[gentoo-commits] repo/proj/prefix:master commit in: dev-lang/python/files/, dev-lang/python/

["Fabian Groffen" <grobian@gentoo.org>]

commit:     4f2fcfa4b0c76edea07e6736bf45fc081319c867
Author:     Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Thu May  3 13:05:22 2018 +0000
Commit:     Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Thu May  3 13:05:22 2018 +0000
URL:        https://gitweb.gentoo.org/repo/proj/prefix.git/commit/?id=4f2fcfa4

dev-lang/python: add missing patches for 3.6

Package-Manager: Portage-2.3.18-prefix, Repoman-2.3.6

 dev-lang/python/Manifest                           |   2 +-
 dev-lang/python/files/3.6.5-disable-nis.patch      |  11 ++
 .../python/files/python-3.6.5-hash-unaligned.patch |  42 ++++++++
 .../python-3.6.5-libressl-compatibility.patch      | 114 +++++++++++++++++++++
 dev-lang/python/python-3.6.5-r1.ebuild             |   3 +-
 5 files changed, 169 insertions(+), 3 deletions(-)

diff --git a/dev-lang/python/Manifest b/dev-lang/python/Manifest
index a69a27b9fa..3ed1a4ef38 100644
--- a/dev-lang/python/Manifest
+++ b/dev-lang/python/Manifest
@@ -12,4 +12,4 @@ DIST python-gentoo-patches-3.6.4.tar.xz 12888 BLAKE2B 7cf49ae22df53e855f2e99df51
 DIST python-prefix-2.7.14-gentoo-patches-r0.tar.xz 14736 BLAKE2B 75422fc7390f559d9864f6e22a0b85982ccbdb07d5f2507db8e528285e56d1f11d4bc0b21a0b78d5340eafd562220d2f1b9d0a78b1f7c811c5689a426a81f9f3 SHA512 bf8e5039fff834d03a5a671269905f1ea10961995f2327ea023f6ad4d9b49bf210ec746ac6f45a01ff7501f1eb616013951d164410f6c64bce04df0e8b9715c8
 DIST python-prefix-3.4.8-gentoo-patches-r0.tar.xz 12928 BLAKE2B d270f27485a70b4186c0d509836f66e6ae8218270cbb0a473b4579de7a8d9fa16eb2387d0441979aa62fc88e54a52f863c58d91b3df64dd6a40ad4bc4236cbb2 SHA512 84554d2b320922d7ac6e20012f847a81d6501693a4d9f2146faa8764fca4fbc5e3bf1c0f352853f1ab34ed905ab13097f2e82285ada54c9b4e219e72b39804c2
 DIST python-prefix-3.5.4-gentoo-patches-r0.tar.xz 12768 BLAKE2B ab0cbc5430e9588f71cfd7b001a07f9a77097262f17e1f980e3945e39855e1c9437117bf4eb2d424dadf701d37d025e09627d7efdbb9f8867714039f62f261a7 SHA512 334cd8990483f973386cc6bbc962d2843449c493f7d33349fcc8f68120e246c52ea80236c99685555974e439fa877b537b32ef7d181198f58950f5e9b835b1c5
-DIST python-prefix-3.6.3-gentoo-patches-r0.tar.xz 12676 BLAKE2B 5221ae00d16db401d5674947923451d850978d930d9449d9b4f6ae6d117c26971e2f384c5a698b7acc8d62e6a6b673f4ec870da3788f87372593a5ac4897a227 SHA512 9d1673bc7b327be6b7e95491940eeeaa40db9e94f2183f4605a9a5a7fd2e187017164e9b2ef31f3bc8d694e467de6843706d3341b4ce24d4d8717513c246b62f
+DIST python-prefix-3.6.5-gentoo-patches-r0.tar.xz 12728 BLAKE2B 8193b5eb59aaa923be299e1a68c62a2341be6d2367eb34a8e03436248a0c180012ba60e738ded7ca7f58849cde070b364761922518a5cdc425602172291aa2b0 SHA512 3bb1a97885112fb853b9ad061f21ba1f661e397d5585d932ddebe3107267be512799f966aef92e599ce2c97a4d51ec48bb214aa999b370b8d5a594e6f92182b6

diff --git a/dev-lang/python/files/3.6.5-disable-nis.patch b/dev-lang/python/files/3.6.5-disable-nis.patch
new file mode 100644
index 0000000000..3937c6fe79
--- /dev/null
+++ b/dev-lang/python/files/3.6.5-disable-nis.patch
@@ -0,0 +1,11 @@
+--- a/setup.py
++++ b/setup.py
+@@ -1364,7 +1364,7 @@ class PyBuildExt(build_ext):
+         else:
+             missing.extend(['resource', 'termios'])
+ 
+-        nis = self._detect_nis(inc_dirs, lib_dirs)
++        nis = None
+         if nis is not None:
+             exts.append(nis)
+         else:

diff --git a/dev-lang/python/files/python-3.6.5-hash-unaligned.patch b/dev-lang/python/files/python-3.6.5-hash-unaligned.patch
new file mode 100644
index 0000000000..d096887cbf
--- /dev/null
+++ b/dev-lang/python/files/python-3.6.5-hash-unaligned.patch
@@ -0,0 +1,42 @@
+The hash implementation casts the input pointer to uint64_t* and directly reads
+from this, which may cause unaligned accesses. Use memcpy() instead so this code
+will not crash with SIGBUS on sparc.
+
+--- a/Python/pyhash.c	2017-11-29 10:21:20.283094068 +0100
++++ b/Python/pyhash.c	2017-11-29 10:24:26.733087813 +0100
+@@ -369,7 +369,7 @@
+     uint64_t k0 = _le64toh(_Py_HashSecret.siphash.k0);
+     uint64_t k1 = _le64toh(_Py_HashSecret.siphash.k1);
+     uint64_t b = (uint64_t)src_sz << 56;
+-    const uint64_t *in = (uint64_t*)src;
++    const uint8_t *in = (uint8_t*)src;
+ 
+     uint64_t v0 = k0 ^ 0x736f6d6570736575ULL;
+     uint64_t v1 = k1 ^ 0x646f72616e646f6dULL;
+@@ -378,11 +378,13 @@
+ 
+     uint64_t t;
+     uint8_t *pt;
+-    uint8_t *m;
++    const uint8_t *m;
+ 
+     while (src_sz >= 8) {
+-        uint64_t mi = _le64toh(*in);
+-        in += 1;
+-        src_sz -= 8;
++        uint64_t mi;
++        memcpy(&mi, in, sizeof(mi));
++        mi = _le64toh(mi);
++        in += sizeof(mi);
++        src_sz -= sizeof(mi);
+         v3 ^= mi;
+         DOUBLE_ROUND(v0,v1,v2,v3);
+@@ -391,7 +393,7 @@
+ 
+     t = 0;
+     pt = (uint8_t *)&t;
+-    m = (uint8_t *)in;
++    m = in;
+     switch (src_sz) {
+         case 7: pt[6] = m[6]; /* fall through */
+         case 6: pt[5] = m[5]; /* fall through */

diff --git a/dev-lang/python/files/python-3.6.5-libressl-compatibility.patch b/dev-lang/python/files/python-3.6.5-libressl-compatibility.patch
new file mode 100644
index 0000000000..2f9e6a2bef
--- /dev/null
+++ b/dev-lang/python/files/python-3.6.5-libressl-compatibility.patch
@@ -0,0 +1,114 @@
+From 8d89a385b71a2e4cce0fba0cfc8d91b63485edc5 Mon Sep 17 00:00:00 2001
+From: Christian Heimes <christian@python.org>
+Date: Sat, 24 Mar 2018 18:38:14 +0100
+Subject: [PATCH] [3.6] bpo-33127: Compatibility patch for LibreSSL 2.7.0
+ (GH-6210) (GH-6214)
+
+LibreSSL 2.7 introduced OpenSSL 1.1.0 API. The ssl module now detects
+LibreSSL 2.7 and only provides API shims for OpenSSL < 1.1.0 and
+LibreSSL < 2.7.
+
+Documentation updates and fixes for failing tests will be provided in
+another patch set.
+
+Signed-off-by: Christian Heimes <christian@python.org>.
+(cherry picked from commit 4ca0739c9d97ac7cd45499e0d31be68dc659d0e1)
+
+Co-authored-by: Christian Heimes <christian@python.org>
+---
+ Lib/test/test_ssl.py                          |  1 +
+ .../2018-03-24-15-08-24.bpo-33127.olJmHv.rst  |  1 +
+ Modules/_ssl.c                                | 24 ++++++++++++-------
+ Tools/ssl/multissltests.py                    |  3 ++-
+ 4 files changed, 20 insertions(+), 9 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Library/2018-03-24-15-08-24.bpo-33127.olJmHv.rst
+
+diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
+index 8dd3b41450..9785a59a7e 100644
+--- a/Lib/test/test_ssl.py
++++ b/Lib/test/test_ssl.py
+@@ -1687,6 +1687,7 @@ class SimpleBackgroundTests(unittest.TestCase):
+         self.assertEqual(len(ctx.get_ca_certs()), 1)
+ 
+     @needs_sni
++    @unittest.skipUnless(hasattr(ssl, "PROTOCOL_TLSv1_2"), "needs TLS 1.2")
+     def test_context_setget(self):
+         # Check that the context of a connected socket can be replaced.
+         ctx1 = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
+diff --git a/Misc/NEWS.d/next/Library/2018-03-24-15-08-24.bpo-33127.olJmHv.rst b/Misc/NEWS.d/next/Library/2018-03-24-15-08-24.bpo-33127.olJmHv.rst
+new file mode 100644
+index 0000000000..635aabbde0
+--- /dev/null
++++ b/Misc/NEWS.d/next/Library/2018-03-24-15-08-24.bpo-33127.olJmHv.rst
+@@ -0,0 +1 @@
++The ssl module now compiles with LibreSSL 2.7.1.
+diff --git a/Modules/_ssl.c b/Modules/_ssl.c
+index c54e43c2b4..5e007da858 100644
+--- a/Modules/_ssl.c
++++ b/Modules/_ssl.c
+@@ -106,6 +106,12 @@ struct py_ssl_library_code {
+ 
+ #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
+ #  define OPENSSL_VERSION_1_1 1
++#  define PY_OPENSSL_1_1_API 1
++#endif
++
++/* LibreSSL 2.7.0 provides necessary OpenSSL 1.1.0 APIs */
++#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL
++#  define PY_OPENSSL_1_1_API 1
+ #endif
+ 
+ /* Openssl comes with TLSv1.1 and TLSv1.2 between 1.0.0h and 1.0.1
+@@ -152,16 +158,18 @@ struct py_ssl_library_code {
+ #define INVALID_SOCKET (-1)
+ #endif
+ 
+-#ifdef OPENSSL_VERSION_1_1
+-/* OpenSSL 1.1.0+ */
+-#ifndef OPENSSL_NO_SSL2
+-#define OPENSSL_NO_SSL2
+-#endif
+-#else /* OpenSSL < 1.1.0 */
+-#if defined(WITH_THREAD)
++/* OpenSSL 1.0.2 and LibreSSL needs extra code for locking */
++#if !defined(OPENSSL_VERSION_1_1) && defined(WITH_THREAD)
+ #define HAVE_OPENSSL_CRYPTO_LOCK
+ #endif
+ 
++#if defined(OPENSSL_VERSION_1_1) && !defined(OPENSSL_NO_SSL2)
++#define OPENSSL_NO_SSL2
++#endif
++
++#ifndef PY_OPENSSL_1_1_API
++/* OpenSSL 1.1 API shims for OpenSSL < 1.1.0 and LibreSSL < 2.7.0 */
++
+ #define TLS_method SSLv23_method
+ #define TLS_client_method SSLv23_client_method
+ #define TLS_server_method SSLv23_server_method
+@@ -227,7 +235,7 @@ SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *s)
+     return s->tlsext_tick_lifetime_hint;
+ }
+ 
+-#endif /* OpenSSL < 1.1.0 or LibreSSL */
++#endif /* OpenSSL < 1.1.0 or LibreSSL < 2.7.0 */
+ 
+ 
+ enum py_ssl_error {
+diff --git a/Tools/ssl/multissltests.py b/Tools/ssl/multissltests.py
+index ce5bbd8530..ba4529ae06 100755
+--- a/Tools/ssl/multissltests.py
++++ b/Tools/ssl/multissltests.py
+@@ -57,8 +57,9 @@ LIBRESSL_OLD_VERSIONS = [
+ ]
+ 
+ LIBRESSL_RECENT_VERSIONS = [
+-    "2.5.3",
+     "2.5.5",
++    "2.6.4",
++    "2.7.1",
+ ]
+ 
+ # store files in ../multissl
+-- 
+2.17.0
+

diff --git a/dev-lang/python/python-3.6.5-r1.ebuild b/dev-lang/python/python-3.6.5-r1.ebuild
index b23636b07f..bc82204e5a 100644
--- a/dev-lang/python/python-3.6.5-r1.ebuild
+++ b/dev-lang/python/python-3.6.5-r1.ebuild
@@ -8,7 +8,7 @@ inherit autotools flag-o-matic pax-utils python-utils-r1 toolchain-funcs epatch
 
 MY_P="Python-${PV}"
 PATCHSET_VERSION="3.6.4"
-PREFIX_PATCHREV="3.6.3-gentoo-patches-r0"
+PREFIX_PATCHREV="3.6.5-gentoo-patches-r0"
 
 DESCRIPTION="An interpreted, interactive, object-oriented programming language"
 HOMEPAGE="https://www.python.org/"
@@ -77,7 +77,6 @@ src_prepare() {
 	default
 
 	# Prefix' round of patches
-	# http://prefix.gentooexperimental.org:8000/python-patches-3_3
 	EPATCH_EXCLUDE="${excluded_patches}" EPATCH_SUFFIX="patch" \
 		epatch "${WORKDIR}"/python-prefix-${PREFIX_PATCHREV}