py-OpenSSL: Update to 20.0.1

Changes:
20.0.1 (2020-12-15)
-------------------
Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^
- Fixed compatibility with OpenSSL 1.1.0.

20.0.0 (2020-11-27)
-------------------
Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- The minimum ``cryptography`` version is now 3.2.
- Remove deprecated ``OpenSSL.tsafe`` module.
- Removed deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback``, ``OpenSSL.SSL.Context.set_npn_select_callback``, and ``OpenSSL.SSL.Connection.get_next_proto_negotiated``.
- Drop support for Python 3.4
- Drop support for OpenSSL 1.0.1 and 1.0.2

Deprecations:
^^^^^^^^^^^^^
- Deprecated ``OpenSSL.crypto.loads_pkcs7`` and ``OpenSSL.crypto.loads_pkcs12``.

Changes:
^^^^^^^^
- Added a new optional ``chain`` parameter to ``OpenSSL.crypto.X509StoreContext()``
  where additional untrusted certificates can be specified to help chain building.
  `#948 <https://github.com/pyca/pyopenssl/pull/948>`_
- Added ``OpenSSL.crypto.X509Store.load_locations`` to set trusted
  certificate file bundles and/or directories for verification.
  `#943 <https://github.com/pyca/pyopenssl/pull/943>`_
- Added ``Context.set_keylog_callback`` to log key material.
  `#910 <https://github.com/pyca/pyopenssl/pull/910>`_
- Added ``OpenSSL.SSL.Connection.get_verified_chain`` to retrieve the
  verified certificate chain of the peer.
  `#894 <https://github.com/pyca/pyopenssl/pull/894>`_.
- Make verification callback optional in ``Context.set_verify``.
  If omitted, OpenSSL's default verification is used.
  `#933 <https://github.com/pyca/pyopenssl/pull/933>`_
- Fixed a bug that could truncate or cause a zero-length key error due to a
  null byte in private key passphrase in ``OpenSSL.crypto.load_privatekey``
  and ``OpenSSL.crypto.dump_privatekey``.
  `#947 <https://github.com/pyca/pyopenssl/pull/947>`_

4 files changed, 27 insertions, 30 deletions

diff --git a/security/py-OpenSSL/Makefile b/security/py-OpenSSL/Makefile
index 44ba26ab5b1..e90032e0c16 100644
--- a/security/py-OpenSSL/Makefile
+++ b/security/py-OpenSSL/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.56 2020/05/17 19:34:12 adam Exp $
+# $NetBSD: Makefile,v 1.57 2020/12/19 11:52:26 leot Exp $
 
-DISTNAME=	pyOpenSSL-19.1.0
+DISTNAME=	pyOpenSSL-20.0.1
 PKGNAME=	${PYPKGPREFIX}-${DISTNAME:S/py//}
-PKGREVISION=	1
 CATEGORIES=	security python
 MASTER_SITES=	${MASTER_SITE_PYPI:=p/pyOpenSSL/}
 
@@ -11,7 +10,7 @@ HOMEPAGE=	https://pyopenssl.org/
 COMMENT=	Python interface to the OpenSSL library
 LICENSE=	apache-2.0
 
-DEPENDS+=	${PYPKGPREFIX}-cryptography>=2.8:../../security/py-cryptography
+DEPENDS+=	${PYPKGPREFIX}-cryptography>=3.2:../../security/py-cryptography
 DEPENDS+=	${PYPKGPREFIX}-six>=1.5.2:../../lang/py-six
 TEST_DEPENDS+=	${PYPKGPREFIX}-flaky-[0-9]*:../../devel/py-flaky
 TEST_DEPENDS+=	${PYPKGPREFIX}-pretend-[0-9]*:../../devel/py-pretend
diff --git a/security/py-OpenSSL/PLIST b/security/py-OpenSSL/PLIST
index 4a9c49ad983..6e997ee149f 100644
--- a/security/py-OpenSSL/PLIST
+++ b/security/py-OpenSSL/PLIST
@@ -1,9 +1,4 @@
-@comment $NetBSD: PLIST,v 1.15 2017/11/23 10:12:33 adam Exp $
-${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
-${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
-${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
-${PYSITELIB}/${EGG_INFODIR}/requires.txt
-${PYSITELIB}/${EGG_INFODIR}/top_level.txt
+@comment $NetBSD: PLIST,v 1.16 2020/12/19 11:52:26 leot Exp $
 ${PYSITELIB}/OpenSSL/SSL.py
 ${PYSITELIB}/OpenSSL/SSL.pyc
 ${PYSITELIB}/OpenSSL/SSL.pyo
@@ -22,9 +17,11 @@ ${PYSITELIB}/OpenSSL/debug.pyo
 ${PYSITELIB}/OpenSSL/rand.py
 ${PYSITELIB}/OpenSSL/rand.pyc
 ${PYSITELIB}/OpenSSL/rand.pyo
-${PYSITELIB}/OpenSSL/tsafe.py
-${PYSITELIB}/OpenSSL/tsafe.pyc
-${PYSITELIB}/OpenSSL/tsafe.pyo
 ${PYSITELIB}/OpenSSL/version.py
 ${PYSITELIB}/OpenSSL/version.pyc
 ${PYSITELIB}/OpenSSL/version.pyo
+${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
+${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
+${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
+${PYSITELIB}/${EGG_INFODIR}/requires.txt
+${PYSITELIB}/${EGG_INFODIR}/top_level.txt
diff --git a/security/py-OpenSSL/distinfo b/security/py-OpenSSL/distinfo
index 158063ce8b9..fdb91f04016 100644
--- a/security/py-OpenSSL/distinfo
+++ b/security/py-OpenSSL/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.22 2019/11/18 10:51:31 adam Exp $
+$NetBSD: distinfo,v 1.23 2020/12/19 11:52:26 leot Exp $
 
-SHA1 (pyOpenSSL-19.1.0.tar.gz) = 0b8a66d0f14e641f23ab26e3a49ce9f0e0661bf2
-RMD160 (pyOpenSSL-19.1.0.tar.gz) = 4ad025efdcfeb53f6dd108d0ddbe6a299e645170
-SHA512 (pyOpenSSL-19.1.0.tar.gz) = 4acd96f287d72eb11bd812697d28cd6eb6a96a4653248b65f967187830a6b17cc1254775a18a3405469f3d45abdae6f02d165f2f35f035f3174c2826fba82916
-Size (pyOpenSSL-19.1.0.tar.gz) = 160510 bytes
-SHA1 (patch-tests_memdbg.py) = 0cca9c930a8f6065205ed28ec6d2551b45f4d606
+SHA1 (pyOpenSSL-20.0.1.tar.gz) = 97a98f017ac5f0384ae725035c6138bac458b903
+RMD160 (pyOpenSSL-20.0.1.tar.gz) = cbf2b0434544dc9ddc239694fd20ef63920d73cb
+SHA512 (pyOpenSSL-20.0.1.tar.gz) = e81e0870398b882d77453b02e972559c0be82dbfe87bd8a48a65e8943acc3ea07dc8c3150b88e299c237496043443d1a5832219c337e4436f99ef419b36dd23f
+Size (pyOpenSSL-20.0.1.tar.gz) = 173736 bytes
+SHA1 (patch-tests_memdbg.py) = a2d2395a0fe1dd1934a50b065fe68f47907f0b87
diff --git a/security/py-OpenSSL/patches/patch-tests_memdbg.py b/security/py-OpenSSL/patches/patch-tests_memdbg.py
index b3f70170f6c..09bb6359773 100644
--- a/security/py-OpenSSL/patches/patch-tests_memdbg.py
+++ b/security/py-OpenSSL/patches/patch-tests_memdbg.py
@@ -1,13 +1,13 @@
-$NetBSD: patch-tests_memdbg.py,v 1.2 2017/05/09 16:49:07 adam Exp $
+$NetBSD: patch-tests_memdbg.py,v 1.3 2020/12/19 11:52:26 leot Exp $
 
 Fix running test on NetBSD.
 https://github.com/pyca/pyopenssl/issues/595
 
---- tests/memdbg.py.orig	2016-02-15 10:25:58.000000000 +0000
+--- tests/memdbg.py.orig	2020-12-15 15:30:54.000000000 +0000
 +++ tests/memdbg.py
-@@ -18,16 +18,16 @@ _ffi.cdef(
- 
-     int  CRYPTO_set_mem_functions(void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
+@@ -19,9 +19,9 @@ _ffi.cdef(
+     int  CRYPTO_set_mem_functions(
+         void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *));
  
 -    int backtrace(void **buffer, int size);
 -    char **backtrace_symbols(void *const *buffer, int size);
@@ -15,14 +15,15 @@ https://github.com/pyca/pyopenssl/issues/595
 +    size_t backtrace(void **buffer, size_t size);
 +    char **backtrace_symbols(void *const *buffer, size_t size);
 +    void backtrace_symbols_fd(void *const *buffer, size_t size, int fd);
-     """)  # noqa
- _api = _ffi.verify(
      """
-     #include <openssl/crypto.h>
+ )  # noqa
+ _api = _ffi.verify(
+@@ -30,7 +30,7 @@ _api = _ffi.verify(
      #include <stdlib.h>
      #include <execinfo.h>
--    """, libraries=["crypto"])
-+    """, libraries=["crypto", "execinfo"] if sys.platform.startswith('netbsd') else ["crypto"])
+     """,
+-    libraries=["crypto"],
++    libraries=["crypto", "execinfo"] if sys.platform.startswith('netbsd') else ["crypto"],
+ )
  C = _ffi.dlopen(None)
  
- verbose = False