python3-m2crypto: Upgrade to 0.37.1

Unifiy .inc into .bb Add patches to fix issues with openssl 1.1.x Remove m2crypto-0.26.4-gcc_macros patch, its no longer needed Refresh existing patches Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
author: Khem Raj <raj.khem@gmail.com> 2021-05-01 12:04:27 -0700
committer: Khem Raj <raj.khem@gmail.com> 2021-05-03 08:05:21 -0700
commit: b8bbcd4dea422be57123d75fbf77db6d33542b06 (patch)
tree: 17575e74c76687ac01ecdd69aed7a71614941326 /meta-python/recipes-devtools/python/python3-m2crypto
parent: 57baca4bc1b681482bc014508d28f7def5949c33 (diff)
download: meta-openembedded-b8bbcd4dea422be57123d75fbf77db6d33542b06.tar.gz
4 files changed, 140 insertions, 0 deletions
diff --git a/meta-python/recipes-devtools/python/python3-m2crypto/0001-Allow-verify_cb_-to-be-called-with-ok-True.patch b/meta-python/recipes-devtools/python/python3-m2crypto/0001-Allow-verify_cb_-to-be-called-with-ok-True.patch
new file mode 100644
index 0000000000..3c836635a1
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-m2crypto/0001-Allow-verify_cb_-to-be-called-with-ok-True.patch
@@ -0,0 +1,47 @@
+From 73fbd1e646f6bbf202d4418bae80eb9941fbf552 Mon Sep 17 00:00:00 2001
+From: Casey Deccio <casey@deccio.net>
+Date: Fri, 8 Jan 2021 12:43:09 -0700
+Subject: [PATCH] Allow verify_cb_* to be called with ok=True
+With https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
+OpenSSL allowed verificaton to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE
+---
+ tests/test_ssl.py | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+diff --git a/tests/test_ssl.py b/tests/test_ssl.py
+index 92b6942..7a3271a 100644
+--- a/tests/test_ssl.py
+++ b/tests/test_ssl.py
+@@ -59,8 +59,13 @@ def allocate_srv_port():
+ 
+ 
+ def verify_cb_new_function(ok, store):
+-    assert not ok
+     err = store.get_error()
+    # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
+    # aborting, this callback is called to retrieve additional error
+    # information.  In this case, ok might not be False.
+    # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
+    if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+        assert not ok
+     assert err in [m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
+                    m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
+                    m2.X509_V_ERR_CERT_UNTRUSTED,
+@@ -618,7 +623,12 @@ class MiscSSLClientTestCase(BaseSSLClientTestCase):
+ 
+     def verify_cb_old(self, ctx_ptr, x509_ptr, err, depth, ok):
+         try:
+-            self.assertFalse(ok)
+            # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
+            # aborting, this callback is called to retrieve additional error
+            # information.  In this case, ok might not be False.
+            # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
+            if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+                self.assertFalse(ok)
+             self.assertIn(err,
+                           [m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
+                            m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
+-- 
+2.29.2
diff --git a/meta-python/recipes-devtools/python/python3-m2crypto/0001-Use-of-RSA_SSLV23_PADDING-has-been-deprecated.patch b/meta-python/recipes-devtools/python/python3-m2crypto/0001-Use-of-RSA_SSLV23_PADDING-has-been-deprecated.patch
new file mode 100644
index 0000000000..2313a324a0
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-m2crypto/0001-Use-of-RSA_SSLV23_PADDING-has-been-deprecated.patch
@@ -0,0 +1,29 @@
+From d06eaa88a5f491827733f32027c46de3557fbd05 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Mat=C4=9Bj=20Cepl?= <mcepl@cepl.eu>
+Date: Fri, 19 Feb 2021 15:53:02 +0100
+Subject: [PATCH] Use of RSA_SSLV23_PADDING has been deprecated.
+Fixes #293.
+---
+ tests/test_rsa.py | 5 -----
+ 1 file changed, 5 deletions(-)
+diff --git a/tests/test_rsa.py b/tests/test_rsa.py
+index 3de5016..7299785 100644
+--- a/tests/test_rsa.py
+++ b/tests/test_rsa.py
+@@ -124,11 +124,6 @@ class RSATestCase(unittest.TestCase):
+             ptxt = priv.private_decrypt(ctxt, p)
+             self.assertEqual(ptxt, self.data)
+ 
+-        # sslv23_padding
+-        ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding)
+-        res = priv.private_decrypt(ctxt, RSA.sslv23_padding)
+-        self.assertEqual(res, self.data)
+-
+         # no_padding
+         with six.assertRaisesRegex(self, RSA.RSAError, 'data too small'):
+             priv.public_encrypt(self.data, RSA.no_padding)
+-- 
+2.29.2
diff --git a/meta-python/recipes-devtools/python/python3-m2crypto/0001-setup.py-link-in-sysroot-not-in-host-directories.patch b/meta-python/recipes-devtools/python/python3-m2crypto/0001-setup.py-link-in-sysroot-not-in-host-directories.patch
new file mode 100644
index 0000000000..f4c74384f9
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-m2crypto/0001-setup.py-link-in-sysroot-not-in-host-directories.patch
@@ -0,0 +1,33 @@
+From dfb83a41aaeae326e9b6f02b233af375bc7b8815 Mon Sep 17 00:00:00 2001
+From: Koen Kooi <koen@dominion.thruhere.net>
+Date: Fri, 29 Mar 2013 15:17:17 +0100
+Subject: [PATCH] setup.py: link in sysroot, not in host directories
+Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
+Upstream-status: Unknown
+---
+ setup.py | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+--- a/setup.py
+++ b/setup.py
+@@ -135,6 +135,7 @@ class _M2CryptoBuildExt(build_ext.build_
+         self.set_undefined_options('build', ('bundledlls', 'bundledlls'))
+ 
+         self.libraries = ['ssl', 'crypto']
+        self.openssl = os.environ.get( "STAGING_DIR" )
+         if sys.platform == 'win32':
+             self.libraries = ['ssleay32', 'libeay32']
+             if self.openssl and openssl_version(self.openssl,
+@@ -159,8 +160,8 @@ class _M2CryptoBuildExt(build_ext.build_
+ 
+         if self.openssl is not None:
+             log.debug('self.openssl = %s', self.openssl)
+-            openssl_library_dir = os.path.join(self.openssl, 'lib')
+-            openssl_include_dir = os.path.join(self.openssl, 'include')
+            openssl_library_dir = os.environ.get( "STAGING_LIBDIR" )
+            openssl_include_dir = os.environ.get( "STAGING_INCDIR" )
+ 
+             self.library_dirs.append(openssl_library_dir)
+             self.include_dirs.append(openssl_include_dir)
diff --git a/meta-python/recipes-devtools/python/python3-m2crypto/cross-compile-platform.patch b/meta-python/recipes-devtools/python/python3-m2crypto/cross-compile-platform.patch
new file mode 100644
index 0000000000..f039ae8665
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-m2crypto/cross-compile-platform.patch
@@ -0,0 +1,31 @@
+Do not compute platform, this does not work in cross compile environment
+since it pokes at the system for getting architecture values
+Upstream-Status: Inappropriate
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+--- a/setup.py
+++ b/setup.py
+@@ -169,22 +169,6 @@ class _M2CryptoBuildExt(build_ext.build_
+             log.debug('self.include_dirs = %s', self.include_dirs)
+             log.debug('self.library_dirs = %s', self.library_dirs)
+ 
+-        if platform.system() == "Linux":
+-            # For RedHat-based distros, the '-D__{arch}__' option for
+-            # Swig needs to be normalized, particularly on i386.
+-            mach = platform.machine().lower()
+-            if mach in ('i386', 'i486', 'i586', 'i686'):
+-                arch = '__i386__'
+-            elif mach in ('ppc64', 'powerpc64', 'ppc64le', 'ppc64el'):
+-                arch = '__powerpc64__'
+-            elif mach in ('ppc', 'powerpc'):
+-                arch = '__powerpc__'
+-            else:
+-                arch = '__%s__' % mach
+-            self.swig_opts.append('-D%s' % arch)
+-            if mach in ('ppc64le', 'ppc64el'):
+-                self.swig_opts.append('-D_CALL_ELF=2')
+-
+         self.swig_opts.extend(['-I%s' % i for i in self.include_dirs])
+ 
+         # Some Linux distributor has added the following line in
author	Khem Raj <raj.khem@gmail.com>	2021-05-01 12:04:27 -0700
committer	Khem Raj <raj.khem@gmail.com>	2021-05-03 08:05:21 -0700
commit	b8bbcd4dea422be57123d75fbf77db6d33542b06 (patch)
tree	17575e74c76687ac01ecdd69aed7a71614941326 /meta-python/recipes-devtools/python/python3-m2crypto
parent	57baca4bc1b681482bc014508d28f7def5949c33 (diff)
download	meta-openembedded-b8bbcd4dea422be57123d75fbf77db6d33542b06.tar.gz

diff --git a/meta-python/recipes-devtools/python/python3-m2crypto/0001-Allow-verify_cb_-to-be-called-with-ok-True.patch b/meta-python/recipes-devtools/python/python3-m2crypto/0001-Allow-verify_cb_-to-be-called-with-ok-True.patch new file mode 100644 index 0000000000..3c836635a1 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-m2crypto/0001-Allow-verify_cb_-to-be-called-with-ok-True.patch
@@ -0,0 +1,47 @@
	1	From 73fbd1e646f6bbf202d4418bae80eb9941fbf552 Mon Sep 17 00:00:00 2001
	2	From: Casey Deccio <casey@deccio.net>
	3	Date: Fri, 8 Jan 2021 12:43:09 -0700
	4	Subject: [PATCH] Allow verify_cb_* to be called with ok=True
	5
	6	With https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
	7	OpenSSL allowed verificaton to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE
	8	---
	9	tests/test_ssl.py \| 14 ++++++++++++--
	10	1 file changed, 12 insertions(+), 2 deletions(-)
	11
	12	diff --git a/tests/test_ssl.py b/tests/test_ssl.py
	13	index 92b6942..7a3271a 100644
	14	--- a/tests/test_ssl.py
	15	+++ b/tests/test_ssl.py
	16	@@ -59,8 +59,13 @@ def allocate_srv_port():
	17
	18
	19	def verify_cb_new_function(ok, store):
	20	- assert not ok
	21	err = store.get_error()
	22	+ # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
	23	+ # aborting, this callback is called to retrieve additional error
	24	+ # information. In this case, ok might not be False.
	25	+ # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
	26	+ if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
	27	+ assert not ok
	28	assert err in [m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
	29	m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
	30	m2.X509_V_ERR_CERT_UNTRUSTED,
	31	@@ -618,7 +623,12 @@ class MiscSSLClientTestCase(BaseSSLClientTestCase):
	32
	33	def verify_cb_old(self, ctx_ptr, x509_ptr, err, depth, ok):
	34	try:
	35	- self.assertFalse(ok)
	36	+ # If err is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, then instead of
	37	+ # aborting, this callback is called to retrieve additional error
	38	+ # information. In this case, ok might not be False.
	39	+ # See https://github.com/openssl/openssl/commit/2e06150e3928daa06d5ff70c32bffad8088ebe58
	40	+ if err != m2.X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
	41	+ self.assertFalse(ok)
	42	self.assertIn(err,
	43	[m2.X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
	44	m2.X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
	45	--
	46	2.29.2
	47


diff --git a/meta-python/recipes-devtools/python/python3-m2crypto/0001-Use-of-RSA_SSLV23_PADDING-has-been-deprecated.patch b/meta-python/recipes-devtools/python/python3-m2crypto/0001-Use-of-RSA_SSLV23_PADDING-has-been-deprecated.patch new file mode 100644 index 0000000000..2313a324a0 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-m2crypto/0001-Use-of-RSA_SSLV23_PADDING-has-been-deprecated.patch
@@ -0,0 +1,29 @@
	1	From d06eaa88a5f491827733f32027c46de3557fbd05 Mon Sep 17 00:00:00 2001
	2	From: =?UTF-8?q?Mat=C4=9Bj=20Cepl?= <mcepl@cepl.eu>
	3	Date: Fri, 19 Feb 2021 15:53:02 +0100
	4	Subject: [PATCH] Use of RSA_SSLV23_PADDING has been deprecated.
	5
	6	Fixes #293.
	7	---
	8	tests/test_rsa.py \| 5 -----
	9	1 file changed, 5 deletions(-)
	10
	11	diff --git a/tests/test_rsa.py b/tests/test_rsa.py
	12	index 3de5016..7299785 100644
	13	--- a/tests/test_rsa.py
	14	+++ b/tests/test_rsa.py
	15	@@ -124,11 +124,6 @@ class RSATestCase(unittest.TestCase):
	16	ptxt = priv.private_decrypt(ctxt, p)
	17	self.assertEqual(ptxt, self.data)
	18
	19	- # sslv23_padding
	20	- ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding)
	21	- res = priv.private_decrypt(ctxt, RSA.sslv23_padding)
	22	- self.assertEqual(res, self.data)
	23	-
	24	# no_padding
	25	with six.assertRaisesRegex(self, RSA.RSAError, 'data too small'):
	26	priv.public_encrypt(self.data, RSA.no_padding)
	27	--
	28	2.29.2
	29


diff --git a/meta-python/recipes-devtools/python/python3-m2crypto/0001-setup.py-link-in-sysroot-not-in-host-directories.patch b/meta-python/recipes-devtools/python/python3-m2crypto/0001-setup.py-link-in-sysroot-not-in-host-directories.patch new file mode 100644 index 0000000000..f4c74384f9 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-m2crypto/0001-setup.py-link-in-sysroot-not-in-host-directories.patch
@@ -0,0 +1,33 @@
	1	From dfb83a41aaeae326e9b6f02b233af375bc7b8815 Mon Sep 17 00:00:00 2001
	2	From: Koen Kooi <koen@dominion.thruhere.net>
	3	Date: Fri, 29 Mar 2013 15:17:17 +0100
	4	Subject: [PATCH] setup.py: link in sysroot, not in host directories
	5
	6	Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
	7
	8	Upstream-status: Unknown
	9	---
	10	setup.py \| 6 +++---
	11	1 file changed, 3 insertions(+), 3 deletions(-)
	12
	13	--- a/setup.py
	14	+++ b/setup.py
	15	@@ -135,6 +135,7 @@ class _M2CryptoBuildExt(build_ext.build_
	16	self.set_undefined_options('build', ('bundledlls', 'bundledlls'))
	17
	18	self.libraries = ['ssl', 'crypto']
	19	+ self.openssl = os.environ.get( "STAGING_DIR" )
	20	if sys.platform == 'win32':
	21	self.libraries = ['ssleay32', 'libeay32']
	22	if self.openssl and openssl_version(self.openssl,
	23	@@ -159,8 +160,8 @@ class _M2CryptoBuildExt(build_ext.build_
	24
	25	if self.openssl is not None:
	26	log.debug('self.openssl = %s', self.openssl)
	27	- openssl_library_dir = os.path.join(self.openssl, 'lib')
	28	- openssl_include_dir = os.path.join(self.openssl, 'include')
	29	+ openssl_library_dir = os.environ.get( "STAGING_LIBDIR" )
	30	+ openssl_include_dir = os.environ.get( "STAGING_INCDIR" )
	31
	32	self.library_dirs.append(openssl_library_dir)
	33	self.include_dirs.append(openssl_include_dir)


diff --git a/meta-python/recipes-devtools/python/python3-m2crypto/cross-compile-platform.patch b/meta-python/recipes-devtools/python/python3-m2crypto/cross-compile-platform.patch new file mode 100644 index 0000000000..f039ae8665 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-m2crypto/cross-compile-platform.patch
@@ -0,0 +1,31 @@
	1	Do not compute platform, this does not work in cross compile environment
	2	since it pokes at the system for getting architecture values
	3
	4	Upstream-Status: Inappropriate
	5	Signed-off-by: Khem Raj <raj.khem@gmail.com>
	6
	7	--- a/setup.py
	8	+++ b/setup.py
	9	@@ -169,22 +169,6 @@ class _M2CryptoBuildExt(build_ext.build_
	10	log.debug('self.include_dirs = %s', self.include_dirs)
	11	log.debug('self.library_dirs = %s', self.library_dirs)
	12
	13	- if platform.system() == "Linux":
	14	- # For RedHat-based distros, the '-D__{arch}__' option for
	15	- # Swig needs to be normalized, particularly on i386.
	16	- mach = platform.machine().lower()
	17	- if mach in ('i386', 'i486', 'i586', 'i686'):
	18	- arch = '__i386__'
	19	- elif mach in ('ppc64', 'powerpc64', 'ppc64le', 'ppc64el'):
	20	- arch = '__powerpc64__'
	21	- elif mach in ('ppc', 'powerpc'):
	22	- arch = '__powerpc__'
	23	- else:
	24	- arch = '__%s__' % mach
	25	- self.swig_opts.append('-D%s' % arch)
	26	- if mach in ('ppc64le', 'ppc64el'):
	27	- self.swig_opts.append('-D_CALL_ELF=2')
	28	-
	29	self.swig_opts.extend(['-I%s' % i for i in self.include_dirs])
	30
	31	# Some Linux distributor has added the following line in