diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2021-11-26 12:09:16 +0100 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2021-11-28 15:39:01 +0100 |
| commit | ce41bffad3bdb68f535d29f553955357d8b47369 (patch) | |
| tree | cfa5b198ee81971d560d5122a6fca2608b078dd8 /app-misc | |
| parent | dev-python/pyopenssl: Remove ~ia64 (due to Rust) (diff) | |
| download | gentoo-ce41bffad3bdb68f535d29f553955357d8b47369.tar.gz gentoo-ce41bffad3bdb68f535d29f553955357d8b47369.tar.bz2 gentoo-ce41bffad3bdb68f535d29f553955357d8b47369.zip | |
app-misc/ca-certificates: Eliminate the dep on cryptography
The dev-python/cryptography package is no longer portable, due to Rust,
so avoid the dependency to make ca-certificates portable again.
Apparently, it is used only for some upstream QA check.
Closes: https://bugs.gentoo.org/827354
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'app-misc')
| -rw-r--r-- | app-misc/ca-certificates/ca-certificates-20211016.3.72.ebuild | 11 | ||||
| -rw-r--r-- | app-misc/ca-certificates/files/ca-certificates-20211016.3.72-no-cryptography.patch | 27 |
2 files changed, 32 insertions, 6 deletions
diff --git a/app-misc/ca-certificates/ca-certificates-20211016.3.72.ebuild b/app-misc/ca-certificates/ca-certificates-20211016.3.72.ebuild index 86df307180a7..30183fb5044d 100644 --- a/app-misc/ca-certificates/ca-certificates-20211016.3.72.ebuild +++ b/app-misc/ca-certificates/ca-certificates-20211016.3.72.ebuild @@ -62,8 +62,6 @@ CDEPEND="app-misc/c_rehash BDEPEND="${CDEPEND}" if ! ${PRECOMPILED} ; then BDEPEND+=" ${PYTHON_DEPS}" - # See bug #821706 - BDEPEND+=" $(python_gen_any_dep 'dev-python/cryptography[${PYTHON_USEDEP}]')" fi DEPEND="" @@ -76,10 +74,6 @@ RDEPEND="${CDEPEND} S=${WORKDIR} -python_check_deps() { - has_version -b "dev-python/cryptography[${PYTHON_USEDEP}]" -} - pkg_setup() { # For the conversion to having it in CONFIG_PROTECT_MASK, # we need to tell users about it once manually first. @@ -126,6 +120,11 @@ src_prepare() { default eapply -p2 "${FILESDIR}"/${PN}-20150426-root.patch + + pushd "${S}/${PN}-${DEB_VER}" >/dev/null || die + eapply "${FILESDIR}"/${P}-no-cryptography.patch + popd >/dev/null || die + local relp=$(echo "${EPREFIX}" | sed -e 's:[^/]\+:..:g') sed -i \ -e '/="$ROOT/s:ROOT:ROOT'"${EPREFIX}"':' \ diff --git a/app-misc/ca-certificates/files/ca-certificates-20211016.3.72-no-cryptography.patch b/app-misc/ca-certificates/files/ca-certificates-20211016.3.72-no-cryptography.patch new file mode 100644 index 000000000000..fb98eb2828e7 --- /dev/null +++ b/app-misc/ca-certificates/files/ca-certificates-20211016.3.72-no-cryptography.patch @@ -0,0 +1,27 @@ +Remove the dependency on non-portable dev-python/cryptography. +https://bugs.gentoo.org/821706#c4 by Alex Xu + +--- a/mozilla/certdata2pem.py ++++ b/mozilla/certdata2pem.py +@@ -28,8 +28,6 @@ + import textwrap + import io + +-from cryptography import x509 +- + + objects = [] + +@@ -122,12 +120,6 @@ + if not obj['CKA_LABEL'] in trust or not trust[obj['CKA_LABEL']]: + continue + +- cert = x509.load_der_x509_certificate(obj['CKA_VALUE']) +- if cert.not_valid_after < datetime.datetime.now(): +- print('!'*74) +- print('Trusted but expired certificate found: %s' % obj['CKA_LABEL']) +- print('!'*74) +- + bname = obj['CKA_LABEL'][1:-1].replace('/', '_')\ + .replace(' ', '_')\ + .replace('(', '=')\ |