[pkgsrc/trunk]: pkgsrc/security/py-OpenSSL Changes 17.0.0:

[adam <adam%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/1c1c4499489b
branches:  trunk
changeset: 362250:1c1c4499489b
user:      adam <adam%pkgsrc.org@localhost>
date:      Tue May 09 16:49:07 2017 +0000

description:
Changes 17.0.0:
- Added ``OpenSSL.X509Store.set_time()`` to set a custom verification time when verifying certificate chains.
- Added a collection of functions for working with OCSP stapling.
  None of these functions make it possible to validate OCSP assertions, only to staple them into the handshake and to retrieve the stapled assertion if provided.
  Users will need to write their own code to handle OCSP assertions.
  We specifically added: ``Context.set_ocsp_server_callback``, ``Context.set_ocsp_client_callback``, and ``Connection.request_ocsp``.
- Changed the ``SSL`` module's memory allocation policy to avoid zeroing memory it allocates when unnecessary.
  This reduces CPU usage and memory allocation time by an amount proportional to the size of the allocation.
  For applications that process a lot of TLS data or that use very lage allocations this can provide considerable performance improvements.
- Automatically set ``SSL_CTX_set_ecdh_auto()`` on ``OpenSSL.SSL.Context``.
- Fix empty exceptions from ``OpenSSL.crypto.load_privatekey()``.

diffstat:

 security/py-OpenSSL/Makefile                      |   4 ++--
 security/py-OpenSSL/distinfo                      |  12 ++++++------
 security/py-OpenSSL/patches/patch-tests_memdbg.py |   5 ++---
 3 files changed, 10 insertions(+), 11 deletions(-)

diffs (50 lines):

diff -r 0f47c98ff90e -r 1c1c4499489b security/py-OpenSSL/Makefile
--- a/security/py-OpenSSL/Makefile      Tue May 09 16:30:25 2017 +0000
+++ b/security/py-OpenSSL/Makefile      Tue May 09 16:49:07 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.40 2017/01/28 12:09:14 wiz Exp $
+# $NetBSD: Makefile,v 1.41 2017/05/09 16:49:07 adam Exp $
 
-DISTNAME=      pyOpenSSL-16.2.0
+DISTNAME=      pyOpenSSL-17.0.0
 PKGNAME=       ${PYPKGPREFIX}-${DISTNAME:S/py//}
 CATEGORIES=    security python
 MASTER_SITES=  ${MASTER_SITE_PYPI:=p/pyOpenSSL/}
diff -r 0f47c98ff90e -r 1c1c4499489b security/py-OpenSSL/distinfo
--- a/security/py-OpenSSL/distinfo      Tue May 09 16:30:25 2017 +0000
+++ b/security/py-OpenSSL/distinfo      Tue May 09 16:49:07 2017 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.13 2017/01/28 12:09:14 wiz Exp $
+$NetBSD: distinfo,v 1.14 2017/05/09 16:49:07 adam Exp $
 
-SHA1 (pyOpenSSL-16.2.0.tar.gz) = ee0beabb001369d5fbb91ef71276cad73b3df21d
-RMD160 (pyOpenSSL-16.2.0.tar.gz) = de7809b08f9a3cef806784ec366000f4d044dc81
-SHA512 (pyOpenSSL-16.2.0.tar.gz) = c1b068137a492564fe958603712d401b7ee0def94c01a28be55f5c89e07c25684ecb0f465f3c56f35924bde038894f2914ac49539144845fb586d12b80307078
-Size (pyOpenSSL-16.2.0.tar.gz) = 167305 bytes
-SHA1 (patch-tests_memdbg.py) = 5ae8ea838363e1a9ee434c5c7dd39f5ba58471b2
+SHA1 (pyOpenSSL-17.0.0.tar.gz) = c782f9da1845bdf80212d23e253ab46ffab9ed3b
+RMD160 (pyOpenSSL-17.0.0.tar.gz) = d0bc9de9f695ace84205d4cff761be086d66e63e
+SHA512 (pyOpenSSL-17.0.0.tar.gz) = 819be95f920a70b40ae48ed6740bd1d8cd3bf2fc080f682db8978946929994cb87ac467e220267dcdafc40aa7ed2cce51a334a49b06c1e2665d295157181ddad
+Size (pyOpenSSL-17.0.0.tar.gz) = 167121 bytes
+SHA1 (patch-tests_memdbg.py) = 0cca9c930a8f6065205ed28ec6d2551b45f4d606
diff -r 0f47c98ff90e -r 1c1c4499489b security/py-OpenSSL/patches/patch-tests_memdbg.py
--- a/security/py-OpenSSL/patches/patch-tests_memdbg.py Tue May 09 16:30:25 2017 +0000
+++ b/security/py-OpenSSL/patches/patch-tests_memdbg.py Tue May 09 16:49:07 2017 +0000
@@ -1,7 +1,6 @@
-$NetBSD: patch-tests_memdbg.py,v 1.1 2017/01/28 12:09:14 wiz Exp $
+$NetBSD: patch-tests_memdbg.py,v 1.2 2017/05/09 16:49:07 adam Exp $
 
 Fix running test on NetBSD.
-Breaks Linux, but I expect more people to run the tests on NetBSD.
 https://github.com/pyca/pyopenssl/issues/595
 
 --- tests/memdbg.py.orig       2016-02-15 10:25:58.000000000 +0000
@@ -23,7 +22,7 @@
      #include <stdlib.h>
      #include <execinfo.h>
 -    """, libraries=["crypto"])
-+    """, libraries=["crypto", "execinfo"])
++    """, libraries=["crypto", "execinfo"] if sys.platform.startswith('netbsd') else ["crypto"])
  C = _ffi.dlopen(None)
  
  verbose = False