[dev-lang/python] add python:3.3 with disabled USE=tk
This commit is contained in:
@@ -1,2 +1,4 @@
|
||||
DIST Python-2.7.5.tar.xz 10252148 SHA256 f33c4cab167dc69e10962e1cebf1c0768e2d0e8575648130c20e6bda84551db1 SHA512 c4691199d770cc4130604cd801375967ae0bb8a39ef34e01a4c8ab58d1c23ae83a1b493305178c4317c5622a19857750d33ffc3f10075becd5766ae664c68ee1 WHIRLPOOL fc5d3762cd67214b30de8b43024f5952362c4c811f23837e43ac2a7747c5353cc49b8785e75edd760ea58420609cd67a9a7e94abd2ea8ab25b3271af6a85168d
|
||||
DIST Python-3.3.2.tar.xz 11847676 SHA256 745b32c4b810e36fa66346198dbc2e313524fd68888922b85005656825e64b43 SHA512 2855cfed63f2e68cdfc02dc526f68402e893baf95146ba8254619b5a8e3bfbc07a3b7f089efe2450dc1b0bb1328c229b66664bde8ebda10a1f19fc02232ba74d WHIRLPOOL c8ffaea4b130bcfd112966ee82fa6023e0c2bf263494a1c233d783855e7407e0d62adacabe3d816fe93baf5964f7cfc256aedf2919fd8e6b1e9b37a855855c2c
|
||||
DIST python-gentoo-patches-2.7.5-0.tar.xz 13848 SHA256 b84ff6a7669d639272cb2f94d4268d3be3af64903a380f4f60ab539e4a29b111 SHA512 9fec0ba9d958894861d4282ff9145f0387ad7fd3914a3689d148308f56158c1b397f0816c58383d2cf198f9a3b9bf321f2f441ec4aa91e4a503cd957b4a7fbd4 WHIRLPOOL 39d807453f6510f14db1b74f5dac1cd2c52d00be356d132c0f9229caeb8ba8bcbbbf32b05b3d3f6236e853b204ecb961e6b12cabacaadf5f515e93f00cda71d5
|
||||
DIST python-gentoo-patches-3.3.2-1.tar.xz 12768 SHA256 70029e36f15dab18727a92215e46ff1b0132a842ab94781041cc96234f857a45 SHA512 4aee548201251200aa075304f8d342f0d2a39cf90c65b5a6172b135a85c82fc4118a8798843f09e1706671aaca112c29b29f22650ccbe75780d4ef4db586b52b WHIRLPOOL 0f7ae2218302a3820f955362f4934c9fad9e38c35a1f2b5e77be9a57ceb829a7cfeeb61b62043218073981ab2c789dfa77027c2ef7d962f0420cc191b9d88dcf
|
||||
|
||||
@@ -0,0 +1,51 @@
|
||||
# HG changeset patch
|
||||
# User Antoine Pitrou <solipsis@pitrou.net>
|
||||
# Date 1368892602 -7200
|
||||
# Sat May 18 17:56:42 2013 +0200
|
||||
# Branch 3.3
|
||||
# Node ID c627638753e2d25a98950585b259104a025937a9
|
||||
# Parent 9682241dc8fcb4b1aef083bd30860efa070c3d6d
|
||||
Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099).
|
||||
|
||||
diff --git a/Lib/ssl.py b/Lib/ssl.py
|
||||
--- a/Lib/ssl.py
|
||||
+++ b/Lib/ssl.py
|
||||
@@ -129,9 +129,16 @@
|
||||
pass
|
||||
|
||||
|
||||
-def _dnsname_to_pat(dn):
|
||||
+def _dnsname_to_pat(dn, max_wildcards=1):
|
||||
pats = []
|
||||
for frag in dn.split(r'.'):
|
||||
+ if frag.count('*') > max_wildcards:
|
||||
+ # Issue #17980: avoid denials of service by refusing more
|
||||
+ # than one wildcard per fragment. A survery of established
|
||||
+ # policy among SSL implementations showed it to be a
|
||||
+ # reasonable choice.
|
||||
+ raise CertificateError(
|
||||
+ "too many wildcards in certificate DNS name: " + repr(dn))
|
||||
if frag == '*':
|
||||
# When '*' is a fragment by itself, it matches a non-empty dotless
|
||||
# fragment.
|
||||
diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
|
||||
--- a/Lib/test/test_ssl.py
|
||||
+++ b/Lib/test/test_ssl.py
|
||||
@@ -349,6 +349,17 @@
|
||||
self.assertRaises(ValueError, ssl.match_hostname, None, 'example.com')
|
||||
self.assertRaises(ValueError, ssl.match_hostname, {}, 'example.com')
|
||||
|
||||
+ # Issue #17980: avoid denials of service by refusing more than one
|
||||
+ # wildcard per fragment.
|
||||
+ cert = {'subject': ((('commonName', 'a*b.com'),),)}
|
||||
+ ok(cert, 'axxb.com')
|
||||
+ cert = {'subject': ((('commonName', 'a*b.co*'),),)}
|
||||
+ ok(cert, 'axxb.com')
|
||||
+ cert = {'subject': ((('commonName', 'a*b*.com'),),)}
|
||||
+ with self.assertRaises(ssl.CertificateError) as cm:
|
||||
+ ssl.match_hostname(cert, 'axxbxxc.com')
|
||||
+ self.assertIn("too many wildcards", str(cm.exception))
|
||||
+
|
||||
def test_server_side(self):
|
||||
# server_hostname doesn't work for server sockets
|
||||
ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||
@@ -0,0 +1,352 @@
|
||||
# Copyright 1999-2013 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/python-3.3.2-r1.ebuild,v 1.1 2013/07/03 00:22:27 floppym Exp $
|
||||
|
||||
EAPI="3"
|
||||
WANT_AUTOMAKE="none"
|
||||
WANT_LIBTOOL="none"
|
||||
|
||||
inherit autotools eutils flag-o-matic multilib pax-utils python-utils-r1 toolchain-funcs multiprocessing
|
||||
|
||||
MY_P="Python-${PV}"
|
||||
PATCHSET_REVISION="1"
|
||||
|
||||
DESCRIPTION="An interpreted, interactive, object-oriented programming language"
|
||||
HOMEPAGE="http://www.python.org/"
|
||||
SRC_URI="http://www.python.org/ftp/python/${PV}/${MY_P}.tar.xz
|
||||
mirror://gentoo/python-gentoo-patches-${PV}-${PATCHSET_REVISION}.tar.xz"
|
||||
|
||||
LICENSE="PSF-2"
|
||||
SLOT="3.3"
|
||||
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
|
||||
IUSE="build doc elibc_uclibc examples gdbm hardened ipv6 +ncurses +readline sqlite +ssl +threads tk wininst +xml"
|
||||
|
||||
# Do not add a dependency on dev-lang/python to this ebuild.
|
||||
# If you need to apply a patch which requires python for bootstrapping, please
|
||||
# run the bootstrap code on your dev box and include the results in the
|
||||
# patchset. See bug 447752.
|
||||
|
||||
RDEPEND="app-arch/bzip2
|
||||
>=sys-libs/zlib-1.1.3
|
||||
virtual/libffi
|
||||
virtual/libintl
|
||||
!build? (
|
||||
gdbm? ( sys-libs/gdbm[berkdb] )
|
||||
ncurses? (
|
||||
>=sys-libs/ncurses-5.2
|
||||
readline? ( >=sys-libs/readline-4.1 )
|
||||
)
|
||||
sqlite? ( >=dev-db/sqlite-3.3.8:3[extensions] )
|
||||
ssl? ( dev-libs/openssl )
|
||||
xml? ( >=dev-libs/expat-2.1 )
|
||||
)
|
||||
!!<sys-apps/sandbox-2.6-r1"
|
||||
DEPEND="${RDEPEND}
|
||||
virtual/pkgconfig
|
||||
>=sys-devel/autoconf-2.65
|
||||
!sys-devel/gcc[libffi]"
|
||||
RDEPEND+=" !build? ( app-misc/mime-types )
|
||||
doc? ( dev-python/python-docs:${SLOT} )"
|
||||
PDEPEND="app-admin/eselect-python
|
||||
app-admin/python-updater"
|
||||
|
||||
S="${WORKDIR}/${MY_P}"
|
||||
|
||||
src_prepare() {
|
||||
# Ensure that internal copies of expat, libffi and zlib are not used.
|
||||
rm -fr Modules/expat
|
||||
rm -fr Modules/_ctypes/libffi*
|
||||
rm -fr Modules/zlib
|
||||
|
||||
EPATCH_SUFFIX="patch" epatch "${WORKDIR}/${PV}-${PATCHSET_REVISION}"
|
||||
|
||||
epatch "${FILESDIR}/python-3.3-CVE-2013-2099.patch"
|
||||
|
||||
sed -i -e "s:@@GENTOO_LIBDIR@@:$(get_libdir):g" \
|
||||
Lib/distutils/command/install.py \
|
||||
Lib/distutils/sysconfig.py \
|
||||
Lib/site.py \
|
||||
Lib/sysconfig.py \
|
||||
Lib/test/test_site.py \
|
||||
Makefile.pre.in \
|
||||
Modules/Setup.dist \
|
||||
Modules/getpath.c \
|
||||
setup.py || die "sed failed to replace @@GENTOO_LIBDIR@@"
|
||||
|
||||
# Disable ABI flags.
|
||||
sed -e "s/ABIFLAGS=\"\${ABIFLAGS}.*\"/:/" -i configure.ac || die "sed failed"
|
||||
|
||||
epatch_user
|
||||
|
||||
eautoconf
|
||||
eautoheader
|
||||
}
|
||||
|
||||
src_configure() {
|
||||
if use build; then
|
||||
# Disable extraneous modules with extra dependencies.
|
||||
export PYTHON_DISABLE_MODULES="gdbm _curses _curses_panel readline _sqlite3 _tkinter _elementtree pyexpat"
|
||||
export PYTHON_DISABLE_SSL="1"
|
||||
else
|
||||
local disable
|
||||
use gdbm || disable+=" gdbm"
|
||||
use ncurses || disable+=" _curses _curses_panel"
|
||||
use readline || disable+=" readline"
|
||||
use sqlite || disable+=" _sqlite3"
|
||||
use ssl || export PYTHON_DISABLE_SSL="1"
|
||||
# use tk ||
|
||||
disable+=" _tkinter"
|
||||
use xml || disable+=" _elementtree pyexpat" # _elementtree uses pyexpat.
|
||||
export PYTHON_DISABLE_MODULES="${disable}"
|
||||
|
||||
if ! use xml; then
|
||||
ewarn "You have configured Python without XML support."
|
||||
ewarn "This is NOT a recommended configuration as you"
|
||||
ewarn "may face problems parsing any XML documents."
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ -n "${PYTHON_DISABLE_MODULES}" ]]; then
|
||||
einfo "Disabled modules: ${PYTHON_DISABLE_MODULES}"
|
||||
fi
|
||||
|
||||
if [[ "$(gcc-major-version)" -ge 4 ]]; then
|
||||
append-flags -fwrapv
|
||||
fi
|
||||
|
||||
filter-flags -malign-double
|
||||
|
||||
[[ "${ARCH}" == "alpha" ]] && append-flags -fPIC
|
||||
|
||||
# https://bugs.gentoo.org/show_bug.cgi?id=50309
|
||||
if is-flagq -O3; then
|
||||
is-flagq -fstack-protector-all && replace-flags -O3 -O2
|
||||
use hardened && replace-flags -O3 -O2
|
||||
fi
|
||||
|
||||
# Run the configure scripts in parallel.
|
||||
multijob_init
|
||||
|
||||
mkdir -p "${WORKDIR}"/{${CBUILD},${CHOST}}
|
||||
|
||||
if tc-is-cross-compiler; then
|
||||
(
|
||||
multijob_child_init
|
||||
cd "${WORKDIR}"/${CBUILD} >/dev/null
|
||||
OPT="-O1" CFLAGS="" CPPFLAGS="" LDFLAGS="" CC="" \
|
||||
"${S}"/configure \
|
||||
--{build,host}=${CBUILD} \
|
||||
|| die "cross-configure failed"
|
||||
) &
|
||||
multijob_post_fork
|
||||
|
||||
# The configure script assumes it's buggy when cross-compiling.
|
||||
export ac_cv_buggy_getaddrinfo=no
|
||||
export ac_cv_have_long_long_format=yes
|
||||
fi
|
||||
|
||||
# Export CXX so it ends up in /usr/lib/python3.X/config/Makefile.
|
||||
tc-export CXX
|
||||
# The configure script fails to use pkg-config correctly.
|
||||
# http://bugs.python.org/issue15506
|
||||
export ac_cv_path_PKG_CONFIG=$(tc-getPKG_CONFIG)
|
||||
|
||||
# Set LDFLAGS so we link modules with -lpython3.2 correctly.
|
||||
# Needed on FreeBSD unless Python 3.2 is already installed.
|
||||
# Please query BSD team before removing this!
|
||||
append-ldflags "-L."
|
||||
|
||||
local dbmliborder
|
||||
if use gdbm; then
|
||||
dbmliborder+="${dbmliborder:+:}gdbm"
|
||||
fi
|
||||
|
||||
cd "${WORKDIR}"/${CHOST}
|
||||
ECONF_SOURCE=${S} OPT="" \
|
||||
econf \
|
||||
--with-fpectl \
|
||||
--enable-shared \
|
||||
$(use_enable ipv6) \
|
||||
$(use_with threads) \
|
||||
--infodir='${prefix}/share/info' \
|
||||
--mandir='${prefix}/share/man' \
|
||||
--with-computed-gotos \
|
||||
--with-dbmliborder="${dbmliborder}" \
|
||||
--with-libc="" \
|
||||
--enable-loadable-sqlite-extensions \
|
||||
--with-system-expat \
|
||||
--with-system-ffi
|
||||
|
||||
if tc-is-cross-compiler; then
|
||||
# Modify the Makefile.pre so we don't regen for the host/ one.
|
||||
# We need to link the host python programs into $PWD and run
|
||||
# them from here because the distutils sysconfig module will
|
||||
# parse Makefile/etc... from argv[0], and we need it to pick
|
||||
# up the target settings, not the host ones.
|
||||
sed -i \
|
||||
-e '1iHOSTPYTHONPATH = ./hostpythonpath:' \
|
||||
-e '/^HOSTPYTHON/s:=.*:= ./hostpython:' \
|
||||
-e '/^HOSTPGEN/s:=.*:= ./Parser/hostpgen:' \
|
||||
Makefile{.pre,} || die "sed failed"
|
||||
fi
|
||||
|
||||
multijob_finish
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
if tc-is-cross-compiler; then
|
||||
cd "${WORKDIR}"/${CBUILD}
|
||||
# Disable as many modules as possible -- but we need a few to install.
|
||||
PYTHON_DISABLE_MODULES=$(
|
||||
sed -n "/Extension('/{s:^.*Extension('::;s:'.*::;p}" "${S}"/setup.py | \
|
||||
egrep -v '(unicodedata|time|cStringIO|_struct|binascii)'
|
||||
) \
|
||||
PTHON_DISABLE_SSL="1" \
|
||||
SYSROOT= \
|
||||
emake || die "cross-make failed"
|
||||
# See comment in src_configure about these.
|
||||
ln python ../${CHOST}/hostpython || die
|
||||
ln Parser/pgen ../${CHOST}/Parser/hostpgen || die
|
||||
ln -s ../${CBUILD}/build/lib.*/ ../${CHOST}/hostpythonpath || die
|
||||
fi
|
||||
|
||||
cd "${WORKDIR}"/${CHOST}
|
||||
emake CPPFLAGS="" CFLAGS="" LDFLAGS="" || die "emake failed"
|
||||
|
||||
# Work around bug 329499. See also bug 413751 and 457194.
|
||||
if has_version dev-libs/libffi[pax_kernel]; then
|
||||
pax-mark E python
|
||||
else
|
||||
pax-mark m python
|
||||
fi
|
||||
}
|
||||
|
||||
src_test() {
|
||||
# Tests will not work when cross compiling.
|
||||
if tc-is-cross-compiler; then
|
||||
elog "Disabling tests due to crosscompiling."
|
||||
return
|
||||
fi
|
||||
|
||||
cd "${WORKDIR}"/${CHOST}
|
||||
|
||||
# Skip failing tests.
|
||||
local skipped_tests="gdb"
|
||||
|
||||
for test in ${skipped_tests}; do
|
||||
mv "${S}"/Lib/test/test_${test}.py "${T}"
|
||||
done
|
||||
|
||||
# Rerun failed tests in verbose mode (regrtest -w).
|
||||
PYTHONDONTWRITEBYTECODE="" emake test EXTRATESTOPTS="-w" CPPFLAGS="" CFLAGS="" LDFLAGS="" < /dev/tty
|
||||
local result="$?"
|
||||
|
||||
for test in ${skipped_tests}; do
|
||||
mv "${T}/test_${test}.py" "${S}"/Lib/test
|
||||
done
|
||||
|
||||
elog "The following tests have been skipped:"
|
||||
for test in ${skipped_tests}; do
|
||||
elog "test_${test}.py"
|
||||
done
|
||||
|
||||
elog "If you would like to run them, you may:"
|
||||
elog "cd '${EPREFIX}/usr/$(get_libdir)/python${SLOT}/test'"
|
||||
elog "and run the tests separately."
|
||||
|
||||
if [[ "${result}" -ne 0 ]]; then
|
||||
die "emake test failed"
|
||||
fi
|
||||
}
|
||||
|
||||
src_install() {
|
||||
local libdir=${ED}/usr/$(get_libdir)/python${SLOT}
|
||||
|
||||
cd "${WORKDIR}"/${CHOST}
|
||||
emake DESTDIR="${D}" altinstall || die "emake altinstall failed"
|
||||
|
||||
sed \
|
||||
-e "s/\(CONFIGURE_LDFLAGS=\).*/\1/" \
|
||||
-e "s/\(PY_LDFLAGS=\).*/\1/" \
|
||||
-i "${libdir}/config-${SLOT}/Makefile" || die "sed failed"
|
||||
|
||||
# Backwards compat with Gentoo divergence.
|
||||
dosym python${SLOT}-config /usr/bin/python-config-${SLOT} || die
|
||||
|
||||
# Fix collisions between different slots of Python.
|
||||
rm -f "${ED}usr/$(get_libdir)/libpython3.so"
|
||||
|
||||
if use build; then
|
||||
rm -fr "${ED}usr/bin/idle${SLOT}" "${libdir}/"{idlelib,sqlite3,test,tkinter}
|
||||
else
|
||||
use elibc_uclibc && rm -fr "${libdir}/test"
|
||||
use sqlite || rm -fr "${libdir}/"{sqlite3,test/test_sqlite*}
|
||||
# use tk ||
|
||||
rm -fr "${ED}usr/bin/idle${SLOT}" "${libdir}/"{idlelib,tkinter,test/test_tk*}
|
||||
fi
|
||||
|
||||
use threads || rm -fr "${libdir}/multiprocessing"
|
||||
use wininst || rm -f "${libdir}/distutils/command/"wininst-*.exe
|
||||
|
||||
dodoc "${S}"/Misc/{ACKS,HISTORY,NEWS} || die "dodoc failed"
|
||||
|
||||
if use examples; then
|
||||
insinto /usr/share/doc/${PF}/examples
|
||||
find "${S}"/Tools -name __pycache__ -print0 | xargs -0 rm -fr
|
||||
doins -r "${S}"/Tools || die "doins failed"
|
||||
fi
|
||||
insinto /usr/share/gdb/auto-load/usr/$(get_libdir) #443510
|
||||
local libname=$(printf 'e:\n\t@echo $(INSTSONAME)\ninclude Makefile\n' | \
|
||||
emake --no-print-directory -s -f - 2>/dev/null)
|
||||
newins "${S}"/Tools/gdb/libpython.py "${libname}"-gdb.py
|
||||
|
||||
newconfd "${FILESDIR}/pydoc.conf" pydoc-${SLOT} || die "newconfd failed"
|
||||
newinitd "${FILESDIR}/pydoc.init" pydoc-${SLOT} || die "newinitd failed"
|
||||
sed \
|
||||
-e "s:@PYDOC_PORT_VARIABLE@:PYDOC${SLOT/./_}_PORT:" \
|
||||
-e "s:@PYDOC@:pydoc${SLOT}:" \
|
||||
-i "${ED}etc/conf.d/pydoc-${SLOT}" "${ED}etc/init.d/pydoc-${SLOT}" || die "sed failed"
|
||||
|
||||
# for python-exec
|
||||
python_export python${SLOT} EPYTHON PYTHON PYTHON_SITEDIR
|
||||
|
||||
# if not using a cross-compiler, use the fresh binary
|
||||
if ! tc-is-cross-compiler; then
|
||||
local PYTHON=./python \
|
||||
LD_LIBRARY_PATH=${LD_LIBRARY_PATH+${LD_LIBRARY_PATH}:}.
|
||||
export LD_LIBRARY_PATH
|
||||
fi
|
||||
|
||||
echo "EPYTHON='${EPYTHON}'" > epython.py
|
||||
python_domodule epython.py
|
||||
}
|
||||
|
||||
pkg_preinst() {
|
||||
if has_version "<${CATEGORY}/${PN}-${SLOT}" && ! has_version ">=${CATEGORY}/${PN}-${SLOT}_alpha"; then
|
||||
python_updater_warning="1"
|
||||
fi
|
||||
}
|
||||
|
||||
eselect_python_update() {
|
||||
if [[ -z "$(eselect python show)" || ! -f "${EROOT}usr/bin/$(eselect python show)" ]]; then
|
||||
eselect python update
|
||||
fi
|
||||
|
||||
if [[ -z "$(eselect python show --python${PV%%.*})" || ! -f "${EROOT}usr/bin/$(eselect python show --python${PV%%.*})" ]]; then
|
||||
eselect python update --python${PV%%.*}
|
||||
fi
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
eselect_python_update
|
||||
|
||||
if [[ "${python_updater_warning}" == "1" ]]; then
|
||||
ewarn "You have just upgraded from an older version of Python."
|
||||
ewarn "You should switch active version of Python ${PV%%.*} and run"
|
||||
ewarn "'python-updater [options]' to rebuild Python modules."
|
||||
fi
|
||||
}
|
||||
|
||||
pkg_postrm() {
|
||||
eselect_python_update
|
||||
}
|
||||
Reference in New Issue
Block a user