From nobody Thu Mar 24 11:30:47 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id AEA961A212DF; Thu, 24 Mar 2022 11:30:56 +0000 (UTC) (envelope-from sbrabez@gmail.com) Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KPNMM5Wgwz4rjv; Thu, 24 Mar 2022 11:30:55 +0000 (UTC) (envelope-from sbrabez@gmail.com) Received: by mail-wr1-x434.google.com with SMTP id b19so6161644wrh.11; Thu, 24 Mar 2022 04:30:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=Ne6s5YKTj24uATILUycJcTMBriwehh58NBIGTnhXmIc=; b=HxtlFssB0nL9if74kUQxlJwMk5SWjI51URIc67stNUwfjCGC1kML+1naxA3vpscr52 Mqg0s1Q34Mu5lpHcxq8u7o+ufKXgodV+QG0bagedzsOLc7LzbJx0cI8dNsx7SrOokSkN 6mvxATZ/fZNQrfBz+B5VXzxn9EVimpeBXLvTUl9UZVnWcJayF4dN3tVTLL0gepH3siMN 8wfMHAHbckQ3VMm56NZmqmr5i1NnJuDeTiYw5FKKRxirgMUejJ886nAFi3bZ7v6gXmtI nzIjbwk0NrfEw5TmDAQPsA4rW2AYmudnmGpAO30gwm1ogBmXD4Z3WxBCqjWyenE8kq3s V3iA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to; bh=Ne6s5YKTj24uATILUycJcTMBriwehh58NBIGTnhXmIc=; b=AbIywRb60+aZPH+Gi/PzIRGRrHbSkmIsiJALKGnExrP5EpA6VFeZk3w5wrH7FqkZZT xNy9JUrNQD1DXWq6GhbN8MkH8zcTJaFefvZEasjpDm+wUQ3C1J15xa6op1E3/r/GM/aU Yv0C8Rwp0JvutoJ07u23EFGhm6kC4wK6hPD0uM2WgR/rqc+ZRvma+gTxvFYo0VkJFKmU ZCPcZzQFHSr/XA2FgcxDHmOcgTK3/BTMCA7OBllI2Q8G5IwV2rxJqO6XswjVPpy/xoFg /+QRtb+ZebvcSK1hRe0eNww6F6jddf4LVIiGtLD89H22HJqNjqPwat33zCCY5EhdCrno /ZAg== X-Gm-Message-State: AOAM530KsjrpIzSWeLwLbP+lK4fjsNT10/e9xL5rGb/mSx+0RVjj8g5z hmOQqi1fURSsayrPeqdgDh0wXVHWH/G1bQ== X-Google-Smtp-Source: ABdhPJzEhJmuadlJIaUvstBjqIQssDLn+jsMDhONFIx7R465pJ+QxFh5Rxgt3v/I4UtsWXWnHldHMA== X-Received: by 2002:a5d:4245:0:b0:203:dc49:2604 with SMTP id s5-20020a5d4245000000b00203dc492604mr4521756wrr.32.1648121454049; Thu, 24 Mar 2022 04:30:54 -0700 (PDT) Received: from mbp (rbl63-h01-176-130-73-189.dsl.sta.abo.bbox.fr. [176.130.73.189]) by smtp.gmail.com with ESMTPSA id 14-20020a056000154e00b00203f8adde0csm3174789wry.32.2022.03.24.04.30.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Mar 2022 04:30:52 -0700 (PDT) Date: Thu, 24 Mar 2022 12:30:47 +0100 From: Sofian Brabez To: Yasuhiro Kimura Cc: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org, Po-Chuan Hsieh Subject: Re: git: ad1bc60d6ae8 - main - security/py-openssl: update to 22.0.0 Message-ID: References: <202203221607.22MG7Ddg070845@gitrepo.freebsd.org> <20220323.184252.1805768179490517862.yasu@FreeBSD.org> List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="WWvYFHHATPmcS2WA" Content-Disposition: inline In-Reply-To: <20220323.184252.1805768179490517862.yasu@FreeBSD.org> X-Rspamd-Queue-Id: 4KPNMM5Wgwz4rjv X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b=HxtlFssB; dmarc=none; spf=pass (mx1.freebsd.org: domain of sbrabez@gmail.com designates 2a00:1450:4864:20::434 as permitted sender) smtp.mailfrom=sbrabez@gmail.com X-Spamd-Result: default: False [1.23 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; HAS_ATTACHMENT(0.00)[]; RCPT_COUNT_FIVE(0.00)[5]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; CTYPE_MIXED_BOGUS(1.00)[]; NEURAL_HAM_SHORT(-1.00)[-0.997]; FORGED_SENDER(0.30)[sbz@FreeBSD.org,sbrabez@gmail.com]; MIME_TRACE(0.00)[0:+,1:+,2:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[sbz@FreeBSD.org,sbrabez@gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.07)[-0.069]; MIME_GOOD(-0.10)[multipart/mixed,text/plain]; DMARC_NA(0.00)[FreeBSD.org]; NEURAL_SPAM_MEDIUM(1.00)[1.000]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::434:from]; MLMMJ_DEST(0.00)[dev-commits-ports-all,dev-commits-ports-main]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N --WWvYFHHATPmcS2WA Content-Type: text/plain; charset=utf-8 Content-Disposition: inline On 23 Mar 18:42 2022, Yasuhiro Kimura wrote: > From: Sofian Brabez > Subject: git: ad1bc60d6ae8 - main - security/py-openssl: update to 22.0.0 > Date: Tue, 22 Mar 2022 16:07:13 GMT > > > The branch main has been updated by sbz: > > > > URL: https://cgit.FreeBSD.org/ports/commit/?id=ad1bc60d6ae85090900d90475835894218872b12 > > > > commit ad1bc60d6ae85090900d90475835894218872b12 > > Author: Sofian Brabez > > AuthorDate: 2022-03-22 15:26:35 +0000 > > Commit: Sofian Brabez > > CommitDate: 2022-03-22 16:06:19 +0000 > > > > security/py-openssl: update to 22.0.0 > > According to the Release information of 22.0.0, minimum version of > py-cryptography has changed to 35.0. > > https://pypi.org/project/pyOpenSSL/#id1 > > Actually after this commit runtime error of certbot happens as following. > > root@rolling-vm-freebsd2[861]# certbot certonly --dns-rfc2136 --dns-rfc2136-credentials /usr/local/etc/letsencrypt/dns-rfc2136.ini -d '*.test.example.org' > Traceback (most recent call last): > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 568, in _build_master > ws.require(__requires__) > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 886, in require > needed = self.resolve(parse_requirements(requirements)) > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 777, in resolve > raise VersionConflict(dist, req).with_context(dependent_req) > pkg_resources.ContextualVersionConflict: (cryptography 3.3.2 (/usr/local/lib/python3.10/site-packages), Requirement.parse('cryptography>=35.0'), {'PyOpenSSL'}) > > During handling of the above exception, another exception occurred: > > Traceback (most recent call last): > File "/usr/local/bin/certbot", line 33, in > sys.exit(load_entry_point('certbot==1.25.0', 'console_scripts', 'certbot')()) > File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point > return next(matches).load() > File "/usr/local/lib/python3.10/importlib/metadata/__init__.py", line 171, in load > module = import_module(match.group('module')) > File "/usr/local/lib/python3.10/importlib/__init__.py", line 126, in import_module > return _bootstrap._gcd_import(name[level:], package, level) > File "", line 1050, in _gcd_import > File "", line 1027, in _find_and_load > File "", line 1006, in _find_and_load_unlocked > File "", line 688, in _load_unlocked > File "", line 883, in exec_module > File "", line 241, in _call_with_frames_removed > File "/usr/local/lib/python3.10/site-packages/certbot/main.py", line 6, in > from certbot._internal import main as internal_main > File "/usr/local/lib/python3.10/site-packages/certbot/_internal/main.py", line 25, in > from certbot import configuration > File "/usr/local/lib/python3.10/site-packages/certbot/configuration.py", line 10, in > from certbot import util > File "/usr/local/lib/python3.10/site-packages/certbot/util.py", line 27, in > from certbot._internal import constants > File "/usr/local/lib/python3.10/site-packages/certbot/_internal/constants.py", line 6, in > import pkg_resources > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 3243, in > def _initialize_master_working_set(): > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 3226, in _call_aside > f(*args, **kwargs) > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 3255, in _initialize_master_working_set > working_set = WorkingSet._build_master() > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 570, in _build_master > return cls._build_from_requirements(__requires__) > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 583, in _build_from_requirements > dists = ws.resolve(reqs, Environment()) > File "/usr/local/lib/python3.10/site-packages/pkg_resources/__init__.py", line 777, in resolve > raise VersionConflict(dist, req).with_context(dependent_req) > pkg_resources.ContextualVersionConflict: (cryptography 3.3.2 (/usr/local/lib/python3.10/site-packages), Requirement.parse('cryptography>=35.0'), {'PyOpenSSL'}) > root@rolling-vm-freebsd2[862]# > > --- > Yasuhiro Kimura Hi Yasuhiro, I don't use certbot so I take a look at that problem and even with the correct minimum version with this diff applied, it fails on another error related to rust bindings: With the following version installed sbz@freebsd13:~/git/ports $ pkg info |egrep 'py.*(crypto|openssl|certbot)' py38-certbot-1.22.0,1 Let's Encrypt client py38-cryptography-36.0.2 Cryptographic recipes and primitives for Python developers py38-cryptography-vectors-36.0.2 Test vectors for the cryptography package py38-openssl-22.0.0 Python interface to the OpenSSL library Then I run your given command sbz@freebsd13:~/git/ports $ certbot certonly --dns-rfc2136 --dns-rfc2136-credentials /usr/local/etc/letsencrypt/dns-rfc2136.ini -d '*.test.example.org' Traceback (most recent call last): File "/usr/local/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==1.22.0', 'console_scripts', 'certbot')()) File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point return next(matches).load() File "/usr/local/lib/python3.8/importlib/metadata.py", line 77, in load module = import_module(match.group('module')) File "/usr/local/lib/python3.8/importlib/__init__.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1014, in _gcd_import File "", line 991, in _find_and_load File "", line 975, in _find_and_load_unlocked File "", line 671, in _load_unlocked File "", line 843, in exec_module File "", line 219, in _call_with_frames_removed File "/usr/local/lib/python3.8/site-packages/certbot/main.py", line 6, in from certbot._internal import main as internal_main File "/usr/local/lib/python3.8/site-packages/certbot/_internal/main.py", line 18, in import josepy as jose File "/usr/local/lib/python3.8/site-packages/josepy/__init__.py", line 43, in from josepy.json_util import ( File "/usr/local/lib/python3.8/site-packages/josepy/json_util.py", line 14, in from OpenSSL import crypto File "/usr/local/lib/python3.8/site-packages/OpenSSL/__init__.py", line 8, in from OpenSSL import crypto, SSL File "/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 8, in from cryptography import utils, x509 File "/usr/local/lib/python3.8/site-packages/cryptography/x509/__init__.py", line 6, in from cryptography.x509 import certificate_transparency File "/usr/local/lib/python3.8/site-packages/cryptography/x509/certificate_transparency.py", line 10, in from cryptography.hazmat.bindings._rust import x509 as rust_x509 ImportError: cannot import name 'x509' from 'cryptography.hazmat.bindings._rust' (unknown location) At the moment, it seems we are not ready to update security/py-openssl to the latest version yet, so I have restored the previous version in 0e63dc8634485b1b16e1b11e56580b482cc5c3bd. I will wait sunpoet@ update security/py-cryptography* ports to do it. Recent versions after 35.0.0 need rust extensions to be built and I am not familiar with it. Thanks for the report. Regards -- Sofian Brabez --WWvYFHHATPmcS2WA Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename="py-cryptography-update.diff" diff --git a/security/py-cryptography-vectors/Makefile b/security/py-cryptography-vectors/Makefile index 6b8187dfa9..660d7f79c1 100644 --- a/security/py-cryptography-vectors/Makefile +++ b/security/py-cryptography-vectors/Makefile @@ -1,7 +1,7 @@ # Created by: Po-Chuan Hsieh PORTNAME= cryptography-vectors -PORTVERSION= 3.4.8 +PORTVERSION= 36.0.2 CATEGORIES= security python MASTER_SITES= CHEESESHOP PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} diff --git a/security/py-cryptography-vectors/distinfo b/security/py-cryptography-vectors/distinfo index 60e5faf5ee..4d3fe6f701 100644 --- a/security/py-cryptography-vectors/distinfo +++ b/security/py-cryptography-vectors/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1632037228 -SHA256 (cryptography_vectors-3.4.8.tar.gz) = 4c84410257993d3de058b44b777a49e1da2ae35ebea2970a360c7e3aa0f580f2 -SIZE (cryptography_vectors-3.4.8.tar.gz) = 35168097 +TIMESTAMP = 1648061540 +SHA256 (cryptography_vectors-36.0.2.tar.gz) = 2a7924449a03025faf7f8754a6f4200001cab210734a6ce6ac1f6bdacd3a68e4 +SIZE (cryptography_vectors-36.0.2.tar.gz) = 35227191 diff --git a/security/py-cryptography/Makefile b/security/py-cryptography/Makefile index 306d5d7a42..f57dfe0b3e 100644 --- a/security/py-cryptography/Makefile +++ b/security/py-cryptography/Makefile @@ -1,7 +1,7 @@ # Created by: Kubilay Kocak PORTNAME= cryptography -PORTVERSION= 3.3.2 +PORTVERSION= 36.0.2 CATEGORIES= security python MASTER_SITES= CHEESESHOP PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -14,7 +14,8 @@ LICENSE_COMB= dual LICENSE_FILE_APACHE20= ${WRKSRC}/LICENSE.APACHE LICENSE_FILE_BSD3CLAUSE= ${WRKSRC}/LICENSE.BSD -BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}cffi>=1.8:devel/py-cffi@${PY_FLAVOR} +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}cffi>=1.8:devel/py-cffi@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}setuptools-rust>0:devel/py-setuptools-rust@${PY_FLAVOR} RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}cffi>=1.8:devel/py-cffi@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}six>=1.4.1:devel/py-six@${PY_FLAVOR} TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}cryptography-vectors>=${PORTVERSION}:security/py-cryptography-vectors@${PY_FLAVOR} \ diff --git a/security/py-cryptography/distinfo b/security/py-cryptography/distinfo index a2ec744712..68ec599738 100644 --- a/security/py-cryptography/distinfo +++ b/security/py-cryptography/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1614253508 -SHA256 (cryptography-3.3.2.tar.gz) = 5a60d3780149e13b7a6ff7ad6526b38846354d11a15e21068e57073e29e19bed -SIZE (cryptography-3.3.2.tar.gz) = 539883 +TIMESTAMP = 1648061557 +SHA256 (cryptography-36.0.2.tar.gz) = 70f8f4f7bb2ac9f340655cbac89d68c527af5bb4387522a8413e841e3e6628c9 +SIZE (cryptography-36.0.2.tar.gz) = 572053 diff --git a/security/py-openssl/Makefile b/security/py-openssl/Makefile index 79371eeebb..ba0cf01c2a 100644 --- a/security/py-openssl/Makefile +++ b/security/py-openssl/Makefile @@ -13,7 +13,7 @@ COMMENT= Python interface to the OpenSSL library LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}cryptography>=2.8:security/py-cryptography@${PY_FLAVOR} \ +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}cryptography>=35.0.0:security/py-cryptography@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}six>=1.5.2:devel/py-six@${PY_FLAVOR} TEST_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pytest>=3.0.1:devel/py-pytest@${PY_FLAVOR} \ ${PYTHON_PKGNAMEPREFIX}flaky>0:devel/py-flaky@${PY_FLAVOR} \ --WWvYFHHATPmcS2WA--