Date: Fri, 21 May 2021 04:33:12 GMT From: Charlie Li <vishwin@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 6f05c9c07cff - main - security/py-cryptography: fix build with LibreSSL 3.3.2+ Message-ID: <202105210433.14L4XCu4082278@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by vishwin: URL: https://cgit.FreeBSD.org/ports/commit/?id=6f05c9c07cffc6ae65d8a1ea55096d3b9968e33b commit 6f05c9c07cffc6ae65d8a1ea55096d3b9968e33b Author: Charlie Li <vishwin@FreeBSD.org> AuthorDate: 2021-04-19 23:30:08 +0000 Commit: Charlie Li <vishwin@FreeBSD.org> CommitDate: 2021-05-21 04:32:25 +0000 security/py-cryptography: fix build with LibreSSL 3.3.2+ Merged upstream as https://github.com/pyca/cryptography/pull/5988 and backported to this version. Approved by: koobs (maintainer), fluffy (mentor) PR: 255241 --- .../files/patch-Fix-build-with-LibreSSL-3.3.2-5988 | 62 ++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/security/py-cryptography/files/patch-Fix-build-with-LibreSSL-3.3.2-5988 b/security/py-cryptography/files/patch-Fix-build-with-LibreSSL-3.3.2-5988 new file mode 100644 index 000000000000..deb9c6408832 --- /dev/null +++ b/security/py-cryptography/files/patch-Fix-build-with-LibreSSL-3.3.2-5988 @@ -0,0 +1,62 @@ +From 94590a9aecc9e5ef6fc8eda52bae43643a4c44bd Mon Sep 17 00:00:00 2001 +From: Charlie Li <vishwin@users.noreply.github.com> +Date: Mon, 19 Apr 2021 18:38:38 -0400 +Subject: [PATCH] Fix build with LibreSSL 3.3.2 (#5988) + +* LibreSSL 3.3.2 supports SSL_OP_NO_DTLS* + +While here, bump CI + +* Fix preprocessor guards for LibreSSL's SSL_OP_NO_DTLS* + +DTLS_set_link_mtu and DTLS_get_link_min_mtu are not part of 3.3.2 + +* Switch to LESS_THAN context for LibreSSL 3.3.2 + +While here, fix indents + +* Remove extra C variable declaration + +The variable is not actually used from Python +--- + .github/workflows/ci.yml | 2 +- + src/_cffi_src/openssl/cryptography.py | 7 +++++++ + src/_cffi_src/openssl/ssl.py | 2 ++ + 3 files changed, 10 insertions(+), 1 deletion(-) + +diff --git src/_cffi_src/openssl/cryptography.py src/_cffi_src/openssl/cryptography.py +index e2b5a132..b9c7a793 100644 +--- src/_cffi_src/openssl/cryptography.py ++++ src/_cffi_src/openssl/cryptography.py +@@ -32,6 +32,13 @@ INCLUDES = """ + #include <Winsock2.h> + #endif + ++#if CRYPTOGRAPHY_IS_LIBRESSL ++#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 \ ++ (LIBRESSL_VERSION_NUMBER < 0x3030200f) ++#else ++#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 (0) ++#endif ++ + #define CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER \ + (OPENSSL_VERSION_NUMBER >= 0x1010006f && !CRYPTOGRAPHY_IS_LIBRESSL) + +diff --git src/_cffi_src/openssl/ssl.py src/_cffi_src/openssl/ssl.py +index 11a7d63a..081ef041 100644 +--- src/_cffi_src/openssl/ssl.py ++++ src/_cffi_src/openssl/ssl.py +@@ -586,8 +586,10 @@ static const long TLS_ST_OK = 0; + #endif + + #if CRYPTOGRAPHY_IS_LIBRESSL ++#if CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 + static const long SSL_OP_NO_DTLSv1 = 0; + static const long SSL_OP_NO_DTLSv1_2 = 0; ++#endif + long (*DTLS_set_link_mtu)(SSL *, long) = NULL; + long (*DTLS_get_link_min_mtu)(SSL *) = NULL; + #endif +-- +2.31.1 +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202105210433.14L4XCu4082278>