Date: Wednesday, September 20, 2017 @ 01:29:04 Author: felixonmars Revision: 305883
upgpkg: python2 2.7.14-1 Modified: python2/trunk/PKGBUILD Deleted: python2/trunk/bpo-29697-don-t-use-openssl-1.0-fallback-on-1.1.patch python2/trunk/bpo-30714-alpn-changes-for-openssl-1.1.0f.patch -------------------------------------------------------+ PKGBUILD | 16 ----- bpo-29697-don-t-use-openssl-1.0-fallback-on-1.1.patch | 28 -------- bpo-30714-alpn-changes-for-openssl-1.1.0f.patch | 51 ---------------- 3 files changed, 3 insertions(+), 92 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2017-09-19 22:05:37 UTC (rev 305882) +++ PKGBUILD 2017-09-20 01:29:04 UTC (rev 305883) @@ -5,8 +5,8 @@ # Contributor: Jason Chu <ja...@archlinux.org> pkgname=python2 -pkgver=2.7.13 -pkgrel=4 +pkgver=2.7.14 +pkgrel=1 _pybasever=2.7 pkgdesc="A high-level scripting language" arch=('i686' 'x86_64') @@ -20,13 +20,9 @@ 'python2-pip') conflicts=('python<3') source=("https://www.python.org/ftp/python/${pkgver%rc?}/Python-${pkgver}.tar.xz"{,.asc} - bpo-29697-don-t-use-openssl-1.0-fallback-on-1.1.patch - bpo-30714-alpn-changes-for-openssl-1.1.0f.patch descr_ref.patch fix-profile-task.patch) -sha512sums=('f37c9a28ce129d01e63c84d7db627a06402854578f62d17927334ea21ede318e04bbf66e890e3f47c85333e6b19f6e5581fb3f3e27efd24be27017d1b6529c4b' +sha512sums=('78310b0be6388ffa15f29a80afb9ab3c03a572cb094e9da00cfe391afadb51696e41f592eb658d6a31a2f422fdac8a55214a382cbb8cfb43d4a127d5b35ea7f9' 'SKIP' - '115c40c36f2f18474244c758472c6b670a576d8f0289d9add005af1ed23d368738eed09fe2123df38ed5111c37ce31d998ae3db2eeff29fc5ac3065f8ea25211' - 'b32c2a0f17b3d19720187b68606024886c6b8008b7c61feaf4fe7b26b4547fddc71a2f191f87557d5fe613d06a8bc79ce5f724681a3090559fc34a032ccbf61a' '2e16eb23eb402dbe921c09bce99b400c10939114b4a1ded0e94a744d8cb66427947bc8d07c4fb054f9fe0906d10d1da509fc2273fd136225c0f019cc43dd045d' '5d7b47bfa9f13cf5fb827546189d823033278f96866366fca5257aaf819c92ffb26e2116426c84ab78d9ae3178eebb591fa4b2f22cfc2725e3e3e795fdb5c2b6') validpgpkeys=('C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF') # Benjamin Peterson @@ -60,12 +56,6 @@ # Workaround asdl_c.py/makeopcodetargets.py errors after we touched the shebangs touch Include/Python-ast.h Python/Python-ast.c Python/opcode_targets.h - # https://bugs.python.org/issue29697 - patch -Np1 -i ../bpo-29697-don-t-use-openssl-1.0-fallback-on-1.1.patch - - # https://bugs.python.org/issue30714 - patch -Np1 -i ../bpo-30714-alpn-changes-for-openssl-1.1.0f.patch - # FS#48761 # http://bugs.python.org/issue25750 patch -Np1 -i ../descr_ref.patch Deleted: bpo-29697-don-t-use-openssl-1.0-fallback-on-1.1.patch =================================================================== --- bpo-29697-don-t-use-openssl-1.0-fallback-on-1.1.patch 2017-09-19 22:05:37 UTC (rev 305882) +++ bpo-29697-don-t-use-openssl-1.0-fallback-on-1.1.patch 2017-09-20 01:29:04 UTC (rev 305883) @@ -1,28 +0,0 @@ -From f1a696efd6ca674579e25de29ec4053ff5a5ade1 Mon Sep 17 00:00:00 2001 -From: Donald Stufft <don...@stufft.io> -Date: Thu, 2 Mar 2017 12:37:07 -0500 -Subject: [PATCH] bpo-29697: Don't use OpenSSL <1.0.2 fallback on 1.1+ (GH-399) - ---- - Modules/_ssl.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/Modules/_ssl.c b/Modules/_ssl.c -index a92710077cc..4fff16f6f49 100644 ---- a/Modules/_ssl.c -+++ b/Modules/_ssl.c -@@ -2166,12 +2166,12 @@ context_new(PyTypeObject *type, PyObject *args, PyObject *kwds) - options |= SSL_OP_NO_SSLv3; - SSL_CTX_set_options(self->ctx, options); - --#ifndef OPENSSL_NO_ECDH -+#if !defined(OPENSSL_NO_ECDH) && !defined(OPENSSL_VERSION_1_1) - /* Allow automatic ECDH curve selection (on OpenSSL 1.0.2+), or use - prime256v1 by default. This is Apache mod_ssl's initialization - policy, so we should be safe. OpenSSL 1.1 has it enabled by default. - */ --#if defined(SSL_CTX_set_ecdh_auto) && !defined(OPENSSL_VERSION_1_1) -+#if defined(SSL_CTX_set_ecdh_auto) - SSL_CTX_set_ecdh_auto(self->ctx, 1); - #else - { Deleted: bpo-30714-alpn-changes-for-openssl-1.1.0f.patch =================================================================== --- bpo-30714-alpn-changes-for-openssl-1.1.0f.patch 2017-09-19 22:05:37 UTC (rev 305882) +++ bpo-30714-alpn-changes-for-openssl-1.1.0f.patch 2017-09-20 01:29:04 UTC (rev 305883) @@ -1,51 +0,0 @@ -From 0e396a20c3137244b1774bd14a0cb03921ff326d Mon Sep 17 00:00:00 2001 -From: Christian Heimes <christ...@python.org> -Date: Tue, 20 Jun 2017 18:28:38 +0200 -Subject: [PATCH] bpo-30714: ALPN changes for OpenSSL 1.1.0f - -OpenSSL 1.1.0 to 1.1.0e aborted the handshake when server and client -could not agree on a protocol using ALPN. OpenSSL 1.1.0f changed that. -The most recent version now behaves like OpenSSL 1.0.2 again. The ALPN -callback can pretend to not been set. - -See https://github.com/openssl/openssl/pull/3158 for more details - -Signed-off-by: Christian Heimes <christ...@python.org> ---- - Doc/library/ssl.rst | 5 +++-- - Lib/test/test_ssl.py | 5 +++-- - Misc/NEWS | 3 +++ - 3 files changed, 9 insertions(+), 4 deletions(-) - -diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst -index 729a239a1ba..b51b9c6e396 100644 ---- a/Doc/library/ssl.rst -+++ b/Doc/library/ssl.rst -@@ -1447,8 +1447,9 @@ to speed up repeated connections from the same clients. - This method will raise :exc:`NotImplementedError` if :data:`HAS_ALPN` is - False. - -- OpenSSL 1.1.0+ will abort the handshake and raise :exc:`SSLError` when -- both sides support ALPN but cannot agree on a protocol. -+ OpenSSL 1.1.0 to 1.1.0e will abort the handshake and raise :exc:`SSLError` -+ when both sides support ALPN but cannot agree on a protocol. 1.1.0f+ -+ behaves like 1.0.2. - - .. versionadded:: 3.5 - -diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py -index fdaf1c52046..3215031206c 100644 ---- a/Lib/test/test_ssl.py -+++ b/Lib/test/test_ssl.py -@@ -3267,8 +3267,9 @@ def test_alpn_protocols(self): - except ssl.SSLError as e: - stats = e - -- if expected is None and IS_OPENSSL_1_1: -- # OpenSSL 1.1.0 raises handshake error -+ if (expected is None and IS_OPENSSL_1_1 -+ and ssl.OPENSSL_VERSION_INFO < (1, 1, 0, 6)): -+ # OpenSSL 1.1.0 to 1.1.0e raises handshake error - self.assertIsInstance(stats, ssl.SSLError) - else: - msg = "failed trying %s (s) and %s (c).\n" \