Hello community,
here is the log from the commit of package python.13735 for
openSUSE:Leap:15.1:Update checked in at 2020-08-24 20:19:55
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.1:Update/python.13735 (Old)
and /work/SRC/openSUSE:Leap:15.1:Update/.python.13735.new.3399 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python.13735"
Mon Aug 24 20:19:55 2020 rev:1 rq:828405 version:2.7.17
Changes:
--------
New Changes file:
--- /dev/null 2020-08-06 00:20:10.149648038 +0200
+++
/work/SRC/openSUSE:Leap:15.1:Update/.python.13735.new.3399/python-base.changes
2020-08-24 20:20:39.307374347 +0200
@@ -0,0 +1,2356 @@
+-------------------------------------------------------------------
+Mon Jul 20 12:06:41 UTC 2020 - Matej Cepl <[email protected]>
+
+- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091
+ (CVE-2019-20907, bpo#39017) avoiding possible infinite loop
+ in specifically crafted tarball.
+ Add recursion.tar as a testing tarball for the patch.
+
+-------------------------------------------------------------------
+Fri May 1 15:52:49 UTC 2020 - Matej Cepl <[email protected]>
+
+- Add CVE-2019-18348-CRLF_injection_via_host_part.patch to
+ disallow control characters in hostnames in httplib,
+ addressing CVE-2019-18348. Such potentially malicious header
+ injection URLs now cause a InvalidURL to be raised.
+ (bsc#1155094)
+
+-------------------------------------------------------------------
+Sat Feb 8 23:29:28 CET 2020 - Matej Cepl <[email protected]>
+
+- Add CVE-2019-9674-zip-bomb.patch to improve documentation
+ warning about dangers of zip-bombs and other security problems
+ with zipfile library. (bsc#1162825 CVE-2019-9674)
+
+-------------------------------------------------------------------
+Sat Feb 8 22:30:51 CET 2020 - Matej Cepl <[email protected]>
+
+- Change to Requires: libpython%{so_version} == %{version}-%{release}
+ to python-base to keep both packages always synchronized (add
+ %{so_version}) (bsc#1162224).
+
+-------------------------------------------------------------------
+Thu Feb 6 23:14:47 CET 2020 - Matej Cepl <[email protected]>
+
+- Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug
+ "Python urrlib allowed an HTTP server to conduct Regular
+ Expression Denial of Service (ReDoS)" (bsc#1162367)
+
+-------------------------------------------------------------------
+Mon Feb 3 19:30:31 UTC 2020 - Tomáš Chvátal <[email protected]>
+
+- Provide python-testsuite from devel subkg to ease py2->py3
+ dependencies
+
+-------------------------------------------------------------------
+Mon Jan 27 16:47:56 CET 2020 - Matej Cepl <[email protected]>
+
+- Add python-2.7.17-switch-off-failing-SSL-tests.patch to switch
+ off tests coliding with the combination of modern Python and
+ ancient OpenSSL on SLE-12.
+
+-------------------------------------------------------------------
+Fri Jan 10 16:01:57 CET 2020 - Matej Cepl <[email protected]>
+
+- libnsl is required only on more recent SLEs and openSUSE, older
+ glibc supported NIS on its own.
+
+-------------------------------------------------------------------
+Thu Jan 2 10:34:17 UTC 2020 - Tomáš Chvátal <[email protected]>
+
+- Add provides in gdbm subpackage to provide dbm symbols. This
+ allows us to use %%{python_module dbm} as a dependency and have
+ it properly resolved for both python2 and python3
+
+-------------------------------------------------------------------
+Thu Dec 19 08:47:01 UTC 2019 - Dominique Leuenberger <[email protected]>
+
+- Drop appstream-glib BuildRequires and no longer call
+ appstream-util validate-relax: eliminate a build cycle between
+ as-glib and python. The only thing would would gain by calling
+ as-uril is catching if upstream breaks the appdata.xml file in a
+ future release. Considering py2 is dying, chances for a new
+ release, let alone one breaking the xml file, are slim.
+
+-------------------------------------------------------------------
+Wed Dec 11 14:35:46 CET 2019 - Matej Cepl <[email protected]>
+
+- Unify packages among openSUSE:Factory and SLE versions.
+ (bsc#1159035) ; add missing records to this changelog.
+- Add idle.desktop and idle.appdata.xml to provide IDLE in menus
+ (bsc#1153830)
+
+-------------------------------------------------------------------
+Wed Dec 4 18:12:17 CET 2019 - Matej Cepl <[email protected]>
+
+- Add python2_split_startup Provide to make it possible to
+ conflict older packages by shared-python-startup.
+
+-------------------------------------------------------------------
+Fri Nov 22 13:10:03 CET 2019 - Matej Cepl <[email protected]>
+
+- Move /etc/pythonstart script to shared-python-startup
+ package.
+
+-------------------------------------------------------------------
+Tue Nov 5 11:41:40 CET 2019 - Matej Cepl <[email protected]>
+
+- Add bpo-36576-skip_tests_for_OpenSSL-111.patch (originally from
+ bpo#36576) skipping tests failing with OpenSSL 1.1.1. Fixes
+ bsc#1149792
+
+-------------------------------------------------------------------
+Tue Nov 5 04:24:05 UTC 2019 - Steve Kowalik <[email protected]>
+
+- Add adapted-from-F00251-change-user-install-location.patch fixing
+ pip/distutils to install into /usr/local.
+
+-------------------------------------------------------------------
+Thu Oct 24 14:40:39 CEST 2019 - Matej Cepl <[email protected]>
+
+- Update to 2.7.17:
+ - a bug fix release in the Python 2.7.x series. It is expected
+ to be the penultimate release for Python 2.7.
+- Removed patches included upstream:
+ - CVE-2018-20852-cookie-domain-check.patch
+ - CVE-2019-16935-xmlrpc-doc-server_title.patch
+ - CVE-2019-9636-netloc-no-decompose-characters.patch
+ - CVE-2019-9947-no-ctrl-char-http.patch
+ - CVE-2019-9948-avoid_local-file.patch
+ - python-2.7.14-CVE-2018-1000030-1.patch
+ - python-2.7.14-CVE-2018-1000030-2.patch
+- Renamed remove-static-libpython.diff and python-bsddb6.diff to
+ remove-static-libpython.patch and python-bsddb6.patch to unify
+ filenames.
+
+-------------------------------------------------------------------
+Tue Oct 8 19:46:52 CEST 2019 - Matej Cepl <[email protected]>
+
+- Add CVE-2019-16935-xmlrpc-doc-server_title.patch fixing
+ bsc#1153238 (aka CVE-2019-16935) fixing a reflected XSS in
+ python/Lib/DocXMLRPCServer.py
+
+-------------------------------------------------------------------
+Wed Sep 25 13:25:33 UTC 2019 - Bernhard Wiedemann <[email protected]>
+
+- Add bpo36302-sort-module-sources.patch (boo#1041090)
+
+-------------------------------------------------------------------
+Mon Sep 16 15:57:54 CEST 2019 - Matej Cepl <[email protected]>
+
+- Add CVE-2019-16056-email-parse-addr.patch fixing the email
+ module wrongly parses email addresses [bsc#1149955,
+ CVE-2019-16056]
+
+-------------------------------------------------------------------
+Thu Jul 25 19:31:47 CEST 2019 - Matej Cepl <[email protected]>
+
+- boo#1141853 (CVE-2018-20852) add
+ CVE-2018-20852-cookie-domain-check.patch fixing
+ http.cookiejar.DefaultPolicy.domain_return_ok which did not
+ correctly validate the domain: it could be tricked into sending
+ cookies to the wrong server.
+
+-------------------------------------------------------------------
+Fri Jul 19 11:19:42 UTC 2019 - Tomáš Chvátal <[email protected]>
+
+- Skip test_urllib2_localnet that randomly fails in OBS
+
+-------------------------------------------------------------------
+Wed Jul 3 21:02:00 CEST 2019 - Matej Cepl <[email protected]>
+
+- bsc#1138459: add CVE-2019-10160-netloc-port-regression.patch
+ which fixes regression introduced by the previous patch.
+ (CVE-2019-10160)
+ Upstream gh#python/cpython#13812
+
+-------------------------------------------------------------------
+Wed May 29 08:58:16 UTC 2019 - Martin Liška <[email protected]>
+
+- Set _lto_cflags to nil as it will prevent to propage LTO
+ for Python modules that are built in a separate package.
+
+-------------------------------------------------------------------
+Thu May 2 08:40:33 CEST 2019 - Matej Cepl <[email protected]>
+
+- bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch
+ Address the issue by disallowing URL paths with embedded
+ whitespace or control characters through into the underlying
+ http client request. Such potentially malicious header
+ injection URLs now cause a ValueError to be raised.
+
+-------------------------------------------------------------------
+Mon Apr 8 22:40:01 CEST 2019 - Matej Cepl <[email protected]>
+
+- bsc#1130847 (CVE-2019-9948) add CVE-2019-9948-avoid_local-file.patch
+ removing unnecessary (and potentially harmful) URL scheme
+ local-file://.
+
+-------------------------------------------------------------------
+Mon Apr 8 21:13:48 CEST 2019 - Matej Cepl <[email protected]>
+
+- bsc#1129346: add CVE-2019-9636-netloc-no-decompose-characters.patch
+ Characters in the netloc attribute that decompose under NFKC
+ normalization (as used by the IDNA encoding) into any of ``/``,
+ ``?``, ``#``, ``@``, or ``:`` will raise a ValueError. If the
+ URL is decomposed before parsing, or is not a Unicode string,
+ no error will be raised (CVE-2019-9636).
++++ 2159 more lines (skipped)
++++ between /dev/null
++++ and
/work/SRC/openSUSE:Leap:15.1:Update/.python.13735.new.3399/python-base.changes
New Changes file:
python-doc.changes: same change
New Changes file:
python.changes: same change
New:
----
CVE-2017-18207.patch
CVE-2019-18348-CRLF_injection_via_host_part.patch
CVE-2019-20907_tarfile-inf-loop.patch
CVE-2019-5010-null-defer-x509-cert-DOS.patch
CVE-2019-9674-zip-bomb.patch
CVE-2020-8492-urllib-ReDoS.patch
Python-2.7.17.tar.xz
Python-2.7.17.tar.xz.asc
README.SUSE
adapted-from-F00251-change-user-install-location.patch
baselibs.conf
bpo36160-init-sysconfig_vars.patch
bpo36302-sort-module-sources.patch
do-not-use-non-ascii-in-test_ssl.patch
idle.appdata.xml
idle.desktop
local.pth
macros.python2
openssl-111-middlebox-compat.patch
openssl-111-ssl_options.patch
pre_checkin.sh
python-2.5.1-sqlite.patch
python-2.6-gettext-plurals.patch
python-2.6b3-curses-panel.patch
python-2.7-dirs.patch
python-2.7-libffi-aarch64.patch
python-2.7.17-docs-pdf-a4.tar.bz2
python-2.7.17-docs-pdf-letter.tar.bz2
python-2.7.17-switch-off-failing-SSL-tests.patch
python-2.7.2-fix_date_time_compiler.patch
python-2.7.4-canonicalize2.patch
python-2.7.5-multilib.patch
python-2.7.9-sles-disable-verification-by-default.patch
python-2.7.9-ssl_ca_path.patch
python-base-rpmlintrc
python-base.changes
python-base.spec
python-bsddb6.patch
python-bundle-lang.patch
python-distutils-rpm-8.patch
python-doc.changes
python-doc.spec
python-skip_random_failing_tests.patch
python-sorted_tar.patch
python.changes
python.keyring
python.spec
recursion.tar
remove-static-libpython.patch
reproducible.patch
sle_tls_checks_policy.py
sparc_longdouble.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-base.spec ++++++
#
# spec file for package python-base
#
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define so_version 2_7-1_0
Name: python-base
Version: 2.7.17
Release: 0
Summary: Python Interpreter base package
License: Python-2.0
Group: Development/Languages/Python
URL: http://www.python.org/
%define tarversion %{version}
%define tarname Python-%{tarversion}
Source0: http://www.python.org/ftp/python/%{version}/%{tarname}.tar.xz
Source4:
http://www.python.org/ftp/python/%{version}/%{tarname}.tar.xz.asc
Source6: python.keyring
Source1: macros.python2
Source2: baselibs.conf
Source3: README.SUSE
Source5: local.pth
# For Patch 61
Source61: recursion.tar
Source99: python-base-rpmlintrc
# COMMON-PATCH-BEGIN
Patch1: python-2.7-dirs.patch
Patch2: python-distutils-rpm-8.patch
Patch3: python-2.7.5-multilib.patch
Patch4: python-2.5.1-sqlite.patch
Patch5: python-2.7.4-canonicalize2.patch
Patch7: python-2.6-gettext-plurals.patch
Patch8: python-2.6b3-curses-panel.patch
Patch10: sparc_longdouble.patch
Patch13: python-2.7.2-fix_date_time_compiler.patch
Patch17: remove-static-libpython.patch
# PATCH-FEATURE-OPENSUSE python-bundle-lang.patch bnc#617751
[email protected] -- gettext: when looking in default_localedir also check
in locale-bundle.
Patch20: python-bundle-lang.patch
# PATCH-FIX-UPSTREAM Fix argument passing in libffi for aarch64
Patch22: python-2.7-libffi-aarch64.patch
Patch24: python-bsddb6.patch
# PATCH-FIX-UPSTREAM accept directory-based CA paths as well
Patch33: python-2.7.9-ssl_ca_path.patch
# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients
Patch34: python-2.7.9-sles-disable-verification-by-default.patch
# PATCH-FIX-UPSTREAM do not use non-ASCII filename in test_ssl.py
Patch35: do-not-use-non-ascii-in-test_ssl.patch
# PATCH-FIX-UPSTREAM [email protected] -- allow python packages to build
reproducibly
Patch38: reproducible.patch
# bypass boo#1078485 random failing tests
Patch40: python-skip_random_failing_tests.patch
# PATCH-FIX-UPSTREAM sorted tar https://github.com/python/cpython/pull/2263
Patch41: python-sorted_tar.patch
# https://github.com/python/cpython/pull/9624
(https://bugs.python.org/issue34834)
Patch47: openssl-111-middlebox-compat.patch
# PATCH-FIX-SUSE python default SSLContext doesn't contain
OP_CIPHER_SERVER_PREFERENCE
Patch48: openssl-111-ssl_options.patch
# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191
[email protected]
# gh#python/cpython#11569
# Fix segfault in ssl's cert parser
Patch49: CVE-2019-5010-null-defer-x509-cert-DOS.patch
# PATCH-FIX-UPSTREAM bpo36160-init-sysconfig_vars.patch gh#python/cpython#12131
[email protected]
# Initialize sysconfig variables in test_site.
Patch50: bpo36160-init-sysconfig_vars.patch
# PATCH-FIX-UPSTREAM CVE-2017-18207.patch gh#python/cpython#4437
[email protected]
# Add check for channels of wav file in Lib/wave.py
Patch51: CVE-2017-18207.patch
# PATCH-FIX-UPSTREAM gh#python/cpython#12341
Patch55: bpo36302-sort-module-sources.patch
# Fix installation in /usr/local (boo#1071941), adapted from Fedora
#
https://src.fedoraproject.org/rpms/python3/blob/master/f/00251-change-user-install-location.patch
# Set values of prefix and exec_prefix in distutils install command
# to /usr/local if executable is /usr/bin/python* and RPM build
# is not detected to make pip and distutils install into separate location
Patch56: adapted-from-F00251-change-user-install-location.patch
# Switch couple of tests failing on acient SLE-12
Patch57: python-2.7.17-switch-off-failing-SSL-tests.patch
# PATCH-FIX-UPSTREAM CVE-2020-8492-urllib-ReDoS.patch bsc#1162367 [email protected]
# Fixes Python urrlib allowed an HTTP server to conduct Regular
# Expression Denial of Service (ReDoS)
Patch58: CVE-2020-8492-urllib-ReDoS.patch
# PATCH-FIX-UPSTREAM CVE-2019-9674-zip-bomb.patch bsc#1162825 [email protected]
# Improve documentation warning against the possible zip bombs
Patch59: CVE-2019-9674-zip-bomb.patch
# PATCH-FIX-UPSTREAM CVE-2019-18348-CRLF_injection_via_host_part.patch
bsc#1155094 [email protected]
# disallow control characters in hostnames in httplib
Patch60: CVE-2019-18348-CRLF_injection_via_host_part.patch
# PATCH-FIX-UPSTREAM CVE-2019-20907_tarfile-inf-loop.patch bsc#1174091
[email protected]
# avoid possible infinite loop in specifically crafted tarball (CVE-2019-20907)
# REQUIRES SOURCE 61
Patch61: CVE-2019-20907_tarfile-inf-loop.patch
# COMMON-PATCH-END
%define python_version %(echo %{tarversion} | head -c 3)
BuildRequires: automake
BuildRequires: fdupes
BuildRequires: libbz2-devel
%if %{suse_version} >= 1500
BuildRequires: libnsl-devel
%endif
BuildRequires: pkg-config
BuildRequires: xz
BuildRequires: zlib-devel
#!BuildIgnore: python
# for the test suite
BuildRequires: netcfg
Requires: python-rpm-macros
# explicitly, see bnc#697251:
Requires: libpython%{so_version} = %{version}-%{release}
Provides: %{name} = %{python_version}
# bug437293
%ifarch ppc64
Obsoletes: python-64bit
%endif
Provides: python-ctypes = 1.1.0
Obsoletes: python-ctypes < 1.1.0
Provides: python-argparse = 1.4.0.1
Obsoletes: python-argparse < 1.4.0.1
Provides: python2-argparse = 1.4.0.1
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Provides: python2-base = %{version}
%description
Python is an interpreted, object-oriented programming language, and is
often compared to Tcl, Perl, Scheme, or Java. You can find an overview
of Python in the documentation and tutorials included in the python-doc
(HTML) or python-doc-pdf (PDF) packages.
This package contains all of stand-alone Python files, minus binary
modules that would pull in extra dependencies.
%package -n python-devel
Summary: Include Files and Libraries Mandatory for Building Python
Modules
Group: Development/Languages/Python
Requires: glibc-devel
Requires: python = %{version}
Requires: python-base = %{version}-%{release}
Provides: python2-devel = %{version}
# provide testsuite namespace that was split in python3 to ease dependencies
Provides: python-testsuite = %{version}
Provides: python2-testsuite = %{version}
%description -n python-devel
The Python programming language's interpreter can be extended with
dynamically loaded extensions and can be embedded in other programs.
This package contains header files, a static library, and development
tools for building Python modules, extending the Python interpreter or
embedding Python in applications.
%package -n python-xml
Summary: A Python XML Interface
Group: Development/Libraries/Python
Requires: python-base = %{version}-%{release}
# pyxml used to live out of tree
Provides: pyxml = 0.8.5
Obsoletes: pyxml < 0.8.5
Provides: python2-xml = %{version}
%description -n python-xml
The expat module is a Python interface to the expat XML parser. Since
Python2.x, it is part of the core Python distribution.
%package -n libpython%{so_version}
Summary: Python Interpreter shared library
Group: Development/Languages/Python
%description -n libpython2_7-1_0
Python is an interpreted, object-oriented programming language, and is
often compared to Tcl, Perl, Scheme, or Java. You can find an overview
of Python in the documentation and tutorials included in the python-doc
(HTML) or python-doc-pdf (PDF) packages.
This package contains libpython2.7 shared library for embedding in
other applications.
%prep
%setup -q -n %{tarname}
# patching
# COMMON-PREP-BEGIN
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch7 -p1
%patch8 -p1
%patch10 -p1
%patch13 -p1
%patch17 -p1
%patch20 -p1
%patch22 -p1
%patch24 -p1
%patch33 -p1
%if %{suse_version} == 1315 && !0%{?is_opensuse}
%patch34 -p1
%endif
%patch35 -p1
%patch38 -p1
%ifarch ppc ppc64 ppc64le
%patch40 -p1
%endif
%patch41 -p1
%if %{suse_version} >= 1500
%patch47 -p1
%patch48 -p1
%else
%patch57 -p1
%endif
%patch49 -p1
%patch50 -p1
%patch51 -p1
%patch55 -p1
%patch56 -p1
%patch58 -p1
%patch59 -p1
%patch60 -p1
%patch61 -p1
# For patch 61
cp -v %{SOURCE61} Lib/test/recursion.tar
# drop Autoconf version requirement
sed -i 's/^version_required/dnl version_required/' configure.ac
# COMMON-PREP-END
%build
%define _lto_cflags %{nil}
export OPT="%{optflags} -DOPENSSL_LOAD_CONF -fwrapv"
autoreconf -f -i . # Modules/_ctypes/libffi
# provide a stable timestamp
touch -r %{SOURCE0} Makefile.pre.in
# prevent make from trying to rebuild asdl stuff, which requires existing
# python installation
touch Parser/asdl* Python/Python-ast.c Include/Python-ast.h
%configure \
--docdir=%{_docdir}/python \
--with-fpectl \
--enable-ipv6 \
--enable-shared \
--enable-unicode=ucs4
%if 0%{?do_profiling}
target=profile-opt
%else
target=all
%endif
LD_LIBRARY_PATH=$PWD:$LD_LIBRARY_PATH \
make %{?_smp_mflags} $target
%check
# on hppa, the threading of glibc is quite broken. The tests just stop
# at some point, and the machine does not build anything more until a
# timeout several hours later.
%ifnarch hppa
# test_file(2k) fails in autobuild env - "stdin.seek(-1)" wrongly succeeds.
probably an issue with autobuild's stdin
# test_urllib2 relies on being able to resolve local address, which is
notoriously impossible in autobuild
# test_urllib2_localnet randomly fails out
EXCLUDE="test_urllib2 test_urllib2_localnet test_file test_file2k"
# test_nis and test_threading are AWFULLY slow.
EXCLUDE="$EXCLUDE test_nis test_threading"
# test_gdb fails if gdb with (different) python support is part of the
buildsystem
EXCLUDE="$EXCLUDE test_gdb"
%ifarch ia64
# test_smtplib's testSend is known to be broken and on ia64 it actually fails
most of the time, preventing the build.
EXCLUDE="$EXCLUDE test_smtplib"
%endif
# test_unicode fails in Factory
EXCLUDE="$EXCLUDE test_unicode"
%if 0%{?qemu_user_space_build}
# test_asyncore fails because of unimplemented sockopt
EXCLUDE="$EXCLUDE test_asyncore test_mmap"
# emulation is unreliable
EXCLUDE="$EXCLUDE test_multiprocessing test_thread"
# qemu bug (siginterrupt handling)
EXCLUDE="$EXCLUDE test_signal"
%endif
%ifarch s390 s390x
# test_regrtest tries to segfault the interpreter by dereferencing a NULL
pointer, but that doesn't
# actually produce a segfault on S390
EXCLUDE="$EXCLUDE test_regrtest"
%endif
# This test (part of test_uuid) requires real network interfaces
# so that ifconfig output has "HWaddr <something>". Some kvm instances
# don't have any such interface breaking the uuid module test.
EXCLUDE="$EXCLUDE test_uuid"
# bypass boo#1078485
# many flaky tests if osc build in loop on ppc64le
%ifarch ppc ppc64 ppc64le
EXCLUDE="$EXCLUDE test_asynchat test_asyncore test_dircache
test_multiprocessing test_nntplib test_queue test_signal test_socket
test_subprocess test_telnetlib test_xmlrpc "
%endif
# Limit virtual memory to avoid spurious failures
if test $(ulimit -v) = unlimited || test $(ulimit -v) -gt 10000000; then
ulimit -v 10000000 || :
fi
make test TESTOPTS="-l -x $EXCLUDE" TESTPYTHONOPTS="-R"
# use network, be verbose:
#make test TESTOPTS="-l -u network -v"
%endif
%install
# replace rest of /usr/local/bin/python or /usr/bin/python2.5 with
/usr/bin/python
find . -name '*.py' -type f | grep -vE "^./Parser/|^./Python/" \
| xargs grep -lE '^#! *(/usr/.*bin/(env +)?)?python' \
| xargs sed -r -i -e '1s@^#![[:space:]]*(/usr/(local/)?bin/(env
+)?)?python([0-9]+\.[0-9]+)?@#!/usr/bin/python@'
# the grep inbetween makes it much faster
########################################
# install it
########################################
%make_install OPT="%{optflags} -fPIC"
install -m 644 %{SOURCE5}
%{buildroot}%{_libdir}/python%{python_version}/site-packages/_local.pth
install -d -m 755 %{buildroot}%{_rpmconfigdir}/macros.d/
install -m 644 %{SOURCE1} %{buildroot}%{_rpmconfigdir}/macros.d/
# make sure /usr/lib/python/site-packages exists even on lib64 machines
mkdir -p %{buildroot}%{_prefix}/lib/python%{python_version}/site-packages
########################################
# some cleanups
########################################
# remove hard links and replace them with symlinks
for dir in bin include %{_lib} ; do
rm -f %{buildroot}/%{_prefix}/$dir/python
ln -s python%{python_version} %{buildroot}/%{_prefix}/$dir/python
done
CLEANUP_DIR="%{buildroot}%{_libdir}/python%{python_version}"
# don't distribute precompiled windows installers (duh)
rm -f $CLEANUP_DIR/distutils/command/*.exe
# kill imageop.so - it used to be insecure and it is deprecated anyway
rm -f $CLEANUP_DIR/lib-dynload/imageop.so
# link shared library instead of static library that tools expect
ln -s ../../libpython%{python_version}.so
%{buildroot}%{_libdir}/python%{python_version}/config/libpython%{python_version}.so
# remove various things that don't need to be in python-base
rm %{buildroot}%{_bindir}/idle
rm -rf $CLEANUP_DIR/{curses,bsddb,idlelib,lib-tk,sqlite3}
rm $CLEANUP_DIR/ssl.py*
# does not work without _ssl.so anyway
# replace duplicate .pyo/.pyc with hardlinks
%fdupes %{buildroot}/%{_libdir}/python%{python_version}
########################################
# documentation
########################################
export PDOCS=%{buildroot}%{_docdir}/%{name}
install -d -m 755 $PDOCS
install -c -m 644 %{SOURCE3} $PDOCS/
install -c -m 644 LICENSE $PDOCS/
install -c -m 644 README $PDOCS/
ln -s python%{python_version}.1.gz %{buildroot}%{_mandir}/man1/python.1.gz
########################################
# devel
########################################
# install Makefile.pre.in and Makefile.pre
cp Makefile Makefile.pre.in Makefile.pre
%{buildroot}%{_libdir}/python%{python_version}/config/
%post -n libpython2_7-1_0 -p %{run_ldconfig}
%postun -n libpython2_7-1_0 -p %{run_ldconfig}
%files -n python-devel
%defattr(-, root, root)
%{_libdir}/python%{python_version}/config/*
%exclude %{_libdir}/python%{python_version}/config/Setup
%exclude %{_libdir}/python%{python_version}/config/Makefile
%defattr(644, root, root, 755)
%{_libdir}/libpython*.so
%{_libdir}/pkgconfig/python-%{python_version}.pc
%{_libdir}/pkgconfig/python.pc
%{_libdir}/pkgconfig/python2.pc
%{_includedir}/python*
%exclude %{_includedir}/python%{python_version}/pyconfig.h
%{_libdir}/python%{python_version}/test
%defattr(755, root, root)
%{_bindir}/python-config
%{_bindir}/python2-config
%{_bindir}/python%{python_version}-config
%files -n python-xml
%defattr(644, root, root, 755)
%{_libdir}/python%{python_version}/xml
%{_libdir}/python%{python_version}/lib-dynload/pyexpat.so
%files -n libpython2_7-1_0
%defattr(644, root, root)
%{_libdir}/libpython*.so.*
%files
%defattr(644, root, root, 755)
%{_rpmconfigdir}/macros.d/macros.python2
%dir %{_docdir}/%{name}
%doc %{_docdir}/%{name}/README
%doc %{_docdir}/%{name}/LICENSE
%doc %{_docdir}/%{name}/README.SUSE
%doc %{_mandir}/man1/python.1*
%doc %{_mandir}/man1/python2.1*
%doc %{_mandir}/man1/python%{python_version}.1*
%dir %{_includedir}/python%{python_version}
%{_includedir}/python%{python_version}/pyconfig.h
%{_libdir}/python
%dir %{_prefix}/lib/python%{python_version}
%dir %{_prefix}/lib/python%{python_version}/site-packages
%dir %{_libdir}/python%{python_version}
%dir %{_libdir}/python%{python_version}/config
%{_libdir}/python%{python_version}/config/Setup
%{_libdir}/python%{python_version}/config/Makefile
%{_libdir}/python%{python_version}/*.*
%{_libdir}/python%{python_version}/compiler
%{_libdir}/python%{python_version}/ctypes
%{_libdir}/python%{python_version}/distutils
%{_libdir}/python%{python_version}/email
%{_libdir}/python%{python_version}/encodings
%{_libdir}/python%{python_version}/ensurepip
%{_libdir}/python%{python_version}/hotshot
%{_libdir}/python%{python_version}/importlib
%{_libdir}/python%{python_version}/json
%{_libdir}/python%{python_version}/lib2to3
%{_libdir}/python%{python_version}/logging
%{_libdir}/python%{python_version}/multiprocessing
%{_libdir}/python%{python_version}/plat-*
%{_libdir}/python%{python_version}/pydoc_data
%{_libdir}/python%{python_version}/unittest
%{_libdir}/python%{python_version}/wsgiref
%dir %{_libdir}/python%{python_version}/site-packages
%{_libdir}/python%{python_version}/site-packages/README
%{_libdir}/python%{python_version}/site-packages/_local.pth
%dir %{_libdir}/python%{python_version}/lib-dynload
%{_libdir}/python%{python_version}/lib-dynload/_bisect.so
#%%{_libdir}/python%%{python_version}/lib-dynload/_bytesio.so
%{_libdir}/python%{python_version}/lib-dynload/_csv.so
%{_libdir}/python%{python_version}/lib-dynload/_collections.so
%{_libdir}/python%{python_version}/lib-dynload/_ctypes.so
%{_libdir}/python%{python_version}/lib-dynload/_ctypes_test.so
%{_libdir}/python%{python_version}/lib-dynload/_elementtree.so
#%%{_libdir}/python%%{python_version}/lib-dynload/_fileio.so
%{_libdir}/python%{python_version}/lib-dynload/_functools.so
%{_libdir}/python%{python_version}/lib-dynload/_heapq.so
%{_libdir}/python%{python_version}/lib-dynload/_hotshot.so
%{_libdir}/python%{python_version}/lib-dynload/_io.so
%{_libdir}/python%{python_version}/lib-dynload/_json.so
%{_libdir}/python%{python_version}/lib-dynload/_locale.so
%{_libdir}/python%{python_version}/lib-dynload/_lsprof.so
%{_libdir}/python%{python_version}/lib-dynload/_md5.so
%{_libdir}/python%{python_version}/lib-dynload/_multiprocessing.so
%{_libdir}/python%{python_version}/lib-dynload/_random.so
%{_libdir}/python%{python_version}/lib-dynload/_sha.so
%{_libdir}/python%{python_version}/lib-dynload/_sha256.so
%{_libdir}/python%{python_version}/lib-dynload/_sha512.so
%{_libdir}/python%{python_version}/lib-dynload/_socket.so
%{_libdir}/python%{python_version}/lib-dynload/_struct.so
%{_libdir}/python%{python_version}/lib-dynload/_testcapi.so
%{_libdir}/python%{python_version}/lib-dynload/array.so
%{_libdir}/python%{python_version}/lib-dynload/audioop.so
%{_libdir}/python%{python_version}/lib-dynload/binascii.so
%{_libdir}/python%{python_version}/lib-dynload/bz2.so
%{_libdir}/python%{python_version}/lib-dynload/cPickle.so
%{_libdir}/python%{python_version}/lib-dynload/cStringIO.so
%{_libdir}/python%{python_version}/lib-dynload/cmath.so
%{_libdir}/python%{python_version}/lib-dynload/crypt.so
%{_libdir}/python%{python_version}/lib-dynload/datetime.so
%{_libdir}/python%{python_version}/lib-dynload/fcntl.so
%{_libdir}/python%{python_version}/lib-dynload/future_builtins.so
%{_libdir}/python%{python_version}/lib-dynload/grp.so
%{_libdir}/python%{python_version}/lib-dynload/itertools.so
%{_libdir}/python%{python_version}/lib-dynload/linuxaudiodev.so
%{_libdir}/python%{python_version}/lib-dynload/math.so
%{_libdir}/python%{python_version}/lib-dynload/mmap.so
%{_libdir}/python%{python_version}/lib-dynload/nis.so
%{_libdir}/python%{python_version}/lib-dynload/operator.so
%{_libdir}/python%{python_version}/lib-dynload/ossaudiodev.so
%{_libdir}/python%{python_version}/lib-dynload/parser.so
%{_libdir}/python%{python_version}/lib-dynload/resource.so
%{_libdir}/python%{python_version}/lib-dynload/select.so
%{_libdir}/python%{python_version}/lib-dynload/spwd.so
%{_libdir}/python%{python_version}/lib-dynload/strop.so
%{_libdir}/python%{python_version}/lib-dynload/syslog.so
%{_libdir}/python%{python_version}/lib-dynload/termios.so
%{_libdir}/python%{python_version}/lib-dynload/time.so
%{_libdir}/python%{python_version}/lib-dynload/unicodedata.so
%{_libdir}/python%{python_version}/lib-dynload/zlib.so
%{_libdir}/python%{python_version}/lib-dynload/_codecs*.so
%{_libdir}/python%{python_version}/lib-dynload/_multibytecodec.so
%{_libdir}/python%{python_version}/lib-dynload/Python-%{tarversion}-py%{python_version}.egg-info
# these modules don't support 64-bit arches (disabled by setup.py)
%ifnarch alpha ia64 x86_64 s390x ppc64 ppc64le sparc64 aarch64
# requires sizeof(int) == sizeof(long) == sizeof(char*)
%{_libdir}/python%{python_version}/lib-dynload/dl.so
%endif
%attr(755, root, root) %{_bindir}/pydoc
%attr(755, root, root) %{_bindir}/python
%attr(755, root, root) %{_bindir}/python%{python_version}
%attr(755, root, root) %{_bindir}/smtpd.py
%{_bindir}/python2
%exclude %{_bindir}/2to3
%changelog
++++++ python-doc.spec ++++++
#
# spec file for package python-doc
#
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: python-doc
Version: 2.7.17
Release: 0
Summary: Additional Package Documentation for Python
License: Python-2.0
Group: Development/Languages/Python
URL: http://www.python.org/
%define tarname Python-%{version}
Source0: %{tarname}.tar.xz
# docs for current version are regenerated every day
# this messes with autobuild "file changed" checks
#Source2:
http://docs.python.org/%{version}/archives/python-%{pyver}-docs-pdf-a4.tar.bz2
#Source3:
http://docs.python.org/%{version}/archives/python-%{pyver}-docs-pdf-letter.tar.bz2
Source2: python-%{version}-docs-pdf-a4.tar.bz2
Source3: python-%{version}-docs-pdf-letter.tar.bz2
# For the patch 61
Source61: recursion.tar
BuildRequires: python-Sphinx
BuildRequires: python-packaging
BuildRequires: xz
# COMMON-PATCH-BEGIN
Patch1: python-2.7-dirs.patch
Patch2: python-distutils-rpm-8.patch
Patch3: python-2.7.5-multilib.patch
Patch4: python-2.5.1-sqlite.patch
Patch5: python-2.7.4-canonicalize2.patch
Patch7: python-2.6-gettext-plurals.patch
Patch8: python-2.6b3-curses-panel.patch
Patch10: sparc_longdouble.patch
Patch13: python-2.7.2-fix_date_time_compiler.patch
Patch17: remove-static-libpython.patch
# PATCH-FEATURE-OPENSUSE python-bundle-lang.patch bnc#617751
[email protected] -- gettext: when looking in default_localedir also check
in locale-bundle.
Patch20: python-bundle-lang.patch
# PATCH-FIX-UPSTREAM Fix argument passing in libffi for aarch64
Patch22: python-2.7-libffi-aarch64.patch
Patch24: python-bsddb6.patch
# PATCH-FIX-UPSTREAM accept directory-based CA paths as well
Patch33: python-2.7.9-ssl_ca_path.patch
# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients
Patch34: python-2.7.9-sles-disable-verification-by-default.patch
# PATCH-FIX-UPSTREAM do not use non-ASCII filename in test_ssl.py
Patch35: do-not-use-non-ascii-in-test_ssl.patch
# PATCH-FIX-UPSTREAM [email protected] -- allow python packages to build
reproducibly
Patch38: reproducible.patch
# bypass boo#1078485 random failing tests
Patch40: python-skip_random_failing_tests.patch
# PATCH-FIX-UPSTREAM sorted tar https://github.com/python/cpython/pull/2263
Patch41: python-sorted_tar.patch
# https://github.com/python/cpython/pull/9624
(https://bugs.python.org/issue34834)
Patch47: openssl-111-middlebox-compat.patch
# PATCH-FIX-SUSE python default SSLContext doesn't contain
OP_CIPHER_SERVER_PREFERENCE
Patch48: openssl-111-ssl_options.patch
# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191
[email protected]
# gh#python/cpython#11569
# Fix segfault in ssl's cert parser
Patch49: CVE-2019-5010-null-defer-x509-cert-DOS.patch
# PATCH-FIX-UPSTREAM bpo36160-init-sysconfig_vars.patch gh#python/cpython#12131
[email protected]
# Initialize sysconfig variables in test_site.
Patch50: bpo36160-init-sysconfig_vars.patch
# PATCH-FIX-UPSTREAM CVE-2017-18207.patch gh#python/cpython#4437
[email protected]
# Add check for channels of wav file in Lib/wave.py
Patch51: CVE-2017-18207.patch
# PATCH-FIX-UPSTREAM gh#python/cpython#12341
Patch55: bpo36302-sort-module-sources.patch
# Fix installation in /usr/local (boo#1071941), adapted from Fedora
#
https://src.fedoraproject.org/rpms/python3/blob/master/f/00251-change-user-install-location.patch
# Set values of prefix and exec_prefix in distutils install command
# to /usr/local if executable is /usr/bin/python* and RPM build
# is not detected to make pip and distutils install into separate location
Patch56: adapted-from-F00251-change-user-install-location.patch
# Switch couple of tests failing on acient SLE-12
Patch57: python-2.7.17-switch-off-failing-SSL-tests.patch
# PATCH-FIX-UPSTREAM CVE-2020-8492-urllib-ReDoS.patch bsc#1162367 [email protected]
# Fixes Python urrlib allowed an HTTP server to conduct Regular
# Expression Denial of Service (ReDoS)
Patch58: CVE-2020-8492-urllib-ReDoS.patch
# PATCH-FIX-UPSTREAM CVE-2019-9674-zip-bomb.patch bsc#1162825 [email protected]
# Improve documentation warning against the possible zip bombs
Patch59: CVE-2019-9674-zip-bomb.patch
# PATCH-FIX-UPSTREAM CVE-2019-18348-CRLF_injection_via_host_part.patch
bsc#1155094 [email protected]
# disallow control characters in hostnames in httplib
Patch60: CVE-2019-18348-CRLF_injection_via_host_part.patch
# PATCH-FIX-UPSTREAM CVE-2019-20907_tarfile-inf-loop.patch bsc#1174091
[email protected]
# avoid possible infinite loop in specifically crafted tarball (CVE-2019-20907)
# REQUIRES SOURCE 61
Patch61: CVE-2019-20907_tarfile-inf-loop.patch
# COMMON-PATCH-END
Provides: pyth_doc
Provides: pyth_ps
Obsoletes: pyth_doc
Obsoletes: pyth_ps
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
Enhances: python = %{version}
Provides: python2-doc = %{version}
%description
Tutorial, Global Module Index, Language Reference, Library Reference,
Extending and Embedding Reference, Python/C API Reference, Documenting
Python, and Macintosh Module Reference in HTML format.
%package pdf
Summary: Python PDF Documentation
Group: Development/Languages/Python
Provides: pyth_pdf
Obsoletes: pyth_pdf
Provides: python2-doc-pdf = %{version}
%description pdf
Tutorial, Global Module Index, Language Reference, Library Reference,
Extending and Embedding Reference, Python/C API Reference, Documenting
Python, and Macintosh Module Reference in PDF format.
%prep
%setup -q -n %{tarname}
# COMMON-PREP-BEGIN
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch7 -p1
%patch8 -p1
%patch10 -p1
%patch13 -p1
%patch17 -p1
%patch20 -p1
%patch22 -p1
%patch24 -p1
%patch33 -p1
%if %{suse_version} == 1315 && !0%{?is_opensuse}
%patch34 -p1
%endif
%patch35 -p1
%patch38 -p1
%ifarch ppc ppc64 ppc64le
%patch40 -p1
%endif
%patch41 -p1
%if %{suse_version} >= 1500
%patch47 -p1
%patch48 -p1
%else
%patch57 -p1
%endif
%patch49 -p1
%patch50 -p1
%patch51 -p1
%patch55 -p1
%patch56 -p1
%patch58 -p1
%patch59 -p1
%patch60 -p1
%patch61 -p1
# For patch 61
cp -v %{SOURCE61} Lib/test/recursion.tar
# drop Autoconf version requirement
sed -i 's/^version_required/dnl version_required/' configure.ac
# COMMON-PREP-END
%build
TODAY_DATE=`date -r %{S:0} "+%B %d, %Y"`
# TODO use not date of tarball but date of latest patch
pushd Doc
sed -i "s/^today = .*/today = '$TODAY_DATE'/" conf.py
%if 0%{?suse_version} < 1320
# lower sphinx version requirement, docs seem to work fine with 1.1
sed -i "s/^needs_sphinx = .*/needs_sphinx = '1.1'/" conf.py
%endif
make html
popd
%install
export PDOCS=%{buildroot}%{_docdir}/python
install -d -m 755 $PDOCS/Misc
rm Doc/build/html/.buildinfo
mv Doc/build/html $PDOCS/html
tar xfj %{SOURCE2} -C $PDOCS
mv $PDOCS/docs-pdf $PDOCS/paper-a4
tar xfj %{SOURCE3} -C $PDOCS
mv $PDOCS/docs-pdf $PDOCS/paper-letter
# this is part of main package
#install -c -m 644 README $PDOCS/README
for i in Misc/* ; do
[ -f $i ] && install -c -m 644 $i $PDOCS/Misc/
done
%files
%defattr(644,root,root,755)
%dir %{_docdir}/python
%doc %{_docdir}/python/Misc
%doc %{_docdir}/python/html
#%doc %{_docdir}/python/README
%files pdf
%defattr(644,root,root,755)
%doc %{_docdir}/python/paper-a4
%doc %{_docdir}/python/paper-letter
%changelog
++++++ python.spec ++++++
#
# spec file for package python
#
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: python
Version: 2.7.17
Release: 0
Summary: Python Interpreter
License: Python-2.0
Group: Development/Languages/Python
URL: http://www.python.org/
%define tarversion %{version}
%define tarname Python-%{tarversion}
Source0: http://www.python.org/ftp/python/%{version}/%{tarname}.tar.xz
Source1: README.SUSE
Source8: sle_tls_checks_policy.py
#Source11: testfiles.tar.bz2
Source50: idle.appdata.xml
Source51: idle.desktop
# For patch 61
Source61: recursion.tar
# issues with copyrighted Unicode testing files
# !!!!!!!!!!!!!!
# do not add or edit patches here. please edit python-base.spec
# instead and run pre_checkin.sh
# !!!!!!!!!!!!!!
# COMMON-PATCH-BEGIN
Patch1: python-2.7-dirs.patch
Patch2: python-distutils-rpm-8.patch
Patch3: python-2.7.5-multilib.patch
Patch4: python-2.5.1-sqlite.patch
Patch5: python-2.7.4-canonicalize2.patch
Patch7: python-2.6-gettext-plurals.patch
Patch8: python-2.6b3-curses-panel.patch
Patch10: sparc_longdouble.patch
Patch13: python-2.7.2-fix_date_time_compiler.patch
Patch17: remove-static-libpython.patch
# PATCH-FEATURE-OPENSUSE python-bundle-lang.patch bnc#617751
[email protected] -- gettext: when looking in default_localedir also check
in locale-bundle.
Patch20: python-bundle-lang.patch
# PATCH-FIX-UPSTREAM Fix argument passing in libffi for aarch64
Patch22: python-2.7-libffi-aarch64.patch
Patch24: python-bsddb6.patch
# PATCH-FIX-UPSTREAM accept directory-based CA paths as well
Patch33: python-2.7.9-ssl_ca_path.patch
# PATCH-FEATURE-SLE disable SSL verification-by-default in http clients
Patch34: python-2.7.9-sles-disable-verification-by-default.patch
# PATCH-FIX-UPSTREAM do not use non-ASCII filename in test_ssl.py
Patch35: do-not-use-non-ascii-in-test_ssl.patch
# PATCH-FIX-UPSTREAM [email protected] -- allow python packages to build
reproducibly
Patch38: reproducible.patch
# bypass boo#1078485 random failing tests
Patch40: python-skip_random_failing_tests.patch
# PATCH-FIX-UPSTREAM sorted tar https://github.com/python/cpython/pull/2263
Patch41: python-sorted_tar.patch
# https://github.com/python/cpython/pull/9624
(https://bugs.python.org/issue34834)
Patch47: openssl-111-middlebox-compat.patch
# PATCH-FIX-SUSE python default SSLContext doesn't contain
OP_CIPHER_SERVER_PREFERENCE
Patch48: openssl-111-ssl_options.patch
# PATCH-FIX-UPSTREAM CVE-2019-5010-null-defer-x509-cert-DOS.patch bnc#1122191
[email protected]
# gh#python/cpython#11569
# Fix segfault in ssl's cert parser
Patch49: CVE-2019-5010-null-defer-x509-cert-DOS.patch
# PATCH-FIX-UPSTREAM bpo36160-init-sysconfig_vars.patch gh#python/cpython#12131
[email protected]
# Initialize sysconfig variables in test_site.
Patch50: bpo36160-init-sysconfig_vars.patch
# PATCH-FIX-UPSTREAM CVE-2017-18207.patch gh#python/cpython#4437
[email protected]
# Add check for channels of wav file in Lib/wave.py
Patch51: CVE-2017-18207.patch
# PATCH-FIX-UPSTREAM gh#python/cpython#12341
Patch55: bpo36302-sort-module-sources.patch
# Fix installation in /usr/local (boo#1071941), adapted from Fedora
#
https://src.fedoraproject.org/rpms/python3/blob/master/f/00251-change-user-install-location.patch
# Set values of prefix and exec_prefix in distutils install command
# to /usr/local if executable is /usr/bin/python* and RPM build
# is not detected to make pip and distutils install into separate location
Patch56: adapted-from-F00251-change-user-install-location.patch
# Switch couple of tests failing on acient SLE-12
Patch57: python-2.7.17-switch-off-failing-SSL-tests.patch
# PATCH-FIX-UPSTREAM CVE-2020-8492-urllib-ReDoS.patch bsc#1162367 [email protected]
# Fixes Python urrlib allowed an HTTP server to conduct Regular
# Expression Denial of Service (ReDoS)
Patch58: CVE-2020-8492-urllib-ReDoS.patch
# PATCH-FIX-UPSTREAM CVE-2019-9674-zip-bomb.patch bsc#1162825 [email protected]
# Improve documentation warning against the possible zip bombs
Patch59: CVE-2019-9674-zip-bomb.patch
# PATCH-FIX-UPSTREAM CVE-2019-18348-CRLF_injection_via_host_part.patch
bsc#1155094 [email protected]
# disallow control characters in hostnames in httplib
Patch60: CVE-2019-18348-CRLF_injection_via_host_part.patch
# PATCH-FIX-UPSTREAM CVE-2019-20907_tarfile-inf-loop.patch bsc#1174091
[email protected]
# avoid possible infinite loop in specifically crafted tarball (CVE-2019-20907)
# REQUIRES SOURCE 61
Patch61: CVE-2019-20907_tarfile-inf-loop.patch
# COMMON-PATCH-END
BuildRequires: automake
BuildRequires: db-devel
BuildRequires: fdupes
BuildRequires: gdbm-devel
BuildRequires: gmp-devel
BuildRequires: libbz2-devel
%if %{suse_version} >= 1500
BuildRequires: libnsl-devel
%endif
BuildRequires: libopenssl-devel
BuildRequires: ncurses-devel
BuildRequires: readline-devel
BuildRequires: sqlite-devel
BuildRequires: tk-devel
BuildRequires: xz
BuildRequires: pkgconfig(x11)
# for %%{_datadir}/application and %%{_datadir}/mime/packages
BuildRequires: filesystem
BuildRequires: update-desktop-files
# for %%{_datadir}/icons/hicolor directories
BuildRequires: hicolor-icon-theme
%define python_version %(echo %{tarversion} | head -c 3)
%define idle_name idle
Requires: python-base = %{version}
%if %{suse_version} == 1315 && !0%{?is_opensuse}
Recommends: python-strict-tls-check
%endif
Provides: %{name} = %{python_version}
Provides: python2 = %{version}
# To make older versions of this package to conflict with
# shared-python-startup I need a symbol to conflict with
Provides: python2_split_startup
Obsoletes: python-elementtree
Obsoletes: python-nothreads
Obsoletes: python-sqlite
Obsoletes: python21
# bug437293
%ifarch ppc64
Obsoletes: python-64bit
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Python is an interpreted, object-oriented programming language, and is
often compared to Tcl, Perl, Scheme, or Java. You can find an overview
of Python in the documentation and tutorials included in the python-doc
(HTML) or python-doc-pdf (PDF) packages.
If you want to install third party modules using distutils, you need to
install python-devel package.
%package idle
Summary: An Integrated Development Environment for Python
Group: Development/Languages/Python
Requires: python-base = %{version}
Requires: python-tk
Provides: python2-idle = %{version}
%description idle
IDLE is a Tkinter based integrated development environment for Python.
It features a multi-window text editor with multiple undo, Python
colorizing, and many other things, as well as a Python shell window and
a debugger.
%package demo
Summary: Python Demonstration Scripts
Group: Development/Languages/Python
Requires: python-base = %{version}
Provides: pyth_dmo
Obsoletes: pyth_dmo
Provides: python2-demo = %{version}
%description demo
Various demonstrations of what you can do with Python and a number of
programs that are useful for building or extending Python.
%package tk
Summary: TkInter - Python Tk Interface
Group: Development/Libraries/Python
Requires: python-base = %{version}
Provides: pyth_tk
Provides: pyth_tkl
Provides: python-tkinter
Provides: python_tkinter_lib
#%ifarch %ix86
#Provides: _tkinter.so
#%endif
Obsoletes: pyth_tk
Obsoletes: pyth_tkl
Obsoletes: python-tkinter
Provides: python2-tk = %{version}
%description tk
Python interface to Tk. Tk is the GUI toolkit that comes with Tcl.
%package curses
Summary: Python Interface to the (N)Curses Library
Group: Development/Libraries/Python
Requires: python-base = %{version}
Obsoletes: pyth_cur
Provides: pyth_cur
Provides: python2-curses = %{version}
%description curses
An easy to use interface to the (n)curses CUI library. CUI stands for
Console User Interface.
%package gdbm
Summary: Python Interface to the GDBM Library
Group: Development/Libraries/Python
Requires: python-base = %{version}
Obsoletes: pygdmod
Provides: pygdmod
Provides: python2-gdbm = %{version}
# Compat to allow BR on python_module dbm and have it properly
# pull in gdbm on py2 and dbm on py3
Provides: python-dbm = %{version}
Provides: python2-dbm = %{version}
%description gdbm
An easy to use interface for GDBM databases. GDBM is the GNU
implementation of the standard Unix DBM databases.
%if %{suse_version} == 1315 && !0%{?is_opensuse}
%package strict-tls-check
Summary: Enable secure verification of TLS certificates
Group: Development/Libraries/Python
Requires: %{name} = %{version}
Supplements: %{name}
%description strict-tls-check
When this package is present, Python performs strict verification of
TLS certificates, including hostname check, by default. This is
the preferred secure setting.
It is distributed as a separate package, because this behavior
can cause verification errors in improperly written legacy scripts
that rely on earlier non-verification behavior.
%endif
%prep
%setup -q -n %{tarname}
# COMMON-PREP-BEGIN
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch7 -p1
%patch8 -p1
%patch10 -p1
%patch13 -p1
%patch17 -p1
%patch20 -p1
%patch22 -p1
%patch24 -p1
%patch33 -p1
%if %{suse_version} == 1315 && !0%{?is_opensuse}
%patch34 -p1
%endif
%patch35 -p1
%patch38 -p1
%ifarch ppc ppc64 ppc64le
%patch40 -p1
%endif
%patch41 -p1
%if %{suse_version} >= 1500
%patch47 -p1
%patch48 -p1
%else
%patch57 -p1
%endif
%patch49 -p1
%patch50 -p1
%patch51 -p1
%patch55 -p1
%patch56 -p1
%patch58 -p1
%patch59 -p1
%patch60 -p1
%patch61 -p1
# For patch 61
cp -v %{SOURCE61} Lib/test/recursion.tar
# drop Autoconf version requirement
sed -i 's/^version_required/dnl version_required/' configure.ac
# COMMON-PREP-END
%if %{suse_version} == 1315 && !0%{?is_opensuse}
cp %{SOURCE8} Lib/
%endif
%build
%define _lto_cflags %{nil}
export OPT="%{optflags} -DOPENSSL_LOAD_CONF -fwrapv"
autoreconf -f -i . # Modules/_ctypes/libffi
# prevent make from trying to rebuild asdl stuff, which requires existing
# python installation
touch Parser/asdl* Python/Python-ast.c Include/Python-ast.h
%configure \
--docdir=%{_docdir}/python \
--enable-ipv6 \
--with-fpectl \
--enable-shared \
--enable-unicode=ucs4
LD_LIBRARY_PATH=$PWD:$LD_LIBRARY_PATH \
make %{?_smp_mflags}
%check
# on hppa, the threading of glibc is quite broken. The tests just stop
# at some point, and the machine does not build anything more until a
# timeout several hours later.
%ifnarch hppa
# Limit virtual memory to avoid spurious failures
if test $(ulimit -v) = unlimited || test $(ulimit -v) -gt 10000000; then
ulimit -v 10000000 || :
fi
LIST="test_urllib test_ssl test_hashlib test_hmac test_unicodedata test_tarfile
test_sqlite test_tcl test_dbm test_anydbm test_dumbdbm test_gdbm test_whichdb
test_tk test_ttk_textonly test_bsddb test_bsddb3 test_readline"
make test TESTOPTS="-w $LIST" TESTPYTHONOPTS="-R"
%endif
%install
# replace rest of /usr/local/bin/python or /usr/bin/python2.x with
/usr/bin/python
find . -name '*.py' -type f | grep -vE "^./Parser/|^./Python/" \
| xargs grep -lE '^#! *(/usr/.*bin/(env +)?)?python' \
| xargs sed -r -i -e '1s@^#![[:space:]]*(/usr/(local/)?bin/(env
+)?)?python([0-9]+\.[0-9]+)?@#!/usr/bin/python@'
# the grep inbetween makes it much faster
########################################
# install it
########################################
%make_install OPT="%{optflags} -fPIC"
########################################
# some cleanups
########################################
# remove hard links and replace them with symlinks
for dir in bin include %{_lib} ; do
rm -f %{buildroot}/%{_prefix}/$dir/python
ln -s python%{python_version} %{buildroot}/%{_prefix}/$dir/python
done
# kill imageop.so, it's insecure
rm -f %{buildroot}/%{_libdir}/python%{python_version}/lib-dynload/imageop.so
#cleanup for -base
rm %{buildroot}%{_bindir}/python%{python_version}
rm %{buildroot}%{_bindir}/python2
rm %{buildroot}%{_bindir}/python
rm %{buildroot}%{_bindir}/smtpd.py
rm %{buildroot}%{_bindir}/pydoc
rm %{buildroot}%{_bindir}/2to3
rm %{buildroot}%{_mandir}/man1/python*
rm %{buildroot}%{_libdir}/libpython*.so.*
rm %{buildroot}%{_libdir}/python
find %{buildroot}%{_libdir}/python%{python_version} -maxdepth 1 \
! \( -name "ssl.py*" -o -name "sle_tls_checks_policy.py*" \) \
-exec rm {} ";"
rm %{buildroot}%{_bindir}/python%{python_version}-config
rm %{buildroot}%{_bindir}/python2-config
rm %{buildroot}%{_bindir}/python-config
rm %{buildroot}%{_libdir}/pkgconfig/*
rm -r %{buildroot}%{_includedir}/python
rm -r %{buildroot}%{_includedir}/python%{python_version}
rm -r %{buildroot}%{_libdir}/python%{python_version}/compiler
rm -r %{buildroot}%{_libdir}/python%{python_version}/config
rm -r %{buildroot}%{_libdir}/python%{python_version}/ctypes
rm -r %{buildroot}%{_libdir}/python%{python_version}/distutils
rm -r %{buildroot}%{_libdir}/python%{python_version}/email
rm -r %{buildroot}%{_libdir}/python%{python_version}/encodings
rm -r %{buildroot}%{_libdir}/python%{python_version}/ensurepip
rm -r %{buildroot}%{_libdir}/python%{python_version}/hotshot
rm -r %{buildroot}%{_libdir}/python%{python_version}/importlib
rm -r %{buildroot}%{_libdir}/python%{python_version}/json
rm -r %{buildroot}%{_libdir}/python%{python_version}/lib2to3
rm -r %{buildroot}%{_libdir}/python%{python_version}/logging
rm -r %{buildroot}%{_libdir}/python%{python_version}/multiprocessing
rm -r %{buildroot}%{_libdir}/python%{python_version}/plat-*
rm -r %{buildroot}%{_libdir}/python%{python_version}/pydoc_data
rm -r %{buildroot}%{_libdir}/python%{python_version}/test
rm -r %{buildroot}%{_libdir}/python%{python_version}/unittest
rm -r %{buildroot}%{_libdir}/python%{python_version}/wsgiref
rm -r %{buildroot}%{_libdir}/python%{python_version}/xml
rm %{buildroot}%{_libdir}/libpython%{python_version}.so
rm %{buildroot}%{_libdir}/python%{python_version}/site-packages/README
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_bisect.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_csv.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_collections.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_ctypes.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_ctypes_test.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_elementtree.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_functools.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_heapq.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_hotshot.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_io.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_json.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_locale.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_lsprof.so
rm
%{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_multiprocessing.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_random.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_socket.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_struct.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_testcapi.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/array.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/binascii.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/bz2.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/cPickle.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/cStringIO.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/cmath.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/crypt.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/datetime.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/fcntl.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/future_builtins.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/grp.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/itertools.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/linuxaudiodev.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/math.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/mmap.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/nis.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/operator.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/ossaudiodev.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/parser.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/pyexpat.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/resource.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/select.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/spwd.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/strop.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/syslog.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/termios.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/time.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/unicodedata.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/zlib.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_codecs*.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/_multibytecodec.so
rm %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/audioop.so
rm -f %{buildroot}%{_libdir}/python%{python_version}/lib-dynload/dl.so
rm
%{buildroot}%{_libdir}/python%{python_version}/lib-dynload/Python-%{tarversion}-py%{python_version}.egg-info
# replace duplicate .pyo/.pyc with hardlinks
%fdupes %{buildroot}/%{_libdir}/python%{python_version}
########################################
# documentation
########################################
export PDOCS=%{buildroot}%{_docdir}/%{name}
install -d -m 755 $PDOCS
install -c -m 644 %{SOURCE1} $PDOCS/
install -c -m 644 LICENSE $PDOCS/
install -c -m 644 README $PDOCS/
########################################
# tools and demos
########################################
find Tools/ Demo/ -type d \( -regex ".*/.cvsignore" \) -exec rm -f \{\} \;
for x in `find Tools/ Demo/ \( -not -name Makefile \) -print | sort` ; do
test -d $x && ( install -c -m 755 -d $PDOCS/$x ) \
|| ( install -c -m 644 $x $PDOCS/$x )
done
########################################
# idle
########################################
# move idle config into /etc
install -d -m755 %{buildroot}%{_sysconfdir}/%{idle_name}
(
cd %{buildroot}/%{_libdir}/python%{python_version}/idlelib/
for file in *.def ; do
mv $file %{buildroot}%{_sysconfdir}/%{idle_name}/
ln -sf /etc/%{idle_name}/$file
%{buildroot}/%{_libdir}/python%{python_version}/idlelib/
done
)
# Install .desktop, mime and appdata files from upstream tarball
%if 0%{?suse_version} >= 1500
install -Dm0644 %{SOURCE50}
%{buildroot}/%{_datadir}/mime/packages/idle.appdata.xml
%endif
install -D -m 0644 Lib/idlelib/Icons/idle_16.png
%{buildroot}%{_datadir}/icons/hicolor/16x16/apps/idle.png
install -D -m 0644 Lib/idlelib/Icons/idle_32.png
%{buildroot}%{_datadir}/icons/hicolor/32x32/apps/idle.png
install -D -m 0644 Lib/idlelib/Icons/idle_48.png
%{buildroot}%{_datadir}/icons/hicolor/48x48/apps/idle.png
desktop-file-install --dir=%{buildroot}%{_datadir}/applications %{SOURCE51}
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files idle
%defattr(644, root, root, 755)
%dir %{_sysconfdir}/%{idle_name}
%config %{_sysconfdir}/%{idle_name}/*
%doc Lib/idlelib/NEWS.txt
%doc Lib/idlelib/README.txt
%doc Lib/idlelib/TODO.txt
%doc Lib/idlelib/extend.txt
%doc Lib/idlelib/ChangeLog
%{_libdir}/python%{python_version}/idlelib
%attr(755, root, root) %{_bindir}/%{idle_name}
%if 0%{?suse_version} >= 1500
%{_datadir}/mime/packages/idle.appdata.xml
%endif
%{_datadir}/applications/idle.desktop
%{_datadir}/icons/hicolor/*/apps/idle.png
%files demo
%defattr(644, root, root, 755)
%doc %{_docdir}/%{name}/Demo
%doc %{_docdir}/%{name}/Tools
%files tk
%defattr(644, root, root, 755)
%{_libdir}/python%{python_version}/lib-tk/
%{_libdir}/python%{python_version}/lib-dynload/_tkinter.so
%files curses
%defattr(644, root, root, 755)
%{_libdir}/python%{python_version}/curses
%{_libdir}/python%{python_version}/lib-dynload/_curses.so
%{_libdir}/python%{python_version}/lib-dynload/_curses_panel.so
%files gdbm
%defattr(644, root, root, 755)
%{_libdir}/python%{python_version}/lib-dynload/gdbm.so
%{_libdir}/python%{python_version}/lib-dynload/dbm.so
%if %{suse_version} == 1315 && !0%{?is_opensuse}
%files strict-tls-check
%defattr(644, root, root, 755)
%{_libdir}/python%{python_version}/sle_tls_checks_policy.py*
%endif
%files
%defattr(644, root, root, 755)
%dir %{_docdir}/%{name}
%doc %{_docdir}/%{name}/README
%doc %{_docdir}/%{name}/LICENSE
%doc %{_docdir}/%{name}/README.SUSE
%dir %{_libdir}/python%{python_version}
%{_libdir}/python%{python_version}/ssl.py*
%{_libdir}/python%{python_version}/bsddb
%{_libdir}/python%{python_version}/sqlite3
%dir %{_libdir}/python%{python_version}/lib-dynload
%{_libdir}/python%{python_version}/lib-dynload/_bsddb.so
%{_libdir}/python%{python_version}/lib-dynload/_hashlib.so
%{_libdir}/python%{python_version}/lib-dynload/_sqlite3.so
%{_libdir}/python%{python_version}/lib-dynload/_ssl.so
%{_libdir}/python%{python_version}/lib-dynload/readline.so
%changelog
++++++ CVE-2017-18207.patch ++++++
>From ae0ed14794ced2c51c822fc6f0d3ca92064619dd Mon Sep 17 00:00:00 2001
From: BT123 <[email protected]>
Date: Fri, 17 Nov 2017 16:45:45 +0800
Subject: [PATCH] bug in wave.py
---
Lib/wave.py | 2 ++
1 file changed, 2 insertions(+)
Index: Python-2.7.13/Lib/wave.py
===================================================================
--- Python-2.7.13.orig/Lib/wave.py 2018-06-07 17:00:25.370728844 +0000
+++ Python-2.7.13/Lib/wave.py 2018-06-07 17:02:51.768202800 +0000
@@ -272,6 +272,8 @@ class Wave_read:
self._sampwidth = (sampwidth + 7) // 8
else:
raise Error, 'unknown format: %r' % (wFormatTag,)
+ if self._nchannels == 0:
+ raise Error, "The audio file in wav format should have at least
one channel!"
self._framesize = self._nchannels * self._sampwidth
self._comptype = 'NONE'
self._compname = 'not compressed'
++++++ CVE-2019-18348-CRLF_injection_via_host_part.patch ++++++
--- a/Lib/httplib.py
+++ b/Lib/httplib.py
@@ -745,6 +745,8 @@ class HTTPConnection:
(self.host, self.port) = self._get_hostport(host, port)
+ self._validate_host(self.host)
+
# This is stored as an instance variable to allow unittests
# to replace with a suitable mock
self._create_connection = socket.create_connection
@@ -1029,6 +1031,17 @@ class HTTPConnection:
).format(matched=match.group(), url=url)
raise InvalidURL(msg)
+ def _validate_host(self, host):
+ """Validate a host so it doesn't contain control characters."""
+ # Prevent CVE-2019-18348.
+ match = _contains_disallowed_url_pchar_re.search(host)
+ if match:
+ msg = (
+ "URL can't contain control characters. {host!r} "
+ "(found at least {matched!r})"
+ ).format(matched=match.group(), host=host)
+ raise InvalidURL(msg)
+
def putheader(self, header, *values):
"""Send a request header line to the server.
--- a/Lib/test/test_httplib.py
+++ b/Lib/test/test_httplib.py
@@ -702,7 +702,7 @@ class BasicTest(TestCase):
with self.assertRaisesRegexp(socket.error, "Invalid response"):
conn._tunnel()
- def test_putrequest_override_validation(self):
+ def test_putrequest_override_domain_validation(self):
"""
It should be possible to override the default validation
behavior in putrequest (bpo-38216).
@@ -715,6 +715,17 @@ class BasicTest(TestCase):
conn.sock = FakeSocket('')
conn.putrequest('GET', '/\x00')
+ def test_putrequest_override_host_validation(self):
+ class UnsafeHTTPConnection(httplib.HTTPConnection):
+ def _validate_host(self, url):
+ pass
+
+ conn = UnsafeHTTPConnection('example.com\r\n')
+ conn.sock = FakeSocket('')
+ # set skip_host so a ValueError is not raised upon adding the
+ # invalid URL as the value of the "Host:" header
+ conn.putrequest('GET', '/', skip_host=1)
+
class OfflineTest(TestCase):
def test_responses(self):
--- a/Lib/test/test_urllib2.py
+++ b/Lib/test/test_urllib2.py
@@ -1321,7 +1321,7 @@ class MiscTests(unittest.TestCase, FakeH
)
@unittest.skipUnless(ssl, "ssl module required")
- def test_url_with_control_char_rejected(self):
+ def test_url_path_with_control_char_rejected(self):
for char_no in range(0, 0x21) + range(0x7f, 0x100):
char = chr(char_no)
schemeless_url = "//localhost:7777/test%s/" % char
@@ -1345,7 +1345,7 @@ class MiscTests(unittest.TestCase, FakeH
self.unfakehttp()
@unittest.skipUnless(ssl, "ssl module required")
- def test_url_with_newline_header_injection_rejected(self):
+ def test_url_path_with_newline_header_injection_rejected(self):
self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
host = "localhost:7777?a=1 HTTP/1.1\r\nX-injected: header\r\nTEST: 123"
schemeless_url = "//" + host + ":8080/test/?test=a"
@@ -1357,14 +1357,32 @@ class MiscTests(unittest.TestCase, FakeH
# calls urllib.parse.quote() on the URL which makes all of the
# above attempts at injection within the url _path_ safe.
InvalidURL = httplib.InvalidURL
- with self.assertRaisesRegexp(
- InvalidURL, r"contain control.*\\r.*(found at least . .)"):
- urllib2.urlopen("http:" + schemeless_url)
- with self.assertRaisesRegexp(InvalidURL, r"contain control.*\\n"):
- urllib2.urlopen("https:" + schemeless_url)
+ with self.assertRaisesRegexp(InvalidURL,
+ r"contain control.*\\r.*(found at least . .)"):
+ urllib2.urlopen("http:{}".format(schemeless_url))
+ with self.assertRaisesRegexp(InvalidURL,
+ r"contain control.*\\n"):
+ urllib2.urlopen("https:{}".format(schemeless_url))
finally:
self.unfakehttp()
+ @unittest.skipUnless(ssl, "ssl module required")
+ def test_url_host_with_control_char_rejected(self):
+ for char_no in list(range(0, 0x21)) + [0x7f]:
+ char = chr(char_no)
+ schemeless_url = "//localhost{}/test/".format(char)
+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
+ try:
+ escaped_char_repr = repr(char).replace('\\', r'\\')
+ InvalidURL = httplib.InvalidURL
+ with self.assertRaisesRegexp(InvalidURL,
+ "contain control.*{}".format(escaped_char_repr)):
+ urllib2.urlopen("http:{}".format(schemeless_url))
+ with self.assertRaisesRegexp(InvalidURL,
+ "contain control.*{}".format(escaped_char_repr)):
+ urllib2.urlopen("https:{}".format(schemeless_url))
+ finally:
+ self.unfakehttp()
class RequestTests(unittest.TestCase):
++++++ CVE-2019-20907_tarfile-inf-loop.patch ++++++
>From 1fa6ef2bc7cee1c8e088dd8b397d9b2d54036dbc Mon Sep 17 00:00:00 2001
From: Rajarishi Devarajan <[email protected]>
Date: Sun, 12 Jul 2020 23:47:42 +0200
Subject: [PATCH 1/4] bpo-39017 Fix infinite loop in the tarfile module
Add a check for length = 0 in the _proc_pax function to avoid running into an
infinite loop
---
Lib/tarfile.py | 2 ++
Lib/test/test_tarfile.py | 5 +++++
3 files changed, 7 insertions(+)
create mode 100644 Lib/test/recursion.tar
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
@@ -1400,6 +1400,8 @@ class TarInfo(object):
length, keyword = match.groups()
length = int(length)
+ if length == 0:
+ raise InvalidHeaderError("invalid header")
value = buf[match.end(2) + 1:match.start(1) + length - 1]
keyword = keyword.decode("utf8")
--- a/Lib/test/test_tarfile.py
+++ b/Lib/test/test_tarfile.py
@@ -321,6 +321,14 @@ class CommonReadTest(ReadTest):
with self.assertRaisesRegexp(tarfile.ReadError, "unexpected
end of data"):
tar.extractfile(t).read()
+ def test_length_zero_header(self):
+ # bpo-39017 (CVE-2019-20907): reading a zero-length header should fail
+ # with an exception
+ with self.assertRaisesRegexp(tarfile.ReadError, "file could not be
opened successfully"):
+ with tarfile.open(support.findfile('recursion.tar')) as tar:
+ pass
+
+
class MiscReadTest(CommonReadTest):
taropen = tarfile.TarFile.taropen
++++++ CVE-2019-5010-null-defer-x509-cert-DOS.patch ++++++
>From 280917872027ee991416d2623fc16ff1eed48f50 Mon Sep 17 00:00:00 2001
From: Christian Heimes <[email protected]>
Date: Tue, 15 Jan 2019 23:47:42 +0100
Subject: [PATCH] bpo-35746: Fix segfault in ssl's cert parser (GH-11569)
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Signed-off-by: Christian Heimes <[email protected]>
https://bugs.python.org/issue35746
(cherry picked from commit a37f52436f9aa4b9292878b72f3ff1480e2606c3)
Co-authored-by: Christian Heimes <[email protected]>
---
Lib/test/talos-2019-0758.pem | 22 +++++++++++++++++++
Lib/test/test_ssl.py | 22 +++++++++++++++++++
.../2019-01-15-18-16-05.bpo-35746.nMSd0j.rst | 3 +++
Modules/_ssl.c | 4 ++++
4 files changed, 51 insertions(+)
create mode 100644 Lib/test/talos-2019-0758.pem
create mode 100644
Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -256,6 +256,27 @@ class BasicSocketTests(unittest.TestCase
}
)
+ def test_parse_cert_CVE_2019_5010(self):
+ p = ssl._ssl._test_decode_cert(TALOS_INVALID_CRLDP)
+ if support.verbose:
+ sys.stdout.write("\n" + pprint.pformat(p) + "\n")
+ self.assertEqual(
+ p,
+ {
+ 'issuer': (
+ (('countryName', 'UK'),), (('commonName', 'cody-ca'),)),
+ 'notAfter': 'Jun 14 18:00:58 2028 GMT',
+ 'notBefore': 'Jun 18 18:00:58 2018 GMT',
+ 'serialNumber': '02',
+ 'subject': ((('countryName', 'UK'),),
+ (('commonName',
+ 'codenomicon-vm-2.test.lal.cisco.com'),)),
+ 'subjectAltName': (
+ ('DNS', 'codenomicon-vm-2.test.lal.cisco.com'),),
+ 'version': 3
+ }
+ )
+
def test_parse_cert_CVE_2013_4238(self):
p = ssl._ssl._test_decode_cert(NULLBYTECERT)
if support.verbose:
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
@@ -0,0 +1,3 @@
+[CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
+not handle CRL distribution points with empty DP or URI correctly. A
+malicious or buggy certificate can result into segfault.
++++++ CVE-2019-9674-zip-bomb.patch ++++++
>From b73fe12d4d85fc92e4b9658e417046b68fb68ecc Mon Sep 17 00:00:00 2001
From: nick sung <[email protected]>
Date: Fri, 17 May 2019 15:45:31 +0800
Subject: [PATCH 1/4] bpo-36260: Add pitfalls to zipfile module documentation
We saw vulnerability warning description (including zip bomb) in
Doc/library/xml.rst file.
This gave us the idea of documentation improvement.
So, we moved a little bit forward :P
And the doc patch can be found (pr).
---
Doc/library/zipfile.rst | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
--- a/Doc/library/zipfile.rst
+++ b/Doc/library/zipfile.rst
@@ -553,5 +553,47 @@ Command-line options
Test whether the zipfile is valid or not.
+Decompression pitfalls
+----------------------
+The extraction in zipfile module might fail due to some pitfalls
+listed below.
+
+From file itself
+~~~~~~~~~~~~~~~~
+
+Decompression may fail due to incorrect password / CRC checksum
+/ ZIP format or unsupported compression method / decryption.
+
+File System limitations
+~~~~~~~~~~~~~~~~~~~~~~~
+
+Exceeding limitations on different file systems can cause
+decompression failed. Such as allowable characters in the
+directory entries, length of the file name, length of the
+pathname, size of a single file, and number of files, etc.
+
+Resources limitations
+~~~~~~~~~~~~~~~~~~~~~
+
+The lack of memory or disk volume would lead to decompression
+failed. For example, decompression bombs (aka `ZIP bomb`_) apply
+to zipfile library that can cause disk volume exhaustion.
+
+Interruption
+~~~~~~~~~~~~
+
+Interruption during the decompression, such as pressing control-C
+or killing the decompression process may result in incomplete
+decompression of the archive.
+
+Default behaviors of extraction
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Not knowing the default extraction behaviors can cause unexpected
+decompression results. For example, when extracting the same
+archive twice, it overwrites files without asking.
+
+
+.. _ZIP bomb: https://en.wikipedia.org/wiki/Zip_bomb
.. _PKZIP Application Note:
https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT
--- /dev/null
+++ b/Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst
@@ -0,0 +1 @@
+Add decompression pitfalls to zipfile module documentation.
\ No newline at end of file
++++++ CVE-2020-8492-urllib-ReDoS.patch ++++++
>From 34e25a97709a05f7c804036dd1e16afda6bdfa33 Mon Sep 17 00:00:00 2001
From: Victor Stinner <[email protected]>
Date: Thu, 30 Jan 2020 16:13:03 +0100
Subject: [PATCH 1/2] bpo-39503: Fix urllib basic auth regex
The AbstractBasicAuthHandler class of the urllib.request module uses
an inefficient regular expression which can be exploited by an
attacker to cause a denial of service. Fix the regex to prevent the
catastrophic backtracking.
Vulnerability reported by Matt Schwager.
---
Lib/urllib2.py | 2 +-
Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst | 4 ++++
2 files changed, 5 insertions(+), 1 deletion(-)
create mode 100644
Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst
@@ -0,0 +1,4 @@
+CVE-2020-8492: The :class:`~urllib.request.AbstractBasicAuthHandler` class of
the
+:mod:`urllib.request` module uses an inefficient regular expression which can
+be exploited by an attacker to cause a denial of service. Fix the regex to
+prevent the catastrophic backtracking. Vulnerability reported by Matt Schwager.
--- a/Lib/urllib2.py
+++ b/Lib/urllib2.py
@@ -856,7 +856,7 @@ class AbstractBasicAuthHandler:
# allow for double- and single-quoted realm values
# (single quotes are a violation of the RFC, but appear in the wild)
- rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+'
+ rx = re.compile('(?:[^,]*,)*[ \t]*([^ \t]+)[ \t]+'
'realm=(["\']?)([^"\']*)\\2', re.I)
# XXX could pre-emptively send auth info already accepted (RFC 2617,
++++++ README.SUSE ++++++
Python in SUSE
==============
* Documentation *
You can find documentation in seprarate packages: python-doc and
python-doc-pdf. These contan following documents:
Tutorial, What's New in Python, Global Module Index, Library Reference,
Macintosh Module Reference, Installing Python Modules, Distributing Python
Modules, Language Reference, Extending and Embedding, Python/C API,
Documenting Python
The python-doc package constains many text files from source tarball.
* Interactive mode *
Interactive mode is by default enhanced with of history and command completion.
If you don't like these features, you can unset PYTHONSTARTUP variable in your
.profile or disable it system wide in /etc/profile.d/python.sh.
++++++ adapted-from-F00251-change-user-install-location.patch ++++++
Index: Python-2.7.17/Lib/distutils/command/install.py
===================================================================
--- Python-2.7.17.orig/Lib/distutils/command/install.py
+++ Python-2.7.17/Lib/distutils/command/install.py
@@ -431,8 +431,18 @@ class install (Command):
raise DistutilsOptionError, \
"must not supply exec-prefix without prefix"
- self.prefix = os.path.normpath(sys.prefix)
- self.exec_prefix = os.path.normpath(sys.exec_prefix)
+ # self.prefix is set to sys.prefix + /local/
+ # if neither RPM build nor virtual environment is
+ # detected to make pip and distutils install packages
+ # into the separate location.
+ if (not hasattr(sys, 'real_prefix') and
+ 'RPM_BUILD_ROOT' not in os.environ):
+ addition = "/local"
+ else:
+ addition = ""
+
+ self.prefix = os.path.normpath(sys.prefix) + addition
+ self.exec_prefix = os.path.normpath(sys.exec_prefix) + addition
else:
if self.exec_prefix is None:
Index: Python-2.7.17/Lib/site.py
===================================================================
--- Python-2.7.17.orig/Lib/site.py
+++ Python-2.7.17/Lib/site.py
@@ -291,6 +291,10 @@ def getsitepackages():
sitepackages = []
seen = set()
+ # '/usr/local' is included in PREFIXES if RPM build is not detected
+ # to make packages installed into this location visible.
+ if ENABLE_USER_SITE and 'RPM_BUILD_ROOT' not in os.environ:
+ PREFIXES.insert(0, "/usr/local")
for prefix in PREFIXES:
if not prefix or prefix in seen:
continue
++++++ baselibs.conf ++++++
python
requires "python-base-<targettype> = <version>"
python-base
libpython2_7-1_0
++++++ bpo36160-init-sysconfig_vars.patch ++++++
>From 603a4461e3c889b06a5d78e57594ebbc580f1c03 Mon Sep 17 00:00:00 2001
From: Ivan Pozdeev <[email protected]>
Date: Fri, 1 Mar 2019 21:44:24 +0300
Subject: [PATCH] Fix AttributeError on sysconfig._CONFIG_VARS.clear() if
test_site is run separately
---
Lib/test/test_site.py | 4 +++-
.../next/Tests/2019-03-01-21-45-13.bpo-36160.4JjrqB.rst | 2 ++
2 files changed, 5 insertions(+), 1 deletion(-)
create mode 100644
Misc/NEWS.d/next/Tests/2019-03-01-21-45-13.bpo-36160.4JjrqB.rst
--- a/Lib/test/test_site.py
+++ b/Lib/test/test_site.py
@@ -47,6 +47,9 @@ def setUpModule():
else:
raise
+ # sysconfig._CONFIG_VARS is None until the first call to this function
+ sysconfig.get_config_vars()
+
def tearDownModule():
sys.path[:] = OLD_SYS_PATH
--- /dev/null
+++ b/Misc/NEWS.d/next/Tests/2019-03-01-21-45-13.bpo-36160.4JjrqB.rst
@@ -0,0 +1,2 @@
+Fix AttributeError on sysconfig._CONFIG_VARS.clear() if test_site is run
+separately
++++++ bpo36302-sort-module-sources.patch ++++++
diff --git a/Lib/distutils/command/build_ext.py
b/Lib/distutils/command/build_ext.py
index 86a85c1..66bf0c2 100644
--- a/Lib/distutils/command/build_ext.py
+++ b/Lib/distutils/command/build_ext.py
@@ -455,7 +455,7 @@ class build_ext (Command):
("in 'ext_modules' option (extension '%s'), " +
"'sources' must be present and must be " +
"a list of source filenames") % ext.name
- sources = list(sources)
+ sources = sorted(sources)
ext_path = self.get_ext_fullpath(ext.name)
depends = sources + ext.depends
++++++ do-not-use-non-ascii-in-test_ssl.patch ++++++
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -1021,7 +1021,7 @@ class ContextTests(unittest.TestCase):
def test_load_dh_params(self):
- filename = u'dhpäräm.pem'
+ filename = u'dhparam.pem'
fs_encoding = sys.getfilesystemencoding()
try:
filename.encode(fs_encoding)
++++++ idle.appdata.xml ++++++
<?xml version="1.0" encoding="UTF-8"?>
<!-- Copyright 2017 Zbigniew Jędrzejewski-Szmek -->
<application>
<id type="desktop">idle.desktop</id>
<name>IDLE</name>
<metadata_licence>CC0</metadata_licence>
<project_license>Python-2.0</project_license>
<summary>Python Integrated Development and Learning Environment</summary>
<description>
<p>
IDLE is Python’s Integrated Development and Learning Environment.
The GUI is uniform between Windows, Unix, and Mac OS X.
IDLE provides an easy way to start writing, running, and debugging
Python code.
</p>
<p>
IDLE is written in pure Python, and uses the tkinter GUI toolkit.
It provides:
</p>
<ul>
<li>a Python shell window (interactive interpreter) with colorizing of
code input, output, and error messages,</li>
<li>a multi-window text editor with multiple undo, Python colorizing,
smart indent, call tips, auto completion, and other features,</li>
<li>search within any window, replace within editor windows, and search
through multiple files (grep),</li>
<li>a debugger with persistent breakpoints, stepping, and viewing of
global and local namespaces.</li>
</ul>
</description>
<url type="homepage">https://docs.python.org/2.7/library/idle.html</url>
<screenshots>
<screenshot
type="default">http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-main-window.png</screenshot>
<screenshot>http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-class-browser.png</screenshot>
<screenshot>http://in.waw.pl/~zbyszek/fedora/idle3-appdata/idle3-code-viewer.png</screenshot>
</screenshots>
<update_contact>[email protected]</update_contact>
</application>
++++++ idle.desktop ++++++
[Desktop Entry]
Version=1.0
Name=IDLE
GenericName=Python IDE
Comment=Python 2.7 Integrated Development and Learning Environment
Exec=idle %F
TryExec=idle
Terminal=false
Type=Application
Icon=idle
Categories=Development;IDE;
MimeType=text/x-python;
++++++ local.pth ++++++
import site; import sys; site.addsitedir("/usr/local/" + sys.lib +
"/python"+sys.version[:3]+"/site-packages", set()); sys.lib != "lib" and
site.addsitedir("/usr/local/lib/python"+sys.version[:3]+"/site-packages", set())
++++++ macros.python2 ++++++
# legacy macros. commented but kept for the sake of possible recovery of their
values
%py_prefix %(python -c "import sys; print sys.prefix" 2>/dev/null
|| echo PYTHON-NOT-FOUND)
%py_libdir %{py_prefix}/%{_lib}/python%{py_ver}
%py_incdir %{py_prefix}/include/python%{py_ver}
%py_sitedir %{py_libdir}/site-packages
# these might be still in use somewhere
%py_compile(O) \
find %1 -name '*.pyc' -exec rm -f {} \\; \
python2 -c "import sys, os, compileall; br='%{buildroot}';
compileall.compile_dir(sys.argv[1], ddir=br and
(sys.argv[1][len(os.path.abspath(br)):]+'/') or None)" %1 \
%{-O: \
find %1 -name '*.pyo' -exec rm -f {} \\; \
python2 -O -c "import sys, os, compileall; br='%{buildroot}';
compileall.compile_dir(sys.argv[1], ddir=br and
(sys.argv[1][len(os.path.abspath(br)):]+'/') or None)" %1 \
}
%py_requires(d) \
BuildRequires: /usr/bin/python %{-d:python-devel} \
PreReq: python = %{py_ver}
# new-style macros relying on python-rpm-macros package
%have_python2 1
%python2_package_prefix python2
++++++ openssl-111-middlebox-compat.patch ++++++
>From 4fa35e8b1ebb2a8e88ba7c4c9cd2a17b35638ee6 Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <[email protected]>
Date: Fri, 28 Sep 2018 16:34:16 +0100
Subject: [PATCH] bpo-34834: Fix test_ssl.test_options to account for
OP_ENABLE_MIDDLEBOX_COMPAT.
Signed-off-by: Dimitri John Ledkov <[email protected]>
https://bugs.python.org/issue34834
---
Lib/test/test_ssl.py | 5 +++++
1 file changed, 5 insertions(+)
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -807,8 +807,12 @@ class ContextTests(unittest.TestCase):
default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3)
# SSLContext also enables these by default
default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE |
- OP_SINGLE_DH_USE | OP_SINGLE_ECDH_USE |
- OP_ENABLE_MIDDLEBOX_COMPAT)
+ ssl.OP_SINGLE_DH_USE | ssl.OP_SINGLE_ECDH_USE)
+ if not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 1):
+ # define MIDDLEBOX constant, as python2.7 does not know about it
+ # but it is used by default.
+ OP_ENABLE_MIDDLEBOX_COMPAT = 1048576L
+ default |= OP_ENABLE_MIDDLEBOX_COMPAT
self.assertEqual(default, ctx.options)
ctx.options |= ssl.OP_NO_TLSv1
self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options)
++++++ openssl-111-ssl_options.patch ++++++
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -807,12 +807,8 @@ class ContextTests(unittest.TestCase):
default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3)
# SSLContext also enables these by default
default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE |
- ssl.OP_SINGLE_DH_USE | ssl.OP_SINGLE_ECDH_USE)
- if not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 1):
- # define MIDDLEBOX constant, as python2.7 does not know about it
- # but it is used by default.
- OP_ENABLE_MIDDLEBOX_COMPAT = 1048576L
- default |= OP_ENABLE_MIDDLEBOX_COMPAT
+ OP_SINGLE_DH_USE | OP_SINGLE_ECDH_USE |
+ OP_ENABLE_MIDDLEBOX_COMPAT)
self.assertEqual(default, ctx.options)
ctx.options |= ssl.OP_NO_TLSv1
self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options)
++++++ pre_checkin.sh ++++++
#!/bin/bash
# This script is called automatically during autobuild checkin.
for spec in python-doc.spec python.spec; do
{ sed -n -e '1,/COMMON-PATCH-BEGIN/p' $spec
sed -n -e '/COMMON-PATCH-BEGIN/,/COMMON-PATCH-END/p' python-base.spec
sed -n -e '/COMMON-PATCH-END/,/COMMON-PREP-BEGIN/p' $spec
sed -n -e '/COMMON-PREP-BEGIN/,/COMMON-PREP-END/p' python-base.spec
sed -n -e '/COMMON-PREP-END/,$p' $spec;
} | uniq > $spec.tmp && mv $spec.tmp $spec
done
# I really don't want to keep all three *.changes files separate
cp python-base.changes python.changes
cp python-base.changes python-doc.changes
++++++ python-2.5.1-sqlite.patch ++++++
--- a/Modules/_sqlite/cursor.c
+++ b/Modules/_sqlite/cursor.c
@@ -829,6 +829,9 @@ PyObject* pysqlite_cursor_executescript(
goto error;
}
+ if (! statement)
+ break;
+
/* execute statement, and ignore results of SELECT statements */
rc = SQLITE_ROW;
while (rc == SQLITE_ROW) {
++++++ python-2.6-gettext-plurals.patch ++++++
--- a/Lib/gettext.py
+++ b/Lib/gettext.py
@@ -387,8 +387,9 @@ class GNUTranslations(NullTranslations):
self._charset = v.split('charset=')[1]
elif k == 'plural-forms':
v = v.split(';')
- plural = v[1].split('plural=')[1]
- self.plural = c2py(plural)
+ if len(v) > 1:
+ plural = v[1].split('plural=')[1]
+ self.plural = c2py(plural)
# Note: we unconditionally convert both msgids and msgstrs to
# Unicode using the character encoding specified in the charset
# parameter of the Content-Type header. The gettext documentation
++++++ python-2.6b3-curses-panel.patch ++++++
--- a/Modules/_curses_panel.c
+++ b/Modules/_curses_panel.c
@@ -14,7 +14,7 @@
#include "py_curses.h"
-#include <panel.h>
+#include <ncurses/panel.h>
static PyObject *PyCursesError;
++++++ python-2.7-dirs.patch ++++++
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
@@ -110,7 +110,7 @@ LIBDIR= @libdir@
MANDIR= @mandir@
INCLUDEDIR= @includedir@
CONFINCLUDEDIR= $(exec_prefix)/include
-SCRIPTDIR= $(prefix)/lib
+SCRIPTDIR= @libdir@
# Detailed destination directories
BINLIBDEST= $(LIBDIR)/python$(VERSION)
++++++ python-2.7-libffi-aarch64.patch ++++++
Index: Python-2.7.9/Modules/_ctypes/libffi/src/aarch64/ffi.c
===================================================================
--- Python-2.7.9.orig/Modules/_ctypes/libffi/src/aarch64/ffi.c
+++ Python-2.7.9/Modules/_ctypes/libffi/src/aarch64/ffi.c
@@ -728,7 +728,7 @@ aarch64_prep_args (struct call_context *
state.ngrn = N_X_ARG_REG;
memcpy (allocate_to_stack (&state, stack, ty->alignment,
- ty->size), ecif->avalue + i, ty->size);
+ ty->size), ecif->avalue[i], ty->size);
}
break;
++++++ python-2.7.17-switch-off-failing-SSL-tests.patch ++++++
--- a/Lib/test/test_ssl.py
+++ b/Lib/test/test_ssl.py
@@ -152,9 +152,7 @@ def skip_if_broken_ubuntu_ssl(func):
try:
ssl.SSLContext(ssl.PROTOCOL_SSLv2)
except ssl.SSLError:
- if (ssl.OPENSSL_VERSION_INFO == (0, 9, 8, 15, 15) and
- platform.linux_distribution() == ('debian', 'squeeze/sid',
'')):
- raise unittest.SkipTest("Patched Ubuntu OpenSSL breaks
behaviour")
+ raise unittest.SkipTest("Test fails on SLE-12")
return func(*args, **kwargs)
return f
else:
@@ -1280,6 +1278,7 @@ class ContextTests(unittest.TestCase):
self.assertEqual(ctx.verify_mode, ssl.CERT_NONE)
self._assert_context_options(ctx)
+ @skip_if_broken_ubuntu_ssl
def test__https_verify_certificates(self):
# Unit test to check the contect factory mapping
# The factories themselves are tested above
++++++ python-2.7.2-fix_date_time_compiler.patch ++++++
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
@@ -647,8 +647,15 @@ Modules/getbuildinfo.o: $(PARSER_OBJS) \
-DGITVERSION="\"`LC_ALL=C $(GITVERSION)`\"" \
-DGITTAG="\"`LC_ALL=C $(GITTAG)`\"" \
-DGITBRANCH="\"`LC_ALL=C $(GITBRANCH)`\"" \
+ -DDATE="\"`LC_ALL=C date -u -r Makefile.pre.in +"%b %d %Y"`\"" \
+ -DTIME="\"`LC_ALL=C date -u -r Makefile.pre.in +"%T"`\"" \
-o $@ $(srcdir)/Modules/getbuildinfo.c
+Python/getcompiler.o: $(srcdir)/Python/getcompiler.c Makefile
+ $(CC) -c $(PY_CFLAGS) \
+ -DCOMPILER='"[GCC]"' \
+ -o $@ $(srcdir)/Python/getcompiler.c
+
Modules/getpath.o: $(srcdir)/Modules/getpath.c Makefile
$(CC) -c $(PY_CFLAGS) -DPYTHONPATH='"$(PYTHONPATH)"' \
-DPREFIX='"$(prefix)"' \
++++++ python-2.7.4-canonicalize2.patch ++++++
--- a/Python/sysmodule.c
+++ b/Python/sysmodule.c
@@ -1638,7 +1638,20 @@ PySys_SetArgvEx(int argc, char **argv, i
char *p = NULL;
Py_ssize_t n = 0;
PyObject *a;
-#ifdef HAVE_READLINK
+#ifdef HAVE_CANONICALIZE_FILE_NAME
+ int errnum;
+
+ if (argc > 0 && argv0 != NULL && strcmp(argv0, "-c") != 0) {
+ argv0 = canonicalize_file_name(argv0);
+ if (argv0 == NULL) argv0 = strdup(argv[0]);
+ }
+#elif defined(HAVE_REALPATH)
+ if (argc > 0 && argv0 != NULL && strcmp(argv0, "-c") != 0) {
+ if (realpath(argv0, fullpath)) {
+ argv0 = fullpath;
+ }
+ }
+#elif defined(HAVE_READLINK)
char link[MAXPATHLEN+1];
char argv0copy[2*MAXPATHLEN+1];
int nr = 0;
@@ -1665,7 +1678,8 @@ PySys_SetArgvEx(int argc, char **argv, i
}
}
}
-#endif /* HAVE_READLINK */
+#endif /* resolve method selection */
+
#if SEP == '\\' /* Special case for MS filename syntax */
if (argc > 0 && argv0 != NULL && strcmp(argv0, "-c") != 0) {
char *q;
@@ -1694,11 +1708,6 @@ PySys_SetArgvEx(int argc, char **argv, i
}
#else /* All other filename syntaxes */
if (argc > 0 && argv0 != NULL && strcmp(argv0, "-c") != 0) {
-#if defined(HAVE_REALPATH)
- if (realpath(argv0, fullpath)) {
- argv0 = fullpath;
- }
-#endif
p = strrchr(argv0, SEP);
}
if (p != NULL) {
@@ -1716,6 +1725,9 @@ PySys_SetArgvEx(int argc, char **argv, i
a = PyString_FromStringAndSize(argv0, n);
if (a == NULL)
Py_FatalError("no mem for sys.path insertion");
+#ifdef HAVE_CANONICALIZE_FILE_NAME
+ if (argc > 0 && argv0 != NULL && strcmp(argv0, "-c") != 0) free(argv0);
+#endif /* HAVE_CANONICALIZE_FILE_NAME */
if (PyList_Insert(path, 0, a) < 0)
Py_FatalError("sys.path.insert(0) failed");
Py_DECREF(a);
--- a/pyconfig.h.in
+++ b/pyconfig.h.in
@@ -109,6 +109,9 @@
/* Define to 1 if you have the 'chflags' function. */
#undef HAVE_CHFLAGS
+/* Define to 1 if you have the `canonicalize_file_name' function. */
+#undef HAVE_CANONICALIZE_FILE_NAME
+
/* Define to 1 if you have the `chown' function. */
#undef HAVE_CHOWN
--- a/configure.ac
+++ b/configure.ac
@@ -3159,7 +3159,7 @@ AC_CHECK_FUNCS(alarm setitimer getitimer
getpriority getresuid getresgid getpwent getspnam getspent getsid getwd \
initgroups kill killpg lchown lstat mkfifo mknod mktime mmap \
mremap nice pathconf pause plock poll pthread_init \
- putenv readlink realpath \
+ putenv readlink realpath canonicalize_file_name \
select sem_open sem_timedwait sem_getvalue sem_unlink setegid seteuid \
setgid \
setlocale setregid setreuid setsid setpgid setpgrp setuid setvbuf snprintf \
++++++ python-2.7.5-multilib.patch ++++++
--- a/configure.ac
+++ b/configure.ac
@@ -773,6 +773,41 @@ SunOS*)
;;
esac
+AC_SUBST(ARCH)
+AC_MSG_CHECKING(ARCH)
+ARCH=`uname -m`
+case $ARCH in
+i?86) ARCH=i386;;
+esac
+AC_MSG_RESULT($ARCH)
+
+AC_SUBST(LIB)
+AC_MSG_CHECKING(LIB)
+case $ac_sys_system in
+Linux*)
+ # Test if the compiler is 64bit
+ echo 'int i;' > conftest.$ac_ext
+ python_cv_cc_64bit_output=no
+ if AC_TRY_EVAL(ac_compile); then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *"ELF 64"*)
+ python_cv_cc_64bit_output=yes
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+esac
+
+case $ARCH:$python_cv_cc_64bit_output in
+aarch64:yes | ppc64:yes | ppc64le:yes | powerpc64:yes | s390x:yes |
sparc64:yes | x86_64:yes)
+ LIB="lib64"
+ ;;
+*:*)
+ LIB="lib"
+ ;;
+esac
+AC_MSG_RESULT($LIB)
AC_SUBST(LIBRARY)
AC_MSG_CHECKING(LIBRARY)
--- a/Include/pythonrun.h
+++ b/Include/pythonrun.h
@@ -108,6 +108,8 @@ PyAPI_FUNC(char *) Py_GetPath(void);
/* In their own files */
PyAPI_FUNC(const char *) Py_GetVersion(void);
PyAPI_FUNC(const char *) Py_GetPlatform(void);
+PyAPI_FUNC(const char *) Py_GetArch(void);
+PyAPI_FUNC(const char *) Py_GetLib(void);
PyAPI_FUNC(const char *) Py_GetCopyright(void);
PyAPI_FUNC(const char *) Py_GetCompiler(void);
PyAPI_FUNC(const char *) Py_GetBuildInfo(void);
--- a/Lib/distutils/command/install.py
+++ b/Lib/distutils/command/install.py
@@ -22,6 +22,8 @@ from site import USER_BASE
from site import USER_SITE
+libname = sys.lib
+
if sys.version < "2.2":
WINDOWS_SCHEME = {
'purelib': '$base',
@@ -42,7 +44,7 @@ else:
INSTALL_SCHEMES = {
'unix_prefix': {
'purelib': '$base/lib/python$py_version_short/site-packages',
- 'platlib': '$platbase/lib/python$py_version_short/site-packages',
+ 'platlib':
'$platbase/'+libname+'/python$py_version_short/site-packages',
'headers': '$base/include/python$py_version_short/$dist_name',
'scripts': '$base/bin',
'data' : '$base',
--- a/Lib/distutils/sysconfig.py
+++ b/Lib/distutils/sysconfig.py
@@ -119,8 +119,11 @@ def get_python_lib(plat_specific=0, stan
prefix = plat_specific and EXEC_PREFIX or PREFIX
if os.name == "posix":
- libpython = os.path.join(prefix,
- "lib", "python" + get_python_version())
+ if plat_specific or standard_lib:
+ lib = sys.lib
+ else:
+ lib = "lib"
+ libpython = os.path.join(prefix, lib, "python" + get_python_version())
if standard_lib:
return libpython
else:
--- a/Lib/pydoc.py
+++ b/Lib/pydoc.py
@@ -375,7 +375,7 @@ class Doc:
docmodule = docclass = docroutine = docother = docproperty = docdata = fail
def getdocloc(self, object,
- basedir=os.path.join(sys.exec_prefix, "lib",
+ basedir=os.path.join(sys.exec_prefix, sys.lib,
"python"+sys.version[0:3])):
"""Return the location of module docs or None"""
--- a/Lib/site.py
+++ b/Lib/site.py
@@ -231,29 +231,38 @@ def getuserbase():
USER_BASE = get_config_var('userbase')
return USER_BASE
-def getusersitepackages():
+def getusersitepackages(lib_kind = 'purelib'):
"""Returns the user-specific site-packages directory path.
If the global variable ``USER_SITE`` is not initialized yet, this
function will also set it.
"""
+
+ set_user_site = (lib_kind == 'purelib')
+
global USER_SITE
user_base = getuserbase() # this will also set USER_BASE
- if USER_SITE is not None:
+ if USER_SITE is not None and set_user_site:
return USER_SITE
from sysconfig import get_path
import os
+ user_site = None
+
if sys.platform == 'darwin':
from sysconfig import get_config_var
if get_config_var('PYTHONFRAMEWORK'):
- USER_SITE = get_path('purelib', 'osx_framework_user')
- return USER_SITE
+ user_site = get_path(lib_kind, 'osx_framework_user')
- USER_SITE = get_path('purelib', '%s_user' % os.name)
- return USER_SITE
+ if user_site is None:
+ user_site = get_path(lib_kind, '%s_user' % os.name)
+
+ if set_user_site:
+ USER_SITE = user_site
+
+ return user_site
def addusersitepackages(known_paths):
"""Add a per user site-package to sys.path
@@ -263,10 +272,12 @@ def addusersitepackages(known_paths):
"""
# get the per user site-package path
# this call will also make sure USER_BASE and USER_SITE are set
- user_site = getusersitepackages()
+ for kind in ('purelib', 'platlib'):
+ user_site = getusersitepackages(kind)
+
+ if ENABLE_USER_SITE and os.path.isdir(user_site):
+ addsitedir(user_site, known_paths)
- if ENABLE_USER_SITE and os.path.isdir(user_site):
- addsitedir(user_site, known_paths)
return known_paths
def getsitepackages():
@@ -288,13 +299,18 @@ def getsitepackages():
if sys.platform in ('os2emx', 'riscos'):
sitepackages.append(os.path.join(prefix, "Lib", "site-packages"))
elif os.sep == '/':
- sitepackages.append(os.path.join(prefix, "lib",
+ sitepackages.append(os.path.join(prefix, sys.lib,
"python" + sys.version[:3],
"site-packages"))
- sitepackages.append(os.path.join(prefix, "lib", "site-python"))
+ sitepackages.append(os.path.join(prefix, sys.lib, "site-python"))
+ if sys.lib != "lib":
+ sitepackages.append(os.path.join(prefix, "lib",
+ "python" + sys.version[:3],
+ "site-packages"))
+ sitepackages.append(os.path.join(prefix, "lib", "site-python"))
else:
sitepackages.append(prefix)
- sitepackages.append(os.path.join(prefix, "lib", "site-packages"))
+ sitepackages.append(os.path.join(prefix, sys.lib, "site-packages"))
return sitepackages
def addsitepackages(known_paths):
--- a/Lib/sysconfig.py
+++ b/Lib/sysconfig.py
@@ -7,10 +7,10 @@ from os.path import pardir, realpath
_INSTALL_SCHEMES = {
'posix_prefix': {
- 'stdlib': '{base}/lib/python{py_version_short}',
- 'platstdlib': '{platbase}/lib/python{py_version_short}',
+ 'stdlib': '{base}/'+sys.lib+'/python{py_version_short}',
+ 'platstdlib': '{platbase}/'+sys.lib+'/python{py_version_short}',
'purelib': '{base}/lib/python{py_version_short}/site-packages',
- 'platlib': '{platbase}/lib/python{py_version_short}/site-packages',
+ 'platlib':
'{platbase}/'+sys.lib+'/python{py_version_short}/site-packages',
'include': '{base}/include/python{py_version_short}',
'platinclude': '{platbase}/include/python{py_version_short}',
'scripts': '{base}/bin',
@@ -65,10 +65,10 @@ _INSTALL_SCHEMES = {
'data' : '{userbase}',
},
'posix_user': {
- 'stdlib': '{userbase}/lib/python{py_version_short}',
- 'platstdlib': '{userbase}/lib/python{py_version_short}',
+ 'stdlib': '{userbase}/'+sys.lib+'/python{py_version_short}',
+ 'platstdlib': '{userbase}/'+sys.lib+'/python{py_version_short}',
'purelib': '{userbase}/lib/python{py_version_short}/site-packages',
- 'platlib': '{userbase}/lib/python{py_version_short}/site-packages',
+ 'platlib':
'{userbase}/'+sys.lib+'/python{py_version_short}/site-packages',
'include': '{userbase}/include/python{py_version_short}',
'scripts': '{userbase}/bin',
'data' : '{userbase}',
--- a/Lib/test/test_dl.py
+++ b/Lib/test/test_dl.py
@@ -4,10 +4,11 @@
import unittest
from test.test_support import verbose, import_module
dl = import_module('dl', deprecated=True)
+import sys
sharedlibs = [
- ('/usr/lib/libc.so', 'getpid'),
- ('/lib/libc.so.6', 'getpid'),
+ ('/usr/'+sys.lib+'/libc.so', 'getpid'),
+ ('/'+sys.lib+'/libc.so.6', 'getpid'),
('/usr/bin/cygwin1.dll', 'getpid'),
('/usr/lib/libc.dylib', 'getpid'),
]
--- a/Lib/test/test_site.py
+++ b/Lib/test/test_site.py
@@ -254,12 +254,16 @@ class HelperFunctionsTests(unittest.Test
self.assertEqual(dirs[0], wanted)
elif os.sep == '/':
# OS X, Linux, FreeBSD, etc
- self.assertEqual(len(dirs), 2)
wanted = os.path.join('xoxo', 'lib', 'python' + sys.version[:3],
'site-packages')
- self.assertEqual(dirs[0], wanted)
+ self.assertTrue(wanted in dirs)
wanted = os.path.join('xoxo', 'lib', 'site-python')
- self.assertEqual(dirs[1], wanted)
+ self.assertTrue(wanted in dirs)
+ wanted = os.path.join('xoxo', sys.lib, 'python' + sys.version[:3],
+ 'site-packages')
+ self.assertTrue(wanted in dirs)
+ wanted = os.path.join('xoxo', sys.lib, 'site-python')
+ self.assertTrue(wanted in dirs)
else:
# other platforms
self.assertEqual(len(dirs), 2)
@@ -305,7 +309,11 @@ class HelperFunctionsTests(unittest.Test
known_paths = set()
site.addusersitepackages(known_paths)
- self.assertEqual(fake_isdir.arg, user_site)
+ # value of user_site cannot be used for comparison, because
+ # the following assert mistakenly assumes 'platlib' and
+ # 'purelib' directories are same.
+ self.assertEqual(fake_isdir.arg,
+ site.getusersitepackages('platlib'))
self.assertFalse(known_paths)
--- a/Lib/trace.py
+++ b/Lib/trace.py
@@ -754,10 +754,10 @@ def main(argv=None):
# should I also call expanduser? (after all, could use $HOME)
s = s.replace("$prefix",
- os.path.join(sys.prefix, "lib",
+ os.path.join(sys.prefix, sys.lib,
"python" + sys.version[:3]))
s = s.replace("$exec_prefix",
- os.path.join(sys.exec_prefix, "lib",
+ os.path.join(sys.exec_prefix, sys.lib,
"python" + sys.version[:3]))
s = os.path.normpath(s)
ignore_dirs.append(s)
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
@@ -91,6 +91,8 @@ PY_CFLAGS= $(CFLAGS) $(CPPFLAGS) $(CFLAG
# Machine-dependent subdirectories
MACHDEP= @MACHDEP@
+LIB= @LIB@
+ARCH= @ARCH@
# Multiarch directory (may be empty)
MULTIARCH= @MULTIARCH@
@@ -653,6 +655,7 @@ Modules/getpath.o: $(srcdir)/Modules/get
-DEXEC_PREFIX='"$(exec_prefix)"' \
-DVERSION='"$(VERSION)"' \
-DVPATH='"$(VPATH)"' \
+ -DARCH='"$(ARCH)"' -DLIB='"$(LIB)"' \
-o $@ $(srcdir)/Modules/getpath.c
Modules/python.o: $(srcdir)/Modules/python.c
@@ -701,7 +704,7 @@ regen-ast:
Python/compile.o Python/symtable.o Python/ast.o: $(srcdir)/Include/graminit.h
$(srcdir)/Include/Python-ast.h
Python/getplatform.o: $(srcdir)/Python/getplatform.c
- $(CC) -c $(PY_CFLAGS) -DPLATFORM='"$(MACHDEP)"' -o $@
$(srcdir)/Python/getplatform.c
+ $(CC) -c $(PY_CFLAGS) -DPLATFORM='"$(MACHDEP)"'
-DARCH='"$(ARCH)"' -DLIB='"$(LIB)"' -o $@ $(srcdir)/Python/getplatform.c
Python/importdl.o: $(srcdir)/Python/importdl.c
$(CC) -c $(PY_CFLAGS) -I$(DLINCLDIR) -o $@
$(srcdir)/Python/importdl.c
--- a/Modules/getpath.c
+++ b/Modules/getpath.c
@@ -100,6 +100,8 @@
#error "PREFIX, EXEC_PREFIX, VERSION, and VPATH must be constant defined"
#endif
+#define LIB_PYTHON LIB "/python" VERSION
+
#ifndef LANDMARK
#define LANDMARK "os.py"
#endif
@@ -108,7 +110,7 @@ static char prefix[MAXPATHLEN+1];
static char exec_prefix[MAXPATHLEN+1];
static char progpath[MAXPATHLEN+1];
static char *module_search_path = NULL;
-static char lib_python[] = "lib/python" VERSION;
+static char lib_python[] = LIB_PYTHON;
static void
reduce(char *dir)
--- a/Python/getplatform.c
+++ b/Python/getplatform.c
@@ -10,3 +10,23 @@ Py_GetPlatform(void)
{
return PLATFORM;
}
+
+#ifndef ARCH
+#define ARCH "unknown"
+#endif
+
+const char *
+Py_GetArch(void)
+{
+ return ARCH;
+}
+
+#ifndef LIB
+#define LIB "lib"
+#endif
+
+const char *
+Py_GetLib(void)
+{
+ return LIB;
+}
--- a/Python/sysmodule.c
+++ b/Python/sysmodule.c
@@ -1437,6 +1437,10 @@ _PySys_Init(void)
PyString_FromString(Py_GetCopyright()));
SET_SYS_FROM_STRING("platform",
PyString_FromString(Py_GetPlatform()));
+ SET_SYS_FROM_STRING("arch",
+ PyString_FromString(Py_GetArch()));
+ SET_SYS_FROM_STRING("lib",
+ PyString_FromString(Py_GetLib()));
SET_SYS_FROM_STRING("executable",
PyString_FromString(Py_GetProgramFullPath()));
SET_SYS_FROM_STRING("prefix",
--- a/setup.py
+++ b/setup.py
@@ -456,7 +456,7 @@ class PyBuildExt(build_ext):
def detect_modules(self):
# Ensure that /usr/local is always used
if not cross_compiling:
- add_dir_to_list(self.compiler.library_dirs, '/usr/local/lib')
+ add_dir_to_list(self.compiler.library_dirs, '/usr/local/' +
sys.lib)
add_dir_to_list(self.compiler.include_dirs, '/usr/local/include')
if cross_compiling:
self.add_gcc_paths()
@@ -782,11 +782,11 @@ class PyBuildExt(build_ext):
elif curses_library:
readline_libs.append(curses_library)
elif self.compiler.find_library_file(lib_dirs +
- ['/usr/lib/termcap'],
+
['/usr/'+sys.lib+'/termcap'],
'termcap'):
readline_libs.append('termcap')
exts.append( Extension('readline', ['readline.c'],
- library_dirs=['/usr/lib/termcap'],
+ library_dirs=['/usr/'+sys.lib+'/termcap'],
extra_link_args=readline_extra_link_args,
libraries=readline_libs) )
else:
@@ -1933,18 +1933,17 @@ class PyBuildExt(build_ext):
# Check for various platform-specific directories
if host_platform == 'sunos5':
include_dirs.append('/usr/openwin/include')
- added_lib_dirs.append('/usr/openwin/lib')
+ added_lib_dirs.append('/usr/openwin/' + sys.lib)
elif os.path.exists('/usr/X11R6/include'):
include_dirs.append('/usr/X11R6/include')
- added_lib_dirs.append('/usr/X11R6/lib64')
- added_lib_dirs.append('/usr/X11R6/lib')
+ added_lib_dirs.append('/usr/X11R6/' + sys.lib)
elif os.path.exists('/usr/X11R5/include'):
include_dirs.append('/usr/X11R5/include')
- added_lib_dirs.append('/usr/X11R5/lib')
+ added_lib_dirs.append('/usr/X11R5/' + sys.lib)
else:
# Assume default location for X11
include_dirs.append('/usr/X11/include')
- added_lib_dirs.append('/usr/X11/lib')
+ added_lib_dirs.append('/usr/X11/' + sys.lib)
# If Cygwin, then verify that X is installed before proceeding
if host_platform == 'cygwin':
++++++ python-2.7.9-sles-disable-verification-by-default.patch ++++++
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -495,7 +495,17 @@ def _get_https_context_factory():
config_setting = os.environ.get(_https_verify_envvar)
if config_setting == '0':
return _create_unverified_context
- return create_default_context
+
+ try:
+ # load the TLS checks policy from separate package
+ import sle_tls_checks_policy as policy
+ if policy.get_policy:
+ return policy.get_policy()
+ else:
+ # empty policy file means simply enable strict verification
+ return create_default_context
+ except ImportError:
+ return create_default_context
_create_default_https_context = _get_https_context_factory()
++++++ python-2.7.9-ssl_ca_path.patch ++++++
--- a/Lib/ssl.py
+++ b/Lib/ssl.py
@@ -537,7 +537,15 @@ class SSLSocket(socket):
self._context = SSLContext(ssl_version)
self._context.verify_mode = cert_reqs
if ca_certs:
- self._context.load_verify_locations(ca_certs)
+ capath = None
+ cafile = None
+ if os.path.isdir(ca_certs):
+ capath = ca_certs
+ else:
+ cafile = ca_certs
+ self._context.load_verify_locations(cafile=cafile,
capath=capath)
+ elif cert_reqs != CERT_NONE:
+ self._context.set_default_verify_paths()
if certfile:
self._context.load_cert_chain(certfile, keyfile)
if npn_protocols:
++++++ python-base-rpmlintrc ++++++
addFilter("devel-file-in-non-devel-package.*/usr/lib.*/python.*/distutils/tests/xxmodule.c")
addFilter("devel-file-in-non-devel-package.*/usr/include/python.*/pyconfig.h")
++++++ python-bsddb6.patch ++++++
From: Jan Engelhardt <[email protected]>
Date: 2013-07-06 16:07:31.146616589 +0200
This patch was partially autogenerated:
- copying python-bsddb3-6.0.0 sources into the python-2.7.5 tree
- creating a diff -w against the unmodified python-2.7.5
- stripped all hunks that pertained to module renaming
- manually added db6 searching to setup.py
---
Lib/bsddb/test/test_all.py | 15 +++--
Lib/bsddb/test/test_misc.py | 5 +
Lib/bsddb/test/test_replication.py | 25 +-------
Modules/_bsddb.c | 108 +++++++++++++++++++++++++++++++++----
Modules/bsddb.h | 2
setup.py | 6 +-
6 files changed, 120 insertions(+), 41 deletions(-)
--- a/Lib/bsddb/test/test_all.py
+++ b/Lib/bsddb/test/test_all.py
@@ -74,8 +74,9 @@ if sys.version_info[0] >= 3 :
key = key.decode(charset)
return (key, value.decode(charset))
- def __next__(self) :
- v = getattr(self._dbcursor, "next")()
+ def __next__(self, flags=0, dlen=-1, doff=-1) :
+ v = getattr(self._dbcursor, "next")(flags=flags, dlen=dlen,
+ doff=doff)
return self._fix(v)
next = __next__
@@ -128,8 +129,8 @@ if sys.version_info[0] >= 3 :
v = self._dbcursor.current(flags=flags, dlen=dlen, doff=doff)
return self._fix(v)
- def first(self) :
- v = self._dbcursor.first()
+ def first(self, flags=0, dlen=-1, doff=-1) :
+ v = self._dbcursor.first(flags=flags, dlen=dlen, doff=doff)
return self._fix(v)
def pget(self, key=None, data=None, flags=0) :
@@ -489,7 +490,11 @@ def print_versions():
print 'py module: %s' % getattr(bsddb, "__file"+suffix)
print 'extension module: %s' % getattr(bsddb, "__file"+suffix)
- print 'python version: %s' % sys.version
+ print 'Test working dir: %s' % get_test_path_prefix()
+ import platform
+ print 'python version: %s %s' % \
+ (sys.version.replace("\r", "").replace("\n", ""), \
+ platform.architecture()[0])
print 'My pid: %s' % os.getpid()
print '-=' * 38
--- a/Lib/bsddb/test/test_misc.py
+++ b/Lib/bsddb/test/test_misc.py
@@ -46,8 +46,9 @@ class MiscTestCase(unittest.TestCase):
d[repr(i)] = repr(100*i)
db.close()
db = hashopen(self.filename)
- rp = repr(db)
- self.assertEqual(rp, repr(d))
+ rp = repr(sorted(db.items()))
+ rd = repr(sorted(d.items()))
+ self.assertEqual(rp, rd)
db.close()
#
http://sourceforge.net/tracker/index.php?func=detail&aid=1708868&group_id=13900&atid=313900
--- a/Lib/bsddb/test/test_replication.py
+++ b/Lib/bsddb/test/test_replication.py
@@ -165,21 +165,10 @@ class DBReplicationManager(DBReplication
# is not generated if the master has no new transactions.
# This is solved in BDB 4.6 (#15542).
import time
- timeout = time.time()+60
+ timeout = time.time()+10
while (time.time()<timeout) and not (self.confirmed_master and
self.client_startupdone) :
time.sleep(0.02)
- # self.client_startupdone does not always get set to True within
- # the timeout. On windows this may be a deep issue, on other
- # platforms it is likely just a timing issue, especially on slow
- # virthost buildbots (see issue 3892 for more). Even though
- # the timeout triggers, the rest of this test method usually passes
- # (but not all of it always, see below). So we just note the
- # timeout on stderr and keep soldering on.
- if time.time()>timeout:
- import sys
- print >> sys.stderr, ("XXX: timeout happened before"
- "startup was confirmed - see issue 3892")
- startup_timeout = True
+ self.assertTrue(time.time()<timeout)
d = self.dbenvMaster.repmgr_site_list()
self.assertEqual(len(d), 1)
@@ -237,14 +226,6 @@ class DBReplicationManager(DBReplication
txn.commit()
if v is None :
time.sleep(0.02)
- # If startup did not happen before the timeout above, then this test
- # sometimes fails. This happens randomly, which causes buildbot
- # instability, but all the other bsddb tests pass. Since bsddb3 in the
- # stdlib is currently not getting active maintenance, and is gone in
- # py3k, we just skip the end of the test in that case.
- if time.time()>=timeout and startup_timeout:
- self.skipTest("replication test skipped due to random failure, "
- "see issue 3892")
self.assertLess(time.time(), timeout)
self.assertEqual("123", v)
@@ -375,7 +356,7 @@ class DBBaseReplication(DBReplication) :
# is not generated if the master has no new transactions.
# This is solved in BDB 4.6 (#15542).
import time
- timeout = time.time()+60
+ timeout = time.time()+10
while (time.time()<timeout) and not (self.confirmed_master and
self.client_startupdone) :
time.sleep(0.02)
--- a/Modules/_bsddb.c
+++ b/Modules/_bsddb.c
@@ -124,10 +124,14 @@ typedef int Py_ssize_t;
#define NUMBER_Check PyLong_Check
#define NUMBER_AsLong PyLong_AsLong
#define NUMBER_FromLong PyLong_FromLong
+#define NUMBER_FromUnsignedLong PyLong_FromUnsignedLong
#else
#define NUMBER_Check PyInt_Check
#define NUMBER_AsLong PyInt_AsLong
#define NUMBER_FromLong PyInt_FromLong
+#if (PY_VERSION_HEX >= 0x02050000)
+#define NUMBER_FromUnsignedLong PyInt_FromSize_t
+#endif
#endif
#ifdef WITH_THREAD
@@ -853,6 +857,18 @@ static void _addIntToDict(PyObject* dict
Py_XDECREF(v);
}
+#if (DBVER >= 60) && (PY_VERSION_HEX >= 0x02050000)
+/* add an unsigned integer to a dictionary using the given name as a key */
+static void _addUnsignedIntToDict(PyObject* dict, char *name, unsigned int
value)
+{
+ PyObject* v = NUMBER_FromUnsignedLong((unsigned long) value);
+ if (!v || PyDict_SetItemString(dict, name, v))
+ PyErr_Clear();
+
+ Py_XDECREF(v);
+}
+#endif
+
/* The same, when the value is a time_t */
static void _addTimeTToDict(PyObject* dict, char *name, time_t value)
{
@@ -2677,13 +2693,21 @@ _default_cmp(const DBT *leftKey,
static int
_db_compareCallback(DB* db,
const DBT *leftKey,
- const DBT *rightKey)
+ const DBT *rightKey
+#if (DBVER >= 60)
+ , size_t *locp
+#endif
+ )
{
int res = 0;
PyObject *args;
PyObject *result = NULL;
DBObject *self = (DBObject *)db->app_private;
+# if (DBVER >= 60)
+ locp = NULL; /* As required by documentation */
+#endif
+
if (self == NULL || self->btCompareCallback == NULL) {
MYDB_BEGIN_BLOCK_THREADS;
PyErr_SetString(PyExc_TypeError,
@@ -2791,13 +2815,21 @@ DB_set_bt_compare(DBObject* self, PyObje
static int
_db_dupCompareCallback(DB* db,
const DBT *leftKey,
- const DBT *rightKey)
+ const DBT *rightKey
+#if (DBVER >= 60)
+ , size_t *locp
+#endif
+ )
{
int res = 0;
PyObject *args;
PyObject *result = NULL;
DBObject *self = (DBObject *)db->app_private;
+#if (DBVER >= 60)
+ locp = NULL; /* As required by documentation */
+#endif
+
if (self == NULL || self->dupCompareCallback == NULL) {
MYDB_BEGIN_BLOCK_THREADS;
PyErr_SetString(PyExc_TypeError,
@@ -3576,13 +3608,14 @@ Py_ssize_t DB_length(PyObject* _self)
err = self->db->stat(self->db, /*txnid*/ NULL, &sp, 0);
MYDB_END_ALLOW_THREADS;
+ if (makeDBError(err)) {
+ return -1;
+ }
+
/* All the stat structures have matching fields upto the ndata field,
so we can use any of them for the type cast */
size = ((DB_BTREE_STAT*)sp)->bt_ndata;
- if (err)
- return -1;
-
free(sp);
return size;
}
@@ -8420,12 +8453,22 @@ static PyObject*
DBSequence_get(DBSequenceObject* self, PyObject* args, PyObject* kwargs)
{
int err, flags = 0;
+#if (DBVER >= 60)
+ unsigned
+#endif
int delta = 1;
db_seq_t value;
PyObject *txnobj = NULL;
DB_TXN *txn = NULL;
static char* kwnames[] = {"delta", "txn", "flags", NULL };
- if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|iOi:get", kwnames,
&delta, &txnobj, &flags))
+
+ if (!PyArg_ParseTupleAndKeywords(args, kwargs,
+#if (DBVER >=60)
+ "|IOi:get",
+#else
+ "|iOi:get",
+#endif
+ kwnames, &delta, &txnobj, &flags))
return NULL;
CHECK_SEQUENCE_NOT_CLOSED(self)
@@ -8555,8 +8598,19 @@ DBSequence_remove(DBSequenceObject* self
static PyObject*
DBSequence_set_cachesize(DBSequenceObject* self, PyObject* args)
{
- int err, size;
- if (!PyArg_ParseTuple(args,"i:set_cachesize", &size))
+ int err;
+#if (DBVER >= 60)
+ unsigned
+#endif
+ int size;
+
+ if (!PyArg_ParseTuple(args,
+#if (DBVER >= 60)
+ "I:set_cachesize",
+#else
+ "i:set_cachesize",
+#endif
+ &size))
return NULL;
CHECK_SEQUENCE_NOT_CLOSED(self)
@@ -8571,7 +8625,11 @@ DBSequence_set_cachesize(DBSequenceObjec
static PyObject*
DBSequence_get_cachesize(DBSequenceObject* self)
{
- int err, size;
+ int err;
+#if (DBVER >= 60)
+ unsigned
+#endif
+ int size;
CHECK_SEQUENCE_NOT_CLOSED(self)
@@ -8700,6 +8758,9 @@ DBSequence_stat(DBSequenceObject* self,
#define MAKE_INT_ENTRY(name) _addIntToDict(dict_stat, #name, sp->st_##name)
+#if (DBVER >= 60) && (PY_VERSION_HEX >= 0x02050000)
+#define MAKE_UNSIGNED_INT_ENTRY(name) _addUnsignedIntToDict(dict_stat,
#name, sp->st_##name)
+#endif
#define MAKE_LONG_LONG_ENTRY(name) _addDb_seq_tToDict(dict_stat, #name,
sp->st_##name)
MAKE_INT_ENTRY(wait);
@@ -8709,10 +8770,15 @@ DBSequence_stat(DBSequenceObject* self,
MAKE_LONG_LONG_ENTRY(last_value);
MAKE_LONG_LONG_ENTRY(min);
MAKE_LONG_LONG_ENTRY(max);
+#if (DBVER >= 60) && (PY_VERSION_HEX >= 0x02050000)
+ MAKE_UNSIGNED_INT_ENTRY(cache_size);
+#else
MAKE_INT_ENTRY(cache_size);
+#endif
MAKE_INT_ENTRY(flags);
#undef MAKE_INT_ENTRY
+#undef MAKE_UNSIGNED_INT_ENTRY
#undef MAKE_LONG_LONG_ENTRY
free(sp);
@@ -9014,7 +9080,7 @@ static PyMethodDef DBEnv_methods[] = {
{"txn_recover", (PyCFunction)DBEnv_txn_recover, METH_NOARGS},
#if (DBVER < 48)
{"set_rpc_server", (PyCFunction)DBEnv_set_rpc_server,
- METH_VARARGS|METH_KEYWORDS},
+ METH_VARARGS||METH_KEYWORDS},
#endif
{"set_mp_max_openfd", (PyCFunction)DBEnv_set_mp_max_openfd, METH_VARARGS},
{"get_mp_max_openfd", (PyCFunction)DBEnv_get_mp_max_openfd, METH_NOARGS},
@@ -9986,6 +10052,10 @@ PyMODINIT_FUNC PyInit__bsddb(void) /
ADD_INT(d, DB_LOG_ZERO);
#endif
+#if (DBVER >= 60)
+ ADD_INT(d, DB_LOG_BLOB);
+#endif
+
#if (DBVER >= 44)
ADD_INT(d, DB_DSYNC_DB);
#endif
@@ -10046,6 +10116,10 @@ PyMODINIT_FUNC PyInit__bsddb(void) /
ADD_INT(d, DB_EVENT_REG_PANIC);
#endif
+#if (DBVER >= 60)
+ ADD_INT(d, DB_EVENT_REP_AUTOTAKEOVER_FAILED);
+#endif
+
#if (DBVER >=52)
ADD_INT(d, DB_EVENT_REP_SITE_ADDED);
ADD_INT(d, DB_EVENT_REP_SITE_REMOVED);
@@ -10150,6 +10224,20 @@ PyMODINIT_FUNC PyInit__bsddb(void) /
ADD_INT(d, DB_REP_CONF_INMEM);
#endif
+#if (DBVER >= 60)
+ ADD_INT(d, DB_REPMGR_ISVIEW);
+#endif
+
+#if (DBVER >= 60)
+ ADD_INT(d, DB_DBT_BLOB);
+#endif
+
+#if (DBVER >= 60)
+ ADD_INT(d, DB_STREAM_READ);
+ ADD_INT(d, DB_STREAM_WRITE);
+ ADD_INT(d, DB_STREAM_SYNC_WRITE);
+#endif
+
ADD_INT(d, DB_TIMEOUT);
#if (DBVER >= 50)
--- a/Modules/bsddb.h
+++ b/Modules/bsddb.h
@@ -110,7 +110,7 @@
#error "eek! DBVER can't handle minor versions > 9"
#endif
-#define PY_BSDDB_VERSION "5.3.0"
+#define PY_BSDDB_VERSION "6.0.0"
/* Python object definitions */
--- a/setup.py
+++ b/setup.py
@@ -905,7 +905,7 @@ class PyBuildExt(build_ext):
# a release. Most open source OSes come with one or more
# versions of BerkeleyDB already installed.
- max_db_ver = (5, 3)
+ max_db_ver = (6, 0)
min_db_ver = (4, 3)
db_setup_debug = False # verbose debug prints from this script?
@@ -945,6 +945,7 @@ class PyBuildExt(build_ext):
# construct a list of paths to look for the header file in on
# top of the normal inc_dirs.
db_inc_paths = [
+ '/usr/include/db6',
'/usr/include/db4',
'/usr/local/include/db4',
'/opt/sfw/include/db4',
@@ -984,6 +985,7 @@ class PyBuildExt(build_ext):
for dn in inc_dirs:
std_variants.append(os.path.join(dn, 'db3'))
std_variants.append(os.path.join(dn, 'db4'))
+ std_variants.append(os.path.join(dn, 'db6'))
for x in gen_db_minor_ver_nums(4):
std_variants.append(os.path.join(dn, "db4%d"%x))
std_variants.append(os.path.join(dn, "db4.%d"%x))
++++++ python-bundle-lang.patch ++++++
Index: Python-2.7.13/Lib/gettext.py
===================================================================
--- Python-2.7.13.orig/Lib/gettext.py
+++ Python-2.7.13/Lib/gettext.py
@@ -58,6 +58,7 @@ __all__ = ['NullTranslations', 'GNUTrans
]
_default_localedir = os.path.join(sys.prefix, 'share', 'locale')
+_default_bundlelocaledir = os.path.join(sys.prefix, 'share', 'locale-bundle')
# Expression parsing for plural form selection.
#
@@ -496,6 +497,10 @@ class GNUTranslations(NullTranslations):
# Locate a .mo file using the gettext strategy
def find(domain, localedir=None, languages=None, all=0):
+ if localedir in [None, _default_localedir]:
+ bundle = find(domain, localedir=_default_bundlelocaledir,
languages=languages, all=all)
+ if bundle:
+ return bundle
# Get some reasonable defaults for arguments that were not supplied
if localedir is None:
localedir = _default_localedir
++++++ python-distutils-rpm-8.patch ++++++
--- a/Lib/distutils/command/install.py
+++ b/Lib/distutils/command/install.py
@@ -154,6 +154,8 @@
('record=', None,
"filename in which to record list of installed files"),
+ ('record-rpm=', None,
+ "filename in which to record list of installed files and directories
suitable as filelist for rpm"),
]
boolean_options = ['compile', 'force', 'skip-build', 'user']
@@ -229,6 +231,7 @@
#self.install_info = None
self.record = None
+ self.record_rpm = None
# -- Option finalizing methods -------------------------------------
@@ -578,12 +581,61 @@
self.create_path_file()
# write list of installed files, if requested.
- if self.record:
+ if self.record or self.record_rpm:
outputs = self.get_outputs()
if self.root: # strip any package prefix
root_len = len(self.root)
for counter in xrange(len(outputs)):
outputs[counter] = outputs[counter][root_len:]
+ if self.record_rpm: # add directories
+ self.record = self.record_rpm
+ dirs = []
+ # directories to reject:
+ rejectdirs = [
+ '/etc',
+ '/',
+ '',
+ self.prefix,
+ self.exec_prefix,
+ self.install_base,
+ self.install_platbase,
+ self.install_purelib,
+ self.install_platlib,
+ self.install_headers[:len(self.install_headers) -
len(self.distribution.get_name()) - 1],
+ self.install_libbase,
+ self.install_scripts,
+ self.install_data,
+ os.path.join(self.install_data, 'share'),
+ os.path.join(self.install_data, 'share', 'doc'),
+ ]
+ # directories whose childs reject:
+ rejectdirs2 = [
+ os.path.join(self.install_data, 'share', 'man'),
+ ]
+ # directories whose grandsons reject:
+ rejectdirs3 = [
+ os.path.join(self.install_data, 'share', 'man'),
+ os.path.join(self.install_data, 'share', 'locale'),
+ ]
+ for counter in xrange(len(rejectdirs)):
+ if len(rejectdirs[counter]) > root_len:
+ rejectdirs[counter] = rejectdirs[counter][root_len:]
+ for counter in xrange(len(rejectdirs2)):
+ if len(rejectdirs2[counter]) > root_len:
+ rejectdirs2[counter] = rejectdirs2[counter][root_len:]
+ for counter in xrange(len(rejectdirs3)):
+ if len(rejectdirs3[counter]) > root_len:
+ rejectdirs3[counter] = rejectdirs3[counter][root_len:]
+ for counter in xrange(len(outputs)):
+ directory = os.path.dirname(outputs[counter])
+ while directory not in rejectdirs and \
+ os.path.dirname(directory) not in rejectdirs2 and \
+ os.path.dirname(os.path.dirname(directory)) not in
rejectdirs3:
+ dirname = '%dir ' + directory
+ if dirname not in dirs:
+ dirs.append(dirname)
+ directory = os.path.dirname(directory)
+ outputs += dirs
self.execute(write_file,
(self.record, outputs),
"writing list of installed files to '%s'" %
++++++ python-skip_random_failing_tests.patch ++++++
---
Lib/test/test_multiprocessing.py | 1 +
Lib/test/test_subprocess.py | 1 +
Lib/test/test_telnetlib.py | 2 ++
3 files changed, 4 insertions(+)
Index: Python-2.7.14/Lib/test/test_subprocess.py
===================================================================
--- Python-2.7.14.orig/Lib/test/test_subprocess.py
+++ Python-2.7.14/Lib/test/test_subprocess.py
@@ -654,6 +654,7 @@ class ProcessTestCase(BaseTestCase):
'ab ""')
+ @unittest.skip("transient failure on PowerPC")
def test_poll(self):
p = subprocess.Popen([sys.executable,
"-c", "import time; time.sleep(1)"])
Index: Python-2.7.14/Lib/test/test_telnetlib.py
===================================================================
--- Python-2.7.14.orig/Lib/test/test_telnetlib.py
+++ Python-2.7.14/Lib/test/test_telnetlib.py
@@ -134,6 +134,7 @@ class ReadTests(TestCase):
data = telnet.read_until('match')
self.assertEqual(data, ''.join(want[:-2]))
+ @unittest.skip("transient failure on PowerPC")
def test_read_until_B(self):
# test the timeout - it does NOT raise socket.timeout
want = ['hello', self.block_long, 'not seen', EOF_sigil]
@@ -420,6 +421,7 @@ class ExpectTests(TestCase):
(_,_,data) = telnet.expect(['match'])
self.assertEqual(data, ''.join(want[:-2]))
+ @unittest.skip("transient failure on PowerPC")
def test_expect_B(self):
# test the timeout - it does NOT raise socket.timeout
want = ['hello', self.block_long, 'not seen', EOF_sigil]
Index: Python-2.7.14/Lib/test/test_multiprocessing.py
===================================================================
--- Python-2.7.14.orig/Lib/test/test_multiprocessing.py
+++ Python-2.7.14/Lib/test/test_multiprocessing.py
@@ -1219,6 +1219,7 @@ class _TestPool(BaseTestCase):
self.assertEqual(get(), 49)
self.assertTimingAlmostEqual(get.elapsed, TIMEOUT1)
+ @unittest.skip("transient failure on PowerPC")
def test_async_timeout(self):
res = self.pool.apply_async(sqr, (6, TIMEOUT2 + 1.0))
get = TimingWrapper(res.get)
++++++ python-sorted_tar.patch ++++++
commit 6936e36efcc0a75c7d5e67b949c9749d61fa5ead
Author: Bernhard M. Wiedemann <[email protected]>
Date: Sun Jun 18 03:50:25 2017 +0200
tarfile: sort directory listing
to generate tar files in a more reproducible way
diff --git a/Lib/tarfile.py b/Lib/tarfile.py
index adf91d5382..36f6ed7167 100644
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
@@ -2027,7 +2027,7 @@ class TarFile(object):
elif tarinfo.isdir():
self.addfile(tarinfo)
if recursive:
- for f in os.listdir(name):
+ for f in sorted(os.listdir(name)):
self.add(os.path.join(name, f), os.path.join(arcname, f),
recursive, exclude, filter)
++++++ remove-static-libpython.patch ++++++
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
@@ -488,7 +488,7 @@ coverage-report: regen-grammar
# Build the interpreter
-$(BUILDPYTHON): Modules/python.o $(LIBRARY) $(LDLIBRARY)
+$(BUILDPYTHON): Modules/python.o $(LDLIBRARY)
$(LINKCC) $(LDFLAGS) $(LINKFORSHARED) -o $@ \
Modules/python.o \
$(BLDLIBRARY) $(LIBS) $(MODLIBS) $(SYSLIBS) $(LDLAST)
@@ -529,18 +529,6 @@ sharedmods: $(BUILDPYTHON) pybuilddir.tx
_TCLTK_INCLUDES='$(TCLTK_INCLUDES)' _TCLTK_LIBS='$(TCLTK_LIBS)'
\
$(PYTHON_FOR_BUILD) $(srcdir)/setup.py $$quiet build
-# Build static library
-# avoid long command lines, same as LIBRARY_OBJS
-$(LIBRARY): $(LIBRARY_OBJS)
- -rm -f $@
- $(AR) $(ARFLAGS) $@ Modules/getbuildinfo.o
- $(AR) $(ARFLAGS) $@ $(PARSER_OBJS)
- $(AR) $(ARFLAGS) $@ $(OBJECT_OBJS)
- $(AR) $(ARFLAGS) $@ $(PYTHON_OBJS)
- $(AR) $(ARFLAGS) $@ $(MODULE_OBJS) $(SIGNAL_OBJS)
- $(AR) $(ARFLAGS) $@ $(MODOBJS)
- $(RANLIB) $@
-
libpython$(VERSION).so: $(LIBRARY_OBJS)
if test $(INSTSONAME) != $(LDLIBRARY); then \
$(BLDSHARED) -Wl,-h$(INSTSONAME) -o $(INSTSONAME)
$(LIBRARY_OBJS) $(MODLIBS) $(SHLIBS) $(LIBC) $(LIBM) $(LDLAST); \
@@ -1220,18 +1208,6 @@ libainstall: @DEF_MAKE_RULE@ python-conf
else true; \
fi; \
done
- @if test -d $(LIBRARY); then :; else \
- if test "$(PYTHONFRAMEWORKDIR)" = no-framework; then \
- if test "$(SO)" = .dll; then \
- $(INSTALL_DATA) $(LDLIBRARY) $(DESTDIR)$(LIBPL)
; \
- else \
- $(INSTALL_DATA) $(LIBRARY)
$(DESTDIR)$(LIBPL)/$(LIBRARY) ; \
- $(RANLIB) $(DESTDIR)$(LIBPL)/$(LIBRARY) ; \
- fi; \
- else \
- echo Skip install of $(LIBRARY) - use make
frameworkinstall; \
- fi; \
- fi
$(INSTALL_DATA) Modules/config.c $(DESTDIR)$(LIBPL)/config.c
$(INSTALL_DATA) Modules/python.o $(DESTDIR)$(LIBPL)/python.o
$(INSTALL_DATA) $(srcdir)/Modules/config.c.in
$(DESTDIR)$(LIBPL)/config.c.in
++++++ reproducible.patch ++++++
Index: Python-2.7.13/Lib/py_compile.py
===================================================================
--- Python-2.7.13.orig/Lib/py_compile.py
+++ Python-2.7.13/Lib/py_compile.py
@@ -108,6 +108,10 @@ def compile(file, cfile=None, dfile=None
timestamp = long(os.fstat(f.fileno()).st_mtime)
except AttributeError:
timestamp = long(os.stat(file).st_mtime)
+ sde = os.environ.get('SOURCE_DATE_EPOCH')
+ if sde and timestamp > int(sde):
+ timestamp = int(sde)
+ os.utime(file, (timestamp, timestamp))
codestring = f.read()
try:
codeobject = __builtin__.compile(codestring, dfile or file,'exec')
++++++ sle_tls_checks_policy.py ++++++
import ssl
def get_policy():
return ssl.create_default_context
++++++ sparc_longdouble.patch ++++++
Python ticket 6029
==== //tools/python/2.6.2/src/base/Modules/_ctypes/libffi/src/sparc/ffi.c#1 -
/home/build/clifford/gpdb/tools/python/2.6.2/src/base/Modules/_ctypes/libffi/src/sparc/ffi.c
====
---
Modules/_ctypes/libffi/src/sparc/ffi.c | 5 +++++
1 file changed, 5 insertions(+)
--- a/Modules/_ctypes/libffi/src/sparc/ffi.c
+++ b/Modules/_ctypes/libffi/src/sparc/ffi.c
@@ -652,6 +652,11 @@
}
else
{
+#if FFI_TYPE_LONGDOUBLE != FFI_TYPE_DOUBLE
+ /* SparcV9 long double is 16-byte aligned; skip arg if necessary */
+ if (arg_types[i]->type == FFI_TYPE_LONGDOUBLE && (argn & 1))
+ argn++;
+#endif
/* Right-justify. */
argn += ALIGN(arg_types[i]->size, FFI_SIZEOF_ARG) / FFI_SIZEOF_ARG;
