tils-OO-build.patch dev-lang/python/files/python-3.5.4-libffi-pkgconfig.patch dev-lang/python/files/python-3.5.5-hash-unaligned.patch dev-lang/python/files/python-3.5.5-libressl-compatibility.patch dev-lang/python/files/python-3.6.5-hash-unaligned.patch dev-lang/python/files/python-3.6.5-libressl-compatibility.patch dev-lang/python/python-3.6.8.ebuild dev-lang/python/python-3.8.5.ebuild dev-lang/python/python-3.8.6.ebuild X-VCS-Directories: dev-lang/python/files/ dev-lang/python/ X-VCS-Committer: grobian X-VCS-Committer-Name: Fabian Groffen X-VCS-Revision: bba0a3b1196af251652b4a679828aa59ceb171c9 X-VCS-Branch: master Date: Thu, 10 Dec 2020 20:46:26 +0000 (UTC)
commit: bba0a3b1196af251652b4a679828aa59ceb171c9 Author: Fabian Groffen <grobian <AT> gentoo <DOT> org> AuthorDate: Thu Dec 10 20:45:27 2020 +0000 Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org> CommitDate: Thu Dec 10 20:46:19 2020 +0000 URL: https://gitweb.gentoo.org/repo/proj/prefix.git/commit/?id=bba0a3b1 dev-lang/python: sync with gx86, cleanup, fix for darwin9 Package-Manager: Portage-3.0.12-prefix, Repoman-3.0.2 Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org> dev-lang/python/Manifest | 7 +- dev-lang/python/files/2.7-disable-nis.patch | 21 -- dev-lang/python/files/3.4-getentropy-linux.patch | 40 --- dev-lang/python/files/3.5-secondary-targets.patch | 19 -- dev-lang/python/files/3.5.1-cross-compile.patch | 75 ------ dev-lang/python/files/3.6-blake2.patch | 37 --- dev-lang/python/files/3.6-disable-nis.patch | 21 -- dev-lang/python/files/3.6.5-disable-nis.patch | 11 - dev-lang/python/files/CVE-2013-4238_py27.patch | 247 ------------------ dev-lang/python/files/CVE-2013-4238_py33.patch | 241 ----------------- .../files/python-2.5.2-cygwin-find_library.patch | 34 --- .../files/python-2.7-aix-dlopen-soname.patch | 63 ----- dev-lang/python/files/python-2.7-issue16248.patch | 19 -- dev-lang/python/files/python-2.7-issue17919.patch | 54 ---- dev-lang/python/files/python-2.7-issue18235.patch | 45 ---- dev-lang/python/files/python-2.7-issue18851.patch | 287 --------------------- .../python/files/python-2.7-libffi-pkgconfig.patch | 44 ---- .../files/python-2.7-libressl-compatibility.patch | 92 ------- .../python/files/python-2.7.10-semaphore-pid.patch | 51 ---- .../files/python-2.7.10-semaphore-urandom.patch | 38 --- .../python/files/python-2.7.5-library-path.patch | 25 -- .../files/python-2.7.5-re_unsigned_ptrdiff.patch | 23 -- ...ython-2.7.6-recvfrom_into_buffer_overflow.patch | 17 -- .../python/files/python-3.2-CVE-2013-2099.patch | 51 ---- .../python/files/python-3.2-CVE-2014-1912.patch | 51 ---- .../python/files/python-3.2-CVE-2014-4616.patch | 39 --- dev-lang/python/files/python-3.2-issue16248.patch | 19 -- dev-lang/python/files/python-3.2-issue17919.patch | 74 ------ dev-lang/python/files/python-3.2-issue18235.patch | 45 ---- dev-lang/python/files/python-3.2-issue19521.patch | 87 ------- dev-lang/python/files/python-3.2-issue19529.patch | 14 - .../python/files/python-3.2-libffi-pkgconfig.patch | 44 ---- .../python/files/python-3.3-CVE-2013-2099.patch | 51 ---- dev-lang/python/files/python-3.3-issue17919.patch | 112 -------- dev-lang/python/files/python-3.3-issue18235.patch | 35 --- dev-lang/python/files/python-3.3-issue21811.patch | 46 ---- dev-lang/python/files/python-3.4-gcc-5.patch | 37 --- .../files/python-3.4.3-ncurses-pkg-config.patch | 13 - dev-lang/python/files/python-3.4.5-cross.patch | 11 - .../files/python-3.5-distutils-OO-build.patch | 80 ------ .../files/python-3.5.4-libffi-pkgconfig.patch | 44 ---- .../python/files/python-3.5.5-hash-unaligned.patch | 43 --- .../python-3.5.5-libressl-compatibility.patch | 69 ----- .../python/files/python-3.6.5-hash-unaligned.patch | 42 --- .../python-3.6.5-libressl-compatibility.patch | 114 -------- dev-lang/python/python-3.8.5.ebuild | 1 - .../{python-3.6.8.ebuild => python-3.8.6.ebuild} | 227 ++++++++-------- 47 files changed, 106 insertions(+), 2754 deletions(-) diff --git a/dev-lang/python/Manifest b/dev-lang/python/Manifest index 0727452c09..790642a69d 100644 --- a/dev-lang/python/Manifest +++ b/dev-lang/python/Manifest @@ -1,15 +1,14 @@ DIST Python-2.7.16.tar.xz 12752104 BLAKE2B 7d6b5b853f9974d44e04dd35ecdffaab87511e183b4b01dd4f8f4ee109c4b4ab208f045708f69717be9d3a706aa078b71438ed482c062c0b89c12730eae074ae SHA512 16e814e8dcffc707b595ca2919bd2fa3db0d15794c63d977364652c4a5b92e90e72b8c9e1cc83b5020398bd90a1b397dbdd7cb931c49f1aa4af6ef95414b43e0 -DIST Python-3.6.8.tar.xz 17212420 BLAKE2B e104b49a35492b622080ab81a446c0cdd1223e8ddf95c4e1b262762a027664b59f3e4deeda4ba7177115d780e48b6764a053acef640a645327df428d2e4820cd SHA512 b17867e451ebe662f50df83ed112d3656c089e7d750651ea640052b01b713b58e66aac9e082f71fd16f5b5510bc9b797f5ccd30f5399581e9aa406197f02938a DIST Python-3.7.8.tar.xz 17399552 BLAKE2B 4bf6c47b1132b6d31a79232002c4d38e2cd123ac05d52b21d6bfba5a4e19ec9130b8df8698d5ce6627e4297c4cf756643f036e694e36364c235306c72ef34bf8 SHA512 d2ba299e3cf8ed0f8fed9317f42bcd8d9af7e0e6175939b4be1be289c1658418bed17899e2608d762ffb15575021956cf6bf2054d7863c04b3bd7642f5b8c7ea DIST Python-3.8.5.tar.xz 18019640 BLAKE2B bb3e0566afe28759e4ab129ad0986a0fc5103514f2e2b22ff4aa3973c3173ebdd24d4267fbaf903841814a611fd9ea122673e5a1918934366e5c0efaef9d7517 SHA512 460cee65d7df7150694590575502d7f22e548ebfc99c8f8b363eef8bf30ee72e58d8ffacb1d607824f877f880eb9fd6775a508388029583e1e1df3380f3f9587 +DIST Python-3.8.6.tar.xz 18233864 BLAKE2B c8a8ef6055e344dda30eb808804cfa62016b4f840257cffd5a495e5932f5696e50579d49b8181a487c9cd4a89bdb95656e80981039783a21d20f7980aa2c9883 SHA512 22faec84f6e172e1ac7c6bd6fd37e9b6ae4afc91cf5136aa8cac8ebbed8d18793f9196e8749b8ccc43447cb6c41cb450f65ea72dd363c06dfaeb14e0455f5560 DIST python-gentoo-patches-2.7.16.tar.xz 13904 BLAKE2B 218b46f8656f4a792dcd47eabca6d59a1558276b77676544991ee75914cd76dda84c36f43e72e477b850dd4cb52374d289f20dccd244a3b52ae5debaf3363432 SHA512 83f90545231c663a34c6925352a357a2b15997ac0362578a1893304c5070b5251922585ae8bc1bafb68d306bcddd4cdba4b6406648d473bd3e980eef65fe3ecd -DIST python-gentoo-patches-3.6.8.tar.xz 11224 BLAKE2B 5fe38282bcf28df18e0bd37756c880ae191ea738dc92f1cf83f682cfdc52525b9c44287dc99191a73d75c90672ab501b56adf49515b35ff1fdee88c8dc07b175 SHA512 89e700663db25d6d78eee1d4bfdab686c5341a794062f3a63df3485ac0b58deb4b4885d24701f3ae138d06ca783be92e310e1100c6d633910c33732f3cb0d7df DIST python-gentoo-patches-3.7.8-r3.tar.xz 13232 BLAKE2B 9df47b1f61d08f62a80221bc48d73ec27cd74a9ade8219912c5b02eaea919b70d91b1154837cd03c0129a5839186e9c970167ca3398129c044c25c7853f1f920 SHA512 e1477d425cb6125ca2286d816f4aa4e9e3c789d6a4f4907bd7b78549598356cae5766f642e2cad9e7c3abe2e82c12cf3cb7db3513be68aa213cb64cc0abc678a DIST python-gentoo-patches-3.8.5.tar.xz 11280 BLAKE2B 163c577da75f4ec0ebe86b5a08bea96d5ae406020bd211439b1405c0f8a5dddc9422a9ea5b16eed195433cbec010d9def3126a578d3f9716325482216b9e4d62 SHA512 6b7f72b8deb87fb7a169e97391185823984b5e9c99ec5232504c670843fbe0ca76afe32fc3fbe1f850ec6c42e9325cf4697022f36f7b00a4028b324069dd4d5b +DIST python-gentoo-patches-3.8.6.tar.xz 10956 BLAKE2B e3241d97f886d0a37f85735102db8f00902df59ee12e8501b6c7f549dd4b26a6289bf34ff8dba02b369ed7875fad3d18e177afe9e367db4cb06f2ee908482f9e SHA512 7afa8e54f7b7e6ab35edc16d4214384b8ad8a03068d1984656876d6477b278af931e8c797d03d1bed2f10f9d58ac387db1a43921e54fb17cf4b779f33820abc0 DIST python-prefix-2.7.16-gentoo-patches-r0.tar.xz 14636 BLAKE2B 54320f5197bb7adeca1e7c97447253e6535a11f380b6d66bc2ce46fa671fe23697aced8fd5619633a00e3ea19ae9dbc3ffe2981173d83dcab6b447d514555c43 SHA512 5380d9b92eb81603ec4d60ff9c940a3a061c06bd6f593d5837e600da5d4417b529d20d98d758aa95cef18fac10bdb5c33f90fa943deb15fdaf048492cf286581 -DIST python-prefix-3.6.8-gentoo-patches-r0.tar.xz 12732 BLAKE2B 82c91f451aff1dcda6182dfc05f5566261d5ffa36bbf5527931a442e46563220884ca1fb192a7226411f5e0f7c59f347f6f1ed1ffa34aec0eb5208b22cc3f756 SHA512 e52587d5c9169b75f79e942cf5bbade9e499335f7e242ec262bc678e136f1d857803d4a8cb9630fdb8847ea1ab4c293aebf2d498e630984accea48ee0c3723f5 DIST python-prefix-gentoo-3.7.8-patches-r0.tar.xz 13068 BLAKE2B 32e8baf8a0d5bdcb973ba880dbc35a3bd5c6cba88bf2f647e18fc4839fe8bae94658e403e050bcecc5dd5ddadf5beaf8a489829bc2835589d77b968628c29233 SHA512 1a7c17424edc43b36867d45ac019f48734444328bf17b5eddd07a2b63ef26e74147dea83e1286a9e45372acc85640a8d72fed33cbe551170acd785fe12b43d74 DIST python-prefix-gentoo-3.8.5-patches-r0.tar.xz 8948 BLAKE2B e2da338a00a239355e9d4c79bd46c78b54671017120ff79497a9a95a8e3c3096870a8667667f633de6216e83b574c8e65a8e7bfafd51c84595dca6fe9ccb78ed SHA512 8ae712782a255da8bf451b063e86e92c34a32bccce8ac00d76c0a4b0087cee8ea085f80827b49ec61fea18dc4924d4780c6d2f577c8f5d982d6482dde6e02091 +DIST python-prefix-gentoo-3.8.6-patches-r0.tar.xz 7688 BLAKE2B ea18ea2b5fc35a06d1f98b81fc9709dad271c6e9eefbeebdfe5acc712cec309e256ae27ab8ae5fbbda35c580e101f2e2979b81b8a9eca5b9f40c22cbe3fcee05 SHA512 7dd4c59da47a53c9ee7a6af42a16761ad71a8b7f977f8bdf93db4af2bedc337de8bea597e9dad05a2a5f440963c2b56b4b77352a0bf7bb6f1136550e5c9c5df0 DIST python2-cygwinports-7be648659ef46f33db6913ca0ca5a809219d5629.zip 9199 BLAKE2B 85803bc1677bd16650cb5fc4a2c54fdac0228326f25cfba4fcd098ac9d689312d3e0dde6fca57f720d5235361d6462461cf018325c23fda9139e0f1683055aff SHA512 cabc21d2d7379daf1f4bafe7ab00b70e5b4f707d3102496b96ff0dfdced26347097ad771c69e0b9488b7c54b1ef36f9bc019bee72f1ffcbb55dcd0e71095edfe -DIST python36-cygwinports-f11d606e98b00f5b143cba92bfee8b7f5ba779b0.zip 15874 BLAKE2B 4d6759dfa7afef796abb25dac94a8dac955638960c0335b0be59d88438d9ac3c1fa3e6e51280ff0ac8f30a77f7129f4d784791f84de80bd5fb57fde3e11fa0e8 SHA512 5d0a286a9444019d70a831432794a3d44ea981f141c327118679c1f16e694525b7d469138b174f1afe02ce069fc8d8ec5be0c924faab04ec24e9f35ab453acc2 DIST python37-cygwinports-6df749d21f131eeafa485d40eb1294b28d30ba6a.tar.gz 8102 BLAKE2B 7331142fc9c2fd71e5ec5ae45d6aaebe8e39430b5719d01a673966a5ba10b344bba924d6f7f05cc444cedbf28b11cef2db1c2613ebf45fcceb90354895b9b42c SHA512 da669c3a518af73c4caa7c9cc35af2fd971f98e7ba9b91ae0223b2f031e74acc70644fb2411ad5a8d4b39e2c449b5c256bea4877d957030cb81c0d08e84b38dd diff --git a/dev-lang/python/files/2.7-disable-nis.patch b/dev-lang/python/files/2.7-disable-nis.patch deleted file mode 100644 index 5a6cb3e403..0000000000 --- a/dev-lang/python/files/2.7-disable-nis.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- a/setup.py -+++ b/setup.py -@@ -1346,17 +1346,7 @@ class PyBuildExt(build_ext): - else: - missing.append('resource') - -- # Sun yellow pages. Some systems have the functions in libc. -- if (host_platform not in ['cygwin', 'atheos', 'qnx6'] and -- find_file('rpcsvc/yp_prot.h', inc_dirs, []) is not None): -- if (self.compiler.find_library_file(lib_dirs, 'nsl')): -- libs = ['nsl'] -- else: -- libs = [] -- exts.append( Extension('nis', ['nismodule.c'], -- libraries = libs) ) -- else: -- missing.append('nis') -+ missing.append('nis') - else: - missing.extend(['nis', 'resource', 'termios']) - diff --git a/dev-lang/python/files/3.4-getentropy-linux.patch b/dev-lang/python/files/3.4-getentropy-linux.patch deleted file mode 100644 index 9f12389bb2..0000000000 --- a/dev-lang/python/files/3.4-getentropy-linux.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 5635d44079e1bbd9c495951ede8d078e7b8d67d5 Mon Sep 17 00:00:00 2001 -From: Victor Stinner <[email protected]> -Date: Mon, 9 Jan 2017 11:10:41 +0100 -Subject: [PATCH] Don't use getentropy() on Linux - -Issue #29188: Support glibc 2.24 on Linux: don't use getentropy() function but -read from /dev/urandom to get random bytes, for example in os.urandom(). On -Linux, getentropy() is implemented which getrandom() is blocking mode, whereas -os.urandom() should not block. ---- - Python/random.c | 13 ++++++++++--- - 1 file changed, 10 insertions(+), 3 deletions(-) - -diff --git a/Python/random.c b/Python/random.c -index af3d0bd0d5..dc6400d3b8 100644 ---- a/Python/random.c -+++ b/Python/random.c -@@ -67,9 +67,16 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) - return 0; - } - --/* Issue #25003: Don' use getentropy() on Solaris (available since -- * Solaris 11.3), it is blocking whereas os.urandom() should not block. */ --#elif defined(HAVE_GETENTROPY) && !defined(sun) -+/* Issue #25003: Don't use getentropy() on Solaris (available since -+ Solaris 11.3), it is blocking whereas os.urandom() should not block. -+ -+ Issue #29188: Don't use getentropy() on Linux since the glibc 2.24 -+ implements it with the getrandom() syscall which can fail with ENOSYS, -+ and this error is not supported in py_getentropy() and getrandom() is called -+ with flags=0 which blocks until system urandom is initialized, which is not -+ the desired behaviour to seed the Python hash secret nor for os.urandom(): -+ see the PEP 524 which was only implemented in Python 3.6. */ -+#elif defined(HAVE_GETENTROPY) && !defined(sun) && !defined(linux) - #define PY_GETENTROPY 1 - - /* Fill buffer with size pseudo-random bytes generated by getentropy(). --- -2.15.0.rc2 - diff --git a/dev-lang/python/files/3.5-secondary-targets.patch b/dev-lang/python/files/3.5-secondary-targets.patch deleted file mode 100644 index eb3b0c71e7..0000000000 --- a/dev-lang/python/files/3.5-secondary-targets.patch +++ /dev/null @@ -1,19 +0,0 @@ -Mark all targets as "secondary" - -This allows make to avoid rebuilding unnecessary intermediate files, which -is useful when cross-compiling. - -See Parser/pgen and Programs/_freeze_importlib in Makefile.pre.in. - -diff --git a/Makefile.pre.in b/Makefile.pre.in ---- a/Makefile.pre.in -+++ b/Makefile.pre.in -@@ -1672,6 +1672,8 @@ - .PHONY: smelly funny patchcheck touch altmaninstall commoninstall - .PHONY: gdbhooks - -+.SECONDARY: -+ - # IF YOU PUT ANYTHING HERE IT WILL GO AWAY - # Local Variables: - # mode: makefile diff --git a/dev-lang/python/files/3.5.1-cross-compile.patch b/dev-lang/python/files/3.5.1-cross-compile.patch deleted file mode 100644 index 25a518bd1e..0000000000 --- a/dev-lang/python/files/3.5.1-cross-compile.patch +++ /dev/null @@ -1,75 +0,0 @@ -# HG changeset patch -# User Martin Panter <[email protected]> -# Date 1461373124 0 -# Node ID 66e40df31faca467937c7b9d5d2e825471f97822 -# Parent a246047734b3496a7dc4ebaf1f0232dadf22eab6 -Issue #22359: Disable running cross-compiled _freeze_importlib and pgen - -Patch by Xavier de Gaye. - -diff --git a/Makefile.pre.in b/Makefile.pre.in ---- a/Makefile.pre.in -+++ b/Makefile.pre.in -@@ -221,6 +221,7 @@ LIBOBJS= @LIBOBJS@ - PYTHON= python$(EXE) - BUILDPYTHON= python$(BUILDEXE) - -+cross_compiling=@cross_compiling@ - PYTHON_FOR_BUILD=@PYTHON_FOR_BUILD@ - _PYTHON_HOST_PLATFORM=@_PYTHON_HOST_PLATFORM@ - BUILD_GNU_TYPE= @build@ -@@ -718,12 +719,16 @@ Programs/_freeze_importlib: Programs/_fr - $(LINKCC) $(PY_LDFLAGS) -o $@ Programs/_freeze_importlib.o $(LIBRARY_OBJS_OMIT_FROZEN) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST) - - Python/importlib_external.h: $(srcdir)/Lib/importlib/_bootstrap_external.py Programs/_freeze_importlib -- ./Programs/_freeze_importlib \ -- $(srcdir)/Lib/importlib/_bootstrap_external.py Python/importlib_external.h -+ if test "$(cross_compiling)" != "yes"; then \ -+ ./Programs/_freeze_importlib \ -+ $(srcdir)/Lib/importlib/_bootstrap_external.py Python/importlib_external.h; \ -+ fi - - Python/importlib.h: $(srcdir)/Lib/importlib/_bootstrap.py Programs/_freeze_importlib -- ./Programs/_freeze_importlib \ -- $(srcdir)/Lib/importlib/_bootstrap.py Python/importlib.h -+ if test "$(cross_compiling)" != "yes"; then \ -+ ./Programs/_freeze_importlib \ -+ $(srcdir)/Lib/importlib/_bootstrap.py Python/importlib.h; \ -+ fi - - - ############################################################################ -@@ -784,10 +789,18 @@ Python/sysmodule.o: $(srcdir)/Python/sys - $(IO_OBJS): $(IO_H) - - $(GRAMMAR_H): $(GRAMMAR_INPUT) $(PGEN) -- @$(MKDIR_P) Include -- $(PGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C) -+ @$(MKDIR_P) Include -+ if test "$(cross_compiling)" != "yes"; then \ -+ $(PGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C); \ -+ else \ -+ cp $(srcdir)/Include/graminit.h $(GRAMMAR_H); \ -+ fi - $(GRAMMAR_C): $(GRAMMAR_H) -- touch $(GRAMMAR_C) -+ if test "$(cross_compiling)" != "yes"; then \ -+ touch $(GRAMMAR_C); \ -+ else \ -+ cp $(srcdir)/Python/graminit.c $(GRAMMAR_C); \ -+ fi - - $(PGEN): $(PGENOBJS) - $(CC) $(OPT) $(PY_LDFLAGS) $(PGENOBJS) $(LIBS) -o $(PGEN) -diff --git a/configure.ac b/configure.ac ---- a/configure.ac -+++ b/configure.ac -@@ -49,6 +49,7 @@ fi - AC_CONFIG_SRCDIR([Include/object.h]) - AC_CONFIG_HEADER(pyconfig.h) - -+AC_SUBST(cross_compiling) - AC_CANONICAL_HOST - AC_SUBST(build) - AC_SUBST(host) - diff --git a/dev-lang/python/files/3.6-blake2.patch b/dev-lang/python/files/3.6-blake2.patch deleted file mode 100644 index 48ee585595..0000000000 --- a/dev-lang/python/files/3.6-blake2.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 2e7c906c085a01ea8175a19e1e143257abc8f566 Mon Sep 17 00:00:00 2001 -From: Mike Gilbert <[email protected]> -Date: Sun, 30 Jul 2017 11:17:39 -0400 -Subject: [PATCH] blake2: remove commented code - -The nested comments cause a build failure. - -Bug: https://bugs.gentoo.org/608586 ---- - Modules/_blake2/impl/blake2s-load-xop.h | 11 ----------- - 1 file changed, 11 deletions(-) - -diff --git a/Modules/_blake2/impl/blake2s-load-xop.h b/Modules/_blake2/impl/blake2s-load-xop.h -index a3b5d65e2d..7e76c399c6 100644 ---- a/Modules/_blake2/impl/blake2s-load-xop.h -+++ b/Modules/_blake2/impl/blake2s-load-xop.h -@@ -18,17 +18,6 @@ - - #define TOB(x) ((x)*4*0x01010101 + 0x03020100) /* ..or not TOB */ - --/* Basic VPPERM emulation, for testing purposes */ --/*static __m128i _mm_perm_epi8(const __m128i src1, const __m128i src2, const __m128i sel) --{ -- const __m128i sixteen = _mm_set1_epi8(16); -- const __m128i t0 = _mm_shuffle_epi8(src1, sel); -- const __m128i s1 = _mm_shuffle_epi8(src2, _mm_sub_epi8(sel, sixteen)); -- const __m128i mask = _mm_or_si128(_mm_cmpeq_epi8(sel, sixteen), -- _mm_cmpgt_epi8(sel, sixteen)); /* (>=16) = 0xff : 00 */ -- return _mm_blendv_epi8(t0, s1, mask); --}*/ -- - #define LOAD_MSG_0_1(buf) \ - buf = _mm_perm_epi8(m0, m1, _mm_set_epi32(TOB(6),TOB(4),TOB(2),TOB(0)) ); - --- -2.13.3 - diff --git a/dev-lang/python/files/3.6-disable-nis.patch b/dev-lang/python/files/3.6-disable-nis.patch deleted file mode 100644 index 4e81847b50..0000000000 --- a/dev-lang/python/files/3.6-disable-nis.patch +++ /dev/null @@ -1,21 +0,0 @@ ---- a/setup.py -+++ b/setup.py -@@ -1332,17 +1332,7 @@ class PyBuildExt(build_ext): - # Jeremy Hylton's rlimit interface - exts.append( Extension('resource', ['resource.c']) ) - -- # Sun yellow pages. Some systems have the functions in libc. -- if (host_platform not in ['cygwin', 'qnx6'] and -- find_file('rpcsvc/yp_prot.h', inc_dirs, []) is not None): -- if (self.compiler.find_library_file(lib_dirs, 'nsl')): -- libs = ['nsl'] -- else: -- libs = [] -- exts.append( Extension('nis', ['nismodule.c'], -- libraries = libs) ) -- else: -- missing.append('nis') -+ missing.append('nis') - else: - missing.extend(['nis', 'resource', 'termios']) - diff --git a/dev-lang/python/files/3.6.5-disable-nis.patch b/dev-lang/python/files/3.6.5-disable-nis.patch deleted file mode 100644 index 3937c6fe79..0000000000 --- a/dev-lang/python/files/3.6.5-disable-nis.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/setup.py -+++ b/setup.py -@@ -1364,7 +1364,7 @@ class PyBuildExt(build_ext): - else: - missing.extend(['resource', 'termios']) - -- nis = self._detect_nis(inc_dirs, lib_dirs) -+ nis = None - if nis is not None: - exts.append(nis) - else: diff --git a/dev-lang/python/files/CVE-2013-4238_py27.patch b/dev-lang/python/files/CVE-2013-4238_py27.patch deleted file mode 100644 index e215589d46..0000000000 --- a/dev-lang/python/files/CVE-2013-4238_py27.patch +++ /dev/null @@ -1,247 +0,0 @@ -diff -r 9ddc63c039ba Lib/test/nullbytecert.pem ---- /dev/null Thu Jan 01 00:00:00 1970 +0000 -+++ b/Lib/test/nullbytecert.pem Sun Aug 11 18:13:17 2013 +0200 -@@ -0,0 +1,90 @@ -+Certificate: -+ Data: -+ Version: 3 (0x2) -+ Serial Number: 0 (0x0) -+ Signature Algorithm: sha1WithRSAEncryption -+ Issuer: C=US, ST=Oregon, L=Beaverton, O=Python Software Foundation, OU=Python Core Development, CN=null.python.org\x00example.org/[email protected] -+ Validity -+ Not Before: Aug 7 13:11:52 2013 GMT -+ Not After : Aug 7 13:12:52 2013 GMT -+ Subject: C=US, ST=Oregon, L=Beaverton, O=Python Software Foundation, OU=Python Core Development, CN=null.python.org\x00example.org/[email protected] -+ Subject Public Key Info: -+ Public Key Algorithm: rsaEncryption -+ Public-Key: (2048 bit) -+ Modulus: -+ 00:b5:ea:ed:c9:fb:46:7d:6f:3b:76:80:dd:3a:f3: -+ 03:94:0b:a7:a6:db:ec:1d:df:ff:23:74:08:9d:97: -+ 16:3f:a3:a4:7b:3e:1b:0e:96:59:25:03:a7:26:e2: -+ 88:a9:cf:79:cd:f7:04:56:b0:ab:79:32:6e:59:c1: -+ 32:30:54:eb:58:a8:cb:91:f0:42:a5:64:27:cb:d4: -+ 56:31:88:52:ad:cf:bd:7f:f0:06:64:1f:cc:27:b8: -+ a3:8b:8c:f3:d8:29:1f:25:0b:f5:46:06:1b:ca:02: -+ 45:ad:7b:76:0a:9c:bf:bb:b9:ae:0d:16:ab:60:75: -+ ae:06:3e:9c:7c:31:dc:92:2f:29:1a:e0:4b:0c:91: -+ 90:6c:e9:37:c5:90:d7:2a:d7:97:15:a3:80:8f:5d: -+ 7b:49:8f:54:30:d4:97:2c:1c:5b:37:b5:ab:69:30: -+ 68:43:d3:33:78:4b:02:60:f5:3c:44:80:a1:8f:e7: -+ f0:0f:d1:5e:87:9e:46:cf:62:fc:f9:bf:0c:65:12: -+ f1:93:c8:35:79:3f:c8:ec:ec:47:f5:ef:be:44:d5: -+ ae:82:1e:2d:9a:9f:98:5a:67:65:e1:74:70:7c:cb: -+ d3:c2:ce:0e:45:49:27:dc:e3:2d:d4:fb:48:0e:2f: -+ 9e:77:b8:14:46:c0:c4:36:ca:02:ae:6a:91:8c:da: -+ 2f:85 -+ Exponent: 65537 (0x10001) -+ X509v3 extensions: -+ X509v3 Basic Constraints: critical -+ CA:FALSE -+ X509v3 Subject Key Identifier: -+ 88:5A:55:C0:52:FF:61:CD:52:A3:35:0F:EA:5A:9C:24:38:22:F7:5C -+ X509v3 Key Usage: -+ Digital Signature, Non Repudiation, Key Encipherment -+ X509v3 Subject Alternative Name: -+ ************************************************************* -+ WARNING: The values for DNS, email and URI are WRONG. OpenSSL -+ doesn't print the text after a NULL byte. -+ ************************************************************* -+ DNS:altnull.python.org, email:[email protected], URI:http://null.python.org, IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1 -+ Signature Algorithm: sha1WithRSAEncryption -+ ac:4f:45:ef:7d:49:a8:21:70:8e:88:59:3e:d4:36:42:70:f5: -+ a3:bd:8b:d7:a8:d0:58:f6:31:4a:b1:a4:a6:dd:6f:d9:e8:44: -+ 3c:b6:0a:71:d6:7f:b1:08:61:9d:60:ce:75:cf:77:0c:d2:37: -+ 86:02:8d:5e:5d:f9:0f:71:b4:16:a8:c1:3d:23:1c:f1:11:b3: -+ 56:6e:ca:d0:8d:34:94:e6:87:2a:99:f2:ae:ae:cc:c2:e8:86: -+ de:08:a8:7f:c5:05:fa:6f:81:a7:82:e6:d0:53:9d:34:f4:ac: -+ 3e:40:fe:89:57:7a:29:a4:91:7e:0b:c6:51:31:e5:10:2f:a4: -+ 60:76:cd:95:51:1a:be:8b:a1:b0:fd:ad:52:bd:d7:1b:87:60: -+ d2:31:c7:17:c4:18:4f:2d:08:25:a3:a7:4f:b7:92:ca:e2:f5: -+ 25:f1:54:75:81:9d:b3:3d:61:a2:f7:da:ed:e1:c6:6f:2c:60: -+ 1f:d8:6f:c5:92:05:ab:c9:09:62:49:a9:14:ad:55:11:cc:d6: -+ 4a:19:94:99:97:37:1d:81:5f:8b:cf:a3:a8:96:44:51:08:3d: -+ 0b:05:65:12:eb:b6:70:80:88:48:72:4f:c6:c2:da:cf:cd:8e: -+ 5b:ba:97:2f:60:b4:96:56:49:5e:3a:43:76:63:04:be:2a:f6: -+ c1:ca:a9:94 -+-----BEGIN CERTIFICATE----- -+MIIE2DCCA8CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBxTELMAkGA1UEBhMCVVMx -+DzANBgNVBAgMBk9yZWdvbjESMBAGA1UEBwwJQmVhdmVydG9uMSMwIQYDVQQKDBpQ -+eXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEgMB4GA1UECwwXUHl0aG9uIENvcmUg -+RGV2ZWxvcG1lbnQxJDAiBgNVBAMMG251bGwucHl0aG9uLm9yZwBleGFtcGxlLm9y -+ZzEkMCIGCSqGSIb3DQEJARYVcHl0aG9uLWRldkBweXRob24ub3JnMB4XDTEzMDgw -+NzEzMTE1MloXDTEzMDgwNzEzMTI1MlowgcUxCzAJBgNVBAYTAlVTMQ8wDQYDVQQI -+DAZPcmVnb24xEjAQBgNVBAcMCUJlYXZlcnRvbjEjMCEGA1UECgwaUHl0aG9uIFNv -+ZnR3YXJlIEZvdW5kYXRpb24xIDAeBgNVBAsMF1B5dGhvbiBDb3JlIERldmVsb3Bt -+ZW50MSQwIgYDVQQDDBtudWxsLnB5dGhvbi5vcmcAZXhhbXBsZS5vcmcxJDAiBgkq -+hkiG9w0BCQEWFXB5dGhvbi1kZXZAcHl0aG9uLm9yZzCCASIwDQYJKoZIhvcNAQEB -+BQADggEPADCCAQoCggEBALXq7cn7Rn1vO3aA3TrzA5QLp6bb7B3f/yN0CJ2XFj+j -+pHs+Gw6WWSUDpybiiKnPec33BFawq3kyblnBMjBU61ioy5HwQqVkJ8vUVjGIUq3P -+vX/wBmQfzCe4o4uM89gpHyUL9UYGG8oCRa17dgqcv7u5rg0Wq2B1rgY+nHwx3JIv -+KRrgSwyRkGzpN8WQ1yrXlxWjgI9de0mPVDDUlywcWze1q2kwaEPTM3hLAmD1PESA -+oY/n8A/RXoeeRs9i/Pm/DGUS8ZPINXk/yOzsR/XvvkTVroIeLZqfmFpnZeF0cHzL -+08LODkVJJ9zjLdT7SA4vnne4FEbAxDbKAq5qkYzaL4UCAwEAAaOB0DCBzTAMBgNV -+HRMBAf8EAjAAMB0GA1UdDgQWBBSIWlXAUv9hzVKjNQ/qWpwkOCL3XDALBgNVHQ8E -+BAMCBeAwgZAGA1UdEQSBiDCBhYIeYWx0bnVsbC5weXRob24ub3JnAGV4YW1wbGUu -+Y29tgSBudWxsQHB5dGhvbi5vcmcAdXNlckBleGFtcGxlLm9yZ4YpaHR0cDovL251 -+bGwucHl0aG9uLm9yZwBodHRwOi8vZXhhbXBsZS5vcmeHBMAAAgGHECABDbgAAAAA -+AAAAAAAAAAEwDQYJKoZIhvcNAQEFBQADggEBAKxPRe99SaghcI6IWT7UNkJw9aO9 -+i9eo0Fj2MUqxpKbdb9noRDy2CnHWf7EIYZ1gznXPdwzSN4YCjV5d+Q9xtBaowT0j -+HPERs1ZuytCNNJTmhyqZ8q6uzMLoht4IqH/FBfpvgaeC5tBTnTT0rD5A/olXeimk -+kX4LxlEx5RAvpGB2zZVRGr6LobD9rVK91xuHYNIxxxfEGE8tCCWjp0+3ksri9SXx -+VHWBnbM9YaL32u3hxm8sYB/Yb8WSBavJCWJJqRStVRHM1koZlJmXNx2BX4vPo6iW -+RFEIPQsFZRLrtnCAiEhyT8bC2s/Njlu6ly9gtJZWSV46Q3ZjBL4q9sHKqZQ= -+-----END CERTIFICATE----- -diff -r 9ddc63c039ba Lib/test/test_ssl.py ---- a/Lib/test/test_ssl.py Sun Aug 11 13:04:50 2013 +0300 -+++ b/Lib/test/test_ssl.py Sun Aug 11 18:13:17 2013 +0200 -@@ -25,6 +25,7 @@ - HOST = test_support.HOST - CERTFILE = None - SVN_PYTHON_ORG_ROOT_CERT = None -+NULLBYTECERT = None - - def handle_error(prefix): - exc_format = ' '.join(traceback.format_exception(*sys.exc_info())) -@@ -123,6 +124,27 @@ - ('DNS', 'projects.forum.nokia.com')) - ) - -+ def test_parse_cert_CVE_2013_4073(self): -+ p = ssl._ssl._test_decode_cert(NULLBYTECERT) -+ if test_support.verbose: -+ sys.stdout.write("\n" + pprint.pformat(p) + "\n") -+ subject = ((('countryName', 'US'),), -+ (('stateOrProvinceName', 'Oregon'),), -+ (('localityName', 'Beaverton'),), -+ (('organizationName', 'Python Software Foundation'),), -+ (('organizationalUnitName', 'Python Core Development'),), -+ (('commonName', 'null.python.org\x00example.org'),), -+ (('emailAddress', '[email protected]'),)) -+ self.assertEqual(p['subject'], subject) -+ self.assertEqual(p['issuer'], subject) -+ self.assertEqual(p['subjectAltName'], -+ (('DNS', 'altnull.python.org\x00example.com'), -+ ('email', '[email protected]\[email protected]'), -+ ('URI', 'http://null.python.org\x00http://example.org'), -+ ('IP Address', '192.0.2.1'), -+ ('IP Address', '2001:DB8:0:0:0:0:0:1\n')) -+ ) -+ - def test_DER_to_PEM(self): - with open(SVN_PYTHON_ORG_ROOT_CERT, 'r') as f: - pem = f.read() -@@ -1360,7 +1382,7 @@ - - - def test_main(verbose=False): -- global CERTFILE, SVN_PYTHON_ORG_ROOT_CERT, NOKIACERT -+ global CERTFILE, SVN_PYTHON_ORG_ROOT_CERT, NOKIACERT, NULLBYTECERT - CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir, - "keycert.pem") - SVN_PYTHON_ORG_ROOT_CERT = os.path.join( -@@ -1368,10 +1390,13 @@ - "https_svn_python_org_root.pem") - NOKIACERT = os.path.join(os.path.dirname(__file__) or os.curdir, - "nokia.pem") -+ NULLBYTECERT = os.path.join(os.path.dirname(__file__) or os.curdir, -+ "nullbytecert.pem") - - if (not os.path.exists(CERTFILE) or - not os.path.exists(SVN_PYTHON_ORG_ROOT_CERT) or -- not os.path.exists(NOKIACERT)): -+ not os.path.exists(NOKIACERT) or -+ not os.path.exists(NULLBYTECERT)): - raise test_support.TestFailed("Can't read certificate files!") - - tests = [BasicTests, BasicSocketTests] -diff -r 9ddc63c039ba Modules/_ssl.c ---- a/Modules/_ssl.c Sun Aug 11 13:04:50 2013 +0300 -+++ b/Modules/_ssl.c Sun Aug 11 18:13:17 2013 +0200 -@@ -741,8 +741,13 @@ - - /* get a rendering of each name in the set of names */ - -+ int gntype; -+ ASN1_STRING *as = NULL; -+ - name = sk_GENERAL_NAME_value(names, j); -- if (name->type == GEN_DIRNAME) { -+ gntype = name-> type; -+ switch (gntype) { -+ case GEN_DIRNAME: - - /* we special-case DirName as a tuple of tuples of attributes */ - -@@ -764,11 +769,61 @@ - goto fail; - } - PyTuple_SET_ITEM(t, 1, v); -+ break; - -- } else { -+ case GEN_EMAIL: -+ case GEN_DNS: -+ case GEN_URI: -+ /* GENERAL_NAME_print() doesn't handle NUL bytes in ASN1_string -+ correctly. */ -+ t = PyTuple_New(2); -+ if (t == NULL) -+ goto fail; -+ switch (gntype) { -+ case GEN_EMAIL: -+ v = PyUnicode_FromString("email"); -+ as = name->d.rfc822Name; -+ break; -+ case GEN_DNS: -+ v = PyUnicode_FromString("DNS"); -+ as = name->d.dNSName; -+ break; -+ case GEN_URI: -+ v = PyUnicode_FromString("URI"); -+ as = name->d.uniformResourceIdentifier; -+ break; -+ } -+ if (v == NULL) { -+ Py_DECREF(t); -+ goto fail; -+ } -+ PyTuple_SET_ITEM(t, 0, v); -+ v = PyString_FromStringAndSize((char *)ASN1_STRING_data(as), -+ ASN1_STRING_length(as)); -+ if (v == NULL) { -+ Py_DECREF(t); -+ goto fail; -+ } -+ PyTuple_SET_ITEM(t, 1, v); -+ break; - -+ default: - /* for everything else, we use the OpenSSL print form */ -- -+ switch (gntype) { -+ /* check for new general name type */ -+ case GEN_OTHERNAME: -+ case GEN_X400: -+ case GEN_EDIPARTY: -+ case GEN_IPADD: -+ case GEN_RID: -+ break; -+ default: -+ if (PyErr_Warn(PyExc_RuntimeWarning, -+ "Unknown general name type") == -1) { -+ goto fail; -+ } -+ break; -+ } - (void) BIO_reset(biobuf); - GENERAL_NAME_print(biobuf, name); - len = BIO_gets(biobuf, buf, sizeof(buf)-1); -@@ -794,6 +849,7 @@ - goto fail; - } - PyTuple_SET_ITEM(t, 1, v); -+ break; - } - - /* and add that rendering to the list */ diff --git a/dev-lang/python/files/CVE-2013-4238_py33.patch b/dev-lang/python/files/CVE-2013-4238_py33.patch deleted file mode 100644 index 41db4d241b..0000000000 --- a/dev-lang/python/files/CVE-2013-4238_py33.patch +++ /dev/null @@ -1,241 +0,0 @@ -diff -r e0f86c3b3685 Lib/test/nullbytecert.pem ---- /dev/null Thu Jan 01 00:00:00 1970 +0000 -+++ b/Lib/test/nullbytecert.pem Sun Aug 11 18:17:23 2013 +0200 -@@ -0,0 +1,90 @@ -+Certificate: -+ Data: -+ Version: 3 (0x2) -+ Serial Number: 0 (0x0) -+ Signature Algorithm: sha1WithRSAEncryption -+ Issuer: C=US, ST=Oregon, L=Beaverton, O=Python Software Foundation, OU=Python Core Development, CN=null.python.org\x00example.org/[email protected] -+ Validity -+ Not Before: Aug 7 13:11:52 2013 GMT -+ Not After : Aug 7 13:12:52 2013 GMT -+ Subject: C=US, ST=Oregon, L=Beaverton, O=Python Software Foundation, OU=Python Core Development, CN=null.python.org\x00example.org/[email protected] -+ Subject Public Key Info: -+ Public Key Algorithm: rsaEncryption -+ Public-Key: (2048 bit) -+ Modulus: -+ 00:b5:ea:ed:c9:fb:46:7d:6f:3b:76:80:dd:3a:f3: -+ 03:94:0b:a7:a6:db:ec:1d:df:ff:23:74:08:9d:97: -+ 16:3f:a3:a4:7b:3e:1b:0e:96:59:25:03:a7:26:e2: -+ 88:a9:cf:79:cd:f7:04:56:b0:ab:79:32:6e:59:c1: -+ 32:30:54:eb:58:a8:cb:91:f0:42:a5:64:27:cb:d4: -+ 56:31:88:52:ad:cf:bd:7f:f0:06:64:1f:cc:27:b8: -+ a3:8b:8c:f3:d8:29:1f:25:0b:f5:46:06:1b:ca:02: -+ 45:ad:7b:76:0a:9c:bf:bb:b9:ae:0d:16:ab:60:75: -+ ae:06:3e:9c:7c:31:dc:92:2f:29:1a:e0:4b:0c:91: -+ 90:6c:e9:37:c5:90:d7:2a:d7:97:15:a3:80:8f:5d: -+ 7b:49:8f:54:30:d4:97:2c:1c:5b:37:b5:ab:69:30: -+ 68:43:d3:33:78:4b:02:60:f5:3c:44:80:a1:8f:e7: -+ f0:0f:d1:5e:87:9e:46:cf:62:fc:f9:bf:0c:65:12: -+ f1:93:c8:35:79:3f:c8:ec:ec:47:f5:ef:be:44:d5: -+ ae:82:1e:2d:9a:9f:98:5a:67:65:e1:74:70:7c:cb: -+ d3:c2:ce:0e:45:49:27:dc:e3:2d:d4:fb:48:0e:2f: -+ 9e:77:b8:14:46:c0:c4:36:ca:02:ae:6a:91:8c:da: -+ 2f:85 -+ Exponent: 65537 (0x10001) -+ X509v3 extensions: -+ X509v3 Basic Constraints: critical -+ CA:FALSE -+ X509v3 Subject Key Identifier: -+ 88:5A:55:C0:52:FF:61:CD:52:A3:35:0F:EA:5A:9C:24:38:22:F7:5C -+ X509v3 Key Usage: -+ Digital Signature, Non Repudiation, Key Encipherment -+ X509v3 Subject Alternative Name: -+ ************************************************************* -+ WARNING: The values for DNS, email and URI are WRONG. OpenSSL -+ doesn't print the text after a NULL byte. -+ ************************************************************* -+ DNS:altnull.python.org, email:[email protected], URI:http://null.python.org, IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1 -+ Signature Algorithm: sha1WithRSAEncryption -+ ac:4f:45:ef:7d:49:a8:21:70:8e:88:59:3e:d4:36:42:70:f5: -+ a3:bd:8b:d7:a8:d0:58:f6:31:4a:b1:a4:a6:dd:6f:d9:e8:44: -+ 3c:b6:0a:71:d6:7f:b1:08:61:9d:60:ce:75:cf:77:0c:d2:37: -+ 86:02:8d:5e:5d:f9:0f:71:b4:16:a8:c1:3d:23:1c:f1:11:b3: -+ 56:6e:ca:d0:8d:34:94:e6:87:2a:99:f2:ae:ae:cc:c2:e8:86: -+ de:08:a8:7f:c5:05:fa:6f:81:a7:82:e6:d0:53:9d:34:f4:ac: -+ 3e:40:fe:89:57:7a:29:a4:91:7e:0b:c6:51:31:e5:10:2f:a4: -+ 60:76:cd:95:51:1a:be:8b:a1:b0:fd:ad:52:bd:d7:1b:87:60: -+ d2:31:c7:17:c4:18:4f:2d:08:25:a3:a7:4f:b7:92:ca:e2:f5: -+ 25:f1:54:75:81:9d:b3:3d:61:a2:f7:da:ed:e1:c6:6f:2c:60: -+ 1f:d8:6f:c5:92:05:ab:c9:09:62:49:a9:14:ad:55:11:cc:d6: -+ 4a:19:94:99:97:37:1d:81:5f:8b:cf:a3:a8:96:44:51:08:3d: -+ 0b:05:65:12:eb:b6:70:80:88:48:72:4f:c6:c2:da:cf:cd:8e: -+ 5b:ba:97:2f:60:b4:96:56:49:5e:3a:43:76:63:04:be:2a:f6: -+ c1:ca:a9:94 -+-----BEGIN CERTIFICATE----- -+MIIE2DCCA8CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBxTELMAkGA1UEBhMCVVMx -+DzANBgNVBAgMBk9yZWdvbjESMBAGA1UEBwwJQmVhdmVydG9uMSMwIQYDVQQKDBpQ -+eXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEgMB4GA1UECwwXUHl0aG9uIENvcmUg -+RGV2ZWxvcG1lbnQxJDAiBgNVBAMMG251bGwucHl0aG9uLm9yZwBleGFtcGxlLm9y -+ZzEkMCIGCSqGSIb3DQEJARYVcHl0aG9uLWRldkBweXRob24ub3JnMB4XDTEzMDgw -+NzEzMTE1MloXDTEzMDgwNzEzMTI1MlowgcUxCzAJBgNVBAYTAlVTMQ8wDQYDVQQI -+DAZPcmVnb24xEjAQBgNVBAcMCUJlYXZlcnRvbjEjMCEGA1UECgwaUHl0aG9uIFNv -+ZnR3YXJlIEZvdW5kYXRpb24xIDAeBgNVBAsMF1B5dGhvbiBDb3JlIERldmVsb3Bt -+ZW50MSQwIgYDVQQDDBtudWxsLnB5dGhvbi5vcmcAZXhhbXBsZS5vcmcxJDAiBgkq -+hkiG9w0BCQEWFXB5dGhvbi1kZXZAcHl0aG9uLm9yZzCCASIwDQYJKoZIhvcNAQEB -+BQADggEPADCCAQoCggEBALXq7cn7Rn1vO3aA3TrzA5QLp6bb7B3f/yN0CJ2XFj+j -+pHs+Gw6WWSUDpybiiKnPec33BFawq3kyblnBMjBU61ioy5HwQqVkJ8vUVjGIUq3P -+vX/wBmQfzCe4o4uM89gpHyUL9UYGG8oCRa17dgqcv7u5rg0Wq2B1rgY+nHwx3JIv -+KRrgSwyRkGzpN8WQ1yrXlxWjgI9de0mPVDDUlywcWze1q2kwaEPTM3hLAmD1PESA -+oY/n8A/RXoeeRs9i/Pm/DGUS8ZPINXk/yOzsR/XvvkTVroIeLZqfmFpnZeF0cHzL -+08LODkVJJ9zjLdT7SA4vnne4FEbAxDbKAq5qkYzaL4UCAwEAAaOB0DCBzTAMBgNV -+HRMBAf8EAjAAMB0GA1UdDgQWBBSIWlXAUv9hzVKjNQ/qWpwkOCL3XDALBgNVHQ8E -+BAMCBeAwgZAGA1UdEQSBiDCBhYIeYWx0bnVsbC5weXRob24ub3JnAGV4YW1wbGUu -+Y29tgSBudWxsQHB5dGhvbi5vcmcAdXNlckBleGFtcGxlLm9yZ4YpaHR0cDovL251 -+bGwucHl0aG9uLm9yZwBodHRwOi8vZXhhbXBsZS5vcmeHBMAAAgGHECABDbgAAAAA -+AAAAAAAAAAEwDQYJKoZIhvcNAQEFBQADggEBAKxPRe99SaghcI6IWT7UNkJw9aO9 -+i9eo0Fj2MUqxpKbdb9noRDy2CnHWf7EIYZ1gznXPdwzSN4YCjV5d+Q9xtBaowT0j -+HPERs1ZuytCNNJTmhyqZ8q6uzMLoht4IqH/FBfpvgaeC5tBTnTT0rD5A/olXeimk -+kX4LxlEx5RAvpGB2zZVRGr6LobD9rVK91xuHYNIxxxfEGE8tCCWjp0+3ksri9SXx -+VHWBnbM9YaL32u3hxm8sYB/Yb8WSBavJCWJJqRStVRHM1koZlJmXNx2BX4vPo6iW -+RFEIPQsFZRLrtnCAiEhyT8bC2s/Njlu6ly9gtJZWSV46Q3ZjBL4q9sHKqZQ= -+-----END CERTIFICATE----- -diff -r e0f86c3b3685 Lib/test/test_ssl.py ---- a/Lib/test/test_ssl.py Sun Aug 11 13:04:50 2013 +0300 -+++ b/Lib/test/test_ssl.py Sun Aug 11 18:17:23 2013 +0200 -@@ -55,6 +55,7 @@ - WRONGCERT = data_file("XXXnonexisting.pem") - BADKEY = data_file("badkey.pem") - NOKIACERT = data_file("nokia.pem") -+NULLBYTECERT = data_file("nullbytecert.pem") - - DHFILE = data_file("dh512.pem") - BYTES_DHFILE = os.fsencode(DHFILE) -@@ -162,6 +163,27 @@ - ('DNS', 'projects.forum.nokia.com')) - ) - -+ def test_parse_cert_CVE_2013_4073(self): -+ p = ssl._ssl._test_decode_cert(NULLBYTECERT) -+ if support.verbose: -+ sys.stdout.write("\n" + pprint.pformat(p) + "\n") -+ subject = ((('countryName', 'US'),), -+ (('stateOrProvinceName', 'Oregon'),), -+ (('localityName', 'Beaverton'),), -+ (('organizationName', 'Python Software Foundation'),), -+ (('organizationalUnitName', 'Python Core Development'),), -+ (('commonName', 'null.python.org\x00example.org'),), -+ (('emailAddress', '[email protected]'),)) -+ self.assertEqual(p['subject'], subject) -+ self.assertEqual(p['issuer'], subject) -+ self.assertEqual(p['subjectAltName'], -+ (('DNS', 'altnull.python.org\x00example.com'), -+ ('email', '[email protected]\[email protected]'), -+ ('URI', 'http://null.python.org\x00http://example.org'), -+ ('IP Address', '192.0.2.1'), -+ ('IP Address', '2001:DB8:0:0:0:0:0:1\n')) -+ ) -+ - def test_DER_to_PEM(self): - with open(SVN_PYTHON_ORG_ROOT_CERT, 'r') as f: - pem = f.read() -@@ -294,6 +316,13 @@ - fail(cert, 'foo.a.com') - fail(cert, 'bar.foo.com') - -+ # NULL bytes are bad, CVE-2013-4073 -+ cert = {'subject': ((('commonName', -+ 'null.python.org\x00example.org'),),)} -+ ok(cert, 'null.python.org\x00example.org') # or raise an error? -+ fail(cert, 'example.org') -+ fail(cert, 'null.python.org') -+ - # Slightly fake real-world example - cert = {'notAfter': 'Jun 26 21:41:46 2011 GMT', - 'subject': ((('commonName', 'linuxfrz.org'),),), -diff -r e0f86c3b3685 Modules/_ssl.c ---- a/Modules/_ssl.c Sun Aug 11 13:04:50 2013 +0300 -+++ b/Modules/_ssl.c Sun Aug 11 18:17:23 2013 +0200 -@@ -771,12 +771,14 @@ - ext->value->length)); - - for(j = 0; j < sk_GENERAL_NAME_num(names); j++) { -- - /* get a rendering of each name in the set of names */ -+ int gntype; -+ ASN1_STRING *as = NULL; - - name = sk_GENERAL_NAME_value(names, j); -- if (name->type == GEN_DIRNAME) { -- -+ gntype = name-> type; -+ switch (gntype) { -+ case GEN_DIRNAME: - /* we special-case DirName as a tuple of - tuples of attributes */ - -@@ -798,11 +800,62 @@ - goto fail; - } - PyTuple_SET_ITEM(t, 1, v); -+ break; - -- } else { -+ case GEN_EMAIL: -+ case GEN_DNS: -+ case GEN_URI: -+ /* GENERAL_NAME_print() doesn't handle NUL bytes in ASN1_string -+ correctly. */ -+ t = PyTuple_New(2); -+ if (t == NULL) -+ goto fail; -+ switch (gntype) { -+ case GEN_EMAIL: -+ v = PyUnicode_FromString("email"); -+ as = name->d.rfc822Name; -+ break; -+ case GEN_DNS: -+ v = PyUnicode_FromString("DNS"); -+ as = name->d.dNSName; -+ break; -+ case GEN_URI: -+ v = PyUnicode_FromString("URI"); -+ as = name->d.uniformResourceIdentifier; -+ break; -+ } -+ if (v == NULL) { -+ Py_DECREF(t); -+ goto fail; -+ } -+ PyTuple_SET_ITEM(t, 0, v); -+ v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_data(as), -+ ASN1_STRING_length(as)); -+ if (v == NULL) { -+ Py_DECREF(t); -+ goto fail; -+ } -+ PyTuple_SET_ITEM(t, 1, v); -+ break; - -+ default: - /* for everything else, we use the OpenSSL print form */ -- -+ switch (gntype) { -+ /* check for new general name type */ -+ case GEN_OTHERNAME: -+ case GEN_X400: -+ case GEN_EDIPARTY: -+ case GEN_IPADD: -+ case GEN_RID: -+ break; -+ default: -+ if (PyErr_WarnFormat(PyExc_RuntimeWarning, 1, -+ "Unknown general name type %d", -+ gntype) == -1) { -+ goto fail; -+ } -+ break; -+ } - (void) BIO_reset(biobuf); - GENERAL_NAME_print(biobuf, name); - len = BIO_gets(biobuf, buf, sizeof(buf)-1); -@@ -829,6 +882,7 @@ - goto fail; - } - PyTuple_SET_ITEM(t, 1, v); -+ break; - } - - /* and add that rendering to the list */ diff --git a/dev-lang/python/files/python-2.5.2-cygwin-find_library.patch b/dev-lang/python/files/python-2.5.2-cygwin-find_library.patch deleted file mode 100644 index 381d073b40..0000000000 --- a/dev-lang/python/files/python-2.5.2-cygwin-find_library.patch +++ /dev/null @@ -1,34 +0,0 @@ ---- origsrc/Python-2.5.2/Lib/ctypes/util.py 2007-09-14 15:05:26.000000000 -0500 -+++ src/Python-2.5.2/Lib/ctypes/util.py 2008-11-25 17:54:47.319296200 -0600 -@@ -41,6 +41,20 @@ - continue - return None - -+elif sys.platform == "cygwin": -+ def find_library(name): -+ for libdir in ['/usr/lib', '/usr/local/lib']: -+ for libext in ['lib%s.dll.a' % name, 'lib%s.a' % name]: -+ implib = os.path.join(libdir, libext) -+ if not os.path.exists(implib): -+ continue -+ cmd = "dlltool -I " + implib + " 2>/dev/null" -+ res = os.popen(cmd).read().replace("\n","") -+ if not res: -+ continue -+ return res -+ return None -+ - elif os.name == "posix": - # Andreas Degert's find functions, using gcc, /sbin/ldconfig, objdump - import re, tempfile, errno -@@ -157,6 +173,10 @@ - print cdll.LoadLibrary("libcrypto.dylib") - print cdll.LoadLibrary("libSystem.dylib") - print cdll.LoadLibrary("System.framework/System") -+ elif sys.platform == "cygwin": -+ print cdll.LoadLibrary("cygbz2-1.dll") -+ print find_library("crypt") -+ print cdll.LoadLibrary("cygcrypt-0.dll") - else: - print cdll.LoadLibrary("libm.so") - print cdll.LoadLibrary("libcrypt.so") diff --git a/dev-lang/python/files/python-2.7-aix-dlopen-soname.patch b/dev-lang/python/files/python-2.7-aix-dlopen-soname.patch deleted file mode 100644 index ccd0faca20..0000000000 --- a/dev-lang/python/files/python-2.7-aix-dlopen-soname.patch +++ /dev/null @@ -1,63 +0,0 @@ -With libtool, we have shared object file "shr.o" as archive member on AIX, -see bug#213277 for more details. - ---- Python/dynload_shlib.c.orig 2014-04-11 15:44:19 +0200 -+++ Python/dynload_shlib.c 2014-04-11 16:25:18 +0200 -@@ -161,6 +161,29 @@ - - handle = dlopen(pathname, dlopenflags); - -+#ifdef RTLD_MEMBER -+ if (handle == NULL && errno == ENOEXEC) { -+ /* Exec format error: File exists, try libtool's "aix-soname" variant. */ -+# ifdef __64BIT__ -+# define shr_o "(shr_64.o)" -+# else -+# define shr_o "(shr.o)" -+# endif -+ char *buf = malloc(strlen(pathname) + strlen(shr_o) + 1); -+ if (buf != NULL) { -+ sprintf(buf, "%s%s", pathname, shr_o); -+ dlopenflags |= RTLD_MEMBER; -+ -+ if (Py_VerboseFlag) -+ PySys_WriteStderr("dlopen(\"%s\", %x);\n", buf, -+ dlopenflags); -+ -+ handle = dlopen(buf, dlopenflags); -+ free(buf); -+ } -+ } -+#endif -+ - if (handle == NULL) { - const char *error = dlerror(); - if (error == NULL) ---- Modules/dlmodule.c.orig 2014-04-11 16:32:39 +0200 -+++ Modules/dlmodule.c 2014-04-11 16:34:59 +0200 -@@ -185,6 +185,25 @@ - #endif - } - handle = dlopen(name, mode); -+ -+#ifdef RTLD_MEMBER -+ if (handle == NULL && errno == ENOEXEC) { -+ /* Exec format error: File exists, try libtool's "aix-soname" variant. */ -+# ifdef __64BIT__ -+# define shr_o "(shr_64.o)" -+# else -+# define shr_o "(shr.o)" -+# endif -+ char *buf = malloc(strlen(name) + strlen(shr_o) + 1); -+ if (buf != NULL) { -+ sprintf(buf, "%s%s", name, shr_o); -+ mode |= RTLD_MEMBER; -+ handle = dlopen(buf, mode); -+ free(buf); -+ } -+ } -+#endif -+ - if (handle == NULL) { - char *errmsg = dlerror(); - if (!errmsg) diff --git a/dev-lang/python/files/python-2.7-issue16248.patch b/dev-lang/python/files/python-2.7-issue16248.patch deleted file mode 100644 index ce9c654c56..0000000000 --- a/dev-lang/python/files/python-2.7-issue16248.patch +++ /dev/null @@ -1,19 +0,0 @@ -# HG changeset patch -# User Antoine Pitrou <[email protected]> -# Date 1375388712 -7200 -# Node ID 0f17aed78168e63ec058c219d03cea7240f83dd6 -# Parent bb546f6d8ab4f513804d7a420657963881e5b447 -Fix tkinter regression introduced by the security fix in #16248. - -diff --git a/Lib/lib-tk/Tkinter.py b/Lib/lib-tk/Tkinter.py ---- a/Lib/lib-tk/Tkinter.py -+++ b/Lib/lib-tk/Tkinter.py -@@ -1736,7 +1736,7 @@ class Tk(Misc, Wm): - # ensure that self.tk is always _something_. - self.tk = None - if baseName is None: -- import sys, os -+ import os - baseName = os.path.basename(sys.argv[0]) - baseName, ext = os.path.splitext(baseName) - if ext not in ('.py', '.pyc', '.pyo'): diff --git a/dev-lang/python/files/python-2.7-issue17919.patch b/dev-lang/python/files/python-2.7-issue17919.patch deleted file mode 100644 index e75689224a..0000000000 --- a/dev-lang/python/files/python-2.7-issue17919.patch +++ /dev/null @@ -1,54 +0,0 @@ ---- Modules/selectmodule.c.orig 2013-11-11 17:14:37.966910450 +0100 -+++ Modules/selectmodule.c 2013-11-11 17:17:12.532891570 +0100 -@@ -346,6 +346,7 @@ - assert(i < self->ufd_len); - /* Never overflow */ - self->ufds[i].fd = (int)PyInt_AsLong(key); -+ /* Why does a bitfield need to be signed at all? */ - self->ufds[i].events = (short)PyInt_AsLong(value); - i++; - } -@@ -366,10 +367,10 @@ - { - PyObject *o, *key, *value; - int fd; -- short events = POLLIN | POLLPRI | POLLOUT; -+ unsigned short events = POLLIN | POLLPRI | POLLOUT; - int err; - -- if (!PyArg_ParseTuple(args, "O|h:register", &o, &events)) { -+ if (!PyArg_ParseTuple(args, "O|H:register", &o, &events)) { - return NULL; - } - -@@ -409,10 +410,11 @@ - poll_modify(pollObject *self, PyObject *args) - { - PyObject *o, *key, *value; -- int fd, events; -+ int fd; -+ unsigned short events; - int err; - -- if (!PyArg_ParseTuple(args, "Oi:modify", &o, &events)) { -+ if (!PyArg_ParseTuple(args, "OH:modify", &o, &events)) { - return NULL; - } - -@@ -552,11 +554,12 @@ - } - PyTuple_SET_ITEM(value, 0, num); - -- /* The &0xffff is a workaround for AIX. 'revents' -- is a 16-bit short, and IBM assigned POLLNVAL -+ /* The 'unsigned' cast is necessary for AIX. 'revents' -+ is a 16-bit signed short, but IBM assigned POLLNVAL - to be 0x8000, so the conversion to int results -- in a negative number. See SF bug #923315. */ -- num = PyInt_FromLong(self->ufds[i].revents & 0xffff); -+ in a negative number. See issue17919 and issue923315. -+ Why does a bitfield need to be signed at all? */ -+ num = PyInt_FromLong((unsigned short)self->ufds[i].revents); - if (num == NULL) { - Py_DECREF(value); - goto error; diff --git a/dev-lang/python/files/python-2.7-issue18235.patch b/dev-lang/python/files/python-2.7-issue18235.patch deleted file mode 100644 index d4d0fb0673..0000000000 --- a/dev-lang/python/files/python-2.7-issue18235.patch +++ /dev/null @@ -1,45 +0,0 @@ -Issue #18235: _sysconfigdata.py wrong on AIX installations - ---- Lib/sysconfig.py -+++ Lib/sysconfig.py -@@ -307,7 +307,7 @@ - # -- these paths are relative to the Python source, but when installed - # the scripts are in another directory. - if _PYTHON_BUILD: -- vars['LDSHARED'] = vars['BLDSHARED'] -+ vars['BLDSHARED'] = vars['LDSHARED'] - - # There's a chicken-and-egg situation on OS X with regards to the - # _sysconfigdata module after the changes introduced by #15298: ---- Makefile.pre.in -+++ Makefile.pre.in -@@ -1123,7 +1123,7 @@ - $(INSTALL_SCRIPT) $(srcdir)/Modules/makexp_aix \ - $(DESTDIR)$(LIBPL)/makexp_aix; \ - echo "$(LIBPL)/makexp_aix"; \ -- $(INSTALL_SCRIPT) $(srcdir)/Modules/ld_so_aix \ -+ $(INSTALL_SCRIPT) $(abs_builddir)/Modules/ld_so_aix \ - $(DESTDIR)$(LIBPL)/ld_so_aix; \ - echo "$(LIBPL)/ld_so_aix"; \ - echo; echo "See Misc/AIX-NOTES for details."; \ ---- Modules/ld_so_aix.in -+++ Modules/ld_so_aix.in -@@ -70,6 +70,7 @@ - fi - - makexp=`dirname $0`/makexp_aix -+test -x "${makexp}" || makexp="@abs_srcdir@/makexp_aix" - - # Check for existence of compiler. - CC=$1; shift ---- configure.ac -+++ configure.ac -@@ -1958,7 +1958,7 @@ - then - case $ac_sys_system/$ac_sys_release in - AIX*) -- BLDSHARED="\$(srcdir)/Modules/ld_so_aix \$(CC) -bI:\$(srcdir)/Modules/python.exp" -+ BLDSHARED="\$(abs_builddir)/Modules/ld_so_aix \$(CC) -bI:\$(abs_builddir)/Modules/python.exp" - LDSHARED="\$(BINLIBDEST)/config/ld_so_aix \$(CC) -bI:\$(BINLIBDEST)/config/python.exp" - ;; - BeOS*) diff --git a/dev-lang/python/files/python-2.7-issue18851.patch b/dev-lang/python/files/python-2.7-issue18851.patch deleted file mode 100644 index 35c69ae22e..0000000000 --- a/dev-lang/python/files/python-2.7-issue18851.patch +++ /dev/null @@ -1,287 +0,0 @@ -# HG changeset patch -# User Antoine Pitrou <[email protected]> -# Date 1377898693 -7200 -# Node ID 43749cb6bdbd0fdab70f76cd171c3c02a3f600dd -# Parent ba54011aa295004ad87438211fe3bb1568dd69ab -Issue #18851: Avoid a double close of subprocess pipes when the child process fails starting. - -diff --git a/Lib/subprocess.py b/Lib/subprocess.py ---- a/Lib/subprocess.py -+++ b/Lib/subprocess.py -@@ -698,12 +698,12 @@ class Popen(object): - - (p2cread, p2cwrite, - c2pread, c2pwrite, -- errread, errwrite) = self._get_handles(stdin, stdout, stderr) -+ errread, errwrite), to_close = self._get_handles(stdin, stdout, stderr) - - try: - self._execute_child(args, executable, preexec_fn, close_fds, - cwd, env, universal_newlines, -- startupinfo, creationflags, shell, -+ startupinfo, creationflags, shell, to_close, - p2cread, p2cwrite, - c2pread, c2pwrite, - errread, errwrite) -@@ -711,18 +711,12 @@ class Popen(object): - # Preserve original exception in case os.close raises. - exc_type, exc_value, exc_trace = sys.exc_info() - -- to_close = [] -- # Only close the pipes we created. -- if stdin == PIPE: -- to_close.extend((p2cread, p2cwrite)) -- if stdout == PIPE: -- to_close.extend((c2pread, c2pwrite)) -- if stderr == PIPE: -- to_close.extend((errread, errwrite)) -- - for fd in to_close: - try: -- os.close(fd) -+ if mswindows: -+ fd.Close() -+ else: -+ os.close(fd) - except EnvironmentError: - pass - -@@ -816,8 +810,9 @@ class Popen(object): - """Construct and return tuple with IO objects: - p2cread, p2cwrite, c2pread, c2pwrite, errread, errwrite - """ -+ to_close = set() - if stdin is None and stdout is None and stderr is None: -- return (None, None, None, None, None, None) -+ return (None, None, None, None, None, None), to_close - - p2cread, p2cwrite = None, None - c2pread, c2pwrite = None, None -@@ -835,6 +830,10 @@ class Popen(object): - # Assuming file-like object - p2cread = msvcrt.get_osfhandle(stdin.fileno()) - p2cread = self._make_inheritable(p2cread) -+ # We just duplicated the handle, it has to be closed at the end -+ to_close.add(p2cread) -+ if stdin == PIPE: -+ to_close.add(p2cwrite) - - if stdout is None: - c2pwrite = _subprocess.GetStdHandle(_subprocess.STD_OUTPUT_HANDLE) -@@ -848,6 +847,10 @@ class Popen(object): - # Assuming file-like object - c2pwrite = msvcrt.get_osfhandle(stdout.fileno()) - c2pwrite = self._make_inheritable(c2pwrite) -+ # We just duplicated the handle, it has to be closed at the end -+ to_close.add(c2pwrite) -+ if stdout == PIPE: -+ to_close.add(c2pread) - - if stderr is None: - errwrite = _subprocess.GetStdHandle(_subprocess.STD_ERROR_HANDLE) -@@ -863,10 +866,14 @@ class Popen(object): - # Assuming file-like object - errwrite = msvcrt.get_osfhandle(stderr.fileno()) - errwrite = self._make_inheritable(errwrite) -+ # We just duplicated the handle, it has to be closed at the end -+ to_close.add(errwrite) -+ if stderr == PIPE: -+ to_close.add(errread) - - return (p2cread, p2cwrite, - c2pread, c2pwrite, -- errread, errwrite) -+ errread, errwrite), to_close - - - def _make_inheritable(self, handle): -@@ -895,7 +902,7 @@ class Popen(object): - - def _execute_child(self, args, executable, preexec_fn, close_fds, - cwd, env, universal_newlines, -- startupinfo, creationflags, shell, -+ startupinfo, creationflags, shell, to_close, - p2cread, p2cwrite, - c2pread, c2pwrite, - errread, errwrite): -@@ -934,6 +941,10 @@ class Popen(object): - # kill children. - creationflags |= _subprocess.CREATE_NEW_CONSOLE - -+ def _close_in_parent(fd): -+ fd.Close() -+ to_close.remove(fd) -+ - # Start the process - try: - hp, ht, pid, tid = _subprocess.CreateProcess(executable, args, -@@ -958,11 +969,11 @@ class Popen(object): - # pipe will not close when the child process exits and the - # ReadFile will hang. - if p2cread is not None: -- p2cread.Close() -+ _close_in_parent(p2cread) - if c2pwrite is not None: -- c2pwrite.Close() -+ _close_in_parent(c2pwrite) - if errwrite is not None: -- errwrite.Close() -+ _close_in_parent(errwrite) - - # Retain the process handle, but close the thread handle - self._child_created = True -@@ -1088,6 +1099,7 @@ class Popen(object): - """Construct and return tuple with IO objects: - p2cread, p2cwrite, c2pread, c2pwrite, errread, errwrite - """ -+ to_close = set() - p2cread, p2cwrite = None, None - c2pread, c2pwrite = None, None - errread, errwrite = None, None -@@ -1096,6 +1108,7 @@ class Popen(object): - pass - elif stdin == PIPE: - p2cread, p2cwrite = self.pipe_cloexec() -+ to_close.update((p2cread, p2cwrite)) - elif isinstance(stdin, int): - p2cread = stdin - else: -@@ -1106,6 +1119,7 @@ class Popen(object): - pass - elif stdout == PIPE: - c2pread, c2pwrite = self.pipe_cloexec() -+ to_close.update((c2pread, c2pwrite)) - elif isinstance(stdout, int): - c2pwrite = stdout - else: -@@ -1116,6 +1130,7 @@ class Popen(object): - pass - elif stderr == PIPE: - errread, errwrite = self.pipe_cloexec() -+ to_close.update((errread, errwrite)) - elif stderr == STDOUT: - errwrite = c2pwrite - elif isinstance(stderr, int): -@@ -1126,7 +1141,7 @@ class Popen(object): - - return (p2cread, p2cwrite, - c2pread, c2pwrite, -- errread, errwrite) -+ errread, errwrite), to_close - - - def _set_cloexec_flag(self, fd, cloexec=True): -@@ -1170,7 +1185,7 @@ class Popen(object): - - def _execute_child(self, args, executable, preexec_fn, close_fds, - cwd, env, universal_newlines, -- startupinfo, creationflags, shell, -+ startupinfo, creationflags, shell, to_close, - p2cread, p2cwrite, - c2pread, c2pwrite, - errread, errwrite): -@@ -1189,6 +1204,10 @@ class Popen(object): - if executable is None: - executable = args[0] - -+ def _close_in_parent(fd): -+ os.close(fd) -+ to_close.remove(fd) -+ - # For transferring possible exec failure from child to parent - # The first char specifies the exception type: 0 means - # OSError, 1 means some other error. -@@ -1283,17 +1302,17 @@ class Popen(object): - # be sure the FD is closed no matter what - os.close(errpipe_write) - -- if p2cread is not None and p2cwrite is not None: -- os.close(p2cread) -- if c2pwrite is not None and c2pread is not None: -- os.close(c2pwrite) -- if errwrite is not None and errread is not None: -- os.close(errwrite) -- - # Wait for exec to fail or succeed; possibly raising exception - # Exception limited to 1M - data = _eintr_retry_call(os.read, errpipe_read, 1048576) - finally: -+ if p2cread is not None and p2cwrite is not None: -+ _close_in_parent(p2cread) -+ if c2pwrite is not None and c2pread is not None: -+ _close_in_parent(c2pwrite) -+ if errwrite is not None and errread is not None: -+ _close_in_parent(errwrite) -+ - # be sure the FD is closed no matter what - os.close(errpipe_read) - -diff --git a/Lib/test/test_subprocess.py b/Lib/test/test_subprocess.py ---- a/Lib/test/test_subprocess.py -+++ b/Lib/test/test_subprocess.py -@@ -14,6 +14,10 @@ try: - import resource - except ImportError: - resource = None -+try: -+ import threading -+except ImportError: -+ threading = None - - mswindows = (sys.platform == "win32") - -@@ -629,6 +633,36 @@ class ProcessTestCase(BaseTestCase): - if c.exception.errno not in (errno.ENOENT, errno.EACCES): - raise c.exception - -+ @unittest.skipIf(threading is None, "threading required") -+ def test_double_close_on_error(self): -+ # Issue #18851 -+ fds = [] -+ def open_fds(): -+ for i in range(20): -+ fds.extend(os.pipe()) -+ time.sleep(0.001) -+ t = threading.Thread(target=open_fds) -+ t.start() -+ try: -+ with self.assertRaises(EnvironmentError): -+ subprocess.Popen(['nonexisting_i_hope'], -+ stdin=subprocess.PIPE, -+ stdout=subprocess.PIPE, -+ stderr=subprocess.PIPE) -+ finally: -+ t.join() -+ exc = None -+ for fd in fds: -+ # If a double close occurred, some of those fds will -+ # already have been closed by mistake, and os.close() -+ # here will raise. -+ try: -+ os.close(fd) -+ except OSError as e: -+ exc = e -+ if exc is not None: -+ raise exc -+ - def test_handles_closed_on_exception(self): - # If CreateProcess exits with an error, ensure the - # duplicate output handles are released -@@ -783,7 +817,7 @@ class POSIXProcessTestCase(BaseTestCase) - - def _execute_child( - self, args, executable, preexec_fn, close_fds, cwd, env, -- universal_newlines, startupinfo, creationflags, shell, -+ universal_newlines, startupinfo, creationflags, shell, to_close, - p2cread, p2cwrite, - c2pread, c2pwrite, - errread, errwrite): -@@ -791,7 +825,7 @@ class POSIXProcessTestCase(BaseTestCase) - subprocess.Popen._execute_child( - self, args, executable, preexec_fn, close_fds, - cwd, env, universal_newlines, -- startupinfo, creationflags, shell, -+ startupinfo, creationflags, shell, to_close, - p2cread, p2cwrite, - c2pread, c2pwrite, - errread, errwrite) diff --git a/dev-lang/python/files/python-2.7-libffi-pkgconfig.patch b/dev-lang/python/files/python-2.7-libffi-pkgconfig.patch deleted file mode 100644 index eef3613257..0000000000 --- a/dev-lang/python/files/python-2.7-libffi-pkgconfig.patch +++ /dev/null @@ -1,44 +0,0 @@ -diff -u -r Python-2.7.5-orig//configure.ac Python-2.7.5/configure.ac ---- Python-2.7.5-orig//configure.ac 2014-03-06 04:35:31.000000000 +0100 -+++ Python-2.7.5/configure.ac 2014-03-06 04:58:10.000000000 +0100 -@@ -2300,10 +2300,13 @@ - - if test "$with_system_ffi" = "yes" && test -n "$PKG_CONFIG"; then - LIBFFI_INCLUDEDIR="`"$PKG_CONFIG" libffi --cflags-only-I 2>/dev/null | sed -e 's/^-I//;s/ *$//'`" -+ LIBFFI_LIB="`"$PKG_CONFIG" libffi --libs-only-l 2>/dev/null | sed -e 's/^-l//;s/ *$//'`" - else - LIBFFI_INCLUDEDIR="" -+ LIBFFI_LIB="" - fi - AC_SUBST(LIBFFI_INCLUDEDIR) -+AC_SUBST(LIBFFI_LIB) - - AC_MSG_RESULT($with_system_ffi) - -diff -u -r Python-2.7.5-orig//Makefile.pre.in Python-2.7.5/Makefile.pre.in ---- Python-2.7.5-orig//Makefile.pre.in 2014-03-06 04:35:31.000000000 +0100 -+++ Python-2.7.5/Makefile.pre.in 2014-03-06 05:03:59.000000000 +0100 -@@ -224,6 +224,7 @@ - - - LIBFFI_INCLUDEDIR= @LIBFFI_INCLUDEDIR@ -+LIBFFI_LIB= @LIBFFI_LIB@ - - ########################################################################## - # Parser -diff -u -r Python-2.7.5-orig//setup.py Python-2.7.5/setup.py ---- Python-2.7.5-orig//setup.py 2014-03-06 04:35:31.000000000 +0100 -+++ Python-2.7.5/setup.py 2014-03-06 04:56:15.000000000 +0100 -@@ -1893,8 +1893,10 @@ - break - if line.startswith('#define LIBFFI_H'): - break -- ffi_lib = None -- if ffi_inc is not None: -+ ffi_lib = sysconfig.get_config_var("LIBFFI_LIB") -+ if not ffi_lib or ffi_lib == '': -+ ffi_lib = None -+ if ffi_inc is not None and ffi_lib is None: - for lib_name in ('ffi_convenience', 'ffi_pic', 'ffi'): - if (self.compiler.find_library_file(lib_dirs, lib_name)): - ffi_lib = lib_name diff --git a/dev-lang/python/files/python-2.7-libressl-compatibility.patch b/dev-lang/python/files/python-2.7-libressl-compatibility.patch deleted file mode 100644 index c9e7a8458e..0000000000 --- a/dev-lang/python/files/python-2.7-libressl-compatibility.patch +++ /dev/null @@ -1,92 +0,0 @@ -# From https://github.com/python/cpython/pull/6215 - -# LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects -# LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and -# LibreSSL < 2.7. - -# Documentation updates and fixes for failing tests will be provided in -# another patch set. - -# Signed-off-by: Christian Heimes [email protected]. -# (cherry picked from commit 4ca0739) - -#Co-authored-by: Christian Heimes [email protected] - ---- a/Modules/_ssl.c 2017-09-16 17:38:35.000000000 +0000 -+++ b/Modules/_ssl.c 2018-04-13 15:55:10.919424126 +0000 -@@ -97,6 +102,12 @@ - - #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER) - # define OPENSSL_VERSION_1_1 1 -+# define PY_OPENSSL_1_1_API 1 -+#endif -+ -+/* LibreSSL 2.7.0 provides necessary OpenSSL 1.1.0 APIs */ -+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL -+# define PY_OPENSSL_1_1_API 1 - #endif - - /* Openssl comes with TLSv1.1 and TLSv1.2 between 1.0.0h and 1.0.1 -@@ -118,24 +129,44 @@ - #endif - - /* ALPN added in OpenSSL 1.0.2 */ --#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_TLSEXT) --# define HAVE_ALPN -+#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation -+# define HAVE_ALPN 1 -+#else -+# define HAVE_ALPN 0 -+#endif -+ -+/* We cannot rely on OPENSSL_NO_NEXTPROTONEG because LibreSSL 2.6.1 dropped -+ * NPN support but did not set OPENSSL_NO_NEXTPROTONEG for compatibility -+ * reasons. The check for TLSEXT_TYPE_next_proto_neg works with -+ * OpenSSL 1.0.1+ and LibreSSL. -+ * OpenSSL 1.1.1-pre1 dropped NPN but still has TLSEXT_TYPE_next_proto_neg. -+ */ -+#ifdef OPENSSL_NO_NEXTPROTONEG -+# define HAVE_NPN 0 -+#elif (OPENSSL_VERSION_NUMBER >= 0x10101000L) && !defined(LIBRESSL_VERSION_NUMBER) -+# define HAVE_NPN 0 -+#elif defined(TLSEXT_TYPE_next_proto_neg) -+# define HAVE_NPN 1 -+#else -+# define HAVE_NPN 0 - #endif - - #ifndef INVALID_SOCKET /* MS defines this */ - #define INVALID_SOCKET (-1) - #endif - --#ifdef OPENSSL_VERSION_1_1 --/* OpenSSL 1.1.0+ */ --#ifndef OPENSSL_NO_SSL2 --#define OPENSSL_NO_SSL2 --#endif --#else /* OpenSSL < 1.1.0 */ --#if defined(WITH_THREAD) -+/* OpenSSL 1.0.2 and LibreSSL needs extra code for locking */ -+#if !defined(OPENSSL_VERSION_1_1) && defined(WITH_THREAD) - #define HAVE_OPENSSL_CRYPTO_LOCK - #endif - -+#if defined(OPENSSL_VERSION_1_1) && !defined(OPENSSL_NO_SSL2) -+#define OPENSSL_NO_SSL2 -+#endif -+ -+#ifndef PY_OPENSSL_1_1_API -+/* OpenSSL 1.1 API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7.0 */ -+ - #define TLS_method SSLv23_method - - static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) -@@ -178,7 +209,7 @@ - { - return store->param; - } --#endif /* OpenSSL < 1.1.0 or LibreSSL */ -+#endif /* OpenSSL < 1.1.0 or LibreSSL < 2.7.0 */ - - - enum py_ssl_error { diff --git a/dev-lang/python/files/python-2.7.10-semaphore-pid.patch b/dev-lang/python/files/python-2.7.10-semaphore-pid.patch deleted file mode 100644 index 97fcbd0c49..0000000000 --- a/dev-lang/python/files/python-2.7.10-semaphore-pid.patch +++ /dev/null @@ -1,51 +0,0 @@ -Fix for semaphores in pid namespaces - -http://bugs.python.org/issue24303 - ---- a/Modules/_multiprocessing/semaphore.c -+++ b/Modules/_multiprocessing/semaphore.c -@@ -7,6 +7,7 @@ - */ - - #include "multiprocessing.h" -+#include <time.h> - - enum { RECURSIVE_MUTEX, SEMAPHORE }; - -@@ -419,7 +420,7 @@ semlock_new(PyTypeObject *type, PyObject *args, PyObject *kwds) - { - char buffer[256]; - SEM_HANDLE handle = SEM_FAILED; -- int kind, maxvalue, value; -+ int kind, maxvalue, value, try; - PyObject *result; - static char *kwlist[] = {"kind", "value", "maxvalue", NULL}; - static int counter = 0; -@@ -433,10 +434,24 @@ semlock_new(PyTypeObject *type, PyObject *args, PyObject *kwds) - return NULL; - } - -- PyOS_snprintf(buffer, sizeof(buffer), "/mp%ld-%d", (long)getpid(), counter++); -+ /* With pid namespaces, we may have multiple processes with the same pid. -+ * Instead of relying on the pid to be unique, we use the microseconds time -+ * to attempt to a unique filename. */ -+ for (try = 0; try < 100; ++try) { -+ struct timespec tv; -+ long arbitrary = clock_gettime(CLOCK_REALTIME, &tv) ? 0 : tv.tv_nsec; -+ PyOS_snprintf(buffer, sizeof(buffer), "/mp%ld-%d-%ld", -+ (long)getpid(), -+ counter++, -+ arbitrary); -+ SEM_CLEAR_ERROR(); -+ handle = SEM_CREATE(buffer, value, maxvalue); -+ if (handle != SEM_FAILED) -+ break; -+ else if (errno != EEXIST) -+ goto failure; -+ } - -- SEM_CLEAR_ERROR(); -- handle = SEM_CREATE(buffer, value, maxvalue); - /* On Windows we should fail if GetLastError()==ERROR_ALREADY_EXISTS */ - if (handle == SEM_FAILED || SEM_GET_LAST_ERROR() != 0) - goto failure; diff --git a/dev-lang/python/files/python-2.7.10-semaphore-urandom.patch b/dev-lang/python/files/python-2.7.10-semaphore-urandom.patch deleted file mode 100644 index fa3b83046b..0000000000 --- a/dev-lang/python/files/python-2.7.10-semaphore-urandom.patch +++ /dev/null @@ -1,38 +0,0 @@ -Fix for semaphores in pid namespaces - -http://bugs.python.org/issue24303 - -diff -r 5576c8240963 Modules/_multiprocessing/semaphore.c ---- a/Modules/_multiprocessing/semaphore.c Wed Apr 15 19:30:38 2015 +0100 -+++ b/Modules/_multiprocessing/semaphore.c Thu Jun 11 07:08:36 2015 +0100 -@@ -429,7 +429,7 @@ - int kind, maxvalue, value; - PyObject *result; - static char *kwlist[] = {"kind", "value", "maxvalue", NULL}; -- static int counter = 0; -+ int try = 0; - - if (!PyArg_ParseTupleAndKeywords(args, kwds, "iii", kwlist, - &kind, &value, &maxvalue)) -@@ -440,10 +440,18 @@ - return NULL; - } - -- PyOS_snprintf(buffer, sizeof(buffer), "/mp%ld-%d", (long)getpid(), counter++); -+ /* Create a semaphore with a unique name. The bytes returned by -+ * _PyOS_URandom() are treated as unsigned long to ensure that the filename -+ * is valid (no special characters). */ -+ do { -+ unsigned long suffix; -+ _PyOS_URandom((char *)&suffix, sizeof(suffix)); -+ PyOS_snprintf(buffer, sizeof(buffer), "/mp%ld-%lu", (long)getpid(), -+ suffix); -+ SEM_CLEAR_ERROR(); -+ handle = SEM_CREATE(buffer, value, maxvalue); -+ } while ((handle == SEM_FAILED) && (errno == EEXIST) && (++try < 100)); - -- SEM_CLEAR_ERROR(); -- handle = SEM_CREATE(buffer, value, maxvalue); - /* On Windows we should fail if GetLastError()==ERROR_ALREADY_EXISTS */ - if (handle == SEM_FAILED || SEM_GET_LAST_ERROR() != 0) - goto failure; diff --git a/dev-lang/python/files/python-2.7.5-library-path.patch b/dev-lang/python/files/python-2.7.5-library-path.patch deleted file mode 100644 index 6f435750a2..0000000000 --- a/dev-lang/python/files/python-2.7.5-library-path.patch +++ /dev/null @@ -1,25 +0,0 @@ -# HG changeset patch -# User Ned Deily <[email protected]> -# Date 1368666045 25200 -# Node ID cd577c3288860b0deb459443ca5c489dc0f99ef6 -# Parent 149340b3004acfcb68e5ed36b1e96b7463c756c7 -Issue #17990: Only modify include and library search paths when cross-compiling. - -diff --git a/setup.py b/setup.py ---- a/setup.py -+++ b/setup.py -@@ -437,9 +437,11 @@ class PyBuildExt(build_ext): - - def detect_modules(self): - # Ensure that /usr/local is always used -- add_dir_to_list(self.compiler.library_dirs, '/usr/local/lib') -- add_dir_to_list(self.compiler.include_dirs, '/usr/local/include') -- self.add_gcc_paths() -+ if not cross_compiling: -+ add_dir_to_list(self.compiler.library_dirs, '/usr/local/lib') -+ add_dir_to_list(self.compiler.include_dirs, '/usr/local/include') -+ if cross_compiling: -+ self.add_gcc_paths() - self.add_multiarch_paths() - - # Add paths specified in the environment variables LDFLAGS and diff --git a/dev-lang/python/files/python-2.7.5-re_unsigned_ptrdiff.patch b/dev-lang/python/files/python-2.7.5-re_unsigned_ptrdiff.patch deleted file mode 100644 index a905839a25..0000000000 --- a/dev-lang/python/files/python-2.7.5-re_unsigned_ptrdiff.patch +++ /dev/null @@ -1,23 +0,0 @@ -https://bugs.gentoo.org/show_bug.cgi?id=476426 -http://bugs.python.org/issue17998 -diff -r d91da96a55bf Modules/_sre.c ---- a/Modules/_sre.c Thu May 16 22:47:47 2013 +0100 -+++ b/Modules/_sre.c Fri May 17 21:02:48 2013 +0300 -@@ -1028,7 +1028,7 @@ - TRACE(("|%p|%p|REPEAT_ONE %d %d\n", ctx->pattern, ctx->ptr, - ctx->pattern[1], ctx->pattern[2])); - -- if (ctx->pattern[1] > end - ctx->ptr) -+ if ((Py_ssize_t) ctx->pattern[1] > end - ctx->ptr) - RETURN_FAILURE; /* cannot match */ - - state->ptr = ctx->ptr; -@@ -1111,7 +1111,7 @@ - TRACE(("|%p|%p|MIN_REPEAT_ONE %d %d\n", ctx->pattern, ctx->ptr, - ctx->pattern[1], ctx->pattern[2])); - -- if (ctx->pattern[1] > end - ctx->ptr) -+ if ((Py_ssize_t) ctx->pattern[1] > end - ctx->ptr) - RETURN_FAILURE; /* cannot match */ - - state->ptr = ctx->ptr; diff --git a/dev-lang/python/files/python-2.7.6-recvfrom_into_buffer_overflow.patch b/dev-lang/python/files/python-2.7.6-recvfrom_into_buffer_overflow.patch deleted file mode 100644 index 37e786bd3a..0000000000 --- a/dev-lang/python/files/python-2.7.6-recvfrom_into_buffer_overflow.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff -r 40fb60df4755 Modules/socketmodule.c ---- a/Modules/socketmodule.c Sun Jan 12 12:11:47 2014 +0200 -+++ b/Modules/socketmodule.c Mon Jan 13 16:36:35 2014 -0800 -@@ -2744,6 +2744,13 @@ - recvlen = buflen; - } - -+ /* Check if the buffer is large enough */ -+ if (buflen < recvlen) { -+ PyErr_SetString(PyExc_ValueError, -+ "buffer too small for requested bytes"); -+ goto error; -+ } -+ - readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr); - if (readlen < 0) { - /* Return an error */ diff --git a/dev-lang/python/files/python-3.2-CVE-2013-2099.patch b/dev-lang/python/files/python-3.2-CVE-2013-2099.patch deleted file mode 100644 index 9055a03dfc..0000000000 --- a/dev-lang/python/files/python-3.2-CVE-2013-2099.patch +++ /dev/null @@ -1,51 +0,0 @@ -# HG changeset patch -# User Antoine Pitrou <[email protected]> -# Date 1368892602 -7200 -# Sat May 18 17:56:42 2013 +0200 -# Branch 3.2 -# Node ID b9b521efeba385af0142988899a55de1c1c805c7 -# Parent 6255b40c6a6127933d8ea7a2b9de200f5a0e6154 -Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099). - -diff --git a/Lib/ssl.py b/Lib/ssl.py ---- a/Lib/ssl.py -+++ b/Lib/ssl.py -@@ -108,9 +108,16 @@ - pass - - --def _dnsname_to_pat(dn): -+def _dnsname_to_pat(dn, max_wildcards=1): - pats = [] - for frag in dn.split(r'.'): -+ if frag.count('*') > max_wildcards: -+ # Issue #17980: avoid denials of service by refusing more -+ # than one wildcard per fragment. A survery of established -+ # policy among SSL implementations showed it to be a -+ # reasonable choice. -+ raise CertificateError( -+ "too many wildcards in certificate DNS name: " + repr(dn)) - if frag == '*': - # When '*' is a fragment by itself, it matches a non-empty dotless - # fragment. -diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py ---- a/Lib/test/test_ssl.py -+++ b/Lib/test/test_ssl.py -@@ -326,6 +326,17 @@ - self.assertRaises(ValueError, ssl.match_hostname, None, 'example.com') - self.assertRaises(ValueError, ssl.match_hostname, {}, 'example.com') - -+ # Issue #17980: avoid denials of service by refusing more than one -+ # wildcard per fragment. -+ cert = {'subject': ((('commonName', 'a*b.com'),),)} -+ ok(cert, 'axxb.com') -+ cert = {'subject': ((('commonName', 'a*b.co*'),),)} -+ ok(cert, 'axxb.com') -+ cert = {'subject': ((('commonName', 'a*b*.com'),),)} -+ with self.assertRaises(ssl.CertificateError) as cm: -+ ssl.match_hostname(cert, 'axxbxxc.com') -+ self.assertIn("too many wildcards", str(cm.exception)) -+ - def test_server_side(self): - # server_hostname doesn't work for server sockets - ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) diff --git a/dev-lang/python/files/python-3.2-CVE-2014-1912.patch b/dev-lang/python/files/python-3.2-CVE-2014-1912.patch deleted file mode 100644 index 0e095074a2..0000000000 --- a/dev-lang/python/files/python-3.2-CVE-2014-1912.patch +++ /dev/null @@ -1,51 +0,0 @@ -# HG changeset patch -# User Benjamin Peterson <[email protected]> -# Date 1389671978 18000 -# Node ID 9c56217e5c793685eeaf0ee224848c402bdf1e4c -# Parent 2b5cd6d4d149dea6c6941b7e07ada248b29fc9f6 -complain when nbytes > buflen to fix possible buffer overflow (closes #20246) - -diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py ---- a/Lib/test/test_socket.py -+++ b/Lib/test/test_socket.py -@@ -1968,6 +1968,14 @@ class BufferIOTest(SocketConnectedTest): - - _testRecvFromIntoMemoryview = _testRecvFromIntoArray - -+ def testRecvFromIntoSmallBuffer(self): -+ # See issue #20246. -+ buf = bytearray(8) -+ self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024) -+ -+ def _testRecvFromIntoSmallBuffer(self): -+ self.serv_conn.send(MSG*2048) -+ - - TIPC_STYPE = 2000 - TIPC_LOWER = 200 -diff --git a/Misc/ACKS b/Misc/ACKS ---- a/Misc/ACKS -+++ b/Misc/ACKS -@@ -1020,6 +1020,7 @@ Eric V. Smith - Christopher Smith - Gregory P. Smith - Roy Smith -+Ryan Smith-Roberts - Rafal Smotrzyk - Dirk Soede - Paul Sokolovsky -diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c ---- a/Modules/socketmodule.c -+++ b/Modules/socketmodule.c -@@ -2598,6 +2598,11 @@ sock_recvfrom_into(PySocketSockObject *s - if (recvlen == 0) { - /* If nbytes was not specified, use the buffer's length */ - recvlen = buflen; -+ } else if (recvlen > buflen) { -+ PyBuffer_Release(&pbuf); -+ PyErr_SetString(PyExc_ValueError, -+ "nbytes is greater than the length of the buffer"); -+ return NULL; - } - - readlen = sock_recvfrom_guts(s, buf, recvlen, flags, &addr); diff --git a/dev-lang/python/files/python-3.2-CVE-2014-4616.patch b/dev-lang/python/files/python-3.2-CVE-2014-4616.patch deleted file mode 100644 index 5b0a397487..0000000000 --- a/dev-lang/python/files/python-3.2-CVE-2014-4616.patch +++ /dev/null @@ -1,39 +0,0 @@ -# HG changeset patch -# User Benjamin Peterson <[email protected]> -# Date 1397441438 14400 -# Node ID 50c07ed1743da9cd4540d83de0c30bd17aeb41b0 -# Parent 218e28a935ab4494d05215c243e2129625a71893 -in scan_once, prevent the reading of arbitrary memory when passed a negative index - -Bug reported by Guido Vranken. - -Index: Python-3.2.5/Lib/json/tests/test_decode.py -=================================================================== ---- Python-3.2.5.orig/Lib/test/json_tests/test_decode.py 2014-06-26 18:40:10.825269130 +0200 -+++ Python-3.2.5/Lib/test/json_tests/test_decode.py 2014-06-26 18:40:21.962323035 +0200 -@@ -60,5 +60,9 @@ - msg = 'escape' - self.assertRaisesRegexp(ValueError, msg, self.loads, s) - -+ def test_negative_index(self): -+ d = self.json.JSONDecoder() -+ self.assertRaises(ValueError, d.raw_decode, 'a'*42, -50000) -+ - class TestPyDecode(TestDecode, PyTest): pass - class TestCDecode(TestDecode, CTest): pass -Index: Python-3.2.5/Modules/_json.c -=================================================================== ---- a/Modules/_json.c -+++ b/Modules/_json.c -@@ -930,7 +930,10 @@ scan_once_unicode(PyScannerObject *s, Py - PyObject *res; - Py_UNICODE *str = PyUnicode_AS_UNICODE(pystr); - Py_ssize_t length = PyUnicode_GET_SIZE(pystr); -- if (idx >= length) { -+ if (idx < 0) -+ /* Compatibility with Python version. */ -+ idx += length; -+ if (idx < 0 || idx >= length) { - PyErr_SetNone(PyExc_StopIteration); - return NULL; - } diff --git a/dev-lang/python/files/python-3.2-issue16248.patch b/dev-lang/python/files/python-3.2-issue16248.patch deleted file mode 100644 index d0e80cae72..0000000000 --- a/dev-lang/python/files/python-3.2-issue16248.patch +++ /dev/null @@ -1,19 +0,0 @@ -# HG changeset patch -# User Georg Brandl <[email protected]> -# Date 1379142489 -7200 -# Node ID c18c18774e240377d47638fb23e8276c1ac2e606 -# Parent b9b521efeba385af0142988899a55de1c1c805c7 -Fix tkinter regression introduced by the security fix in #16248. - -diff --git a/Lib/tkinter/__init__.py b/Lib/tkinter/__init__.py ---- a/Lib/tkinter/__init__.py -+++ b/Lib/tkinter/__init__.py -@@ -1722,7 +1722,7 @@ class Tk(Misc, Wm): - # ensure that self.tk is always _something_. - self.tk = None - if baseName is None: -- import sys, os -+ import os - baseName = os.path.basename(sys.argv[0]) - baseName, ext = os.path.splitext(baseName) - if ext not in ('.py', '.pyc', '.pyo'): diff --git a/dev-lang/python/files/python-3.2-issue17919.patch b/dev-lang/python/files/python-3.2-issue17919.patch deleted file mode 100644 index a0a2cedde0..0000000000 --- a/dev-lang/python/files/python-3.2-issue17919.patch +++ /dev/null @@ -1,74 +0,0 @@ ---- Modules/selectmodule.c.orig 2013-11-11 17:19:26.900910431 +0100 -+++ Modules/selectmodule.c 2013-11-11 17:22:56.819926607 +0100 -@@ -343,7 +343,8 @@ - assert(i < self->ufd_len); - /* Never overflow */ - self->ufds[i].fd = (int)PyLong_AsLong(key); -- self->ufds[i].events = (short)PyLong_AsLong(value); -+ /* Why does a bitfield need to be signed at all? */ -+ self->ufds[i].events = (short)PyLong_AsUnsignedLong(value); - i++; - } - assert(i == self->ufd_len); -@@ -363,10 +364,10 @@ - { - PyObject *o, *key, *value; - int fd; -- short events = POLLIN | POLLPRI | POLLOUT; -+ unsigned short events = POLLIN | POLLPRI | POLLOUT; - int err; - -- if (!PyArg_ParseTuple(args, "O|h:register", &o, &events)) { -+ if (!PyArg_ParseTuple(args, "O|H:register", &o, &events)) { - return NULL; - } - -@@ -378,7 +379,7 @@ - key = PyLong_FromLong(fd); - if (key == NULL) - return NULL; -- value = PyLong_FromLong(events); -+ value = PyLong_FromUnsignedLong(events); - if (value == NULL) { - Py_DECREF(key); - return NULL; -@@ -406,10 +407,11 @@ - poll_modify(pollObject *self, PyObject *args) - { - PyObject *o, *key, *value; -- int fd, events; -+ int fd; -+ unsigned short events; - int err; - -- if (!PyArg_ParseTuple(args, "Oi:modify", &o, &events)) { -+ if (!PyArg_ParseTuple(args, "OH:modify", &o, &events)) { - return NULL; - } - -@@ -426,7 +428,7 @@ - Py_DECREF(key); - return NULL; - } -- value = PyLong_FromLong(events); -+ value = PyLong_FromUnsignedLong(events); - if (value == NULL) { - Py_DECREF(key); - return NULL; -@@ -550,11 +552,12 @@ - } - PyTuple_SET_ITEM(value, 0, num); - -- /* The &0xffff is a workaround for AIX. 'revents' -- is a 16-bit short, and IBM assigned POLLNVAL -+ /* The 'unsigned' cast is necessary for AIX. 'revents' -+ is a 16-bit signed short, but IBM assigned POLLNVAL - to be 0x8000, so the conversion to int results -- in a negative number. See SF bug #923315. */ -- num = PyLong_FromLong(self->ufds[i].revents & 0xffff); -+ in a negative number. See issue17919 and issue923315. -+ Why does a bitfield need to be signed at all? */ -+ num = PyLong_FromUnsignedLong((unsigned short)self->ufds[i].revents); - if (num == NULL) { - Py_DECREF(value); - goto error; diff --git a/dev-lang/python/files/python-3.2-issue18235.patch b/dev-lang/python/files/python-3.2-issue18235.patch deleted file mode 100644 index fc8e5cb969..0000000000 --- a/dev-lang/python/files/python-3.2-issue18235.patch +++ /dev/null @@ -1,45 +0,0 @@ -Issue #18235: _sysconfigdata.py wrong on AIX installations - ---- Lib/sysconfig.py -+++ Lib/sysconfig.py -@@ -351,7 +351,7 @@ - # -- these paths are relative to the Python source, but when installed - # the scripts are in another directory. - if _PYTHON_BUILD: -- vars['LDSHARED'] = vars['BLDSHARED'] -+ vars['BLDSHARED'] = vars['LDSHARED'] - - def _init_non_posix(vars): - """Initialize the module as appropriate for NT""" ---- Makefile.pre.in -+++ Makefile.pre.in -@@ -1147,7 +1147,7 @@ - $(INSTALL_SCRIPT) $(srcdir)/Modules/makexp_aix \ - $(DESTDIR)$(LIBPL)/makexp_aix; \ - echo "$(LIBPL)/makexp_aix"; \ -- $(INSTALL_SCRIPT) $(srcdir)/Modules/ld_so_aix \ -+ $(INSTALL_SCRIPT) $(abs_builddir)/Modules/ld_so_aix \ - $(DESTDIR)$(LIBPL)/ld_so_aix; \ - echo "$(LIBPL)/ld_so_aix"; \ - echo; echo "See Misc/AIX-NOTES for details."; \ ---- Modules/ld_so_aix.in -+++ Modules/ld_so_aix.in -@@ -70,6 +70,7 @@ - fi - - makexp=`dirname $0`/makexp_aix -+test -x "${makexp}" || makexp="@abs_srcdir@/makexp_aix" - - # Check for existence of compiler. - CC=$1; shift ---- configure.ac -+++ configure.ac -@@ -1754,7 +1754,7 @@ - then - case $ac_sys_system/$ac_sys_release in - AIX*) -- BLDSHARED="\$(srcdir)/Modules/ld_so_aix \$(CC) -bI:\$(srcdir)/Modules/python.exp" -+ BLDSHARED="\$(abs_builddir)/Modules/ld_so_aix \$(CC) -bI:\$(abs_builddir)/Modules/python.exp" - LDSHARED="\$(BINLIBDEST)/config/ld_so_aix \$(CC) -bI:\$(BINLIBDEST)/config/python.exp" - ;; - IRIX/5*) LDSHARED="ld -shared";; diff --git a/dev-lang/python/files/python-3.2-issue19521.patch b/dev-lang/python/files/python-3.2-issue19521.patch deleted file mode 100644 index c31a25ed44..0000000000 --- a/dev-lang/python/files/python-3.2-issue19521.patch +++ /dev/null @@ -1,87 +0,0 @@ -Issue #19521: parallel build race condition on AIX since python-3.2 - ---- configure.ac -+++ configure.ac -@@ -641,21 +641,12 @@ - # If CXX is set, and if it is needed to link a main function that was - # compiled with CXX, LINKCC is CXX instead. Always using CXX is undesirable: - # python might then depend on the C++ runtime --# This is altered for AIX in order to build the export list before --# linking. - AC_SUBST(LINKCC) - AC_MSG_CHECKING(LINKCC) - if test -z "$LINKCC" - then - LINKCC='$(PURIFY) $(MAINCC)' - case $ac_sys_system in -- AIX*) -- exp_extra="\"\"" -- if test $ac_sys_release -ge 5 -o \ -- $ac_sys_release -eq 4 -a `uname -r` -ge 2 ; then -- exp_extra="." -- fi -- LINKCC="\$(srcdir)/Modules/makexp_aix Modules/python.exp $exp_extra \$(LIBRARY); $LINKCC";; - QNX*) - # qcc must be used because the other compilers do not - # support -N. -@@ -664,6 +655,20 @@ - fi - AC_MSG_RESULT($LINKCC) - -+# EXPORTSYMS holds the list of exported symbols for AIX. -+AC_SUBST(EXPORTSYMS) -+AC_MSG_CHECKING(EXPORTSYMS) -+case $ac_sys_system in -+AIX*) -+ if test -z "$EXPORTSYMS"; then -+ EXPORTSYMS="Modules/python.exp" -+ fi -+ ;; -+*) -+ EXPORTSYMS= ;; -+esac -+AC_MSG_RESULT($EXPORTSYMS) -+ - # GNULD is set to "yes" if the GNU linker is used. If this goes wrong - # make sure we default having it set to "no": this is used by - # distutils.unixccompiler to know if it should add --enable-new-dtags ---- Makefile.pre.in -+++ Makefile.pre.in -@@ -132,6 +132,8 @@ - BLDSHARED= @BLDSHARED@ $(PY_LDFLAGS) - LDCXXSHARED= @LDCXXSHARED@ - DESTSHARED= $(BINLIBDEST)/lib-dynload -+# list of exported symbols for AIX -+EXPORTSYMS= @EXPORTSYMS@ - - # Executable suffix (.exe on Windows and Mac OS X) - EXE= @EXEEXT@ -@@ -439,7 +441,7 @@ - - - # Build the interpreter --$(BUILDPYTHON): Modules/python.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) -+$(BUILDPYTHON): Modules/python.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) $(EXPORTSYMS) - $(LINKCC) $(PY_LDFLAGS) $(LINKFORSHARED) -o $@ Modules/python.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST) - - platform: $(BUILDPYTHON) -@@ -509,6 +511,10 @@ - libpython$(VERSION).sl: $(LIBRARY_OBJS) - $(LDSHARED) -o $@ $(LIBRARY_OBJS) $(MODLIBS) $(SHLIBS) $(LIBC) $(LIBM) $(LDLAST) - -+# list of exported symbols for AIX -+Modules/python.exp: $(LIBRARY) -+ $(srcdir)/Modules/makexp_aix $@ . $? -+ - # Copy up the gdb python hooks into a position where they can be automatically - # loaded by gdb during Lib/test/test_gdb.py - # -@@ -580,7 +586,7 @@ - echo "-----------------------------------------------"; \ - fi - --Modules/_testembed: Modules/_testembed.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) -+Modules/_testembed: Modules/_testembed.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) $(EXPORTSYMS) - $(LINKCC) $(PY_LDFLAGS) $(LINKFORSHARED) -o $@ Modules/_testembed.o $(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST) - - ############################################################################ diff --git a/dev-lang/python/files/python-3.2-issue19529.patch b/dev-lang/python/files/python-3.2-issue19529.patch deleted file mode 100644 index 595d979b1f..0000000000 --- a/dev-lang/python/files/python-3.2-issue19529.patch +++ /dev/null @@ -1,14 +0,0 @@ -Issue #19529: Fix unicode_aswidechar() with 4byte unicode and 2byte wchar_t, for AIX - ---- Objects/unicodeobject.c -+++ Objects/unicodeobject.c -@@ -1267,7 +1267,7 @@ - Py_ssize_t nchar; - - u = PyUnicode_AS_UNICODE(unicode); -- uend = u + PyUnicode_GET_SIZE(u); -+ uend = u + PyUnicode_GET_SIZE(unicode); - if (w != NULL) { - worig = w; - wend = w + size; - diff --git a/dev-lang/python/files/python-3.2-libffi-pkgconfig.patch b/dev-lang/python/files/python-3.2-libffi-pkgconfig.patch deleted file mode 100644 index 45cb213d43..0000000000 --- a/dev-lang/python/files/python-3.2-libffi-pkgconfig.patch +++ /dev/null @@ -1,44 +0,0 @@ -diff -u -r Python-3.3.3-orig//configure.ac Python-3.3.3/configure.ac ---- Python-3.3.3-orig//configure.ac 2014-03-06 05:25:46.000000000 +0100 -+++ Python-3.3.3/configure.ac 2014-03-06 05:26:27.000000000 +0100 -@@ -2247,10 +2247,13 @@ - - if test "$with_system_ffi" = "yes" && test -n "$PKG_CONFIG"; then - LIBFFI_INCLUDEDIR="`"$PKG_CONFIG" libffi --cflags-only-I 2>/dev/null | sed -e 's/^-I//;s/ *$//'`" -+ LIBFFI_LIB="`"$PKG_CONFIG" libffi --libs-only-l 2>/dev/null | sed -e 's/^-l//;s/ *$//'`" - else - LIBFFI_INCLUDEDIR="" -+ LIBFFI_LIB="" - fi - AC_SUBST(LIBFFI_INCLUDEDIR) -+AC_SUBST(LIBFFI_LIB) - - AC_MSG_RESULT($with_system_ffi) - -diff -u -r Python-3.3.3-orig//Makefile.pre.in Python-3.3.3/Makefile.pre.in ---- Python-3.3.3-orig//Makefile.pre.in 2014-03-06 05:25:46.000000000 +0100 -+++ Python-3.3.3/Makefile.pre.in 2014-03-06 05:26:42.000000000 +0100 -@@ -252,6 +252,7 @@ - - - LIBFFI_INCLUDEDIR= @LIBFFI_INCLUDEDIR@ -+LIBFFI_LIB= @LIBFFI_LIB@ - - ########################################################################## - # Parser -diff -u -r Python-3.3.3-orig//setup.py Python-3.3.3/setup.py ---- Python-3.3.3-orig//setup.py 2014-03-06 05:25:46.000000000 +0100 -+++ Python-3.3.3/setup.py 2014-03-06 05:27:05.000000000 +0100 -@@ -1763,8 +1763,10 @@ - break - if line.startswith('#define LIBFFI_H'): - break -- ffi_lib = None -- if ffi_inc is not None: -+ ffi_lib = sysconfig.get_config_var("LIBFFI_LIB") -+ if not ffi_lib or ffi_lib == '': -+ ffi_lib = None -+ if ffi_inc is not None and ffi_lib is None: - for lib_name in ('ffi_convenience', 'ffi_pic', 'ffi'): - if (self.compiler.find_library_file(lib_dirs, lib_name)): - ffi_lib = lib_name diff --git a/dev-lang/python/files/python-3.3-CVE-2013-2099.patch b/dev-lang/python/files/python-3.3-CVE-2013-2099.patch deleted file mode 100644 index 44b9acede4..0000000000 --- a/dev-lang/python/files/python-3.3-CVE-2013-2099.patch +++ /dev/null @@ -1,51 +0,0 @@ -# HG changeset patch -# User Antoine Pitrou <[email protected]> -# Date 1368892602 -7200 -# Sat May 18 17:56:42 2013 +0200 -# Branch 3.3 -# Node ID c627638753e2d25a98950585b259104a025937a9 -# Parent 9682241dc8fcb4b1aef083bd30860efa070c3d6d -Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099). - -diff --git a/Lib/ssl.py b/Lib/ssl.py ---- a/Lib/ssl.py -+++ b/Lib/ssl.py -@@ -129,9 +129,16 @@ - pass - - --def _dnsname_to_pat(dn): -+def _dnsname_to_pat(dn, max_wildcards=1): - pats = [] - for frag in dn.split(r'.'): -+ if frag.count('*') > max_wildcards: -+ # Issue #17980: avoid denials of service by refusing more -+ # than one wildcard per fragment. A survery of established -+ # policy among SSL implementations showed it to be a -+ # reasonable choice. -+ raise CertificateError( -+ "too many wildcards in certificate DNS name: " + repr(dn)) - if frag == '*': - # When '*' is a fragment by itself, it matches a non-empty dotless - # fragment. -diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py ---- a/Lib/test/test_ssl.py -+++ b/Lib/test/test_ssl.py -@@ -349,6 +349,17 @@ - self.assertRaises(ValueError, ssl.match_hostname, None, 'example.com') - self.assertRaises(ValueError, ssl.match_hostname, {}, 'example.com') - -+ # Issue #17980: avoid denials of service by refusing more than one -+ # wildcard per fragment. -+ cert = {'subject': ((('commonName', 'a*b.com'),),)} -+ ok(cert, 'axxb.com') -+ cert = {'subject': ((('commonName', 'a*b.co*'),),)} -+ ok(cert, 'axxb.com') -+ cert = {'subject': ((('commonName', 'a*b*.com'),),)} -+ with self.assertRaises(ssl.CertificateError) as cm: -+ ssl.match_hostname(cert, 'axxbxxc.com') -+ self.assertIn("too many wildcards", str(cm.exception)) -+ - def test_server_side(self): - # server_hostname doesn't work for server sockets - ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) diff --git a/dev-lang/python/files/python-3.3-issue17919.patch b/dev-lang/python/files/python-3.3-issue17919.patch deleted file mode 100644 index 5dd60ea055..0000000000 --- a/dev-lang/python/files/python-3.3-issue17919.patch +++ /dev/null @@ -1,112 +0,0 @@ ---- Modules/selectmodule.c.orig 2013-11-11 17:24:34.835918627 +0100 -+++ Modules/selectmodule.c 2013-11-11 17:28:20.897906748 +0100 -@@ -360,7 +360,8 @@ - assert(i < self->ufd_len); - /* Never overflow */ - self->ufds[i].fd = (int)PyLong_AsLong(key); -- self->ufds[i].events = (short)PyLong_AsLong(value); -+ /* Why does a bitfield need to be signed at all? */ -+ self->ufds[i].events = (short)PyLong_AsUnsignedLong(value); - i++; - } - assert(i == self->ufd_len); -@@ -380,10 +381,10 @@ - { - PyObject *o, *key, *value; - int fd; -- short events = POLLIN | POLLPRI | POLLOUT; -+ unsigned short events = POLLIN | POLLPRI | POLLOUT; - int err; - -- if (!PyArg_ParseTuple(args, "O|h:register", &o, &events)) { -+ if (!PyArg_ParseTuple(args, "O|H:register", &o, &events)) { - return NULL; - } - -@@ -395,7 +396,7 @@ - key = PyLong_FromLong(fd); - if (key == NULL) - return NULL; -- value = PyLong_FromLong(events); -+ value = PyLong_FromUnsignedLong(events); - if (value == NULL) { - Py_DECREF(key); - return NULL; -@@ -423,10 +424,11 @@ - poll_modify(pollObject *self, PyObject *args) - { - PyObject *o, *key, *value; -- int fd, events; -+ int fd; -+ unsigned short events; - int err; - -- if (!PyArg_ParseTuple(args, "Oi:modify", &o, &events)) { -+ if (!PyArg_ParseTuple(args, "OH:modify", &o, &events)) { - return NULL; - } - -@@ -443,7 +445,7 @@ - Py_DECREF(key); - return NULL; - } -- value = PyLong_FromLong(events); -+ value = PyLong_FromUnsignedLong(events); - if (value == NULL) { - Py_DECREF(key); - return NULL; -@@ -567,11 +569,12 @@ - } - PyTuple_SET_ITEM(value, 0, num); - -- /* The &0xffff is a workaround for AIX. 'revents' -- is a 16-bit short, and IBM assigned POLLNVAL -+ /* The 'unsigned' cast is necessary for AIX. 'revents' -+ is a 16-bit signed short, but IBM assigned POLLNVAL - to be 0x8000, so the conversion to int results -- in a negative number. See SF bug #923315. */ -- num = PyLong_FromLong(self->ufds[i].revents & 0xffff); -+ in a negative number. See issue17919 and issue923315. -+ Why does a bitfield need to be signed at all? */ -+ num = PyLong_FromUnsignedLong((unsigned short)self->ufds[i].revents); - if (num == NULL) { - Py_DECREF(value); - goto error; -@@ -714,9 +717,10 @@ - internal_devpoll_register(devpollObject *self, PyObject *args, int remove) - { - PyObject *o; -- int fd, events = POLLIN | POLLPRI | POLLOUT; -+ int fd; -+ unsigned short events = POLLIN | POLLPRI | POLLOUT; - -- if (!PyArg_ParseTuple(args, "O|i:register", &o, &events)) { -+ if (!PyArg_ParseTuple(args, "O|H:register", &o, &events)) { - return NULL; - } - -@@ -734,7 +738,8 @@ - } - - self->fds[self->n_fds].fd = fd; -- self->fds[self->n_fds].events = events; -+ /* Why does a bitfield need to be signed? */ -+ self->fds[self->n_fds].events = (short)events; - - if (++self->n_fds == self->max_n_fds) { - if (devpoll_flush(self)) -@@ -862,7 +867,13 @@ - else { - for (i = 0; i < poll_result; i++) { - num1 = PyLong_FromLong(self->fds[i].fd); -- num2 = PyLong_FromLong(self->fds[i].revents); -+ /* The 'unsigned' cast may become necessary for AIX when it -+ starts to provide /dev/poll (maybe never). 'revents' -+ is a 16-bit signed short, but IBM assigned POLLNVAL -+ to be 0x8000, so the conversion to int results -+ in a negative number. See issue17919 and issue923315. -+ Why does a bitfield need to be signed at all? */ -+ num2 = PyLong_FromUnsignedLong((unsigned short)self->fds[i].revents); - if ((num1 == NULL) || (num2 == NULL)) { - Py_XDECREF(num1); - Py_XDECREF(num2); diff --git a/dev-lang/python/files/python-3.3-issue18235.patch b/dev-lang/python/files/python-3.3-issue18235.patch deleted file mode 100644 index 1296508145..0000000000 --- a/dev-lang/python/files/python-3.3-issue18235.patch +++ /dev/null @@ -1,35 +0,0 @@ -second part of -Issue #18235: _sysconfigdata.py wrong on AIX installations - ---- Makefile.pre.in -+++ Makefile.pre.in -@@ -1147,7 +1147,7 @@ - $(INSTALL_SCRIPT) $(srcdir)/Modules/makexp_aix \ - $(DESTDIR)$(LIBPL)/makexp_aix; \ - echo "$(LIBPL)/makexp_aix"; \ -- $(INSTALL_SCRIPT) $(srcdir)/Modules/ld_so_aix \ -+ $(INSTALL_SCRIPT) $(abs_builddir)/Modules/ld_so_aix \ - $(DESTDIR)$(LIBPL)/ld_so_aix; \ - echo "$(LIBPL)/ld_so_aix"; \ - echo; echo "See Misc/AIX-NOTES for details."; \ ---- Modules/ld_so_aix.in -+++ Modules/ld_so_aix.in -@@ -70,6 +70,7 @@ - fi - - makexp=`dirname $0`/makexp_aix -+test -x "${makexp}" || makexp="@abs_srcdir@/makexp_aix" - - # Check for existence of compiler. - CC=$1; shift ---- configure.ac -+++ configure.ac -@@ -1754,7 +1754,7 @@ - then - case $ac_sys_system/$ac_sys_release in - AIX*) -- BLDSHARED="\$(srcdir)/Modules/ld_so_aix \$(CC) -bI:\$(srcdir)/Modules/python.exp" -+ BLDSHARED="\$(abs_builddir)/Modules/ld_so_aix \$(CC) -bI:\$(abs_builddir)/Modules/python.exp" - LDSHARED="\$(BINLIBDEST)/config/ld_so_aix \$(CC) -bI:\$(BINLIBDEST)/config/python.exp" - ;; - IRIX/5*) LDSHARED="ld -shared";; diff --git a/dev-lang/python/files/python-3.3-issue21811.patch b/dev-lang/python/files/python-3.3-issue21811.patch deleted file mode 100644 index 24ce42a6c5..0000000000 --- a/dev-lang/python/files/python-3.3-issue21811.patch +++ /dev/null @@ -1,46 +0,0 @@ -Modified for Gentoo to apply to patched sources - -# HG changeset patch -# User Ned Deily <[email protected]> -# Date 1403729193 25200 -# Node ID 7346ba9340975a850a83cdac932423f4fb536d0f -# Parent 3583b2bedbe7410c0f0179105d7f036a515a06ee# Parent 69ae7e4939f2fbd315b0585a197fb2be854052cc -Issue #21811: Anticipated fixes to 3.x configure for OS X 10.10 Yosemite. - ---- a/configure.ac -+++ b/configure.ac -@@ -1982,15 +1982,14 @@ - # Use -undefined dynamic_lookup whenever possible (10.3 and later). - # This allows an extension to be used in any Python - -- if test ${MACOSX_DEPLOYMENT_TARGET} '>' 10.2 -+ dep_target_major=`echo ${MACOSX_DEPLOYMENT_TARGET} | \ -+ sed 's/\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'` -+ dep_target_minor=`echo ${MACOSX_DEPLOYMENT_TARGET} | \ -+ sed 's/\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'` -+ if test ${dep_target_major} -eq 10 && \ -+ test ${dep_target_minor} -le 2 - then -- if test "${enable_universalsdk}"; then -- LDFLAGS="${UNIVERSAL_ARCH_FLAGS} -isysroot ${UNIVERSALSDK} ${LDFLAGS}" -- fi -- LDSHARED='$(CC) -bundle -undefined dynamic_lookup' -- LDCXXSHARED='$(CXX) -bundle -undefined dynamic_lookup' -- BLDSHARED="$LDSHARED" -- else -+ # building for OS X 10.0 through 10.2 - LDSHARED='$(CC) -bundle' - LDCXXSHARED='$(CXX) -bundle' - if test "$enable_framework" ; then -@@ -2004,6 +2003,11 @@ - LDSHARED="$LDSHARED "'-bundle_loader $(BINDIR)/python$(VERSION)$(EXE)' - LDCXXSHARED="$LDCXXSHARED "'-bundle_loader $(BINDIR)/python$(VERSION)$(EXE)' - fi -+ else -+ # building for OS X 10.3 and later -+ LDSHARED='$(CC) -bundle -undefined dynamic_lookup' -+ LDCXXSHARED='$(CXX) -bundle -undefined dynamic_lookup' -+ BLDSHARED="$LDSHARED" - fi - ;; - Linux*|GNU*|QNX*) diff --git a/dev-lang/python/files/python-3.4-gcc-5.patch b/dev-lang/python/files/python-3.4-gcc-5.patch deleted file mode 100644 index 80afbd1c47..0000000000 --- a/dev-lang/python/files/python-3.4-gcc-5.patch +++ /dev/null @@ -1,37 +0,0 @@ -changeset: 94583:689092296ad3 -branch: 3.4 -parent: 94579:645f3d750be1 -user: Victor Stinner <[email protected]> -date: Wed Feb 11 14:23:35 2015 +0100 -summary: Issue #23433: Fix faulthandler._stack_overflow() - -diff -r 645f3d750be1 -r 689092296ad3 Modules/faulthandler.c ---- a/Modules/faulthandler.c Tue Feb 10 14:49:32 2015 +0100 -+++ b/Modules/faulthandler.c Wed Feb 11 14:23:35 2015 +0100 -@@ -911,12 +911,12 @@ - } - - #if defined(HAVE_SIGALTSTACK) && defined(HAVE_SIGACTION) --static void* --stack_overflow(void *min_sp, void *max_sp, size_t *depth) -+static Py_uintptr_t -+stack_overflow(Py_uintptr_t min_sp, Py_uintptr_t max_sp, size_t *depth) - { - /* allocate 4096 bytes on the stack at each call */ - unsigned char buffer[4096]; -- void *sp = &buffer; -+ Py_uintptr_t sp = (Py_uintptr_t)&buffer; - *depth += 1; - if (sp < min_sp || max_sp < sp) - return sp; -@@ -929,7 +929,8 @@ - faulthandler_stack_overflow(PyObject *self) - { - size_t depth, size; -- char *sp = (char *)&depth, *stop; -+ Py_uintptr_t sp = (Py_uintptr_t)&depth; -+ Py_uintptr_t stop; - - depth = 0; - stop = stack_overflow(sp - STACK_OVERFLOW_MAX_SIZE, - diff --git a/dev-lang/python/files/python-3.4.3-ncurses-pkg-config.patch b/dev-lang/python/files/python-3.4.3-ncurses-pkg-config.patch deleted file mode 100644 index 8bfad11427..0000000000 --- a/dev-lang/python/files/python-3.4.3-ncurses-pkg-config.patch +++ /dev/null @@ -1,13 +0,0 @@ -do not hardcode /usr/include paths - ---- a/configure.ac -+++ b/configure.ac -@@ -4402,7 +4402,7 @@ fi - - # first curses header check - ac_save_cppflags="$CPPFLAGS" --CPPFLAGS="$CPPFLAGS -I/usr/include/ncursesw" -+CPPFLAGS="$CPPFLAGS `$PKG_CONFIG --cflags ncursesw`" - - AC_CHECK_HEADERS(curses.h ncurses.h) - diff --git a/dev-lang/python/files/python-3.4.5-cross.patch b/dev-lang/python/files/python-3.4.5-cross.patch deleted file mode 100644 index 7a016ffbd4..0000000000 --- a/dev-lang/python/files/python-3.4.5-cross.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/Lib/distutils/command/build_ext.py -+++ b/Lib/distutils/command/build_ext.py -@@ -729,7 +729,7 @@ - if sysconfig.get_config_var('Py_ENABLE_SHARED'): - pythonlib = 'python{}.{}{}'.format( - sys.hexversion >> 24, (sys.hexversion >> 16) & 0xff, -- sys.abiflags) -+ sysconfig.get_config_var('ABIFLAGS')) - return ext.libraries + [pythonlib] - else: - return ext.libraries diff --git a/dev-lang/python/files/python-3.5-distutils-OO-build.patch b/dev-lang/python/files/python-3.5-distutils-OO-build.patch deleted file mode 100644 index 8af8c30c76..0000000000 --- a/dev-lang/python/files/python-3.5-distutils-OO-build.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 90507018442f9adabb586fd3d0a0206b9c2f2f50 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= <[email protected]> -Date: Sun, 5 Jun 2016 08:18:01 +0200 -Subject: [PATCH] distutils: make -OO enable both opt-1 and opt-2 optimization - -Bug: http://bugs.python.org/issue27226 -Bug: https://bugs.gentoo.org/585060 ---- - Lib/distutils/command/build_py.py | 8 ++++---- - Lib/distutils/command/install_lib.py | 12 ++++++------ - 2 files changed, 10 insertions(+), 10 deletions(-) - -diff --git a/Lib/distutils/command/build_py.py b/Lib/distutils/command/build_py.py -index cf0ca57..838d4e4 100644 ---- a/Lib/distutils/command/build_py.py -+++ b/Lib/distutils/command/build_py.py -@@ -315,9 +315,9 @@ class build_py (Command): - if self.compile: - outputs.append(importlib.util.cache_from_source( - filename, optimization='')) -- if self.optimize > 0: -+ for opt in range(1, self.optimize + 1): - outputs.append(importlib.util.cache_from_source( -- filename, optimization=self.optimize)) -+ filename, optimization=opt)) - - outputs += [ - os.path.join(build_dir, filename) -@@ -387,8 +387,8 @@ class build_py (Command): - if self.compile: - byte_compile(files, optimize=0, - force=self.force, prefix=prefix, dry_run=self.dry_run) -- if self.optimize > 0: -- byte_compile(files, optimize=self.optimize, -+ for opt in range(1, self.optimize + 1): -+ byte_compile(files, optimize=opt, - force=self.force, prefix=prefix, dry_run=self.dry_run) - - class build_py_2to3(build_py, Mixin2to3): -diff --git a/Lib/distutils/command/install_lib.py b/Lib/distutils/command/install_lib.py -index 6154cf0..049b662 100644 ---- a/Lib/distutils/command/install_lib.py -+++ b/Lib/distutils/command/install_lib.py -@@ -24,8 +24,8 @@ class install_lib(Command): - # 2) compile .pyc only (--compile --no-optimize; default) - # 3) compile .pyc and "opt-1" .pyc (--compile --optimize) - # 4) compile "opt-1" .pyc only (--no-compile --optimize) -- # 5) compile .pyc and "opt-2" .pyc (--compile --optimize-more) -- # 6) compile "opt-2" .pyc only (--no-compile --optimize-more) -+ # 5) compile .pyc, "opt-1" and "opt-2" .pyc (--compile --optimize-more) -+ # 6) compile "opt-1" and "opt-2" .pyc (--no-compile --optimize-more) - # - # The UI for this is two options, 'compile' and 'optimize'. - # 'compile' is strictly boolean, and only decides whether to -@@ -132,8 +132,8 @@ class install_lib(Command): - byte_compile(files, optimize=0, - force=self.force, prefix=install_root, - dry_run=self.dry_run) -- if self.optimize > 0: -- byte_compile(files, optimize=self.optimize, -+ for opt in range(1, self.optimize + 1): -+ byte_compile(files, optimize=opt, - force=self.force, prefix=install_root, - verbose=self.verbose, dry_run=self.dry_run) - -@@ -167,9 +167,9 @@ class install_lib(Command): - if self.compile: - bytecode_files.append(importlib.util.cache_from_source( - py_file, optimization='')) -- if self.optimize > 0: -+ for opt in range(1, self.optimize + 1): - bytecode_files.append(importlib.util.cache_from_source( -- py_file, optimization=self.optimize)) -+ py_file, optimization=opt)) - - return bytecode_files - --- -2.8.3 - diff --git a/dev-lang/python/files/python-3.5.4-libffi-pkgconfig.patch b/dev-lang/python/files/python-3.5.4-libffi-pkgconfig.patch deleted file mode 100644 index 0edd83b6ae..0000000000 --- a/dev-lang/python/files/python-3.5.4-libffi-pkgconfig.patch +++ /dev/null @@ -1,44 +0,0 @@ -diff -u -r Python-3.3.3-orig//configure.ac Python-3.3.3/configure.ac ---- Python-3.3.3-orig//configure.ac 2014-03-06 05:25:46.000000000 +0100 -+++ Python-3.3.3/configure.ac 2014-03-06 05:26:27.000000000 +0100 -@@ -2247,10 +2247,13 @@ - - if test "$with_system_ffi" = "yes" && test -n "$PKG_CONFIG"; then - LIBFFI_INCLUDEDIR="`"$PKG_CONFIG" libffi --cflags-only-I 2>/dev/null | sed -e 's/^-I//;s/ *$//'`" -+ LIBFFI_LIB="`"$PKG_CONFIG" libffi --libs-only-l 2>/dev/null | sed -e 's/^-l//;s/ *$//'`" - else - LIBFFI_INCLUDEDIR="" -+ LIBFFI_LIB="" - fi - AC_SUBST(LIBFFI_INCLUDEDIR) -+AC_SUBST(LIBFFI_LIB) - - AC_MSG_RESULT($with_system_ffi) - -diff -u -r Python-3.3.3-orig//Makefile.pre.in Python-3.3.3/Makefile.pre.in ---- Python-3.3.3-orig//Makefile.pre.in 2014-03-06 05:25:46.000000000 +0100 -+++ Python-3.3.3/Makefile.pre.in 2014-03-06 05:26:42.000000000 +0100 -@@ -252,6 +252,7 @@ - - - LIBFFI_INCLUDEDIR= @LIBFFI_INCLUDEDIR@ -+LIBFFI_LIB= @LIBFFI_LIB@ - - ########################################################################## - # Parser -diff -u -r Python-3.3.3-orig//setup.py Python-3.3.3/setup.py ---- Python-3.3.3-orig//setup.py 2014-03-06 05:25:46.000000000 +0100 -+++ Python-3.3.3/setup.py 2014-03-06 05:27:05.000000000 +0100 -@@ -1763,8 +1763,10 @@ - ffi_inc = None - print('Header file {} does not define LIBFFI_H or ' - 'ffi_wrapper_h'.format(ffi_h)) -- ffi_lib = None -- if ffi_inc is not None: -+ ffi_lib = sysconfig.get_config_var("LIBFFI_LIB") -+ if not ffi_lib or ffi_lib == '': -+ ffi_lib = None -+ if ffi_inc is not None and ffi_lib is None: - for lib_name in ('ffi_convenience', 'ffi_pic', 'ffi'): - if (self.compiler.find_library_file(lib_dirs, lib_name)): - ffi_lib = lib_name diff --git a/dev-lang/python/files/python-3.5.5-hash-unaligned.patch b/dev-lang/python/files/python-3.5.5-hash-unaligned.patch deleted file mode 100644 index c418f40b7d..0000000000 --- a/dev-lang/python/files/python-3.5.5-hash-unaligned.patch +++ /dev/null @@ -1,43 +0,0 @@ -The hash implementation casts the input pointer to uint64_t* and directly reads -from this, which may cause unaligned accesses. Use memcpy() instead so this code -will not crash with SIGBUS on sparc. - ---- a/Python/pyhash.c 2017-11-29 10:21:20.283094068 +0100 -+++ b/Python/pyhash.c 2017-11-29 10:24:26.733087813 +0100 -@@ -372,7 +372,7 @@ siphash24(const void *src, Py_ssize_t sr - PY_UINT64_T k0 = _le64toh(_Py_HashSecret.siphash.k0); - PY_UINT64_T k1 = _le64toh(_Py_HashSecret.siphash.k1); - PY_UINT64_T b = (PY_UINT64_T)src_sz << 56; -- const PY_UINT64_T *in = (PY_UINT64_T*)src; -+ const PY_UINT8_T *in = (PY_UINT8_T*)src; - - PY_UINT64_T v0 = k0 ^ 0x736f6d6570736575ULL; - PY_UINT64_T v1 = k1 ^ 0x646f72616e646f6dULL; -@@ -381,12 +381,14 @@ siphash24(const void *src, Py_ssize_t sr - - PY_UINT64_T t; - PY_UINT8_T *pt; -- PY_UINT8_T *m; -+ const PY_UINT8_T *m; - - while (src_sz >= 8) { -- PY_UINT64_T mi = _le64toh(*in); -- in += 1; -- src_sz -= 8; -+ PY_UINT64_T mi; -+ memcpy(&mi, in, sizeof(mi)); -+ mi = _le64toh(mi); -+ in += sizeof(mi); -+ src_sz -= sizeof(mi); - v3 ^= mi; - DOUBLE_ROUND(v0,v1,v2,v3); - v0 ^= mi; -@@ -394,7 +396,7 @@ siphash24(const void *src, Py_ssize_t sr - - t = 0; - pt = (PY_UINT8_T *)&t; -- m = (PY_UINT8_T *)in; -+ m = in; - switch (src_sz) { - case 7: pt[6] = m[6]; - case 6: pt[5] = m[5]; diff --git a/dev-lang/python/files/python-3.5.5-libressl-compatibility.patch b/dev-lang/python/files/python-3.5.5-libressl-compatibility.patch deleted file mode 100644 index 67d57d0c13..0000000000 --- a/dev-lang/python/files/python-3.5.5-libressl-compatibility.patch +++ /dev/null @@ -1,69 +0,0 @@ -# From 8d89a385b71a2e4cce0fba0cfc8d91b63485edc5 Mon Sep 17 00:00:00 2001 -# From: Christian Heimes <[email protected]> -# Date: Sat, 24 Mar 2018 18:38:14 +0100 -# Subject: [PATCH] [3.6] bpo-33127: Compatibility patch for LibreSSL 2.7.0 -# (GH-6210) (GH-6214) -# -# LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects -# LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and -# LibreSSL < 2.7. - -# Documentation updates and fixes for failing tests will be provided in -# another patch set. - -# Signed-off-by: Christian Heimes <[email protected]>. -# (cherry picked from commit 4ca0739c9d97ac7cd45499e0d31be68dc659d0e1) - -# Co-authored-by: Christian Heimes <[email protected]> -# Patch modified by Aaron Bauman <[email protected]> for 3.5.5 - ---- a/Modules/_ssl.c 2018-04-13 18:33:17.397649561 -0400 -+++ b/Modules/_ssl.c 2018-04-13 18:40:22.319852014 -0400 -@@ -101,6 +101,12 @@ - - #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER) - # define OPENSSL_VERSION_1_1 1 -+# define PY_OPENSSL_1_1_API 1 -+#endif -+ -+/* LibreSSL 2.7.0 provides necessary OpenSSL 1.1.0 APIs */ -+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL -+# define PY_OPENSSL_1_1_API 1 - #endif - - /* Openssl comes with TLSv1.1 and TLSv1.2 between 1.0.0h and 1.0.1 -@@ -129,16 +135,18 @@ - #define INVALID_SOCKET (-1) - #endif - --#ifdef OPENSSL_VERSION_1_1 --/* OpenSSL 1.1.0+ */ --#ifndef OPENSSL_NO_SSL2 --#define OPENSSL_NO_SSL2 --#endif --#else /* OpenSSL < 1.1.0 */ --#if defined(WITH_THREAD) -+/* OpenSSL 1.0.2 and LibreSSL needs extra code for locking */ -+#if !defined(OPENSSL_VERSION_1_1) && defined(WITH_THREAD) - #define HAVE_OPENSSL_CRYPTO_LOCK - #endif - -+#if defined(OPENSSL_VERSION_1_1) && !defined(OPENSSL_NO_SSL2) -+#define OPENSSL_NO_SSL2 -+#endif -+ -+#ifndef PY_OPENSSL_1_1_API -+/* OpenSSL 1.1 API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7.0 */ -+ - #define TLS_method SSLv23_method - - static int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne) -@@ -187,7 +195,7 @@ - { - return store->param; - } --#endif /* OpenSSL < 1.1.0 or LibreSSL */ -+#endif /* OpenSSL < 1.1.0 or LibreSSL < 2.7.0 */ - - - enum py_ssl_error { diff --git a/dev-lang/python/files/python-3.6.5-hash-unaligned.patch b/dev-lang/python/files/python-3.6.5-hash-unaligned.patch deleted file mode 100644 index d096887cbf..0000000000 --- a/dev-lang/python/files/python-3.6.5-hash-unaligned.patch +++ /dev/null @@ -1,42 +0,0 @@ -The hash implementation casts the input pointer to uint64_t* and directly reads -from this, which may cause unaligned accesses. Use memcpy() instead so this code -will not crash with SIGBUS on sparc. - ---- a/Python/pyhash.c 2017-11-29 10:21:20.283094068 +0100 -+++ b/Python/pyhash.c 2017-11-29 10:24:26.733087813 +0100 -@@ -369,7 +369,7 @@ - uint64_t k0 = _le64toh(_Py_HashSecret.siphash.k0); - uint64_t k1 = _le64toh(_Py_HashSecret.siphash.k1); - uint64_t b = (uint64_t)src_sz << 56; -- const uint64_t *in = (uint64_t*)src; -+ const uint8_t *in = (uint8_t*)src; - - uint64_t v0 = k0 ^ 0x736f6d6570736575ULL; - uint64_t v1 = k1 ^ 0x646f72616e646f6dULL; -@@ -378,11 +378,13 @@ - - uint64_t t; - uint8_t *pt; -- uint8_t *m; -+ const uint8_t *m; - - while (src_sz >= 8) { -- uint64_t mi = _le64toh(*in); -- in += 1; -- src_sz -= 8; -+ uint64_t mi; -+ memcpy(&mi, in, sizeof(mi)); -+ mi = _le64toh(mi); -+ in += sizeof(mi); -+ src_sz -= sizeof(mi); - v3 ^= mi; - DOUBLE_ROUND(v0,v1,v2,v3); -@@ -391,7 +393,7 @@ - - t = 0; - pt = (uint8_t *)&t; -- m = (uint8_t *)in; -+ m = in; - switch (src_sz) { - case 7: pt[6] = m[6]; /* fall through */ - case 6: pt[5] = m[5]; /* fall through */ diff --git a/dev-lang/python/files/python-3.6.5-libressl-compatibility.patch b/dev-lang/python/files/python-3.6.5-libressl-compatibility.patch deleted file mode 100644 index 2f9e6a2bef..0000000000 --- a/dev-lang/python/files/python-3.6.5-libressl-compatibility.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 8d89a385b71a2e4cce0fba0cfc8d91b63485edc5 Mon Sep 17 00:00:00 2001 -From: Christian Heimes <[email protected]> -Date: Sat, 24 Mar 2018 18:38:14 +0100 -Subject: [PATCH] [3.6] bpo-33127: Compatibility patch for LibreSSL 2.7.0 - (GH-6210) (GH-6214) - -LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects -LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and -LibreSSL < 2.7. - -Documentation updates and fixes for failing tests will be provided in -another patch set. - -Signed-off-by: Christian Heimes <[email protected]>. -(cherry picked from commit 4ca0739c9d97ac7cd45499e0d31be68dc659d0e1) - -Co-authored-by: Christian Heimes <[email protected]> ---- - Lib/test/test_ssl.py | 1 + - .../2018-03-24-15-08-24.bpo-33127.olJmHv.rst | 1 + - Modules/_ssl.c | 24 ++++++++++++------- - Tools/ssl/multissltests.py | 3 ++- - 4 files changed, 20 insertions(+), 9 deletions(-) - create mode 100644 Misc/NEWS.d/next/Library/2018-03-24-15-08-24.bpo-33127.olJmHv.rst - -diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py -index 8dd3b41450..9785a59a7e 100644 ---- a/Lib/test/test_ssl.py -+++ b/Lib/test/test_ssl.py -@@ -1687,6 +1687,7 @@ class SimpleBackgroundTests(unittest.TestCase): - self.assertEqual(len(ctx.get_ca_certs()), 1) - - @needs_sni -+ @unittest.skipUnless(hasattr(ssl, "PROTOCOL_TLSv1_2"), "needs TLS 1.2") - def test_context_setget(self): - # Check that the context of a connected socket can be replaced. - ctx1 = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2) -diff --git a/Misc/NEWS.d/next/Library/2018-03-24-15-08-24.bpo-33127.olJmHv.rst b/Misc/NEWS.d/next/Library/2018-03-24-15-08-24.bpo-33127.olJmHv.rst -new file mode 100644 -index 0000000000..635aabbde0 ---- /dev/null -+++ b/Misc/NEWS.d/next/Library/2018-03-24-15-08-24.bpo-33127.olJmHv.rst -@@ -0,0 +1 @@ -+The ssl module now compiles with LibreSSL 2.7.1. -diff --git a/Modules/_ssl.c b/Modules/_ssl.c -index c54e43c2b4..5e007da858 100644 ---- a/Modules/_ssl.c -+++ b/Modules/_ssl.c -@@ -106,6 +106,12 @@ struct py_ssl_library_code { - - #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER) - # define OPENSSL_VERSION_1_1 1 -+# define PY_OPENSSL_1_1_API 1 -+#endif -+ -+/* LibreSSL 2.7.0 provides necessary OpenSSL 1.1.0 APIs */ -+#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL -+# define PY_OPENSSL_1_1_API 1 - #endif - - /* Openssl comes with TLSv1.1 and TLSv1.2 between 1.0.0h and 1.0.1 -@@ -152,16 +158,18 @@ struct py_ssl_library_code { - #define INVALID_SOCKET (-1) - #endif - --#ifdef OPENSSL_VERSION_1_1 --/* OpenSSL 1.1.0+ */ --#ifndef OPENSSL_NO_SSL2 --#define OPENSSL_NO_SSL2 --#endif --#else /* OpenSSL < 1.1.0 */ --#if defined(WITH_THREAD) -+/* OpenSSL 1.0.2 and LibreSSL needs extra code for locking */ -+#if !defined(OPENSSL_VERSION_1_1) && defined(WITH_THREAD) - #define HAVE_OPENSSL_CRYPTO_LOCK - #endif - -+#if defined(OPENSSL_VERSION_1_1) && !defined(OPENSSL_NO_SSL2) -+#define OPENSSL_NO_SSL2 -+#endif -+ -+#ifndef PY_OPENSSL_1_1_API -+/* OpenSSL 1.1 API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7.0 */ -+ - #define TLS_method SSLv23_method - #define TLS_client_method SSLv23_client_method - #define TLS_server_method SSLv23_server_method -@@ -227,7 +235,7 @@ SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s) - return s->tlsext_tick_lifetime_hint; - } - --#endif /* OpenSSL < 1.1.0 or LibreSSL */ -+#endif /* OpenSSL < 1.1.0 or LibreSSL < 2.7.0 */ - - - enum py_ssl_error { -diff --git a/Tools/ssl/multissltests.py b/Tools/ssl/multissltests.py -index ce5bbd8530..ba4529ae06 100755 ---- a/Tools/ssl/multissltests.py -+++ b/Tools/ssl/multissltests.py -@@ -57,8 +57,9 @@ LIBRESSL_OLD_VERSIONS = [ - ] - - LIBRESSL_RECENT_VERSIONS = [ -- "2.5.3", - "2.5.5", -+ "2.6.4", -+ "2.7.1", - ] - - # store files in ../multissl --- -2.17.0 - diff --git a/dev-lang/python/python-3.8.5.ebuild b/dev-lang/python/python-3.8.5.ebuild index 9f83f7cd5c..32c823df81 100644 --- a/dev-lang/python/python-3.8.5.ebuild +++ b/dev-lang/python/python-3.8.5.ebuild @@ -107,7 +107,6 @@ src_prepare() { sed -i \ -e 's/KQUEUE/KQUEUE_DISABLED/' \ configure.ac configure || die - eapply "${FILESDIR}"/${PN}-3.8.5-darwin9.patch fi # side-effect of disabling scproxy (see below), make sure we don't diff --git a/dev-lang/python/python-3.6.8.ebuild b/dev-lang/python/python-3.8.6.ebuild similarity index 65% rename from dev-lang/python/python-3.6.8.ebuild rename to dev-lang/python/python-3.8.6.ebuild index 13121eec6d..2ee3d275cd 100644 --- a/dev-lang/python/python-3.6.8.ebuild +++ b/dev-lang/python/python-3.8.6.ebuild @@ -1,31 +1,28 @@ -# Copyright 1999-2019 Gentoo Authors +# Copyright 1999-2020 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI="6" +EAPI="7" WANT_LIBTOOL="none" -inherit autotools flag-o-matic pax-utils python-utils-r1 toolchain-funcs epatch +inherit autotools flag-o-matic multiprocessing pax-utils \ + python-utils-r1 toolchain-funcs MY_P="Python-${PV}" -PATCHSET_VERSION="3.6.8" -PREFIX_PATCHREV="${PV}-gentoo-patches-r0" -CYGWINPORTS_GITREV="f11d606e98b00f5b143cba92bfee8b7f5ba779b0" +PYVER=$(ver_cut 1-2) +PATCHSET="python-gentoo-patches-${PV}" +PREFIX_PATCHSET="python-prefix-gentoo-${PV}-patches-r0" DESCRIPTION="An interpreted, interactive, object-oriented programming language" HOMEPAGE="https://www.python.org/"; SRC_URI="https://www.python.org/ftp/python/${PV}/${MY_P}.tar.xz - https://dev.gentoo.org/~floppym/python/python-gentoo-patches-${PATCHSET_VERSION}.tar.xz - https://dev.gentoo.org/~grobian/distfiles/python-prefix-${PREFIX_PATCHREV}.tar.xz"; - -[[ -n ${CYGWINPORTS_GITREV} ]] && -SRC_URI+=" elibc_Cygwin? ( - https://github.com/cygwinports/python36/archive/${CYGWINPORTS_GITREV}.zip - -> python36-cygwinports-${CYGWINPORTS_GITREV}.zip )" + https://dev.gentoo.org/~mgorny/dist/python/${PATCHSET}.tar.xz + https://dev.gentoo.org/~grobian/distfiles/${PREFIX_PATCHSET}.tar.xz"; +S="${WORKDIR}/${MY_P}" LICENSE="PSF-2" -SLOT="3.6/3.6m" +SLOT="${PYVER}" KEYWORDS="~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="aqua bluetooth build examples gdbm hardened ipv6 libressl +ncurses +readline sqlite +ssl test +threads tk wininst +xml" +IUSE="aqua bluetooth build examples gdbm hardened ipv6 libressl +ncurses +readline sqlite +ssl test tk wininst +xml" RESTRICT="!test? ( test )" # Do not add a dependency on dev-lang/python to this ebuild. @@ -33,27 +30,28 @@ RESTRICT="!test? ( test )" # run the bootstrap code on your dev box and include the results in the # patchset. See bug 447752. -RDEPEND="app-arch/bzip2:0= - app-arch/xz-utils:0= - >=sys-libs/zlib-1.1.3:0= - virtual/libffi:= +RDEPEND="app-arch/bzip2:= + app-arch/xz-utils:= + dev-libs/libffi:= + kernel_linux? ( sys-apps/util-linux:= ) + >=sys-libs/zlib-1.1.3:= + virtual/libcrypt:= virtual/libintl - gdbm? ( sys-libs/gdbm:0=[berkdb] ) - ncurses? ( >=sys-libs/ncurses-5.2:0= ) - readline? ( >=sys-libs/readline-4.1:0= ) + gdbm? ( sys-libs/gdbm:=[berkdb] ) + ncurses? ( >=sys-libs/ncurses-5.2:= ) + readline? ( >=sys-libs/readline-4.1:= ) sqlite? ( >=dev-db/sqlite-3.3.8:3= ) ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:0= ) + !libressl? ( dev-libs/openssl:= ) + libressl? ( dev-libs/libressl:= ) ) tk? ( - >=dev-lang/tcl-8.0:0= - >=dev-lang/tk-8.0:0=[-aqua] - dev-tcltk/blt:0= + >=dev-lang/tcl-8.0:= + >=dev-lang/tk-8.0:= + dev-tcltk/blt:= dev-tcltk/tix ) - xml? ( >=dev-libs/expat-2.1:0= ) - !!<sys-apps/sandbox-2.6-r1" + xml? ( >=dev-libs/expat-2.1:= )" # bluetooth requires headers from bluez DEPEND="${RDEPEND} bluetooth? ( net-wireless/bluez ) @@ -63,40 +61,20 @@ DEPEND="${RDEPEND} RDEPEND+=" !build? ( app-misc/mime-types )" PDEPEND=">=app-eselect/eselect-python-20140125-r1" -[[ -n ${CYGWINPORTS_GITREV} ]] && -DEPEND+=" elibc_Cygwin? ( app-arch/unzip )" - -S="${WORKDIR}/${MY_P}" -PYVER=${SLOT%/*} - src_prepare() { # Ensure that internal copies of expat, libffi and zlib are not used. - rm -fr Modules/expat - rm -fr Modules/_ctypes/libffi* - rm -fr Modules/zlib + rm -fr Modules/expat || die + rm -fr Modules/_ctypes/libffi* || die + rm -fr Modules/zlib || die local PATCHES=( - "${WORKDIR}/patches" + "${WORKDIR}/${PATCHSET}" + # Prefix' round of patches + "${WORKDIR}"/${PREFIX_PATCHSET} ) default - # Prefix' round of patches - EPATCH_EXCLUDE="${excluded_patches}" EPATCH_SUFFIX="patch" \ - epatch "${WORKDIR}"/python-prefix-${PREFIX_PATCHREV} - - if [[ -n ${CYGWINPORTS_GITREV} ]] && use elibc_Cygwin; then - local p d="${WORKDIR}/python36-${CYGWINPORTS_GITREV}" - for p in $( - sed -ne '/PATCH_URI="/,/"/{s/.*="//;s/".*$//;p}' \ - < "${d}/python3.cygport" - ); do - # dropped by 01_all_prefix-no-patch-invention.patch - [[ ${p} == *-tkinter-* ]] && continue - epatch "${d}/${p}" - done - fi - # we provide a fully working readline also on Darwin, so don't force # usage of less functional libedit sed -i -e 's/__APPLE__/__NO_MUCKING_AROUND__/g' Modules/readline.c || die @@ -105,17 +83,14 @@ src_prepare() { sed -i -e "/^NM=.*nm$/s,^.*$,NM=$(tc-getNM)," Modules/makexp_aix || die sed -i -e "s:@@GENTOO_LIBDIR@@:$(get_libdir):g" \ - Lib/distutils/command/install.py \ - Lib/distutils/sysconfig.py \ - Lib/site.py \ - Lib/sysconfig.py \ - Lib/test/test_site.py \ - Makefile.pre.in \ - Modules/Setup.dist \ - Modules/getpath.c \ - configure.ac \ setup.py || die "sed failed to replace @@GENTOO_LIBDIR@@" + # force correct number of jobs + # https://bugs.gentoo.org/737660 + local jobs=$(makeopts_jobs "${MAKEOPTS}" "$(get_nproc)") + sed -i -e "s:-j0:-j${jobs}:" Makefile.pre.in || die + sed -i -e "/self\.parallel/s:True:${jobs}:" setup.py || die + # workaround a development build env problem and muck around # framework install to get the best of both worlds (non-standard) sed -i \ @@ -141,6 +116,11 @@ src_prepare() { configure.ac configure || die fi + # side-effect of disabling scproxy (see below), make sure we don't + # try to use it on Darwin either + sed -i -e '/sys.platform/s/darwin/disabled-darwin/' \ + Lib/urllib/request.py || die + eautoreconf } @@ -148,13 +128,14 @@ src_configure() { local disable # disable automagic bluetooth headers detection use bluetooth || export ac_cv_header_bluetooth_bluetooth_h=no - use gdbm || disable+=" gdbm" - use ncurses || disable+=" _curses _curses_panel" - use readline || disable+=" readline" - use sqlite || disable+=" _sqlite3" - use ssl || export PYTHON_DISABLE_SSL="1" - use tk || disable+=" _tkinter" - use xml || disable+=" _elementtree pyexpat" # _elementtree uses pyexpat. + use gdbm || disable+=" gdbm" + use ncurses || disable+=" _curses _curses_panel" + use readline || disable+=" readline" + use sqlite || disable+=" _sqlite3" + use ssl || export PYTHON_DISABLE_SSL="1" + use tk || disable+=" _tkinter" + use xml || disable+=" _elementtree pyexpat" # _elementtree uses pyexpat. + [[ ${CHOST} == *-darwin* ]] && disable+=" _scproxy" # header issue export PYTHON_DISABLE_MODULES="${disable}" if ! use xml; then @@ -179,6 +160,11 @@ src_configure() { use hardened && replace-flags -O3 -O2 fi + # https://bugs.gentoo.org/700012 + if is-flagq -flto || is-flagq '-flto=*'; then + append-cflags $(test-flags-CC -ffat-lto-objects) + fi + # Export CC so even AIX will use gcc instead of xlc_r. # Export CXX so it ends up in /usr/lib/python3.X/config/Makefile. tc-export CC CXX @@ -188,9 +174,9 @@ src_configure() { # Please query BSD team before removing this! append-ldflags "-L." - # make sure setup.py considers Prefix' paths before system ones - use prefix && append-cppflags -I"${EPREFIX}"/usr/include - use prefix && append-ldflags -L"${EPREFIX}"/lib -L"${EPREFIX}"/usr/lib + # Fix implicit declarations on cross and prefix builds. Bug #674070. + use ncurses && append-cppflags -I"${ESYSROOT}"/usr/include/ncursesw + use prefix && append-ldflags -L"${ESYSROOT}"/lib -L"${ESYSROOT}"/usr/lib local dbmliborder if use gdbm; then @@ -205,11 +191,16 @@ src_configure() { fi local myeconfargs=( - $(use aqua && echo --config-cache) \ - $(use_with !elibc_Cygwin fpectl) + # glibc-2.30 removes it; since we can't cleanly force-rebuild + # Python on glibc upgrade, remove it proactively to give + # a chance for users rebuilding python before glibc + # except on non-glibc systems this breaks the build, so be + # conservative! + $(use elibc_glibc && echo ac_cv_header_stropts_h=no) + + $(use aqua && echo --config-cache) --enable-shared $(use_enable ipv6) - $(use_with threads) --infodir='${prefix}/share/info' --mandir='${prefix}/share/man' --with-computed-gotos @@ -222,12 +213,6 @@ src_configure() { ) OPT="" econf "${myeconfargs[@]}" - - if use threads && grep -q "#define POSIX_SEMAPHORES_NOT_ENABLED 1" pyconfig.h; then - eerror "configure has detected that the sem_open function is broken." - eerror "Please ensure that /dev/shm is mounted as a tmpfs with mode 1777." - die "Broken sem_open function (bug 496328)" - fi } src_compile() { @@ -261,7 +246,6 @@ src_test() { # bug 660358 local -x COLUMNS=80 - local -x PYTHONDONTWRITEBYTECODE= emake test EXTRATESTOPTS="-u-network" CPPFLAGS= CFLAGS= LDFLAGS= < /dev/tty @@ -277,7 +261,7 @@ src_test() { done elog "If you would like to run them, you may:" - elog "cd '${EPREFIX}/usr/$(get_libdir)/python${PYVER}/test'" + elog "cd '${EPREFIX}/usr/lib/python${PYVER}/test'" elog "and run the tests separately." if [[ ${result} -ne 0 ]]; then @@ -286,7 +270,7 @@ src_test() { } src_install() { - local libdir=${ED}/usr/$(get_libdir)/python${PYVER} + local libdir=${ED}/usr/lib/python${PYVER} emake DESTDIR="${D}" altinstall @@ -308,25 +292,22 @@ src_install() { "${ED}${fwdir}"/Python || die fi + # Remove static library + rm "${ED}"/usr/$(get_libdir)/libpython*.a || die + sed \ -e "s/\(CONFIGURE_LDFLAGS=\).*/\1/" \ -e "s/\(PY_LDFLAGS=\).*/\1/" \ -i "${libdir}/config-${PYVER}"*/Makefile || die "sed failed" # Fix collisions between different slots of Python. - rm -f "${ED}usr/$(get_libdir)/libpython3.so" - - if use elibc_Cygwin; then - # We may recreate symlinks, but without any .exe extension. Cygwin - # can resolv either without it, so just drop .exe from shebangs: - sed -i -e '1s/\.exe//' "$ED"/usr/bin/* || die - fi + rm -f "${ED}/usr/$(get_libdir)/libpython3$(get_libname)" || die # Cheap hack to get version with ABIFLAGS - local abiver=$(cd "${ED}usr/include"; echo python*) + local abiver=$(cd "${ED}/usr/include"; echo python*) if [[ ${abiver} != python${PYVER} ]]; then # Replace python3.X with a symlink to python3.Xm - rm "${ED}usr/bin/python${PYVER}" || die + rm "${ED}/usr/bin/python${PYVER}" || die dosym "${abiver}" "/usr/bin/python${PYVER}" # Create python3.X-config symlink dosym "${abiver}-config" "/usr/bin/python${PYVER}-config" @@ -337,23 +318,22 @@ src_install() { # python seems to get rebuilt in src_install (bug 569908) # Work around it for now. if has_version dev-libs/libffi[pax_kernel]; then - pax-mark E "${ED}usr/bin/${abiver}" + pax-mark E "${ED}/usr/bin/${abiver}" else - pax-mark m "${ED}usr/bin/${abiver}" + pax-mark m "${ED}/usr/bin/${abiver}" fi use sqlite || rm -r "${libdir}/"{sqlite3,test/test_sqlite*} || die - use tk || rm -r "${ED}usr/bin/idle${PYVER}" "${libdir}/"{idlelib,tkinter,test/test_tk*} || die + use tk || rm -r "${ED}/usr/bin/idle${PYVER}" "${libdir}/"{idlelib,tkinter,test/test_tk*} || die - use threads || rm -r "${libdir}/multiprocessing" || die use wininst || rm "${libdir}/distutils/command/"wininst-*.exe || die - dodoc "${S}"/Misc/{ACKS,HISTORY,NEWS} + dodoc Misc/{ACKS,HISTORY,NEWS} if use examples; then - insinto /usr/share/doc/${PF}/examples - find "${S}"/Tools -name __pycache__ -print0 | xargs -0 rm -fr - doins -r "${S}"/Tools + docinto examples + find Tools -name __pycache__ -exec rm -fr {} + || die + dodoc -r Tools fi insinto /usr/share/gdb/auto-load/usr/$(get_libdir) #443510 if use aqua ; then @@ -371,53 +351,49 @@ src_install() { sed \ -e "s:@PYDOC_PORT_VARIABLE@:PYDOC${PYVER/./_}_PORT:" \ -e "s:@PYDOC@:pydoc${PYVER}:" \ - -i "${ED}etc/conf.d/pydoc-${PYVER}" "${ED}etc/init.d/pydoc-${PYVER}" || die "sed failed" - - # for python-exec - local vars=( EPYTHON PYTHON_SITEDIR PYTHON_SCRIPTDIR ) + -i "${ED}/etc/conf.d/pydoc-${PYVER}" \ + "${ED}/etc/init.d/pydoc-${PYVER}" || die "sed failed" + local -x EPYTHON=python${PYVER} # if not using a cross-compiler, use the fresh binary if ! tc-is-cross-compiler; then local -x PYTHON=./python$(sed -n '/BUILDEXE=/s/^.*=\s\+//p' Makefile) local -x LD_LIBRARY_PATH=${LD_LIBRARY_PATH+${LD_LIBRARY_PATH}:}${PWD} local -x DYLD_LIBRARY_PATH=${DYLD_LIBRARY_PATH+${DYLD_LIBRARY_PATH}:}${PWD} else - vars=( PYTHON "${vars[@]}" ) + local -x PYTHON=${EPREFIX}/usr/bin/${EPYTHON} fi - python_export "python${PYVER}" "${vars[@]}" echo "EPYTHON='${EPYTHON}'" > epython.py || die python_domodule epython.py # python-exec wrapping support local pymajor=${PYVER%.*} - mkdir -p "${D}${PYTHON_SCRIPTDIR}" || die + local scriptdir=${D}$(python_get_scriptdir) + mkdir -p "${scriptdir}" || die # python and pythonX ln -s "../../../bin/${abiver}" \ - "${D}${PYTHON_SCRIPTDIR}/python${pymajor}" || die - ln -s "python${pymajor}" \ - "${D}${PYTHON_SCRIPTDIR}/python" || die + "${scriptdir}/python${pymajor}" || die + ln -s "python${pymajor}" "${scriptdir}/python" || die # python-config and pythonX-config # note: we need to create a wrapper rather than symlinking it due # to some random dirname(argv[0]) magic performed by python-config - cat > "${D}${PYTHON_SCRIPTDIR}/python${pymajor}-config" <<-EOF || die + cat > "${scriptdir}/python${pymajor}-config" <<-EOF || die #!/bin/sh exec "${abiver}-config" "\${@}" EOF - chmod +x "${D}${PYTHON_SCRIPTDIR}/python${pymajor}-config" || die + chmod +x "${scriptdir}/python${pymajor}-config" || die ln -s "python${pymajor}-config" \ - "${D}${PYTHON_SCRIPTDIR}/python-config" || die - # 2to3, pydoc, pyvenv + "${scriptdir}/python-config" || die + # 2to3, pydoc ln -s "../../../bin/2to3-${PYVER}" \ - "${D}${PYTHON_SCRIPTDIR}/2to3" || die + "${scriptdir}/2to3" || die ln -s "../../../bin/pydoc${PYVER}" \ - "${D}${PYTHON_SCRIPTDIR}/pydoc" || die - ln -s "../../../bin/pyvenv-${PYVER}" \ - "${D}${PYTHON_SCRIPTDIR}/pyvenv" || die + "${scriptdir}/pydoc" || die # idle if use tk; then ln -s "../../../bin/idle${PYVER}" \ - "${D}${PYTHON_SCRIPTDIR}/idle" || die + "${scriptdir}/idle" || die fi } @@ -428,11 +404,14 @@ pkg_preinst() { } eselect_python_update() { - if [[ -z "$(eselect python show)" || ! -f "${EROOT}usr/bin/$(eselect python show)" ]]; then + if [[ -z "$(eselect python show)" || \ + ! -f "${EROOT}/usr/bin/$(eselect python show)" ]]; then eselect python update fi - if [[ -z "$(eselect python show --python${PV%%.*})" || ! -f "${EROOT}usr/bin/$(eselect python show --python${PV%%.*})" ]]; then + if [[ -z "$(eselect python show --python${PV%%.*})" || \ + ! -f "${EROOT}/usr/bin/$(eselect python show --python${PV%%.*})" ]] + then eselect python update --python${PV%%.*} fi }
