ports/security/py-cryptography/files/patch-Fix-build-with-LibreSSL-3.3.2-5988
Charlie Li 5b57210d0d
security/py-cryptography: support LibreSSL 3.4.0
Merged upstream as https://github.com/pyca/cryptography/pull/6360
and backported to this version.

While here, remove remaining FreeBSD 11 cruft

Approved by: fluffy (mentor), koobs (implicit: MAINTAINER_POLICY)
Differential Revision: https://reviews.freebsd.org/D32281
2021-10-04 17:32:24 -04:00

62 lines
1.8 KiB
Text

From 94590a9aecc9e5ef6fc8eda52bae43643a4c44bd Mon Sep 17 00:00:00 2001
From: Charlie Li <vishwin@users.noreply.github.com>
Date: Mon, 19 Apr 2021 18:38:38 -0400
Subject: [PATCH] Fix build with LibreSSL 3.3.2 (#5988)
* LibreSSL 3.3.2 supports SSL_OP_NO_DTLS*
While here, bump CI
* Fix preprocessor guards for LibreSSL's SSL_OP_NO_DTLS*
DTLS_set_link_mtu and DTLS_get_link_min_mtu are not part of 3.3.2
* Switch to LESS_THAN context for LibreSSL 3.3.2
While here, fix indents
* Remove extra C variable declaration
The variable is not actually used from Python
---
.github/workflows/ci.yml | 2 +-
src/_cffi_src/openssl/cryptography.py | 7 +++++++
src/_cffi_src/openssl/ssl.py | 2 ++
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git src/_cffi_src/openssl/cryptography.py src/_cffi_src/openssl/cryptography.py
index e2b5a132..b9c7a793 100644
--- src/_cffi_src/openssl/cryptography.py
+++ src/_cffi_src/openssl/cryptography.py
@@ -32,6 +32,13 @@ INCLUDES = """
#include <Winsock2.h>
#endif
+#if CRYPTOGRAPHY_IS_LIBRESSL
+#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 \
+ (LIBRESSL_VERSION_NUMBER < 0x3030200f)
+#else
+#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 (0)
+#endif
+
#define CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER \
(OPENSSL_VERSION_NUMBER >= 0x1010006f && !CRYPTOGRAPHY_IS_LIBRESSL)
diff --git src/_cffi_src/openssl/ssl.py src/_cffi_src/openssl/ssl.py
index 11a7d63a..081ef041 100644
--- src/_cffi_src/openssl/ssl.py
+++ src/_cffi_src/openssl/ssl.py
@@ -586,8 +586,10 @@ static const long TLS_ST_OK = 0;
#endif
#if CRYPTOGRAPHY_IS_LIBRESSL
+#if CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332
static const long SSL_OP_NO_DTLSv1 = 0;
static const long SSL_OP_NO_DTLSv1_2 = 0;
+#endif
long (*DTLS_set_link_mtu)(SSL *, long) = NULL;
long (*DTLS_get_link_min_mtu)(SSL *) = NULL;
#endif
--
2.31.1