python3-urllib3: remove rust dependency

python3-cryptography (and thus, rust-native) is only needed by the
urllib3.contrib.pyopenssl module, which is not recommended for use up
the urllib3 upstream maintainers:

  Module for using pyOpenSSL as a TLS backend. This module was relevant
  before the standard library ssl module supported SNI, but now that
  we've dropped support for Python 2.7 all relevant Python versions
  support SNI so **this module is no longer recommended**.

Add a PACKAGECONFIG to control whether this module is shipped, and
disable it by default.

This removes rust-native from the default build of urllib3, which is in
the dependencies of other common modules such as requests and sphinx.

(From OE-Core rev: 055d0928ad9451d3a9c8c74c6215a59023b1116e)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-devtools/python/python3-urllib3_2.5.0.bb

@@ -7,18 +7,23 @@ SRC_URI[sha256sum] = "3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbf
 
 inherit pypi python_hatchling
 
-DEPENDS += " \
-    python3-hatch-vcs-native \
-"
+DEPENDS += "python3-hatch-vcs-native"
+
+PACKAGECONFIG ??= ""
+# This is not recommended for use upstream, and has large dependencies
+PACKAGECONFIG[openssl] = ",,,python3-cryptography python3-pyopenssl"
+
+do_install:append() {
+    if ! ${@bb.utils.contains("PACKAGECONFIG", "openssl", "true", "false", d)}; then
+        rm -f ${D}${PYTHON_SITEPACKAGES_DIR}/urllib3/contrib/pyopenssl.py
+    fi
+}
 
 RDEPENDS:${PN} += "\
-    python3-certifi \
-    python3-cryptography \
-    python3-email \
     python3-idna \
+    python3-email \
     python3-json \
     python3-netclient \
-    python3-pyopenssl \
     python3-threading \
     python3-logging \
 "