From cabb670a1c808329c957478a5470e767feec6705 Mon Sep 17 00:00:00 2001
From: Simon Frankenberger <simon@fraho.eu>
Date: Tue, 4 Sep 2018 08:18:18 +0200
Subject: main/py-cryptography: Update to 2.3.1

---
 main/py-cryptography/APKBUILD           |   8 +--
 main/py-cryptography/libressl-2.7.patch | 111 --------------------------------
 2 files changed, 3 insertions(+), 116 deletions(-)
 delete mode 100644 main/py-cryptography/libressl-2.7.patch

(limited to 'main/py-cryptography')

diff --git a/main/py-cryptography/APKBUILD b/main/py-cryptography/APKBUILD
index d315dd6e83..41549cabc3 100644
--- a/main/py-cryptography/APKBUILD
+++ b/main/py-cryptography/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: August Klein <amatcoder@gmail.com>
 pkgname=py-cryptography
 _pkgname=${pkgname#py-}
-pkgver=2.2.2
+pkgver=2.3.1
 pkgrel=0
 pkgdesc="A package which provides cryptographic recipes and primitives"
 url="https://pypi.python.org/pypi/cryptography"
@@ -11,8 +11,7 @@ license="Apache-2.0"
 depends="py-cffi py-idna py-asn1crypto py-six"
 makedepends="python2-dev python3-dev py-setuptools libffi-dev libressl-dev"
 subpackages="py3-$_pkgname:_py3 py2-$_pkgname:_py2"
-source="https://files.pythonhosted.org/packages/source/${_pkgname:0:1}/$_pkgname/$_pkgname-$pkgver.tar.gz
-	libressl-2.7.patch"
+source="https://files.pythonhosted.org/packages/source/${_pkgname:0:1}/$_pkgname/$_pkgname-$pkgver.tar.gz"
 builddir="$srcdir/$_pkgname-$pkgver"
 
 build() {
@@ -52,5 +51,4 @@ _py3() {
 	_py python3
 }
 
-sha512sums="6c1b19cdb870d65abad42523697e9a0bebc7a0025b34f10c4bdd30c313333efd7c41bcb4237a29b3a1b270e3fbade75ccb35df172b055b7c075d619f4d9424c9  cryptography-2.2.2.tar.gz
-71a6d8c30a98b2072c9f39aea1244b44ab235c324f1bc73e15dcacf3eb323940e67d6555e9b74bed4205bc62a604e68142f0e7418cf4310364fd9ec0fb195b2d  libressl-2.7.patch"
+sha512sums="384581238b5669dbf31fd1b1385ec2ff9c6d76e2b7612efb15f255e17a11a38474f84668e62ceaa39a146260f46cac743575c0a8ffedc1e40c7b2f90d7cb00b1  cryptography-2.3.1.tar.gz"
diff --git a/main/py-cryptography/libressl-2.7.patch b/main/py-cryptography/libressl-2.7.patch
deleted file mode 100644
index f4f0ed4a79..0000000000
--- a/main/py-cryptography/libressl-2.7.patch
+++ /dev/null
@@ -1,111 +0,0 @@
-$OpenBSD: patch-src__cffi_src_openssl_x509_py,v 1.1 2018/02/18 13:44:41 sthen Exp $
-
-Index: src/_cffi_src/openssl/x509.py
---- a/src/_cffi_src/openssl/x509.py.orig
-+++ b/src/_cffi_src/openssl/x509.py
-@@ -255,8 +255,7 @@ int X509_get_signature_nid(const X509 *);
- 
- const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *);
- 
--/* in 1.1.0 becomes const ASN1_BIT_STRING, const X509_ALGOR */
--void X509_get0_signature(ASN1_BIT_STRING **, X509_ALGOR **, X509 *);
-+void X509_get0_signature(const ASN1_BIT_STRING **, const X509_ALGOR **, const X509 *);
- 
- long X509_get_version(X509 *);
- 
-@@ -339,7 +338,8 @@ void X509_REQ_get0_signature(const X509_REQ *, const A
- CUSTOMIZATIONS = """
- /* Added in 1.0.2 beta but we need it in all versions now due to the great
-    opaquing. */
--#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102
-+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 && \
-+    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
- /* from x509/x_x509.c version 1.0.2 */
- void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
-                          const X509 *x)
-@@ -383,9 +383,11 @@ X509_REVOKED *Cryptography_X509_REVOKED_dup(X509_REVOK
-    opaquing. */
- #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110
- 
-+#if (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
- int X509_up_ref(X509 *x) {
-    return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
- }
-+#endif
- 
- const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x)
- {
-$OpenBSD: patch-src__cffi_src_openssl_x509_vfy_py,v 1.7 2018/02/22 18:49:16 sthen Exp $
-
-Index: src/_cffi_src/openssl/x509_vfy.py
---- a/src/_cffi_src/openssl/x509_vfy.py.orig
-+++ b/src/_cffi_src/openssl/x509_vfy.py
-@@ -204,7 +204,7 @@ int sk_X509_OBJECT_num(Cryptography_STACK_OF_X509_OBJE
- X509_OBJECT *sk_X509_OBJECT_value(Cryptography_STACK_OF_X509_OBJECT *, int);
- X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *);
- Cryptography_STACK_OF_X509_OBJECT *X509_STORE_get0_objects(X509_STORE *);
--X509 *X509_OBJECT_get0_X509(X509_OBJECT *);
-+X509 *X509_OBJECT_get0_X509(const X509_OBJECT *);
- int X509_OBJECT_get_type(const X509_OBJECT *);
- 
- /* added in 1.1.0 */
-@@ -220,14 +220,11 @@ static const long Cryptography_HAS_102_VERIFICATION_ER
- static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
- #else
- static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0;
-+#if LIBRESSL_VERSION_NUMBER >= 0x2070000fL
-+static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
-+#else
- static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0;
- 
--static const long X509_V_ERR_SUITE_B_INVALID_VERSION = 0;
--static const long X509_V_ERR_SUITE_B_INVALID_ALGORITHM = 0;
--static const long X509_V_ERR_SUITE_B_INVALID_CURVE = 0;
--static const long X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = 0;
--static const long X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED = 0;
--static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0;
- /* These 3 defines are unavailable in LibreSSL 2.5.x, but may be added
-    in the future... */
- #ifndef X509_V_ERR_HOSTNAME_MISMATCH
-@@ -240,12 +237,6 @@ static const long X509_V_ERR_EMAIL_MISMATCH = 0;
- static const long X509_V_ERR_IP_ADDRESS_MISMATCH = 0;
- #endif
- 
--/* X509_V_FLAG_TRUSTED_FIRST is also new in 1.0.2+, but it is added separately
--   below because it shows up in some earlier 3rd party OpenSSL packages. */
--static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0;
--static const long X509_V_FLAG_SUITEB_192_LOS = 0;
--static const long X509_V_FLAG_SUITEB_128_LOS = 0;
--
- int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *,
-                                    size_t) = NULL;
- int (*X509_VERIFY_PARAM_set1_email)(X509_VERIFY_PARAM *, const char *,
-@@ -257,6 +248,19 @@ void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PA
-                                         unsigned int) = NULL;
- #endif
- 
-+static const long X509_V_ERR_SUITE_B_INVALID_VERSION = 0;
-+static const long X509_V_ERR_SUITE_B_INVALID_ALGORITHM = 0;
-+static const long X509_V_ERR_SUITE_B_INVALID_CURVE = 0;
-+static const long X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = 0;
-+static const long X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED = 0;
-+static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0;
-+/* X509_V_FLAG_TRUSTED_FIRST is also new in 1.0.2+, but it is added separately
-+   below because it shows up in some earlier 3rd party OpenSSL packages. */
-+static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0;
-+static const long X509_V_FLAG_SUITEB_192_LOS = 0;
-+static const long X509_V_FLAG_SUITEB_128_LOS = 0;
-+#endif
-+
- /* OpenSSL 1.0.2+ or Solaris's backport */
- #ifdef X509_V_FLAG_PARTIAL_CHAIN
- static const long Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN = 1;
-@@ -292,7 +296,7 @@ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx)
-     return ctx->cert;
- }
- 
--X509 *X509_OBJECT_get0_X509(X509_OBJECT *x) {
-+X509 *X509_OBJECT_get0_X509(const X509_OBJECT *x) {
-     return x->data.x509;
- }
- #endif
-- 
cgit v1.2.3