From f5250ecae71c9215886d2cf76d00c9f0662532be Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Tue, 5 Nov 2013 12:39:14 +0100 Subject: [PATCH 01/32] Update to Python 3.4 alpha 4. - Refreshed patches: 55 (systemtap), 102 (lib64), 111 (no static lib), 114 (statvfs flags), 132 (unittest rpmbuild hooks), 134 (fix COUNT_ALLOCS in test_sys), 143 (tsc on ppc64), 146 (hashlib fips), 153 (test gdb noise), 157 (UID+GID overflows), 173 (ENOPROTOOPT in bind_port), 186 (dont raise from py_compile) - Removed patches: 129 (test_subprocess nonreadable dir - no longer fails in Koji), 142 (the mock issue that caused this is fixed) - Added patch 187 (remove thread atfork) - will be in next version - Refreshed script for checking pyc and pyo timestamps with new ignored files. - The fips patch is disabled for now until upstream makes a final decision what to do with sha3 implementation for 3.4.0. --- 00055-systemtap.patch | 6 +- 00111-no-static-lib.patch | 4 +- 00114-statvfs-f_flag-constants.patch | 22 +- 00132-add-rpmbuild-hooks-to-unittest.patch | 6 +- ...fix-COUNT_ALLOCS-failure-in-test_sys.patch | 4 +- ...2-skip-failing-pty-tests-in-rpmbuild.patch | 22 -- 00143-tsc-on-ppc.patch | 2 +- 00146-hashlib-fips.patch | 29 ++- 00153-fix-test_gdb-noise.patch | 2 +- 00157-uid-gid-overflows.patch | 12 +- ...-workaround-ENOPROTOOPT-in-bind_port.patch | 5 +- 00182-fix-test_gdb-test_threads.patch | 13 - ...2013-2099-fix-ssl-match_hostname-dos.patch | 49 ---- ...-hostname-check-bypass-in-SSL-module.patch | 241 ------------------ 00186-dont-raise-from-py_compile.patch | 33 +-- 00187-remove-pthread-atfork.patch | 89 +++++++ check-pyc-and-pyo-timestamps.py | 2 + ...subprocess-with-nonreadable-path-dir.patch | 12 - python-3.3.0b1-lib64.patch | 6 +- python3.spec | 95 +++---- 20 files changed, 192 insertions(+), 462 deletions(-) delete mode 100644 00142-skip-failing-pty-tests-in-rpmbuild.patch delete mode 100644 00182-fix-test_gdb-test_threads.patch delete mode 100644 00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch delete mode 100644 00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch create mode 100644 00187-remove-pthread-atfork.patch delete mode 100644 python-3.2.1-fix-test-subprocess-with-nonreadable-path-dir.patch diff --git a/00055-systemtap.patch b/00055-systemtap.patch index 90b876b..ddd5e77 100644 --- a/00055-systemtap.patch +++ b/00055-systemtap.patch @@ -650,8 +650,8 @@ diff -up Python-3.3.0rc2/Makefile.pre.in.systemtap Python-3.3.0rc2/Makefile.pre. +Python/ceval.o: $(OPCODETARGETS_H) $(srcdir)/Python/ceval_gil.h \ + $(srcdir)/Python/ceval_systemtap.h @SYSTEMTAPDEPS@ - Python/formatter_unicode.o: $(srcdir)/Python/formatter_unicode.c \ - $(BYTESTR_DEPS) + Python/frozen.o: Python/importlib.h + @@ -724,6 +726,13 @@ Objects/typeobject.o: $(srcdir)/Objects/ Objects/typeslots.inc: $(srcdir)/Include/typeslots.h $(srcdir)/Objects/typeslots.py $(PYTHON) $(srcdir)/Objects/typeslots.py < $(srcdir)/Include/typeslots.h > Objects/typeslots.inc @@ -735,8 +735,8 @@ diff -up Python-3.3.0rc2/Python/ceval.c.systemtap Python-3.3.0rc2/Python/ceval.c + } + Py_LeaveRecursiveCall(); + f->f_executing = 0; tstate->frame = f->f_back; - diff -up Python-3.3.0rc2/Python/ceval_systemtap.h.systemtap Python-3.3.0rc2/Python/ceval_systemtap.h --- Python-3.3.0rc2/Python/ceval_systemtap.h.systemtap 2012-09-10 09:17:21.122511781 -0400 +++ Python-3.3.0rc2/Python/ceval_systemtap.h 2012-09-10 09:17:21.122511781 -0400 diff --git a/00111-no-static-lib.patch b/00111-no-static-lib.patch index bd63852..f74bc87 100644 --- a/00111-no-static-lib.patch +++ b/00111-no-static-lib.patch @@ -2,7 +2,7 @@ diff -up cpython-59223da36dec/Makefile.pre.in.no-static-lib cpython-59223da36dec --- cpython-59223da36dec/Makefile.pre.in.no-static-lib 2012-08-07 16:43:43.296466422 -0400 +++ cpython-59223da36dec/Makefile.pre.in 2012-08-07 16:44:13.299464371 -0400 @@ -464,7 +464,7 @@ coverage: - + $(MAKE) coverage-lcov # Build the interpreter -$(BUILDPYTHON): Modules/python.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) @@ -11,7 +11,7 @@ diff -up cpython-59223da36dec/Makefile.pre.in.no-static-lib cpython-59223da36dec platform: $(BUILDPYTHON) pybuilddir.txt @@ -480,18 +480,6 @@ sharedmods: $(BUILDPYTHON) $(SYSCONFIGDA - $(RUNSHARED) CC='$(CC)' LDSHARED='$(BLDSHARED)' OPT='$(OPT)' \ + _TCLTK_INCLUDES='$(TCLTK_INCLUDES)' _TCLTK_LIBS='$(TCLTK_LIBS)' \ $(PYTHON_FOR_BUILD) $(srcdir)/setup.py $$quiet build -# Build static library diff --git a/00114-statvfs-f_flag-constants.patch b/00114-statvfs-f_flag-constants.patch index af0d780..ea99e08 100644 --- a/00114-statvfs-f_flag-constants.patch +++ b/00114-statvfs-f_flag-constants.patch @@ -2,38 +2,38 @@ diff -up Python-3.3.0b1/Modules/posixmodule.c.statvfs-f_flag-constants Python-3. --- Python-3.3.0b1/Modules/posixmodule.c.statvfs-f_flag-constants 2012-06-26 16:19:54.000000000 -0400 +++ Python-3.3.0b1/Modules/posixmodule.c 2012-07-20 13:39:18.595546387 -0400 @@ -11665,6 +11665,35 @@ all_ins(PyObject *d) - if (ins(d, "ST_NOSUID", (long)ST_NOSUID)) return -1; + if (PyModule_AddIntMacro(m, ST_NOSUID)) return -1; #endif /* ST_NOSUID */ + /* GNU extensions */ +#ifdef ST_NODEV -+ if (ins(d, "ST_NODEV", (long)ST_NODEV)) return -1; ++ if (PyModule_AddIntMacro(m, ST_NODEV)) return -1; +#endif /* ST_NODEV */ +#ifdef ST_NOEXEC -+ if (ins(d, "ST_NOEXEC", (long)ST_NOEXEC)) return -1; ++ if (PyModule_AddIntMacro(m, ST_NOEXEC)) return -1; +#endif /* ST_NOEXEC */ +#ifdef ST_SYNCHRONOUS -+ if (ins(d, "ST_SYNCHRONOUS", (long)ST_SYNCHRONOUS)) return -1; ++ if (PyModule_AddIntMacro(m, ST_SYNCHRONOUS)) return -1; +#endif /* ST_SYNCHRONOUS */ +#ifdef ST_MANDLOCK -+ if (ins(d, "ST_MANDLOCK", (long)ST_MANDLOCK)) return -1; ++ if (PyModule_AddIntMacro(m, ST_MANDLOCK)) return -1; +#endif /* ST_MANDLOCK */ +#ifdef ST_WRITE -+ if (ins(d, "ST_WRITE", (long)ST_WRITE)) return -1; ++ if (PyModule_AddIntMacro(m, ST_WRITE)) return -1; +#endif /* ST_WRITE */ +#ifdef ST_APPEND -+ if (ins(d, "ST_APPEND", (long)ST_APPEND)) return -1; ++ if (PyModule_AddIntMacro(m, ST_APPEND)) return -1; +#endif /* ST_APPEND */ +#ifdef ST_NOATIME -+ if (ins(d, "ST_NOATIME", (long)ST_NOATIME)) return -1; ++ if (PyModule_AddIntMacro(m, ST_NOATIME)) return -1; +#endif /* ST_NOATIME */ +#ifdef ST_NODIRATIME -+ if (ins(d, "ST_NODIRATIME", (long)ST_NODIRATIME)) return -1; ++ if (PyModule_AddIntMacro(m, ST_NODIRATIME)) return -1; +#endif /* ST_NODIRATIME */ +#ifdef ST_RELATIME -+ if (ins(d, "ST_RELATIME", (long)ST_RELATIME)) return -1; ++ if (PyModule_AddIntMacro(m, ST_RELATIME)) return -1; +#endif /* ST_RELATIME */ + /* FreeBSD sendfile() constants */ #ifdef SF_NODISKIO - if (ins(d, "SF_NODISKIO", (long)SF_NODISKIO)) return -1; + if (PyModule_AddIntMacro(m, SF_NODISKIO)) return -1; diff --git a/00132-add-rpmbuild-hooks-to-unittest.patch b/00132-add-rpmbuild-hooks-to-unittest.patch index fdfbab8..20930ac 100644 --- a/00132-add-rpmbuild-hooks-to-unittest.patch +++ b/00132-add-rpmbuild-hooks-to-unittest.patch @@ -6,11 +6,11 @@ diff -up Python-3.2.2/Lib/unittest/case.py.add-rpmbuild-hooks-to-unittest Python import functools import difflib +import os + import logging import pprint import re - import warnings @@ -101,6 +102,43 @@ def expectedFailure(func): - return wrapper + raise self.test_case.failureException(msg) +# Non-standard/downstream-only hooks for handling issues with specific test @@ -50,7 +50,7 @@ diff -up Python-3.2.2/Lib/unittest/case.py.add-rpmbuild-hooks-to-unittest Python + func(*args, **kwargs) + return wrapper + - class _AssertRaisesBaseContext(object): + class _AssertRaisesBaseContext(_BaseTestCaseContext): def __init__(self, expected, test_case, callable_obj=None, diff -up Python-3.2.2/Lib/unittest/__init__.py.add-rpmbuild-hooks-to-unittest Python-3.2.2/Lib/unittest/__init__.py diff --git a/00134-fix-COUNT_ALLOCS-failure-in-test_sys.patch b/00134-fix-COUNT_ALLOCS-failure-in-test_sys.patch index 087705c..afd8685 100644 --- a/00134-fix-COUNT_ALLOCS-failure-in-test_sys.patch +++ b/00134-fix-COUNT_ALLOCS-failure-in-test_sys.patch @@ -4,14 +4,14 @@ diff -up Python-3.3.0b2/Lib/test/test_sys.py.fix-COUNT_ALLOCS-failure-in-test_sy @@ -835,12 +835,17 @@ class SizeofTest(unittest.TestCase): # type # static type: PyTypeObject - s = vsize('P2n15Pl4Pn9Pn11PI') + s = vsize('P2n15Pl4Pn9Pn11PIP') + # COUNT_ALLOCS adds a further 3 Py_ssize_t and 2 pointers: + if hasattr(sys, 'getcounts'): + s += struct.calcsize('3P2P') check(int, s) # (PyTypeObject + PyNumberMethods + PyMappingMethods + # PySequenceMethods + PyBufferProcs + 4P) - s = vsize('P2n15Pl4Pn9Pn11PI') + struct.calcsize('34P 3P 10P 2P 4P') + s = vsize('P2n15Pl4Pn9Pn11PIP') + struct.calcsize('34P 3P 10P 2P 4P') # Separate block for PyDictKeysObject with 4 entries s += struct.calcsize("2nPn") + 4*struct.calcsize("n2P") + if hasattr(sys, 'getcounts'): diff --git a/00142-skip-failing-pty-tests-in-rpmbuild.patch b/00142-skip-failing-pty-tests-in-rpmbuild.patch deleted file mode 100644 index 414ffcd..0000000 --- a/00142-skip-failing-pty-tests-in-rpmbuild.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff -up Python-2.7.2/Lib/test/test_openpty.py.skip-failing-pty-tests-in-rpmbuild Python-2.7.2/Lib/test/test_openpty.py ---- Python-2.7.2/Lib/test/test_openpty.py.skip-failing-pty-tests-in-rpmbuild 2011-09-09 05:09:28.698920379 -0400 -+++ Python-2.7.2/Lib/test/test_openpty.py 2011-09-09 05:10:54.805914490 -0400 -@@ -8,6 +8,7 @@ if not hasattr(os, "openpty"): - - - class OpenptyTest(unittest.TestCase): -+ @unittest._skipInRpmBuild('sometimes fails in Koji, possibly due to a mock issue (rhbz#714627)') - def test(self): - master, slave = os.openpty() - if not os.isatty(slave): -diff -up Python-2.7.2/Lib/test/test_pty.py.skip-failing-pty-tests-in-rpmbuild Python-2.7.2/Lib/test/test_pty.py ---- Python-2.7.2/Lib/test/test_pty.py.skip-failing-pty-tests-in-rpmbuild 2011-09-09 05:09:36.781919825 -0400 -+++ Python-2.7.2/Lib/test/test_pty.py 2011-09-09 05:11:14.741913127 -0400 -@@ -109,6 +109,7 @@ class PtyTest(unittest.TestCase): - os.close(master_fd) - - -+ @unittest._skipInRpmBuild('sometimes fails in Koji, possibly due to a mock issue (rhbz#714627)') - def test_fork(self): - debug("calling pty.fork()") - pid, master_fd = pty.fork() diff --git a/00143-tsc-on-ppc.patch b/00143-tsc-on-ppc.patch index 447c6e3..7d3e876 100644 --- a/00143-tsc-on-ppc.patch +++ b/00143-tsc-on-ppc.patch @@ -31,7 +31,7 @@ diff -up Python-2.7.2/Python/ceval.c.tsc-on-ppc Python-2.7.2/Python/ceval.c -ppc_getcounter(uint64 *v) +ppc32_getcounter(uint64 *v) { -- register unsigned long tbu, tb, tbu2; +- unsigned long tbu, tb, tbu2; + union { long long ll; long ii[2]; } u; + long tmp; diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch index f22d9bd..18b6a44 100644 --- a/00146-hashlib-fips.patch +++ b/00146-hashlib-fips.patch @@ -73,9 +73,9 @@ diff -up Python-3.2.2/Lib/hashlib.py.hashlib-fips Python-3.2.2/Lib/hashlib.py diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/test/test_hashlib.py --- Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips 2011-09-03 12:16:43.000000000 -0400 +++ Python-3.2.2/Lib/test/test_hashlib.py 2011-09-14 01:45:48.462251974 -0400 -@@ -22,6 +22,19 @@ from test.support import _4G, precisionb - # Were we compiled --with-pydebug or with #define Py_DEBUG? - COMPILED_WITH_PYDEBUG = hasattr(sys, 'gettotalrefcount') +@@ -22,6 +22,20 @@ from test.support import _4G, precisionb + c_hashlib = import_fresh_module('hashlib', fresh=['_hashlib']) + py_hashlib = import_fresh_module('hashlib', blocked=['_hashlib']) +def openssl_enforces_fips(): + # Use the "openssl" command (if present) to try to determine if the local @@ -90,9 +90,10 @@ diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/tes + stdout, stderr = p.communicate(input=b'abc') + return b'unknown cipher' in stderr +OPENSSL_ENFORCES_FIPS = openssl_enforces_fips() - ++ def hexstr(s): assert isinstance(s, bytes), repr(s) + h = "0123456789abcdef" @@ -31,6 +44,16 @@ def hexstr(s): r += h[(i >> 4) & 0xF] + h[i & 0xF] return r @@ -146,15 +147,15 @@ diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/tes - self.constructors_to_test['sha384'].add(_sha512.sha384) - self.constructors_to_test['sha512'].add(_sha512.sha512) + constructors.add(suppress_fips(constructor)) - - super(HashLibTestCase, self).__init__(*args, **kwargs) - + _sha3 = self._conditional_import_module('_sha3') + if _sha3: + self.constructors_to_test['sha3_224'].add(_sha3.sha3_224) @@ -138,7 +146,7 @@ class HashLibTestCase(unittest.TestCase) def test_hexdigest(self): - for name in self.supported_hash_names: -- h = hashlib.new(name) -+ h = hashlib.new(name, usedforsecurity=False) + for cons in self.hash_constructors: +- h = cons() ++ h = cons(usedforsecurity=False) assert isinstance(h.digest(), bytes), name self.assertEqual(hexstr(h.digest()), h.hexdigest()) @@ -162,14 +163,14 @@ diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/tes cees = b'c' * 126 for name in self.supported_hash_names: -- m1 = hashlib.new(name) -+ m1 = hashlib.new(name, usedforsecurity=False) +- m1 = cons() ++ m1 = cons(usedforsecurity=False) m1.update(aas) m1.update(bees) m1.update(cees) -- m2 = hashlib.new(name) -+ m2 = hashlib.new(name, usedforsecurity=False) +- m2 = cons() ++ m2 = cons(usedforsecurity=False) m2.update(aas + bees + cees) self.assertEqual(m1.digest(), m2.digest()) diff --git a/00153-fix-test_gdb-noise.patch b/00153-fix-test_gdb-noise.patch index 50a0917..87c9396 100644 --- a/00153-fix-test_gdb-noise.patch +++ b/00153-fix-test_gdb-noise.patch @@ -19,8 +19,8 @@ --- Lib/test/test_gdb.py.old 2012-04-11 21:04:01.367073855 -0400 +++ Lib/test/test_gdb.py 2012-04-12 08:52:58.320288761 -0400 @@ -144,6 +153,10 @@ - 'Do you need "set solib-search-path" or ' '"set sysroot"?', + 'warning: Source file is more recent than executable.', ) + ignore_patterns += ('warning: Unable to open', + 'Missing separate debuginfo for', diff --git a/00157-uid-gid-overflows.patch b/00157-uid-gid-overflows.patch index 0f48df5..bf82b60 100644 --- a/00157-uid-gid-overflows.patch +++ b/00157-uid-gid-overflows.patch @@ -4,35 +4,35 @@ diff -up Python-3.3.0b1/Lib/test/test_os.py.uid-gid-overflows Python-3.3.0b1/Lib @@ -1174,30 +1174,36 @@ if sys.platform != 'win32': def test_setuid(self): if os.getuid() != 0: - self.assertRaises(os.error, os.setuid, 0) + self.assertRaises(OSError, os.setuid, 0) + self.assertRaises(TypeError, os.setuid, 'not an int') self.assertRaises(OverflowError, os.setuid, 1<<32) if hasattr(os, 'setgid'): def test_setgid(self): if os.getuid() != 0 and not HAVE_WHEEL_GROUP: - self.assertRaises(os.error, os.setgid, 0) + self.assertRaises(OSError, os.setgid, 0) + self.assertRaises(TypeError, os.setgid, 'not an int') self.assertRaises(OverflowError, os.setgid, 1<<32) if hasattr(os, 'seteuid'): def test_seteuid(self): if os.getuid() != 0: - self.assertRaises(os.error, os.seteuid, 0) + self.assertRaises(OSError, os.seteuid, 0) + self.assertRaises(TypeError, os.seteuid, 'not an int') self.assertRaises(OverflowError, os.seteuid, 1<<32) if hasattr(os, 'setegid'): def test_setegid(self): if os.getuid() != 0 and not HAVE_WHEEL_GROUP: - self.assertRaises(os.error, os.setegid, 0) + self.assertRaises(OSError, os.setegid, 0) + self.assertRaises(TypeError, os.setegid, 'not an int') self.assertRaises(OverflowError, os.setegid, 1<<32) if hasattr(os, 'setreuid'): def test_setreuid(self): if os.getuid() != 0: - self.assertRaises(os.error, os.setreuid, 0, 0) + self.assertRaises(OSError, os.setreuid, 0, 0) + self.assertRaises(TypeError, os.setreuid, 'not an int', 0) + self.assertRaises(TypeError, os.setreuid, 0, 'not an int') self.assertRaises(OverflowError, os.setreuid, 1<<32, 0) @@ -41,7 +41,7 @@ diff -up Python-3.3.0b1/Lib/test/test_os.py.uid-gid-overflows Python-3.3.0b1/Lib @@ -1212,6 +1218,8 @@ if sys.platform != 'win32': def test_setregid(self): if os.getuid() != 0 and not HAVE_WHEEL_GROUP: - self.assertRaises(os.error, os.setregid, 0, 0) + self.assertRaises(OSError, os.setregid, 0, 0) + self.assertRaises(TypeError, os.setregid, 'not an int', 0) + self.assertRaises(TypeError, os.setregid, 0, 'not an int') self.assertRaises(OverflowError, os.setregid, 1<<32, 0) diff --git a/00173-workaround-ENOPROTOOPT-in-bind_port.patch b/00173-workaround-ENOPROTOOPT-in-bind_port.patch index a62c3a4..498322c 100644 --- a/00173-workaround-ENOPROTOOPT-in-bind_port.patch +++ b/00173-workaround-ENOPROTOOPT-in-bind_port.patch @@ -1,6 +1,6 @@ diff -up Python-3.3.0/Lib/test/support.py.rhbz913732 Python-3.3.0/Lib/test/support.py ---- Python-3.3.0/Lib/test/support.py.rhbz913732 2013-03-04 16:25:53.885258476 -0500 -+++ Python-3.3.0/Lib/test/support.py 2013-03-04 16:25:58.499258157 -0500 +--- Python-3.4.0a4/Lib/test/support/__init__.py.rhbz913732 2013-03-04 16:25:53.885258476 -0500 ++++ Python-3.4.0a4/Lib/test/support/__init__.py 2013-03-04 16:25:58.499258157 -0500 @@ -544,7 +544,8 @@ def bind_port(sock, host=HOST): if sock.getsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR) == 1: raise TestFailed("tests should never set the SO_REUSEADDR " \ @@ -11,4 +11,3 @@ diff -up Python-3.3.0/Lib/test/support.py.rhbz913732 Python-3.3.0/Lib/test/suppo if sock.getsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT) == 1: raise TestFailed("tests should never set the SO_REUSEPORT " \ "socket option on TCP/IP sockets!") -diff -up Python-3.3.0/Lib/test/test_support.py.rhbz913732 Python-3.3.0/Lib/test/test_support.py diff --git a/00182-fix-test_gdb-test_threads.patch b/00182-fix-test_gdb-test_threads.patch deleted file mode 100644 index 41de5b2..0000000 --- a/00182-fix-test_gdb-test_threads.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -up Python-3.3.1/Misc/NEWS.fix-test_gdb-test_threads Python-3.3.1/Misc/NEWS -diff -up Python-3.3.1/Tools/gdb/libpython.py.fix-test_gdb-test_threads Python-3.3.1/Tools/gdb/libpython.py ---- Python-3.3.1/Tools/gdb/libpython.py.fix-test_gdb-test_threads 2013-05-09 12:12:01.621592211 -0400 -+++ Python-3.3.1/Tools/gdb/libpython.py 2013-05-09 12:12:01.632592209 -0400 -@@ -1465,7 +1465,7 @@ class Frame(object): - # This assumes the _POSIX_THREADS version of Python/ceval_gil.h: - name = self._gdbframe.name() - if name: -- return name.startswith('pthread_cond_timedwait') -+ return 'pthread_cond_timedwait' in name - - def is_gc_collect(self): - '''Is this frame "collect" within the garbage-collector?''' diff --git a/00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch b/00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch deleted file mode 100644 index 888b43b..0000000 --- a/00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch +++ /dev/null @@ -1,49 +0,0 @@ -# HG changeset patch -# User Antoine Pitrou -# Date 1368892602 -7200 -# Node ID c627638753e2d25a98950585b259104a025937a9 -# Parent 9682241dc8fcb4b1aef083bd30860efa070c3d6d -Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099). - -diff --git a/Lib/ssl.py b/Lib/ssl.py ---- a/Lib/ssl.py -+++ b/Lib/ssl.py -@@ -129,9 +129,16 @@ class CertificateError(ValueError): - pass - - --def _dnsname_to_pat(dn): -+def _dnsname_to_pat(dn, max_wildcards=1): - pats = [] - for frag in dn.split(r'.'): -+ if frag.count('*') > max_wildcards: -+ # Issue #17980: avoid denials of service by refusing more -+ # than one wildcard per fragment. A survery of established -+ # policy among SSL implementations showed it to be a -+ # reasonable choice. -+ raise CertificateError( -+ "too many wildcards in certificate DNS name: " + repr(dn)) - if frag == '*': - # When '*' is a fragment by itself, it matches a non-empty dotless - # fragment. -diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py ---- a/Lib/test/test_ssl.py -+++ b/Lib/test/test_ssl.py -@@ -349,6 +349,17 @@ class BasicSocketTests(unittest.TestCase - self.assertRaises(ValueError, ssl.match_hostname, None, 'example.com') - self.assertRaises(ValueError, ssl.match_hostname, {}, 'example.com') - -+ # Issue #17980: avoid denials of service by refusing more than one -+ # wildcard per fragment. -+ cert = {'subject': ((('commonName', 'a*b.com'),),)} -+ ok(cert, 'axxb.com') -+ cert = {'subject': ((('commonName', 'a*b.co*'),),)} -+ ok(cert, 'axxb.com') -+ cert = {'subject': ((('commonName', 'a*b*.com'),),)} -+ with self.assertRaises(ssl.CertificateError) as cm: -+ ssl.match_hostname(cert, 'axxbxxc.com') -+ self.assertIn("too many wildcards", str(cm.exception)) -+ - def test_server_side(self): - # server_hostname doesn't work for server sockets - ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) diff --git a/00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch b/00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch deleted file mode 100644 index 41db4d2..0000000 --- a/00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch +++ /dev/null @@ -1,241 +0,0 @@ -diff -r e0f86c3b3685 Lib/test/nullbytecert.pem ---- /dev/null Thu Jan 01 00:00:00 1970 +0000 -+++ b/Lib/test/nullbytecert.pem Sun Aug 11 18:17:23 2013 +0200 -@@ -0,0 +1,90 @@ -+Certificate: -+ Data: -+ Version: 3 (0x2) -+ Serial Number: 0 (0x0) -+ Signature Algorithm: sha1WithRSAEncryption -+ Issuer: C=US, ST=Oregon, L=Beaverton, O=Python Software Foundation, OU=Python Core Development, CN=null.python.org\x00example.org/emailAddress=python-dev@python.org -+ Validity -+ Not Before: Aug 7 13:11:52 2013 GMT -+ Not After : Aug 7 13:12:52 2013 GMT -+ Subject: C=US, ST=Oregon, L=Beaverton, O=Python Software Foundation, OU=Python Core Development, CN=null.python.org\x00example.org/emailAddress=python-dev@python.org -+ Subject Public Key Info: -+ Public Key Algorithm: rsaEncryption -+ Public-Key: (2048 bit) -+ Modulus: -+ 00:b5:ea:ed:c9:fb:46:7d:6f:3b:76:80:dd:3a:f3: -+ 03:94:0b:a7:a6:db:ec:1d:df:ff:23:74:08:9d:97: -+ 16:3f:a3:a4:7b:3e:1b:0e:96:59:25:03:a7:26:e2: -+ 88:a9:cf:79:cd:f7:04:56:b0:ab:79:32:6e:59:c1: -+ 32:30:54:eb:58:a8:cb:91:f0:42:a5:64:27:cb:d4: -+ 56:31:88:52:ad:cf:bd:7f:f0:06:64:1f:cc:27:b8: -+ a3:8b:8c:f3:d8:29:1f:25:0b:f5:46:06:1b:ca:02: -+ 45:ad:7b:76:0a:9c:bf:bb:b9:ae:0d:16:ab:60:75: -+ ae:06:3e:9c:7c:31:dc:92:2f:29:1a:e0:4b:0c:91: -+ 90:6c:e9:37:c5:90:d7:2a:d7:97:15:a3:80:8f:5d: -+ 7b:49:8f:54:30:d4:97:2c:1c:5b:37:b5:ab:69:30: -+ 68:43:d3:33:78:4b:02:60:f5:3c:44:80:a1:8f:e7: -+ f0:0f:d1:5e:87:9e:46:cf:62:fc:f9:bf:0c:65:12: -+ f1:93:c8:35:79:3f:c8:ec:ec:47:f5:ef:be:44:d5: -+ ae:82:1e:2d:9a:9f:98:5a:67:65:e1:74:70:7c:cb: -+ d3:c2:ce:0e:45:49:27:dc:e3:2d:d4:fb:48:0e:2f: -+ 9e:77:b8:14:46:c0:c4:36:ca:02:ae:6a:91:8c:da: -+ 2f:85 -+ Exponent: 65537 (0x10001) -+ X509v3 extensions: -+ X509v3 Basic Constraints: critical -+ CA:FALSE -+ X509v3 Subject Key Identifier: -+ 88:5A:55:C0:52:FF:61:CD:52:A3:35:0F:EA:5A:9C:24:38:22:F7:5C -+ X509v3 Key Usage: -+ Digital Signature, Non Repudiation, Key Encipherment -+ X509v3 Subject Alternative Name: -+ ************************************************************* -+ WARNING: The values for DNS, email and URI are WRONG. OpenSSL -+ doesn't print the text after a NULL byte. -+ ************************************************************* -+ DNS:altnull.python.org, email:null@python.org, URI:http://null.python.org, IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1 -+ Signature Algorithm: sha1WithRSAEncryption -+ ac:4f:45:ef:7d:49:a8:21:70:8e:88:59:3e:d4:36:42:70:f5: -+ a3:bd:8b:d7:a8:d0:58:f6:31:4a:b1:a4:a6:dd:6f:d9:e8:44: -+ 3c:b6:0a:71:d6:7f:b1:08:61:9d:60:ce:75:cf:77:0c:d2:37: -+ 86:02:8d:5e:5d:f9:0f:71:b4:16:a8:c1:3d:23:1c:f1:11:b3: -+ 56:6e:ca:d0:8d:34:94:e6:87:2a:99:f2:ae:ae:cc:c2:e8:86: -+ de:08:a8:7f:c5:05:fa:6f:81:a7:82:e6:d0:53:9d:34:f4:ac: -+ 3e:40:fe:89:57:7a:29:a4:91:7e:0b:c6:51:31:e5:10:2f:a4: -+ 60:76:cd:95:51:1a:be:8b:a1:b0:fd:ad:52:bd:d7:1b:87:60: -+ d2:31:c7:17:c4:18:4f:2d:08:25:a3:a7:4f:b7:92:ca:e2:f5: -+ 25:f1:54:75:81:9d:b3:3d:61:a2:f7:da:ed:e1:c6:6f:2c:60: -+ 1f:d8:6f:c5:92:05:ab:c9:09:62:49:a9:14:ad:55:11:cc:d6: -+ 4a:19:94:99:97:37:1d:81:5f:8b:cf:a3:a8:96:44:51:08:3d: -+ 0b:05:65:12:eb:b6:70:80:88:48:72:4f:c6:c2:da:cf:cd:8e: -+ 5b:ba:97:2f:60:b4:96:56:49:5e:3a:43:76:63:04:be:2a:f6: -+ c1:ca:a9:94 -+-----BEGIN CERTIFICATE----- -+MIIE2DCCA8CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBxTELMAkGA1UEBhMCVVMx -+DzANBgNVBAgMBk9yZWdvbjESMBAGA1UEBwwJQmVhdmVydG9uMSMwIQYDVQQKDBpQ -+eXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEgMB4GA1UECwwXUHl0aG9uIENvcmUg -+RGV2ZWxvcG1lbnQxJDAiBgNVBAMMG251bGwucHl0aG9uLm9yZwBleGFtcGxlLm9y -+ZzEkMCIGCSqGSIb3DQEJARYVcHl0aG9uLWRldkBweXRob24ub3JnMB4XDTEzMDgw -+NzEzMTE1MloXDTEzMDgwNzEzMTI1MlowgcUxCzAJBgNVBAYTAlVTMQ8wDQYDVQQI -+DAZPcmVnb24xEjAQBgNVBAcMCUJlYXZlcnRvbjEjMCEGA1UECgwaUHl0aG9uIFNv -+ZnR3YXJlIEZvdW5kYXRpb24xIDAeBgNVBAsMF1B5dGhvbiBDb3JlIERldmVsb3Bt -+ZW50MSQwIgYDVQQDDBtudWxsLnB5dGhvbi5vcmcAZXhhbXBsZS5vcmcxJDAiBgkq -+hkiG9w0BCQEWFXB5dGhvbi1kZXZAcHl0aG9uLm9yZzCCASIwDQYJKoZIhvcNAQEB -+BQADggEPADCCAQoCggEBALXq7cn7Rn1vO3aA3TrzA5QLp6bb7B3f/yN0CJ2XFj+j -+pHs+Gw6WWSUDpybiiKnPec33BFawq3kyblnBMjBU61ioy5HwQqVkJ8vUVjGIUq3P -+vX/wBmQfzCe4o4uM89gpHyUL9UYGG8oCRa17dgqcv7u5rg0Wq2B1rgY+nHwx3JIv -+KRrgSwyRkGzpN8WQ1yrXlxWjgI9de0mPVDDUlywcWze1q2kwaEPTM3hLAmD1PESA -+oY/n8A/RXoeeRs9i/Pm/DGUS8ZPINXk/yOzsR/XvvkTVroIeLZqfmFpnZeF0cHzL -+08LODkVJJ9zjLdT7SA4vnne4FEbAxDbKAq5qkYzaL4UCAwEAAaOB0DCBzTAMBgNV -+HRMBAf8EAjAAMB0GA1UdDgQWBBSIWlXAUv9hzVKjNQ/qWpwkOCL3XDALBgNVHQ8E -+BAMCBeAwgZAGA1UdEQSBiDCBhYIeYWx0bnVsbC5weXRob24ub3JnAGV4YW1wbGUu -+Y29tgSBudWxsQHB5dGhvbi5vcmcAdXNlckBleGFtcGxlLm9yZ4YpaHR0cDovL251 -+bGwucHl0aG9uLm9yZwBodHRwOi8vZXhhbXBsZS5vcmeHBMAAAgGHECABDbgAAAAA -+AAAAAAAAAAEwDQYJKoZIhvcNAQEFBQADggEBAKxPRe99SaghcI6IWT7UNkJw9aO9 -+i9eo0Fj2MUqxpKbdb9noRDy2CnHWf7EIYZ1gznXPdwzSN4YCjV5d+Q9xtBaowT0j -+HPERs1ZuytCNNJTmhyqZ8q6uzMLoht4IqH/FBfpvgaeC5tBTnTT0rD5A/olXeimk -+kX4LxlEx5RAvpGB2zZVRGr6LobD9rVK91xuHYNIxxxfEGE8tCCWjp0+3ksri9SXx -+VHWBnbM9YaL32u3hxm8sYB/Yb8WSBavJCWJJqRStVRHM1koZlJmXNx2BX4vPo6iW -+RFEIPQsFZRLrtnCAiEhyT8bC2s/Njlu6ly9gtJZWSV46Q3ZjBL4q9sHKqZQ= -+-----END CERTIFICATE----- -diff -r e0f86c3b3685 Lib/test/test_ssl.py ---- a/Lib/test/test_ssl.py Sun Aug 11 13:04:50 2013 +0300 -+++ b/Lib/test/test_ssl.py Sun Aug 11 18:17:23 2013 +0200 -@@ -55,6 +55,7 @@ - WRONGCERT = data_file("XXXnonexisting.pem") - BADKEY = data_file("badkey.pem") - NOKIACERT = data_file("nokia.pem") -+NULLBYTECERT = data_file("nullbytecert.pem") - - DHFILE = data_file("dh512.pem") - BYTES_DHFILE = os.fsencode(DHFILE) -@@ -162,6 +163,27 @@ - ('DNS', 'projects.forum.nokia.com')) - ) - -+ def test_parse_cert_CVE_2013_4073(self): -+ p = ssl._ssl._test_decode_cert(NULLBYTECERT) -+ if support.verbose: -+ sys.stdout.write("\n" + pprint.pformat(p) + "\n") -+ subject = ((('countryName', 'US'),), -+ (('stateOrProvinceName', 'Oregon'),), -+ (('localityName', 'Beaverton'),), -+ (('organizationName', 'Python Software Foundation'),), -+ (('organizationalUnitName', 'Python Core Development'),), -+ (('commonName', 'null.python.org\x00example.org'),), -+ (('emailAddress', 'python-dev@python.org'),)) -+ self.assertEqual(p['subject'], subject) -+ self.assertEqual(p['issuer'], subject) -+ self.assertEqual(p['subjectAltName'], -+ (('DNS', 'altnull.python.org\x00example.com'), -+ ('email', 'null@python.org\x00user@example.org'), -+ ('URI', 'http://null.python.org\x00http://example.org'), -+ ('IP Address', '192.0.2.1'), -+ ('IP Address', '2001:DB8:0:0:0:0:0:1\n')) -+ ) -+ - def test_DER_to_PEM(self): - with open(SVN_PYTHON_ORG_ROOT_CERT, 'r') as f: - pem = f.read() -@@ -294,6 +316,13 @@ - fail(cert, 'foo.a.com') - fail(cert, 'bar.foo.com') - -+ # NULL bytes are bad, CVE-2013-4073 -+ cert = {'subject': ((('commonName', -+ 'null.python.org\x00example.org'),),)} -+ ok(cert, 'null.python.org\x00example.org') # or raise an error? -+ fail(cert, 'example.org') -+ fail(cert, 'null.python.org') -+ - # Slightly fake real-world example - cert = {'notAfter': 'Jun 26 21:41:46 2011 GMT', - 'subject': ((('commonName', 'linuxfrz.org'),),), -diff -r e0f86c3b3685 Modules/_ssl.c ---- a/Modules/_ssl.c Sun Aug 11 13:04:50 2013 +0300 -+++ b/Modules/_ssl.c Sun Aug 11 18:17:23 2013 +0200 -@@ -771,12 +771,14 @@ - ext->value->length)); - - for(j = 0; j < sk_GENERAL_NAME_num(names); j++) { -- - /* get a rendering of each name in the set of names */ -+ int gntype; -+ ASN1_STRING *as = NULL; - - name = sk_GENERAL_NAME_value(names, j); -- if (name->type == GEN_DIRNAME) { -- -+ gntype = name-> type; -+ switch (gntype) { -+ case GEN_DIRNAME: - /* we special-case DirName as a tuple of - tuples of attributes */ - -@@ -798,11 +800,62 @@ - goto fail; - } - PyTuple_SET_ITEM(t, 1, v); -+ break; - -- } else { -+ case GEN_EMAIL: -+ case GEN_DNS: -+ case GEN_URI: -+ /* GENERAL_NAME_print() doesn't handle NUL bytes in ASN1_string -+ correctly. */ -+ t = PyTuple_New(2); -+ if (t == NULL) -+ goto fail; -+ switch (gntype) { -+ case GEN_EMAIL: -+ v = PyUnicode_FromString("email"); -+ as = name->d.rfc822Name; -+ break; -+ case GEN_DNS: -+ v = PyUnicode_FromString("DNS"); -+ as = name->d.dNSName; -+ break; -+ case GEN_URI: -+ v = PyUnicode_FromString("URI"); -+ as = name->d.uniformResourceIdentifier; -+ break; -+ } -+ if (v == NULL) { -+ Py_DECREF(t); -+ goto fail; -+ } -+ PyTuple_SET_ITEM(t, 0, v); -+ v = PyUnicode_FromStringAndSize((char *)ASN1_STRING_data(as), -+ ASN1_STRING_length(as)); -+ if (v == NULL) { -+ Py_DECREF(t); -+ goto fail; -+ } -+ PyTuple_SET_ITEM(t, 1, v); -+ break; - -+ default: - /* for everything else, we use the OpenSSL print form */ -- -+ switch (gntype) { -+ /* check for new general name type */ -+ case GEN_OTHERNAME: -+ case GEN_X400: -+ case GEN_EDIPARTY: -+ case GEN_IPADD: -+ case GEN_RID: -+ break; -+ default: -+ if (PyErr_WarnFormat(PyExc_RuntimeWarning, 1, -+ "Unknown general name type %d", -+ gntype) == -1) { -+ goto fail; -+ } -+ break; -+ } - (void) BIO_reset(biobuf); - GENERAL_NAME_print(biobuf, name); - len = BIO_gets(biobuf, buf, sizeof(buf)-1); -@@ -829,6 +882,7 @@ - goto fail; - } - PyTuple_SET_ITEM(t, 1, v); -+ break; - } - - /* and add that rendering to the list */ diff --git a/00186-dont-raise-from-py_compile.patch b/00186-dont-raise-from-py_compile.patch index 1e7fb06..25c4a9d 100644 --- a/00186-dont-raise-from-py_compile.patch +++ b/00186-dont-raise-from-py_compile.patch @@ -1,30 +1,3 @@ -diff -r 7fa3e824a4ee Lib/py_compile.py ---- a/Lib/py_compile.py Tue Oct 29 22:25:06 2013 -0400 -+++ b/Lib/py_compile.py Wed Oct 30 11:08:31 2013 +0100 -@@ -108,15 +108,15 @@ - byte-compile all installed files (or all files in selected - directories). - """ -- with tokenize.open(file) as f: -- try: -- st = os.fstat(f.fileno()) -- except AttributeError: -- st = os.stat(file) -- timestamp = int(st.st_mtime) -- size = st.st_size & 0xFFFFFFFF -- codestring = f.read() - try: -+ with tokenize.open(file) as f: -+ try: -+ st = os.fstat(f.fileno()) -+ except AttributeError: -+ st = os.stat(file) -+ timestamp = int(st.st_mtime) -+ size = st.st_size & 0xFFFFFFFF -+ codestring = f.read() - codeobject = builtins.compile(codestring, dfile or file, 'exec', - optimize=optimize) - except Exception as err: diff -r 7fa3e824a4ee Lib/test/test_py_compile.py --- a/Lib/test/test_py_compile.py Tue Oct 29 22:25:06 2013 -0400 +++ b/Lib/test/test_py_compile.py Wed Oct 30 11:08:31 2013 +0100 @@ -36,6 +9,6 @@ diff -r 7fa3e824a4ee Lib/test/test_py_compile.py + bad_coding = os.path.join(os.path.dirname(__file__), 'bad_coding2.py') + self.assertIsNone(py_compile.compile(bad_coding, doraise=False)) + - def test_main(): - support.run_unittest(PyCompileTests) - + def test_relative_path(self): + py_compile.compile(os.path.relpath(self.source_path), + os.path.relpath(self.pyc_path)) diff --git a/00187-remove-pthread-atfork.patch b/00187-remove-pthread-atfork.patch new file mode 100644 index 0000000..04af52d --- /dev/null +++ b/00187-remove-pthread-atfork.patch @@ -0,0 +1,89 @@ +diff -r 6fdbb81b4020 -r 705f2addd0f0 Modules/_ssl.c +--- a/Modules/_ssl.c Tue Oct 29 12:14:55 2013 +0100 ++++ b/Modules/_ssl.c Tue Oct 29 21:11:55 2013 +0100 +@@ -19,9 +19,6 @@ + #ifdef WITH_THREAD + #include "pythread.h" + +-#ifdef HAVE_PTHREAD_ATFORK +-# include +-#endif + + #define PySSL_BEGIN_ALLOW_THREADS_S(save) \ + do { if (_ssl_locks_count>0) { (save) = PyEval_SaveThread(); } } while (0) +@@ -2950,64 +2947,6 @@ + Returns number of bytes read. Raises SSLError if connection to EGD\n\ + fails or if it does not provide enough data to seed PRNG."); + +-/* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747 +- * +- * The parent handler seeds the PRNG from pseudo-random data like pid, the +- * current time (miliseconds or seconds) and an uninitialized array. +- * The array contains stack variables that are impossible to predict +- * on most systems, e.g. function return address (subject to ASLR), the +- * stack protection canary and automatic variables. +- * The code is inspired by Apache's ssl_rand_seed() function. +- * +- * Note: +- * The code uses pthread_atfork() until Python has a proper atfork API. The +- * handlers are not removed from the child process. A parent handler is used +- * instead of a child handler because fork() is supposed to be async-signal +- * safe but the handler calls unsafe functions. +- */ +- +-#if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD) +-#define PYSSL_RAND_ATFORK 1 +- +-static void +-PySSL_RAND_atfork_parent(void) +-{ +- struct { +- char stack[128]; /* uninitialized (!) stack data, 128 is an +- arbitrary number. */ +- pid_t pid; /* current pid */ +- _PyTime_timeval tp; /* current time */ +- } seed; +- +-#ifdef WITH_VALGRIND +- VALGRIND_MAKE_MEM_DEFINED(seed.stack, sizeof(seed.stack)); +-#endif +- seed.pid = getpid(); +- _PyTime_gettimeofday(&(seed.tp)); +- RAND_add((unsigned char *)&seed, sizeof(seed), 0.0); +-} +- +-static int +-PySSL_RAND_atfork(void) +-{ +- static int registered = 0; +- int retval; +- +- if (registered) +- return 0; +- +- retval = pthread_atfork(NULL, /* prepare */ +- PySSL_RAND_atfork_parent, /* parent */ +- NULL); /* child */ +- if (retval != 0) { +- PyErr_SetFromErrno(PyExc_OSError); +- return -1; +- } +- registered = 1; +- return 0; +-} +-#endif /* HAVE_PTHREAD_ATFORK */ +- + #endif /* HAVE_OPENSSL_RAND */ + + +@@ -3623,10 +3561,5 @@ + if (r == NULL || PyModule_AddObject(m, "_OPENSSL_API_VERSION", r)) + return NULL; + +-#ifdef PYSSL_RAND_ATFORK +- if (PySSL_RAND_atfork() == -1) +- return NULL; +-#endif +- + return m; + } diff --git a/check-pyc-and-pyo-timestamps.py b/check-pyc-and-pyo-timestamps.py index bcd5baf..5fd11cc 100644 --- a/check-pyc-and-pyo-timestamps.py +++ b/check-pyc-and-pyo-timestamps.py @@ -16,10 +16,12 @@ not_compiled = [ 'test/badsyntax_future7.py', 'test/badsyntax_future8.py', 'test/badsyntax_future9.py', + 'test/badsyntax_future10.py', 'test/badsyntax_pep3120.py', 'lib2to3/tests/data/bom.py', 'lib2to3/tests/data/crlf.py', 'lib2to3/tests/data/different_encoding.py', + 'lib2to3/tests/data/false_encoding.py', 'lib2to3/tests/data/py2_test_grammar.py', '.debug-gdb.py', ] diff --git a/python-3.2.1-fix-test-subprocess-with-nonreadable-path-dir.patch b/python-3.2.1-fix-test-subprocess-with-nonreadable-path-dir.patch deleted file mode 100644 index 6f43c72..0000000 --- a/python-3.2.1-fix-test-subprocess-with-nonreadable-path-dir.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up Python-3.2.1/Lib/test/test_subprocess.py.non-readable-path Python-3.2.1/Lib/test/test_subprocess.py ---- Python-3.2.1/Lib/test/test_subprocess.py.non-readable-path 2011-07-09 02:58:51.000000000 -0400 -+++ Python-3.2.1/Lib/test/test_subprocess.py 2011-07-11 11:34:16.284426005 -0400 -@@ -618,7 +618,7 @@ class ProcessTestCase(BaseTestCase): - for i in range(1024): - # Windows raises IOError. Others raise OSError. - with self.assertRaises(EnvironmentError) as c: -- subprocess.Popen(['nonexisting_i_hope'], -+ subprocess.Popen(['/usr/bin/nonexisting_i_hope'], - stdout=subprocess.PIPE, - stderr=subprocess.PIPE) - # ignore errors that indicate the command was not found diff --git a/python-3.3.0b1-lib64.patch b/python-3.3.0b1-lib64.patch index 5ae03aa..afbdc6c 100644 --- a/python-3.3.0b1-lib64.patch +++ b/python-3.3.0b1-lib64.patch @@ -39,9 +39,9 @@ diff -up cpython-59223da36dec/Lib/site.py.lib64 cpython-59223da36dec/Lib/site.py --- cpython-59223da36dec/Lib/site.py.lib64 2012-08-07 06:10:57.000000000 -0400 +++ cpython-59223da36dec/Lib/site.py 2012-08-07 16:41:00.573477549 -0400 @@ -303,12 +303,16 @@ def getsitepackages(prefixes=None): - if sys.platform in ('os2emx', 'riscos'): - sitepackages.append(os.path.join(prefix, "Lib", "site-packages")) - elif os.sep == '/': + seen.add(prefix) + + if os.sep == '/': + sitepackages.append(os.path.join(prefix, "lib64", + "python" + sys.version[:3], + "site-packages")) diff --git a/python3.spec b/python3.spec index f445372..71fa457 100644 --- a/python3.spec +++ b/python3.spec @@ -2,10 +2,13 @@ # Conditionals and other variables controlling the build # ====================================================== -%global pybasever 3.3 +%global pybasever 3.4 # pybasever without the dot: -%global pyshortver 33 +%global pyshortver 34 + +# prereleasetag +%global prerel a4 %global pylibdir %{_libdir}/python%{pybasever} %global dynload_dir %{pylibdir}/lib-dynload @@ -35,9 +38,9 @@ # For example, # foo/bar.py # now has bytecode at: -# foo/__pycache__/bar.cpython-33.pyc -# foo/__pycache__/bar.cpython-33.pyo -%global bytecode_suffixes .cpython-33.py? +# foo/__pycache__/bar.cpython-34.pyc +# foo/__pycache__/bar.cpython-34.pyo +%global bytecode_suffixes .cpython-34.py? # Python's configure script defines SOVERSION, and this is used in the Makefile # to determine INSTSONAME, the name of the libpython DSO: @@ -125,8 +128,8 @@ # ================== Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 -Version: %{pybasever}.2 -Release: 7%{?dist} +Version: %{pybasever}.0 +Release: %{?prerel:0.}1%{?prerel:.%{prerel}}%{?dist} License: Python Group: Development/Languages @@ -187,7 +190,7 @@ BuildRequires: zlib-devel # Source code and patches # ======================= -Source: http://www.python.org/ftp/python/%{version}/Python-%{version}.tar.xz +Source: http://www.python.org/ftp/python/%{version}/Python-%{version}%{?prerel}.tar.xz # Avoid having various bogus auto-generated Provides lines for the various # python c modules' SONAMEs: @@ -276,17 +279,6 @@ Patch114: 00114-statvfs-f_flag-constants.patch # Not yet sent upstream Patch125: 00125-less-verbose-COUNT_ALLOCS.patch -# In my koji builds, /root/bin is in the PATH for some reason -# This leads to test_subprocess.py failing, due to "test_leaking_fds_on_error" -# trying every dir in PATH for "nonexisting_i_hope", which leads to it raising -# OSError: [Errno 13] Permission denied -# when it tries to read /root/bin, rather than raising "No such file" -# -# Work around this by specifying an absolute path for the non-existant -# executable -# Not yet sent upstream -Patch129: python-3.2.1-fix-test-subprocess-with-nonreadable-path-dir.patch - # 00130 # # Python 2's: # Patch130: python-2.7.2-add-extension-suffix-to-python-config.patch @@ -357,10 +349,6 @@ Patch140: python3-arm-skip-failing-fragile-test.patch # Not yet sent upstream Patch141: 00141-fix-test_gc_with_COUNT_ALLOCS.patch -# 00142 # -# Some pty tests fail when run in mock (rhbz#714627): -Patch142: 00142-skip-failing-pty-tests-in-rpmbuild.patch - # 00143 # # Fix the --with-tsc option on ppc64, and rework it on 32-bit ppc to avoid # aliasing violations (rhbz#698726) @@ -393,7 +381,8 @@ Patch143: 00143-tsc-on-ppc.patch # - don't build the _md5 and _sha* modules; rely on the _hashlib implementation # of hashlib # (rhbz#563986) -Patch146: 00146-hashlib-fips.patch +# TODO: figure out how to update properly for sha3 +# Patch146: 00146-hashlib-fips.patch # 00147 # # Add a sys._debugmallocstats() function @@ -595,10 +584,8 @@ Patch180: 00180-python-add-support-for-ppc64p7.patch # Patch182: 00182-fix-test_gdb-test_threads.patch # 00183 # -# Upstream fix for CVE-2013-2099 (ssl.match_hostname DOS) -# http://bugs.python.org/issue17980 -# http://hg.python.org/cpython/rev/c627638753e2 -Patch183: 00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch +# Fixed upstream as of Python 3.4.0a4 +# Patch183: 00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch # 00184 # # Fix for https://bugzilla.redhat.com/show_bug.cgi?id=979696 @@ -609,20 +596,22 @@ Patch183: 00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch Patch184: 00184-ctypes-should-build-with-libffi-multilib-wrapper.patch # 00185 # -# Fix for CVE-2013-4238 -- -# SSL module fails to handle NULL bytes inside subjectAltNames general names -# http://bugs.python.org/issue18709 -# rhbz#996399 -Patch185: 00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch +# Fixed upstream as of Python 3.4.0a4 +# Patch185: 00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch # 00186 # # Fix for https://bugzilla.redhat.com/show_bug.cgi?id=1023607 -# Fixes the problem of some *.py files not being bytecompiled properly -# during build. This was result of py_compile.compile raising exception -# when trying to convert test file with bad encoding, and thus not -# continuing bytecompilation for other files. +# Previously, this fixed a problem where some *.py files were not being +# bytecompiled properly during build. This was result of py_compile.compile +# raising exception when trying to convert test file with bad encoding, and +# thus not continuing bytecompilation for other files. +# This was fixed upstream, but the test hasn't been merged yet, so we keep it Patch186: 00186-dont-raise-from-py_compile.patch +# 00187 # +# Temporarily add this upstream patch, should be in next upstream release +Patch187: 00187-remove-pthread-atfork.patch + # (New patches go here ^^^) # @@ -762,7 +751,7 @@ can load its own extensions. # ====================================================== %prep -%setup -q -n Python-%{version} +%setup -q -n Python-%{version}%{?prerel} chmod +x %{SOURCE1} %if 0%{?with_systemtap} @@ -789,6 +778,7 @@ rm -r Modules/zlib || exit 1 # # For example, in our builds hashlib.md5 is implemented within _hashlib via # OpenSSL (and thus respects FIPS mode), and does not fall back to _md5 +# TODO: there seems to be no OpenSSL support in Python for sha3, investigate for f in md5module.c sha1module.c sha256module.c sha512module.c; do rm Modules/$f done @@ -816,8 +806,6 @@ done %patch125 -p1 -b .less-verbose-COUNT_ALLOCS -%patch129 -p1 - %ifarch ppc %{power64} %patch131 -p1 %endif @@ -835,11 +823,10 @@ done %endif # 00140: not for python3 %patch141 -p1 -%patch142 -p1 %patch143 -p1 -b .tsc-on-ppc # 00144: not for python3 # 00145: not for python3 -%patch146 -p1 +#patch146 -p1 # 00147: upstream as of Python 3.3.0 # 00148: upstream as of Python 3.2.3 # 00149: upstream as of Python 3.2.3 @@ -880,10 +867,11 @@ done %patch180 -p1 # 00181: not for python3 # 00182: upstream as of Python 3.3.2 -%patch183 -p1 -%patch184 -p1 -%patch185 -p1 +# 00183 upstream as of Python 3.4.0a4 +%patch184 -p1 +# 00185 upstream as of Python 3.4.0a4 %patch186 -p1 +%patch187 -p1 # Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there # are many differences between 2.6 and the Python 3 library. @@ -982,7 +970,8 @@ BuildPython() { # missing symbol AnnotateRWLockDestroy # # Invoke the build: - make EXTRA_CFLAGS="$CFLAGS" %{?_smp_mflags} + # TODO: it seems that 3.4.0a4 fails without -J1, have to figure out why + make EXTRA_CFLAGS="$CFLAGS -J1" %{?_smp_mflags} popd echo FINISHED: BUILD OF PYTHON FOR CONFIGURATION: $ConfDir @@ -1732,6 +1721,20 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Mon Nov 04 2013 Bohuslav Kabrda - 3.4.0-0.1.a4 +- Update to Python 3.4 alpha 4. +- Refreshed patches: 55 (systemtap), 102 (lib64), 111 (no static lib), +114 (statvfs flags), 132 (unittest rpmbuild hooks), 134 (fix COUNT_ALLOCS in +test_sys), 143 (tsc on ppc64), 146 (hashlib fips), 153 (test gdb noise), +157 (UID+GID overflows), 173 (ENOPROTOOPT in bind_port), 186 (dont raise +from py_compile) +- Removed patches: 129 (test_subprocess nonreadable dir - no longer fails in +Koji), 142 (the mock issue that caused this is fixed) +- Added patch 187 (remove thread atfork) - will be in next version +- Refreshed script for checking pyc and pyo timestamps with new ignored files. +- The fips patch is disabled for now until upstream makes a final decision +what to do with sha3 implementation for 3.4.0. + * Wed Oct 30 2013 Bohuslav Kabrda - 3.3.2-7 - Bytecompile all *.py files properly during build (rhbz#1023607) From dfb79526a33fa8566c47f83f076a9d6ac676bcfc Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Tue, 5 Nov 2013 15:38:57 +0100 Subject: [PATCH 02/32] Temporarily turn of multicore build differently, using -J1 broke test_distutils --- python3.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/python3.spec b/python3.spec index 71fa457..d792c03 100644 --- a/python3.spec +++ b/python3.spec @@ -970,8 +970,8 @@ BuildPython() { # missing symbol AnnotateRWLockDestroy # # Invoke the build: - # TODO: it seems that 3.4.0a4 fails without -J1, have to figure out why - make EXTRA_CFLAGS="$CFLAGS -J1" %{?_smp_mflags} + # TODO: it seems that 3.4.0a4 fails with %{?_smp_flags}, have to figure out why + make EXTRA_CFLAGS="$CFLAGS" popd echo FINISHED: BUILD OF PYTHON FOR CONFIGURATION: $ConfDir From 0153564bb6b35c94ea754bc33d029fd0db0cd2ee Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Wed, 6 Nov 2013 14:58:05 +0100 Subject: [PATCH 03/32] Add a temporary workaround for lib2to3 tests failure (to be removed when we figure out things about hashlib+fips patch) --- ...ts-when-hashlib-doesnt-compile-properly.patch | 11 +++++++++++ python3.spec | 16 ++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 00188-fix-lib2to3-tests-when-hashlib-doesnt-compile-properly.patch diff --git a/00188-fix-lib2to3-tests-when-hashlib-doesnt-compile-properly.patch b/00188-fix-lib2to3-tests-when-hashlib-doesnt-compile-properly.patch new file mode 100644 index 0000000..90af30d --- /dev/null +++ b/00188-fix-lib2to3-tests-when-hashlib-doesnt-compile-properly.patch @@ -0,0 +1,11 @@ +diff -r 28c04e954bb6 Lib/lib2to3/main.py +--- a/Lib/lib2to3/main.py Tue Oct 29 22:25:55 2013 -0400 ++++ b/Lib/lib2to3/main.py Wed Nov 06 14:33:07 2013 +0100 +@@ -213,6 +213,7 @@ + + # Set up logging handler + level = logging.DEBUG if options.verbose else logging.INFO ++ logging.root.handlers = [] + logging.basicConfig(format='%(name)s: %(message)s', level=level) + logger = logging.getLogger('lib2to3.main') + diff --git a/python3.spec b/python3.spec index d792c03..e2fae48 100644 --- a/python3.spec +++ b/python3.spec @@ -612,6 +612,21 @@ Patch186: 00186-dont-raise-from-py_compile.patch # Temporarily add this upstream patch, should be in next upstream release Patch187: 00187-remove-pthread-atfork.patch +# 00188 # +# Downstream only patch that should be removed when we compile all guaranteed +# hashlib algorithms properly. The problem is this: +# - during tests, test_hashlib is imported and executed before test_lib2to3 +# - if at least one hash function has failed, trying to import it triggers an +# exception that is being caught and exception is logged: +# http://hg.python.org/cpython/file/2de806c8b070/Lib/hashlib.py#l217 +# - logging the exception makes logging module run basicConfig +# - when lib2to3 tests are run again, lib2to3 runs basicConfig again, which +# doesn't do anything, because it was run previously +# (logging.root.handlers != []), which means that the default setup +# (most importantly logging level) is not overriden. That means that a test +# relying on this will fail (test_filename_changing_on_output_single_dir) +Patch188: 00188-fix-lib2to3-tests-when-hashlib-doesnt-compile-properly.patch + # (New patches go here ^^^) # @@ -872,6 +887,7 @@ done # 00185 upstream as of Python 3.4.0a4 %patch186 -p1 %patch187 -p1 +%patch188 -p1 # Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there # are many differences between 2.6 and the Python 3 library. From f0b0ffc86c70e6dcf520f3b6a91540766b8d6c56 Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Thu, 7 Nov 2013 15:59:40 +0100 Subject: [PATCH 04/32] Rebase the hashlib patch + adapt it to _sha3 being used from stdlib --- 00146-hashlib-fips.patch | 191 ++++++++++++++++++++------------------- python3.spec | 8 +- 2 files changed, 102 insertions(+), 97 deletions(-) diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch index 18b6a44..221ab50 100644 --- a/00146-hashlib-fips.patch +++ b/00146-hashlib-fips.patch @@ -1,7 +1,6 @@ -diff -up Python-3.2.2/Lib/hashlib.py.hashlib-fips Python-3.2.2/Lib/hashlib.py ---- Python-3.2.2/Lib/hashlib.py.hashlib-fips 2011-09-03 12:16:41.000000000 -0400 -+++ Python-3.2.2/Lib/hashlib.py 2011-09-14 01:55:48.090252006 -0400 -@@ -23,6 +23,16 @@ the zlib module. +--- Python-3.4.0a4/Lib/hashlib.py.hashlib-fips 2013-11-07 13:29:43.046881440 +0100 ++++ Python-3.4.0a4/Lib/hashlib.py 2013-11-07 13:42:04.438486289 +0100 +@@ -23,6 +23,16 @@ Choose your hash function wisely. Some have known collision weaknesses. sha384 and sha512 will be slow on 32 bit platforms. @@ -18,7 +17,27 @@ diff -up Python-3.2.2/Lib/hashlib.py.hashlib-fips Python-3.2.2/Lib/hashlib.py Hash objects have these methods: - update(arg): Update the hash object with the bytes in arg. Repeated calls are equivalent to a single call with the concatenation of all -@@ -96,33 +106,36 @@ def __get_openssl_constructor(name): +@@ -64,6 +74,19 @@ + 'algorithms_available', 'pbkdf2_hmac') + + ++import functools ++def __ignore_usedforsecurity(func): ++ """Used for sha3_* functions. Until OpenSSL implements them, we want ++ to use them from Python _sha3 module, but we want them to accept ++ usedforsecurity argument too.""" ++ # TODO: remove this function when OpenSSL implements sha3 ++ @functools.wraps(func) ++ def inner(*args, **kwargs): ++ if 'usedforsecurity' in kwargs: ++ kwargs.pop('usedforsecurity') ++ return func(*args, **kwargs) ++ return inner ++ + def __get_builtin_constructor(name): + try: + if name in ('SHA1', 'sha1'): +@@ -109,34 +132,41 @@ f = getattr(_hashlib, 'openssl_' + name) # Allow the C module to raise ValueError. The function will be # defined but the hash not actually available thanks to OpenSSL. @@ -30,16 +49,17 @@ diff -up Python-3.2.2/Lib/hashlib.py.hashlib-fips Python-3.2.2/Lib/hashlib.py # Use the C function directly (very fast) return f except (AttributeError, ValueError): -- return __get_builtin_constructor(name) -+ raise ++ # TODO: We want to just raise here when OpenSSL implements sha3 ++ # because we want to make sure that Fedora uses everything from OpenSSL + return __get_builtin_constructor(name) -+def __py_new(name, data=b'', usedforsecurity=True): -+ """new(name, data=b'', usedforsecurity=True) - Return a new hashing object using -+ the named algorithm; optionally initialized with data (which must be bytes). -def __py_new(name, data=b''): - """new(name, data=b'') - Return a new hashing object using the named algorithm; - optionally initialized with data (which must be bytes). ++def __py_new(name, data=b'', usedforsecurity=True): ++ """new(name, data=b'', usedforsecurity=True) - Return a new hashing object using ++ the named algorithm; optionally initialized with data (which must be bytes). + The 'usedforsecurity' keyword argument does nothing, and is for compatibilty + with the OpenSSL implementation """ @@ -64,16 +84,34 @@ diff -up Python-3.2.2/Lib/hashlib.py.hashlib-fips Python-3.2.2/Lib/hashlib.py - # hash, try using our builtin implementations. - # This allows for SHA224/256 and SHA384/512 support even though - # the OpenSSL library prior to 0.9.8 doesn't provide them. -- return __get_builtin_constructor(name)(data) -- -+ raise ++ # TODO: We want to just raise here when OpenSSL implements sha3 ++ # because we want to make sure that Fedora uses everything from OpenSSL + return __get_builtin_constructor(name)(data) +- try: import _hashlib -diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/test/test_hashlib.py ---- Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips 2011-09-03 12:16:43.000000000 -0400 -+++ Python-3.2.2/Lib/test/test_hashlib.py 2011-09-14 01:45:48.462251974 -0400 -@@ -22,6 +22,20 @@ from test.support import _4G, precisionb + new = __hash_new +@@ -216,7 +246,10 @@ + # try them all, some may not work due to the OpenSSL + # version not supporting that algorithm. + try: +- globals()[__func_name] = __get_hash(__func_name) ++ func = __get_hash(__func_name) ++ if 'sha3_' in __func_name: ++ func = __ignore_usedforsecurity(func) ++ globals()[__func_name] = func + except ValueError: + import logging + logging.exception('code for hash %s was not found.', __func_name) +@@ -224,3 +257,4 @@ + # Cleanup locals() + del __always_supported, __func_name, __get_hash + del __py_new, __hash_new, __get_openssl_constructor ++del __ignore_usedforsecurity +--- Python-3.4.0a4/Lib/test/test_hashlib.py.hashlib-fips 2013-11-07 13:43:08.763454594 +0100 ++++ Python-3.4.0a4/Lib/test/test_hashlib.py 2013-11-07 13:55:23.233038101 +0100 +@@ -26,6 +26,20 @@ c_hashlib = import_fresh_module('hashlib', fresh=['_hashlib']) py_hashlib = import_fresh_module('hashlib', blocked=['_hashlib']) @@ -94,7 +132,7 @@ diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/tes def hexstr(s): assert isinstance(s, bytes), repr(s) h = "0123456789abcdef" -@@ -31,6 +44,16 @@ def hexstr(s): +@@ -34,6 +48,16 @@ r += h[(i >> 4) & 0xF] + h[i & 0xF] return r @@ -111,7 +149,7 @@ diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/tes class HashLibTestCase(unittest.TestCase): supported_hash_names = ( 'md5', 'MD5', 'sha1', 'SHA1', -@@ -59,11 +82,11 @@ class HashLibTestCase(unittest.TestCase) +@@ -66,11 +90,11 @@ # For each algorithm, test the direct constructor and the use # of hashlib.new given the algorithm name. for algorithm, constructors in self.constructors_to_test.items(): @@ -126,12 +164,13 @@ diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/tes constructors.add(_test_algorithm_via_hashlib_new) _hashlib = self._conditional_import_module('_hashlib') -@@ -75,22 +98,7 @@ class HashLibTestCase(unittest.TestCase) +@@ -82,22 +106,9 @@ for algorithm, constructors in self.constructors_to_test.items(): constructor = getattr(_hashlib, 'openssl_'+algorithm, None) if constructor: - constructors.add(constructor) -- ++ constructors.add(suppress_fips(constructor)) + - _md5 = self._conditional_import_module('_md5') - if _md5: - self.constructors_to_test['md5'].add(_md5.md5) @@ -146,51 +185,11 @@ diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/tes - if _sha512: - self.constructors_to_test['sha384'].add(_sha512.sha384) - self.constructors_to_test['sha512'].add(_sha512.sha512) -+ constructors.add(suppress_fips(constructor)) ++ # TODO: remove this after sha3 is available through OpenSSL _sha3 = self._conditional_import_module('_sha3') if _sha3: self.constructors_to_test['sha3_224'].add(_sha3.sha3_224) -@@ -138,7 +146,7 @@ class HashLibTestCase(unittest.TestCase) - - def test_hexdigest(self): - for cons in self.hash_constructors: -- h = cons() -+ h = cons(usedforsecurity=False) - assert isinstance(h.digest(), bytes), name - self.assertEqual(hexstr(h.digest()), h.hexdigest()) - -@@ -149,12 +157,12 @@ class HashLibTestCase(unittest.TestCase) - cees = b'c' * 126 - - for name in self.supported_hash_names: -- m1 = cons() -+ m1 = cons(usedforsecurity=False) - m1.update(aas) - m1.update(bees) - m1.update(cees) - -- m2 = cons() -+ m2 = cons(usedforsecurity=False) - m2.update(aas + bees + cees) - self.assertEqual(m1.digest(), m2.digest()) - -@@ -324,13 +332,13 @@ class HashLibTestCase(unittest.TestCase) - # for multithreaded operation (which is hardwired to 2048). - gil_minsize = 2048 - -- m = hashlib.md5() -+ m = hashlib.md5(usedforsecurity=False) - m.update(b'1') - m.update(b'#' * gil_minsize) - m.update(b'1') - self.assertEqual(m.hexdigest(), 'cb1e1a2cbc80be75e19935d621fb9b21') - -- m = hashlib.md5(b'x' * gil_minsize) -+ m = hashlib.md5(b'x' * gil_minsize, usedforsecurity=False) - self.assertEqual(m.hexdigest(), 'cfb767f225d58469c5de3632a8803958') - - @unittest.skipUnless(threading, 'Threading required for this test.') -@@ -370,6 +378,67 @@ class HashLibTestCase(unittest.TestCase) +@@ -547,6 +558,65 @@ self.assertEqual(expected_hash, hasher.hexdigest()) @@ -246,31 +245,36 @@ diff -up Python-3.2.2/Lib/test/test_hashlib.py.hashlib-fips Python-3.2.2/Lib/tes + m = _hashlib.new('md5', usedforsecurity=False) + m.update(b'abc\n') + self.assertEquals(m.hexdigest(), "0bee89b07a248e27c83fc3d5951213c1") -+ ++ + m = _hashlib.openssl_md5(b'abc\n', usedforsecurity=False) + self.assertEquals(m.hexdigest(), "0bee89b07a248e27c83fc3d5951213c1") + + m = _hashlib.new('md5', b'abc\n', usedforsecurity=False) + self.assertEquals(m.hexdigest(), "0bee89b07a248e27c83fc3d5951213c1") -+ + -+ - def test_main(): - support.run_unittest(HashLibTestCase) -diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_hashopenssl.c ---- Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips 2011-09-03 12:16:46.000000000 -0400 -+++ Python-3.2.2/Modules/_hashopenssl.c 2011-09-14 00:52:41.225252001 -0400 -@@ -37,6 +37,8 @@ - #endif + class KDFTests(unittest.TestCase): + +@@ -628,6 +698,7 @@ + with self.assertRaisesRegex(ValueError, 'unsupported hash type'): + pbkdf2('unknown', b'pass', b'salt', 1) + ++ @unittest.skip('skipped on Fedora, as we always use OpenSSL pbkdf2_hmac') + def test_pbkdf2_hmac_py(self): + self._test_pbkdf2_hmac(py_hashlib.pbkdf2_hmac) + +--- Python-3.4.0a4/Modules/_hashopenssl.c.hashlib-fips 2013-11-07 13:55:47.466025086 +0100 ++++ Python-3.4.0a4/Modules/_hashopenssl.c 2013-11-07 14:14:32.745272791 +0100 +@@ -19,6 +19,8 @@ + /* EVP is the preferred interface to hashing in OpenSSL */ +#include +#include #include + #include /* We use the object interface to discover what hashes OpenSSL supports. */ - #include -@@ -68,11 +70,19 @@ typedef struct { +@@ -48,11 +50,19 @@ static PyTypeObject EVPtype; @@ -294,7 +298,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ DEFINE_CONSTS_FOR_NEW(md5) DEFINE_CONSTS_FOR_NEW(sha1) -@@ -117,6 +127,48 @@ EVP_hash(EVPobject *self, const void *vp +@@ -125,6 +135,48 @@ } } @@ -343,7 +347,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ /* Internal methods for a hash object */ static void -@@ -303,15 +355,16 @@ EVP_repr(EVPobject *self) +@@ -309,15 +361,16 @@ static int EVP_tp_init(EVPobject *self, PyObject *args, PyObject *kwds) { @@ -363,7 +367,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ return -1; } -@@ -332,7 +385,12 @@ EVP_tp_init(EVPobject *self, PyObject *a +@@ -338,7 +391,12 @@ PyBuffer_Release(&view); return -1; } @@ -377,7 +381,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ self->name = name_obj; Py_INCREF(self->name); -@@ -416,7 +474,8 @@ static PyTypeObject EVPtype = { +@@ -422,7 +480,8 @@ static PyObject * EVPnew(PyObject *name_obj, const EVP_MD *digest, const EVP_MD_CTX *initial_ctx, @@ -387,7 +391,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ { EVPobject *self; -@@ -431,7 +490,12 @@ EVPnew(PyObject *name_obj, +@@ -437,7 +495,12 @@ if (initial_ctx) { EVP_MD_CTX_copy(&self->ctx, initial_ctx); } else { @@ -401,7 +405,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ } if (cp && len) { -@@ -455,21 +519,29 @@ PyDoc_STRVAR(EVP_new__doc__, +@@ -461,21 +524,29 @@ An optional string argument may be provided and will be\n\ automatically hashed.\n\ \n\ @@ -435,7 +439,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ return NULL; } -@@ -483,7 +555,8 @@ EVP_new(PyObject *self, PyObject *args, +@@ -489,7 +560,8 @@ digest = EVP_get_digestbyname(name); @@ -445,7 +449,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ if (data_obj) PyBuffer_Release(&view); -@@ -547,58 +620,115 @@ generate_hash_name_list(void) +@@ -744,57 +816,115 @@ /* @@ -462,7 +466,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ #define GEN_CONSTRUCTOR(NAME) \ static PyObject * \ - EVP_new_ ## NAME (PyObject *self, PyObject *args) \ -+ EVP_new_ ## NAME (PyObject *self, PyObject *args, PyObject *kwdict) \ ++ EVP_new_ ## NAME (PyObject *self, PyObject *args, PyObject *kwdict) \ { \ - PyObject *data_obj = NULL; \ - Py_buffer view = { 0 }; \ @@ -488,8 +492,8 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ + return implement_specific_EVP_new(self, args, kwdict, \ + "|Oi:" #NAME, \ + &cached_info_ ## NAME ); \ - } - ++ } ++ +static PyObject * +implement_specific_EVP_new(PyObject *self, PyObject *args, PyObject *kwdict, + const char *format, @@ -534,8 +538,8 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ + } else { + PyErr_SetString(PyExc_ValueError, "Error initializing hash"); + } -+ } -+ + } + + if (data_obj) + PyBuffer_Release(&view); + @@ -561,10 +565,9 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ - EVP_DigestInit(CONST_new_ ## NAME ## _ctx_p, EVP_get_digestbyname(#NAME)); \ - } \ - } \ --} while (0); +/* + Macro/function pair to set up the constructors. - ++ + Try to initialize a context for each hash twice, once with + EVP_MD_CTX_FLAG_NON_FIPS_ALLOW and once without. + @@ -573,7 +576,7 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ +*/ +#define INIT_CONSTRUCTOR_CONSTANTS(NAME) do { \ + init_constructor_constant(&cached_info_ ## NAME, #NAME); \ -+} while (0); + } while (0); +static void +init_constructor_constant(EVPCachedInfo *cached_info, const char *name) +{ @@ -595,11 +598,11 @@ diff -up Python-3.2.2/Modules/_hashopenssl.c.hashlib-fips Python-3.2.2/Modules/_ + } + } +} -+ ++ + GEN_CONSTRUCTOR(md5) GEN_CONSTRUCTOR(sha1) - #ifdef _OPENSSL_SUPPORTS_SHA2 -@@ -641,12 +774,10 @@ PyInit__hashlib(void) +@@ -845,12 +974,10 @@ { PyObject *m, *openssl_md_meth_names; diff --git a/python3.spec b/python3.spec index e2fae48..ef695e9 100644 --- a/python3.spec +++ b/python3.spec @@ -381,8 +381,10 @@ Patch143: 00143-tsc-on-ppc.patch # - don't build the _md5 and _sha* modules; rely on the _hashlib implementation # of hashlib # (rhbz#563986) -# TODO: figure out how to update properly for sha3 -# Patch146: 00146-hashlib-fips.patch +# Note: for now we're using sha3 from Python tarball, not from OpenSSL, since +# OpenSSL didn't implement it yet. When OpenSSL implements it again, +# we will need to rm -rf Modules/_sha3 in prep and adapt the patch. +Patch146: 00146-hashlib-fips.patch # 00147 # # Add a sys._debugmallocstats() function @@ -841,7 +843,7 @@ done %patch143 -p1 -b .tsc-on-ppc # 00144: not for python3 # 00145: not for python3 -#patch146 -p1 +%patch146 -p1 # 00147: upstream as of Python 3.3.0 # 00148: upstream as of Python 3.2.3 # 00149: upstream as of Python 3.2.3 From f2d9a8144badc4976c1fbdda609bdb004329964a Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Fri, 8 Nov 2013 08:09:40 +0100 Subject: [PATCH 05/32] Don't hardode Python version in venv binary, use the pybasever macro there. --- python3.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python3.spec b/python3.spec index ef695e9..1382490 100644 --- a/python3.spec +++ b/python3.spec @@ -1374,7 +1374,7 @@ rm -fr %{buildroot} %{_bindir}/python%{pybasever} %{_bindir}/python%{pybasever}m %{_bindir}/pyvenv -%{_bindir}/pyvenv-3.3 +%{_bindir}/pyvenv-%{pybasever} %{_mandir}/*/* %files libs From 84c534ef77a9975aa0a3b03bffe448e8995ec0a0 Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Fri, 8 Nov 2013 13:33:44 +0100 Subject: [PATCH 06/32] Disable tests in debug build that are irrelevant and fail because of COUNT_ALLOCS --- 00141-fix-test_gc_with_COUNT_ALLOCS.patch | 22 ------- 00141-fix-tests_with_COUNT_ALLOCS.patch | 70 +++++++++++++++++++++++ python3.spec | 6 +- 3 files changed, 73 insertions(+), 25 deletions(-) delete mode 100644 00141-fix-test_gc_with_COUNT_ALLOCS.patch create mode 100644 00141-fix-tests_with_COUNT_ALLOCS.patch diff --git a/00141-fix-test_gc_with_COUNT_ALLOCS.patch b/00141-fix-test_gc_with_COUNT_ALLOCS.patch deleted file mode 100644 index 337e39e..0000000 --- a/00141-fix-test_gc_with_COUNT_ALLOCS.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff -up Python-3.2b2/Lib/test/test_gc.py.fix-test-gc-COUNT_ALLOCS Python-3.2b2/Lib/test/test_gc.py ---- Python-3.2b2/Lib/test/test_gc.py.fix-test-gc-COUNT_ALLOCS 2010-12-28 20:39:40.779059772 -0500 -+++ Python-3.2b2/Lib/test/test_gc.py 2010-12-28 20:41:15.890940017 -0500 -@@ -102,10 +102,16 @@ class GCTests(unittest.TestCase): - del a - self.assertNotEqual(gc.collect(), 0) - del B, C -- self.assertNotEqual(gc.collect(), 0) -+ if hasattr(sys, 'getcounts'): -+ self.assertEqual(gc.collect(), 0) -+ else: -+ self.assertNotEqual(gc.collect(), 0) - A.a = A() - del A -- self.assertNotEqual(gc.collect(), 0) -+ if hasattr(sys, 'getcounts'): -+ self.assertEqual(gc.collect(), 0) -+ else: -+ self.assertNotEqual(gc.collect(), 0) - self.assertEqual(gc.collect(), 0) - - def test_method(self): diff --git a/00141-fix-tests_with_COUNT_ALLOCS.patch b/00141-fix-tests_with_COUNT_ALLOCS.patch new file mode 100644 index 0000000..b60ee69 --- /dev/null +++ b/00141-fix-tests_with_COUNT_ALLOCS.patch @@ -0,0 +1,70 @@ +diff -r e245b0d7209b Lib/test/test_gc.py +--- a/Lib/test/test_gc.py Sun Oct 20 02:01:29 2013 -0700 ++++ b/Lib/test/test_gc.py Fri Nov 08 13:25:29 2013 +0100 +@@ -127,10 +127,16 @@ + del a + self.assertNotEqual(gc.collect(), 0) + del B, C +- self.assertNotEqual(gc.collect(), 0) ++ if hasattr(sys, 'getcounts'): ++ self.assertEqual(gc.collect(), 0) ++ else: ++ self.assertNotEqual(gc.collect(), 0) + A.a = A() + del A +- self.assertNotEqual(gc.collect(), 0) ++ if hasattr(sys, 'getcounts'): ++ self.assertEqual(gc.collect(), 0) ++ else: ++ self.assertNotEqual(gc.collect(), 0) + self.assertEqual(gc.collect(), 0) + + def test_method(self): +@@ -618,6 +624,8 @@ + stderr = run_command(code % "gc.DEBUG_SAVEALL") + self.assertNotIn(b"uncollectable objects at shutdown", stderr) + ++ @unittest.skipIf(hasattr(sys, 'getcounts'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_gc_main_module_at_shutdown(self): + # Create a reference cycle through the __main__ module and check + # it gets collected at interpreter shutdown. +@@ -632,6 +640,8 @@ + rc, out, err = assert_python_ok('-c', code) + self.assertEqual(out.strip(), b'__del__ called') + ++ @unittest.skipIf(hasattr(sys, 'getcounts'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_gc_ordinary_module_at_shutdown(self): + # Same as above, but with a non-__main__ module. + with temp_dir() as script_dir: +diff -r e245b0d7209b Lib/test/test_module.py +--- a/Lib/test/test_module.py Sun Oct 20 02:01:29 2013 -0700 ++++ b/Lib/test/test_module.py Fri Nov 08 13:25:29 2013 +0100 +@@ -81,6 +81,8 @@ + gc_collect() + self.assertEqual(f().__dict__["bar"], 4) + ++ @unittest.skipIf(hasattr(sys, 'getcounts'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_clear_dict_in_ref_cycle(self): + destroyed = [] + m = ModuleType("foo") +@@ -96,6 +98,8 @@ + gc_collect() + self.assertEqual(destroyed, [1]) + ++ @unittest.skipIf(hasattr(sys, 'getcounts'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_weakref(self): + m = ModuleType("foo") + wr = weakref.ref(m) +@@ -190,6 +194,8 @@ + self.assertEqual(r[:25], "") + ++ @unittest.skipIf(hasattr(sys, 'getcounts'), ++ 'skipping since COUNT_ALLOCS was used, see issue19527') + def test_module_finalization_at_shutdown(self): + # Module globals and builtins should still be available during shutdown + rc, out, err = assert_python_ok("-c", "from test import final_a") diff --git a/python3.spec b/python3.spec index 1382490..09a5bbf 100644 --- a/python3.spec +++ b/python3.spec @@ -345,9 +345,9 @@ Patch140: python3-arm-skip-failing-fragile-test.patch # to be relevant for python3 # 00141 # -# Fix test_gc's test_newinstance case when configured with COUNT_ALLOCS: -# Not yet sent upstream -Patch141: 00141-fix-test_gc_with_COUNT_ALLOCS.patch +# Fix test_gc and test_module tests for case when configured with COUNT_ALLOCS: +# http://bugs.python.org/issue19527 +Patch141: 00141-fix-tests_with_COUNT_ALLOCS.patch # 00143 # # Fix the --with-tsc option on ppc64, and rework it on 32-bit ppc to avoid From 671e4bf0ee7af79422ac0ce0bcecdaa4645457cd Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Fri, 8 Nov 2013 14:08:24 +0100 Subject: [PATCH 07/32] atexit now gets linked into libpython3.X.so --- python3.spec | 2 -- 1 file changed, 2 deletions(-) diff --git a/python3.spec b/python3.spec index 09a5bbf..501bfc0 100644 --- a/python3.spec +++ b/python3.spec @@ -1416,7 +1416,6 @@ rm -fr %{buildroot} %{dynload_dir}/_ssl.%{SOABI_optimized}.so %{dynload_dir}/_struct.%{SOABI_optimized}.so %{dynload_dir}/array.%{SOABI_optimized}.so -%{dynload_dir}/atexit.%{SOABI_optimized}.so %{dynload_dir}/audioop.%{SOABI_optimized}.so %{dynload_dir}/binascii.%{SOABI_optimized}.so %{dynload_dir}/cmath.%{SOABI_optimized}.so @@ -1667,7 +1666,6 @@ rm -fr %{buildroot} %{dynload_dir}/_ssl.%{SOABI_debug}.so %{dynload_dir}/_struct.%{SOABI_debug}.so %{dynload_dir}/array.%{SOABI_debug}.so -%{dynload_dir}/atexit.%{SOABI_debug}.so %{dynload_dir}/audioop.%{SOABI_debug}.so %{dynload_dir}/binascii.%{SOABI_debug}.so %{dynload_dir}/cmath.%{SOABI_debug}.so From e5c246c5f5745353863087f247ad0bee36341422 Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Fri, 8 Nov 2013 14:32:40 +0100 Subject: [PATCH 08/32] Change test/support in files to match upstream --- python3.spec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/python3.spec b/python3.spec index 501bfc0..25fb779 100644 --- a/python3.spec +++ b/python3.spec @@ -1517,10 +1517,12 @@ rm -fr %{buildroot} %dir %{pylibdir}/test/ %dir %{pylibdir}/test/__pycache__/ +%dir %{pylibdir}/test/support/ +%dir %{pylibdir}/test/support/__pycache__/ %{pylibdir}/test/__init__.py -%{pylibdir}/test/support.py %{pylibdir}/test/__pycache__/__init__%{bytecode_suffixes} -%{pylibdir}/test/__pycache__/support%{bytecode_suffixes} +%{pylibdir}/test/support/__init__.py +%{pylibdir}/test/support/__pycache__/__init__%{bytecode_suffixes} %exclude %{pylibdir}/turtle.py %exclude %{pylibdir}/__pycache__/turtle*%{bytecode_suffixes} From b282179093636d68aa917b5b98ff9e406beb2b44 Mon Sep 17 00:00:00 2001 From: Bohuslav Kabrda Date: Fri, 8 Nov 2013 14:59:25 +0100 Subject: [PATCH 09/32] Add asyncio, _sha3 and _testimportmultiple to files. --- python3.spec | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/python3.spec b/python3.spec index 25fb779..c7c5f66 100644 --- a/python3.spec +++ b/python3.spec @@ -795,7 +795,8 @@ rm -r Modules/zlib || exit 1 # # For example, in our builds hashlib.md5 is implemented within _hashlib via # OpenSSL (and thus respects FIPS mode), and does not fall back to _md5 -# TODO: there seems to be no OpenSSL support in Python for sha3, investigate +# TODO: there seems to be no OpenSSL support in Python for sha3 so far +# when it is there, also remove _sha3/ dir for f in md5module.c sha1module.c sha256module.c sha512module.c; do rm Modules/$f done @@ -1411,6 +1412,8 @@ rm -fr %{buildroot} %{dynload_dir}/_pickle.%{SOABI_optimized}.so %{dynload_dir}/_posixsubprocess.%{SOABI_optimized}.so %{dynload_dir}/_random.%{SOABI_optimized}.so +# TODO: remove _sha3 when it reaches OpenSSL +%{dynload_dir}/_sha3.%{SOABI_optimized}.so %{dynload_dir}/_socket.%{SOABI_optimized}.so %{dynload_dir}/_sqlite3.%{SOABI_optimized}.so %{dynload_dir}/_ssl.%{SOABI_optimized}.so @@ -1446,6 +1449,11 @@ rm -fr %{buildroot} %dir %{pylibdir}/__pycache__/ %{pylibdir}/__pycache__/*%{bytecode_suffixes} +%dir %{pylibdir}/asyncio/ +%dir %{pylibdir}/asyncio/__pycache__/ +%{pylibdir}/asyncio/*.py +%{pylibdir}/asyncio/__pycache__/*%{bytecode_suffixes} + %dir %{pylibdir}/collections/ %dir %{pylibdir}/collections/__pycache__/ %{pylibdir}/collections/*.py @@ -1613,6 +1621,7 @@ rm -fr %{buildroot} %{dynload_dir}/_ctypes_test.%{SOABI_optimized}.so %{dynload_dir}/_testbuffer.%{SOABI_optimized}.so %{dynload_dir}/_testcapi.%{SOABI_optimized}.so +%{dynload_dir}/_testimportmultiple.%{SOABI_optimized}.so %{pylibdir}/lib2to3/tests %{pylibdir}/tkinter/test %{pylibdir}/unittest/test @@ -1663,6 +1672,8 @@ rm -fr %{buildroot} %{dynload_dir}/_pickle.%{SOABI_debug}.so %{dynload_dir}/_posixsubprocess.%{SOABI_debug}.so %{dynload_dir}/_random.%{SOABI_debug}.so +# TODO: remove _sha3 when it reaches OpenSSL +%{dynload_dir}/_sha3.%{SOABI_debug}.so %{dynload_dir}/_socket.%{SOABI_debug}.so %{dynload_dir}/_sqlite3.%{SOABI_debug}.so %{dynload_dir}/_ssl.%{SOABI_debug}.so @@ -1717,6 +1728,7 @@ rm -fr %{buildroot} %{dynload_dir}/_ctypes_test.%{SOABI_debug}.so %{dynload_dir}/_testbuffer.%{SOABI_debug}.so %{dynload_dir}/_testcapi.%{SOABI_debug}.so +%{dynload_dir}/_testimportmultiple.%{SOABI_debug}.so %endif # with_debug_build From bf351679373737f7b826b0840533b203eb15e4e4 Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Wed, 27 Nov 2013 13:03:43 +0100 Subject: [PATCH 10/32] Update to Python 3.4 beta 1. - Refreshed patches: 102 (lib64), 111 (no static lib), 125 (less verbose COUNT ALLOCS), 141 (fix COUNT_ALLOCS in test_module), 146 (hashlib fips), 157 (UID+GID overflows), 173 (ENOPROTOOPT in bind_port) - Removed patch 00187 (remove pthread atfork; upstreamed) --- ...n-3.3.0b1-lib64.patch => 00102-lib64.patch | 80 ++++++++-------- 00111-no-static-lib.patch | 2 +- 00125-less-verbose-COUNT_ALLOCS.patch | 4 +- 00141-fix-tests_with_COUNT_ALLOCS.patch | 4 +- 00146-hashlib-fips.patch | 84 +++++++---------- 00157-uid-gid-overflows.patch | 92 +++++++++---------- ...-workaround-ENOPROTOOPT-in-bind_port.patch | 13 ++- 00187-remove-pthread-atfork.patch | 89 ------------------ python3.spec | 17 +++- 9 files changed, 139 insertions(+), 246 deletions(-) rename python-3.3.0b1-lib64.patch => 00102-lib64.patch (70%) delete mode 100644 00187-remove-pthread-atfork.patch diff --git a/python-3.3.0b1-lib64.patch b/00102-lib64.patch similarity index 70% rename from python-3.3.0b1-lib64.patch rename to 00102-lib64.patch index afbdc6c..8f21624 100644 --- a/python-3.3.0b1-lib64.patch +++ b/00102-lib64.patch @@ -1,6 +1,5 @@ -diff -up cpython-59223da36dec/Lib/distutils/command/install.py.lib64 cpython-59223da36dec/Lib/distutils/command/install.py ---- cpython-59223da36dec/Lib/distutils/command/install.py.lib64 2012-08-07 06:10:57.000000000 -0400 -+++ cpython-59223da36dec/Lib/distutils/command/install.py 2012-08-07 16:41:00.573477549 -0400 +--- Python-3.4.0b1/Lib/distutils/command/install.py.lib64 2013-11-24 21:36:54.000000000 +0100 ++++ Python-3.4.0b1/Lib/distutils/command/install.py 2013-11-27 11:10:43.821150774 +0100 @@ -45,14 +45,14 @@ else: INSTALL_SCHEMES = { 'unix_prefix': { @@ -18,10 +17,9 @@ diff -up cpython-59223da36dec/Lib/distutils/command/install.py.lib64 cpython-592 'headers': '$base/include/python/$dist_name', 'scripts': '$base/bin', 'data' : '$base', -diff -up cpython-59223da36dec/Lib/distutils/sysconfig.py.lib64 cpython-59223da36dec/Lib/distutils/sysconfig.py ---- cpython-59223da36dec/Lib/distutils/sysconfig.py.lib64 2012-08-07 06:10:57.000000000 -0400 -+++ cpython-59223da36dec/Lib/distutils/sysconfig.py 2012-08-07 16:41:00.573477549 -0400 -@@ -139,8 +139,12 @@ def get_python_lib(plat_specific=0, stan +--- Python-3.4.0b1/Lib/distutils/sysconfig.py.lib64 2013-11-24 21:36:54.000000000 +0100 ++++ Python-3.4.0b1/Lib/distutils/sysconfig.py 2013-11-27 11:10:43.821150774 +0100 +@@ -141,8 +141,12 @@ prefix = plat_specific and EXEC_PREFIX or PREFIX if os.name == "posix": @@ -35,12 +33,11 @@ diff -up cpython-59223da36dec/Lib/distutils/sysconfig.py.lib64 cpython-59223da36 if standard_lib: return libpython else: -diff -up cpython-59223da36dec/Lib/site.py.lib64 cpython-59223da36dec/Lib/site.py ---- cpython-59223da36dec/Lib/site.py.lib64 2012-08-07 06:10:57.000000000 -0400 -+++ cpython-59223da36dec/Lib/site.py 2012-08-07 16:41:00.573477549 -0400 -@@ -303,12 +303,16 @@ def getsitepackages(prefixes=None): +--- Python-3.4.0b1/Lib/site.py.lib64 2013-11-24 21:36:54.000000000 +0100 ++++ Python-3.4.0b1/Lib/site.py 2013-11-27 11:10:43.822150773 +0100 +@@ -304,12 +304,16 @@ seen.add(prefix) - + if os.sep == '/': + sitepackages.append(os.path.join(prefix, "lib64", + "python" + sys.version[:3], @@ -55,10 +52,9 @@ diff -up cpython-59223da36dec/Lib/site.py.lib64 cpython-59223da36dec/Lib/site.py sitepackages.append(os.path.join(prefix, "lib", "site-packages")) if sys.platform == "darwin": # for framework builds *only* we add the standard Apple -diff -up cpython-59223da36dec/Lib/sysconfig.py.lib64 cpython-59223da36dec/Lib/sysconfig.py ---- cpython-59223da36dec/Lib/sysconfig.py.lib64 2012-08-07 06:10:57.000000000 -0400 -+++ cpython-59223da36dec/Lib/sysconfig.py 2012-08-07 16:41:00.574477549 -0400 -@@ -21,10 +21,10 @@ __all__ = [ +--- Python-3.4.0b1/Lib/sysconfig.py.lib64 2013-11-24 21:36:54.000000000 +0100 ++++ Python-3.4.0b1/Lib/sysconfig.py 2013-11-27 11:10:43.822150773 +0100 +@@ -20,10 +20,10 @@ _INSTALL_SCHEMES = { 'posix_prefix': { @@ -72,7 +68,7 @@ diff -up cpython-59223da36dec/Lib/sysconfig.py.lib64 cpython-59223da36dec/Lib/sy 'include': '{installed_base}/include/python{py_version_short}{abiflags}', 'platinclude': -@@ -81,10 +81,10 @@ _INSTALL_SCHEMES = { +@@ -61,10 +61,10 @@ 'data': '{userbase}', }, 'posix_user': { @@ -86,10 +82,9 @@ diff -up cpython-59223da36dec/Lib/sysconfig.py.lib64 cpython-59223da36dec/Lib/sy 'include': '{userbase}/include/python{py_version_short}', 'scripts': '{userbase}/bin', 'data': '{userbase}', -diff -up cpython-59223da36dec/Lib/test/test_site.py.lib64 cpython-59223da36dec/Lib/test/test_site.py ---- cpython-59223da36dec/Lib/test/test_site.py.lib64 2012-08-07 06:10:57.000000000 -0400 -+++ cpython-59223da36dec/Lib/test/test_site.py 2012-08-07 16:41:00.574477549 -0400 -@@ -239,12 +239,15 @@ class HelperFunctionsTests(unittest.Test +--- Python-3.4.0b1/Lib/test/test_site.py.lib64 2013-11-24 21:36:55.000000000 +0100 ++++ Python-3.4.0b1/Lib/test/test_site.py 2013-11-27 11:10:43.822150773 +0100 +@@ -244,12 +244,15 @@ self.assertEqual(dirs[2], wanted) elif os.sep == '/': # OS X non-framwework builds, Linux, FreeBSD, etc @@ -108,10 +103,9 @@ diff -up cpython-59223da36dec/Lib/test/test_site.py.lib64 cpython-59223da36dec/L else: # other platforms self.assertEqual(len(dirs), 2) -diff -up cpython-59223da36dec/Makefile.pre.in.lib64 cpython-59223da36dec/Makefile.pre.in ---- cpython-59223da36dec/Makefile.pre.in.lib64 2012-08-07 16:41:00.557477550 -0400 -+++ cpython-59223da36dec/Makefile.pre.in 2012-08-07 16:41:00.575477549 -0400 -@@ -108,7 +108,7 @@ LIBDIR= @libdir@ +--- Python-3.4.0b1/Makefile.pre.in.lib64 2013-11-27 11:10:43.814150786 +0100 ++++ Python-3.4.0b1/Makefile.pre.in 2013-11-27 11:10:43.823150771 +0100 +@@ -115,7 +115,7 @@ MANDIR= @mandir@ INCLUDEDIR= @includedir@ CONFINCLUDEDIR= $(exec_prefix)/include @@ -120,9 +114,8 @@ diff -up cpython-59223da36dec/Makefile.pre.in.lib64 cpython-59223da36dec/Makefil ABIFLAGS= @ABIFLAGS@ # Detailed destination directories -diff -up cpython-59223da36dec/Modules/getpath.c.lib64 cpython-59223da36dec/Modules/getpath.c ---- cpython-59223da36dec/Modules/getpath.c.lib64 2012-08-07 06:10:57.000000000 -0400 -+++ cpython-59223da36dec/Modules/getpath.c 2012-08-07 16:41:00.575477549 -0400 +--- Python-3.4.0b1/Modules/getpath.c.lib64 2013-11-24 21:36:56.000000000 +0100 ++++ Python-3.4.0b1/Modules/getpath.c 2013-11-27 11:17:33.619449704 +0100 @@ -122,8 +122,8 @@ #endif @@ -134,16 +127,16 @@ diff -up cpython-59223da36dec/Modules/getpath.c.lib64 cpython-59223da36dec/Modul #endif #ifndef LANDMARK -@@ -135,7 +135,7 @@ static wchar_t exec_prefix[MAXPATHLEN+1] - static wchar_t progpath[MAXPATHLEN+1]; - static wchar_t *module_search_path = NULL; - static int module_search_path_malloced = 0; --static wchar_t *lib_python = L"lib/python" VERSION; -+static wchar_t *lib_python = L"lib64/python" VERSION; +@@ -498,7 +498,7 @@ + _pythonpath = _Py_char2wchar(PYTHONPATH, NULL); + _prefix = _Py_char2wchar(PREFIX, NULL); + _exec_prefix = _Py_char2wchar(EXEC_PREFIX, NULL); +- lib_python = _Py_char2wchar("lib/python" VERSION, NULL); ++ lib_python = _Py_char2wchar("lib/python64" VERSION, NULL); - static void - reduce(wchar_t *dir) -@@ -677,7 +677,7 @@ calculate_path(void) + if (!_pythonpath || !_prefix || !_exec_prefix || !lib_python) { + Py_FatalError( +@@ -687,7 +687,7 @@ } else wcsncpy(zip_path, _prefix, MAXPATHLEN); @@ -152,7 +145,7 @@ diff -up cpython-59223da36dec/Modules/getpath.c.lib64 cpython-59223da36dec/Modul bufsz = wcslen(zip_path); /* Replace "00" with version */ zip_path[bufsz - 6] = VERSION[0]; zip_path[bufsz - 5] = VERSION[2]; -@@ -687,7 +687,7 @@ calculate_path(void) +@@ -699,7 +699,7 @@ fprintf(stderr, "Could not find platform dependent libraries \n"); wcsncpy(exec_prefix, _exec_prefix, MAXPATHLEN); @@ -161,10 +154,9 @@ diff -up cpython-59223da36dec/Modules/getpath.c.lib64 cpython-59223da36dec/Modul } /* If we found EXEC_PREFIX do *not* reduce it! (Yet.) */ -diff -up cpython-59223da36dec/setup.py.lib64 cpython-59223da36dec/setup.py ---- cpython-59223da36dec/setup.py.lib64 2012-08-07 06:10:57.000000000 -0400 -+++ cpython-59223da36dec/setup.py 2012-08-07 16:41:32.153475390 -0400 -@@ -438,7 +438,7 @@ class PyBuildExt(build_ext): +--- Python-3.4.0b1/setup.py.lib64 2013-11-24 21:36:56.000000000 +0100 ++++ Python-3.4.0b1/setup.py 2013-11-27 11:10:43.824150769 +0100 +@@ -441,7 +441,7 @@ # directories (i.e. '.' and 'Include') must be first. See issue # 10520. if not cross_compiling: @@ -173,7 +165,7 @@ diff -up cpython-59223da36dec/setup.py.lib64 cpython-59223da36dec/setup.py add_dir_to_list(self.compiler.include_dirs, '/usr/local/include') # only change this for cross builds for 3.3, issues on Mageia if cross_compiling: -@@ -708,11 +708,11 @@ class PyBuildExt(build_ext): +@@ -718,11 +718,11 @@ elif curses_library: readline_libs.append(curses_library) elif self.compiler.find_library_file(lib_dirs + @@ -187,7 +179,7 @@ diff -up cpython-59223da36dec/setup.py.lib64 cpython-59223da36dec/setup.py extra_link_args=readline_extra_link_args, libraries=readline_libs) ) else: -@@ -749,8 +749,8 @@ class PyBuildExt(build_ext): +@@ -759,8 +759,8 @@ if krb5_h: ssl_incs += krb5_h ssl_libs = find_library_file(self.compiler, 'ssl',lib_dirs, diff --git a/00111-no-static-lib.patch b/00111-no-static-lib.patch index f74bc87..bd1bc40 100644 --- a/00111-no-static-lib.patch +++ b/00111-no-static-lib.patch @@ -2,7 +2,7 @@ diff -up cpython-59223da36dec/Makefile.pre.in.no-static-lib cpython-59223da36dec --- cpython-59223da36dec/Makefile.pre.in.no-static-lib 2012-08-07 16:43:43.296466422 -0400 +++ cpython-59223da36dec/Makefile.pre.in 2012-08-07 16:44:13.299464371 -0400 @@ -464,7 +464,7 @@ coverage: - $(MAKE) coverage-lcov + $(RUNSHARED) $(PYTHON_FOR_BUILD) ./Tools/clinic/clinic.py --make # Build the interpreter -$(BUILDPYTHON): Modules/python.o $(LIBRARY) $(LDLIBRARY) $(PY3LIBRARY) diff --git a/00125-less-verbose-COUNT_ALLOCS.patch b/00125-less-verbose-COUNT_ALLOCS.patch index 8cef015..8e441a2 100644 --- a/00125-less-verbose-COUNT_ALLOCS.patch +++ b/00125-less-verbose-COUNT_ALLOCS.patch @@ -16,5 +16,5 @@ diff -up Python-2.7/Python/pythonrun.c.less-verbose-COUNT_ALLOCS Python-2.7/Pyth + if (Py_GETENV("PYTHONDUMPCOUNTS")) + dump_counts(stdout); #endif - - PRINT_TOTAL_REFS(); + /* dump hash stats */ + _PyHash_Fini(); diff --git a/00141-fix-tests_with_COUNT_ALLOCS.patch b/00141-fix-tests_with_COUNT_ALLOCS.patch index b60ee69..44be26e 100644 --- a/00141-fix-tests_with_COUNT_ALLOCS.patch +++ b/00141-fix-tests_with_COUNT_ALLOCS.patch @@ -60,8 +60,8 @@ diff -r e245b0d7209b Lib/test/test_module.py m = ModuleType("foo") wr = weakref.ref(m) @@ -190,6 +194,8 @@ - self.assertEqual(r[:25], "") + self.assertEqual(r[-len(ends_with):], ends_with, + '{!r} does not end with {!r}'.format(r, ends_with)) + @unittest.skipIf(hasattr(sys, 'getcounts'), + 'skipping since COUNT_ALLOCS was used, see issue19527') diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch index 221ab50..f2cd3db 100644 --- a/00146-hashlib-fips.patch +++ b/00146-hashlib-fips.patch @@ -1,5 +1,5 @@ ---- Python-3.4.0a4/Lib/hashlib.py.hashlib-fips 2013-11-07 13:29:43.046881440 +0100 -+++ Python-3.4.0a4/Lib/hashlib.py 2013-11-07 13:42:04.438486289 +0100 +--- Python-3.4.0b1/Lib/hashlib.py.hashlib-fips 2013-11-24 21:36:54.000000000 +0100 ++++ Python-3.4.0b1/Lib/hashlib.py 2013-11-27 11:45:17.073617547 +0100 @@ -23,6 +23,16 @@ Choose your hash function wisely. Some have known collision weaknesses. sha384 and sha512 will be slow on 32 bit platforms. @@ -17,27 +17,7 @@ Hash objects have these methods: - update(arg): Update the hash object with the bytes in arg. Repeated calls are equivalent to a single call with the concatenation of all -@@ -64,6 +74,19 @@ - 'algorithms_available', 'pbkdf2_hmac') - - -+import functools -+def __ignore_usedforsecurity(func): -+ """Used for sha3_* functions. Until OpenSSL implements them, we want -+ to use them from Python _sha3 module, but we want them to accept -+ usedforsecurity argument too.""" -+ # TODO: remove this function when OpenSSL implements sha3 -+ @functools.wraps(func) -+ def inner(*args, **kwargs): -+ if 'usedforsecurity' in kwargs: -+ kwargs.pop('usedforsecurity') -+ return func(*args, **kwargs) -+ return inner -+ - def __get_builtin_constructor(name): - try: - if name in ('SHA1', 'sha1'): -@@ -109,34 +132,41 @@ +@@ -108,34 +118,41 @@ f = getattr(_hashlib, 'openssl_' + name) # Allow the C module to raise ValueError. The function will be # defined but the hash not actually available thanks to OpenSSL. @@ -92,7 +72,7 @@ try: import _hashlib new = __hash_new -@@ -216,7 +246,10 @@ +@@ -215,7 +232,10 @@ # try them all, some may not work due to the OpenSSL # version not supporting that algorithm. try: @@ -104,13 +84,13 @@ except ValueError: import logging logging.exception('code for hash %s was not found.', __func_name) -@@ -224,3 +257,4 @@ +@@ -223,3 +243,4 @@ # Cleanup locals() del __always_supported, __func_name, __get_hash del __py_new, __hash_new, __get_openssl_constructor +del __ignore_usedforsecurity ---- Python-3.4.0a4/Lib/test/test_hashlib.py.hashlib-fips 2013-11-07 13:43:08.763454594 +0100 -+++ Python-3.4.0a4/Lib/test/test_hashlib.py 2013-11-07 13:55:23.233038101 +0100 +--- Python-3.4.0b1/Lib/test/test_hashlib.py.hashlib-fips 2013-11-24 21:36:55.000000000 +0100 ++++ Python-3.4.0b1/Lib/test/test_hashlib.py 2013-11-27 11:55:42.769601363 +0100 @@ -26,6 +26,20 @@ c_hashlib = import_fresh_module('hashlib', fresh=['_hashlib']) py_hashlib = import_fresh_module('hashlib', blocked=['_hashlib']) @@ -164,32 +144,37 @@ constructors.add(_test_algorithm_via_hashlib_new) _hashlib = self._conditional_import_module('_hashlib') -@@ -82,22 +106,9 @@ +@@ -82,27 +106,13 @@ for algorithm, constructors in self.constructors_to_test.items(): constructor = getattr(_hashlib, 'openssl_'+algorithm, None) if constructor: - constructors.add(constructor) + constructors.add(suppress_fips(constructor)) + def add_builtin_constructor(name): + constructor = getattr(hashlib, "__get_builtin_constructor")(name) + self.constructors_to_test[name].add(constructor) + - _md5 = self._conditional_import_module('_md5') - if _md5: -- self.constructors_to_test['md5'].add(_md5.md5) +- add_builtin_constructor('md5') - _sha1 = self._conditional_import_module('_sha1') - if _sha1: -- self.constructors_to_test['sha1'].add(_sha1.sha1) +- add_builtin_constructor('sha1') - _sha256 = self._conditional_import_module('_sha256') - if _sha256: -- self.constructors_to_test['sha224'].add(_sha256.sha224) -- self.constructors_to_test['sha256'].add(_sha256.sha256) +- add_builtin_constructor('sha224') +- add_builtin_constructor('sha256') - _sha512 = self._conditional_import_module('_sha512') - if _sha512: -- self.constructors_to_test['sha384'].add(_sha512.sha384) -- self.constructors_to_test['sha512'].add(_sha512.sha512) +- add_builtin_constructor('sha384') +- add_builtin_constructor('sha512') +- _sha3 = self._conditional_import_module('_sha3') + # TODO: remove this after sha3 is available through OpenSSL - _sha3 = self._conditional_import_module('_sha3') if _sha3: - self.constructors_to_test['sha3_224'].add(_sha3.sha3_224) -@@ -547,6 +558,65 @@ + add_builtin_constructor('sha3_224') + add_builtin_constructor('sha3_256') +@@ -558,6 +568,65 @@ self.assertEqual(expected_hash, hasher.hexdigest()) @@ -255,7 +240,7 @@ class KDFTests(unittest.TestCase): -@@ -628,6 +698,7 @@ +@@ -639,6 +708,7 @@ with self.assertRaisesRegex(ValueError, 'unsupported hash type'): pbkdf2('unknown', b'pass', b'salt', 1) @@ -263,8 +248,8 @@ def test_pbkdf2_hmac_py(self): self._test_pbkdf2_hmac(py_hashlib.pbkdf2_hmac) ---- Python-3.4.0a4/Modules/_hashopenssl.c.hashlib-fips 2013-11-07 13:55:47.466025086 +0100 -+++ Python-3.4.0a4/Modules/_hashopenssl.c 2013-11-07 14:14:32.745272791 +0100 +--- Python-3.4.0b1/Modules/_hashopenssl.c.hashlib-fips 2013-11-24 21:36:56.000000000 +0100 ++++ Python-3.4.0b1/Modules/_hashopenssl.c 2013-11-27 12:01:57.443537463 +0100 @@ -19,6 +19,8 @@ @@ -298,7 +283,7 @@ DEFINE_CONSTS_FOR_NEW(md5) DEFINE_CONSTS_FOR_NEW(sha1) -@@ -125,6 +135,48 @@ +@@ -97,6 +107,48 @@ } } @@ -347,7 +332,7 @@ /* Internal methods for a hash object */ static void -@@ -309,15 +361,16 @@ +@@ -281,15 +333,16 @@ static int EVP_tp_init(EVPobject *self, PyObject *args, PyObject *kwds) { @@ -367,7 +352,7 @@ return -1; } -@@ -338,7 +391,12 @@ +@@ -310,7 +363,12 @@ PyBuffer_Release(&view); return -1; } @@ -381,7 +366,7 @@ self->name = name_obj; Py_INCREF(self->name); -@@ -422,7 +480,8 @@ +@@ -394,7 +452,8 @@ static PyObject * EVPnew(PyObject *name_obj, const EVP_MD *digest, const EVP_MD_CTX *initial_ctx, @@ -391,7 +376,7 @@ { EVPobject *self; -@@ -437,7 +495,12 @@ +@@ -409,7 +468,12 @@ if (initial_ctx) { EVP_MD_CTX_copy(&self->ctx, initial_ctx); } else { @@ -405,7 +390,7 @@ } if (cp && len) { -@@ -461,21 +524,29 @@ +@@ -433,21 +497,29 @@ An optional string argument may be provided and will be\n\ automatically hashed.\n\ \n\ @@ -439,7 +424,7 @@ return NULL; } -@@ -489,7 +560,8 @@ +@@ -461,7 +533,8 @@ digest = EVP_get_digestbyname(name); @@ -449,7 +434,7 @@ if (data_obj) PyBuffer_Release(&view); -@@ -744,57 +816,115 @@ +@@ -742,57 +815,115 @@ /* @@ -602,11 +587,12 @@ GEN_CONSTRUCTOR(md5) GEN_CONSTRUCTOR(sha1) -@@ -845,12 +974,10 @@ +@@ -843,13 +974,10 @@ { PyObject *m, *openssl_md_meth_names; - OpenSSL_add_all_digests(); +- ERR_load_crypto_strings(); + SSL_load_error_strings(); + SSL_library_init(); diff --git a/00157-uid-gid-overflows.patch b/00157-uid-gid-overflows.patch index bf82b60..43bd394 100644 --- a/00157-uid-gid-overflows.patch +++ b/00157-uid-gid-overflows.patch @@ -1,56 +1,54 @@ -diff -up Python-3.3.0b1/Lib/test/test_os.py.uid-gid-overflows Python-3.3.0b1/Lib/test/test_os.py ---- Python-3.3.0b1/Lib/test/test_os.py.uid-gid-overflows 2012-06-26 16:19:48.000000000 -0400 -+++ Python-3.3.0b1/Lib/test/test_os.py 2012-07-20 14:21:46.856688739 -0400 -@@ -1174,30 +1174,36 @@ if sys.platform != 'win32': - def test_setuid(self): - if os.getuid() != 0: - self.assertRaises(OSError, os.setuid, 0) -+ self.assertRaises(TypeError, os.setuid, 'not an int') - self.assertRaises(OverflowError, os.setuid, 1<<32) +--- Python-3.4.0b1/Lib/test/test_os.py.orig 2013-11-27 12:07:32.368411798 +0100 ++++ Python-3.4.0b1/Lib/test/test_os.py 2013-11-27 12:12:11.220265174 +0100 +@@ -1319,30 +1319,36 @@ + def test_setuid(self): + if os.getuid() != 0: + self.assertRaises(OSError, os.setuid, 0) ++ self.assertRaises(TypeError, os.setuid, 'not an int') + self.assertRaises(OverflowError, os.setuid, 1<<32) - if hasattr(os, 'setgid'): - def test_setgid(self): - if os.getuid() != 0 and not HAVE_WHEEL_GROUP: - self.assertRaises(OSError, os.setgid, 0) -+ self.assertRaises(TypeError, os.setgid, 'not an int') - self.assertRaises(OverflowError, os.setgid, 1<<32) + @unittest.skipUnless(hasattr(os, 'setgid'), 'test needs os.setgid()') + def test_setgid(self): + if os.getuid() != 0 and not HAVE_WHEEL_GROUP: + self.assertRaises(OSError, os.setgid, 0) ++ self.assertRaises(TypeError, os.setgid, 'not an int') + self.assertRaises(OverflowError, os.setgid, 1<<32) - if hasattr(os, 'seteuid'): - def test_seteuid(self): - if os.getuid() != 0: - self.assertRaises(OSError, os.seteuid, 0) -+ self.assertRaises(TypeError, os.seteuid, 'not an int') - self.assertRaises(OverflowError, os.seteuid, 1<<32) + @unittest.skipUnless(hasattr(os, 'seteuid'), 'test needs os.seteuid()') + def test_seteuid(self): + if os.getuid() != 0: + self.assertRaises(OSError, os.seteuid, 0) ++ self.assertRaises(TypeError, os.seteuid, 'not an int') + self.assertRaises(OverflowError, os.seteuid, 1<<32) - if hasattr(os, 'setegid'): - def test_setegid(self): - if os.getuid() != 0 and not HAVE_WHEEL_GROUP: - self.assertRaises(OSError, os.setegid, 0) -+ self.assertRaises(TypeError, os.setegid, 'not an int') - self.assertRaises(OverflowError, os.setegid, 1<<32) + @unittest.skipUnless(hasattr(os, 'setegid'), 'test needs os.setegid()') + def test_setegid(self): + if os.getuid() != 0 and not HAVE_WHEEL_GROUP: + self.assertRaises(OSError, os.setegid, 0) ++ self.assertRaises(TypeError, os.setegid, 'not an int') + self.assertRaises(OverflowError, os.setegid, 1<<32) - if hasattr(os, 'setreuid'): - def test_setreuid(self): - if os.getuid() != 0: - self.assertRaises(OSError, os.setreuid, 0, 0) -+ self.assertRaises(TypeError, os.setreuid, 'not an int', 0) -+ self.assertRaises(TypeError, os.setreuid, 0, 'not an int') - self.assertRaises(OverflowError, os.setreuid, 1<<32, 0) - self.assertRaises(OverflowError, os.setreuid, 0, 1<<32) + @unittest.skipUnless(hasattr(os, 'setreuid'), 'test needs os.setreuid()') + def test_setreuid(self): + if os.getuid() != 0: + self.assertRaises(OSError, os.setreuid, 0, 0) ++ self.assertRaises(TypeError, os.setreuid, 'not an int', 0) ++ self.assertRaises(TypeError, os.setreuid, 0, 'not an int') + self.assertRaises(OverflowError, os.setreuid, 1<<32, 0) + self.assertRaises(OverflowError, os.setreuid, 0, 1<<32) -@@ -1212,6 +1218,8 @@ if sys.platform != 'win32': - def test_setregid(self): - if os.getuid() != 0 and not HAVE_WHEEL_GROUP: - self.assertRaises(OSError, os.setregid, 0, 0) -+ self.assertRaises(TypeError, os.setregid, 'not an int', 0) -+ self.assertRaises(TypeError, os.setregid, 0, 'not an int') - self.assertRaises(OverflowError, os.setregid, 1<<32, 0) - self.assertRaises(OverflowError, os.setregid, 0, 1<<32) +@@ -1358,6 +1364,8 @@ + def test_setregid(self): + if os.getuid() != 0 and not HAVE_WHEEL_GROUP: + self.assertRaises(OSError, os.setregid, 0, 0) ++ self.assertRaises(TypeError, os.setregid, 'not an int', 0) ++ self.assertRaises(TypeError, os.setregid, 0, 'not an int') + self.assertRaises(OverflowError, os.setregid, 1<<32, 0) + self.assertRaises(OverflowError, os.setregid, 0, 1<<32) -diff -up Python-3.3.0b1/Lib/test/test_pwd.py.uid-gid-overflows Python-3.3.0b1/Lib/test/test_pwd.py ---- Python-3.3.0b1/Lib/test/test_pwd.py.uid-gid-overflows 2012-06-26 16:19:48.000000000 -0400 -+++ Python-3.3.0b1/Lib/test/test_pwd.py 2012-07-20 14:21:46.857688726 -0400 -@@ -87,9 +87,9 @@ class PwdTest(unittest.TestCase): +--- Python-3.4.0b1/Lib/test/test_pwd.py.orig 2013-11-24 21:36:55.000000000 +0100 ++++ Python-3.4.0b1/Lib/test/test_pwd.py 2013-11-27 12:07:32.369411798 +0100 +@@ -89,9 +89,9 @@ # In some cases, byuids isn't a complete list of all users in the # system, so if we try to pick a value not in byuids (via a perturbing # loop, say), pwd.getpwuid() might still be able to find data for that diff --git a/00173-workaround-ENOPROTOOPT-in-bind_port.patch b/00173-workaround-ENOPROTOOPT-in-bind_port.patch index 498322c..8d8b0bc 100644 --- a/00173-workaround-ENOPROTOOPT-in-bind_port.patch +++ b/00173-workaround-ENOPROTOOPT-in-bind_port.patch @@ -1,13 +1,12 @@ -diff -up Python-3.3.0/Lib/test/support.py.rhbz913732 Python-3.3.0/Lib/test/support.py ---- Python-3.4.0a4/Lib/test/support/__init__.py.rhbz913732 2013-03-04 16:25:53.885258476 -0500 -+++ Python-3.4.0a4/Lib/test/support/__init__.py 2013-03-04 16:25:58.499258157 -0500 -@@ -544,7 +544,8 @@ def bind_port(sock, host=HOST): +--- Python-3.4.0b1/Lib/test/support/__init__.py.orig 2013-11-27 12:14:26.507216624 +0100 ++++ Python-3.4.0b1/Lib/test/support/__init__.py 2013-11-27 12:17:01.490805587 +0100 +@@ -593,7 +593,8 @@ if sock.getsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR) == 1: raise TestFailed("tests should never set the SO_REUSEADDR " \ "socket option on TCP/IP sockets!") - if hasattr(socket, 'SO_REUSEPORT'): + if hasattr(socket, 'SO_REUSEPORT') \ + and 'WITHIN_PYTHON_RPM_BUILD' not in os.environ: # rhbz#913732 - if sock.getsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT) == 1: - raise TestFailed("tests should never set the SO_REUSEPORT " \ - "socket option on TCP/IP sockets!") + try: + if sock.getsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT) == 1: + raise TestFailed("tests should never set the SO_REUSEPORT " \ diff --git a/00187-remove-pthread-atfork.patch b/00187-remove-pthread-atfork.patch deleted file mode 100644 index 04af52d..0000000 --- a/00187-remove-pthread-atfork.patch +++ /dev/null @@ -1,89 +0,0 @@ -diff -r 6fdbb81b4020 -r 705f2addd0f0 Modules/_ssl.c ---- a/Modules/_ssl.c Tue Oct 29 12:14:55 2013 +0100 -+++ b/Modules/_ssl.c Tue Oct 29 21:11:55 2013 +0100 -@@ -19,9 +19,6 @@ - #ifdef WITH_THREAD - #include "pythread.h" - --#ifdef HAVE_PTHREAD_ATFORK --# include --#endif - - #define PySSL_BEGIN_ALLOW_THREADS_S(save) \ - do { if (_ssl_locks_count>0) { (save) = PyEval_SaveThread(); } } while (0) -@@ -2950,64 +2947,6 @@ - Returns number of bytes read. Raises SSLError if connection to EGD\n\ - fails or if it does not provide enough data to seed PRNG."); - --/* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747 -- * -- * The parent handler seeds the PRNG from pseudo-random data like pid, the -- * current time (miliseconds or seconds) and an uninitialized array. -- * The array contains stack variables that are impossible to predict -- * on most systems, e.g. function return address (subject to ASLR), the -- * stack protection canary and automatic variables. -- * The code is inspired by Apache's ssl_rand_seed() function. -- * -- * Note: -- * The code uses pthread_atfork() until Python has a proper atfork API. The -- * handlers are not removed from the child process. A parent handler is used -- * instead of a child handler because fork() is supposed to be async-signal -- * safe but the handler calls unsafe functions. -- */ -- --#if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD) --#define PYSSL_RAND_ATFORK 1 -- --static void --PySSL_RAND_atfork_parent(void) --{ -- struct { -- char stack[128]; /* uninitialized (!) stack data, 128 is an -- arbitrary number. */ -- pid_t pid; /* current pid */ -- _PyTime_timeval tp; /* current time */ -- } seed; -- --#ifdef WITH_VALGRIND -- VALGRIND_MAKE_MEM_DEFINED(seed.stack, sizeof(seed.stack)); --#endif -- seed.pid = getpid(); -- _PyTime_gettimeofday(&(seed.tp)); -- RAND_add((unsigned char *)&seed, sizeof(seed), 0.0); --} -- --static int --PySSL_RAND_atfork(void) --{ -- static int registered = 0; -- int retval; -- -- if (registered) -- return 0; -- -- retval = pthread_atfork(NULL, /* prepare */ -- PySSL_RAND_atfork_parent, /* parent */ -- NULL); /* child */ -- if (retval != 0) { -- PyErr_SetFromErrno(PyExc_OSError); -- return -1; -- } -- registered = 1; -- return 0; --} --#endif /* HAVE_PTHREAD_ATFORK */ -- - #endif /* HAVE_OPENSSL_RAND */ - - -@@ -3623,10 +3561,5 @@ - if (r == NULL || PyModule_AddObject(m, "_OPENSSL_API_VERSION", r)) - return NULL; - --#ifdef PYSSL_RAND_ATFORK -- if (PySSL_RAND_atfork() == -1) -- return NULL; --#endif -- - return m; - } diff --git a/python3.spec b/python3.spec index c7c5f66..1e61ab1 100644 --- a/python3.spec +++ b/python3.spec @@ -8,7 +8,7 @@ %global pyshortver 34 # prereleasetag -%global prerel a4 +%global prerel b1 %global pylibdir %{_libdir}/python%{pybasever} %global dynload_dir %{pylibdir}/lib-dynload @@ -240,7 +240,7 @@ Patch1: Python-3.1.1-rpath.patch # (where sys.getfilesystemencoding() == 'ascii') Patch55: 00055-systemtap.patch -Patch102: python-3.3.0b1-lib64.patch +Patch102: 00102-lib64.patch # 00104 # # Only used when "%{_lib}" == "lib64" @@ -611,8 +611,8 @@ Patch184: 00184-ctypes-should-build-with-libffi-multilib-wrapper.patch Patch186: 00186-dont-raise-from-py_compile.patch # 00187 # -# Temporarily add this upstream patch, should be in next upstream release -Patch187: 00187-remove-pthread-atfork.patch +# Fixed upstream as of Python 3.4.0b1 +# Patch187: 00187-remove-pthread-atfork.patch # 00188 # # Downstream only patch that should be removed when we compile all guaranteed @@ -889,7 +889,7 @@ done %patch184 -p1 # 00185 upstream as of Python 3.4.0a4 %patch186 -p1 -%patch187 -p1 +# 00187: upstream as of Python 3.4.0b1 %patch188 -p1 # Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there @@ -1751,6 +1751,13 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Mon Nov 25 2013 Bohuslav Kabrda - 3.4.0-0.1.b1 +- Update to Python 3.4 beta 1. +- Refreshed patches: 102 (lib64), 111 (no static lib), 125 (less verbose COUNT +ALLOCS), 141 (fix COUNT_ALLOCS in test_module), 146 (hashlib fips), +157 (UID+GID overflows), 173 (ENOPROTOOPT in bind_port) +- Removed patch 00187 (remove pthread atfork; upstreamed) + * Mon Nov 04 2013 Bohuslav Kabrda - 3.4.0-0.1.a4 - Update to Python 3.4 alpha 4. - Refreshed patches: 55 (systemtap), 102 (lib64), 111 (no static lib), From 0ef730720cd7ab286ed38a1762ea96783577ba7e Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Wed, 27 Nov 2013 13:33:51 +0100 Subject: [PATCH 11/32] Fix typo in lib64 patch --- 00102-lib64.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/00102-lib64.patch b/00102-lib64.patch index 8f21624..db5fd95 100644 --- a/00102-lib64.patch +++ b/00102-lib64.patch @@ -132,7 +132,7 @@ _prefix = _Py_char2wchar(PREFIX, NULL); _exec_prefix = _Py_char2wchar(EXEC_PREFIX, NULL); - lib_python = _Py_char2wchar("lib/python" VERSION, NULL); -+ lib_python = _Py_char2wchar("lib/python64" VERSION, NULL); ++ lib_python = _Py_char2wchar("lib64/python" VERSION, NULL); if (!_pythonpath || !_prefix || !_exec_prefix || !lib_python) { Py_FatalError( From aa3d055181c5413be4735d5c4cf3684a72195b79 Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Wed, 27 Nov 2013 13:42:09 +0100 Subject: [PATCH 12/32] Add __ignore_usedforsecurity to patch 00146 (accidentaly omitted when rebasing patch). --- 00146-hashlib-fips.patch | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch index f2cd3db..b4d38c7 100644 --- a/00146-hashlib-fips.patch +++ b/00146-hashlib-fips.patch @@ -17,7 +17,27 @@ Hash objects have these methods: - update(arg): Update the hash object with the bytes in arg. Repeated calls are equivalent to a single call with the concatenation of all -@@ -108,34 +118,41 @@ +@@ -63,6 +73,19 @@ + __all__ = __always_supported + ('new', 'algorithms_guaranteed', + 'algorithms_available', 'pbkdf2_hmac') + ++import functools ++def __ignore_usedforsecurity(func): ++ """Used for sha3_* functions. Until OpenSSL implements them, we want ++ to use them from Python _sha3 module, but we want them to accept ++ usedforsecurity argument too.""" ++ # TODO: remove this function when OpenSSL implements sha3 ++ @functools.wraps(func) ++ def inner(*args, **kwargs): ++ if 'usedforsecurity' in kwargs: ++ kwargs.pop('usedforsecurity') ++ return func(*args, **kwargs) ++ return inner ++ + + __builtin_constructor_cache = {} + +@@ -108,34 +131,41 @@ f = getattr(_hashlib, 'openssl_' + name) # Allow the C module to raise ValueError. The function will be # defined but the hash not actually available thanks to OpenSSL. @@ -72,7 +92,7 @@ try: import _hashlib new = __hash_new -@@ -215,7 +232,10 @@ +@@ -215,7 +245,10 @@ # try them all, some may not work due to the OpenSSL # version not supporting that algorithm. try: @@ -84,7 +104,7 @@ except ValueError: import logging logging.exception('code for hash %s was not found.', __func_name) -@@ -223,3 +243,4 @@ +@@ -223,3 +256,4 @@ # Cleanup locals() del __always_supported, __func_name, __get_hash del __py_new, __hash_new, __get_openssl_constructor From 8fffc96443cc58c2b1c819a4b94166e5b88ba643 Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Thu, 28 Nov 2013 10:07:21 +0100 Subject: [PATCH 13/32] Fix the hashlib-fips patch to work flawlessly once again --- 00146-hashlib-fips.patch | 40 ++++++++++++++++++++++++++-------------- 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch index b4d38c7..7cd79ef 100644 --- a/00146-hashlib-fips.patch +++ b/00146-hashlib-fips.patch @@ -109,12 +109,16 @@ del __always_supported, __func_name, __get_hash del __py_new, __hash_new, __get_openssl_constructor +del __ignore_usedforsecurity ---- Python-3.4.0b1/Lib/test/test_hashlib.py.hashlib-fips 2013-11-24 21:36:55.000000000 +0100 -+++ Python-3.4.0b1/Lib/test/test_hashlib.py 2013-11-27 11:55:42.769601363 +0100 -@@ -26,6 +26,20 @@ - c_hashlib = import_fresh_module('hashlib', fresh=['_hashlib']) - py_hashlib = import_fresh_module('hashlib', blocked=['_hashlib']) +--- Python-3.4.0b1/Lib/test/test_hashlib.py 2013-11-27 11:55:42.769601363 +0100 ++++ Python-3.4.0b1/Lib/test/test_hashlib.py 2013-11-28 09:33:03.929008508 +0100 +@@ -24,7 +24,22 @@ + COMPILED_WITH_PYDEBUG = hasattr(sys, 'gettotalrefcount') + c_hashlib = import_fresh_module('hashlib', fresh=['_hashlib']) +-py_hashlib = import_fresh_module('hashlib', blocked=['_hashlib']) ++# skipped on Fedora, since we always use OpenSSL implementation ++# py_hashlib = import_fresh_module('hashlib', blocked=['_hashlib']) ++ +def openssl_enforces_fips(): + # Use the "openssl" command (if present) to try to determine if the local + # OpenSSL is configured to enforce FIPS @@ -128,11 +132,10 @@ + stdout, stderr = p.communicate(input=b'abc') + return b'unknown cipher' in stderr +OPENSSL_ENFORCES_FIPS = openssl_enforces_fips() -+ + def hexstr(s): assert isinstance(s, bytes), repr(s) - h = "0123456789abcdef" -@@ -34,6 +48,16 @@ +@@ -34,6 +49,16 @@ r += h[(i >> 4) & 0xF] + h[i & 0xF] return r @@ -149,7 +152,7 @@ class HashLibTestCase(unittest.TestCase): supported_hash_names = ( 'md5', 'MD5', 'sha1', 'SHA1', -@@ -66,11 +90,11 @@ +@@ -66,11 +91,11 @@ # For each algorithm, test the direct constructor and the use # of hashlib.new given the algorithm name. for algorithm, constructors in self.constructors_to_test.items(): @@ -164,7 +167,7 @@ constructors.add(_test_algorithm_via_hashlib_new) _hashlib = self._conditional_import_module('_hashlib') -@@ -82,27 +106,13 @@ +@@ -82,26 +107,13 @@ for algorithm, constructors in self.constructors_to_test.items(): constructor = getattr(_hashlib, 'openssl_'+algorithm, None) if constructor: @@ -189,12 +192,21 @@ - if _sha512: - add_builtin_constructor('sha384') - add_builtin_constructor('sha512') -- _sha3 = self._conditional_import_module('_sha3') + # TODO: remove this after sha3 is available through OpenSSL + _sha3 = self._conditional_import_module('_sha3') if _sha3: add_builtin_constructor('sha3_224') - add_builtin_constructor('sha3_256') -@@ -558,6 +568,65 @@ +@@ -157,9 +169,6 @@ + else: + del sys.modules['_md5'] + self.assertRaises(TypeError, get_builtin_constructor, 3) +- constructor = get_builtin_constructor('md5') +- self.assertIs(constructor, _md5.md5) +- self.assertEqual(sorted(builtin_constructor_cache), ['MD5', 'md5']) + + def test_hexdigest(self): + for cons in self.hash_constructors: +@@ -558,6 +567,65 @@ self.assertEqual(expected_hash, hasher.hexdigest()) @@ -260,7 +272,7 @@ class KDFTests(unittest.TestCase): -@@ -639,6 +708,7 @@ +@@ -639,6 +707,7 @@ with self.assertRaisesRegex(ValueError, 'unsupported hash type'): pbkdf2('unknown', b'pass', b'salt', 1) From cb97d2916653265a7d7a033b14f406d9031a772a Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Thu, 28 Nov 2013 10:27:48 +0100 Subject: [PATCH 14/32] Use --without-ensurepip configuration option for now. --- python3.spec | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/python3.spec b/python3.spec index 1e61ab1..41beef6 100644 --- a/python3.spec +++ b/python3.spec @@ -1003,9 +1003,9 @@ BuildPython debug \ python-debug \ python%{pybasever}-debug \ %ifarch %{ix86} x86_64 ppc %{power64} - "--with-pydebug --with-tsc --with-count-allocs --with-call-profile" \ + "--with-pydebug --with-tsc --with-count-allocs --with-call-profile --without-ensurepip" \ %else - "--with-pydebug --with-count-allocs --with-call-profile" \ + "--with-pydebug --with-count-allocs --with-call-profile --without-ensurepip" \ %endif false %endif # with_debug_build @@ -1013,7 +1013,7 @@ BuildPython debug \ BuildPython optimized \ python \ python%{pybasever} \ - "" \ + "--without-ensurepip" \ true # ====================================================== @@ -1497,6 +1497,13 @@ rm -fr %{buildroot} %doc %{pylibdir}/email/architecture.rst %{pylibdir}/encodings + +%dir %{pylibdir}/ensurepip/ +%dir %{pylibdir}/ensurepip/__pycache__/ +%{pylibdir}/ensurepip/*.py +%{pylibdir}/ensurepip/__pycache__/*%{bytecode_suffixes} +%exclude %{pylibdir}/ensurepip/_bundled + %{pylibdir}/html %{pylibdir}/http %{pylibdir}/idlelib From 3aee76e8b684942740e3b2600f3817f0ae0c3529 Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Thu, 28 Nov 2013 10:43:42 +0100 Subject: [PATCH 15/32] Add opcode module to %files --- python3.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/python3.spec b/python3.spec index 41beef6..d53f8eb 100644 --- a/python3.spec +++ b/python3.spec @@ -1409,6 +1409,7 @@ rm -fr %{buildroot} %{dynload_dir}/_lzma.%{SOABI_optimized}.so %{dynload_dir}/_multibytecodec.%{SOABI_optimized}.so %{dynload_dir}/_multiprocessing.%{SOABI_optimized}.so +%{dynload_dir}/_opcode.%{SOABI_optimized}.so %{dynload_dir}/_pickle.%{SOABI_optimized}.so %{dynload_dir}/_posixsubprocess.%{SOABI_optimized}.so %{dynload_dir}/_random.%{SOABI_optimized}.so @@ -1676,6 +1677,7 @@ rm -fr %{buildroot} %{dynload_dir}/_lzma.%{SOABI_debug}.so %{dynload_dir}/_multibytecodec.%{SOABI_debug}.so %{dynload_dir}/_multiprocessing.%{SOABI_debug}.so +%{dynload_dir}/_opcode.%{SOABI_debug}.so %{dynload_dir}/_pickle.%{SOABI_debug}.so %{dynload_dir}/_posixsubprocess.%{SOABI_debug}.so %{dynload_dir}/_random.%{SOABI_debug}.so From 61fd48d1a4a485f80045c2291f182066e4857652 Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Wed, 8 Jan 2014 10:01:56 +0100 Subject: [PATCH 16/32] Update to Python 3.4 beta 2. - Refreshed patches: 55 (systemtap), 146 (hashlib-fips), 154 (test_gdb noise) - Dropped patches: 114 (statvfs constants), 177 (platform unicode) --- 00055-systemtap.patch | 2 +- 00114-statvfs-f_flag-constants.patch | 39 --------------------------- 00146-hashlib-fips.patch | 9 +++---- 00153-fix-test_gdb-noise.patch | 4 +-- 00177-platform-unicode.patch | 13 --------- python3.spec | 40 ++++++++++++++-------------- 6 files changed, 27 insertions(+), 80 deletions(-) delete mode 100644 00114-statvfs-f_flag-constants.patch delete mode 100644 00177-platform-unicode.patch diff --git a/00055-systemtap.patch b/00055-systemtap.patch index ddd5e77..3200c15 100644 --- a/00055-systemtap.patch +++ b/00055-systemtap.patch @@ -89,9 +89,9 @@ diff -up Python-3.3.0rc2/Doc/howto/index.rst.systemtap Python-3.3.0rc2/Doc/howto --- Python-3.3.0rc2/Doc/howto/index.rst.systemtap 2012-09-09 05:10:51.000000000 -0400 +++ Python-3.3.0rc2/Doc/howto/index.rst 2012-09-10 09:17:21.117511779 -0400 @@ -29,4 +29,5 @@ Currently, the HOWTOs are: - webservers.rst argparse.rst ipaddress.rst + clinic.rst + instrumentation.rst diff -up Python-3.3.0rc2/Doc/howto/instrumentation.rst.systemtap Python-3.3.0rc2/Doc/howto/instrumentation.rst diff --git a/00114-statvfs-f_flag-constants.patch b/00114-statvfs-f_flag-constants.patch deleted file mode 100644 index ea99e08..0000000 --- a/00114-statvfs-f_flag-constants.patch +++ /dev/null @@ -1,39 +0,0 @@ -diff -up Python-3.3.0b1/Modules/posixmodule.c.statvfs-f_flag-constants Python-3.3.0b1/Modules/posixmodule.c ---- Python-3.3.0b1/Modules/posixmodule.c.statvfs-f_flag-constants 2012-06-26 16:19:54.000000000 -0400 -+++ Python-3.3.0b1/Modules/posixmodule.c 2012-07-20 13:39:18.595546387 -0400 -@@ -11665,6 +11665,35 @@ all_ins(PyObject *d) - if (PyModule_AddIntMacro(m, ST_NOSUID)) return -1; - #endif /* ST_NOSUID */ - -+ /* GNU extensions */ -+#ifdef ST_NODEV -+ if (PyModule_AddIntMacro(m, ST_NODEV)) return -1; -+#endif /* ST_NODEV */ -+#ifdef ST_NOEXEC -+ if (PyModule_AddIntMacro(m, ST_NOEXEC)) return -1; -+#endif /* ST_NOEXEC */ -+#ifdef ST_SYNCHRONOUS -+ if (PyModule_AddIntMacro(m, ST_SYNCHRONOUS)) return -1; -+#endif /* ST_SYNCHRONOUS */ -+#ifdef ST_MANDLOCK -+ if (PyModule_AddIntMacro(m, ST_MANDLOCK)) return -1; -+#endif /* ST_MANDLOCK */ -+#ifdef ST_WRITE -+ if (PyModule_AddIntMacro(m, ST_WRITE)) return -1; -+#endif /* ST_WRITE */ -+#ifdef ST_APPEND -+ if (PyModule_AddIntMacro(m, ST_APPEND)) return -1; -+#endif /* ST_APPEND */ -+#ifdef ST_NOATIME -+ if (PyModule_AddIntMacro(m, ST_NOATIME)) return -1; -+#endif /* ST_NOATIME */ -+#ifdef ST_NODIRATIME -+ if (PyModule_AddIntMacro(m, ST_NODIRATIME)) return -1; -+#endif /* ST_NODIRATIME */ -+#ifdef ST_RELATIME -+ if (PyModule_AddIntMacro(m, ST_RELATIME)) return -1; -+#endif /* ST_RELATIME */ -+ - /* FreeBSD sendfile() constants */ - #ifdef SF_NODISKIO - if (PyModule_AddIntMacro(m, SF_NODISKIO)) return -1; diff --git a/00146-hashlib-fips.patch b/00146-hashlib-fips.patch index 7cd79ef..3d92c34 100644 --- a/00146-hashlib-fips.patch +++ b/00146-hashlib-fips.patch @@ -167,7 +167,7 @@ constructors.add(_test_algorithm_via_hashlib_new) _hashlib = self._conditional_import_module('_hashlib') -@@ -82,26 +107,13 @@ +@@ -82,26 +107,12 @@ for algorithm, constructors in self.constructors_to_test.items(): constructor = getattr(_hashlib, 'openssl_'+algorithm, None) if constructor: @@ -192,10 +192,9 @@ - if _sha512: - add_builtin_constructor('sha384') - add_builtin_constructor('sha512') -+ # TODO: remove this after sha3 is available through OpenSSL - _sha3 = self._conditional_import_module('_sha3') - if _sha3: - add_builtin_constructor('sha3_224') + + super(HashLibTestCase, self).__init__(*args, **kwargs) + @@ -157,9 +169,6 @@ else: del sys.modules['_md5'] diff --git a/00153-fix-test_gdb-noise.patch b/00153-fix-test_gdb-noise.patch index 87c9396..8b0a76c 100644 --- a/00153-fix-test_gdb-noise.patch +++ b/00153-fix-test_gdb-noise.patch @@ -19,8 +19,8 @@ --- Lib/test/test_gdb.py.old 2012-04-11 21:04:01.367073855 -0400 +++ Lib/test/test_gdb.py 2012-04-12 08:52:58.320288761 -0400 @@ -144,6 +153,10 @@ - '"set sysroot"?', - 'warning: Source file is more recent than executable.', + 'Missing separate debuginfo for ', + 'Try: zypper install -C ', ) + ignore_patterns += ('warning: Unable to open', + 'Missing separate debuginfo for', diff --git a/00177-platform-unicode.patch b/00177-platform-unicode.patch deleted file mode 100644 index 7d847e1..0000000 --- a/00177-platform-unicode.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: Python-3.3.0/Lib/platform.py -=================================================================== ---- Python-3.3.0.orig/Lib/platform.py -+++ Python-3.3.0/Lib/platform.py -@@ -331,7 +331,7 @@ def linux_distribution(distname='', vers - return _dist_try_harder(distname,version,id) - - # Read the first line -- with open('/etc/'+file, 'r') as f: -+ with open('/etc/'+file, 'r', encoding='utf-8', errors='surrogateescape') as f: - firstline = f.readline() - _distname, _version, _id = _parse_release_file(firstline) - diff --git a/python3.spec b/python3.spec index d53f8eb..2053757 100644 --- a/python3.spec +++ b/python3.spec @@ -8,7 +8,7 @@ %global pyshortver 34 # prereleasetag -%global prerel b1 +%global prerel b2 %global pylibdir %{_libdir}/python%{pybasever} %global dynload_dir %{pylibdir}/lib-dynload @@ -53,7 +53,7 @@ %global py_INSTSONAME_optimized libpython%{LDVERSION_optimized}.so.%{py_SOVERSION} %global py_INSTSONAME_debug libpython%{LDVERSION_debug}.so.%{py_SOVERSION} -%global with_debug_build 1 +%global with_debug_build 0 %global with_gdb_hooks 1 @@ -266,10 +266,8 @@ Patch111: 00111-no-static-lib.patch Patch113: 00113-more-configuration-flags.patch # 00114 # -# Add flags for statvfs.f_flag to the constant list in posixmodule (i.e. "os") -# (rhbz:553020); partially upstream as http://bugs.python.org/issue7647 -# Not yet sent upstream -Patch114: 00114-statvfs-f_flag-constants.patch +# Upstream as of Python 3.4.0.b2 +# Patch114: 00114-statvfs-f_flag-constants.patch # 00125 # # COUNT_ALLOCS is useful for debugging, but the upstream behaviour of always @@ -381,9 +379,13 @@ Patch143: 00143-tsc-on-ppc.patch # - don't build the _md5 and _sha* modules; rely on the _hashlib implementation # of hashlib # (rhbz#563986) -# Note: for now we're using sha3 from Python tarball, not from OpenSSL, since -# OpenSSL didn't implement it yet. When OpenSSL implements it again, -# we will need to rm -rf Modules/_sha3 in prep and adapt the patch. +# Note: Up to Python 3.4.0.b1, upstream had their own implementation of what +# they assumed would become sha3. This patch was adapted to give it the +# usedforsecurity argument, even though it did nothing (OpenSSL didn't have +# sha3 implementation at that time).In 3.4.0.b2, sha3 implementation was reverted +# (see http://bugs.python.org/issue16113), but the alterations were left in the +# patch, since they may be useful again if upstream decides to rerevert sha3 +# implementation and OpenSSL still doesn't support it. For now, they're harmless. Patch146: 00146-hashlib-fips.patch # 00147 # @@ -550,11 +552,8 @@ Patch173: 00173-workaround-ENOPROTOOPT-in-bind_port.patch # Patch176: 00176-upstream-issue16754-so-extension.patch # 00177 # -# Patch for potential unicode error when determining OS release names -# http://bugs.python.org/issue17429 -# (rhbz#922149) -# Does not affect python2 (python2 uses a byte string so it doesn't need to decode) -Patch177: 00177-platform-unicode.patch +# Fixed upstream as of Python 3.4.0.b2 +# Patch177: 00177-platform-unicode.patch # 00178 # # Don't duplicate various FLAGS in sysconfig values @@ -820,7 +819,7 @@ done %patch111 -p1 # 112: not for python3 %patch113 -p1 -%patch114 -p1 +# 00114: Upstream as of Python 3.4.0.b2 %patch125 -p1 -b .less-verbose-COUNT_ALLOCS @@ -879,7 +878,7 @@ done #00174: TODO # 00175: upstream as of Python 3.3.2 # 00176: upstream as of Python 3.3.1 -%patch177 -p1 +# 00177: upstream as of Python 3.4.0.b2 %patch178 -p1 %patch179 -p1 %patch180 -p1 @@ -1413,8 +1412,6 @@ rm -fr %{buildroot} %{dynload_dir}/_pickle.%{SOABI_optimized}.so %{dynload_dir}/_posixsubprocess.%{SOABI_optimized}.so %{dynload_dir}/_random.%{SOABI_optimized}.so -# TODO: remove _sha3 when it reaches OpenSSL -%{dynload_dir}/_sha3.%{SOABI_optimized}.so %{dynload_dir}/_socket.%{SOABI_optimized}.so %{dynload_dir}/_sqlite3.%{SOABI_optimized}.so %{dynload_dir}/_ssl.%{SOABI_optimized}.so @@ -1681,8 +1678,6 @@ rm -fr %{buildroot} %{dynload_dir}/_pickle.%{SOABI_debug}.so %{dynload_dir}/_posixsubprocess.%{SOABI_debug}.so %{dynload_dir}/_random.%{SOABI_debug}.so -# TODO: remove _sha3 when it reaches OpenSSL -%{dynload_dir}/_sha3.%{SOABI_debug}.so %{dynload_dir}/_socket.%{SOABI_debug}.so %{dynload_dir}/_sqlite3.%{SOABI_debug}.so %{dynload_dir}/_ssl.%{SOABI_debug}.so @@ -1760,6 +1755,11 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Wed Jan 08 2014 Bohuslav Kabrda - 3.4.0-0.1.b2 +- Update to Python 3.4 beta 2. +- Refreshed patches: 55 (systemtap), 146 (hashlib-fips), 154 (test_gdb noise) +- Dropped patches: 114 (statvfs constants), 177 (platform unicode) + * Mon Nov 25 2013 Bohuslav Kabrda - 3.4.0-0.1.b1 - Update to Python 3.4 beta 1. - Refreshed patches: 102 (lib64), 111 (no static lib), 125 (less verbose COUNT From de14a01ddc9cc2cd7a5209020ad5460c3dcab7a6 Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Wed, 8 Jan 2014 10:37:25 +0100 Subject: [PATCH 17/32] Temporarily add BR: net-tools to workaround upstream reported test issue --- python3.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/python3.spec b/python3.spec index 2053757..efe5d3b 100644 --- a/python3.spec +++ b/python3.spec @@ -161,6 +161,8 @@ BuildRequires: libffi-devel BuildRequires: libGL-devel BuildRequires: libX11-devel BuildRequires: ncurses-devel +# workaround http://bugs.python.org/issue19804 (test_uuid requires ifconfig) +BuildRequires: net-tools BuildRequires: openssl-devel BuildRequires: pkgconfig BuildRequires: readline-devel From db2025edc1db34cf911aacf07e32cc9cef189608 Mon Sep 17 00:00:00 2001 From: Slavek Kabrda Date: Thu, 9 Jan 2014 15:23:20 +0100 Subject: [PATCH 18/32] Fix tests introduced in beta 2 failing because of COUNT_ALLOCS --- 00141-fix-tests_with_COUNT_ALLOCS.patch | 53 +++++++++++++++++++++++++ python3.spec | 8 ++-- 2 files changed, 58 insertions(+), 3 deletions(-) diff --git a/00141-fix-tests_with_COUNT_ALLOCS.patch b/00141-fix-tests_with_COUNT_ALLOCS.patch index 44be26e..0c19f2a 100644 --- a/00141-fix-tests_with_COUNT_ALLOCS.patch +++ b/00141-fix-tests_with_COUNT_ALLOCS.patch @@ -68,3 +68,56 @@ diff -r e245b0d7209b Lib/test/test_module.py def test_module_finalization_at_shutdown(self): # Module globals and builtins should still be available during shutdown rc, out, err = assert_python_ok("-c", "from test import final_a") +--- a/Lib/test/test_io.py.orig 2014-01-09 14:43:44.000000000 +0100 ++++ b/Lib/test/test_io.py 2014-01-09 14:50:30.839597351 +0100 +@@ -2611,6 +2611,8 @@ + """.format(iomod=iomod, kwargs=kwargs) + return assert_python_ok("-c", code) + ++ @unittest.skipIf(hasattr(sys, 'getrefcount'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_create_at_shutdown_without_encoding(self): + rc, out, err = self._check_create_at_shutdown() + if err: +@@ -2621,6 +2623,8 @@ + else: + self.assertEqual("ok", out.decode().strip()) + ++ @unittest.skipIf(hasattr(sys, 'getrefcount'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_create_at_shutdown_with_encoding(self): + rc, out, err = self._check_create_at_shutdown(encoding='utf-8', + errors='strict') +--- a/Lib/test/test_logging.py.orig 2014-01-09 14:53:07.016388198 +0100 ++++ b/Lib/test/test_logging.py 2014-01-09 14:54:25.654282973 +0100 +@@ -3398,6 +3398,8 @@ + logging.setLoggerClass(logging.Logger) + self.assertEqual(logging.getLoggerClass(), logging.Logger) + ++ @unittest.skipIf(hasattr(sys, 'getcounts'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_logging_at_shutdown(self): + # Issue #20037 + code = """if 1: +--- a/Lib/test/test_threading.py.orig 2014-01-09 15:09:23.902063074 +0100 ++++ b/Lib/test/test_threading.py 2014-01-09 15:09:07.622085202 +0100 +@@ -617,6 +617,8 @@ + t.join() + self.assertRaises(ValueError, bs.release) + ++ @unittest.skipIf(hasattr(sys, 'getcounts'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_locals_at_exit(self): + # Issue #19466: thread locals must not be deleted before destructors + # are called +--- a/Lib/test/test_warnings.py.orig 2014-01-09 15:10:12.454997100 +0100 ++++ b/Lib/test/test_warnings.py 2014-01-09 15:11:14.028913478 +0100 +@@ -801,6 +801,8 @@ + self.assertEqual(retcode, 0) + + class FinalizationTest(unittest.TestCase): ++ @unittest.skipIf(hasattr(sys, 'getcounts'), ++ 'types are immortal if COUNT_ALLOCS is used') + def test_finalization(self): + # Issue #19421: warnings.warn() should not crash + # during Python finalization diff --git a/python3.spec b/python3.spec index efe5d3b..f40cf34 100644 --- a/python3.spec +++ b/python3.spec @@ -53,7 +53,7 @@ %global py_INSTSONAME_optimized libpython%{LDVERSION_optimized}.so.%{py_SOVERSION} %global py_INSTSONAME_debug libpython%{LDVERSION_debug}.so.%{py_SOVERSION} -%global with_debug_build 0 +%global with_debug_build 1 %global with_gdb_hooks 1 @@ -345,8 +345,10 @@ Patch140: python3-arm-skip-failing-fragile-test.patch # to be relevant for python3 # 00141 # -# Fix test_gc and test_module tests for case when configured with COUNT_ALLOCS: -# http://bugs.python.org/issue19527 +# Fix tests for case when tests for case when configured with +# COUNT_ALLOCS (debug build): http://bugs.python.org/issue19527 +# Applies to: test_gc, test_module, test_io, test_logging, test_warnings, +# test_threading Patch141: 00141-fix-tests_with_COUNT_ALLOCS.patch # 00143 # From e9b7bf0d4baa2fa3a0ce39fc2377e5d5d9252639 Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Fri, 7 Mar 2014 10:59:27 +0100 Subject: [PATCH 19/32] Update to Python 3.4 RC2 --- 00141-fix-tests_with_COUNT_ALLOCS.patch | 20 +++++--------------- python3.spec | 2 +- 2 files changed, 6 insertions(+), 16 deletions(-) diff --git a/00141-fix-tests_with_COUNT_ALLOCS.patch b/00141-fix-tests_with_COUNT_ALLOCS.patch index 0c19f2a..7193a8d 100644 --- a/00141-fix-tests_with_COUNT_ALLOCS.patch +++ b/00141-fix-tests_with_COUNT_ALLOCS.patch @@ -99,21 +99,11 @@ diff -r e245b0d7209b Lib/test/test_module.py def test_logging_at_shutdown(self): # Issue #20037 code = """if 1: ---- a/Lib/test/test_threading.py.orig 2014-01-09 15:09:23.902063074 +0100 -+++ b/Lib/test/test_threading.py 2014-01-09 15:09:07.622085202 +0100 -@@ -617,6 +617,8 @@ - t.join() - self.assertRaises(ValueError, bs.release) - -+ @unittest.skipIf(hasattr(sys, 'getcounts'), -+ 'types are immortal if COUNT_ALLOCS is used') - def test_locals_at_exit(self): - # Issue #19466: thread locals must not be deleted before destructors - # are called ---- a/Lib/test/test_warnings.py.orig 2014-01-09 15:10:12.454997100 +0100 -+++ b/Lib/test/test_warnings.py 2014-01-09 15:11:14.028913478 +0100 -@@ -801,6 +801,8 @@ - self.assertEqual(retcode, 0) + +--- a/Lib/test/test_warnings.py.orig 2014-01-09 15:10:12.454997100 +0100 ++++ b/Lib/test/test_warnings.py 2014-01-09 15:11:14.028913478 +0100 +@@ -780,6 +780,8 @@ + assert_python_ok('-c', 'pass', '-W', 'always', PYTHONPATH=cwd) class FinalizationTest(unittest.TestCase): + @unittest.skipIf(hasattr(sys, 'getcounts'), diff --git a/python3.spec b/python3.spec index f40cf34..9967e52 100644 --- a/python3.spec +++ b/python3.spec @@ -8,7 +8,7 @@ %global pyshortver 34 # prereleasetag -%global prerel b2 +%global prerel rc2 %global pylibdir %{_libdir}/python%{pybasever} %global dynload_dir %{pylibdir}/lib-dynload From 11fb599edb14569b903abafeed7fd2349d96dfbf Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Tue, 15 Apr 2014 09:52:32 +0200 Subject: [PATCH 20/32] Update to Python 3.4 final Also merge patches from master and add the rewheel module --- 00189-add-rewheel-module.patch | 224 ++++++++++++++++++ 00190-fix-tests-with-sqlite-3.8.4.patch | 21 ++ ...num-of-pycfile-bytes-in-modulefinder.patch | 65 +++++ python3.spec | 53 ++++- 4 files changed, 358 insertions(+), 5 deletions(-) create mode 100644 00189-add-rewheel-module.patch create mode 100644 00190-fix-tests-with-sqlite-3.8.4.patch create mode 100644 00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch diff --git a/00189-add-rewheel-module.patch b/00189-add-rewheel-module.patch new file mode 100644 index 0000000..ad80e9f --- /dev/null +++ b/00189-add-rewheel-module.patch @@ -0,0 +1,224 @@ +unchanged: +--- Python-3.4.0rc3/Lib/ensurepip/__init__.py 2014-03-10 07:56:33.000000000 +0100 ++++ Python-3.4.0rc3-rewheel/Lib/ensurepip/__init__.py 2014-03-12 09:57:12.917120853 +0100 +@@ -1,8 +1,10 @@ + import os + import os.path + import pkgutil ++import shutil + import sys + import tempfile ++from ensurepip import rewheel + + + __all__ = ["version", "bootstrap"] +@@ -38,6 +40,8 @@ def _run_pip(args, additional_paths=None + + # Install the bundled software + import pip ++ if args[0] in ["install", "list", "wheel"]: ++ args.append('--pre') + pip.main(args) + + +@@ -87,20 +90,40 @@ def bootstrap(*, root=None, upgrade=Fals + # omit pip and easy_install + os.environ["ENSUREPIP_OPTIONS"] = "install" + +- with tempfile.TemporaryDirectory() as tmpdir: +- # Put our bundled wheels into a temporary directory and construct the +- # additional paths that need added to sys.path +- additional_paths = [] ++ whls = [] ++ rewheel_dir = None ++ # try to see if we have system-wide versions of _PROJECTS ++ dep_records = rewheel.find_system_records([p[0] for p in _PROJECTS]) ++ # TODO: check if system-wide versions are the newest ones ++ # if --upgrade is used? ++ if all(dep_records): ++ # if we have all _PROJECTS installed system-wide, we'll recreate ++ # wheels from them and install those ++ rewheel_dir = tempfile.TemporaryDirectory() ++ for dr in dep_records: ++ new_whl = rewheel.rewheel_from_record(dr, rewheel_dir.name) ++ whls.append(os.path.join(rewheel_dir.name, new_whl)) ++ else: ++ # if we don't have all the _PROJECTS installed system-wide, ++ # let's just fall back to bundled wheels + for project, version in _PROJECTS: +- wheel_name = "{}-{}-py2.py3-none-any.whl".format(project, version) +- whl = pkgutil.get_data( ++ whl = os.path.join( ++ os.path.dirname(__file__), + "ensurepip", +- "_bundled/{}".format(wheel_name), ++ "bundled", ++ "{}-{}-py2.py3-none-any.whl".format(project, version) + ) +- with open(os.path.join(tmpdir, wheel_name), "wb") as fp: +- fp.write(whl) ++ whls.append(whl) + +- additional_paths.append(os.path.join(tmpdir, wheel_name)) ++ with tempfile.TemporaryDirectory() as tmpdir: ++ # Put our bundled wheels into a temporary directory and construct the ++ # additional paths that need added to sys.path ++ additional_paths = [] ++ for whl in whls: ++ shutil.copy(whl, tmpdir) ++ additional_paths.append(os.path.join(tmpdir, os.path.basename(whl))) ++ if rewheel_dir: ++ rewheel_dir.cleanup() + + # Construct the arguments to be passed to the pip command + args = ["install", "--no-index", "--find-links", tmpdir] +unchanged: +--- Python-3.4.0rc3/Lib/ensurepip/rewheel/__init__.py 1970-01-01 01:00:00.000000000 +0100 ++++ Python-3.4.0rc3-rewheel/Lib/ensurepip/rewheel/__init__.py 2014-03-12 09:55:30.413152104 +0100 +@@ -0,0 +1,133 @@ ++import argparse ++import csv ++import email.parser ++import os ++import io ++import re ++import site ++import subprocess ++import sys ++import zipfile ++ ++def run(): ++ parser = argparse.ArgumentParser(description='Recreate wheel of package with given RECORD.') ++ parser.add_argument('record_path', ++ help='Path to RECORD file') ++ parser.add_argument('-o', '--output-dir', ++ help='Dir where to place the wheel, defaults to current working dir.', ++ dest='outdir', ++ default=os.path.curdir) ++ ++ ns = parser.parse_args() ++ retcode = 0 ++ try: ++ print(rewheel_from_record(**vars(ns))) ++ except BaseException as e: ++ print('Failed: {}'.format(e)) ++ retcode = 1 ++ sys.exit(1) ++ ++def find_system_records(projects): ++ """Return list of paths to RECORD files for system-installed projects. ++ ++ If a project is not installed, the resulting list contains None instead ++ of a path to its RECORD ++ """ ++ records = [] ++ # get system site-packages dirs ++ sys_sitepack = site.getsitepackages([sys.base_prefix, sys.base_exec_prefix]) ++ sys_sitepack = [sp for sp in sys_sitepack if os.path.exists(sp)] ++ # try to find all projects in all system site-packages ++ for project in projects: ++ path = None ++ for sp in sys_sitepack: ++ dist_info_re = os.path.join(sp, project) + '-[^\{0}]+\.dist-info'.format(os.sep) ++ candidates = [os.path.join(sp, p) for p in os.listdir(sp)] ++ # filter out candidate dirs based on the above regexp ++ filtered = [c for c in candidates if re.match(dist_info_re, c)] ++ # if we have 0 or 2 or more dirs, something is wrong... ++ if len(filtered) == 1: ++ path = filtered[0] ++ records.append(os.path.join(path, 'RECORD')) ++ return records ++ ++def rewheel_from_record(record_path, outdir): ++ """Recreates a whee of package with given record_path and returns path ++ to the newly created wheel.""" ++ site_dir = os.path.dirname(os.path.dirname(record_path)) ++ record_relpath = record_path[len(site_dir):].strip(os.path.sep) ++ to_write, to_omit = get_records_to_pack(site_dir, record_relpath) ++ new_wheel_name = get_wheel_name(record_path) ++ new_wheel_path = os.path.join(outdir, new_wheel_name + '.whl') ++ ++ new_wheel = zipfile.ZipFile(new_wheel_path, mode='w', compression=zipfile.ZIP_DEFLATED) ++ # we need to write a new record with just the files that we will write, ++ # e.g. not binaries and *.pyc/*.pyo files ++ new_record = io.StringIO() ++ writer = csv.writer(new_record) ++ ++ # handle files that we can write straight away ++ for f, sha_hash, size in to_write: ++ new_wheel.write(os.path.join(site_dir, f), arcname=f) ++ writer.writerow([f, sha_hash,size]) ++ ++ # rewrite the old wheel file with a new computed one ++ writer.writerow([record_relpath, '', '']) ++ new_wheel.writestr(record_relpath, new_record.getvalue()) ++ ++ new_wheel.close() ++ ++ return new_wheel.filename ++ ++def get_wheel_name(record_path): ++ """Return proper name of the wheel, without .whl.""" ++ wheel_info_path = os.path.join(os.path.dirname(record_path), 'WHEEL') ++ wheel_info = email.parser.Parser().parsestr(open(wheel_info_path).read()) ++ metadata_path = os.path.join(os.path.dirname(record_path), 'METADATA') ++ metadata = email.parser.Parser().parsestr(open(metadata_path).read()) ++ ++ # construct name parts according to wheel spec ++ distribution = metadata.get('Name') ++ version = metadata.get('Version') ++ build_tag = '' # nothing for now ++ lang_tag = [] ++ for t in wheel_info.get_all('Tag'): ++ lang_tag.append(t.split('-')[0]) ++ lang_tag = '.'.join(lang_tag) ++ abi_tag, plat_tag = wheel_info.get('Tag').split('-')[1:3] ++ # leave out build tag, if it is empty ++ to_join = filter(None, [distribution, version, build_tag, lang_tag, abi_tag, plat_tag]) ++ return '-'.join(list(to_join)) ++ ++def get_records_to_pack(site_dir, record_relpath): ++ """Accepts path of sitedir and path of RECORD file relative to it. ++ Returns two lists: ++ - list of files that can be written to new RECORD straight away ++ - list of files that shouldn't be written or need some processing ++ (pyc and pyo files, scripts) ++ """ ++ record_contents = open(os.path.join(site_dir, record_relpath)).read() ++ # temporary fix for https://github.com/pypa/pip/issues/1376 ++ # we need to ignore files under ".data" directory ++ data_dir = os.path.dirname(record_relpath).strip(os.path.sep) ++ data_dir = data_dir[:-len('dist-info')] + 'data' ++ ++ to_write = [] ++ to_omit = [] ++ for l in record_contents.splitlines(): ++ spl = l.split(',') ++ if len(spl) == 3: ++ # new record will omit (or write differently): ++ # - abs paths, paths with ".." (entry points), ++ # - pyc+pyo files ++ # - the old RECORD file ++ # TODO: is there any better way to recognize an entry point? ++ if os.path.isabs(spl[0]) or spl[0].startswith('..') or \ ++ spl[0].endswith('.pyc') or spl[0].endswith('.pyo') or \ ++ spl[0] == record_relpath or spl[0].startswith(data_dir): ++ to_omit.append(spl) ++ else: ++ to_write.append(spl) ++ else: ++ pass # bad RECORD or empty line ++ return to_write, to_omit +only in patch2: +unchanged: +--- Python-3.4.0/Makefile.pre.in 2014-04-01 12:02:48.188136172 +0200 ++++ Python-3.4.0-new/Makefile.pre.in 2014-04-01 12:03:23.770394025 +0200 +@@ -1140,7 +1140,7 @@ LIBSUBDIRS= tkinter tkinter/test tkinter + test/test_asyncio \ + collections concurrent concurrent/futures encodings \ + email email/mime test/test_email test/test_email/data \ +- ensurepip ensurepip/_bundled \ ++ ensurepip ensurepip/_bundled ensurepip/rewheel \ + html json test/test_json http dbm xmlrpc \ + sqlite3 sqlite3/test \ + logging csv wsgiref urllib \ diff --git a/00190-fix-tests-with-sqlite-3.8.4.patch b/00190-fix-tests-with-sqlite-3.8.4.patch new file mode 100644 index 0000000..8a94f5c --- /dev/null +++ b/00190-fix-tests-with-sqlite-3.8.4.patch @@ -0,0 +1,21 @@ + +# HG changeset patch +# User Benjamin Peterson +# Date 1394679139 18000 +# Node ID 4d626a9df062104b61c44c8a5be8b0fd52fae953 +# Parent 6f93ab911d5dafcde364013e21723259fe2c85a8# Parent dbc9e3ed5e9f1bd11240eaa971f6c75d6a7013b5 +merge 3.3 (#20901) + +diff --git a/Lib/sqlite3/test/hooks.py b/Lib/sqlite3/test/hooks.py +--- a/Lib/sqlite3/test/hooks.py ++++ b/Lib/sqlite3/test/hooks.py +@@ -162,7 +162,7 @@ class ProgressTests(unittest.TestCase): + create table bar (a, b) + """) + second_count = len(progress_calls) +- self.assertGreater(first_count, second_count) ++ self.assertGreaterEqual(first_count, second_count) + + def CheckCancelOperation(self): + """ + diff --git a/00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch b/00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch new file mode 100644 index 0000000..4a82309 --- /dev/null +++ b/00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch @@ -0,0 +1,65 @@ + +# HG changeset patch +# User Brett Cannon +# Date 1393602285 18000 +# Node ID 432cb56db05d73f55d211501bf0dfc767768923b +# Parent ade5e4922a54cb84c99ec924ab7c700a014893da +Issue #20778: Fix modulefinder to work with bytecode-only modules. + +Bug filed and initial attempt at a patch by Bohuslav Kabrda. + +diff --git a/Lib/modulefinder.py b/Lib/modulefinder.py +--- a/Lib/modulefinder.py ++++ b/Lib/modulefinder.py +@@ -290,7 +290,7 @@ class ModuleFinder: + if fp.read(4) != imp.get_magic(): + self.msgout(2, "raise ImportError: Bad magic number", pathname) + raise ImportError("Bad magic number in %s" % pathname) +- fp.read(4) ++ fp.read(8) # Skip mtime and size. + co = marshal.load(fp) + else: + co = None +diff --git a/Lib/test/test_modulefinder.py b/Lib/test/test_modulefinder.py +--- a/Lib/test/test_modulefinder.py ++++ b/Lib/test/test_modulefinder.py +@@ -1,5 +1,7 @@ + import os + import errno ++import importlib.machinery ++import py_compile + import shutil + import unittest + import tempfile +@@ -208,6 +210,14 @@ a/module.py + from . import * + """] + ++bytecode_test = [ ++ "a", ++ ["a"], ++ [], ++ [], ++ "" ++] ++ + + def open_file(path): + dirname = os.path.dirname(path) +@@ -288,6 +298,16 @@ class ModuleFinderTest(unittest.TestCase + def test_relative_imports_4(self): + self._do_test(relative_import_test_4) + ++ def test_bytecode(self): ++ base_path = os.path.join(TEST_DIR, 'a') ++ source_path = base_path + importlib.machinery.SOURCE_SUFFIXES[0] ++ bytecode_path = base_path + importlib.machinery.BYTECODE_SUFFIXES[0] ++ with open_file(source_path) as file: ++ file.write('testing_modulefinder = True\n') ++ py_compile.compile(source_path, cfile=bytecode_path) ++ os.remove(source_path) ++ self._do_test(bytecode_test) ++ + + def test_main(): + support.run_unittest(ModuleFinderTest) diff --git a/python3.spec b/python3.spec index 9967e52..e152006 100644 --- a/python3.spec +++ b/python3.spec @@ -2,14 +2,13 @@ # Conditionals and other variables controlling the build # ====================================================== +%global with_rewheel 0 + %global pybasever 3.4 # pybasever without the dot: %global pyshortver 34 -# prereleasetag -%global prerel rc2 - %global pylibdir %{_libdir}/python%{pybasever} %global dynload_dir %{pylibdir}/lib-dynload @@ -129,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.0 -Release: %{?prerel:0.}1%{?prerel:.%{prerel}}%{?dist} +Release: 1%{?dist} License: Python Group: Development/Languages @@ -187,12 +186,17 @@ BuildRequires: valgrind-devel BuildRequires: xz-devel BuildRequires: zlib-devel +%if 0%{?with_rewheel} +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%endif + # ======================= # Source code and patches # ======================= -Source: http://www.python.org/ftp/python/%{version}/Python-%{version}%{?prerel}.tar.xz +Source: http://www.python.org/ftp/python/%{version}/Python-%{version}.tar.xz # Avoid having various bogus auto-generated Provides lines for the various # python c modules' SONAMEs: @@ -632,6 +636,28 @@ Patch186: 00186-dont-raise-from-py_compile.patch # relying on this will fail (test_filename_changing_on_output_single_dir) Patch188: 00188-fix-lib2to3-tests-when-hashlib-doesnt-compile-properly.patch +# 00189 # +# +# Add the rewheel module, allowing to recreate wheels from already installed +# ones +# https://github.com/bkabrda/rewheel +%if 0%{with_rewheel} +Patch189: 00189-add-rewheel-module.patch +%endif + +# 00190 # +# +# Fix tests with SQLite >= 3.8.4 +# http://bugs.python.org/issue20901 +# http://hg.python.org/cpython/rev/4d626a9df062 +Patch190: 00190-fix-tests-with-sqlite-3.8.4.patch + +# 00193 +# +# Skip correct number of *.pyc file bytes in ModuleFinder.load_module +# rhbz#1060338 +# http://bugs.python.org/issue20778 +Patch193: 00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch # (New patches go here ^^^) # @@ -895,6 +921,13 @@ done # 00187: upstream as of Python 3.4.0b1 %patch188 -p1 +%if 0%{with_rewheel} +%patch189 -p1 +%endif + +%patch190 -p1 +%patch193 -p1 + # Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there # are many differences between 2.6 and the Python 3 library. # @@ -1506,6 +1539,11 @@ rm -fr %{buildroot} %{pylibdir}/ensurepip/__pycache__/*%{bytecode_suffixes} %exclude %{pylibdir}/ensurepip/_bundled +%dir %{pylibdir}/ensurepip/rewheel/ +%dir %{pylibdir}/ensurepip/rewheel/__pycache__/ +%{pylibdir}/ensurepip/rewheel/*.py +%{pylibdir}/ensurepip/rewheel/__pycache__/*%{bytecode_suffixes} + %{pylibdir}/html %{pylibdir}/http %{pylibdir}/idlelib @@ -1759,6 +1797,11 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Tue Apr 15 2014 Matej Stuchlik - 3.4.0-1 +- Update to Python 3.4 final +- Add patch adding the rewheel module +- Merge patches from master + * Wed Jan 08 2014 Bohuslav Kabrda - 3.4.0-0.1.b2 - Update to Python 3.4 beta 2. - Refreshed patches: 55 (systemtap), 146 (hashlib-fips), 154 (test_gdb noise) From c0b9737a796625319337578f2c29f8c7bf901a3b Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Tue, 15 Apr 2014 11:07:53 +0200 Subject: [PATCH 21/32] Upload new sources --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index acfd2af..3f1acf8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -c94b78ea3b68a9bbc9906af4d5b4fdc7 Python-3.3.2.tar.xz +77c22725e14af3d71022cbfdebff4903 Python-3.4.0.tar.xz From 7d579ea103c5cfaedfc229aea45f49db3dd0c361 Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Fri, 18 Apr 2014 09:50:21 +0200 Subject: [PATCH 22/32] Temporarily disable tests requiring SIGHUP (rhbz#1088233) --- python3.spec | 12 ++++++++- ...arily-disable-tests-requiring-SIGHUP.patch | 25 +++++++++++++++++++ 2 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 temporarily-disable-tests-requiring-SIGHUP.patch diff --git a/python3.spec b/python3.spec index e152006..54b4f31 100644 --- a/python3.spec +++ b/python3.spec @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.0 -Release: 1%{?dist} +Release: 2%{?dist} License: Python Group: Development/Languages @@ -659,6 +659,10 @@ Patch190: 00190-fix-tests-with-sqlite-3.8.4.patch # http://bugs.python.org/issue20778 Patch193: 00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch +# Tests requiring SIGHUP to work don't work in Koji +# see rhbz#1088233 +Patch194: temporarily-disable-tests-requiring-SIGHUP.patch + # (New patches go here ^^^) # # When adding new patches to "python" and "python3" in Fedora 17 onwards, @@ -927,6 +931,7 @@ done %patch190 -p1 %patch193 -p1 +%patch194 -p1 # Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there # are many differences between 2.6 and the Python 3 library. @@ -1539,10 +1544,12 @@ rm -fr %{buildroot} %{pylibdir}/ensurepip/__pycache__/*%{bytecode_suffixes} %exclude %{pylibdir}/ensurepip/_bundled +%if 0%{?with_rewheel} %dir %{pylibdir}/ensurepip/rewheel/ %dir %{pylibdir}/ensurepip/rewheel/__pycache__/ %{pylibdir}/ensurepip/rewheel/*.py %{pylibdir}/ensurepip/rewheel/__pycache__/*%{bytecode_suffixes} +%endif %{pylibdir}/html %{pylibdir}/http @@ -1797,6 +1804,9 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Tue Apr 15 2014 Matej Stuchlik - 3.4.0-2 +- Temporarily disable tests requiring SIGHUP (rhbz#1088233) + * Tue Apr 15 2014 Matej Stuchlik - 3.4.0-1 - Update to Python 3.4 final - Add patch adding the rewheel module diff --git a/temporarily-disable-tests-requiring-SIGHUP.patch b/temporarily-disable-tests-requiring-SIGHUP.patch new file mode 100644 index 0000000..130970f --- /dev/null +++ b/temporarily-disable-tests-requiring-SIGHUP.patch @@ -0,0 +1,25 @@ +diff -up Python-3.4.0/Lib/test/test_asyncio/test_events.py.orig Python-3.4.0/Lib/test/test_asyncio/test_events.py +--- Python-3.4.0/Lib/test/test_asyncio/test_events.py.orig 2014-04-15 13:18:49.696215288 +0200 ++++ Python-3.4.0/Lib/test/test_asyncio/test_events.py 2014-04-15 13:18:56.104258453 +0200 +@@ -1528,7 +1528,7 @@ class SubprocessTestsMixin: + self.loop.run_until_complete(proto.completed) + self.check_terminated(proto.returncode) + +- @unittest.skipIf(sys.platform == 'win32', "Don't have SIGHUP") ++ @unittest.skipIf(True, "Temporarily skipped (rhbz#1088233)") + def test_subprocess_send_signal(self): + proto = None + transp = None + +diff -up Python-3.4.0/Lib/test/test_asyncio/test_subprocess.py.orig Python-3.4.0/Lib/test/test_asyncio/test_subprocess.py +--- Python-3.4.0/Lib/test/test_asyncio/test_subprocess.py.orig 2014-04-17 12:03:32.777827520 +0200 ++++ Python-3.4.0/Lib/test/test_asyncio/test_subprocess.py 2014-04-17 12:04:37.614210481 +0200 +@@ -108,7 +108,7 @@ class SubprocessMixin: + else: + self.assertEqual(-signal.SIGTERM, returncode) + +- @unittest.skipIf(sys.platform == 'win32', "Don't have SIGHUP") ++ @unittest.skipIf(True, "Temporarily skipped (rhbz#1088233)") + def test_send_signal(self): + args = PROGRAM_BLOCKED + create = asyncio.create_subprocess_exec(*args, loop=self.loop) From 516eb7a2338eafeb82ac18519e0f530334b1339a Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Tue, 29 Apr 2014 11:26:29 +0200 Subject: [PATCH 23/32] Point __os_install_post to correct brp-* files New version of redhat-rpm-cofig no longer contains them in /usr/lib/rpm/redhat --- python3.spec | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/python3.spec b/python3.spec index 54b4f31..521cce6 100644 --- a/python3.spec +++ b/python3.spec @@ -84,11 +84,11 @@ # (/usr/bin/python, rather than the freshly built python), thus leading to # numerous syntax errors, and incorrect magic numbers in the .pyc files. We # thus override __os_install_post to avoid invoking this script: -%global __os_install_post /usr/lib/rpm/redhat/brp-compress \ - %{!?__debug_package:/usr/lib/rpm/redhat/brp-strip %{__strip}} \ - /usr/lib/rpm/redhat/brp-strip-static-archive %{__strip} \ - /usr/lib/rpm/redhat/brp-strip-comment-note %{__strip} %{__objdump} \ - /usr/lib/rpm/redhat/brp-python-hardlink +%global __os_install_post /usr/lib/rpm/brp-compress \ + %{!?__debug_package:/usr/lib/rpm/brp-strip %{__strip}} \ + /usr/lib/rpm/brp-strip-static-archive %{__strip} \ + /usr/lib/rpm/brp-strip-comment-note %{__strip} %{__objdump} \ + /usr/lib/rpm/brp-python-hardlink # to remove the invocation of brp-python-bytecompile, whilst keeping the # invocation of brp-python-hardlink (since this should still work for python3 # pyc/pyo files) @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.0 -Release: 2%{?dist} +Release: 3%{?dist} License: Python Group: Development/Languages @@ -1804,6 +1804,9 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Tue Apr 29 2014 Matej Stuchlik - 3.4.0-3 +- Point __os_install_post to correct brp-* files + * Tue Apr 15 2014 Matej Stuchlik - 3.4.0-2 - Temporarily disable tests requiring SIGHUP (rhbz#1088233) From 86b7a9ddd956a4f3f72ef992b05f58fab25a2d43 Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Tue, 29 Apr 2014 14:30:05 +0200 Subject: [PATCH 24/32] Build with rewheel --- python3.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python3.spec b/python3.spec index 521cce6..7878923 100644 --- a/python3.spec +++ b/python3.spec @@ -2,7 +2,7 @@ # Conditionals and other variables controlling the build # ====================================================== -%global with_rewheel 0 +%global with_rewheel 1 %global pybasever 3.4 From f498010aff91098dbc3b3e7f8eb364f0c9d2b39a Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Mon, 12 May 2014 09:51:48 +0200 Subject: [PATCH 25/32] Add setuptools and pip to Requires --- python3.spec | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/python3.spec b/python3.spec index 7878923..4069f50 100644 --- a/python3.spec +++ b/python3.spec @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.0 -Release: 3%{?dist} +Release: 4%{?dist} License: Python Group: Development/Languages @@ -701,6 +701,11 @@ Provides: python(abi) = %{pybasever} Requires: %{name}-libs%{?_isa} = %{version}-%{release} +%if 0%{with_rewheel} +Requires: python-setuptools +Requires: python-pip +%endif + %description Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially @@ -1804,6 +1809,9 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Mon May 12 2014 Matej Stuchlik - 3.4.0-4 +- Add setuptools and pip to Requires + * Tue Apr 29 2014 Matej Stuchlik - 3.4.0-3 - Point __os_install_post to correct brp-* files From 06247262fead50272b205e7b98e99450c31cacd3 Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Fri, 16 May 2014 15:11:42 +0200 Subject: [PATCH 26/32] Don't add declaration-after-statement for extension modules --- ...d-Werror-declaration-after-statement.patch | 86 +++++++++++++++++++ python3.spec | 14 ++- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 00195-dont-add-Werror-declaration-after-statement.patch diff --git a/00195-dont-add-Werror-declaration-after-statement.patch b/00195-dont-add-Werror-declaration-after-statement.patch new file mode 100644 index 0000000..506d9ea --- /dev/null +++ b/00195-dont-add-Werror-declaration-after-statement.patch @@ -0,0 +1,86 @@ +diff --git a/Makefile.pre.in b/Makefile.pre.in +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -71,12 +71,17 @@ + BASECFLAGS= @BASECFLAGS@ + BASECPPFLAGS= @BASECPPFLAGS@ + CONFIGURE_CFLAGS= @CFLAGS@ ++# CFLAGS_NODIST is used for building the interpreter and stdlib C extensions. ++# Use it when a compiler flag should _not_ be part of the distutils CFLAGS ++# once Python is installed (Issue #21121). ++CONFIGURE_CFLAGS_NODIST=@CFLAGS_NODIST@ + CONFIGURE_CPPFLAGS= @CPPFLAGS@ + CONFIGURE_LDFLAGS= @LDFLAGS@ + # Avoid assigning CFLAGS, LDFLAGS, etc. so users can use them on the + # command line to append to these values without stomping the pre-set + # values. + PY_CFLAGS= $(BASECFLAGS) $(OPT) $(CONFIGURE_CFLAGS) $(CFLAGS) $(EXTRA_CFLAGS) ++PY_CFLAGS_NODIST=$(CONFIGURE_CFLAGS_NODIST) $(CFLAGS_NODIST) + # Both CPPFLAGS and LDFLAGS need to contain the shell's value for setup.py to + # be able to build extension modules using the directories specified in the + # environment variables +@@ -91,7 +96,7 @@ + # Extra C flags added for building the interpreter object files. + CFLAGSFORSHARED=@CFLAGSFORSHARED@ + # C flags used for building the interpreter object files +-PY_CORE_CFLAGS= $(PY_CFLAGS) $(PY_CPPFLAGS) $(CFLAGSFORSHARED) -DPy_BUILD_CORE ++PY_CORE_CFLAGS= $(PY_CFLAGS) $(PY_CFLAGS_NODIST) $(PY_CPPFLAGS) $(CFLAGSFORSHARED) -DPy_BUILD_CORE + + + # Machine-dependent subdirectories +diff --git a/configure b/configure +--- a/configure ++++ b/configure +@@ -662,6 +662,7 @@ + LIBTOOL_CRUFT + OTHER_LIBTOOL_OPT + UNIVERSAL_ARCH_FLAGS ++CFLAGS_NODIST + BASECFLAGS + OPT + ABIFLAGS +@@ -6504,7 +6505,7 @@ + + if test $ac_cv_declaration_after_statement_warning = yes + then +- BASECFLAGS="$BASECFLAGS -Werror=declaration-after-statement" ++ CFLAGS_NODIST="$CFLAGS_NODIST -Werror=declaration-after-statement" + fi + + # if using gcc on alpha, use -mieee to get (near) full IEEE 754 +diff --git a/configure.ac b/configure.ac +--- a/configure.ac ++++ b/configure.ac +@@ -1147,6 +1147,7 @@ + fi + + AC_SUBST(BASECFLAGS) ++AC_SUBST(CFLAGS_NODIST) + + # The -arch flags for universal builds on OSX + UNIVERSAL_ARCH_FLAGS= +@@ -1231,7 +1232,7 @@ + + if test $ac_cv_declaration_after_statement_warning = yes + then +- BASECFLAGS="$BASECFLAGS -Werror=declaration-after-statement" ++ CFLAGS_NODIST="$CFLAGS_NODIST -Werror=declaration-after-statement" + fi + + # if using gcc on alpha, use -mieee to get (near) full IEEE 754 +diff --git a/setup.py b/setup.py +--- a/setup.py ++++ b/setup.py +@@ -19,6 +19,12 @@ + + cross_compiling = "_PYTHON_HOST_PLATFORM" in os.environ + ++# Add special CFLAGS reserved for building the interpreter and the stdlib ++# modules (Issue #21121). ++cflags = sysconfig.get_config_var('CFLAGS') ++py_cflags_nodist = sysconfig.get_config_var('PY_CFLAGS_NODIST') ++sysconfig.get_config_vars()['CFLAGS'] = cflags + ' ' + py_cflags_nodist ++ + def get_platform(): + # cross build + if "_PYTHON_HOST_PLATFORM" in os.environ: diff --git a/python3.spec b/python3.spec index 4069f50..6425f47 100644 --- a/python3.spec +++ b/python3.spec @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.0 -Release: 4%{?dist} +Release: 5%{?dist} License: Python Group: Development/Languages @@ -663,6 +663,13 @@ Patch193: 00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch # see rhbz#1088233 Patch194: temporarily-disable-tests-requiring-SIGHUP.patch +# 00195 +# +# Don't declare Werror=declaration-after-statement for extension +# modules through setup.py +# http://bugs.python.org/issue21121 +Patch195: 00195-dont-add-Werror-declaration-after-statement.patch + # (New patches go here ^^^) # # When adding new patches to "python" and "python3" in Fedora 17 onwards, @@ -937,6 +944,7 @@ done %patch190 -p1 %patch193 -p1 %patch194 -p1 +%patch195 -p1 # Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there # are many differences between 2.6 and the Python 3 library. @@ -1809,6 +1817,10 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Fri May 16 2014 Matej Stuchlik - 3.4.0-5 +- Don't add Werror=declaration-after-statement for extension + modules through setup.py (PyBT#21121) + * Mon May 12 2014 Matej Stuchlik - 3.4.0-4 - Add setuptools and pip to Requires From 1746188b354ae0b1641dbeed2009913a63e538ae Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Sun, 18 May 2014 23:39:35 +0200 Subject: [PATCH 27/32] Disable test_faulthandler, test_gdb on aarch64 (rhbz#1045193) --- python3.spec | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/python3.spec b/python3.spec index 6425f47..123b7ad 100644 --- a/python3.spec +++ b/python3.spec @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.0 -Release: 5%{?dist} +Release: 6%{?dist} License: Python Group: Development/Languages @@ -1386,7 +1386,10 @@ CheckPython() { # @unittest._expectedFailureInRpmBuild WITHIN_PYTHON_RPM_BUILD= \ LD_LIBRARY_PATH=$ConfDir $ConfDir/python -m test.regrtest \ - --verbose --findleaks + --verbose --findleaks \ + %ifarch %{arm} + -x test_faulthandler test_gdb + %endif echo FINISHED: CHECKING OF PYTHON FOR CONFIGURATION: $ConfName @@ -1817,6 +1820,10 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Sun May 18 2014 Matej Stuchlik - 3.4.0-6 +- Disable test_faulthandler, test_gdb on aarch64 +Resolves: rhbz#1045193 + * Fri May 16 2014 Matej Stuchlik - 3.4.0-5 - Don't add Werror=declaration-after-statement for extension modules through setup.py (PyBT#21121) From 8ab4c2d31ffea4398650ddb23c3c9f3048f5021b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= Date: Thu, 22 May 2014 13:25:18 +0200 Subject: [PATCH 28/32] Add macro %python3_version_nodots --- macros.python3 | 1 + python3.spec | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/macros.python3 b/macros.python3 index d6d913c..395af00 100644 --- a/macros.python3 +++ b/macros.python3 @@ -2,4 +2,5 @@ %python3_sitelib %(%{__python3} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())") %python3_sitearch %(%{__python3} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))") %python3_version %(%{__python3} -c "import sys; sys.stdout.write(sys.version[:3])") +%python3_version_nodots %(%{__python3} -c "import sys; sys.stdout.write(sys.version[:3].replace('.',''))") %py3dir %{_builddir}/python3-%{name}-%{version}-%{release} diff --git a/python3.spec b/python3.spec index 123b7ad..e278396 100644 --- a/python3.spec +++ b/python3.spec @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.0 -Release: 6%{?dist} +Release: 7%{?dist} License: Python Group: Development/Languages @@ -1820,6 +1820,9 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Thu May 22 2014 Miro Hrončok - 3.4.0-7 +- Add macro %%python3_version_nodots + * Sun May 18 2014 Matej Stuchlik - 3.4.0-6 - Disable test_faulthandler, test_gdb on aarch64 Resolves: rhbz#1045193 From da5702456fe9a29451b32c3985f9225a61671777 Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Sun, 25 May 2014 23:35:06 +0200 Subject: [PATCH 29/32] Fix test_gdb failure on ppc64le (rhbz#1095355) --- ...6-test-gdb-match-addr-before-builtin.patch | 30 +++++++++++++++++++ python3.spec | 12 +++++++- 2 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 00196-test-gdb-match-addr-before-builtin.patch diff --git a/00196-test-gdb-match-addr-before-builtin.patch b/00196-test-gdb-match-addr-before-builtin.patch new file mode 100644 index 0000000..dc40c82 --- /dev/null +++ b/00196-test-gdb-match-addr-before-builtin.patch @@ -0,0 +1,30 @@ +Subject: python3.test gdb match addr before builtin +From: Michel Normand + +For ppc64le archi and python3... and gdb... versions +the test_gdb.py need a change of re.match to handle address before the builtin_id word. +Of course there is no error if this substring is not present. +=== +... +#0 0x00003fffb7dd0898 in builtin_id (self=, v=) at /builddir/build/BUILD/Python-3.3.2/Python/bltinmodule.c:966 +....xxxxxxxxxxxxxxxxxxxxxx <= added regexp +=== + +Signed-off-by: Michel Normand +--- + Lib/test/test_gdb.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: Python-3.3.2/Lib/test/test_gdb.py +=================================================================== +--- Python-3.3.2.orig/Lib/test/test_gdb.py ++++ Python-3.3.2/Lib/test/test_gdb.py +@@ -230,7 +230,7 @@ class DebuggerTests(unittest.TestCase): + # gdb can insert additional '\n' and space characters in various places + # in its output, depending on the width of the terminal it's connected + # to (using its "wrap_here" function) +- m = re.match('.*#0\s+builtin_id\s+\(self\=.*,\s+v=\s*(.*?)\)\s+at\s+\S*Python/bltinmodule.c.*', ++ m = re.match('.*#0\s+(?: 0x[0-9a-f]+\s+in\s+)?builtin_id\s+\(self\=.*,\s+v=\s*(.*?)\)\s+at\s+\S*Python/bltinmodule.c.*', + gdb_output, re.DOTALL) + if not m: + self.fail('Unexpected gdb output: %r\n%s' % (gdb_output, gdb_output)) diff --git a/python3.spec b/python3.spec index e278396..f5c1464 100644 --- a/python3.spec +++ b/python3.spec @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.0 -Release: 7%{?dist} +Release: 8%{?dist} License: Python Group: Development/Languages @@ -670,6 +670,11 @@ Patch194: temporarily-disable-tests-requiring-SIGHUP.patch # http://bugs.python.org/issue21121 Patch195: 00195-dont-add-Werror-declaration-after-statement.patch +# 00196 +# +# Fix test_gdb failure on ppc64le +Patch196: 00196-test-gdb-match-addr-before-builtin.patch + # (New patches go here ^^^) # # When adding new patches to "python" and "python3" in Fedora 17 onwards, @@ -945,6 +950,7 @@ done %patch193 -p1 %patch194 -p1 %patch195 -p1 +%patch196 -p1 # Currently (2010-01-15), http://docs.python.org/library is for 2.6, and there # are many differences between 2.6 and the Python 3 library. @@ -1820,6 +1826,10 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Sun May 25 2014 Matej Stuchlik - 3.4.0-8 +- Fix test_gdb failure on ppc64le +Resolves: rhbz#1095355 + * Thu May 22 2014 Miro Hrončok - 3.4.0-7 - Add macro %%python3_version_nodots From e602f7a288df4597d9d1ae56d8c079da61f45c0e Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Mon, 26 May 2014 00:20:13 +0200 Subject: [PATCH 30/32] Update to Python 3.4.1 --- 00190-fix-tests-with-sqlite-3.8.4.patch | 21 ------ ...num-of-pycfile-bytes-in-modulefinder.patch | 65 ------------------- python3.spec | 17 +++-- sources | 2 +- ...arily-disable-tests-requiring-SIGHUP.patch | 4 +- 5 files changed, 14 insertions(+), 95 deletions(-) delete mode 100644 00190-fix-tests-with-sqlite-3.8.4.patch delete mode 100644 00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch diff --git a/00190-fix-tests-with-sqlite-3.8.4.patch b/00190-fix-tests-with-sqlite-3.8.4.patch deleted file mode 100644 index 8a94f5c..0000000 --- a/00190-fix-tests-with-sqlite-3.8.4.patch +++ /dev/null @@ -1,21 +0,0 @@ - -# HG changeset patch -# User Benjamin Peterson -# Date 1394679139 18000 -# Node ID 4d626a9df062104b61c44c8a5be8b0fd52fae953 -# Parent 6f93ab911d5dafcde364013e21723259fe2c85a8# Parent dbc9e3ed5e9f1bd11240eaa971f6c75d6a7013b5 -merge 3.3 (#20901) - -diff --git a/Lib/sqlite3/test/hooks.py b/Lib/sqlite3/test/hooks.py ---- a/Lib/sqlite3/test/hooks.py -+++ b/Lib/sqlite3/test/hooks.py -@@ -162,7 +162,7 @@ class ProgressTests(unittest.TestCase): - create table bar (a, b) - """) - second_count = len(progress_calls) -- self.assertGreater(first_count, second_count) -+ self.assertGreaterEqual(first_count, second_count) - - def CheckCancelOperation(self): - """ - diff --git a/00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch b/00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch deleted file mode 100644 index 4a82309..0000000 --- a/00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch +++ /dev/null @@ -1,65 +0,0 @@ - -# HG changeset patch -# User Brett Cannon -# Date 1393602285 18000 -# Node ID 432cb56db05d73f55d211501bf0dfc767768923b -# Parent ade5e4922a54cb84c99ec924ab7c700a014893da -Issue #20778: Fix modulefinder to work with bytecode-only modules. - -Bug filed and initial attempt at a patch by Bohuslav Kabrda. - -diff --git a/Lib/modulefinder.py b/Lib/modulefinder.py ---- a/Lib/modulefinder.py -+++ b/Lib/modulefinder.py -@@ -290,7 +290,7 @@ class ModuleFinder: - if fp.read(4) != imp.get_magic(): - self.msgout(2, "raise ImportError: Bad magic number", pathname) - raise ImportError("Bad magic number in %s" % pathname) -- fp.read(4) -+ fp.read(8) # Skip mtime and size. - co = marshal.load(fp) - else: - co = None -diff --git a/Lib/test/test_modulefinder.py b/Lib/test/test_modulefinder.py ---- a/Lib/test/test_modulefinder.py -+++ b/Lib/test/test_modulefinder.py -@@ -1,5 +1,7 @@ - import os - import errno -+import importlib.machinery -+import py_compile - import shutil - import unittest - import tempfile -@@ -208,6 +210,14 @@ a/module.py - from . import * - """] - -+bytecode_test = [ -+ "a", -+ ["a"], -+ [], -+ [], -+ "" -+] -+ - - def open_file(path): - dirname = os.path.dirname(path) -@@ -288,6 +298,16 @@ class ModuleFinderTest(unittest.TestCase - def test_relative_imports_4(self): - self._do_test(relative_import_test_4) - -+ def test_bytecode(self): -+ base_path = os.path.join(TEST_DIR, 'a') -+ source_path = base_path + importlib.machinery.SOURCE_SUFFIXES[0] -+ bytecode_path = base_path + importlib.machinery.BYTECODE_SUFFIXES[0] -+ with open_file(source_path) as file: -+ file.write('testing_modulefinder = True\n') -+ py_compile.compile(source_path, cfile=bytecode_path) -+ os.remove(source_path) -+ self._do_test(bytecode_test) -+ - - def test_main(): - support.run_unittest(ModuleFinderTest) diff --git a/python3.spec b/python3.spec index f5c1464..414c0c9 100644 --- a/python3.spec +++ b/python3.spec @@ -127,8 +127,8 @@ # ================== Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 -Version: %{pybasever}.0 -Release: 8%{?dist} +Version: %{pybasever}.1 +Release: 1%{?dist} License: Python Group: Development/Languages @@ -650,14 +650,16 @@ Patch189: 00189-add-rewheel-module.patch # Fix tests with SQLite >= 3.8.4 # http://bugs.python.org/issue20901 # http://hg.python.org/cpython/rev/4d626a9df062 -Patch190: 00190-fix-tests-with-sqlite-3.8.4.patch +# FIXED UPSTREAM +# Patch190: 00190-fix-tests-with-sqlite-3.8.4.patch # 00193 # # Skip correct number of *.pyc file bytes in ModuleFinder.load_module # rhbz#1060338 # http://bugs.python.org/issue20778 -Patch193: 00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch +# FIXED UPSTREAM +# Patch193: 00193-skip-correct-num-of-pycfile-bytes-in-modulefinder.patch # Tests requiring SIGHUP to work don't work in Koji # see rhbz#1088233 @@ -946,8 +948,8 @@ done %patch189 -p1 %endif -%patch190 -p1 -%patch193 -p1 +# 00190: upstream as of Python 3.4.1 +# 00193: upstream as of Python 3.4.1 %patch194 -p1 %patch195 -p1 %patch196 -p1 @@ -1826,6 +1828,9 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Sun May 25 2014 Matej Stuchlik - 3.4.1-1 +- Update to Python 3.4.1 + * Sun May 25 2014 Matej Stuchlik - 3.4.0-8 - Fix test_gdb failure on ppc64le Resolves: rhbz#1095355 diff --git a/sources b/sources index 3f1acf8..f2258f0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -77c22725e14af3d71022cbfdebff4903 Python-3.4.0.tar.xz +6cafc183b4106476dd73d5738d7f616a Python-3.4.1.tar.xz diff --git a/temporarily-disable-tests-requiring-SIGHUP.patch b/temporarily-disable-tests-requiring-SIGHUP.patch index 130970f..88ac230 100644 --- a/temporarily-disable-tests-requiring-SIGHUP.patch +++ b/temporarily-disable-tests-requiring-SIGHUP.patch @@ -8,8 +8,8 @@ diff -up Python-3.4.0/Lib/test/test_asyncio/test_events.py.orig Python-3.4.0/Lib - @unittest.skipIf(sys.platform == 'win32', "Don't have SIGHUP") + @unittest.skipIf(True, "Temporarily skipped (rhbz#1088233)") def test_subprocess_send_signal(self): - proto = None - transp = None + prog = os.path.join(os.path.dirname(__file__), 'echo.py') + diff -up Python-3.4.0/Lib/test/test_asyncio/test_subprocess.py.orig Python-3.4.0/Lib/test/test_asyncio/test_subprocess.py --- Python-3.4.0/Lib/test/test_asyncio/test_subprocess.py.orig 2014-04-17 12:03:32.777827520 +0200 From c75d3be7c820e642618d317a468e3773de91c8ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= Date: Mon, 26 May 2014 19:38:24 +0200 Subject: [PATCH 31/32] Fix multilib dependencies. Resolves: rhbz#1091815 --- python3.spec | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/python3.spec b/python3.spec index 414c0c9..d962c3f 100644 --- a/python3.spec +++ b/python3.spec @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.1 -Release: 1%{?dist} +Release: 2%{?dist} License: Python Group: Development/Languages @@ -743,7 +743,8 @@ This package contains files used to embed Python 3 into applications. %package devel Summary: Libraries and header files needed for Python 3 development Group: Development/Libraries -Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} Conflicts: %{name} < %{version}-%{release} %description devel @@ -1828,6 +1829,10 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Mon May 26 2014 Miro Hrončok - 3.4.1-2 +- Fix multilib dependencies. +Resolves: rhbz#1091815 + * Sun May 25 2014 Matej Stuchlik - 3.4.1-1 - Update to Python 3.4.1 From cfa9e5212dede627c2069b9877cec6c9d7007971 Mon Sep 17 00:00:00 2001 From: Matej Stuchlik Date: Tue, 27 May 2014 12:42:42 +0200 Subject: [PATCH 32/32] Update rewheel module --- 00189-add-rewheel-module.patch | 7 +++++-- python3.spec | 9 ++++++--- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/00189-add-rewheel-module.patch b/00189-add-rewheel-module.patch index ad80e9f..b3804b8 100644 --- a/00189-add-rewheel-module.patch +++ b/00189-add-rewheel-module.patch @@ -75,7 +75,7 @@ unchanged: unchanged: --- Python-3.4.0rc3/Lib/ensurepip/rewheel/__init__.py 1970-01-01 01:00:00.000000000 +0100 +++ Python-3.4.0rc3-rewheel/Lib/ensurepip/rewheel/__init__.py 2014-03-12 09:55:30.413152104 +0100 -@@ -0,0 +1,133 @@ +@@ -0,0 +1,136 @@ +import argparse +import csv +import email.parser @@ -126,7 +126,10 @@ unchanged: + # if we have 0 or 2 or more dirs, something is wrong... + if len(filtered) == 1: + path = filtered[0] -+ records.append(os.path.join(path, 'RECORD')) ++ if path is not None: ++ records.append(os.path.join(path, 'RECORD')) ++ else: ++ records.append(None) + return records + +def rewheel_from_record(record_path, outdir): diff --git a/python3.spec b/python3.spec index d962c3f..c373aee 100644 --- a/python3.spec +++ b/python3.spec @@ -128,7 +128,7 @@ Summary: Version 3 of the Python programming language aka Python 3000 Name: python3 Version: %{pybasever}.1 -Release: 2%{?dist} +Release: 3%{?dist} License: Python Group: Development/Languages @@ -1396,8 +1396,8 @@ CheckPython() { WITHIN_PYTHON_RPM_BUILD= \ LD_LIBRARY_PATH=$ConfDir $ConfDir/python -m test.regrtest \ --verbose --findleaks \ - %ifarch %{arm} - -x test_faulthandler test_gdb + %ifarch ppc64le + -x test_faulthandler %endif echo FINISHED: CHECKING OF PYTHON FOR CONFIGURATION: $ConfName @@ -1829,6 +1829,9 @@ rm -fr %{buildroot} # ====================================================== %changelog +* Tue May 27 2014 Matej Stuchlik - 3.4.1-3 +- Update the rewheel module + * Mon May 26 2014 Miro Hrončok - 3.4.1-2 - Fix multilib dependencies. Resolves: rhbz#1091815