dev-lang/python: Backport secfixes to 3.6.10, redo patchset
authorMichał Górny <mgorny@gentoo.org>
Wed, 22 Apr 2020 11:57:16 +0000 (13:57 +0200)
committerMichał Górny <mgorny@gentoo.org>
Wed, 22 Apr 2020 13:32:24 +0000 (15:32 +0200)
Bug: https://bugs.gentoo.org/707822
Signed-off-by: Michał Górny <mgorny@gentoo.org>
dev-lang/python/Manifest
dev-lang/python/python-3.6.10-r2.ebuild [new file with mode: 0644]

index 56928c5db26c1bc9ad29a5b3c0ca47544acd6320..eb7eb3f1935b4f8d364d303bac40b4687f9008f3 100644 (file)
@@ -7,6 +7,7 @@ DIST Python-3.9.0a4.tar.xz 18032300 BLAKE2B 1c9ad55c7c055c3a704c4062e092d44b8d77
 DIST Python-3.9.0a5.tar.xz 18039660 BLAKE2B 2d8e273ef577ea3f19cb3f64c89f2229d68bd647112fc61753487b53f8efd78a9797ceaf68fecbd9d13483e825f79f20a7b01be2e0aeca2ee2e978108467b77f SHA512 b2f884a492eeb9fa7347c664bb6fd1dc3c25f663ebb4f9455b66540e12ce8da845c2ad4960999d5475625bc64c834f3cff28f61cd37881bdf53efa349c44bff3
 DIST python-gentoo-patches-2.7.17-r1.tar.xz 14708 BLAKE2B f6e25236a471649de122d0f29506f7a4f34044a568ead47a68980411d9722b761fe1f9d653d5edccb6978b65c8c1eecbef55f403b94f32b37c0ad68e061505a8 SHA512 ecdde5e38c6fe5e69691fb3a68c8f4f43da7857d4abaff763d3cf6ad864ba43c769c03b186b60f2736a1ffb1e3e4c9982715d1b8a99ff3f5740096153bb8a90f
 DIST python-gentoo-patches-2.7.18.tar.xz 15012 BLAKE2B f691e231c793bb8f11fb64c89b90e022af8e0fe0e28839822c2ae6214fdab6c6fd9c07466c4b5797d3964b7db09fd979597774fb7872dc674e8df59321b6bf95 SHA512 a2952b27bfc0a52f322b2f3e177cbe09fa288c9ca5967c13fb9c2d45d3e81033407e30e86bdaaaa258f0b3cfa2cef6eda5502bddb6390f9512a493d145d34e03
+DIST python-gentoo-patches-3.6.10-r1.tar.xz 15556 BLAKE2B 3d4755a083172fc878d3454797a4a7fa809c7767b7f2ba0919b95076b8ecba62ac604a7db349d8dd71f83aa44d4580d0c433ae6cd2027078e7779cec79185ba2 SHA512 b361ff3fe9545bb59a7e85f179a094d58219be35d20cef83db02672d0a9a58fccfda62fbe8c2bf64250c4043b8517cbc2091380611c5f1e63bfac9ca7c4e47b0
 DIST python-gentoo-patches-3.6.10.tar.xz 10964 BLAKE2B e32c8cb3050c7324ee234f585be7fc40cfacc6ad87759eaa300e57289e6dc6cbaed3913f33ad632b8754638e8d71983d8364ceeaad8ef325cfa6d4d2dfb56df0 SHA512 71fea7306c876c63888c4547eaf14dc2e0413dec343609d748cd1b5888e4605d47888758ebc5120a287ce833b69dd538073f91989460da7c40462b53eefca7ce
 DIST python-gentoo-patches-3.7.6.tar.xz 10084 BLAKE2B 220869e85bdaf9c21b1b05e13803bdb6ecc22ac0f69da77e57fd7c1cd93ef45ec43401b62732842e1bb3467feb6d65c8204120e2741e9eb6f4cab673fd3a8d62 SHA512 4c04b0cf7da55fa7973ab178e3ac2c59bc2142924bdced5954c058053280b6c663d7c39912286d10fe0e82ca30af6a0dd6a56fa85433f836217ca3dcbb284def
 DIST python-gentoo-patches-3.8.1-r2.tar.xz 10108 BLAKE2B 02d3e2ae95b5cfa67c0ba4ff618fbee51d2342955d0a064b80575beda73902bd72462e4f6dba63743bf9fc031d92c69153ef8bd8a0ab5d6e17bfdf8ed0152da5 SHA512 757f7cf6b0cb6c1493d8ed8e5780780efcb32860a9aeba4f933a3a3fb22c412bebde8854e34609465d8a12cb9545a7b19e5d5dbe87d772bb83acd9fe829b75cc
diff --git a/dev-lang/python/python-3.6.10-r2.ebuild b/dev-lang/python/python-3.6.10-r2.ebuild
new file mode 100644 (file)
index 0000000..c0a16fb
--- /dev/null
@@ -0,0 +1,359 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+WANT_LIBTOOL="none"
+
+inherit autotools flag-o-matic pax-utils python-utils-r1 toolchain-funcs
+
+MY_P="Python-${PV}"
+PYVER=$(ver_cut 1-2)
+PATCHSET="python-gentoo-patches-3.6.10-r1"
+
+DESCRIPTION="An interpreted, interactive, object-oriented programming language"
+HOMEPAGE="https://www.python.org/"
+SRC_URI="https://www.python.org/ftp/python/${PV}/${MY_P}.tar.xz
+       https://dev.gentoo.org/~mgorny/dist/python/${PATCHSET}.tar.xz"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="PSF-2"
+SLOT="${PYVER}/${PYVER}m"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE="bluetooth build examples gdbm hardened ipv6 libressl +ncurses +readline sqlite +ssl test +threads tk wininst +xml"
+RESTRICT="!test? ( test )"
+
+# Do not add a dependency on dev-lang/python to this ebuild.
+# If you need to apply a patch which requires python for bootstrapping, please
+# run the bootstrap code on your dev box and include the results in the
+# patchset. See bug 447752.
+
+RDEPEND="app-arch/bzip2:=
+       app-arch/xz-utils:=
+       dev-libs/libffi:=
+       >=sys-libs/zlib-1.1.3:=
+       virtual/libcrypt:=
+       virtual/libintl
+       gdbm? ( sys-libs/gdbm:=[berkdb] )
+       ncurses? ( >=sys-libs/ncurses-5.2:= )
+       readline? ( >=sys-libs/readline-4.1:= )
+       sqlite? ( >=dev-db/sqlite-3.3.8:3= )
+       ssl? (
+               !libressl? ( dev-libs/openssl:= )
+               libressl? ( dev-libs/libressl:= )
+       )
+       tk? (
+               >=dev-lang/tcl-8.0:=
+               >=dev-lang/tk-8.0:=
+               dev-tcltk/blt:=
+               dev-tcltk/tix
+       )
+       xml? ( >=dev-libs/expat-2.1:= )"
+# bluetooth requires headers from bluez
+DEPEND="${RDEPEND}
+       bluetooth? ( net-wireless/bluez )
+       test? ( app-arch/xz-utils[extra-filters(+)] )
+       virtual/pkgconfig
+       !sys-devel/gcc[libffi(-)]"
+RDEPEND+=" !build? ( app-misc/mime-types )"
+PDEPEND=">=app-eselect/eselect-python-20140125-r1"
+
+src_prepare() {
+       # Ensure that internal copies of expat, libffi and zlib are not used.
+       rm -fr Modules/expat || die
+       rm -fr Modules/_ctypes/libffi* || die
+       rm -fr Modules/zlib || die
+
+       local PATCHES=(
+               "${WORKDIR}/${PATCHSET}"
+       )
+
+       default
+
+       sed -i -e "s:@@GENTOO_LIBDIR@@:$(get_libdir):g" \
+               Lib/distutils/command/install.py \
+               Lib/distutils/sysconfig.py \
+               Lib/site.py \
+               Lib/sysconfig.py \
+               Lib/test/test_site.py \
+               Makefile.pre.in \
+               Modules/Setup.dist \
+               Modules/getpath.c \
+               configure.ac \
+               setup.py || die "sed failed to replace @@GENTOO_LIBDIR@@"
+
+       eautoreconf
+}
+
+src_configure() {
+       local disable
+       # disable automagic bluetooth headers detection
+       use bluetooth || export ac_cv_header_bluetooth_bluetooth_h=no
+       use gdbm      || disable+=" gdbm"
+       use ncurses   || disable+=" _curses _curses_panel"
+       use readline  || disable+=" readline"
+       use sqlite    || disable+=" _sqlite3"
+       use ssl       || export PYTHON_DISABLE_SSL="1"
+       use tk        || disable+=" _tkinter"
+       use xml       || disable+=" _elementtree pyexpat" # _elementtree uses pyexpat.
+       export PYTHON_DISABLE_MODULES="${disable}"
+
+       if ! use xml; then
+               ewarn "You have configured Python without XML support."
+               ewarn "This is NOT a recommended configuration as you"
+               ewarn "may face problems parsing any XML documents."
+       fi
+
+       if [[ -n "${PYTHON_DISABLE_MODULES}" ]]; then
+               einfo "Disabled modules: ${PYTHON_DISABLE_MODULES}"
+       fi
+
+       if [[ "$(gcc-major-version)" -ge 4 ]]; then
+               append-flags -fwrapv
+       fi
+
+       filter-flags -malign-double
+
+       # https://bugs.gentoo.org/show_bug.cgi?id=50309
+       if is-flagq -O3; then
+               is-flagq -fstack-protector-all && replace-flags -O3 -O2
+               use hardened && replace-flags -O3 -O2
+       fi
+
+       # Export CXX so it ends up in /usr/lib/python3.X/config/Makefile.
+       tc-export CXX
+
+       # Set LDFLAGS so we link modules with -lpython3.2 correctly.
+       # Needed on FreeBSD unless Python 3.2 is already installed.
+       # Please query BSD team before removing this!
+       append-ldflags "-L."
+
+       local dbmliborder
+       if use gdbm; then
+               dbmliborder+="${dbmliborder:+:}gdbm"
+       fi
+
+       local myeconfargs=(
+               # glibc-2.30 removes it; since we can't cleanly force-rebuild
+               # Python on glibc upgrade, remove it proactively to give
+               # a chance for users rebuilding python before glibc
+               ac_cv_header_stropts_h=no
+
+               --with-fpectl
+               --enable-shared
+               $(use_enable ipv6)
+               $(use_with threads)
+               --infodir='${prefix}/share/info'
+               --mandir='${prefix}/share/man'
+               --with-computed-gotos
+               --with-dbmliborder="${dbmliborder}"
+               --with-libc=
+               --enable-loadable-sqlite-extensions
+               --without-ensurepip
+               --with-system-expat
+               --with-system-ffi
+       )
+
+       OPT="" econf "${myeconfargs[@]}"
+
+       if use threads && grep -q "#define POSIX_SEMAPHORES_NOT_ENABLED 1" pyconfig.h; then
+               eerror "configure has detected that the sem_open function is broken."
+               eerror "Please ensure that /dev/shm is mounted as a tmpfs with mode 1777."
+               die "Broken sem_open function (bug 496328)"
+       fi
+}
+
+src_compile() {
+       # Ensure sed works as expected
+       # https://bugs.gentoo.org/594768
+       local -x LC_ALL=C
+
+       emake CPPFLAGS= CFLAGS= LDFLAGS=
+
+       # Work around bug 329499. See also bug 413751 and 457194.
+       if has_version dev-libs/libffi[pax_kernel]; then
+               pax-mark E python
+       else
+               pax-mark m python
+       fi
+}
+
+src_test() {
+       # Tests will not work when cross compiling.
+       if tc-is-cross-compiler; then
+               elog "Disabling tests due to crosscompiling."
+               return
+       fi
+
+       # Skip failing tests.
+       local skipped_tests="gdb"
+
+       for test in ${skipped_tests}; do
+               mv "${S}"/Lib/test/test_${test}.py "${T}"
+       done
+
+       # bug 660358
+       local -x COLUMNS=80
+
+       local -x PYTHONDONTWRITEBYTECODE=
+
+       emake test EXTRATESTOPTS="-u-network" CPPFLAGS= CFLAGS= LDFLAGS= < /dev/tty
+       local result=$?
+
+       for test in ${skipped_tests}; do
+               mv "${T}/test_${test}.py" "${S}"/Lib/test
+       done
+
+       elog "The following tests have been skipped:"
+       for test in ${skipped_tests}; do
+               elog "test_${test}.py"
+       done
+
+       elog "If you would like to run them, you may:"
+       elog "cd '${EPREFIX}/usr/$(get_libdir)/python${PYVER}/test'"
+       elog "and run the tests separately."
+
+       if [[ ${result} -ne 0 ]]; then
+               die "emake test failed"
+       fi
+}
+
+src_install() {
+       local libdir=${ED}/usr/$(get_libdir)/python${PYVER}
+
+       emake DESTDIR="${D}" altinstall
+
+       # Remove static library
+       rm "${ED}"/usr/$(get_libdir)/libpython*.a || die
+
+       sed \
+               -e "s/\(CONFIGURE_LDFLAGS=\).*/\1/" \
+               -e "s/\(PY_LDFLAGS=\).*/\1/" \
+               -i "${libdir}/config-${PYVER}"*/Makefile || die "sed failed"
+
+       # Fix collisions between different slots of Python.
+       rm "${ED}/usr/$(get_libdir)/libpython3.so" || die
+
+       # Cheap hack to get version with ABIFLAGS
+       local abiver=$(cd "${ED}/usr/include"; echo python*)
+       if [[ ${abiver} != python${PYVER} ]]; then
+               # Replace python3.X with a symlink to python3.Xm
+               rm "${ED}/usr/bin/python${PYVER}" || die
+               dosym "${abiver}" "/usr/bin/python${PYVER}"
+               # Create python3.X-config symlink
+               dosym "${abiver}-config" "/usr/bin/python${PYVER}-config"
+               # Create python-3.5m.pc symlink
+               dosym "python-${PYVER}.pc" "/usr/$(get_libdir)/pkgconfig/${abiver/${PYVER}/-${PYVER}}.pc"
+       fi
+
+       # python seems to get rebuilt in src_install (bug 569908)
+       # Work around it for now.
+       if has_version dev-libs/libffi[pax_kernel]; then
+               pax-mark E "${ED}/usr/bin/${abiver}"
+       else
+               pax-mark m "${ED}/usr/bin/${abiver}"
+       fi
+
+       use sqlite || rm -r "${libdir}/"{sqlite3,test/test_sqlite*} || die
+       use tk || rm -r "${ED}/usr/bin/idle${PYVER}" "${libdir}/"{idlelib,tkinter,test/test_tk*} || die
+
+       use threads || rm -r "${libdir}/multiprocessing" || die
+       use wininst || rm "${libdir}/distutils/command/"wininst-*.exe || die
+
+       dodoc Misc/{ACKS,HISTORY,NEWS}
+
+       if use examples; then
+               docinto examples
+               find Tools -name __pycache__ -exec rm -fr {} + || die
+               dodoc -r Tools
+       fi
+       insinto /usr/share/gdb/auto-load/usr/$(get_libdir) #443510
+       local libname=$(printf 'e:\n\t@echo $(INSTSONAME)\ninclude Makefile\n' | \
+               emake --no-print-directory -s -f - 2>/dev/null)
+       newins "${S}"/Tools/gdb/libpython.py "${libname}"-gdb.py
+
+       newconfd "${FILESDIR}/pydoc.conf" pydoc-${PYVER}
+       newinitd "${FILESDIR}/pydoc.init" pydoc-${PYVER}
+       sed \
+               -e "s:@PYDOC_PORT_VARIABLE@:PYDOC${PYVER/./_}_PORT:" \
+               -e "s:@PYDOC@:pydoc${PYVER}:" \
+               -i "${ED}/etc/conf.d/pydoc-${PYVER}" \
+               "${ED}/etc/init.d/pydoc-${PYVER}" || die "sed failed"
+
+       # for python-exec
+       local vars=( EPYTHON PYTHON_SITEDIR PYTHON_SCRIPTDIR )
+
+       # if not using a cross-compiler, use the fresh binary
+       if ! tc-is-cross-compiler; then
+               local -x PYTHON=./python
+               local -x LD_LIBRARY_PATH=${LD_LIBRARY_PATH+${LD_LIBRARY_PATH}:}${PWD}
+       else
+               vars=( PYTHON "${vars[@]}" )
+       fi
+
+       python_export "python${PYVER}" "${vars[@]}"
+       echo "EPYTHON='${EPYTHON}'" > epython.py || die
+       python_domodule epython.py
+
+       # python-exec wrapping support
+       local pymajor=${PYVER%.*}
+       mkdir -p "${D}${PYTHON_SCRIPTDIR}" || die
+       # python and pythonX
+       ln -s "../../../bin/${abiver}" \
+               "${D}${PYTHON_SCRIPTDIR}/python${pymajor}" || die
+       ln -s "python${pymajor}" "${D}${PYTHON_SCRIPTDIR}/python" || die
+       # python-config and pythonX-config
+       # note: we need to create a wrapper rather than symlinking it due
+       # to some random dirname(argv[0]) magic performed by python-config
+       cat > "${D}${PYTHON_SCRIPTDIR}/python${pymajor}-config" <<-EOF || die
+               #!/bin/sh
+               exec "${abiver}-config" "\${@}"
+       EOF
+       chmod +x "${D}${PYTHON_SCRIPTDIR}/python${pymajor}-config" || die
+       ln -s "python${pymajor}-config" \
+               "${D}${PYTHON_SCRIPTDIR}/python-config" || die
+       # 2to3, pydoc, pyvenv
+       ln -s "../../../bin/2to3-${PYVER}" \
+               "${D}${PYTHON_SCRIPTDIR}/2to3" || die
+       ln -s "../../../bin/pydoc${PYVER}" \
+               "${D}${PYTHON_SCRIPTDIR}/pydoc" || die
+       ln -s "../../../bin/pyvenv-${PYVER}" \
+               "${D}${PYTHON_SCRIPTDIR}/pyvenv" || die
+       # idle
+       if use tk; then
+               ln -s "../../../bin/idle${PYVER}" \
+                       "${D}${PYTHON_SCRIPTDIR}/idle" || die
+       fi
+}
+
+pkg_preinst() {
+       if has_version "<${CATEGORY}/${PN}-${PYVER}" && ! has_version ">=${CATEGORY}/${PN}-${PYVER}_alpha"; then
+               python_updater_warning="1"
+       fi
+}
+
+eselect_python_update() {
+       if [[ -z "$(eselect python show)" || \
+                       ! -f "${EROOT}/usr/bin/$(eselect python show)" ]]; then
+               eselect python update
+       fi
+
+       if [[ -z "$(eselect python show --python${PV%%.*})" || \
+                       ! -f "${EROOT}/usr/bin/$(eselect python show --python${PV%%.*})" ]]
+       then
+               eselect python update --python${PV%%.*}
+       fi
+}
+
+pkg_postinst() {
+       eselect_python_update
+
+       if [[ "${python_updater_warning}" == "1" ]]; then
+               ewarn "You have just upgraded from an older version of Python."
+               ewarn
+               ewarn "Please adjust PYTHON_TARGETS (if so desired), and run emerge with the --newuse or --changed-use option to rebuild packages installing python modules."
+       fi
+}
+
+pkg_postrm() {
+       eselect_python_update
+}