gentoo resync : 14.04.2018

7 files changed, 241 insertions, 3 deletions

diff --git a/dev-python/cryptography/Manifest b/dev-python/cryptography/Manifest
index 8e8cb157577c..91b962d5f7ad 100644
--- a/dev-python/cryptography/Manifest
+++ b/dev-python/cryptography/Manifest
@@ -1,7 +1,12 @@
+AUX cryptography-1.7.1-libressl251.patch 948 BLAKE2B cfb192c89d714093f366a75245911de165a3cab7062737df7b949a928927a5b6f0000b9fa7efa416798c62c803b406b14d2888afef87f8e63759fd3ff74c8da9 SHA512 5660bd82498ec2bd17ad4dcbd8d3ffd8a2a1364dc5584736e4cff278bbeb4644138336385fa2bc16261fe4712481c6cffba227aaa09c841df3081709f8ec7187
+AUX cryptography-2.1.4-libressl-2.7-x509.patch 1005 BLAKE2B 9c01fe0f9c3c8c598388db68f68470b953b4a8e79dba8c1d3c6ce56486a93f340101a58db8771fa1adeaabe430d78acbb6723da597b8b114416d676022b989d4 SHA512 fc58993b3dc86990194e03c7cc4554d83260b243913d77b3743fe1f9fd0d21985ee849c6b7f7fc158c48b75505e8e8a9adf090b9c7ba40e12b09b3c020e50afe
+AUX cryptography-2.1.4-libressl-2.7-x509_vfy.patch 3419 BLAKE2B 89642459484d42958aec818c4196eff35991ba415c76ee1f43c0765b1a9687c6b405f31322227eb132309439aa8d7ee5ed6df7ed07f640e4eea21c6e97fde858 SHA512 e941b89924d68b1d1dfe8e64a4f7ae363ccb53fd232a3853d9ddba0a7aed1dc27fb8d699e9197bdd7ff0b1780c1f12edd2edd4133f08e2f7f13348b170985a4c
 DIST cryptography-1.7.1.tar.gz 420673 BLAKE2B 8c0257187f29173bae610f191f6ae3251e5dd2cfcbe639020d1ea8f94a09bfe4281c9f6b2c85aefc1989c5832eab4db40c226a8a2e12c4dcbf6241555dafa628 SHA512 fb88b0ee9e314526fcdbb6d35da409b7335c7408a69d2350c58379471d2b9d76021010955629cf776d26312f22d4f8aa3f135955a19dfbff9d602176c9bbfd40
 DIST cryptography-2.0.2.tar.gz 427303 BLAKE2B 53f891c02aa4b82b13a66a4c74bd6db9e8dcdb57bd0bba76648e0c1be710ce1d94c8425ead6d81b240b39c034125ce320757d4b43c56bc7410af11f171cf9a21 SHA512 a71219ff52006a7c8bf1553d0f132c747566c630281ef89aac40c65b193b1f0074fc9cda1de7057c76b452113dfb6188c83baef3ed9c05ff18adbc8b7bba646b
 DIST cryptography-2.1.4.tar.gz 441557 BLAKE2B 66aa07930ee54469328977e27096e65b7a333b38b71828c71cb7891b489ef7af60f5e5590f67b43d5e63dc2279d9ca1ba036879f3145264f7639d65000958b50 SHA512 f749cb4384badc174a842514e5a4fee2ed01ab9c716799d8d9d5301f6d2d97b6c41deb9e425f48928b639fa34bef8c05529ed7e5b777ef5ca75c244f8fda8fd4
+EBUILD cryptography-1.7.1-r1.ebuild 1729 BLAKE2B 24e29311b4214897b071201eebca29f1c92966cd757b59003d1b1f45a3331a873d995ad9591201cd362200b5477263b1262e8ac30f2e9caf87f9624956315f2f SHA512 c4ad96db1cf986d9afdf4e6a9b2ec04aff936b6b3184b98f60614ed23f55df27735918d434be86513a15c5d84364500516590f0fbae0ef9a8c16124f8392b12c
 EBUILD cryptography-1.7.1.ebuild 1666 BLAKE2B b474878fa899bf532dc628455180463f8068d4ce90a3d0f91f6367aef1eaa5f9dc9027496bb2ccc1c9bd9451b00ae0e713c92a4e0fe156b68ae209fb5befb14a SHA512 d30f513b2b76fb1fa100b9c9a06adf3330e66f6fcc18ca62d01dc493fa70aa6e84e6cc902e0d2d537d456c8fe8b963b25142bedd5d1185d476c032d0c50b7950
-EBUILD cryptography-2.0.2-r1.ebuild 1625 BLAKE2B 8ad8cec1c8e8d005b954afa1657cb28691f3a8718009b38834fe5eff5fd04e6827694f65ae266ef544b7ddbad2e2c4ef3d9f4cf300ca4ecd5c4eb1b479b5ec88 SHA512 5ab761262bbdae17ee75b54b5c02a295df4ee0d2b6c4a33c6371b99a20c565d0e8dd6a9cd857e474b782dec9759188b046bd354a5f65a1f9946e426fb23b4e60
+EBUILD cryptography-2.0.2-r1.ebuild 1628 BLAKE2B 03385da8ed6efb3db70150a7b0cedfb36c013f07b9bca14a8993c710bee77f97313b5d61dbc06ba1108a6b9f6804d3fb5a3bca5de26dad24a66184619b119730 SHA512 276c1f36d1e00b351717cba037cbf9803dcf92b574517c68098ff34bdf7f37ecb24bc32bbee02df43fa71afa5642b7bcce42337b27904abf77b5046528815c45
+EBUILD cryptography-2.1.4-r1.ebuild 2180 BLAKE2B 7d42c356dfbadd35b96c56e25f2424e75517c90f053b9e6ac99045bf21311f0b1d26bed2cd9f5c9d69e8b8cc3b1e823918fea30076e247069827518e1b6467e6 SHA512 982a1ce19c646206fc8c1df2776386e12464f318b25feba36d9959bce394f265ff4c271ea76c83d46499b2bc46b1283432afaffc5309ba4a68365a0969db3672
 EBUILD cryptography-2.1.4.ebuild 2054 BLAKE2B 3ed17aad90956150831f5831708a73cbce2537b1ad0ac96130c30041a513b60a0bf508ecd04fe563ad0b5cb20bddb6de8cca9870deac8b30a7ba76d7573ed046 SHA512 12ecf36d4124e39d50a602c8910f6f243e87301d2cda588a979a4f1841dcb73ce6204901ca7d42138880f4c5e99ef9f499f873ffc183beb8474393158a07787c
 MISC metadata.xml 384 BLAKE2B 6dbfdd39bb24b2df61454716e308605ae1d35c3babd01f16556bbbab240e425434315cb2b80a2c3e8e9b18b237899b5fb96566a7ffefde2af3af1dcc2e08362b SHA512 c2806f846608bdd0720b589494e13f57ab2d64026747f2b13f412c9a0e9d2bef6b16fc357e4d16b74ad7a2a2af8daa5e28d0b6bfe4d2141ce68881c724fd24c7
diff --git a/dev-python/cryptography/cryptography-1.7.1-r1.ebuild b/dev-python/cryptography/cryptography-1.7.1-r1.ebuild
new file mode 100644
index 000000000000..c6928ab74a34
--- /dev/null
+++ b/dev-python/cryptography/cryptography-1.7.1-r1.ebuild
@@ -0,0 +1,52 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} )
+PYTHON_REQ_USE="threads(+)"
+
+inherit distutils-r1
+
+DESCRIPTION="Library providing cryptographic recipes and primitives"
+HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.python.org/pypi/cryptography/"
+SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+
+LICENSE="|| ( Apache-2.0 BSD )"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="libressl test"
+
+RDEPEND="
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )
+	$(python_gen_cond_dep '>=dev-python/cffi-1.4.1:=[${PYTHON_USEDEP}]' 'python*')
+	$(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 python3_3 pypy{,3})
+	>=dev-python/idna-2.0[${PYTHON_USEDEP}]
+	>=dev-python/pyasn1-0.1.8[${PYTHON_USEDEP}]
+	dev-python/setuptools[${PYTHON_USEDEP}]
+	>=dev-python/six-1.4.1[${PYTHON_USEDEP}]
+	$(python_gen_cond_dep '>=virtual/pypy-2.6.0' pypy )
+	virtual/python-ipaddress[${PYTHON_USEDEP}]
+	"
+DEPEND="${RDEPEND}
+	>=dev-python/setuptools-1.0[${PYTHON_USEDEP}]
+	test? (
+		~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]
+		dev-python/hypothesis[${PYTHON_USEDEP}]
+		dev-python/iso8601[${PYTHON_USEDEP}]
+		dev-python/pretend[${PYTHON_USEDEP}]
+		dev-python/pyasn1-modules[${PYTHON_USEDEP}]
+		>=dev-python/pytest-2.9.0[${PYTHON_USEDEP}]
+		dev-python/pytz[${PYTHON_USEDEP}]
+	)"
+
+DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
+
+PATCHES=( "${FILESDIR}"/${P}-libressl251.patch )
+
+python_test() {
+	distutils_install_for_testing
+
+	py.test -v -v -x || die "Tests fail with ${EPYTHON}"
+}
diff --git a/dev-python/cryptography/cryptography-2.0.2-r1.ebuild b/dev-python/cryptography/cryptography-2.0.2-r1.ebuild
index e1a1c26f4aaf..57b42e13bd36 100644
--- a/dev-python/cryptography/cryptography-2.0.2-r1.ebuild
+++ b/dev-python/cryptography/cryptography-2.0.2-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6
@@ -19,7 +19,7 @@ IUSE="libressl test"
 
 RDEPEND="
 	!libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] )
-	libressl? ( dev-libs/libressl )
+	libressl? ( dev-libs/libressl:0= )
 	$(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*')
 	$(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3})
 	>=dev-python/idna-2.1[${PYTHON_USEDEP}]
diff --git a/dev-python/cryptography/cryptography-2.1.4-r1.ebuild b/dev-python/cryptography/cryptography-2.1.4-r1.ebuild
new file mode 100644
index 000000000000..27a23caab640
--- /dev/null
+++ b/dev-python/cryptography/cryptography-2.1.4-r1.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy{,3} )
+PYTHON_REQ_USE="threads(+)"
+
+inherit distutils-r1 flag-o-matic
+
+DESCRIPTION="Library providing cryptographic recipes and primitives"
+HOMEPAGE="https://github.com/pyca/cryptography/ https://pypi.python.org/pypi/cryptography/"
+SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+
+LICENSE="|| ( Apache-2.0 BSD )"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x64-macos ~x64-solaris"
+IUSE="libressl test"
+
+# the openssl 1.0.2l-r1 needs to be updated again :(
+# It'd theb be able to go into the || section again
+#=dev-libs/openssl-1.0.2l-r1:0
+# the following is the original section, disallowing bindist entirely
+#!libressl? ( >=dev-libs/openssl-1.0.2:0=[-bindist(-)] )
+RDEPEND="
+	!libressl? (
+		dev-libs/openssl:0= (
+			|| (
+				dev-libs/openssl:0[-bindist(-)]
+				>=dev-libs/openssl-1.1.0g-r1:0
+			)
+		)
+	)
+	libressl? ( dev-libs/libressl:0= )
+	$(python_gen_cond_dep '>=dev-python/cffi-1.7:=[${PYTHON_USEDEP}]' 'python*')
+	$(python_gen_cond_dep 'dev-python/enum34[${PYTHON_USEDEP}]' python2_7 pypy{,3})
+	>=dev-python/idna-2.1[${PYTHON_USEDEP}]
+	>=dev-python/asn1crypto-0.21.0[${PYTHON_USEDEP}]
+	dev-python/setuptools[${PYTHON_USEDEP}]
+	>=dev-python/six-1.4.1[${PYTHON_USEDEP}]
+	virtual/python-ipaddress[${PYTHON_USEDEP}]
+	"
+DEPEND="${RDEPEND}
+	>=dev-python/setuptools-1.0[${PYTHON_USEDEP}]
+	test? (
+		~dev-python/cryptography-vectors-${PV}[${PYTHON_USEDEP}]
+		dev-python/hypothesis[${PYTHON_USEDEP}]
+		dev-python/iso8601[${PYTHON_USEDEP}]
+		dev-python/pretend[${PYTHON_USEDEP}]
+		dev-python/pyasn1-modules[${PYTHON_USEDEP}]
+		>=dev-python/pytest-2.9.0[${PYTHON_USEDEP}]
+		dev-python/pytz[${PYTHON_USEDEP}]
+	)"
+
+DOCS=( AUTHORS.rst CONTRIBUTING.rst README.rst )
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509.patch
+	"${FILESDIR}"/${PN}-2.1.4-libressl-2.7-x509_vfy.patch
+)
+
+python_configure_all() {
+	append-cflags $(test-flags-CC -pthread)
+}
+
+python_test() {
+	py.test -v -v -x || die "Tests fail with ${EPYTHON}"
+}
diff --git a/dev-python/cryptography/files/cryptography-1.7.1-libressl251.patch b/dev-python/cryptography/files/cryptography-1.7.1-libressl251.patch
new file mode 100644
index 000000000000..a23ed7658f83
--- /dev/null
+++ b/dev-python/cryptography/files/cryptography-1.7.1-libressl251.patch
@@ -0,0 +1,17 @@
+diff -Naur cryptography-1.7.1.orig/src/_cffi_src/openssl/x509_vfy.py cryptography-1.7.1/src/_cffi_src/openssl/x509_vfy.py
+--- cryptography-1.7.1.orig/src/_cffi_src/openssl/x509_vfy.py	2017-02-01 12:29:59.080728417 -0800
++++ cryptography-1.7.1/src/_cffi_src/openssl/x509_vfy.py	2017-02-01 12:31:48.017895844 -0800
+@@ -221,10 +221,13 @@
+ static const long X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = 0;
+ static const long X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED = 0;
+ static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0;
++#if !CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER || \
++    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2050100fL)
+ static const long X509_V_ERR_HOSTNAME_MISMATCH = 0;
+ static const long X509_V_ERR_EMAIL_MISMATCH = 0;
+ static const long X509_V_ERR_IP_ADDRESS_MISMATCH = 0;
++#endif
+ #endif
+ 
+ /* OpenSSL 1.0.2beta2+ verification parameters */
+ #if CRYPTOGRAPHY_OPENSSL_102BETA2_OR_GREATER && \
diff --git a/dev-python/cryptography/files/cryptography-2.1.4-libressl-2.7-x509.patch b/dev-python/cryptography/files/cryptography-2.1.4-libressl-2.7-x509.patch
new file mode 100644
index 000000000000..9a14d4606019
--- /dev/null
+++ b/dev-python/cryptography/files/cryptography-2.1.4-libressl-2.7-x509.patch
@@ -0,0 +1,23 @@
+diff -ur a/src/_cffi_src/openssl/x509.py b/src/_cffi_src/openssl/x509.py
+--- a/src/_cffi_src/openssl/x509.py	2017-07-27 05:11:29.000000000 +0200
++++ b/src/_cffi_src/openssl/x509.py	2018-03-23 10:28:00.387774214 +0100
+@@ -254,8 +254,7 @@
+ 
+ const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *);
+ 
+-/* in 1.1.0 becomes const ASN1_BIT_STRING, const X509_ALGOR */
+-void X509_get0_signature(ASN1_BIT_STRING **, X509_ALGOR **, X509 *);
++void X509_get0_signature(const ASN1_BIT_STRING **, const X509_ALGOR **, const X509 *);
+ 
+ long X509_get_version(X509 *);
+ 
+@@ -338,7 +337,8 @@
+ CUSTOMIZATIONS = """
+ /* Added in 1.0.2 beta but we need it in all versions now due to the great
+    opaquing. */
+-#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102
++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 && \
++    (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
+ /* from x509/x_x509.c version 1.0.2 */
+ void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
+                          const X509 *x)
diff --git a/dev-python/cryptography/files/cryptography-2.1.4-libressl-2.7-x509_vfy.patch b/dev-python/cryptography/files/cryptography-2.1.4-libressl-2.7-x509_vfy.patch
new file mode 100644
index 000000000000..a1c93cf0c66e
--- /dev/null
+++ b/dev-python/cryptography/files/cryptography-2.1.4-libressl-2.7-x509_vfy.patch
@@ -0,0 +1,73 @@
+$OpenBSD: patch-src__cffi_src_openssl_x509_vfy_py,v 1.7 2018/02/22 18:49:16 sthen Exp $
+
+--- a/src/_cffi_src/openssl/x509_vfy.py
++++ b/src/_cffi_src/openssl/x509_vfy.py
+@@ -204,7 +204,7 @@ int sk_X509_OBJECT_num(Cryptography_STACK_OF_X509_OBJE
+ X509_OBJECT *sk_X509_OBJECT_value(Cryptography_STACK_OF_X509_OBJECT *, int);
+ X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *);
+ Cryptography_STACK_OF_X509_OBJECT *X509_STORE_get0_objects(X509_STORE *);
+-X509 *X509_OBJECT_get0_X509(X509_OBJECT *);
++X509 *X509_OBJECT_get0_X509(const X509_OBJECT *);
+ int X509_OBJECT_get_type(const X509_OBJECT *);
+ 
+ /* added in 1.1.0 */
+@@ -220,14 +220,11 @@ static const long Cryptography_HAS_102_VERIFICATION_ER
+ static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
+ #else
+ static const long Cryptography_HAS_102_VERIFICATION_ERROR_CODES = 0;
++#if LIBRESSL_VERSION_NUMBER >= 0x2070000fL
++static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 1;
++#else
+ static const long Cryptography_HAS_102_VERIFICATION_PARAMS = 0;
+ 
+-static const long X509_V_ERR_SUITE_B_INVALID_VERSION = 0;
+-static const long X509_V_ERR_SUITE_B_INVALID_ALGORITHM = 0;
+-static const long X509_V_ERR_SUITE_B_INVALID_CURVE = 0;
+-static const long X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = 0;
+-static const long X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED = 0;
+-static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0;
+ /* These 3 defines are unavailable in LibreSSL 2.5.x, but may be added
+    in the future... */
+ #ifndef X509_V_ERR_HOSTNAME_MISMATCH
+@@ -240,12 +237,6 @@ static const long X509_V_ERR_EMAIL_MISMATCH = 0;
+ static const long X509_V_ERR_IP_ADDRESS_MISMATCH = 0;
+ #endif
+ 
+-/* X509_V_FLAG_TRUSTED_FIRST is also new in 1.0.2+, but it is added separately
+-   below because it shows up in some earlier 3rd party OpenSSL packages. */
+-static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0;
+-static const long X509_V_FLAG_SUITEB_192_LOS = 0;
+-static const long X509_V_FLAG_SUITEB_128_LOS = 0;
+-
+ int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *,
+                                    size_t) = NULL;
+ int (*X509_VERIFY_PARAM_set1_email)(X509_VERIFY_PARAM *, const char *,
+@@ -257,6 +248,19 @@ void (*X509_VERIFY_PARAM_set_hostflags)(X509_VERIFY_PA
+                                         unsigned int) = NULL;
+ #endif
+ 
++static const long X509_V_ERR_SUITE_B_INVALID_VERSION = 0;
++static const long X509_V_ERR_SUITE_B_INVALID_ALGORITHM = 0;
++static const long X509_V_ERR_SUITE_B_INVALID_CURVE = 0;
++static const long X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM = 0;
++static const long X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED = 0;
++static const long X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 0;
++/* X509_V_FLAG_TRUSTED_FIRST is also new in 1.0.2+, but it is added separately
++   below because it shows up in some earlier 3rd party OpenSSL packages. */
++static const long X509_V_FLAG_SUITEB_128_LOS_ONLY = 0;
++static const long X509_V_FLAG_SUITEB_192_LOS = 0;
++static const long X509_V_FLAG_SUITEB_128_LOS = 0;
++#endif
++
+ /* OpenSSL 1.0.2+ or Solaris's backport */
+ #ifdef X509_V_FLAG_PARTIAL_CHAIN
+ static const long Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN = 1;
+@@ -292,7 +296,7 @@ X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx)
+     return ctx->cert;
+ }
+ 
+-X509 *X509_OBJECT_get0_X509(X509_OBJECT *x) {
++X509 *X509_OBJECT_get0_X509(const X509_OBJECT *x) {
+     return x->data.x509;
+ }
+ #endif