Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-lang
diff options
context:
space:
mode:
authorMichał Górny <mgorny@gentoo.org>2021-06-02 10:35:15 +0200
committerMichał Górny <mgorny@gentoo.org>2021-06-02 10:47:41 +0200
commit7924811a9eb8d58a06f7f466d8352f2609947796 (patch)
tree30b1809d4ca4e009838372dd52b31b0a98cb9847 /dev-lang
parentdev-lang/python: Backport sec fixes to 3.7.10_p6 (diff)
downloadgentoo-7924811a9eb8d58a06f7f466d8352f2609947796.tar.gz
gentoo-7924811a9eb8d58a06f7f466d8352f2609947796.tar.bz2
gentoo-7924811a9eb8d58a06f7f466d8352f2609947796.zip
dev-lang/python: Backport sec fixes to 3.6.13_p5
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'dev-lang')
-rw-r--r--dev-lang/python/Manifest1
-rw-r--r--dev-lang/python/python-3.6.13_p5.ebuild338
2 files changed, 339 insertions, 0 deletions
diff --git a/dev-lang/python/Manifest b/dev-lang/python/Manifest
index 450819d159e3..79ad587f404c 100644
--- a/dev-lang/python/Manifest
+++ b/dev-lang/python/Manifest
@@ -22,6 +22,7 @@ DIST python-gentoo-patches-3.10.0b1.tar.xz 8116 BLAKE2B aba4856d2463e57187680780
DIST python-gentoo-patches-3.10.0b2.tar.xz 8124 BLAKE2B 6b707ef911c0573e6e87792b4ba1d37e5620723c7b22759c78ac20d88414390a7317546c41d867cd9decb6247c004a9df8eb25ab0999db9c7b431b03b64609e9 SHA512 9a95a1f8a6e4461107e9580e6017956ade47be90fbcd94cbb2eb83a871702308058a402c1eafc8e0d54c2a1910b9030edd9f71b051e846b1219e9f7bd11274b6
DIST python-gentoo-patches-3.6.13_p3.tar.xz 17640 BLAKE2B 255e96f61ad8adb7fdf1cc9f11ca99c8368601dfe9bab4c96adf1e77472dfdf365a6ce197ecc72b574849e2a6235063d63558711049e9e7407862871dc0f2f20 SHA512 7b9a39cd65129c495c513e1b8c259a88194b8877b891cedaa5289bedcc44dbcb5e63e3b9922ef085321e7f4db73b5a5090d30725b456491a98d7ef40b85601eb
DIST python-gentoo-patches-3.6.13_p4.tar.xz 17896 BLAKE2B 768ed3860766b212d21718d2f83fe2852dd297aaeaa2d76d93357012513b2aa66e8ff8fc8edf7375ae10ecf0864560e7b4df168f916cba06c67e329612d404f8 SHA512 7ec640280244c7fe8e5c5b3e8c7fd396ec37b920fe1a77d99e85bef20bc335cfc0bf818c58b8f203c15ce343f50d4b8c7ab7591ecfd21380c9cb15d87ed81ca4
+DIST python-gentoo-patches-3.6.13_p5.tar.xz 21940 BLAKE2B f6753f2c4383fbf0de0433040dae812f35bf550c60ac4a042c62afcff158619ebdc47d013dfa62d9b3dd446e8401ad50aaaeb212fb048a884a1c436b73b7afe2 SHA512 260d6abb2c24726fcddbe3ae828e96e315f90b6d486c11868066a25635968214a8c25a89737a9737c32ca110892a28f6b12badbeceb5e4d8d4a2a996b3ce7352
DIST python-gentoo-patches-3.7.10_p3.tar.xz 16804 BLAKE2B 1db238e4b928332d459b5f3c36ecb7f3bc3d3b754fd82e4434c91843ef7574306aef044df9a2644749a17b14ce9fefcd3c3dd44cafaa4ace0b7dc62fb66e73c8 SHA512 61a262a05d1f8e9b08875285db989160362eec66123a15345dd16b8c1f1161aeed31b20df8f69d27ae71902ae2e678328b82e511881d9a5560932619234bbe7d
DIST python-gentoo-patches-3.7.10_p4.tar.xz 17076 BLAKE2B 628d82f5fc24ee68b4d529ab6d2fcaf7361d55a99dccd699a2fd027e86a731e641ff1573c7639d3d513b2030f8e8629adab84c13a9dd1ba5e2a84bdb16e92c44 SHA512 856ff2e3a73d56888bc1a3b2a28e2ca284a2a40ac3df4d060616fee47e95052b535e697d1d77c58ed850da105c7accfe3093a41492e63f6642349f7a6c80a3ea
DIST python-gentoo-patches-3.7.10_p6.tar.xz 23868 BLAKE2B 3b3786030a461d06a96dbe0987d05c35215bb5e7b0b95e1337a05a311ad6f3c6db68cc7082128c56eea3eff4b98f74d213dde1f48517e07791815b73dcdcd5b8 SHA512 b817a9bc1469675c14555ce50bb004e8c1426465997a72a94859ab10df7c2a036b33b332c9e6b9f49df1addd899a37afd28fe60bf6ce90b4b21f4a28a27aca25
diff --git a/dev-lang/python/python-3.6.13_p5.ebuild b/dev-lang/python/python-3.6.13_p5.ebuild
new file mode 100644
index 000000000000..bbce0c2bb3a4
--- /dev/null
+++ b/dev-lang/python/python-3.6.13_p5.ebuild
@@ -0,0 +1,338 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+WANT_LIBTOOL="none"
+
+inherit autotools flag-o-matic multiprocessing pax-utils \
+ python-utils-r1 toolchain-funcs verify-sig
+
+MY_P="Python-${PV%_p*}"
+PYVER=$(ver_cut 1-2)
+PATCHSET="python-gentoo-patches-${PV}"
+
+DESCRIPTION="An interpreted, interactive, object-oriented programming language"
+HOMEPAGE="https://www.python.org/"
+SRC_URI="https://www.python.org/ftp/python/${PV%_*}/${MY_P}.tar.xz
+ https://dev.gentoo.org/~mgorny/dist/python/${PATCHSET}.tar.xz
+ verify-sig? (
+ https://www.python.org/ftp/python/${PV%_*}/${MY_P}.tar.xz.asc
+ )"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="PSF-2"
+SLOT="${PYVER}/${PYVER}m"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE="bluetooth build examples gdbm hardened ipv6 +ncurses +readline +sqlite +ssl test +threads tk wininst +xml"
+RESTRICT="!test? ( test )"
+
+# Do not add a dependency on dev-lang/python to this ebuild.
+# If you need to apply a patch which requires python for bootstrapping, please
+# run the bootstrap code on your dev box and include the results in the
+# patchset. See bug 447752.
+
+RDEPEND="app-arch/bzip2:=
+ app-arch/xz-utils:=
+ dev-libs/libffi:=
+ >=sys-libs/zlib-1.1.3:=
+ virtual/libcrypt:=
+ virtual/libintl
+ gdbm? ( sys-libs/gdbm:=[berkdb] )
+ ncurses? ( >=sys-libs/ncurses-5.2:= )
+ readline? ( >=sys-libs/readline-4.1:= )
+ sqlite? ( >=dev-db/sqlite-3.3.8:3= )
+ ssl? ( dev-libs/openssl:= )
+ tk? (
+ >=dev-lang/tcl-8.0:=
+ >=dev-lang/tk-8.0:=
+ dev-tcltk/blt:=
+ dev-tcltk/tix
+ )
+ xml? ( >=dev-libs/expat-2.1:= )"
+# bluetooth requires headers from bluez
+DEPEND="${RDEPEND}
+ bluetooth? ( net-wireless/bluez )
+ test? ( app-arch/xz-utils[extra-filters(+)] )"
+BDEPEND="
+ virtual/pkgconfig
+ verify-sig? ( app-crypt/openpgp-keys-python )
+ !sys-devel/gcc[libffi(-)]"
+PDEPEND="app-eselect/eselect-python"
+RDEPEND+=" !build? ( app-misc/mime-types )"
+
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/python.org.asc
+
+src_unpack() {
+ if use verify-sig; then
+ verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.asc}
+ fi
+ default
+}
+
+src_prepare() {
+ # Ensure that internal copies of expat, libffi and zlib are not used.
+ rm -fr Modules/expat || die
+ rm -fr Modules/_ctypes/libffi* || die
+ rm -fr Modules/zlib || die
+
+ local PATCHES=(
+ "${WORKDIR}/${PATCHSET}"
+ )
+
+ default
+
+ sed -i -e "s:@@GENTOO_LIBDIR@@:$(get_libdir):g" \
+ Lib/distutils/command/install.py \
+ Lib/distutils/sysconfig.py \
+ Lib/site.py \
+ Lib/sysconfig.py \
+ Lib/test/test_site.py \
+ Makefile.pre.in \
+ Modules/Setup.dist \
+ Modules/getpath.c \
+ configure.ac \
+ setup.py || die "sed failed to replace @@GENTOO_LIBDIR@@"
+
+ # force correct number of jobs
+ # https://bugs.gentoo.org/737660
+ local jobs=$(makeopts_jobs "${MAKEOPTS}" "$(get_nproc)")
+ sed -i -e "/self\.parallel/s:True:${jobs}:" setup.py || die
+
+ eautoreconf
+}
+
+src_configure() {
+ local disable
+ # disable automagic bluetooth headers detection
+ use bluetooth || export ac_cv_header_bluetooth_bluetooth_h=no
+ use gdbm || disable+=" gdbm"
+ use ncurses || disable+=" _curses _curses_panel"
+ use readline || disable+=" readline"
+ use sqlite || disable+=" _sqlite3"
+ use ssl || export PYTHON_DISABLE_SSL="1"
+ use tk || disable+=" _tkinter"
+ use xml || disable+=" _elementtree pyexpat" # _elementtree uses pyexpat.
+ export PYTHON_DISABLE_MODULES="${disable}"
+
+ if ! use xml; then
+ ewarn "You have configured Python without XML support."
+ ewarn "This is NOT a recommended configuration as you"
+ ewarn "may face problems parsing any XML documents."
+ fi
+
+ if [[ -n "${PYTHON_DISABLE_MODULES}" ]]; then
+ einfo "Disabled modules: ${PYTHON_DISABLE_MODULES}"
+ fi
+
+ if [[ "$(gcc-major-version)" -ge 4 ]]; then
+ append-flags -fwrapv
+ fi
+
+ filter-flags -malign-double
+
+ # https://bugs.gentoo.org/show_bug.cgi?id=50309
+ if is-flagq -O3; then
+ is-flagq -fstack-protector-all && replace-flags -O3 -O2
+ use hardened && replace-flags -O3 -O2
+ fi
+
+ # Export CXX so it ends up in /usr/lib/python3.X/config/Makefile.
+ tc-export CXX
+
+ local dbmliborder
+ if use gdbm; then
+ dbmliborder+="${dbmliborder:+:}gdbm"
+ fi
+
+ local myeconfargs=(
+ # glibc-2.30 removes it; since we can't cleanly force-rebuild
+ # Python on glibc upgrade, remove it proactively to give
+ # a chance for users rebuilding python before glibc
+ ac_cv_header_stropts_h=no
+
+ --with-fpectl
+ --enable-shared
+ $(use_enable ipv6)
+ $(use_with threads)
+ --infodir='${prefix}/share/info'
+ --mandir='${prefix}/share/man'
+ --with-computed-gotos
+ --with-dbmliborder="${dbmliborder}"
+ --with-libc=
+ --enable-loadable-sqlite-extensions
+ --without-ensurepip
+ --with-system-expat
+ --with-system-ffi
+ )
+
+ OPT="" econf "${myeconfargs[@]}"
+
+ if use threads && grep -q "#define POSIX_SEMAPHORES_NOT_ENABLED 1" pyconfig.h; then
+ eerror "configure has detected that the sem_open function is broken."
+ eerror "Please ensure that /dev/shm is mounted as a tmpfs with mode 1777."
+ die "Broken sem_open function (bug 496328)"
+ fi
+}
+
+src_compile() {
+ # Ensure sed works as expected
+ # https://bugs.gentoo.org/594768
+ local -x LC_ALL=C
+
+ emake CPPFLAGS= CFLAGS= LDFLAGS=
+
+ # Work around bug 329499. See also bug 413751 and 457194.
+ if has_version dev-libs/libffi[pax_kernel]; then
+ pax-mark E python
+ else
+ pax-mark m python
+ fi
+}
+
+src_test() {
+ # Tests will not work when cross compiling.
+ if tc-is-cross-compiler; then
+ elog "Disabling tests due to crosscompiling."
+ return
+ fi
+
+ # Skip failing tests.
+ local skipped_tests="gdb faulthandler"
+
+ for test in ${skipped_tests}; do
+ mv "${S}"/Lib/test/test_${test}.py "${T}"
+ done
+
+ # bug 660358
+ local -x COLUMNS=80
+ local -x PYTHONDONTWRITEBYTECODE=
+
+ local jobs=$(makeopts_jobs "${MAKEOPTS}" "$(get_nproc)")
+
+ emake test EXTRATESTOPTS="-u-network -j${jobs}" \
+ CPPFLAGS= CFLAGS= LDFLAGS= < /dev/tty
+ local result=$?
+
+ for test in ${skipped_tests}; do
+ mv "${T}/test_${test}.py" "${S}"/Lib/test
+ done
+
+ elog "The following tests have been skipped:"
+ for test in ${skipped_tests}; do
+ elog "test_${test}.py"
+ done
+
+ elog "If you would like to run them, you may:"
+ elog "cd '${EPREFIX}/usr/$(get_libdir)/python${PYVER}/test'"
+ elog "and run the tests separately."
+
+ if [[ ${result} -ne 0 ]]; then
+ die "emake test failed"
+ fi
+}
+
+src_install() {
+ local libdir=${ED}/usr/$(get_libdir)/python${PYVER}
+
+ emake DESTDIR="${D}" altinstall
+
+ # Remove static library
+ rm "${ED}"/usr/$(get_libdir)/libpython*.a || die
+
+ sed \
+ -e "s/\(CONFIGURE_LDFLAGS=\).*/\1/" \
+ -e "s/\(PY_LDFLAGS=\).*/\1/" \
+ -i "${libdir}/config-${PYVER}"*/Makefile || die "sed failed"
+
+ # Fix collisions between different slots of Python.
+ rm "${ED}/usr/$(get_libdir)/libpython3.so" || die
+
+ # Cheap hack to get version with ABIFLAGS
+ local abiver=$(cd "${ED}/usr/include"; echo python*)
+ if [[ ${abiver} != python${PYVER} ]]; then
+ # Replace python3.X with a symlink to python3.Xm
+ rm "${ED}/usr/bin/python${PYVER}" || die
+ dosym "${abiver}" "/usr/bin/python${PYVER}"
+ # Create python3.X-config symlink
+ dosym "${abiver}-config" "/usr/bin/python${PYVER}-config"
+ # Create python-3.5m.pc symlink
+ dosym "python-${PYVER}.pc" "/usr/$(get_libdir)/pkgconfig/${abiver/${PYVER}/-${PYVER}}.pc"
+ fi
+
+ # python seems to get rebuilt in src_install (bug 569908)
+ # Work around it for now.
+ if has_version dev-libs/libffi[pax_kernel]; then
+ pax-mark E "${ED}/usr/bin/${abiver}"
+ else
+ pax-mark m "${ED}/usr/bin/${abiver}"
+ fi
+
+ use sqlite || rm -r "${libdir}/"{sqlite3,test/test_sqlite*} || die
+ use tk || rm -r "${ED}/usr/bin/idle${PYVER}" "${libdir}/"{idlelib,tkinter,test/test_tk*} || die
+
+ use threads || rm -r "${libdir}/multiprocessing" || die
+ use wininst || rm "${libdir}/distutils/command/"wininst-*.exe || die
+
+ dodoc Misc/{ACKS,HISTORY,NEWS}
+
+ if use examples; then
+ docinto examples
+ find Tools -name __pycache__ -exec rm -fr {} + || die
+ dodoc -r Tools
+ fi
+ insinto /usr/share/gdb/auto-load/usr/$(get_libdir) #443510
+ local libname=$(printf 'e:\n\t@echo $(INSTSONAME)\ninclude Makefile\n' | \
+ emake --no-print-directory -s -f - 2>/dev/null)
+ newins "${S}"/Tools/gdb/libpython.py "${libname}"-gdb.py
+
+ newconfd "${FILESDIR}/pydoc.conf" pydoc-${PYVER}
+ newinitd "${FILESDIR}/pydoc.init" pydoc-${PYVER}
+ sed \
+ -e "s:@PYDOC_PORT_VARIABLE@:PYDOC${PYVER/./_}_PORT:" \
+ -e "s:@PYDOC@:pydoc${PYVER}:" \
+ -i "${ED}/etc/conf.d/pydoc-${PYVER}" \
+ "${ED}/etc/init.d/pydoc-${PYVER}" || die "sed failed"
+
+ local -x EPYTHON=python${PYVER}
+ # if not using a cross-compiler, use the fresh binary
+ if ! tc-is-cross-compiler; then
+ local -x PYTHON=./python
+ local -x LD_LIBRARY_PATH=${LD_LIBRARY_PATH+${LD_LIBRARY_PATH}:}${PWD}
+ else
+ local -x PYTHON=${EPREFIX}/usr/bin/${EPYTHON}
+ fi
+
+ echo "EPYTHON='${EPYTHON}'" > epython.py || die
+ python_domodule epython.py
+
+ # python-exec wrapping support
+ local pymajor=${PYVER%.*}
+ local scriptdir=${D}$(python_get_scriptdir)
+ mkdir -p "${scriptdir}" || die
+ # python and pythonX
+ ln -s "../../../bin/${abiver}" \
+ "${scriptdir}/python${pymajor}" || die
+ ln -s "python${pymajor}" "${scriptdir}/python" || die
+ # python-config and pythonX-config
+ # note: we need to create a wrapper rather than symlinking it due
+ # to some random dirname(argv[0]) magic performed by python-config
+ cat > "${scriptdir}/python${pymajor}-config" <<-EOF || die
+ #!/bin/sh
+ exec "${abiver}-config" "\${@}"
+ EOF
+ chmod +x "${scriptdir}/python${pymajor}-config" || die
+ ln -s "python${pymajor}-config" \
+ "${scriptdir}/python-config" || die
+ # 2to3, pydoc, pyvenv
+ ln -s "../../../bin/2to3-${PYVER}" \
+ "${scriptdir}/2to3" || die
+ ln -s "../../../bin/pydoc${PYVER}" \
+ "${scriptdir}/pydoc" || die
+ ln -s "../../../bin/pyvenv-${PYVER}" \
+ "${scriptdir}/pyvenv" || die
+ # idle
+ if use tk; then
+ ln -s "../../../bin/idle${PYVER}" \
+ "${scriptdir}/idle" || die
+ fi
+}