Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Matt Thode <prometheanfire@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-python/cryptography/, dev-python/cryptography-vectors/, ...
Date: Wed, 01 Aug 2018 17:52:12
Message-Id: 1533145827.bc82ed8c77227b67d20d84d0a05cffb8be68f26d.prometheanfire@gentoo
1 commit: bc82ed8c77227b67d20d84d0a05cffb8be68f26d
2 Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
3 AuthorDate: Wed Aug 1 17:40:20 2018 +0000
4 Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org>
5 CommitDate: Wed Aug 1 17:50:27 2018 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bc82ed8c
7
8 dev-python/cryptography: 2.2.2-r1 for CVE-2018-10903 with cleanup
9
10 Fast stable as well
11
12 Bug: https://bugs.gentoo.org/662564
13 Package-Manager: Portage-2.3.43, Repoman-2.3.10
14
15 .../cryptography-vectors-1.7.1.ebuild | 25 -------
16 .../cryptography-vectors-2.0.2.ebuild | 25 -------
17 .../cryptography-vectors-2.1.4.ebuild | 25 -------
18 .../cryptography-vectors-2.2.2.ebuild | 2 +-
19 .../cryptography-vectors-2.3.ebuild | 2 +-
20 dev-python/cryptography/Manifest | 3 -
21 .../cryptography/cryptography-1.7.1-r1.ebuild | 52 ---------------
22 dev-python/cryptography/cryptography-1.7.1.ebuild | 50 --------------
23 .../cryptography/cryptography-2.0.2-r1.ebuild | 51 ---------------
24 .../cryptography/cryptography-2.1.4-r1.ebuild | 68 -------------------
25 dev-python/cryptography/cryptography-2.1.4.ebuild | 63 ------------------
26 ....1.4-r2.ebuild => cryptography-2.2.2-r1.ebuild} | 3 +-
27 dev-python/cryptography/cryptography-2.2.2.ebuild | 68 -------------------
28 dev-python/cryptography/files/CVE-2018-10903.patch | 76 ++++++++++++++++++++++
29 14 files changed, 80 insertions(+), 433 deletions(-)
30
31 diff --git a/dev-python/cryptography-vectors/cryptography-vectors-1.7.1.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-1.7.1.ebuild
32 deleted file mode 100644
33 index d116dec7d49..00000000000
34 --- a/dev-python/cryptography-vectors/cryptography-vectors-1.7.1.ebuild
35 +++ /dev/null
36 @@ -1,25 +0,0 @@
37 -# Copyright 1999-2017 Gentoo Foundation
38 -# Distributed under the terms of the GNU General Public License v2
39 -
40 -EAPI=6
41 -
42 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy pypy3 )
43 -
44 -inherit distutils-r1
45 -
46 -MY_PN=${PN/-/_}
47 -MY_P=${MY_PN}-${PV}
48 -
49 -DESCRIPTION="Test vectors for the cryptography package"
50 -HOMEPAGE="https://pypi.org/project/cryptography-vectors/"
51 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz"
52 -
53 -LICENSE="|| ( Apache-2.0 BSD )"
54 -SLOT="0"
55 -KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd"
56 -IUSE=""
57 -
58 -DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
59 -RDEPEND=""
60 -
61 -S=${WORKDIR}/${MY_P}
62
63 diff --git a/dev-python/cryptography-vectors/cryptography-vectors-2.0.2.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-2.0.2.ebuild
64 deleted file mode 100644
65 index 522a34ffd31..00000000000
66 --- a/dev-python/cryptography-vectors/cryptography-vectors-2.0.2.ebuild
67 +++ /dev/null
68 @@ -1,25 +0,0 @@
69 -# Copyright 1999-2017 Gentoo Foundation
70 -# Distributed under the terms of the GNU General Public License v2
71 -
72 -EAPI=6
73 -
74 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy pypy3 )
75 -
76 -inherit distutils-r1
77 -
78 -MY_PN=${PN/-/_}
79 -MY_P=${MY_PN}-${PV}
80 -
81 -DESCRIPTION="Test vectors for the cryptography package"
82 -HOMEPAGE="https://pypi.org/project/cryptography-vectors/"
83 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz"
84 -
85 -LICENSE="|| ( Apache-2.0 BSD )"
86 -SLOT="0"
87 -KEYWORDS="~alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~x86-fbsd"
88 -IUSE=""
89 -
90 -DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
91 -RDEPEND=""
92 -
93 -S=${WORKDIR}/${MY_P}
94
95 diff --git a/dev-python/cryptography-vectors/cryptography-vectors-2.1.4.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-2.1.4.ebuild
96 deleted file mode 100644
97 index 4c323e7d6ba..00000000000
98 --- a/dev-python/cryptography-vectors/cryptography-vectors-2.1.4.ebuild
99 +++ /dev/null
100 @@ -1,25 +0,0 @@
101 -# Copyright 1999-2018 Gentoo Foundation
102 -# Distributed under the terms of the GNU General Public License v2
103 -
104 -EAPI=6
105 -
106 -PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} pypy pypy3 )
107 -
108 -inherit distutils-r1
109 -
110 -MY_PN=${PN/-/_}
111 -MY_P=${MY_PN}-${PV}
112 -
113 -DESCRIPTION="Test vectors for the cryptography package"
114 -HOMEPAGE="https://pypi.org/project/cryptography-vectors/"
115 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz"
116 -
117 -LICENSE="|| ( Apache-2.0 BSD )"
118 -SLOT="0"
119 -KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x86-fbsd"
120 -IUSE=""
121 -
122 -DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
123 -RDEPEND=""
124 -
125 -S=${WORKDIR}/${MY_P}
126
127 diff --git a/dev-python/cryptography-vectors/cryptography-vectors-2.2.2.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-2.2.2.ebuild
128 index 6c1b08319c7..257fe8aef64 100644
129 --- a/dev-python/cryptography-vectors/cryptography-vectors-2.2.2.ebuild
130 +++ b/dev-python/cryptography-vectors/cryptography-vectors-2.2.2.ebuild
131 @@ -16,7 +16,7 @@ SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz"
132
133 LICENSE="|| ( Apache-2.0 BSD )"
134 SLOT="0"
135 -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
136 +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~amd64-linux ~ppc-macos ~x86-linux ~x64-macos ~x64-solaris"
137 IUSE=""
138
139 DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
140
141 diff --git a/dev-python/cryptography-vectors/cryptography-vectors-2.3.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-2.3.ebuild
142 index 6c1b08319c7..dcefb0e150e 100644
143 --- a/dev-python/cryptography-vectors/cryptography-vectors-2.3.ebuild
144 +++ b/dev-python/cryptography-vectors/cryptography-vectors-2.3.ebuild
145 @@ -16,7 +16,7 @@ SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz"
146
147 LICENSE="|| ( Apache-2.0 BSD )"
148 SLOT="0"
149 -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
150 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~ppc-macos ~x86-linux ~x64-macos ~x64-solaris"
151 IUSE=""
152
153 DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
154
155 diff --git a/dev-python/cryptography/Manifest b/dev-python/cryptography/Manifest
156 index 179000c042e..1a1794af18c 100644
157 --- a/dev-python/cryptography/Manifest
158 +++ b/dev-python/cryptography/Manifest
159 @@ -1,5 +1,2 @@
160 -DIST cryptography-1.7.1.tar.gz 420673 BLAKE2B 8c0257187f29173bae610f191f6ae3251e5dd2cfcbe639020d1ea8f94a09bfe4281c9f6b2c85aefc1989c5832eab4db40c226a8a2e12c4dcbf6241555dafa628 SHA512 fb88b0ee9e314526fcdbb6d35da409b7335c7408a69d2350c58379471d2b9d76021010955629cf776d26312f22d4f8aa3f135955a19dfbff9d602176c9bbfd40
161 -DIST cryptography-2.0.2.tar.gz 427303 BLAKE2B 53f891c02aa4b82b13a66a4c74bd6db9e8dcdb57bd0bba76648e0c1be710ce1d94c8425ead6d81b240b39c034125ce320757d4b43c56bc7410af11f171cf9a21 SHA512 a71219ff52006a7c8bf1553d0f132c747566c630281ef89aac40c65b193b1f0074fc9cda1de7057c76b452113dfb6188c83baef3ed9c05ff18adbc8b7bba646b
162 -DIST cryptography-2.1.4.tar.gz 441557 BLAKE2B 66aa07930ee54469328977e27096e65b7a333b38b71828c71cb7891b489ef7af60f5e5590f67b43d5e63dc2279d9ca1ba036879f3145264f7639d65000958b50 SHA512 f749cb4384badc174a842514e5a4fee2ed01ab9c716799d8d9d5301f6d2d97b6c41deb9e425f48928b639fa34bef8c05529ed7e5b777ef5ca75c244f8fda8fd4
163 DIST cryptography-2.2.2.tar.gz 443822 BLAKE2B d0fbaad78d172f1ba1bfa6edd64d2d5a0eac0853a564fdbb9830dfedc5c53fe1b28d8c1878be85ce38b8cd90a0c2e40e6a209158693a88a7053a80f0481e6302 SHA512 6c1b19cdb870d65abad42523697e9a0bebc7a0025b34f10c4bdd30c313333efd7c41bcb4237a29b3a1b270e3fbade75ccb35df172b055b7c075d619f4d9424c9
164 DIST cryptography-2.3.tar.gz 449464 BLAKE2B 7485c745f9c6512a5efce42181970deff19bd4420e91230d84b070cd77450a6805c56a2e37cda73b45c90ed969c8fdbb866a7cc9e53a6828a1ca6e45befd9de8 SHA512 75e14020da500fdbbd578f004b22ef3237844185329adf59288b29f1b3ee9dd2005a2c4a933fe8609a59d168012a9f687bab0f31ab39ed6ca325198aa9295e52
165
166 diff --git a/dev-python/cryptography/cryptography-1.7.1-r1.ebuild b/dev-python/cryptography/cryptography-1.7.1-r1.ebuild
167 deleted file mode 100644
168 index 11cff7b6191..00000000000
169 --- a/dev-python/cryptography/cryptography-1.7.1-r1.ebuild
170 +++ /dev/null
171 @@ -1,52 +0,0 @@
172 -# Copyright 1999-2018 Gentoo Foundation
173 -# Distributed under the terms of the GNU General Public License v2
174 -
175 -EAPI=6
176 -
177 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} )
178 -PYTHON_REQ_USE="threads(+)"
179 -
180 -inherit distutils-r1
181 -
182 -DESCRIPTION="Library providing cryptographic recipes and primitives"
183 -HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/"
184 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
185 -
186 -LICENSE="|| ( Apache-2.0 BSD )"
187 -SLOT="0"
188 -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux"
189 -IUSE="libressl test"
190 -
191 -RDEPEND="
192 - !libressl? ( dev-libs/openssl:0= )
193 - libressl? ( dev-libs/libressl:0= )
194 - $(python_gen_cond_dep '>=dev-python/cffi-1.4.1:=[${PYTHON_USEDEP}]' 'python*')
195 - $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 python3_3 pypy{,3})
196 - >=dev-python/idna-2.0[${PYTHON_USEDEP}]
197 - >=dev-python/pyasn1-0.1.8[${PYTHON_USEDEP}]
198 - dev-python/setuptools[${PYTHON_USEDEP}]
199 - >=dev-python/six-1.4.1[${PYTHON_USEDEP}]
200 - $(python_gen_cond_dep '>=virtual/pypy-2.6.0' pypy )
201 - virtual/python-ipaddress[${PYTHON_USEDEP}]
202 - "
203 -DEPEND="${RDEPEND}
204 - >=dev-python/setuptools-1.0[${PYTHON_USEDEP}]
205 - test? (
206 - ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]
207 - dev-python/hypothesis[${PYTHON_USEDEP}]
208 - dev-python/iso8601[${PYTHON_USEDEP}]
209 - dev-python/pretend[${PYTHON_USEDEP}]
210 - dev-python/pyasn1-modules[${PYTHON_USEDEP}]
211 - >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}]
212 - dev-python/pytz[${PYTHON_USEDEP}]
213 - )"
214 -
215 -DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
216 -
217 -PATCHES=( "${FILESDIR}"/${P}-libressl251.patch )
218 -
219 -python_test() {
220 - distutils_install_for_testing
221 -
222 - py.test -v -v -x || die "Tests fail with ${EPYTHON}"
223 -}
224
225 diff --git a/dev-python/cryptography/cryptography-1.7.1.ebuild b/dev-python/cryptography/cryptography-1.7.1.ebuild
226 deleted file mode 100644
227 index 2646ca4511b..00000000000
228 --- a/dev-python/cryptography/cryptography-1.7.1.ebuild
229 +++ /dev/null
230 @@ -1,50 +0,0 @@
231 -# Copyright 1999-2017 Gentoo Foundation
232 -# Distributed under the terms of the GNU General Public License v2
233 -
234 -EAPI=6
235 -
236 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} )
237 -PYTHON_REQ_USE="threads(+)"
238 -
239 -inherit distutils-r1
240 -
241 -DESCRIPTION="Library providing cryptographic recipes and primitives"
242 -HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/"
243 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
244 -
245 -LICENSE="|| ( Apache-2.0 BSD )"
246 -SLOT="0"
247 -KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-linux ~x86-linux"
248 -IUSE="libressl test"
249 -
250 -RDEPEND="
251 - !libressl? ( dev-libs/openssl:0= )
252 - libressl? ( dev-libs/libressl )
253 - $(python_gen_cond_dep '>=dev-python/cffi-1.4.1:=[${PYTHON_USEDEP}]' 'python*')
254 - $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 python3_3 pypy{,3})
255 - >=dev-python/idna-2.0[${PYTHON_USEDEP}]
256 - >=dev-python/pyasn1-0.1.8[${PYTHON_USEDEP}]
257 - dev-python/setuptools[${PYTHON_USEDEP}]
258 - >=dev-python/six-1.4.1[${PYTHON_USEDEP}]
259 - $(python_gen_cond_dep '>=virtual/pypy-2.6.0' pypy )
260 - virtual/python-ipaddress[${PYTHON_USEDEP}]
261 - "
262 -DEPEND="${RDEPEND}
263 - >=dev-python/setuptools-1.0[${PYTHON_USEDEP}]
264 - test? (
265 - ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]
266 - dev-python/hypothesis[${PYTHON_USEDEP}]
267 - dev-python/iso8601[${PYTHON_USEDEP}]
268 - dev-python/pretend[${PYTHON_USEDEP}]
269 - dev-python/pyasn1-modules[${PYTHON_USEDEP}]
270 - >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}]
271 - dev-python/pytz[${PYTHON_USEDEP}]
272 - )"
273 -
274 -DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
275 -
276 -python_test() {
277 - distutils_install_for_testing
278 -
279 - py.test -v -v -x || die "Tests fail with ${EPYTHON}"
280 -}
281
282 diff --git a/dev-python/cryptography/cryptography-2.0.2-r1.ebuild b/dev-python/cryptography/cryptography-2.0.2-r1.ebuild
283 deleted file mode 100644
284 index c69917dc3a6..00000000000
285 --- a/dev-python/cryptography/cryptography-2.0.2-r1.ebuild
286 +++ /dev/null
287 @@ -1,51 +0,0 @@
288 -# Copyright 1999-2018 Gentoo Foundation
289 -# Distributed under the terms of the GNU General Public License v2
290 -
291 -EAPI=6
292 -
293 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} )
294 -PYTHON_REQ_USE="threads(+)"
295 -
296 -inherit distutils-r1 flag-o-matic
297 -
298 -DESCRIPTION="Library providing cryptographic recipes and primitives"
299 -HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/"
300 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
301 -
302 -LICENSE="|| ( Apache-2.0 BSD )"
303 -SLOT="0"
304 -KEYWORDS="amd64 arm arm64 hppa ia64 ~mips ppc ppc64 x86"
305 -IUSE="libressl test"
306 -
307 -RDEPEND="
308 - !libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] )
309 - libressl? ( dev-libs/libressl:0= )
310 - $(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*')
311 - $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3})
312 - >=dev-python/idna-2.1[${PYTHON_USEDEP}]
313 - >=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}]
314 - dev-python/setuptools[${PYTHON_USEDEP}]
315 - >=dev-python/six-1.4.1[${PYTHON_USEDEP}]
316 - virtual/python-ipaddress[${PYTHON_USEDEP}]
317 - "
318 -DEPEND="${RDEPEND}
319 - >=dev-python/setuptools-1.0[${PYTHON_USEDEP}]
320 - test? (
321 - ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]
322 - dev-python/hypothesis[${PYTHON_USEDEP}]
323 - dev-python/iso8601[${PYTHON_USEDEP}]
324 - dev-python/pretend[${PYTHON_USEDEP}]
325 - dev-python/pyasn1-modules[${PYTHON_USEDEP}]
326 - >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}]
327 - dev-python/pytz[${PYTHON_USEDEP}]
328 - )"
329 -
330 -DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
331 -
332 -python_configure_all() {
333 - append-cflags $(test-flags-CC -pthread)
334 -}
335 -
336 -python_test() {
337 - py.test -v -v -x || die "Tests fail with ${EPYTHON}"
338 -}
339
340 diff --git a/dev-python/cryptography/cryptography-2.1.4-r1.ebuild b/dev-python/cryptography/cryptography-2.1.4-r1.ebuild
341 deleted file mode 100644
342 index 00035b90760..00000000000
343 --- a/dev-python/cryptography/cryptography-2.1.4-r1.ebuild
344 +++ /dev/null
345 @@ -1,68 +0,0 @@
346 -# Copyright 1999-2018 Gentoo Foundation
347 -# Distributed under the terms of the GNU General Public License v2
348 -
349 -EAPI=6
350 -
351 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} )
352 -PYTHON_REQ_USE="threads(+)"
353 -
354 -inherit distutils-r1 flag-o-matic
355 -
356 -DESCRIPTION="Library providing cryptographic recipes and primitives"
357 -HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/"
358 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
359 -
360 -LICENSE="|| ( Apache-2.0 BSD )"
361 -SLOT="0"
362 -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x64-macos ~x64-solaris"
363 -IUSE="libressl test"
364 -
365 -# the openssl 1.0.2l-r1 needs to be updated again :(
366 -# It'd theb be able to go into the || section again
367 -#=dev-libs/openssl-1.0.2l-r1:0
368 -# the following is the original section, disallowing bindist entirely
369 -#!libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] )
370 -RDEPEND="
371 - !libressl? (
372 - dev-libs/openssl:0= (
373 - || (
374 - dev-libs/openssl:0[-bindist(-)]
375 - >=dev-libs/openssl-1.1.0g-r1:0
376 - )
377 - )
378 - )
379 - libressl? ( dev-libs/libressl:0= )
380 - $(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*')
381 - $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3})
382 - >=dev-python/idna-2.1[${PYTHON_USEDEP}]
383 - >=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}]
384 - dev-python/setuptools[${PYTHON_USEDEP}]
385 - >=dev-python/six-1.4.1[${PYTHON_USEDEP}]
386 - virtual/python-ipaddress[${PYTHON_USEDEP}]
387 - "
388 -DEPEND="${RDEPEND}
389 - >=dev-python/setuptools-1.0[${PYTHON_USEDEP}]
390 - test? (
391 - ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]
392 - dev-python/hypothesis[${PYTHON_USEDEP}]
393 - dev-python/iso8601[${PYTHON_USEDEP}]
394 - dev-python/pretend[${PYTHON_USEDEP}]
395 - dev-python/pyasn1-modules[${PYTHON_USEDEP}]
396 - >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}]
397 - dev-python/pytz[${PYTHON_USEDEP}]
398 - )"
399 -
400 -DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
401 -
402 -PATCHES=(
403 - "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509.patch
404 - "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509_vfy.patch
405 -)
406 -
407 -python_configure_all() {
408 - append-cflags $(test-flags-CC -pthread)
409 -}
410 -
411 -python_test() {
412 - py.test -v -v -x || die "Tests fail with ${EPYTHON}"
413 -}
414
415 diff --git a/dev-python/cryptography/cryptography-2.1.4.ebuild b/dev-python/cryptography/cryptography-2.1.4.ebuild
416 deleted file mode 100644
417 index f5fc4dd530d..00000000000
418 --- a/dev-python/cryptography/cryptography-2.1.4.ebuild
419 +++ /dev/null
420 @@ -1,63 +0,0 @@
421 -# Copyright 1999-2018 Gentoo Foundation
422 -# Distributed under the terms of the GNU General Public License v2
423 -
424 -EAPI=6
425 -
426 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} )
427 -PYTHON_REQ_USE="threads(+)"
428 -
429 -inherit distutils-r1 flag-o-matic
430 -
431 -DESCRIPTION="Library providing cryptographic recipes and primitives"
432 -HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/"
433 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
434 -
435 -LICENSE="|| ( Apache-2.0 BSD )"
436 -SLOT="0"
437 -KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x64-macos ~x64-solaris"
438 -IUSE="libressl test"
439 -
440 -# the openssl 1.0.2l-r1 needs to be updated again :(
441 -# It'd theb be able to go into the || section again
442 -#=dev-libs/openssl-1.0.2l-r1:0
443 -# the following is the original section, disallowing bindist entirely
444 -#!libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] )
445 -RDEPEND="
446 - !libressl? (
447 - dev-libs/openssl:0= (
448 - || (
449 - dev-libs/openssl:0[-bindist(-)]
450 - >=dev-libs/openssl-1.1.0g-r1:0
451 - )
452 - )
453 - )
454 - libressl? ( dev-libs/libressl )
455 - $(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*')
456 - $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3})
457 - >=dev-python/idna-2.1[${PYTHON_USEDEP}]
458 - >=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}]
459 - dev-python/setuptools[${PYTHON_USEDEP}]
460 - >=dev-python/six-1.4.1[${PYTHON_USEDEP}]
461 - virtual/python-ipaddress[${PYTHON_USEDEP}]
462 - "
463 -DEPEND="${RDEPEND}
464 - >=dev-python/setuptools-1.0[${PYTHON_USEDEP}]
465 - test? (
466 - ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]
467 - dev-python/hypothesis[${PYTHON_USEDEP}]
468 - dev-python/iso8601[${PYTHON_USEDEP}]
469 - dev-python/pretend[${PYTHON_USEDEP}]
470 - dev-python/pyasn1-modules[${PYTHON_USEDEP}]
471 - >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}]
472 - dev-python/pytz[${PYTHON_USEDEP}]
473 - )"
474 -
475 -DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
476 -
477 -python_configure_all() {
478 - append-cflags $(test-flags-CC -pthread)
479 -}
480 -
481 -python_test() {
482 - py.test -v -v -x || die "Tests fail with ${EPYTHON}"
483 -}
484
485 diff --git a/dev-python/cryptography/cryptography-2.1.4-r2.ebuild b/dev-python/cryptography/cryptography-2.2.2-r1.ebuild
486 similarity index 91%
487 rename from dev-python/cryptography/cryptography-2.1.4-r2.ebuild
488 rename to dev-python/cryptography/cryptography-2.2.2-r1.ebuild
489 index adaade43c53..ffaf2cd166a 100644
490 --- a/dev-python/cryptography/cryptography-2.1.4-r2.ebuild
491 +++ b/dev-python/cryptography/cryptography-2.2.2-r1.ebuild
492 @@ -14,7 +14,7 @@ SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
493
494 LICENSE="|| ( Apache-2.0 BSD )"
495 SLOT="0"
496 -KEYWORDS="alpha amd64 arm arm64 ~hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris"
497 +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~amd64-linux ~ppc-macos ~x86-linux ~x64-macos ~x64-solaris"
498 IUSE="libressl test"
499
500 # the openssl 1.0.2l-r1 needs to be updated again :(
501 @@ -57,6 +57,7 @@ DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
502 PATCHES=(
503 "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509.patch
504 "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509_vfy.patch
505 + "${FILESDIR}"/CVE-2018-10903.patch
506 )
507
508 python_configure_all() {
509
510 diff --git a/dev-python/cryptography/cryptography-2.2.2.ebuild b/dev-python/cryptography/cryptography-2.2.2.ebuild
511 deleted file mode 100644
512 index 016846fe9cb..00000000000
513 --- a/dev-python/cryptography/cryptography-2.2.2.ebuild
514 +++ /dev/null
515 @@ -1,68 +0,0 @@
516 -# Copyright 1999-2018 Gentoo Foundation
517 -# Distributed under the terms of the GNU General Public License v2
518 -
519 -EAPI=6
520 -
521 -PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} pypy{,3} )
522 -PYTHON_REQ_USE="threads(+)"
523 -
524 -inherit distutils-r1 flag-o-matic
525 -
526 -DESCRIPTION="Library providing cryptographic recipes and primitives"
527 -HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/"
528 -SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
529 -
530 -LICENSE="|| ( Apache-2.0 BSD )"
531 -SLOT="0"
532 -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris"
533 -IUSE="libressl test"
534 -
535 -# the openssl 1.0.2l-r1 needs to be updated again :(
536 -# It'd theb be able to go into the || section again
537 -#=dev-libs/openssl-1.0.2l-r1:0
538 -# the following is the original section, disallowing bindist entirely
539 -#!libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] )
540 -RDEPEND="
541 - !libressl? (
542 - dev-libs/openssl:0= (
543 - || (
544 - dev-libs/openssl:0[-bindist(-)]
545 - >=dev-libs/openssl-1.0.2o-r2:0
546 - )
547 - )
548 - )
549 - libressl? ( dev-libs/libressl:0= )
550 - $(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*')
551 - $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3})
552 - >=dev-python/idna-2.1[${PYTHON_USEDEP}]
553 - >=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}]
554 - dev-python/setuptools[${PYTHON_USEDEP}]
555 - >=dev-python/six-1.4.1[${PYTHON_USEDEP}]
556 - virtual/python-ipaddress[${PYTHON_USEDEP}]
557 - "
558 -DEPEND="${RDEPEND}
559 - >=dev-python/setuptools-1.0[${PYTHON_USEDEP}]
560 - test? (
561 - ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]
562 - dev-python/hypothesis[${PYTHON_USEDEP}]
563 - dev-python/iso8601[${PYTHON_USEDEP}]
564 - dev-python/pretend[${PYTHON_USEDEP}]
565 - dev-python/pyasn1-modules[${PYTHON_USEDEP}]
566 - >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}]
567 - dev-python/pytz[${PYTHON_USEDEP}]
568 - )"
569 -
570 -DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
571 -
572 -PATCHES=(
573 - "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509.patch
574 - "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509_vfy.patch
575 -)
576 -
577 -python_configure_all() {
578 - append-cflags $(test-flags-CC -pthread)
579 -}
580 -
581 -python_test() {
582 - py.test -v -v -x || die "Tests fail with ${EPYTHON}"
583 -}
584
585 diff --git a/dev-python/cryptography/files/CVE-2018-10903.patch b/dev-python/cryptography/files/CVE-2018-10903.patch
586 new file mode 100644
587 index 00000000000..1133405fb93
588 --- /dev/null
589 +++ b/dev-python/cryptography/files/CVE-2018-10903.patch
590 @@ -0,0 +1,76 @@
591 +From 688e0f673bfbf43fa898994326c6877f00ab19ef Mon Sep 17 00:00:00 2001
592 +From: Paul Kehrer <paul.l.kehrer@×××××.com>
593 +Date: Tue, 17 Jul 2018 10:47:57 +0800
594 +Subject: [PATCH] disallow implicit tag truncation with finalize_with_tag
595 +
596 +---
597 + docs/hazmat/primitives/symmetric-encryption.rst | 1 +
598 + src/cryptography/hazmat/backends/openssl/ciphers.py | 5 +++++
599 + src/cryptography/hazmat/primitives/ciphers/modes.py | 1 +
600 + tests/hazmat/primitives/test_aes.py | 16 ++++++++++++++++
601 + 5 files changed, 28 insertions(+)
602 +
603 +diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
604 +index 5ebcca754..5b6000902 100644
605 +--- a/docs/hazmat/primitives/symmetric-encryption.rst
606 ++++ b/docs/hazmat/primitives/symmetric-encryption.rst
607 +@@ -670,6 +670,7 @@ Interfaces
608 + :raises ValueError: This is raised when the data provided isn't
609 + a multiple of the algorithm's block size, if ``min_tag_length`` is
610 + less than 4, or if ``len(tag) < min_tag_length``.
611 ++ ``min_tag_length`` is an argument to the ``GCM`` constructor.
612 + :raises NotImplementedError: This is raised if the version of the
613 + OpenSSL backend used is 1.0.1 or earlier.
614 +
615 +diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py
616 +index 462ffea25..e0ee06ee2 100644
617 +--- a/src/cryptography/hazmat/backends/openssl/ciphers.py
618 ++++ b/src/cryptography/hazmat/backends/openssl/ciphers.py
619 +@@ -199,6 +199,11 @@ def finalize_with_tag(self, tag):
620 + "finalize_with_tag requires OpenSSL >= 1.0.2. To use this "
621 + "method please update OpenSSL"
622 + )
623 ++ if len(tag) < self._mode._min_tag_length:
624 ++ raise ValueError(
625 ++ "Authentication tag must be {0} bytes or longer.".format(
626 ++ self._mode._min_tag_length)
627 ++ )
628 + res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
629 + self._ctx, self._backend._lib.EVP_CTRL_AEAD_SET_TAG,
630 + len(tag), tag
631 +diff --git a/src/cryptography/hazmat/primitives/ciphers/modes.py b/src/cryptography/hazmat/primitives/ciphers/modes.py
632 +index 598dfaa4a..543015fef 100644
633 +--- a/src/cryptography/hazmat/primitives/ciphers/modes.py
634 ++++ b/src/cryptography/hazmat/primitives/ciphers/modes.py
635 +@@ -220,6 +220,7 @@ def __init__(self, initialization_vector, tag=None, min_tag_length=16):
636 + min_tag_length)
637 + )
638 + self._tag = tag
639 ++ self._min_tag_length = min_tag_length
640 +
641 + tag = utils.read_only_property("_tag")
642 + initialization_vector = utils.read_only_property("_initialization_vector")
643 +diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py
644 +index d6f83ebc2..4ceccf155 100644
645 +--- a/tests/hazmat/primitives/test_aes.py
646 ++++ b/tests/hazmat/primitives/test_aes.py
647 +@@ -439,3 +439,19 @@ def test_gcm_tag_decrypt_finalize(self, backend):
648 + decryptor.finalize()
649 + else:
650 + decryptor.finalize_with_tag(tag)
651 ++
652 ++ @pytest.mark.supported(
653 ++ only_if=lambda backend: (
654 ++ not backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 or
655 ++ backend._lib.CRYPTOGRAPHY_IS_LIBRESSL
656 ++ ),
657 ++ skip_message="Not supported on OpenSSL 1.0.1",
658 ++ )
659 ++ def test_gcm_tag_decrypt_finalize_tag_length(self, backend):
660 ++ decryptor = base.Cipher(
661 ++ algorithms.AES(b"0" * 16),
662 ++ modes.GCM(b"0" * 12),
663 ++ backend=backend
664 ++ ).decryptor()
665 ++ with pytest.raises(ValueError):
666 ++ decryptor.finalize_with_tag(b"tagtooshort")
Report Message
Find on MARC Find on Google Groups