2 files changed, 164 insertions, 3 deletions

diff --git a/dev-python/uvicorn/files/uvicorn-0.21.1-optional-rust.patch b/dev-python/uvicorn/files/uvicorn-0.21.1-optional-rust.patch
new file mode 100644
index 000000000000..405eb5325ad9
--- /dev/null
+++ b/dev-python/uvicorn/files/uvicorn-0.21.1-optional-rust.patch
@@ -0,0 +1,144 @@
+--- a/tests/conftest.py
++++ b/tests/conftest.py
+@@ -11,9 +11,15 @@ from time import sleep
+ from uuid import uuid4
+ 
+ import pytest
+-import trustme
+-from cryptography.hazmat.backends import default_backend
+-from cryptography.hazmat.primitives import serialization
++
++gentoo_got_rust_deps = True
++
++try:
++    import trustme
++    from cryptography.hazmat.backends import default_backend
++    from cryptography.hazmat.primitives import serialization
++except ImportError:
++    gentoo_got_rust_deps = False
+ 
+ from uvicorn.config import LOGGING_CONFIG
+ 
+@@ -28,72 +34,72 @@ from uvicorn.config import LOGGING_CONFIG
+ # See also: https://github.com/pytest-dev/pytest/issues/3697
+ LOGGING_CONFIG["loggers"]["uvicorn"]["propagate"] = True
+ 
+-
+-@pytest.fixture
+-def tls_certificate_authority() -> trustme.CA:
+-    return trustme.CA()
++if gentoo_got_rust_deps:
++    @pytest.fixture
++    def tls_certificate_authority() -> trustme.CA:
++        return trustme.CA()
+ 
+ 
+-@pytest.fixture
+-def tls_certificate(tls_certificate_authority: trustme.CA) -> trustme.LeafCert:
+-    return tls_certificate_authority.issue_cert(
+-        "localhost",
+-        "127.0.0.1",
+-        "::1",
+-    )
++    @pytest.fixture
++    def tls_certificate(tls_certificate_authority: trustme.CA) -> trustme.LeafCert:
++        return tls_certificate_authority.issue_cert(
++            "localhost",
++            "127.0.0.1",
++            "::1",
++        )
+ 
+ 
+-@pytest.fixture
+-def tls_ca_certificate_pem_path(tls_certificate_authority: trustme.CA):
+-    with tls_certificate_authority.cert_pem.tempfile() as ca_cert_pem:
+-        yield ca_cert_pem
++    @pytest.fixture
++    def tls_ca_certificate_pem_path(tls_certificate_authority: trustme.CA):
++        with tls_certificate_authority.cert_pem.tempfile() as ca_cert_pem:
++            yield ca_cert_pem
+ 
+ 
+-@pytest.fixture
+-def tls_ca_certificate_private_key_path(tls_certificate_authority: trustme.CA):
+-    with tls_certificate_authority.private_key_pem.tempfile() as private_key:
+-        yield private_key
++    @pytest.fixture
++    def tls_ca_certificate_private_key_path(tls_certificate_authority: trustme.CA):
++        with tls_certificate_authority.private_key_pem.tempfile() as private_key:
++            yield private_key
+ 
+ 
+-@pytest.fixture
+-def tls_certificate_private_key_encrypted_path(tls_certificate):
+-    private_key = serialization.load_pem_private_key(
+-        tls_certificate.private_key_pem.bytes(),
+-        password=None,
+-        backend=default_backend(),
+-    )
+-    encrypted_key = private_key.private_bytes(
+-        serialization.Encoding.PEM,
+-        serialization.PrivateFormat.TraditionalOpenSSL,
+-        serialization.BestAvailableEncryption(b"uvicorn password for the win"),
+-    )
+-    with trustme.Blob(encrypted_key).tempfile() as private_encrypted_key:
+-        yield private_encrypted_key
++    @pytest.fixture
++    def tls_certificate_private_key_encrypted_path(tls_certificate):
++        private_key = serialization.load_pem_private_key(
++            tls_certificate.private_key_pem.bytes(),
++            password=None,
++            backend=default_backend(),
++        )
++        encrypted_key = private_key.private_bytes(
++            serialization.Encoding.PEM,
++            serialization.PrivateFormat.TraditionalOpenSSL,
++            serialization.BestAvailableEncryption(b"uvicorn password for the win"),
++        )
++        with trustme.Blob(encrypted_key).tempfile() as private_encrypted_key:
++            yield private_encrypted_key
+ 
+ 
+-@pytest.fixture
+-def tls_certificate_private_key_path(tls_certificate: trustme.CA):
+-    with tls_certificate.private_key_pem.tempfile() as private_key:
+-        yield private_key
++    @pytest.fixture
++    def tls_certificate_private_key_path(tls_certificate: trustme.CA):
++        with tls_certificate.private_key_pem.tempfile() as private_key:
++            yield private_key
+ 
+ 
+-@pytest.fixture
+-def tls_certificate_key_and_chain_path(tls_certificate: trustme.LeafCert):
+-    with tls_certificate.private_key_and_cert_chain_pem.tempfile() as cert_pem:
+-        yield cert_pem
++    @pytest.fixture
++    def tls_certificate_key_and_chain_path(tls_certificate: trustme.LeafCert):
++        with tls_certificate.private_key_and_cert_chain_pem.tempfile() as cert_pem:
++            yield cert_pem
+ 
+ 
+-@pytest.fixture
+-def tls_certificate_server_cert_path(tls_certificate: trustme.LeafCert):
+-    with tls_certificate.cert_chain_pems[0].tempfile() as cert_pem:
+-        yield cert_pem
++    @pytest.fixture
++    def tls_certificate_server_cert_path(tls_certificate: trustme.LeafCert):
++        with tls_certificate.cert_chain_pems[0].tempfile() as cert_pem:
++            yield cert_pem
+ 
+ 
+-@pytest.fixture
+-def tls_ca_ssl_context(tls_certificate_authority: trustme.CA) -> ssl.SSLContext:
+-    ssl_ctx = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
+-    tls_certificate_authority.configure_trust(ssl_ctx)
+-    return ssl_ctx
++    @pytest.fixture
++    def tls_ca_ssl_context(tls_certificate_authority: trustme.CA) -> ssl.SSLContext:
++        ssl_ctx = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
++        tls_certificate_authority.configure_trust(ssl_ctx)
++        return ssl_ctx
+ 
+ 
+ @pytest.fixture(scope="package")
diff --git a/dev-python/uvicorn/uvicorn-0.21.1.ebuild b/dev-python/uvicorn/uvicorn-0.21.1.ebuild
index 4dbce7762222..18a059cd9646 100644
--- a/dev-python/uvicorn/uvicorn-0.21.1.ebuild
+++ b/dev-python/uvicorn/uvicorn-0.21.1.ebuild
@@ -23,6 +23,7 @@ SRC_URI="
 LICENSE="BSD"
 SLOT="0"
 KEYWORDS="amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv"
+IUSE="test-rust"
 
 RDEPEND="
 	>=dev-python/asgiref-3.4.0[${PYTHON_USEDEP}]
@@ -32,7 +33,6 @@ RDEPEND="
 BDEPEND="
 	test? (
 		dev-python/a2wsgi[${PYTHON_USEDEP}]
-		dev-python/cryptography[${PYTHON_USEDEP}]
 		dev-python/httpx[${PYTHON_USEDEP}]
 		dev-python/pytest-asyncio[${PYTHON_USEDEP}]
 		dev-python/pytest-mock[${PYTHON_USEDEP}]
@@ -41,9 +41,17 @@ BDEPEND="
 		dev-python/trustme[${PYTHON_USEDEP}]
 		>=dev-python/websockets-10.4[${PYTHON_USEDEP}]
 		dev-python/wsproto[${PYTHON_USEDEP}]
+		test-rust? (
+			dev-python/cryptography[${PYTHON_USEDEP}]
+			dev-python/watchfiles[${PYTHON_USEDEP}]
+		)
 	)
 "
 
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.21.1-optional-rust.patch
+)
+
 distutils_enable_tests pytest
 
 python_test() {
@@ -64,10 +72,19 @@ python_test() {
 	fi
 
 	local EPYTEST_IGNORE=()
-	# love from Rust world
-	if ! has_version "dev-python/watchfiles[${PYTHON_USEDEP}]"; then
+
+	if ! use test-rust ; then
+		EPYTEST_DESELECT+=(
+			# dev-python/cryptography
+			tests/test_config.py::test_ssl_config
+			tests/test_config.py::test_ssl_config_combined
+		)
+
 		EPYTEST_IGNORE+=(
+			# dev-python/watchdog
 			tests/supervisors/test_reload.py
+			# dev-python/cryptography
+			tests/test_ssl.py
 		)
 	fi