1 |
commit: bc82ed8c77227b67d20d84d0a05cffb8be68f26d |
2 |
Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Aug 1 17:40:20 2018 +0000 |
4 |
Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Aug 1 17:50:27 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bc82ed8c |
7 |
|
8 |
dev-python/cryptography: 2.2.2-r1 for CVE-2018-10903 with cleanup |
9 |
|
10 |
Fast stable as well |
11 |
|
12 |
Bug: https://bugs.gentoo.org/662564 |
13 |
Package-Manager: Portage-2.3.43, Repoman-2.3.10 |
14 |
|
15 |
.../cryptography-vectors-1.7.1.ebuild | 25 ------- |
16 |
.../cryptography-vectors-2.0.2.ebuild | 25 ------- |
17 |
.../cryptography-vectors-2.1.4.ebuild | 25 ------- |
18 |
.../cryptography-vectors-2.2.2.ebuild | 2 +- |
19 |
.../cryptography-vectors-2.3.ebuild | 2 +- |
20 |
dev-python/cryptography/Manifest | 3 - |
21 |
.../cryptography/cryptography-1.7.1-r1.ebuild | 52 --------------- |
22 |
dev-python/cryptography/cryptography-1.7.1.ebuild | 50 -------------- |
23 |
.../cryptography/cryptography-2.0.2-r1.ebuild | 51 --------------- |
24 |
.../cryptography/cryptography-2.1.4-r1.ebuild | 68 ------------------- |
25 |
dev-python/cryptography/cryptography-2.1.4.ebuild | 63 ------------------ |
26 |
....1.4-r2.ebuild => cryptography-2.2.2-r1.ebuild} | 3 +- |
27 |
dev-python/cryptography/cryptography-2.2.2.ebuild | 68 ------------------- |
28 |
dev-python/cryptography/files/CVE-2018-10903.patch | 76 ++++++++++++++++++++++ |
29 |
14 files changed, 80 insertions(+), 433 deletions(-) |
30 |
|
31 |
diff --git a/dev-python/cryptography-vectors/cryptography-vectors-1.7.1.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-1.7.1.ebuild |
32 |
deleted file mode 100644 |
33 |
index d116dec7d49..00000000000 |
34 |
--- a/dev-python/cryptography-vectors/cryptography-vectors-1.7.1.ebuild |
35 |
+++ /dev/null |
36 |
@@ -1,25 +0,0 @@ |
37 |
-# Copyright 1999-2017 Gentoo Foundation |
38 |
-# Distributed under the terms of the GNU General Public License v2 |
39 |
- |
40 |
-EAPI=6 |
41 |
- |
42 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy pypy3 ) |
43 |
- |
44 |
-inherit distutils-r1 |
45 |
- |
46 |
-MY_PN=${PN/-/_} |
47 |
-MY_P=${MY_PN}-${PV} |
48 |
- |
49 |
-DESCRIPTION="Test vectors for the cryptography package" |
50 |
-HOMEPAGE="https://pypi.org/project/cryptography-vectors/" |
51 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz" |
52 |
- |
53 |
-LICENSE="|| ( Apache-2.0 BSD )" |
54 |
-SLOT="0" |
55 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd" |
56 |
-IUSE="" |
57 |
- |
58 |
-DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" |
59 |
-RDEPEND="" |
60 |
- |
61 |
-S=${WORKDIR}/${MY_P} |
62 |
|
63 |
diff --git a/dev-python/cryptography-vectors/cryptography-vectors-2.0.2.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-2.0.2.ebuild |
64 |
deleted file mode 100644 |
65 |
index 522a34ffd31..00000000000 |
66 |
--- a/dev-python/cryptography-vectors/cryptography-vectors-2.0.2.ebuild |
67 |
+++ /dev/null |
68 |
@@ -1,25 +0,0 @@ |
69 |
-# Copyright 1999-2017 Gentoo Foundation |
70 |
-# Distributed under the terms of the GNU General Public License v2 |
71 |
- |
72 |
-EAPI=6 |
73 |
- |
74 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy pypy3 ) |
75 |
- |
76 |
-inherit distutils-r1 |
77 |
- |
78 |
-MY_PN=${PN/-/_} |
79 |
-MY_P=${MY_PN}-${PV} |
80 |
- |
81 |
-DESCRIPTION="Test vectors for the cryptography package" |
82 |
-HOMEPAGE="https://pypi.org/project/cryptography-vectors/" |
83 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz" |
84 |
- |
85 |
-LICENSE="|| ( Apache-2.0 BSD )" |
86 |
-SLOT="0" |
87 |
-KEYWORDS="~alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~x86-fbsd" |
88 |
-IUSE="" |
89 |
- |
90 |
-DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" |
91 |
-RDEPEND="" |
92 |
- |
93 |
-S=${WORKDIR}/${MY_P} |
94 |
|
95 |
diff --git a/dev-python/cryptography-vectors/cryptography-vectors-2.1.4.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-2.1.4.ebuild |
96 |
deleted file mode 100644 |
97 |
index 4c323e7d6ba..00000000000 |
98 |
--- a/dev-python/cryptography-vectors/cryptography-vectors-2.1.4.ebuild |
99 |
+++ /dev/null |
100 |
@@ -1,25 +0,0 @@ |
101 |
-# Copyright 1999-2018 Gentoo Foundation |
102 |
-# Distributed under the terms of the GNU General Public License v2 |
103 |
- |
104 |
-EAPI=6 |
105 |
- |
106 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} pypy pypy3 ) |
107 |
- |
108 |
-inherit distutils-r1 |
109 |
- |
110 |
-MY_PN=${PN/-/_} |
111 |
-MY_P=${MY_PN}-${PV} |
112 |
- |
113 |
-DESCRIPTION="Test vectors for the cryptography package" |
114 |
-HOMEPAGE="https://pypi.org/project/cryptography-vectors/" |
115 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz" |
116 |
- |
117 |
-LICENSE="|| ( Apache-2.0 BSD )" |
118 |
-SLOT="0" |
119 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x86-fbsd" |
120 |
-IUSE="" |
121 |
- |
122 |
-DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" |
123 |
-RDEPEND="" |
124 |
- |
125 |
-S=${WORKDIR}/${MY_P} |
126 |
|
127 |
diff --git a/dev-python/cryptography-vectors/cryptography-vectors-2.2.2.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-2.2.2.ebuild |
128 |
index 6c1b08319c7..257fe8aef64 100644 |
129 |
--- a/dev-python/cryptography-vectors/cryptography-vectors-2.2.2.ebuild |
130 |
+++ b/dev-python/cryptography-vectors/cryptography-vectors-2.2.2.ebuild |
131 |
@@ -16,7 +16,7 @@ SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz" |
132 |
|
133 |
LICENSE="|| ( Apache-2.0 BSD )" |
134 |
SLOT="0" |
135 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux" |
136 |
+KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~amd64-linux ~ppc-macos ~x86-linux ~x64-macos ~x64-solaris" |
137 |
IUSE="" |
138 |
|
139 |
DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" |
140 |
|
141 |
diff --git a/dev-python/cryptography-vectors/cryptography-vectors-2.3.ebuild b/dev-python/cryptography-vectors/cryptography-vectors-2.3.ebuild |
142 |
index 6c1b08319c7..dcefb0e150e 100644 |
143 |
--- a/dev-python/cryptography-vectors/cryptography-vectors-2.3.ebuild |
144 |
+++ b/dev-python/cryptography-vectors/cryptography-vectors-2.3.ebuild |
145 |
@@ -16,7 +16,7 @@ SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${MY_P}.tar.gz" |
146 |
|
147 |
LICENSE="|| ( Apache-2.0 BSD )" |
148 |
SLOT="0" |
149 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux" |
150 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~ppc-macos ~x86-linux ~x64-macos ~x64-solaris" |
151 |
IUSE="" |
152 |
|
153 |
DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" |
154 |
|
155 |
diff --git a/dev-python/cryptography/Manifest b/dev-python/cryptography/Manifest |
156 |
index 179000c042e..1a1794af18c 100644 |
157 |
--- a/dev-python/cryptography/Manifest |
158 |
+++ b/dev-python/cryptography/Manifest |
159 |
@@ -1,5 +1,2 @@ |
160 |
-DIST cryptography-1.7.1.tar.gz 420673 BLAKE2B 8c0257187f29173bae610f191f6ae3251e5dd2cfcbe639020d1ea8f94a09bfe4281c9f6b2c85aefc1989c5832eab4db40c226a8a2e12c4dcbf6241555dafa628 SHA512 fb88b0ee9e314526fcdbb6d35da409b7335c7408a69d2350c58379471d2b9d76021010955629cf776d26312f22d4f8aa3f135955a19dfbff9d602176c9bbfd40 |
161 |
-DIST cryptography-2.0.2.tar.gz 427303 BLAKE2B 53f891c02aa4b82b13a66a4c74bd6db9e8dcdb57bd0bba76648e0c1be710ce1d94c8425ead6d81b240b39c034125ce320757d4b43c56bc7410af11f171cf9a21 SHA512 a71219ff52006a7c8bf1553d0f132c747566c630281ef89aac40c65b193b1f0074fc9cda1de7057c76b452113dfb6188c83baef3ed9c05ff18adbc8b7bba646b |
162 |
-DIST cryptography-2.1.4.tar.gz 441557 BLAKE2B 66aa07930ee54469328977e27096e65b7a333b38b71828c71cb7891b489ef7af60f5e5590f67b43d5e63dc2279d9ca1ba036879f3145264f7639d65000958b50 SHA512 f749cb4384badc174a842514e5a4fee2ed01ab9c716799d8d9d5301f6d2d97b6c41deb9e425f48928b639fa34bef8c05529ed7e5b777ef5ca75c244f8fda8fd4 |
163 |
DIST cryptography-2.2.2.tar.gz 443822 BLAKE2B d0fbaad78d172f1ba1bfa6edd64d2d5a0eac0853a564fdbb9830dfedc5c53fe1b28d8c1878be85ce38b8cd90a0c2e40e6a209158693a88a7053a80f0481e6302 SHA512 6c1b19cdb870d65abad42523697e9a0bebc7a0025b34f10c4bdd30c313333efd7c41bcb4237a29b3a1b270e3fbade75ccb35df172b055b7c075d619f4d9424c9 |
164 |
DIST cryptography-2.3.tar.gz 449464 BLAKE2B 7485c745f9c6512a5efce42181970deff19bd4420e91230d84b070cd77450a6805c56a2e37cda73b45c90ed969c8fdbb866a7cc9e53a6828a1ca6e45befd9de8 SHA512 75e14020da500fdbbd578f004b22ef3237844185329adf59288b29f1b3ee9dd2005a2c4a933fe8609a59d168012a9f687bab0f31ab39ed6ca325198aa9295e52 |
165 |
|
166 |
diff --git a/dev-python/cryptography/cryptography-1.7.1-r1.ebuild b/dev-python/cryptography/cryptography-1.7.1-r1.ebuild |
167 |
deleted file mode 100644 |
168 |
index 11cff7b6191..00000000000 |
169 |
--- a/dev-python/cryptography/cryptography-1.7.1-r1.ebuild |
170 |
+++ /dev/null |
171 |
@@ -1,52 +0,0 @@ |
172 |
-# Copyright 1999-2018 Gentoo Foundation |
173 |
-# Distributed under the terms of the GNU General Public License v2 |
174 |
- |
175 |
-EAPI=6 |
176 |
- |
177 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} ) |
178 |
-PYTHON_REQ_USE="threads(+)" |
179 |
- |
180 |
-inherit distutils-r1 |
181 |
- |
182 |
-DESCRIPTION="Library providing cryptographic recipes and primitives" |
183 |
-HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/" |
184 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" |
185 |
- |
186 |
-LICENSE="|| ( Apache-2.0 BSD )" |
187 |
-SLOT="0" |
188 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux" |
189 |
-IUSE="libressl test" |
190 |
- |
191 |
-RDEPEND=" |
192 |
- !libressl? ( dev-libs/openssl:0= ) |
193 |
- libressl? ( dev-libs/libressl:0= ) |
194 |
- $(python_gen_cond_dep '>=dev-python/cffi-1.4.1:=[${PYTHON_USEDEP}]' 'python*') |
195 |
- $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 python3_3 pypy{,3}) |
196 |
- >=dev-python/idna-2.0[${PYTHON_USEDEP}] |
197 |
- >=dev-python/pyasn1-0.1.8[${PYTHON_USEDEP}] |
198 |
- dev-python/setuptools[${PYTHON_USEDEP}] |
199 |
- >=dev-python/six-1.4.1[${PYTHON_USEDEP}] |
200 |
- $(python_gen_cond_dep '>=virtual/pypy-2.6.0' pypy ) |
201 |
- virtual/python-ipaddress[${PYTHON_USEDEP}] |
202 |
- " |
203 |
-DEPEND="${RDEPEND} |
204 |
- >=dev-python/setuptools-1.0[${PYTHON_USEDEP}] |
205 |
- test? ( |
206 |
- ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}] |
207 |
- dev-python/hypothesis[${PYTHON_USEDEP}] |
208 |
- dev-python/iso8601[${PYTHON_USEDEP}] |
209 |
- dev-python/pretend[${PYTHON_USEDEP}] |
210 |
- dev-python/pyasn1-modules[${PYTHON_USEDEP}] |
211 |
- >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}] |
212 |
- dev-python/pytz[${PYTHON_USEDEP}] |
213 |
- )" |
214 |
- |
215 |
-DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst ) |
216 |
- |
217 |
-PATCHES=( "${FILESDIR}"/${P}-libressl251.patch ) |
218 |
- |
219 |
-python_test() { |
220 |
- distutils_install_for_testing |
221 |
- |
222 |
- py.test -v -v -x || die "Tests fail with ${EPYTHON}" |
223 |
-} |
224 |
|
225 |
diff --git a/dev-python/cryptography/cryptography-1.7.1.ebuild b/dev-python/cryptography/cryptography-1.7.1.ebuild |
226 |
deleted file mode 100644 |
227 |
index 2646ca4511b..00000000000 |
228 |
--- a/dev-python/cryptography/cryptography-1.7.1.ebuild |
229 |
+++ /dev/null |
230 |
@@ -1,50 +0,0 @@ |
231 |
-# Copyright 1999-2017 Gentoo Foundation |
232 |
-# Distributed under the terms of the GNU General Public License v2 |
233 |
- |
234 |
-EAPI=6 |
235 |
- |
236 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} ) |
237 |
-PYTHON_REQ_USE="threads(+)" |
238 |
- |
239 |
-inherit distutils-r1 |
240 |
- |
241 |
-DESCRIPTION="Library providing cryptographic recipes and primitives" |
242 |
-HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/" |
243 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" |
244 |
- |
245 |
-LICENSE="|| ( Apache-2.0 BSD )" |
246 |
-SLOT="0" |
247 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-linux ~x86-linux" |
248 |
-IUSE="libressl test" |
249 |
- |
250 |
-RDEPEND=" |
251 |
- !libressl? ( dev-libs/openssl:0= ) |
252 |
- libressl? ( dev-libs/libressl ) |
253 |
- $(python_gen_cond_dep '>=dev-python/cffi-1.4.1:=[${PYTHON_USEDEP}]' 'python*') |
254 |
- $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 python3_3 pypy{,3}) |
255 |
- >=dev-python/idna-2.0[${PYTHON_USEDEP}] |
256 |
- >=dev-python/pyasn1-0.1.8[${PYTHON_USEDEP}] |
257 |
- dev-python/setuptools[${PYTHON_USEDEP}] |
258 |
- >=dev-python/six-1.4.1[${PYTHON_USEDEP}] |
259 |
- $(python_gen_cond_dep '>=virtual/pypy-2.6.0' pypy ) |
260 |
- virtual/python-ipaddress[${PYTHON_USEDEP}] |
261 |
- " |
262 |
-DEPEND="${RDEPEND} |
263 |
- >=dev-python/setuptools-1.0[${PYTHON_USEDEP}] |
264 |
- test? ( |
265 |
- ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}] |
266 |
- dev-python/hypothesis[${PYTHON_USEDEP}] |
267 |
- dev-python/iso8601[${PYTHON_USEDEP}] |
268 |
- dev-python/pretend[${PYTHON_USEDEP}] |
269 |
- dev-python/pyasn1-modules[${PYTHON_USEDEP}] |
270 |
- >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}] |
271 |
- dev-python/pytz[${PYTHON_USEDEP}] |
272 |
- )" |
273 |
- |
274 |
-DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst ) |
275 |
- |
276 |
-python_test() { |
277 |
- distutils_install_for_testing |
278 |
- |
279 |
- py.test -v -v -x || die "Tests fail with ${EPYTHON}" |
280 |
-} |
281 |
|
282 |
diff --git a/dev-python/cryptography/cryptography-2.0.2-r1.ebuild b/dev-python/cryptography/cryptography-2.0.2-r1.ebuild |
283 |
deleted file mode 100644 |
284 |
index c69917dc3a6..00000000000 |
285 |
--- a/dev-python/cryptography/cryptography-2.0.2-r1.ebuild |
286 |
+++ /dev/null |
287 |
@@ -1,51 +0,0 @@ |
288 |
-# Copyright 1999-2018 Gentoo Foundation |
289 |
-# Distributed under the terms of the GNU General Public License v2 |
290 |
- |
291 |
-EAPI=6 |
292 |
- |
293 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} ) |
294 |
-PYTHON_REQ_USE="threads(+)" |
295 |
- |
296 |
-inherit distutils-r1 flag-o-matic |
297 |
- |
298 |
-DESCRIPTION="Library providing cryptographic recipes and primitives" |
299 |
-HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/" |
300 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" |
301 |
- |
302 |
-LICENSE="|| ( Apache-2.0 BSD )" |
303 |
-SLOT="0" |
304 |
-KEYWORDS="amd64 arm arm64 hppa ia64 ~mips ppc ppc64 x86" |
305 |
-IUSE="libressl test" |
306 |
- |
307 |
-RDEPEND=" |
308 |
- !libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] ) |
309 |
- libressl? ( dev-libs/libressl:0= ) |
310 |
- $(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*') |
311 |
- $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3}) |
312 |
- >=dev-python/idna-2.1[${PYTHON_USEDEP}] |
313 |
- >=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}] |
314 |
- dev-python/setuptools[${PYTHON_USEDEP}] |
315 |
- >=dev-python/six-1.4.1[${PYTHON_USEDEP}] |
316 |
- virtual/python-ipaddress[${PYTHON_USEDEP}] |
317 |
- " |
318 |
-DEPEND="${RDEPEND} |
319 |
- >=dev-python/setuptools-1.0[${PYTHON_USEDEP}] |
320 |
- test? ( |
321 |
- ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}] |
322 |
- dev-python/hypothesis[${PYTHON_USEDEP}] |
323 |
- dev-python/iso8601[${PYTHON_USEDEP}] |
324 |
- dev-python/pretend[${PYTHON_USEDEP}] |
325 |
- dev-python/pyasn1-modules[${PYTHON_USEDEP}] |
326 |
- >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}] |
327 |
- dev-python/pytz[${PYTHON_USEDEP}] |
328 |
- )" |
329 |
- |
330 |
-DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst ) |
331 |
- |
332 |
-python_configure_all() { |
333 |
- append-cflags $(test-flags-CC -pthread) |
334 |
-} |
335 |
- |
336 |
-python_test() { |
337 |
- py.test -v -v -x || die "Tests fail with ${EPYTHON}" |
338 |
-} |
339 |
|
340 |
diff --git a/dev-python/cryptography/cryptography-2.1.4-r1.ebuild b/dev-python/cryptography/cryptography-2.1.4-r1.ebuild |
341 |
deleted file mode 100644 |
342 |
index 00035b90760..00000000000 |
343 |
--- a/dev-python/cryptography/cryptography-2.1.4-r1.ebuild |
344 |
+++ /dev/null |
345 |
@@ -1,68 +0,0 @@ |
346 |
-# Copyright 1999-2018 Gentoo Foundation |
347 |
-# Distributed under the terms of the GNU General Public License v2 |
348 |
- |
349 |
-EAPI=6 |
350 |
- |
351 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} ) |
352 |
-PYTHON_REQ_USE="threads(+)" |
353 |
- |
354 |
-inherit distutils-r1 flag-o-matic |
355 |
- |
356 |
-DESCRIPTION="Library providing cryptographic recipes and primitives" |
357 |
-HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/" |
358 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" |
359 |
- |
360 |
-LICENSE="|| ( Apache-2.0 BSD )" |
361 |
-SLOT="0" |
362 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x64-macos ~x64-solaris" |
363 |
-IUSE="libressl test" |
364 |
- |
365 |
-# the openssl 1.0.2l-r1 needs to be updated again :( |
366 |
-# It'd theb be able to go into the || section again |
367 |
-#=dev-libs/openssl-1.0.2l-r1:0 |
368 |
-# the following is the original section, disallowing bindist entirely |
369 |
-#!libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] ) |
370 |
-RDEPEND=" |
371 |
- !libressl? ( |
372 |
- dev-libs/openssl:0= ( |
373 |
- || ( |
374 |
- dev-libs/openssl:0[-bindist(-)] |
375 |
- >=dev-libs/openssl-1.1.0g-r1:0 |
376 |
- ) |
377 |
- ) |
378 |
- ) |
379 |
- libressl? ( dev-libs/libressl:0= ) |
380 |
- $(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*') |
381 |
- $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3}) |
382 |
- >=dev-python/idna-2.1[${PYTHON_USEDEP}] |
383 |
- >=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}] |
384 |
- dev-python/setuptools[${PYTHON_USEDEP}] |
385 |
- >=dev-python/six-1.4.1[${PYTHON_USEDEP}] |
386 |
- virtual/python-ipaddress[${PYTHON_USEDEP}] |
387 |
- " |
388 |
-DEPEND="${RDEPEND} |
389 |
- >=dev-python/setuptools-1.0[${PYTHON_USEDEP}] |
390 |
- test? ( |
391 |
- ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}] |
392 |
- dev-python/hypothesis[${PYTHON_USEDEP}] |
393 |
- dev-python/iso8601[${PYTHON_USEDEP}] |
394 |
- dev-python/pretend[${PYTHON_USEDEP}] |
395 |
- dev-python/pyasn1-modules[${PYTHON_USEDEP}] |
396 |
- >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}] |
397 |
- dev-python/pytz[${PYTHON_USEDEP}] |
398 |
- )" |
399 |
- |
400 |
-DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst ) |
401 |
- |
402 |
-PATCHES=( |
403 |
- "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509.patch |
404 |
- "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509_vfy.patch |
405 |
-) |
406 |
- |
407 |
-python_configure_all() { |
408 |
- append-cflags $(test-flags-CC -pthread) |
409 |
-} |
410 |
- |
411 |
-python_test() { |
412 |
- py.test -v -v -x || die "Tests fail with ${EPYTHON}" |
413 |
-} |
414 |
|
415 |
diff --git a/dev-python/cryptography/cryptography-2.1.4.ebuild b/dev-python/cryptography/cryptography-2.1.4.ebuild |
416 |
deleted file mode 100644 |
417 |
index f5fc4dd530d..00000000000 |
418 |
--- a/dev-python/cryptography/cryptography-2.1.4.ebuild |
419 |
+++ /dev/null |
420 |
@@ -1,63 +0,0 @@ |
421 |
-# Copyright 1999-2018 Gentoo Foundation |
422 |
-# Distributed under the terms of the GNU General Public License v2 |
423 |
- |
424 |
-EAPI=6 |
425 |
- |
426 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} ) |
427 |
-PYTHON_REQ_USE="threads(+)" |
428 |
- |
429 |
-inherit distutils-r1 flag-o-matic |
430 |
- |
431 |
-DESCRIPTION="Library providing cryptographic recipes and primitives" |
432 |
-HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/" |
433 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" |
434 |
- |
435 |
-LICENSE="|| ( Apache-2.0 BSD )" |
436 |
-SLOT="0" |
437 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x64-macos ~x64-solaris" |
438 |
-IUSE="libressl test" |
439 |
- |
440 |
-# the openssl 1.0.2l-r1 needs to be updated again :( |
441 |
-# It'd theb be able to go into the || section again |
442 |
-#=dev-libs/openssl-1.0.2l-r1:0 |
443 |
-# the following is the original section, disallowing bindist entirely |
444 |
-#!libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] ) |
445 |
-RDEPEND=" |
446 |
- !libressl? ( |
447 |
- dev-libs/openssl:0= ( |
448 |
- || ( |
449 |
- dev-libs/openssl:0[-bindist(-)] |
450 |
- >=dev-libs/openssl-1.1.0g-r1:0 |
451 |
- ) |
452 |
- ) |
453 |
- ) |
454 |
- libressl? ( dev-libs/libressl ) |
455 |
- $(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*') |
456 |
- $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3}) |
457 |
- >=dev-python/idna-2.1[${PYTHON_USEDEP}] |
458 |
- >=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}] |
459 |
- dev-python/setuptools[${PYTHON_USEDEP}] |
460 |
- >=dev-python/six-1.4.1[${PYTHON_USEDEP}] |
461 |
- virtual/python-ipaddress[${PYTHON_USEDEP}] |
462 |
- " |
463 |
-DEPEND="${RDEPEND} |
464 |
- >=dev-python/setuptools-1.0[${PYTHON_USEDEP}] |
465 |
- test? ( |
466 |
- ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}] |
467 |
- dev-python/hypothesis[${PYTHON_USEDEP}] |
468 |
- dev-python/iso8601[${PYTHON_USEDEP}] |
469 |
- dev-python/pretend[${PYTHON_USEDEP}] |
470 |
- dev-python/pyasn1-modules[${PYTHON_USEDEP}] |
471 |
- >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}] |
472 |
- dev-python/pytz[${PYTHON_USEDEP}] |
473 |
- )" |
474 |
- |
475 |
-DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst ) |
476 |
- |
477 |
-python_configure_all() { |
478 |
- append-cflags $(test-flags-CC -pthread) |
479 |
-} |
480 |
- |
481 |
-python_test() { |
482 |
- py.test -v -v -x || die "Tests fail with ${EPYTHON}" |
483 |
-} |
484 |
|
485 |
diff --git a/dev-python/cryptography/cryptography-2.1.4-r2.ebuild b/dev-python/cryptography/cryptography-2.2.2-r1.ebuild |
486 |
similarity index 91% |
487 |
rename from dev-python/cryptography/cryptography-2.1.4-r2.ebuild |
488 |
rename to dev-python/cryptography/cryptography-2.2.2-r1.ebuild |
489 |
index adaade43c53..ffaf2cd166a 100644 |
490 |
--- a/dev-python/cryptography/cryptography-2.1.4-r2.ebuild |
491 |
+++ b/dev-python/cryptography/cryptography-2.2.2-r1.ebuild |
492 |
@@ -14,7 +14,7 @@ SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" |
493 |
|
494 |
LICENSE="|| ( Apache-2.0 BSD )" |
495 |
SLOT="0" |
496 |
-KEYWORDS="alpha amd64 arm arm64 ~hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" |
497 |
+KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~amd64-linux ~ppc-macos ~x86-linux ~x64-macos ~x64-solaris" |
498 |
IUSE="libressl test" |
499 |
|
500 |
# the openssl 1.0.2l-r1 needs to be updated again :( |
501 |
@@ -57,6 +57,7 @@ DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst ) |
502 |
PATCHES=( |
503 |
"${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509.patch |
504 |
"${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509_vfy.patch |
505 |
+ "${FILESDIR}"/CVE-2018-10903.patch |
506 |
) |
507 |
|
508 |
python_configure_all() { |
509 |
|
510 |
diff --git a/dev-python/cryptography/cryptography-2.2.2.ebuild b/dev-python/cryptography/cryptography-2.2.2.ebuild |
511 |
deleted file mode 100644 |
512 |
index 016846fe9cb..00000000000 |
513 |
--- a/dev-python/cryptography/cryptography-2.2.2.ebuild |
514 |
+++ /dev/null |
515 |
@@ -1,68 +0,0 @@ |
516 |
-# Copyright 1999-2018 Gentoo Foundation |
517 |
-# Distributed under the terms of the GNU General Public License v2 |
518 |
- |
519 |
-EAPI=6 |
520 |
- |
521 |
-PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} pypy{,3} ) |
522 |
-PYTHON_REQ_USE="threads(+)" |
523 |
- |
524 |
-inherit distutils-r1 flag-o-matic |
525 |
- |
526 |
-DESCRIPTION="Library providing cryptographic recipes and primitives" |
527 |
-HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.org/project/cryptography/" |
528 |
-SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz" |
529 |
- |
530 |
-LICENSE="|| ( Apache-2.0 BSD )" |
531 |
-SLOT="0" |
532 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" |
533 |
-IUSE="libressl test" |
534 |
- |
535 |
-# the openssl 1.0.2l-r1 needs to be updated again :( |
536 |
-# It'd theb be able to go into the || section again |
537 |
-#=dev-libs/openssl-1.0.2l-r1:0 |
538 |
-# the following is the original section, disallowing bindist entirely |
539 |
-#!libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] ) |
540 |
-RDEPEND=" |
541 |
- !libressl? ( |
542 |
- dev-libs/openssl:0= ( |
543 |
- || ( |
544 |
- dev-libs/openssl:0[-bindist(-)] |
545 |
- >=dev-libs/openssl-1.0.2o-r2:0 |
546 |
- ) |
547 |
- ) |
548 |
- ) |
549 |
- libressl? ( dev-libs/libressl:0= ) |
550 |
- $(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*') |
551 |
- $(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3}) |
552 |
- >=dev-python/idna-2.1[${PYTHON_USEDEP}] |
553 |
- >=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}] |
554 |
- dev-python/setuptools[${PYTHON_USEDEP}] |
555 |
- >=dev-python/six-1.4.1[${PYTHON_USEDEP}] |
556 |
- virtual/python-ipaddress[${PYTHON_USEDEP}] |
557 |
- " |
558 |
-DEPEND="${RDEPEND} |
559 |
- >=dev-python/setuptools-1.0[${PYTHON_USEDEP}] |
560 |
- test? ( |
561 |
- ~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}] |
562 |
- dev-python/hypothesis[${PYTHON_USEDEP}] |
563 |
- dev-python/iso8601[${PYTHON_USEDEP}] |
564 |
- dev-python/pretend[${PYTHON_USEDEP}] |
565 |
- dev-python/pyasn1-modules[${PYTHON_USEDEP}] |
566 |
- >=dev-python/pytest-2.9.0[${PYTHON_USEDEP}] |
567 |
- dev-python/pytz[${PYTHON_USEDEP}] |
568 |
- )" |
569 |
- |
570 |
-DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst ) |
571 |
- |
572 |
-PATCHES=( |
573 |
- "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509.patch |
574 |
- "${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509_vfy.patch |
575 |
-) |
576 |
- |
577 |
-python_configure_all() { |
578 |
- append-cflags $(test-flags-CC -pthread) |
579 |
-} |
580 |
- |
581 |
-python_test() { |
582 |
- py.test -v -v -x || die "Tests fail with ${EPYTHON}" |
583 |
-} |
584 |
|
585 |
diff --git a/dev-python/cryptography/files/CVE-2018-10903.patch b/dev-python/cryptography/files/CVE-2018-10903.patch |
586 |
new file mode 100644 |
587 |
index 00000000000..1133405fb93 |
588 |
--- /dev/null |
589 |
+++ b/dev-python/cryptography/files/CVE-2018-10903.patch |
590 |
@@ -0,0 +1,76 @@ |
591 |
+From 688e0f673bfbf43fa898994326c6877f00ab19ef Mon Sep 17 00:00:00 2001 |
592 |
+From: Paul Kehrer <paul.l.kehrer@×××××.com> |
593 |
+Date: Tue, 17 Jul 2018 10:47:57 +0800 |
594 |
+Subject: [PATCH] disallow implicit tag truncation with finalize_with_tag |
595 |
+ |
596 |
+--- |
597 |
+ docs/hazmat/primitives/symmetric-encryption.rst | 1 + |
598 |
+ src/cryptography/hazmat/backends/openssl/ciphers.py | 5 +++++ |
599 |
+ src/cryptography/hazmat/primitives/ciphers/modes.py | 1 + |
600 |
+ tests/hazmat/primitives/test_aes.py | 16 ++++++++++++++++ |
601 |
+ 5 files changed, 28 insertions(+) |
602 |
+ |
603 |
+diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst |
604 |
+index 5ebcca754..5b6000902 100644 |
605 |
+--- a/docs/hazmat/primitives/symmetric-encryption.rst |
606 |
++++ b/docs/hazmat/primitives/symmetric-encryption.rst |
607 |
+@@ -670,6 +670,7 @@ Interfaces |
608 |
+ :raises ValueError: This is raised when the data provided isn't |
609 |
+ a multiple of the algorithm's block size, if ``min_tag_length`` is |
610 |
+ less than 4, or if ``len(tag) < min_tag_length``. |
611 |
++ ``min_tag_length`` is an argument to the ``GCM`` constructor. |
612 |
+ :raises NotImplementedError: This is raised if the version of the |
613 |
+ OpenSSL backend used is 1.0.1 or earlier. |
614 |
+ |
615 |
+diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py |
616 |
+index 462ffea25..e0ee06ee2 100644 |
617 |
+--- a/src/cryptography/hazmat/backends/openssl/ciphers.py |
618 |
++++ b/src/cryptography/hazmat/backends/openssl/ciphers.py |
619 |
+@@ -199,6 +199,11 @@ def finalize_with_tag(self, tag): |
620 |
+ "finalize_with_tag requires OpenSSL >= 1.0.2. To use this " |
621 |
+ "method please update OpenSSL" |
622 |
+ ) |
623 |
++ if len(tag) < self._mode._min_tag_length: |
624 |
++ raise ValueError( |
625 |
++ "Authentication tag must be {0} bytes or longer.".format( |
626 |
++ self._mode._min_tag_length) |
627 |
++ ) |
628 |
+ res = self._backend._lib.EVP_CIPHER_CTX_ctrl( |
629 |
+ self._ctx, self._backend._lib.EVP_CTRL_AEAD_SET_TAG, |
630 |
+ len(tag), tag |
631 |
+diff --git a/src/cryptography/hazmat/primitives/ciphers/modes.py b/src/cryptography/hazmat/primitives/ciphers/modes.py |
632 |
+index 598dfaa4a..543015fef 100644 |
633 |
+--- a/src/cryptography/hazmat/primitives/ciphers/modes.py |
634 |
++++ b/src/cryptography/hazmat/primitives/ciphers/modes.py |
635 |
+@@ -220,6 +220,7 @@ def __init__(self, initialization_vector, tag=None, min_tag_length=16): |
636 |
+ min_tag_length) |
637 |
+ ) |
638 |
+ self._tag = tag |
639 |
++ self._min_tag_length = min_tag_length |
640 |
+ |
641 |
+ tag = utils.read_only_property("_tag") |
642 |
+ initialization_vector = utils.read_only_property("_initialization_vector") |
643 |
+diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py |
644 |
+index d6f83ebc2..4ceccf155 100644 |
645 |
+--- a/tests/hazmat/primitives/test_aes.py |
646 |
++++ b/tests/hazmat/primitives/test_aes.py |
647 |
+@@ -439,3 +439,19 @@ def test_gcm_tag_decrypt_finalize(self, backend): |
648 |
+ decryptor.finalize() |
649 |
+ else: |
650 |
+ decryptor.finalize_with_tag(tag) |
651 |
++ |
652 |
++ @pytest.mark.supported( |
653 |
++ only_if=lambda backend: ( |
654 |
++ not backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 or |
655 |
++ backend._lib.CRYPTOGRAPHY_IS_LIBRESSL |
656 |
++ ), |
657 |
++ skip_message="Not supported on OpenSSL 1.0.1", |
658 |
++ ) |
659 |
++ def test_gcm_tag_decrypt_finalize_tag_length(self, backend): |
660 |
++ decryptor = base.Cipher( |
661 |
++ algorithms.AES(b"0" * 16), |
662 |
++ modes.GCM(b"0" * 12), |
663 |
++ backend=backend |
664 |
++ ).decryptor() |
665 |
++ with pytest.raises(ValueError): |
666 |
++ decryptor.finalize_with_tag(b"tagtooshort") |