forked from openwrt/packages
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
python-cryptography: bump to version 3.4.5
Re-applied OpenSSL patches from pyca/cryptography#4920 We also need to patch setup.py a bit to make sure that the Rust extension is not included. Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
- Loading branch information
Showing
10 changed files
with
182 additions
and
296 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 0 additions & 28 deletions
28
lang/python/python-cryptography/patches/0001-Add-new-ASN1_STRING_get0_data-API.patch
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
114 changes: 114 additions & 0 deletions
114
...ython/python-cryptography/patches/0003-Add-defines-for-totally-deprecated-functions.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,114 @@ | ||
From fa031041283aac693273db24dab5b3f2193b438d Mon Sep 17 00:00:00 2001 | ||
From: Rosen Penev <rosenp@gmail.com> | ||
Date: Thu, 5 Dec 2019 12:52:13 -0800 | ||
Subject: [PATCH 3/3] Add defines for totally deprecated functions | ||
|
||
--- | ||
src/_cffi_src/openssl/asn1.py | 3 +++ | ||
src/_cffi_src/openssl/conf.py | 4 ++++ | ||
src/_cffi_src/openssl/crypto.py | 4 ++++ | ||
src/_cffi_src/openssl/ecdh.py | 3 +++ | ||
src/_cffi_src/openssl/evp.py | 5 +++++ | ||
src/_cffi_src/openssl/ssl.py | 5 +++++ | ||
src/_cffi_src/openssl/x509.py | 12 ++++++++++++ | ||
src/_cffi_src/openssl/x509_vfy.py | 6 ++++++ | ||
8 files changed, 42 insertions(+) | ||
|
||
--- a/src/_cffi_src/openssl/asn1.py | ||
+++ b/src/_cffi_src/openssl/asn1.py | ||
@@ -105,4 +105,7 @@ ASN1_NULL *ASN1_NULL_new(void); | ||
""" | ||
|
||
CUSTOMIZATIONS = """ | ||
+#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL | ||
+#define ASN1_STRING_data ASN1_STRING_get0_data | ||
+#endif | ||
""" | ||
--- a/src/_cffi_src/openssl/conf.py | ||
+++ b/src/_cffi_src/openssl/conf.py | ||
@@ -17,4 +17,8 @@ void OPENSSL_no_config(void); | ||
""" | ||
|
||
CUSTOMIZATIONS = """ | ||
+#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL | ||
+#define OPENSSL_config(x) 0 | ||
+#define OPENSSL_no_config() 0 | ||
+#endif | ||
""" | ||
--- a/src/_cffi_src/openssl/crypto.py | ||
+++ b/src/_cffi_src/openssl/crypto.py | ||
@@ -113,4 +113,8 @@ void *Cryptography_realloc_wrapper(void | ||
void Cryptography_free_wrapper(void *ptr, const char *path, int line) { | ||
free(ptr); | ||
} | ||
+ | ||
+#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL | ||
+#define CRYPTO_get_locking_callback() 0 | ||
+#endif | ||
""" | ||
--- a/src/_cffi_src/openssl/ecdh.py | ||
+++ b/src/_cffi_src/openssl/ecdh.py | ||
@@ -17,4 +17,7 @@ long SSL_CTX_set_ecdh_auto(SSL_CTX *, in | ||
""" | ||
|
||
CUSTOMIZATIONS = """ | ||
+#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL | ||
+#define SSL_CTX_set_ecdh_auto(a, b) ((b) != 0) | ||
+#endif | ||
""" | ||
--- a/src/_cffi_src/openssl/evp.py | ||
+++ b/src/_cffi_src/openssl/evp.py | ||
@@ -269,4 +269,9 @@ static const long Cryptography_HAS_EVP_D | ||
#ifndef EVP_PKEY_POLY1305 | ||
#define EVP_PKEY_POLY1305 NID_poly1305 | ||
#endif | ||
+ | ||
+#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL | ||
+#define EVP_CIPHER_CTX_cleanup EVP_CIPHER_CTX_reset | ||
+#define OpenSSL_add_all_algorithms() do {} while(0) | ||
+#endif | ||
""" | ||
--- a/src/_cffi_src/openssl/ssl.py | ||
+++ b/src/_cffi_src/openssl/ssl.py | ||
@@ -745,4 +745,9 @@ long (*SSL_get_max_proto_version)(SSL *) | ||
#else | ||
static const long Cryptography_HAS_GET_PROTO_VERSION = 1; | ||
#endif | ||
+ | ||
+#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL | ||
+#define SSL_library_init() 1 | ||
+#define SSL_load_error_strings() 0 | ||
+#endif | ||
""" | ||
--- a/src/_cffi_src/openssl/x509.py | ||
+++ b/src/_cffi_src/openssl/x509.py | ||
@@ -305,4 +305,16 @@ int i2d_re_X509_CRL_tbs(X509_CRL *crl, u | ||
return i2d_X509_CRL_INFO(crl->crl, pp); | ||
} | ||
#endif | ||
+ | ||
+#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL | ||
+#define X509_get_notBefore X509_get0_notBefore | ||
+#define X509_get_notAfter X509_get0_notAfter | ||
+#define X509_set_notBefore X509_set1_notBefore | ||
+#define X509_set_notAfter X509_set1_notAfter | ||
+ | ||
+#define X509_CRL_get_lastUpdate X509_CRL_get0_lastUpdate | ||
+#define X509_CRL_get_nextUpdate X509_CRL_get0_nextUpdate | ||
+#define X509_CRL_set_lastUpdate X509_CRL_set1_lastUpdate | ||
+#define X509_CRL_set_nextUpdate X509_CRL_set1_nextUpdate | ||
+#endif | ||
""" | ||
--- a/src/_cffi_src/openssl/x509_vfy.py | ||
+++ b/src/_cffi_src/openssl/x509_vfy.py | ||
@@ -265,4 +265,10 @@ static const long Cryptography_HAS_X509_ | ||
#else | ||
static const long Cryptography_HAS_X509_CB_ISSUER_CHECK = 1; | ||
#endif | ||
+ | ||
+#if (OPENSSL_API_COMPAT >= 0x10100000L) && !CRYPTOGRAPHY_IS_LIBRESSL | ||
+#define X509_STORE_CTX_trusted_stack X509_STORE_CTX_set0_trusted_stack | ||
+#define X509_STORE_CTX_set_chain X509_STORE_CTX_set0_untrusted | ||
+#define X509_STORE_CTX_get_chain X509_STORE_CTX_get1_chain | ||
+#endif | ||
""" |
42 changes: 0 additions & 42 deletions
42
...thon-cryptography/patches/0004-Replace-EVP_CIPHER_CTX_cleanup-with-EVP_CIPHER_CTX_r.patch
This file was deleted.
Oops, something went wrong.
51 changes: 51 additions & 0 deletions
51
lang/python/python-cryptography/patches/0004-don-t-setup-rust-extension.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
--- a/setup.py | ||
+++ b/setup.py | ||
@@ -10,21 +10,24 @@ import sys | ||
|
||
from setuptools import find_packages, setup | ||
|
||
-try: | ||
- from setuptools_rust import RustExtension | ||
-except ImportError: | ||
- print( | ||
- """ | ||
- =============================DEBUG ASSISTANCE========================== | ||
- If you are seeing an error here please try the following to | ||
- successfully install cryptography: | ||
- | ||
- Upgrade to the latest pip and try again. This will fix errors for most | ||
- users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip | ||
- =============================DEBUG ASSISTANCE========================== | ||
- """ | ||
- ) | ||
- raise | ||
+dont_setup_rust = os.environ.get("CRYPTOGRAPHY_DONT_BUILD_RUST") | ||
+ | ||
+if not dont_setup_rust: | ||
+ try: | ||
+ from setuptools_rust import RustExtension | ||
+ except ImportError: | ||
+ print( | ||
+ """ | ||
+ =============================DEBUG ASSISTANCE========================== | ||
+ If you are seeing an error here please try the following to | ||
+ successfully install cryptography: | ||
+ | ||
+ Upgrade to the latest pip and try again. This will fix errors for most | ||
+ users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip | ||
+ =============================DEBUG ASSISTANCE========================== | ||
+ """ | ||
+ ) | ||
+ raise | ||
|
||
|
||
base_dir = os.path.dirname(__file__) | ||
@@ -45,7 +48,7 @@ setuptools_rust = "setuptools-rust>=0.11 | ||
install_requirements = ["cffi>=1.12"] | ||
setup_requirements = install_requirements + [setuptools_rust] | ||
|
||
-if os.environ.get("CRYPTOGRAPHY_DONT_BUILD_RUST"): | ||
+if dont_setup_rust: | ||
rust_extensions = [] | ||
else: | ||
rust_extensions = [ |
Oops, something went wrong.