Thu Oct 26 06:32:57 2023 UTC ()

py-OpenSSL: updated to 23.3.0

23.3.0 (2023-10-25)
-------------------

Backward-incompatible changes:

- Dropped support for Python 3.6.
- The minimum ``cryptography`` version is now 41.0.5.
- Removed ``OpenSSL.crypto.loads_pkcs7`` and ``OpenSSL.crypto.loads_pkcs12`` which had been deprecated for 3 years.
- Added ``OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT`` to allow legacy insecure renegotiation between OpenSSL and unpatched servers.

Deprecations:

- Deprecated ``OpenSSL.crypto.PKCS12`` (which was intended to have been deprecated at the same time as ``OpenSSL.crypto.load_pkcs12``).
- Deprecated ``OpenSSL.crypto.NetscapeSPKI``.
- Deprecated ``OpenSSL.crypto.CRL``
- Deprecated ``OpenSSL.crypto.Revoked``
- Deprecated ``OpenSSL.crypto.load_crl`` and ``OpenSSL.crypto.dump_crl``
- Deprecated ``OpenSSL.crypto.sign`` and ``OpenSSL.crypto.verify``
- Deprecated ``OpenSSL.crypto.X509Extension``

Changes:

- Changed ``OpenSSL.crypto.X509Store.add_crl`` to also accept
  ``cryptography``'s ``x509.CertificateRevocationList`` arguments in addition
  to the now deprecated ``OpenSSL.crypto.CRL`` arguments.
- Fixed ``test_set_default_verify_paths`` test so that it is skipped if no
  network connection is available.


(adam)

diff -r1.67 -r1.68 pkgsrc/security/py-OpenSSL/Makefile
diff -r1.31 -r1.32 pkgsrc/security/py-OpenSSL/distinfo
diff -r1.3 -r1.4 pkgsrc/security/py-OpenSSL/patches/patch-tests_memdbg.py

--- pkgsrc/security/py-OpenSSL/Makefile 2023/10/24 22:10:57 1.67
+++ pkgsrc/security/py-OpenSSL/Makefile 2023/10/26 06:32:57 1.68

 @@ -1,27 +1,26 @@
-# $NetBSD: Makefile,v 1.67 2023/10/24 22:10:57 wiz Exp $
+# $NetBSD: Makefile,v 1.68 2023/10/26 06:32:57 adam Exp $
-DISTNAME=	pyOpenSSL-23.2.0
+DISTNAME=	pyOpenSSL-23.3.0
 PKGNAME=	${PYPKGPREFIX}-${DISTNAME:S/py//}
 PKGREVISION=	1
 CATEGORIES=	security python
 MASTER_SITES=	${MASTER_SITE_PYPI:=p/pyOpenSSL/}
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	https://pyopenssl.org/
 COMMENT=	Python interface to the OpenSSL library
 LICENSE=	apache-2.0
-DEPENDS+=	${PYPKGPREFIX}-cryptography>=40.0.2:../../security/py-cryptography
+DEPENDS+=	${PYPKGPREFIX}-cryptography>=41.0.5:../../security/py-cryptography
 TEST_DEPENDS+=	${PYPKGPREFIX}-flaky-[0-9]*:../../devel/py-flaky
 TEST_DEPENDS+=	${PYPKGPREFIX}-pretend-[0-9]*:../../devel/py-pretend
-TEST_DEPENDS+=	${PYPKGPREFIX}-test-[0-9]*:../../devel/py-test
+TEST_DEPENDS+=	${PYPKGPREFIX}-test>=3.0.1:../../devel/py-test
 PYTHON_VERSIONS_INCOMPATIBLE=	27
 # https://github.com/pyca/pyopenssl/issues/656
 do-test:
 	cd ${WRKSRC} && ${SETENV} ${TEST_ENV} pytest-${PYVERSSUFFIX} tests
 .include "../../lang/python/egg.mk"
 .include "../../security/openssl/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"

--- pkgsrc/security/py-OpenSSL/distinfo 2023/05/31 12:58:48 1.31
+++ pkgsrc/security/py-OpenSSL/distinfo 2023/10/26 06:32:57 1.32

 @@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.31 2023/05/31 12:58:48 adam Exp $
+$NetBSD: distinfo,v 1.32 2023/10/26 06:32:57 adam Exp $
-BLAKE2s (pyOpenSSL-23.2.0.tar.gz) = c7f9b3158a6ec659c79536c69542adf487f986fbbc1a0ba69822289f035eb4d7
+BLAKE2s (pyOpenSSL-23.3.0.tar.gz) = 58f995b3f7ba7d483c85820bcaa65ebbd38cd00dc07f5ef48779c8caa59f64cf
-SHA512 (pyOpenSSL-23.2.0.tar.gz) = a467801bf94959a067d9d3551b47d17d4798bf0b87d253d41a89cac9cdb1731a967a98bda3e83ab8a560ed5fdc0a17f34604f3c6e0f6789bc4c920bc49f520c9
+SHA512 (pyOpenSSL-23.3.0.tar.gz) = e75ffd9922798d7bb08be50782a2185aaf69cdc41e4c83e0c904d7b7b3b5da3bbfe73abe965eb0bfe1b325de79eb9f72f16a05444f0310ebfaf8f5bf8ce1fe87
-Size (pyOpenSSL-23.2.0.tar.gz) = 185132 bytes
+Size (pyOpenSSL-23.3.0.tar.gz) = 183043 bytes
-SHA1 (patch-tests_memdbg.py) = a2d2395a0fe1dd1934a50b065fe68f47907f0b87
+SHA1 (patch-tests_memdbg.py) = b3dbfcef4bb83185e064a7c7524c16402309dc06

--- pkgsrc/security/py-OpenSSL/patches/patch-tests_memdbg.py 2020/12/19 11:52:26 1.3
+++ pkgsrc/security/py-OpenSSL/patches/patch-tests_memdbg.py 2023/10/26 06:32:57 1.4

 @@ -1,29 +1,29 @@
-$NetBSD: patch-tests_memdbg.py,v 1.3 2020/12/19 11:52:26 leot Exp $
+$NetBSD: patch-tests_memdbg.py,v 1.4 2023/10/26 06:32:57 adam Exp $
 Fix running test on NetBSD.
 https://github.com/pyca/pyopenssl/issues/595
---- tests/memdbg.py.orig	2020-12-15 15:30:54.000000000 +0000
+--- tests/memdbg.py.orig	2023-10-19 22:18:27.000000000 +0000
 +++ tests/memdbg.py
-@@ -19,9 +19,9 @@ _ffi.cdef(
+@@ -17,9 +17,9 @@ _ffi.cdef(
      int  CRYPTO_set_mem_functions(
          void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
 -    int backtrace(void **buffer, int size);
 -    char **backtrace_symbols(void *const *buffer, int size);
 -    void backtrace_symbols_fd(void *const *buffer, int size, int fd);
 +    size_t backtrace(void **buffer, size_t size);
 +    char **backtrace_symbols(void *const *buffer, size_t size);
 +    void backtrace_symbols_fd(void *const *buffer, size_t size, int fd);
      """
  )  # noqa
  _api = _ffi.verify(
-@@ -30,7 +30,7 @@ _api = _ffi.verify(
+@@ -28,7 +28,7 @@ _api = _ffi.verify(
      #include <stdlib.h>
      #include <execinfo.h>
      """,
 -    libraries=["crypto"],
 +    libraries=["crypto", "execinfo"] if sys.platform.startswith('netbsd') else ["crypto"],
+ )
  C = _ffi.dlopen(None)