHER *SSL_get_ciphers(const SSL *);
+ 
+-const COMP_METHOD *SSL_get_current_compression(SSL *);
+-const COMP_METHOD *SSL_get_current_expansion(SSL *);
+-const char *SSL_COMP_get_name(const COMP_METHOD *);
+-
+ /*  context */
+ void SSL_CTX_free(SSL_CTX *);
+ long SSL_CTX_set_timeout(SSL_CTX *, long);
+@@ -415,6 +411,16 @@ static const long Cryptography_HAS_RELEA
+ const long SSL_MODE_RELEASE_BUFFERS = 0;
+ #endif
+ 
++#ifndef OPENSSL_NO_COMP
++const COMP_METHOD *SSL_get_current_compression(SSL *s);
++const COMP_METHOD *SSL_get_current_expansion(SSL *s);
++const char *SSL_COMP_get_name(const COMP_METHOD *comp);
++#else
++const void *SSL_get_current_compression(SSL *s);
++const void *SSL_get_current_expansion(SSL *s);
++const char *SSL_COMP_get_name(const void *comp);
++#endif
++
+ #ifdef SSL_OP_NO_COMPRESSION
+ static const long Cryptography_HAS_OP_NO_COMPRESSION = 1;
+ #else

Added: head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/py-cryptography/files/patch-src_cryptography_hazmat_bindings_openssl_x509__vfy.py	Sun Jan 18 09:38:15 2015	(r377287)
@@ -0,0 +1,20 @@
+--- src/cryptography/hazmat/bindings/openssl/x509_vfy.py.orig	2015-01-16 13:26:59 UTC
++++ src/cryptography/hazmat/bindings/openssl/x509_vfy.py
+@@ -191,7 +191,7 @@ int X509_VERIFY_PARAM_set1_ip_asc(X509_V
+ 
+ CUSTOMIZATIONS = """
+ /* OpenSSL 1.0.2+ verification error codes */
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if X509_V_ERR_EMAIL_MISMATCH
+ static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 1;
+ #else
+ static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0;
+@@ -207,7 +207,7 @@ static const long X509_V_ERR_IP_ADDRESS_
+ #endif
+ 
+ /* OpenSSL 1.0.2+ verification parameters */
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if X509_V_FLAG_PARTIAL_CHAIN
+ static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
+ #else
+ static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0;