[MacPorts] #53964: py27-cryptography fails to build with libressl 2.5.3_0

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[MacPorts] #53964: py27-cryptography fails to build with libressl 2.5.3_0

MacPorts
#53964: py27-cryptography fails to build with libressl 2.5.3_0
----------------------+-------------------------------
 Reporter:  bK4gYuRo  |      Owner:
     Type:  defect    |     Status:  new
 Priority:  Normal    |  Milestone:
Component:  ports     |    Version:
 Keywords:            |       Port:  py27-cryptography
----------------------+-------------------------------
 Apparently, in libressl 2.5.3 the following macros are defined:


 {{{
 /* Host, email and IP check errors */
 #define         X509_V_ERR_HOSTNAME_MISMATCH                    62
 #define         X509_V_ERR_EMAIL_MISMATCH                       63
 #define         X509_V_ERR_IP_ADDRESS_MISMATCH                  64

 }}}

 This conflicts with last 3 lines in this block in _openssl.c in
 py27-cryptography:


 {{{
 /* OpenSSL 1.0.2beta2+ verification error codes */
 #if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER &&
 !defined(LIBRESSL_VERSION_NUMBER)
 static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 1;
 #else
 static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0;
 static const long X509_V_ERR_SUITE_B_INVALID_VERSION = 0;
 static const long X509_V_ERR_SUITE_B_INVALID_ALGORITHM = 0;
 static const long X509_V_ERR_SUITE_B_INVALID_CURVE = 0;
 static const long X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = 0;
 static const long X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED = 0;
 static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0;
 static const long X509_V_ERR_HOSTNAME_MISMATCH = 0;
 static const long X509_V_ERR_EMAIL_MISMATCH = 0;
 static const long X509_V_ERR_IP_ADDRESS_MISMATCH = 0;
 #endif

 }}}

 If I comment out these 3 lines in _openssl.c, it compiles, but I am not
 sure if it is the right fix.

 Log is attached

--
Ticket URL: <https://trac.macports.org/ticket/53964>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53964: py27-cryptography fails to build with libressl 2.5.3_0

MacPorts
#53964: py27-cryptography fails to build with libressl 2.5.3_0
--------------------------------+-----------------
  Reporter:  bK4gYuRo           |      Owner:
      Type:  defect             |     Status:  new
  Priority:  Normal             |  Milestone:
 Component:  ports              |    Version:
Resolution:                     |   Keywords:
      Port:  py27-cryptography  |
--------------------------------+-----------------
Changes (by bK4gYuRo):

 * Attachment "main.log" added.

 main.log

--
Ticket URL: <https://trac.macports.org/ticket/53964>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53964: py27-cryptography fails to build with libressl 2.5.3_0

MacPorts
In reply to this post by MacPorts
#53964: py27-cryptography fails to build with libressl 2.5.3_0
--------------------------------+-----------------
  Reporter:  bK4gYuRo           |      Owner:
      Type:  defect             |     Status:  new
  Priority:  Normal             |  Milestone:
 Component:  ports              |    Version:
Resolution:                     |   Keywords:
      Port:  py27-cryptography  |
--------------------------------+-----------------

Comment (by bK4gYuRo):

 _openssl.c is generated from
 cryptography-1.8.1/build/lib.macosx-10.10-x86_64-2.7/cryptography/hazmat/bindings/openssl/_conditional.py:

 {{{
    "Cryptography_HAS_102_VERIFICATION_ERROR_CODES": [
         'X509_V_ERR_SUITE_B_INVALID_VERSION',
         'X509_V_ERR_SUITE_B_INVALID_ALGORITHM',
         'X509_V_ERR_SUITE_B_INVALID_CURVE',
         'X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM',
         'X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED',
         'X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256',
         'X509_V_ERR_HOSTNAME_MISMATCH',
         'X509_V_ERR_EMAIL_MISMATCH',
         'X509_V_ERR_IP_ADDRESS_MISMATCH'

 }}}

 I guess this file will need to be patched

--
Ticket URL: <https://trac.macports.org/ticket/53964#comment:2>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53964: py27-cryptography fails to build with libressl 2.5.3_0

MacPorts
In reply to this post by MacPorts
#53964: py27-cryptography fails to build with libressl 2.5.3_0
--------------------------------+----------------------
  Reporter:  bK4gYuRo           |      Owner:  stromnov
      Type:  defect             |     Status:  assigned
  Priority:  Normal             |  Milestone:
 Component:  ports              |    Version:
Resolution:                     |   Keywords:
      Port:  py27-cryptography  |
--------------------------------+----------------------
Changes (by ryandesign):

 * owner:   => stromnov
 * cc: stromnov, bK4gYuRo (removed)
 * status:  new => assigned


Comment:

 See https://github.com/pyca/cryptography/issues/3247 and
 https://github.com/pyca/cryptography/pull/3415.

--
Ticket URL: <https://trac.macports.org/ticket/53964#comment:3>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53964: py27-cryptography fails to build with libressl 2.5.3_0

MacPorts
In reply to this post by MacPorts
#53964: py27-cryptography fails to build with libressl 2.5.3_0
--------------------------------+----------------------
  Reporter:  bK4gYuRo           |      Owner:  stromnov
      Type:  defect             |     Status:  assigned
  Priority:  Normal             |  Milestone:
 Component:  ports              |    Version:
Resolution:                     |   Keywords:
      Port:  py27-cryptography  |
--------------------------------+----------------------

Comment (by bK4gYuRo):

 Just wanted to report that I tried the patch [https://github.com/voidlinux
 /void-packages/blob/master/srcpkgs/python-cryptography/patches/fix-
 libressl-2.5.3.patch] and it worked.

 This is how I did it:

 {{{
 sudo port uninstall py27-cryptography
 sudo port clean --all py27-cryptography
 sudo port -d fetch py27-cryptography
 sudo port -d extract py27-cryptography
 cd
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports
 .org_release_tarballs_ports_python_py-
 cryptography/py27-cryptography/work/cryptography-1.8.1/
 sudo -u macports patch -p0 < ~/macports/patches/py27-cryptography-fix-
 libressl-2.5.3.diff
 sudo port -d configure py27-cryptography
 sudo port -d build py27-cryptography
 sudo port -d destroot py27-cryptography
 sudo port -d install py27-cryptography
 }}}

--
Ticket URL: <https://trac.macports.org/ticket/53964#comment:4>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53964: py27-cryptography fails to build with libressl 2.5.3_0

MacPorts
In reply to this post by MacPorts
#53964: py27-cryptography fails to build with libressl 2.5.3_0
--------------------------------+----------------------
  Reporter:  bK4gYuRo           |      Owner:  stromnov
      Type:  defect             |     Status:  assigned
  Priority:  Normal             |  Milestone:
 Component:  ports              |    Version:
Resolution:                     |   Keywords:
      Port:  py27-cryptography  |
--------------------------------+----------------------

Comment (by bK4gYuRo):

 Looks like it is fixed upstream. py27-cryptography 1.9_0 builds just fine
 with libressl

--
Ticket URL: <https://trac.macports.org/ticket/53964#comment:6>
MacPorts <https://www.macports.org/>
Ports system for macOS
Loading...