security/py-cryptography-legacy: fix OpenSSL >= 3.0 compat
[The main branch commit log was misformatted, sorry for that.]
py-cryptography-legacy still references functions that have been removed
in OpenSSL 3.0, and fails to load openssl.abi3.so at run-time because it
lacks ERR_GET_FUNC (reported) and FIPS_mode (masked by first error),
both removed with OpenSSL 3.0, and later because py-openssl feeds our
utils/deprecated() an unsupported name=<some string> keyword argument
causing Python to raise an exception at call.
https://www.openssl.org/docs/man3.0/man7/migration_guide.html is the
basis for fixes #1 and #2
Drop reference to ERR_GET_FUNC, OpenSSL 3.0 removed function codes from
the error. In our own binding, leave the err_func attribute in, but set
it to a constant 0. (patch-src___cffi* and patch-*binding.py)
Drop reference to FIPS_mode and FIPS_mode_set, and stop claiming FIPS
support, which would need a more thorough rework. (patch-libressl)
Also, backport utils/deprecated() from from py-cryptography 42.0.7,1,
to support the new name=... kwarg, drop the annotations for argument and
return types (for consistency). (patch-src_cryptography_utils.py)
This is sufficient to fix run-time errors for py-certbot on my
FreeBSD 14.0-RELEASE-p6 amd64 server with Python 3.11,
which I set to default to py-cryptography-legacy.
PR: 272935
(and bug linkage will reflect changes in PRs 273770, 272885)
Approved by: portmgr@ (just-fix-it blanket approval)
MFH: 2024Q2
(cherry picked from commit 403f201a1461fd26f026f2c8d3e67f1481908362)
(with different PORTREVISION=2 so we don't get in the way of
port rebuild/upgrade for next quarterly)