Date: Thu, 8 Dec 2016 17:07:23 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r428138 - head/security/py-cryptography Message-ID: <201612081707.uB8H7Ntk058921@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Thu Dec 8 17:07:22 2016 New Revision: 428138 URL: https://svnweb.freebsd.org/changeset/ports/428138 Log: security/py-pycryptography: Fix build on FreeBSD 9.3 Modern py-cryptography requires a more modern OpenSSL. This switch to requiring OpenSSL from ports is a disruptive change, but it will protect these users from the recently patched vulnerabilites. Support for OpenSSL 0.9.8 was removed in pycryptography as of version 1.4. The last release to support OpenSSL 0.9.8 was 1.3.4 which is still vulnerable to the HDKF key generation bug. It appears that version 1.4 did build successfully on FreeBSD 9.3, but upstream had abandoned support for OpenSSL 0.9.8 at that point so it is unclear if it was fully functional. PR: 214915 MFH: 2016Q4 Modified: head/security/py-cryptography/Makefile Modified: head/security/py-cryptography/Makefile ============================================================================== --- head/security/py-cryptography/Makefile Thu Dec 8 17:05:45 2016 (r428137) +++ head/security/py-cryptography/Makefile Thu Dec 8 17:07:22 2016 (r428138) @@ -27,6 +27,11 @@ USE_PYTHON= autoplist distutils CFLAGS+= -I${OPENSSLINC} LDFLAGS+= -L${OPENSSLLIB} +# Modern py-cyptography requires newer OpenSSL +.if ${OSVERSION} < 1000000 +WITH_OPENSSL_PORT= yes +.endif + .include <bsd.port.pre.mk> .if ${PYTHON_REL} < 3300
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201612081707.uB8H7Ntk058921>