package/python-cryptography: bump version to 36.0.1

This version bump requires significant changes because python-cryptography is now partially implemented in Rust. This means that: - The C++ dependency is no longer needed. - We need to ensure we are on an architecture where Rust is available (BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS) - Almost all Python dependencies are no longer relevant, except for the python-cffi. - A number of environment variables are needed to make the Rust part build correctly. - We need to invoke the "cargo" download post-process hook to vendor the Cargo dependencies at download time. - We need to propagate to relatively significant reverse dependency tree the changes of dependencies on python-cryptography. Co-developed-by: James Hilliard <james.hilliard1@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-11-23 13:33:28 +08:00 · 2022-01-06 22:43:30 +01:00 · 2022-01-06 22:43:30 +01:00 · 01764876e3
commit 01764876e3
parent b6378631c2
19 changed files with 52 additions and 90 deletions
--- a/package/docker-compose/Config.in
+++ b/package/docker-compose/Config.in
@ -5,7 +5,8 @@ config BR2_PACKAGE_DOCKER_COMPOSE
 	depends on BR2_USE_WCHAR # python
 	depends on BR2_TOOLCHAIN_HAS_THREADS # python
 	depends on !BR2_STATIC_LIBS # python
-	depends on BR2_INSTALL_LIBSTDCPP # python-paramiko -> python-cryptography
+	# python-paramiko -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	select BR2_PACKAGE_PYTHON3
 	select BR2_PACKAGE_PYTHON_CACHED_PROPERTY # runtime
 	select BR2_PACKAGE_PYTHON_DOCOPT # runtime
@ -23,7 +24,8 @@ config BR2_PACKAGE_DOCKER_COMPOSE

 	  https://www.docker.com/

-comment "docker-compose needs a toolchain w/ C++, wchar, threads, dynamic library"
+comment "docker-compose needs a toolchain w/ wchar, threads, dynamic library"
 	depends on BR2_USE_MMU
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
-		BR2_STATIC_LIBS || !BR2_INSTALL_LIBSTDCPP
+		BR2_STATIC_LIBS
--- a/package/python-autobahn/Config.in
+++ b/package/python-autobahn/Config.in
@ -1,6 +1,6 @@
 config BR2_PACKAGE_PYTHON_AUTOBAHN
 	bool "python-autobahn"
-	depends on BR2_INSTALL_LIBSTDCPP # python-cryptography -> python-pyasn
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS # python-cryptography
 	depends on BR2_PACKAGE_PYTHON3
 	select BR2_PACKAGE_PYTHON_CFFI # runtime
 	select BR2_PACKAGE_PYTHON_CRYPTOGRAPHY # runtime
@ -11,7 +11,3 @@ config BR2_PACKAGE_PYTHON_AUTOBAHN
 	  framework.

 	  https://pypi.python.org/pypi/autobahn
-
-comment "python-autobahn needs a toolchain w/ C++"
-	depends on !BR2_INSTALL_LIBSTDCPP
-	depends on BR2_PACKAGE_PYTHON3
--- a/package/python-channels-redis/Config.in
+++ b/package/python-channels-redis/Config.in
@ -1,6 +1,7 @@
 config BR2_PACKAGE_PYTHON_CHANNELS_REDIS
 	bool "python-channels-redis"
-	depends on BR2_INSTALL_LIBSTDCPP # python-channels -> python-daphne
+	# python-channels -> python-daphne -> python-autobahn -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	depends on BR2_PACKAGE_PYTHON3 # python-channels
 	select BR2_PACKAGE_PYTHON_AIOREDIS # runtime
 	select BR2_PACKAGE_PYTHON_ASGIREF # runtime
@ -12,7 +13,3 @@ config BR2_PACKAGE_PYTHON_CHANNELS_REDIS
 	  sharded configurations, as well as group support.

 	  http://github.com/django/channels_redis/
-
-comment "python-channels-redis needs a toolchain w/ C++"
-	depends on !BR2_INSTALL_LIBSTDCPP
-	depends on BR2_PACKAGE_PYTHON3
--- a/package/python-channels/Config.in
+++ b/package/python-channels/Config.in
@ -1,6 +1,7 @@
 config BR2_PACKAGE_PYTHON_CHANNELS
 	bool "python-channels"
-	depends on BR2_INSTALL_LIBSTDCPP # python-daphne -> python-autobahn -> python-cryptography
+	# python-daphne -> python-autobahn -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	depends on BR2_PACKAGE_PYTHON3 # python-daphne
 	select BR2_PACKAGE_PYTHON_ASGIREF # runtime
 	select BR2_PACKAGE_PYTHON_DAPHNE # runtime
@ -14,7 +15,3 @@ config BR2_PACKAGE_PYTHON_CHANNELS
 	  own protocols and needs.

 	  http://github.com/django/channels
-
-comment "python-channels needs a toolchain w/ C++"
-	depends on !BR2_INSTALL_LIBSTDCPP
-	depends on BR2_PACKAGE_PYTHON3
--- a/package/python-crossbar/Config.in
+++ b/package/python-crossbar/Config.in
@ -1,6 +1,6 @@
 config BR2_PACKAGE_PYTHON_CROSSBAR
 	bool "python-crossbar"
-	depends on BR2_INSTALL_LIBSTDCPP # python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS # python-cryptography
 	depends on BR2_PACKAGE_PYTHON3
 	# All the following dependencies are runtime dependencies
 	select BR2_PACKAGE_PYTHON_ATTRS
@ -48,7 +48,3 @@ config BR2_PACKAGE_PYTHON_CROSSBAR
 	  components that can talk in real-time with each other.

 	  https://pypi.python.org/pypi/crossbar
-
-comment "python-crossbar needs a toolchain w/ C++"
-	depends on !BR2_INSTALL_LIBSTDCPP
-	depends on BR2_PACKAGE_PYTHON3
--- a/package/python-cryptography/Config.in
+++ b/package/python-cryptography/Config.in
@ -1,21 +1,11 @@
 config BR2_PACKAGE_PYTHON_CRYPTOGRAPHY
 	bool "python-cryptography"
-	depends on BR2_PACKAGE_PYTHON3 # python-idna
-	depends on BR2_INSTALL_LIBSTDCPP # python-pyasn
+	depends on BR2_PACKAGE_PYTHON3
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	select BR2_PACKAGE_OPENSSL
 	select BR2_PACKAGE_PYTHON_CFFI # runtime
-	select BR2_PACKAGE_PYTHON_IDNA # runtime
-	select BR2_PACKAGE_PYTHON_ASN1CRYPTO # runtime
-	select BR2_PACKAGE_PYTHON3_PYEXPAT # runtime
-	select BR2_PACKAGE_PYTHON_SETUPTOOLS # runtime
-	select BR2_PACKAGE_PYTHON_SIX # runtime
-	select BR2_PACKAGE_PYTHON3_SSL # runtime
 	help
 	  cryptography is a package designed to expose cryptographic
 	  primitives and recipes to Python developers.

 	  https://cryptography.io
-
-comment "python-cryptography needs a toolchain w/ C++"
-	depends on BR2_PACKAGE_PYTHON3
-	depends on !BR2_INSTALL_LIBSTDCPP
--- a/package/python-cryptography/python-cryptography.hash
+++ b/package/python-cryptography/python-cryptography.hash
@ -1,6 +1,5 @@
-# md5, sha256 from https://pypi.org/pypi/cryptography/json
-md5  e2ce2ec8a63965fad351f36ed70fde4b  cryptography-3.3.2.tar.gz
-sha256  5a60d3780149e13b7a6ff7ad6526b38846354d11a15e21068e57073e29e19bed  cryptography-3.3.2.tar.gz
+# Locally calculated after vendoring
+sha256  196bba703cebc052a19f5353614fcfa9d680471990c10305f110adcc05744eeb  cryptography-36.0.1.tar.gz
 # Locally computed sha256 checksums
 sha256  43dad2cc752ab721cd9a9f36ece70fb53ab7713551f2d3d8694d8e8c5a06d6e2  LICENSE
 sha256  aac73b3148f6d1d7111dbca32099f68d26c644c6813ae1e4f05f6579aa2663fe  LICENSE.APACHE
--- a/package/python-cryptography/python-cryptography.mk
+++ b/package/python-cryptography/python-cryptography.mk
@ -4,14 +4,22 @@
 #
 ################################################################################

-PYTHON_CRYPTOGRAPHY_VERSION = 3.3.2
+PYTHON_CRYPTOGRAPHY_VERSION = 36.0.1
 PYTHON_CRYPTOGRAPHY_SOURCE = cryptography-$(PYTHON_CRYPTOGRAPHY_VERSION).tar.gz
-PYTHON_CRYPTOGRAPHY_SITE = https://files.pythonhosted.org/packages/d4/85/38715448253404186029c575d559879912eb8a1c5d16ad9f25d35f7c4f4c
+PYTHON_CRYPTOGRAPHY_SITE = https://files.pythonhosted.org/packages/f9/4b/1cf8e281f7ae4046a59e5e39dd7471d46db9f61bb564fddbff9084c4334f
 PYTHON_CRYPTOGRAPHY_SETUP_TYPE = setuptools
 PYTHON_CRYPTOGRAPHY_LICENSE = Apache-2.0 or BSD-3-Clause
 PYTHON_CRYPTOGRAPHY_LICENSE_FILES = LICENSE LICENSE.APACHE LICENSE.BSD
 PYTHON_CRYPTOGRAPHY_CPE_ID_VENDOR = cryptography_project
 PYTHON_CRYPTOGRAPHY_CPE_ID_PRODUCT = cryptography
-PYTHON_CRYPTOGRAPHY_DEPENDENCIES = host-python-cffi openssl
+PYTHON_CRYPTOGRAPHY_DEPENDENCIES = host-python-setuptools-rust host-python-cffi host-rustc
+PYTHON_CRYPTOGRAPHY_ENV = \
+	$(PKG_CARGO_ENV) \
+	PYO3_CROSS_LIB_DIR="$(STAGING_DIR)/usr/lib/python$(PYTHON3_VERSION_MAJOR)"
+# We need to vendor the Cargo crates at download time
+PYTHON_CRYPTOGRAPHY_DOWNLOAD_POST_PROCESS = cargo
+PYTHON_CRYPTOGRAPHY_DOWNLOAD_DEPENDENCIES = host-rustc
+PYTHON_CRYPTOGRAPHY_DL_ENV = \
+	BR_CARGO_MANIFEST_PATH=src/rust/Cargo.toml

 $(eval $(python-package))
--- a/package/python-daphne/Config.in
+++ b/package/python-daphne/Config.in
@ -1,6 +1,7 @@
 config BR2_PACKAGE_PYTHON_DAPHNE
 	bool "python-daphne"
-	depends on BR2_INSTALL_LIBSTDCPP # python-autobahn -> python-cryptography
+	# python-autobahn -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	depends on BR2_PACKAGE_PYTHON3
 	select BR2_PACKAGE_PYTHON_ASGIREF # runtime
 	select BR2_PACKAGE_PYTHON_AUTOBAHN # runtime
@ -14,7 +15,3 @@ config BR2_PACKAGE_PYTHON_DAPHNE
 	  versus HTTP endpoints.

 	  https://github.com/django/daphne
-
-comment "python-daphne needs a toolchain w/ C++"
-	depends on !BR2_INSTALL_LIBSTDCPP
-	depends on BR2_PACKAGE_PYTHON3
--- a/package/python-keyring/Config.in
+++ b/package/python-keyring/Config.in
@ -1,7 +1,8 @@
 config BR2_PACKAGE_PYTHON_KEYRING
 	bool "python-keyring"
+	# python-secretstorage -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	depends on BR2_PACKAGE_PYTHON3
-	depends on BR2_INSTALL_LIBSTDCPP # python-secretstorage
 	select BR2_PACKAGE_PYTHON_ENTRYPOINTS # runtime
 	select BR2_PACKAGE_PYTHON_SECRETSTORAGE # runtime
 	help
@ -9,7 +10,3 @@ config BR2_PACKAGE_PYTHON_KEYRING
 	  system keyring service from Python.

 	  https://pypi.python.org/pypi/keyring
-
-comment "python-keyring needs a toolchain w/ C++"
-	depends on BR2_PACKAGE_PYTHON3
-	depends on !BR2_INSTALL_LIBSTDCPP
--- a/package/python-opcua-asyncio/Config.in
+++ b/package/python-opcua-asyncio/Config.in
@ -1,5 +1,6 @@
 config BR2_PACKAGE_PYTHON_OPCUA_ASYNCIO
 	bool "python-opcua-asyncio"
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS # python-cryptography
 	depends on BR2_PACKAGE_PYTHON3
 	select BR2_PACKAGE_PYTHON_AIOFILES # runtime
 	select BR2_PACKAGE_PYTHON_CRYPTOGRAPHY # runtime
--- a/package/python-paramiko/Config.in
+++ b/package/python-paramiko/Config.in
@ -1,7 +1,7 @@
 config BR2_PACKAGE_PYTHON_PARAMIKO
 	bool "python-paramiko"
-	depends on BR2_PACKAGE_PYTHON3 # python-bcrypt
-	depends on BR2_INSTALL_LIBSTDCPP # python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS # python-cryptography
+	depends on BR2_PACKAGE_PYTHON3 # python-bcrypt, python-cryptography
 	select BR2_PACKAGE_PYTHON_BCRYPT # runtime
 	select BR2_PACKAGE_PYTHON_CRYPTOGRAPHY # runtime
 	select BR2_PACKAGE_PYTHON_PYNACL # runtime
@ -10,7 +10,3 @@ config BR2_PACKAGE_PYTHON_PARAMIKO
 	  SSH2 protocol library.

 	  https://github.com/paramiko/paramiko/
-
-comment "python-paramiko needs a toolchain w/ C++"
-	depends on BR2_PACKAGE_PYTHON3
-	depends on !BR2_INSTALL_LIBSTDCPP
--- a/package/python-pyopenssl/Config.in
+++ b/package/python-pyopenssl/Config.in
@ -1,14 +1,10 @@
 config BR2_PACKAGE_PYTHON_PYOPENSSL
 	bool "python-pyopenssl"
-	depends on BR2_PACKAGE_PYTHON3 # python-cryptography -> python-idna
-	depends on BR2_INSTALL_LIBSTDCPP # python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS # python-cryptography
+	depends on BR2_PACKAGE_PYTHON3 # python-cryptography
 	select BR2_PACKAGE_PYTHON_CRYPTOGRAPHY # runtime
 	select BR2_PACKAGE_PYTHON_SIX # runtime
 	help
 	  Python wrapper module around the OpenSSL library.

 	  https://github.com/pyca/pyopenssl
-
-comment "python-pyopenssl needs a toolchain w/ C++"
-	depends on BR2_PACKAGE_PYTHON3
-	depends on !BR2_INSTALL_LIBSTDCPP
--- a/package/python-secretstorage/Config.in
+++ b/package/python-secretstorage/Config.in
@ -1,13 +1,9 @@
 config BR2_PACKAGE_PYTHON_SECRETSTORAGE
 	bool "python-secretstorage"
 	depends on BR2_PACKAGE_PYTHON3
-	depends on BR2_INSTALL_LIBSTDCPP # python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS # python-cryptography
 	select BR2_PACKAGE_PYTHON_CRYPTOGRAPHY # runtime
 	help
 	  Python bindings to FreeDesktop.org Secret Service API.

 	  https://github.com/mitya57/secretstorage
-
-comment "python-secretstorage needs a toolchain w/ C++"
-	depends on BR2_PACKAGE_PYTHON3
-	depends on !BR2_INSTALL_LIBSTDCPP
--- a/package/python-service-identity/Config.in
+++ b/package/python-service-identity/Config.in
@ -1,7 +1,9 @@
 config BR2_PACKAGE_PYTHON_SERVICE_IDENTITY
 	bool "python-service-identity"
-	depends on BR2_PACKAGE_PYTHON3 # python-pyopenssl -> python-cryptography -> python-idna
-	depends on BR2_INSTALL_LIBSTDCPP # python-pyopenssl
+	# python-pyopenssl -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
+	# python-pyopenssl -> python-cryptography
+	depends on BR2_PACKAGE_PYTHON3
 	select BR2_PACKAGE_PYTHON_ATTRS # runtime
 	select BR2_PACKAGE_PYTHON_CHARACTERISTIC # runtime
 	select BR2_PACKAGE_PYTHON_PYASN1 # runtime
@ -11,7 +13,3 @@ config BR2_PACKAGE_PYTHON_SERVICE_IDENTITY
 	  Service identity verification for pyOpenSSL.

 	  https://pypi.python.org/pypi/service_identity
-
-comment "python-service-identify needs a toolchain w/ C++"
-	depends on BR2_PACKAGE_PYTHON3
-	depends on !BR2_INSTALL_LIBSTDCPP
--- a/package/python-treq/Config.in
+++ b/package/python-treq/Config.in
@ -1,7 +1,9 @@
 config BR2_PACKAGE_PYTHON_TREQ
 	bool "python-treq"
-	depends on BR2_PACKAGE_PYTHON3 # python-idna
-	depends on BR2_INSTALL_LIBSTDCPP # python-pyopenssl
+	# python-pyopenssl -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
+	# python-idna, python-pyopenssl -> python-cryptography
+	depends on BR2_PACKAGE_PYTHON3
 	select BR2_PACKAGE_PYTHON_ATTRS # runtime
 	select BR2_PACKAGE_PYTHON_IDNA # runtime
 	select BR2_PACKAGE_PYTHON_INCREMENTAL # runtime
@ -16,7 +18,3 @@ config BR2_PACKAGE_PYTHON_TREQ
 	  API for making HTTP requests when using Twisted.

 	  https://github.com/twisted/treq
-
-comment "python-treq needs a toolchain w/ C++"
-	depends on BR2_PACKAGE_PYTHON3
-	depends on !BR2_INSTALL_LIBSTDCPP
--- a/package/python-twisted/Config.in
+++ b/package/python-twisted/Config.in
@ -23,12 +23,10 @@ config BR2_PACKAGE_PYTHON_TWISTED_HTTP2

 config BR2_PACKAGE_PYTHON_TWISTED_TLS
 	bool "TLS support"
-	depends on BR2_INSTALL_LIBSTDCPP # python-{pyopenssl,service-identity}
+	# python-{pyopenssl,service-identity}
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	select BR2_PACKAGE_PYTHON_IDNA # runtime
 	select BR2_PACKAGE_PYTHON_PYOPENSSL # runtime
 	select BR2_PACKAGE_PYTHON_SERVICE_IDENTITY # runtime

-comment "TLS support needs a toolchain w/ C++"
-	depends on !BR2_INSTALL_LIBSTDCPP
-
 endif
--- a/package/python-txdbus/Config.in
+++ b/package/python-txdbus/Config.in
@ -1,6 +1,9 @@
 config BR2_PACKAGE_PYTHON_TXDBUS
 	bool "python-txdbus"
-	depends on BR2_PACKAGE_PYTHON3 # python-twisted -> python-cryptography -> python-idna
+	# python-twisted -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
+	# python-twisted -> python-cryptography
+	depends on BR2_PACKAGE_PYTHON3
 	select BR2_PACKAGE_PYTHON_TWISTED # runtime
 	select BR2_PACKAGE_PYTHON_SIX # runtime
 	help
--- a/package/python-txtorcon/Config.in
+++ b/package/python-txtorcon/Config.in
@ -1,7 +1,8 @@
 config BR2_PACKAGE_PYTHON_TXTORCON
 	bool "python-txtorcon"
+	# python-pyopenssl -> python-cryptography
+	depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS
 	depends on BR2_PACKAGE_PYTHON3 # python-idna
-	depends on BR2_INSTALL_LIBSTDCPP # python-pyopenssl, python-service-identity
 	select BR2_PACKAGE_PYTHON_AUTOMAT # runtime
 	select BR2_PACKAGE_PYTHON_IDNA # runtime
 	select BR2_PACKAGE_PYTHON_INCREMENTAL # runtime
@ -14,7 +15,3 @@ config BR2_PACKAGE_PYTHON_TXTORCON
 	  configuration abstractions.

 	  https://github.com/meejah/txtorcon
-
-comment "python-txtorcon needs a toolchain w/ C++"
-	depends on BR2_PACKAGE_PYTHON3
-	depends on !BR2_INSTALL_LIBSTDCPP