rpms
/
python2
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

SPEC file cleanup

This commit is contained in:
Charalampos Stratakis 2016-08-16 18:45:23 +02:00
parent a759357958
commit b6952a5e13
26 changed files with 5 additions and 4672 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
00101-lib64-regex.patch
View File

@ -1,19 +0,0 @@
diff -up Python-2.7.3/Lib/test/test_re.py.lib64-regex Python-2.7.3/Lib/test/test_re.py
--- Python-2.7.3/Lib/test/test_re.py.lib64-regex 2012-04-09 19:07:32.000000000 -0400
+++ Python-2.7.3/Lib/test/test_re.py 2013-02-19 13:53:57.624033102 -0500
@@ -757,6 +757,15 @@ class ReTests(unittest.TestCase):
self.assertRaises(TypeError, re.finditer, "a", {})
self.assertRaises(OverflowError, _sre.compile, "abc", 0, [long_overflow])
+ def test_bug_931848(self):
+ try:
+ unicode
+ except NameError:
+ pass
+ pattern = eval('u"[\u002E\u3002\uFF0E\uFF61]"')
+ self.assertEqual(re.compile(pattern).split("a.b.c"),
+ ['a','b','c'])
+
def run_re_tests():
from test.re_tests import tests, SUCCEED, FAIL, SYNTAX_ERROR
if verbose:

13
00148-gdbm-1.9-magic-values.patch
View File

@ -1,13 +0,0 @@
diff -up Python-2.7.2/Lib/whichdb.py.gdbm-1.9-magic Python-2.7.2/Lib/whichdb.py
--- Python-2.7.2/Lib/whichdb.py.gdbm-1.9-magic 2011-06-11 11:46:26.000000000 -0400
+++ Python-2.7.2/Lib/whichdb.py 2011-09-30 15:45:21.778872290 -0400
@@ -91,7 +91,7 @@ def whichdb(filename):
return ""
# Check for GNU dbm
- if magic == 0x13579ace:
+ if magic in (0x13579ace, 0x13579acd, 0x13579acf):
return "gdbm"
# Check for old Berkeley db hash file format v2
diff -up Python-2.7.2/Misc/NEWS.gdbm-1.9-magic Python-2.7.2/Misc/NEWS

11
00152-fix-test-gdb-regex.patch
View File

@ -1,11 +0,0 @@
--- Lib/test/test_gdb.py.old 2012-04-11 19:35:13.512681203 -0400
+++ Lib/test/test_gdb.py 2012-04-11 19:39:52.567192540 -0400
@@ -159,7 +159,7 @@ class DebuggerTests(unittest.TestCase):
# gdb can insert additional '\n' and space characters in various places
# in its output, depending on the width of the terminal it's connected
# to (using its "wrap_here" function)
- m = re.match('.*#0\s+builtin_id\s+\(self\=.*,\s+v=\s*(.*?)\)\s+at\s+Python/bltinmodule.c.*',
+ m = re.match('.*#0\s+builtin_id\s+\(self\=.*,\s+v=\s*(.*?)\)\s+at\s+\S*Python/bltinmodule.c.*',
gdb_output, re.DOTALL)
if not m:
self.fail('Unexpected gdb output: %r\n%s' % (gdb_output, gdb_output))

29
00158-fix-hashlib-leak.patch
View File

@ -1,29 +0,0 @@
diff -up Python-2.7.3/Lib/test/test_hashlib.py.fix-hashlib-leak Python-2.7.3/Lib/test/test_hashlib.py
--- Python-2.7.3/Lib/test/test_hashlib.py.fix-hashlib-leak 2013-02-19 14:13:44.000000000 -0500
+++ Python-2.7.3/Lib/test/test_hashlib.py 2013-02-19 14:14:31.319948742 -0500
@@ -106,12 +106,8 @@ class HashLibTestCase(unittest.TestCase)
_algo.islower()]))
def test_unknown_hash(self):
- try:
- hashlib.new('spam spam spam spam spam')
- except ValueError:
- pass
- else:
- self.assertTrue(0 == "hashlib didn't reject bogus hash name")
+ self.assertRaises(ValueError, hashlib.new, 'spam spam spam spam spam')
+ self.assertRaises(TypeError, hashlib.new, 1)
def test_hexdigest(self):
for name in self.supported_hash_names:
diff -up Python-2.7.3/Modules/_hashopenssl.c.fix-hashlib-leak Python-2.7.3/Modules/_hashopenssl.c
--- Python-2.7.3/Modules/_hashopenssl.c.fix-hashlib-leak 2013-02-19 14:13:44.646951933 -0500
+++ Python-2.7.3/Modules/_hashopenssl.c 2013-02-19 14:13:44.715951929 -0500
@@ -549,6 +549,7 @@ EVP_new(PyObject *self, PyObject *args,
}
if (!PyArg_Parse(name_obj, "s", &name)) {
+ PyBuffer_Release(&view);
PyErr_SetString(PyExc_TypeError, "name must be a string");
return NULL;
}

126
00166-fix-fake-repr-in-gdb-hooks.patch
View File

@ -1,126 +0,0 @@
diff -up Python-2.7.3/Tools/gdb/libpython.py.fix-fake-repr-in-gdb-hooks Python-2.7.3/Tools/gdb/libpython.py
--- Python-2.7.3/Tools/gdb/libpython.py.fix-fake-repr-in-gdb-hooks 2013-02-19 17:21:33.541181366 -0500
+++ Python-2.7.3/Tools/gdb/libpython.py 2013-02-19 17:21:42.090180782 -0500
@@ -105,6 +105,24 @@ class TruncatedStringIO(object):
def getvalue(self):
return self._val
+class FakeProxy(object):
+ """
+ Class representing a non-descript PyObject* value in the inferior
+ process for when we don't have a custom scraper, intended to have
+ a sane repr().
+ """
+ def __init__(self, tp_name, address):
+ self.tp_name = tp_name
+ self.address = address
+
+ def __repr__(self):
+ # For the NULL pointer, we have no way of knowing a type, so
+ # special-case it as per
+ # http://bugs.python.org/issue8032#msg100882
+ if self.address == 0:
+ return '0x0'
+ return '<%s at remote 0x%x>' % (self.tp_name, self.address)
+
class PyObjectPtr(object):
"""
Class wrapping a gdb.Value that's a either a (PyObject*) within the
@@ -232,28 +250,8 @@ class PyObjectPtr(object):
visiting object graphs with loops). Analogous to Py_ReprEnter and
Py_ReprLeave
'''
-
- class FakeRepr(object):
- """
- Class representing a non-descript PyObject* value in the inferior
- process for when we don't have a custom scraper, intended to have
- a sane repr().
- """
-
- def __init__(self, tp_name, address):
- self.tp_name = tp_name
- self.address = address
-
- def __repr__(self):
- # For the NULL pointer, we have no way of knowing a type, so
- # special-case it as per
- # http://bugs.python.org/issue8032#msg100882
- if self.address == 0:
- return '0x0'
- return '<%s at remote 0x%x>' % (self.tp_name, self.address)
-
- return FakeRepr(self.safe_tp_name(),
- long(self._gdbval))
+ return FakeProxy(self.safe_tp_name(),
+ long(self._gdbval))
def write_repr(self, out, visited):
'''
@@ -384,7 +382,7 @@ def _write_instance_repr(out, visited, n
if not first:
out.write(', ')
first = False
- out.write(pyop_arg.proxyval(visited))
+ out.write(str(pyop_arg.proxyval(visited)))
out.write('=')
pyop_val.write_repr(out, visited)
out.write(')')
@@ -785,6 +783,8 @@ class PyNoneStructPtr(PyObjectPtr):
def proxyval(self, visited):
return None
+class CantReadFilename(ValueError):
+ pass
class PyFrameObjectPtr(PyObjectPtr):
_typename = 'PyFrameObject'
@@ -861,7 +861,10 @@ class PyFrameObjectPtr(PyObjectPtr):
'''Get the path of the current Python source file, as a string'''
if self.is_optimized_out():
return '(frame information optimized out)'
- return self.co_filename.proxyval(set())
+ value = self.co_filename.proxyval(set())
+ if isinstance(value, FakeProxy):
+ raise CantReadFilename('unable to extract filename)')
+ return value
def current_line_num(self):
'''Get current line number as an integer (1-based)
@@ -907,7 +910,7 @@ class PyFrameObjectPtr(PyObjectPtr):
out.write(', ')
first = False
- out.write(pyop_name.proxyval(visited))
+ out.write(str(pyop_name.proxyval(visited)))
out.write('=')
pyop_value.write_repr(out, visited)
@@ -1252,8 +1255,11 @@ class Frame(object):
write_unicode(sys.stdout, '#%i %s\n' % (self.get_index(), line))
if not pyop.is_optimized_out():
- line = pyop.current_line()
- if line is not None:
- sys.stdout.write(' %s\n' % line.strip())
+ try:
+ line = pyop.current_line()
+ if line is not None:
+ sys.stdout.write(' %s\n' % line.strip())
+ except CantReadFilename:
+ sys.stdout.write(' %s\n' % '(unable to read filename)')
else:
sys.stdout.write('#%i (unable to read python frame information)\n' % self.get_index())
else:
@@ -1303,7 +1309,11 @@ class PyList(gdb.Command):
print('Unable to read information on python frame')
return
- filename = pyop.filename()
+ try:
+ filename = pyop.filename()
+ except CantReadFilename:
+ print("Unable to extract filename from python frame")
+ return
lineno = pyop.current_line_num()
if start is None:

14
00171-raise-correct-exception-when-dev-urandom-is-missing.patch
View File

@ -1,14 +0,0 @@
diff -up Python-2.7.3/Misc/NEWS.raise-correct-exception-when-dev-urandom-is-missing Python-2.7.3/Misc/NEWS
diff -up Python-2.7.3/Python/random.c.raise-correct-exception-when-dev-urandom-is-missing Python-2.7.3/Python/random.c
--- Python-2.7.3/Python/random.c.raise-correct-exception-when-dev-urandom-is-missing 2012-04-09 19:07:35.000000000 -0400
+++ Python-2.7.3/Python/random.c 2013-02-21 14:39:01.020988043 -0500
@@ -165,7 +165,8 @@ dev_urandom_python(char *buffer, Py_ssiz
Py_END_ALLOW_THREADS
if (fd < 0)
{
- PyErr_SetFromErrnoWithFilename(PyExc_OSError, "/dev/urandom");
+ PyErr_SetString(PyExc_NotImplementedError,
+ "/dev/urandom (or equivalent) not found");
return -1;
}

87
00172-use-poll-for-multiprocessing-socket-connection.patch
View File

@ -1,87 +0,0 @@
diff -up Python-2.7.3/Doc/library/asyncore.rst.use-poll-for-multiprocessing-socket-connection Python-2.7.3/Doc/library/asyncore.rst
--- Python-2.7.3/Doc/library/asyncore.rst.use-poll-for-multiprocessing-socket-connection 2013-02-21 15:21:41.204812979 -0500
+++ Python-2.7.3/Doc/library/asyncore.rst 2013-02-21 15:21:41.211812976 -0500
@@ -318,13 +318,10 @@ connections and dispatches the incoming
def handle_accept(self):
pair = self.accept()
- if pair is None:
- pass
- else:
+ if pair is not None:
sock, addr = pair
print 'Incoming connection from %s' % repr(addr)
handler = EchoHandler(sock)
server = EchoServer('localhost', 8080)
asyncore.loop()
-
diff -up Python-2.7.3/Lib/multiprocessing/connection.py.use-poll-for-multiprocessing-socket-connection Python-2.7.3/Lib/multiprocessing/connection.py
diff -up Python-2.7.3/Lib/test/test_multiprocessing.py.use-poll-for-multiprocessing-socket-connection Python-2.7.3/Lib/test/test_multiprocessing.py
--- Python-2.7.3/Lib/test/test_multiprocessing.py.use-poll-for-multiprocessing-socket-connection 2013-02-21 15:21:41.199812979 -0500
+++ Python-2.7.3/Lib/test/test_multiprocessing.py 2013-02-21 15:21:41.208812978 -0500
@@ -1452,6 +1452,7 @@ class _TestConnection(BaseTestCase):
self.assertTimingAlmostEqual(poll.elapsed, TIMEOUT1)
conn.send(None)
+ time.sleep(.1)
self.assertEqual(poll(TIMEOUT1), True)
self.assertTimingAlmostEqual(poll.elapsed, 0)
diff -up Python-2.7.3/Modules/_multiprocessing/socket_connection.c.use-poll-for-multiprocessing-socket-connection Python-2.7.3/Modules/_multiprocessing/socket_connection.c
--- Python-2.7.3/Modules/_multiprocessing/socket_connection.c.use-poll-for-multiprocessing-socket-connection 2013-02-21 15:21:41.201812979 -0500
+++ Python-2.7.3/Modules/_multiprocessing/socket_connection.c 2013-02-21 15:21:41.215812978 -0500
@@ -8,6 +8,10 @@
#include "multiprocessing.h"
+#if defined(HAVE_POLL) && !defined(HAVE_BROKEN_POLL)
+# include "poll.h"
+#endif
+
#ifdef MS_WINDOWS
# define WRITE(h, buffer, length) send((SOCKET)h, buffer, length, 0)
# define READ(h, buffer, length) recv((SOCKET)h, buffer, length, 0)
@@ -155,6 +159,34 @@ conn_recv_string(ConnectionObject *conn,
static int
conn_poll(ConnectionObject *conn, double timeout, PyThreadState *_save)
{
+#if defined(HAVE_POLL) && !defined(HAVE_BROKEN_POLL)
+ int res;
+ struct pollfd p;
+
+ p.fd = (int)conn->handle;
+ p.events = POLLIN | POLLPRI;
+ p.revents = 0;
+
+ if (timeout < 0) {
+ res = poll(&p, 1, -1);
+ } else {
+ res = poll(&p, 1, (int)(timeout * 1000 + 0.5));
+ }
+
+ if (res < 0) {
+ return MP_SOCKET_ERROR;
+ } else if (p.revents & (POLLNVAL|POLLERR)) {
+ Py_BLOCK_THREADS
+ PyErr_SetString(PyExc_IOError, "poll() gave POLLNVAL or POLLERR");
+ Py_UNBLOCK_THREADS
+ return MP_EXCEPTION_HAS_BEEN_SET;
+ } else if (p.revents != 0) {
+ return TRUE;
+ } else {
+ assert(res == 0);
+ return FALSE;
+ }
+#else
int res;
fd_set rfds;
@@ -190,6 +222,7 @@ conn_poll(ConnectionObject *conn, double
assert(res == 0);
return FALSE;
}
+#endif
}
/*

12
00175-fix-configure-Wformat.patch
View File

@ -1,12 +0,0 @@
diff -up Python-2.7.3/configure.ac.fix-configure-Wformat Python-2.7.3/configure.ac
--- Python-2.7.3/configure.ac.fix-configure-Wformat 2013-03-25 15:15:18.473888383 -0400
+++ Python-2.7.3/configure.ac 2013-03-25 15:15:32.513887426 -0400
@@ -1200,7 +1200,7 @@ if test "$GCC" = "yes"
then
AC_MSG_CHECKING(whether gcc supports ParseTuple __format__)
save_CFLAGS=$CFLAGS
- CFLAGS="$CFLAGS -Werror"
+ CFLAGS="$CFLAGS -Werror -Wformat"
AC_COMPILE_IFELSE([
AC_LANG_PROGRAM([[void f(char*,...)__attribute((format(PyArg_ParseTuple, 1, 2)));]], [[]])
],[

247
00185-CVE-2013-4238-hostname-check-bypass-in-SSL-module.patch
View File

@ -1,247 +0,0 @@
diff -r 9ddc63c039ba Lib/test/nullbytecert.pem
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/Lib/test/nullbytecert.pem Sun Aug 11 18:13:17 2013 +0200
@@ -0,0 +1,90 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 0 (0x0)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=US, ST=Oregon, L=Beaverton, O=Python Software Foundation, OU=Python Core Development, CN=null.python.org\x00example.org/emailAddress=python-dev@python.org
+ Validity
+ Not Before: Aug 7 13:11:52 2013 GMT
+ Not After : Aug 7 13:12:52 2013 GMT
+ Subject: C=US, ST=Oregon, L=Beaverton, O=Python Software Foundation, OU=Python Core Development, CN=null.python.org\x00example.org/emailAddress=python-dev@python.org
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (2048 bit)
+ Modulus:
+ 00:b5:ea:ed:c9:fb:46:7d:6f:3b:76:80:dd:3a:f3:
+ 03:94:0b:a7:a6:db:ec:1d:df:ff:23:74:08:9d:97:
+ 16:3f:a3:a4:7b:3e:1b:0e:96:59:25:03:a7:26:e2:
+ 88:a9:cf:79:cd:f7:04:56:b0:ab:79:32:6e:59:c1:
+ 32:30:54:eb:58:a8:cb:91:f0:42:a5:64:27:cb:d4:
+ 56:31:88:52:ad:cf:bd:7f:f0:06:64:1f:cc:27:b8:
+ a3:8b:8c:f3:d8:29:1f:25:0b:f5:46:06:1b:ca:02:
+ 45:ad:7b:76:0a:9c:bf:bb:b9:ae:0d:16:ab:60:75:
+ ae:06:3e:9c:7c:31:dc:92:2f:29:1a:e0:4b:0c:91:
+ 90:6c:e9:37:c5:90:d7:2a:d7:97:15:a3:80:8f:5d:
+ 7b:49:8f:54:30:d4:97:2c:1c:5b:37:b5:ab:69:30:
+ 68:43:d3:33:78:4b:02:60:f5:3c:44:80:a1:8f:e7:
+ f0:0f:d1:5e:87:9e:46:cf:62:fc:f9:bf:0c:65:12:
+ f1:93:c8:35:79:3f:c8:ec:ec:47:f5:ef:be:44:d5:
+ ae:82:1e:2d:9a:9f:98:5a:67:65:e1:74:70:7c:cb:
+ d3:c2:ce:0e:45:49:27:dc:e3:2d:d4:fb:48:0e:2f:
+ 9e:77:b8:14:46:c0:c4:36:ca:02:ae:6a:91:8c:da:
+ 2f:85
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints: critical
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 88:5A:55:C0:52:FF:61:CD:52:A3:35:0F:EA:5A:9C:24:38:22:F7:5C
+ X509v3 Key Usage:
+ Digital Signature, Non Repudiation, Key Encipherment
+ X509v3 Subject Alternative Name:
+ *************************************************************
+ WARNING: The values for DNS, email and URI are WRONG. OpenSSL
+ doesn't print the text after a NULL byte.
+ *************************************************************
+ DNS:altnull.python.org, email:null@python.org, URI:http://null.python.org, IP Address:192.0.2.1, IP Address:2001:DB8:0:0:0:0:0:1
+ Signature Algorithm: sha1WithRSAEncryption
+ ac:4f:45:ef:7d:49:a8:21:70:8e:88:59:3e:d4:36:42:70:f5:
+ a3:bd:8b:d7:a8:d0:58:f6:31:4a:b1:a4:a6:dd:6f:d9:e8:44:
+ 3c:b6:0a:71:d6:7f:b1:08:61:9d:60:ce:75:cf:77:0c:d2:37:
+ 86:02:8d:5e:5d:f9:0f:71:b4:16:a8:c1:3d:23:1c:f1:11:b3:
+ 56:6e:ca:d0:8d:34:94:e6:87:2a:99:f2:ae:ae:cc:c2:e8:86:
+ de:08:a8:7f:c5:05:fa:6f:81:a7:82:e6:d0:53:9d:34:f4:ac:
+ 3e:40:fe:89:57:7a:29:a4:91:7e:0b:c6:51:31:e5:10:2f:a4:
+ 60:76:cd:95:51:1a:be:8b:a1:b0:fd:ad:52:bd:d7:1b:87:60:
+ d2:31:c7:17:c4:18:4f:2d:08:25:a3:a7:4f:b7:92:ca:e2:f5:
+ 25:f1:54:75:81:9d:b3:3d:61:a2:f7:da:ed:e1:c6:6f:2c:60:
+ 1f:d8:6f:c5:92:05:ab:c9:09:62:49:a9:14:ad:55:11:cc:d6:
+ 4a:19:94:99:97:37:1d:81:5f:8b:cf:a3:a8:96:44:51:08:3d:
+ 0b:05:65:12:eb:b6:70:80:88:48:72:4f:c6:c2:da:cf:cd:8e:
+ 5b:ba:97:2f:60:b4:96:56:49:5e:3a:43:76:63:04:be:2a:f6:
+ c1:ca:a9:94
+-----BEGIN CERTIFICATE-----
+MIIE2DCCA8CgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBxTELMAkGA1UEBhMCVVMx
+DzANBgNVBAgMBk9yZWdvbjESMBAGA1UEBwwJQmVhdmVydG9uMSMwIQYDVQQKDBpQ
+eXRob24gU29mdHdhcmUgRm91bmRhdGlvbjEgMB4GA1UECwwXUHl0aG9uIENvcmUg
+RGV2ZWxvcG1lbnQxJDAiBgNVBAMMG251bGwucHl0aG9uLm9yZwBleGFtcGxlLm9y
+ZzEkMCIGCSqGSIb3DQEJARYVcHl0aG9uLWRldkBweXRob24ub3JnMB4XDTEzMDgw
+NzEzMTE1MloXDTEzMDgwNzEzMTI1MlowgcUxCzAJBgNVBAYTAlVTMQ8wDQYDVQQI
+DAZPcmVnb24xEjAQBgNVBAcMCUJlYXZlcnRvbjEjMCEGA1UECgwaUHl0aG9uIFNv
+ZnR3YXJlIEZvdW5kYXRpb24xIDAeBgNVBAsMF1B5dGhvbiBDb3JlIERldmVsb3Bt
+ZW50MSQwIgYDVQQDDBtudWxsLnB5dGhvbi5vcmcAZXhhbXBsZS5vcmcxJDAiBgkq
+hkiG9w0BCQEWFXB5dGhvbi1kZXZAcHl0aG9uLm9yZzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALXq7cn7Rn1vO3aA3TrzA5QLp6bb7B3f/yN0CJ2XFj+j
+pHs+Gw6WWSUDpybiiKnPec33BFawq3kyblnBMjBU61ioy5HwQqVkJ8vUVjGIUq3P
+vX/wBmQfzCe4o4uM89gpHyUL9UYGG8oCRa17dgqcv7u5rg0Wq2B1rgY+nHwx3JIv
+KRrgSwyRkGzpN8WQ1yrXlxWjgI9de0mPVDDUlywcWze1q2kwaEPTM3hLAmD1PESA
+oY/n8A/RXoeeRs9i/Pm/DGUS8ZPINXk/yOzsR/XvvkTVroIeLZqfmFpnZeF0cHzL
+08LODkVJJ9zjLdT7SA4vnne4FEbAxDbKAq5qkYzaL4UCAwEAAaOB0DCBzTAMBgNV
+HRMBAf8EAjAAMB0GA1UdDgQWBBSIWlXAUv9hzVKjNQ/qWpwkOCL3XDALBgNVHQ8E
+BAMCBeAwgZAGA1UdEQSBiDCBhYIeYWx0bnVsbC5weXRob24ub3JnAGV4YW1wbGUu
+Y29tgSBudWxsQHB5dGhvbi5vcmcAdXNlckBleGFtcGxlLm9yZ4YpaHR0cDovL251
+bGwucHl0aG9uLm9yZwBodHRwOi8vZXhhbXBsZS5vcmeHBMAAAgGHECABDbgAAAAA
+AAAAAAAAAAEwDQYJKoZIhvcNAQEFBQADggEBAKxPRe99SaghcI6IWT7UNkJw9aO9
+i9eo0Fj2MUqxpKbdb9noRDy2CnHWf7EIYZ1gznXPdwzSN4YCjV5d+Q9xtBaowT0j
+HPERs1ZuytCNNJTmhyqZ8q6uzMLoht4IqH/FBfpvgaeC5tBTnTT0rD5A/olXeimk
+kX4LxlEx5RAvpGB2zZVRGr6LobD9rVK91xuHYNIxxxfEGE8tCCWjp0+3ksri9SXx
+VHWBnbM9YaL32u3hxm8sYB/Yb8WSBavJCWJJqRStVRHM1koZlJmXNx2BX4vPo6iW
+RFEIPQsFZRLrtnCAiEhyT8bC2s/Njlu6ly9gtJZWSV46Q3ZjBL4q9sHKqZQ=
+-----END CERTIFICATE-----
diff -r 9ddc63c039ba Lib/test/test_ssl.py
--- a/Lib/test/test_ssl.py Sun Aug 11 13:04:50 2013 +0300
+++ b/Lib/test/test_ssl.py Sun Aug 11 18:13:17 2013 +0200
@@ -25,6 +25,7 @@
HOST = test_support.HOST
CERTFILE = None
SVN_PYTHON_ORG_ROOT_CERT = None
+NULLBYTECERT = None
def handle_error(prefix):
exc_format = ' '.join(traceback.format_exception(*sys.exc_info()))
@@ -123,6 +124,27 @@
('DNS', 'projects.forum.nokia.com'))
)
+ def test_parse_cert_CVE_2013_4073(self):
+ p = ssl._ssl._test_decode_cert(NULLBYTECERT)
+ if test_support.verbose:
+ sys.stdout.write("\n" + pprint.pformat(p) + "\n")
+ subject = ((('countryName', 'US'),),
+ (('stateOrProvinceName', 'Oregon'),),
+ (('localityName', 'Beaverton'),),
+ (('organizationName', 'Python Software Foundation'),),
+ (('organizationalUnitName', 'Python Core Development'),),
+ (('commonName', 'null.python.org\x00example.org'),),
+ (('emailAddress', 'python-dev@python.org'),))
+ self.assertEqual(p['subject'], subject)
+ self.assertEqual(p['issuer'], subject)
+ self.assertEqual(p['subjectAltName'],
+ (('DNS', 'altnull.python.org\x00example.com'),
+ ('email', 'null@python.org\x00user@example.org'),
+ ('URI', 'http://null.python.org\x00http://example.org'),
+ ('IP Address', '192.0.2.1'),
+ ('IP Address', '2001:DB8:0:0:0:0:0:1\n'))
+ )
+
def test_DER_to_PEM(self):
with open(SVN_PYTHON_ORG_ROOT_CERT, 'r') as f:
pem = f.read()
@@ -1360,7 +1382,7 @@
def test_main(verbose=False):
- global CERTFILE, SVN_PYTHON_ORG_ROOT_CERT, NOKIACERT
+ global CERTFILE, SVN_PYTHON_ORG_ROOT_CERT, NOKIACERT, NULLBYTECERT
CERTFILE = os.path.join(os.path.dirname(__file__) or os.curdir,
"keycert.pem")
SVN_PYTHON_ORG_ROOT_CERT = os.path.join(
@@ -1368,10 +1390,13 @@
"https_svn_python_org_root.pem")
NOKIACERT = os.path.join(os.path.dirname(__file__) or os.curdir,
"nokia.pem")
+ NULLBYTECERT = os.path.join(os.path.dirname(__file__) or os.curdir,
+ "nullbytecert.pem")
if (not os.path.exists(CERTFILE) or
not os.path.exists(SVN_PYTHON_ORG_ROOT_CERT) or
- not os.path.exists(NOKIACERT)):
+ not os.path.exists(NOKIACERT) or
+ not os.path.exists(NULLBYTECERT)):
raise test_support.TestFailed("Can't read certificate files!")
tests = [BasicTests, BasicSocketTests]
diff -r 9ddc63c039ba Modules/_ssl.c
--- a/Modules/_ssl.c Sun Aug 11 13:04:50 2013 +0300
+++ b/Modules/_ssl.c Sun Aug 11 18:13:17 2013 +0200
@@ -741,8 +741,13 @@
/* get a rendering of each name in the set of names */
+ int gntype;
+ ASN1_STRING *as = NULL;
+
name = sk_GENERAL_NAME_value(names, j);
- if (name->type == GEN_DIRNAME) {
+ gntype = name-> type;
+ switch (gntype) {
+ case GEN_DIRNAME:
/* we special-case DirName as a tuple of tuples of attributes */
@@ -764,11 +769,61 @@
goto fail;
}
PyTuple_SET_ITEM(t, 1, v);
+ break;
- } else {
+ case GEN_EMAIL:
+ case GEN_DNS:
+ case GEN_URI:
+ /* GENERAL_NAME_print() doesn't handle NUL bytes in ASN1_string
+ correctly. */
+ t = PyTuple_New(2);
+ if (t == NULL)
+ goto fail;
+ switch (gntype) {
+ case GEN_EMAIL:
+ v = PyUnicode_FromString("email");
+ as = name->d.rfc822Name;
+ break;
+ case GEN_DNS:
+ v = PyUnicode_FromString("DNS");
+ as = name->d.dNSName;
+ break;
+ case GEN_URI:
+ v = PyUnicode_FromString("URI");
+ as = name->d.uniformResourceIdentifier;
+ break;
+ }
+ if (v == NULL) {
+ Py_DECREF(t);
+ goto fail;
+ }
+ PyTuple_SET_ITEM(t, 0, v);
+ v = PyString_FromStringAndSize((char *)ASN1_STRING_data(as),
+ ASN1_STRING_length(as));
+ if (v == NULL) {
+ Py_DECREF(t);
+ goto fail;
+ }
+ PyTuple_SET_ITEM(t, 1, v);
+ break;
+ default:
/* for everything else, we use the OpenSSL print form */
-
+ switch (gntype) {
+ /* check for new general name type */
+ case GEN_OTHERNAME:
+ case GEN_X400:
+ case GEN_EDIPARTY:
+ case GEN_IPADD:
+ case GEN_RID:
+ break;
+ default:
+ if (PyErr_Warn(PyExc_RuntimeWarning,
+ "Unknown general name type") == -1) {
+ goto fail;
+ }
+ break;
+ }
(void) BIO_reset(biobuf);
GENERAL_NAME_print(biobuf, name);
len = BIO_gets(biobuf, buf, sizeof(buf)-1);
@@ -794,6 +849,7 @@
goto fail;
}
PyTuple_SET_ITEM(t, 1, v);
+ break;
}
/* and add that rendering to the list */

11
00190-get_python_version.patch
View File

@ -1,11 +0,0 @@
diff -r 2a38df26e009 Lib/distutils/command/bdist_rpm.py
--- a/Lib/distutils/command/bdist_rpm.py Tue Sep 03 11:39:06 2013 -0500
+++ b/Lib/distutils/command/bdist_rpm.py Wed Sep 04 19:49:37 2013 +0200
@@ -14,6 +14,7 @@
from distutils.file_util import write_file
from distutils.errors import (DistutilsOptionError, DistutilsPlatformError,
DistutilsFileError, DistutilsExecError)
+from distutils.sysconfig import get_python_version
from distutils import log
class bdist_rpm (Command):

43
00192-buffer-overflow.patch
View File

@ -1,43 +0,0 @@
# HG changeset patch
# User Benjamin Peterson <benjamin@python.org>
# Date 1389671978 18000
# Node ID 87673659d8f7ba1623cd4914f09ad3d2ade034e9
# Parent 2631d33ee7fbd5f0288931ef37872218d511d2e8
complain when nbytes > buflen to fix possible buffer overflow (closes #20246)
diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py
--- a/Lib/test/test_socket.py
+++ b/Lib/test/test_socket.py
@@ -1620,6 +1620,16 @@ class BufferIOTest(SocketConnectedTest):
_testRecvFromIntoMemoryview = _testRecvFromIntoArray
+ def testRecvFromIntoSmallBuffer(self):
+ # See issue #20246.
+ buf = bytearray(8)
+ self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024)
+
+ def _testRecvFromIntoSmallBuffer(self):
+ with test_support.check_py3k_warnings():
+ buf = buffer(MSG*2048)
+ self.serv_conn.send(buf)
+
TIPC_STYPE = 2000
TIPC_LOWER = 200
diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@@ -2742,6 +2742,10 @@ sock_recvfrom_into(PySocketSockObject *s
if (recvlen == 0) {
/* If nbytes was not specified, use the buffer's length */
recvlen = buflen;
+ } else if (recvlen > buflen) {
+ PyErr_SetString(PyExc_ValueError,
+ "nbytes is greater than the length of the buffer");
+ goto error;
}
readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr);

19
00194-fix-tests-with-sqlite-3.8.4.patch
View File

@ -1,19 +0,0 @@
# HG changeset patch
# User Benjamin Peterson <benjamin@python.org>
# Date 1394679112 18000
# Node ID 1763e27a182d571cc3a428c71085bb86b3d895b5
# Parent 1d31060f8a5c9695f0b79a738d355d8530e09cc7
weaken callback count inequality (closes #20901)
diff --git a/Lib/sqlite3/test/hooks.py b/Lib/sqlite3/test/hooks.py
--- a/Lib/sqlite3/test/hooks.py
+++ b/Lib/sqlite3/test/hooks.py
@@ -162,7 +162,7 @@ class ProgressTests(unittest.TestCase):
create table bar (a, b)
""")
second_count = len(progress_calls)
- self.assertTrue(first_count > second_count)
+ self.assertGreaterEqual(first_count, second_count)
def CheckCancelOperation(self):
"""

15
00195-enable-sslv23-in-ssl.patch
View File

@ -1,15 +0,0 @@
diff -up Python-2.7.8/Modules/_ssl.c.orig Python-2.7.8/Modules/_ssl.c
--- Python-2.7.8/Modules/_ssl.c.orig 2014-07-17 14:17:32.584362667 +0200
+++ Python-2.7.8/Modules/_ssl.c 2014-07-17 14:17:38.215405930 +0200
@@ -312,8 +312,10 @@ newPySSLObject(PySocketSockObject *Sock,
else if (proto_version == PY_SSL_VERSION_SSL2)
self->ctx = SSL_CTX_new(SSLv2_method()); /* Set up context */
#endif
- else if (proto_version == PY_SSL_VERSION_SSL23)
+ else if (proto_version == PY_SSL_VERSION_SSL23) {
self->ctx = SSL_CTX_new(SSLv23_method()); /* Set up context */
+ self->ctx->options &= ~(SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+ }
PySSL_END_ALLOW_THREADS
if (self->ctx == NULL) {

25
fix-dbm_contains-on-64bit-bigendian.patch
View File

@ -1,25 +0,0 @@
Index: Modules/dbmmodule.c
===================================================================
--- Modules/dbmmodule.c (revision 84317)
+++ Modules/dbmmodule.c (working copy)
@@ -168,12 +168,18 @@
dbm_contains(register dbmobject *dp, PyObject *v)
{
datum key, val;
+ Py_ssize_t dsize;
- if (PyString_AsStringAndSize(v, (char **)&key.dptr,
- (Py_ssize_t *)&key.dsize)) {
+ if (PyString_AsStringAndSize(v, (char **)&key.dptr, &dsize)) {
return -1;
}
+ /* Coerce from Py_ssize_t down to int: */
+ if (dsize > INT_MAX) {
+ return -1;
+ }
+ key.dsize = dsize;
+
/* Expand check_dbmobject_open to return -1 */
if (dp->di_dbm == NULL) {
PyErr_SetString(DbmError, "DBM object has already been closed");

12
fix-test_commands-expected-ls-output-issue7108.patch
View File

@ -1,12 +0,0 @@
diff -up Python-2.7/Lib/test/test_commands.py.gnu-ls-output Python-2.7/Lib/test/test_commands.py
--- Python-2.7/Lib/test/test_commands.py.gnu-ls-output 2010-08-17 11:31:35.714913918 -0400
+++ Python-2.7/Lib/test/test_commands.py 2010-08-17 11:37:08.913911808 -0400
@@ -50,7 +50,7 @@ class CommandTests(unittest.TestCase):
# Note that the first case above has a space in the group name
# while the second one has a space in both names.
pat = r'''d......... # It is a directory.
- \+? # It may have ACLs.
+ [.+@]? # It may have alt access (SELinux, ACLs or metadata ('@' OS X).
\s+\d+ # It has some number of links.
[^/]* # Skip user, group, size, and date.
/\. # and end with the name of the file.

12
fix-test_structmember-on-64bit-bigendian.patch
View File

@ -1,12 +0,0 @@
diff -up Python-2.7.3/Modules/_testcapimodule.c.fix-test_structmember-on-64bit-bigendian Python-2.7.3/Modules/_testcapimodule.c
--- Python-2.7.3/Modules/_testcapimodule.c.fix-test_structmember-on-64bit-bigendian 2012-04-09 19:07:33.000000000 -0400
+++ Python-2.7.3/Modules/_testcapimodule.c 2012-04-12 17:42:55.725766488 -0400
@@ -1813,7 +1813,7 @@ test_structmembers_new(PyTypeObject *typ
;
test_structmembers *ob;
const char *s = NULL;
- Py_ssize_t string_len = 0;
+ int string_len = 0;
ob = PyObject_New(test_structmembers, type);
if (ob == NULL)
return NULL;

12
python-2.6-distutils_rpm.patch
View File

@ -1,12 +0,0 @@
diff -ru Python-2.6-orig/Lib/distutils/command/bdist_rpm.py Python-2.6/Lib/distutils/command/bdist_rpm.py
--- Python-2.6-orig/Lib/distutils/command/bdist_rpm.py 2008-02-23 12:40:11.000000000 -0500
+++ Python-2.6/Lib/distutils/command/bdist_rpm.py 2009-01-06 15:02:18.000000000 -0500
@@ -493,6 +493,7 @@
('build', 'build_script', def_build),
('install', 'install_script',
("%s install "
+ "-O1 "
"--root=$RPM_BUILD_ROOT "
"--record=INSTALLED_FILES") % def_setup_call),
('clean', 'clean_script', "rm -rf $RPM_BUILD_ROOT"),
Only in Python-2.6/Lib/distutils/command: bdist_rpm.py~

3446
python-2.6-update-bsddb3-4.8.patch
View File

File diff suppressed because it is too large Load Diff

14
python-2.6.5-fix-expat-issue9054.patch
View File

@ -1,14 +0,0 @@
Index: Modules/pyexpat.c
===================================================================
--- Modules/pyexpat.c (revision 81539)
+++ Modules/pyexpat.c (working copy)
@@ -415,6 +415,9 @@
PyObject *args;
PyObject *temp;
+ if (!have_handler(self, CharacterData))
+ return -1;
+
args = PyTuple_New(1);
if (args == NULL)
return -1;

30
python-2.7-fix-2to3-itertools-import-star.patch
View File

@ -1,30 +0,0 @@
Index: lib2to3/tests/test_fixers.py
===================================================================
--- lib2to3/tests/test_fixers.py (revision 82529)
+++ lib2to3/tests/test_fixers.py (revision 82530)
@@ -3670,7 +3670,11 @@
a = "from itertools import bar, filterfalse, foo"
self.check(b, a)
+ def test_import_star(self):
+ s = "from itertools import *"
+ self.unchanged(s)
+
def test_unchanged(self):
s = "from itertools import foo"
self.unchanged(s)
Index: lib2to3/fixes/fix_itertools_imports.py
===================================================================
--- lib2to3/fixes/fix_itertools_imports.py (revision 82529)
+++ lib2to3/fixes/fix_itertools_imports.py (revision 82530)
@@ -20,6 +20,9 @@
if child.type == token.NAME:
member = child.value
name_node = child
+ elif child.type == token.STAR:
+ # Just leave the import as is.
+ return
else:
assert child.type == syms.import_as_name
name_node = child.children[0]

37
python-2.7-fix-parallel-make.patch
View File

@ -1,37 +0,0 @@
diff -up Python-2.7/Makefile.pre.in.fix-parallel-make Python-2.7/Makefile.pre.in
--- Python-2.7/Makefile.pre.in.fix-parallel-make 2010-07-22 15:01:39.567996932 -0400
+++ Python-2.7/Makefile.pre.in 2010-07-22 15:47:02.437998509 -0400
@@ -207,6 +207,7 @@ SIGNAL_OBJS= @SIGNAL_OBJS@
##########################################################################
# Grammar
+GRAMMAR_STAMP= $(srcdir)/grammar-stamp
GRAMMAR_H= $(srcdir)/Include/graminit.h
GRAMMAR_C= $(srcdir)/Python/graminit.c
GRAMMAR_INPUT= $(srcdir)/Grammar/Grammar
@@ -530,10 +531,24 @@ Modules/getpath.o: $(srcdir)/Modules/get
Modules/python.o: $(srcdir)/Modules/python.c
$(MAINCC) -c $(PY_CFLAGS) -o $@ $(srcdir)/Modules/python.c
+# GNU "make" interprets rules with two dependents as two copies of the rule.
+#
+# In a parallel build this can lead to pgen being run twice, once for each of
+# GRAMMAR_H and GRAMMAR_C, leading to race conditions in which the compiler
+# reads a partially-overwritten copy of one of these files, leading to syntax
+# errors (or linker errors if the fragment happens to be syntactically valid C)
+#
+# See http://www.gnu.org/software/hello/manual/automake/Multiple-Outputs.html
+# for more information
+#
+# Introduce ".grammar-stamp" as a contrived single output from PGEN to avoid
+# this:
+$(GRAMMAR_H) $(GRAMMAR_C): $(GRAMMAR_STAMP)
-$(GRAMMAR_H) $(GRAMMAR_C): $(PGEN) $(GRAMMAR_INPUT)
+$(GRAMMAR_STAMP): $(PGEN) $(GRAMMAR_INPUT)
-@$(INSTALL) -d Include
-$(PGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C)
+ touch $(GRAMMAR_STAMP)
$(PGEN): $(PGENOBJS)
$(CC) $(OPT) $(LDFLAGS) $(PGENOBJS) $(LIBS) -o $(PGEN)

66
python-2.7-r84443-cfgparse.patch
View File

@ -1,66 +0,0 @@
Index: Lib/ConfigParser.py
===================================================================
--- Lib/ConfigParser.py.orig
+++ Lib/ConfigParser.py
@@ -399,11 +399,10 @@ class RawConfigParser:
fp.write("[%s]\n" % section)
for (key, value) in self._sections[section].items():
if key != "__name__":
- if value is None:
- fp.write("%s\n" % (key))
- else:
- fp.write("%s = %s\n" %
- (key, str(value).replace('\n', '\n\t')))
+ if (value is not None) or (self._optcre == self.OPTCRE):
+ key = " = ".join((key, str(value).replace('\n', '\n\t')))
+ fp.write("%s\n" % (key))
+
fp.write("\n")
def remove_option(self, section, option):
Index: Lib/test/test_cfgparser.py
===================================================================
--- Lib/test/test_cfgparser.py.orig
+++ Lib/test/test_cfgparser.py
@@ -493,6 +493,33 @@ class SafeConfigParserTestCaseNoValue(Sa
allow_no_value = True
+class Issue7005TestCase(unittest.TestCase):
+ """Test output when None is set() as a value and allow_no_value == False.
+
+ http://bugs.python.org/issue7005
+
+ """
+
+ expected_output = "[section]\noption = None\n\n"
+
+ def prepare(self, config_class):
+ # This is the default, but that's the point.
+ cp = config_class(allow_no_value=False)
+ cp.add_section("section")
+ cp.set("section", "option", None)
+ sio = StringIO.StringIO()
+ cp.write(sio)
+ return sio.getvalue()
+
+ def test_none_as_value_stringified(self):
+ output = self.prepare(ConfigParser.ConfigParser)
+ self.assertEqual(output, self.expected_output)
+
+ def test_none_as_value_stringified_raw(self):
+ output = self.prepare(ConfigParser.RawConfigParser)
+ self.assertEqual(output, self.expected_output)
+
+
class SortedTestCase(RawConfigParserTestCase):
def newconfig(self, defaults=None):
self.cf = self.config_class(defaults=defaults, dict_type=SortedDict)
@@ -524,6 +551,7 @@ def test_main():
RawConfigParserTestCase,
SafeConfigParserTestCase,
SortedTestCase,
+ Issue7005TestCase,
SafeConfigParserTestCaseNoValue,
)

50
python-2.7.1-fix-decimal-in-turkish-locale.patch
View File

@ -1,50 +0,0 @@
diff -up Python-2.7.1/Lib/decimal.py.fix-decimal-in-turkish-locale Python-2.7.1/Lib/decimal.py
--- Python-2.7.1/Lib/decimal.py.fix-decimal-in-turkish-locale 2010-07-08 17:22:54.000000000 -0400
+++ Python-2.7.1/Lib/decimal.py 2011-04-12 11:30:40.850350842 -0400
@@ -1720,8 +1720,6 @@ class Decimal(object):
# here self was representable to begin with; return unchanged
return Decimal(self)
- _pick_rounding_function = {}
-
# for each of the rounding functions below:
# self is a finite, nonzero Decimal
# prec is an integer satisfying 0 <= prec < len(self._int)
@@ -1788,6 +1786,17 @@ class Decimal(object):
else:
return -self._round_down(prec)
+ _pick_rounding_function = dict(
+ ROUND_DOWN = '_round_down',
+ ROUND_UP = '_round_up',
+ ROUND_HALF_UP = '_round_half_up',
+ ROUND_HALF_DOWN = '_round_half_down',
+ ROUND_HALF_EVEN = '_round_half_even',
+ ROUND_CEILING = '_round_ceiling',
+ ROUND_FLOOR = '_round_floor',
+ ROUND_05UP = '_round_05up',
+ )
+
def fma(self, other, third, context=None):
"""Fused multiply-add.
@@ -3705,18 +3714,6 @@ _numbers.Number.register(Decimal)
##### Context class #######################################################
-
-# get rounding method function:
-rounding_functions = [name for name in Decimal.__dict__.keys()
- if name.startswith('_round_')]
-for name in rounding_functions:
- # name is like _round_half_even, goes to the global ROUND_HALF_EVEN value.
- globalname = name[1:].upper()
- val = globals()[globalname]
- Decimal._pick_rounding_function[val] = name
-
-del name, val, globalname, rounding_functions
-
class _ContextManager(object):
"""Context manager class to support localcontext().
diff -up Python-2.7.1/Misc/NEWS.fix-decimal-in-turkish-locale Python-2.7.1/Misc/NEWS

85
python-2.7rc1-ctypes-noexecmem.patch
View File

@ -1,85 +0,0 @@
diff -up Python-2.7rc1/Modules/_ctypes/callbacks.c.selinux Python-2.7rc1/Modules/_ctypes/callbacks.c
--- Python-2.7rc1/Modules/_ctypes/callbacks.c.selinux 2010-05-09 10:46:46.000000000 -0400
+++ Python-2.7rc1/Modules/_ctypes/callbacks.c 2010-06-08 08:44:18.357366200 -0400
@@ -21,8 +21,8 @@ CThunkObject_dealloc(PyObject *_self)
Py_XDECREF(self->converters);
Py_XDECREF(self->callable);
Py_XDECREF(self->restype);
- if (self->pcl)
- _ctypes_free_closure(self->pcl);
+ if (self->pcl_write)
+ ffi_closure_free(self->pcl_write);
PyObject_GC_Del(self);
}
@@ -391,7 +391,8 @@ static CThunkObject* CThunkObject_new(Py
return NULL;
}
- p->pcl = NULL;
+ p->pcl_exec = NULL;
+ p->pcl_write = NULL;
memset(&p->cif, 0, sizeof(p->cif));
p->converters = NULL;
p->callable = NULL;
@@ -421,8 +422,9 @@ CThunkObject *_ctypes_alloc_callback(PyO
assert(CThunk_CheckExact(p));
- p->pcl = _ctypes_alloc_closure();
- if (p->pcl == NULL) {
+ p->pcl_write = ffi_closure_alloc(sizeof(ffi_closure),
+ &p->pcl_exec);
+ if (p->pcl_write == NULL) {
PyErr_NoMemory();
goto error;
}
@@ -467,7 +469,9 @@ CThunkObject *_ctypes_alloc_callback(PyO
"ffi_prep_cif failed with %d", result);
goto error;
}
- result = ffi_prep_closure(p->pcl, &p->cif, closure_fcn, p);
+ result = ffi_prep_closure_loc(p->pcl_write, &p->cif, closure_fcn,
+ p,
+ p->pcl_exec);
if (result != FFI_OK) {
PyErr_Format(PyExc_RuntimeError,
"ffi_prep_closure failed with %d", result);
diff -up Python-2.7rc1/Modules/_ctypes/_ctypes.c.selinux Python-2.7rc1/Modules/_ctypes/_ctypes.c
--- Python-2.7rc1/Modules/_ctypes/_ctypes.c.selinux 2010-05-09 10:46:46.000000000 -0400
+++ Python-2.7rc1/Modules/_ctypes/_ctypes.c 2010-06-07 23:19:39.950146038 -0400
@@ -3463,7 +3463,7 @@ PyCFuncPtr_new(PyTypeObject *type, PyObj
self->callable = callable;
self->thunk = thunk;
- *(void **)self->b_ptr = (void *)thunk->pcl;
+ *(void **)self->b_ptr = (void *)thunk->pcl_exec;
Py_INCREF((PyObject *)thunk); /* for KeepRef */
if (-1 == KeepRef((CDataObject *)self, 0, (PyObject *)thunk)) {
diff -up Python-2.7rc1/Modules/_ctypes/ctypes.h.selinux Python-2.7rc1/Modules/_ctypes/ctypes.h
--- Python-2.7rc1/Modules/_ctypes/ctypes.h.selinux 2010-05-09 10:46:46.000000000 -0400
+++ Python-2.7rc1/Modules/_ctypes/ctypes.h 2010-06-07 23:19:39.950146038 -0400
@@ -95,7 +95,8 @@ struct tagCDataObject {
typedef struct {
PyObject_VAR_HEAD
- ffi_closure *pcl; /* the C callable */
+ ffi_closure *pcl_write; /* the C callable, writeable */
+ void *pcl_exec; /* the C callable, executable */
ffi_cif cif;
int flags;
PyObject *converters;
diff -up Python-2.7rc1/setup.py.selinux Python-2.7rc1/setup.py
--- Python-2.7rc1/setup.py.selinux 2010-06-07 23:19:39.922147795 -0400
+++ Python-2.7rc1/setup.py 2010-06-07 23:19:39.951145942 -0400
@@ -1864,8 +1864,7 @@ class PyBuildExt(build_ext):
'_ctypes/callbacks.c',
'_ctypes/callproc.c',
'_ctypes/stgdict.c',
- '_ctypes/cfield.c',
- '_ctypes/malloc_closure.c']
+ '_ctypes/cfield.c']
depends = ['_ctypes/ctypes.h']
if sys.platform == 'darwin':

19
python-3.2b2-fix-ppc-debug-build.patch
View File

@ -1,19 +0,0 @@
diff -up Python-3.2b2/Python/ceval.c.fix-ppc-debug-build Python-3.2b2/Python/ceval.c
--- Python-3.2b2/Python/ceval.c.fix-ppc-debug-build 2011-01-05 16:37:27.007598805 -0500
+++ Python-3.2b2/Python/ceval.c 2011-01-05 16:45:06.562652472 -0500
@@ -30,10 +30,11 @@
typedef unsigned long long uint64;
-#if defined(__ppc__) /* <- Don't know if this is the correct symbol; this
- section should work for GCC on any PowerPC
- platform, irrespective of OS.
- POWER? Who knows :-) */
+/* PowerPC suppport.
+ "__ppc__" appears to be the preprocessor definition to detect on OS X, whereas
+ "__powerpc__" appears to be the correct one for Linux with GCC
+*/
+#if defined(__ppc__) || defined (__powerpc__)
#define READ_TIMESTAMP(var) ppc_getcounter(&var)

223
python.spec
View File

@ -108,7 +108,7 @@ Summary: An interpreted, interactive, object-oriented programming language
Name: %{python}
# Remember to also rebase python-docs when changing this:
Version: 2.7.12
Release: 3%{?dist}
Release: 4%{?dist}
License: Python
Group: Development/Languages
Requires: %{python}-libs%{?_isa} = %{version}-%{release}
@ -344,9 +344,6 @@ Patch17: python-2.6.4-distutils-rpath.patch
# for 2.7rc1 by dmalcolm:
Patch55: 00055-systemtap.patch
# Upstream as of Python 2.7.4
# Patch101: 00101-lib64-regex.patch
# Only used when "%{_lib}" == "lib64"
# Fixup various paths throughout the build and in distutils from "lib" to "lib64",
# and add the /usr/lib64/pythonMAJOR.MINOR/site-packages to sitedirs, in front of
@ -450,9 +447,6 @@ Patch113: 00113-more-configuration-flags.patch
# Not yet sent upstream
Patch114: 00114-statvfs-f_flag-constants.patch
# Upstream as of Python 2.7.3:
# Patch115: make-pydoc-more-robust-001.patch
# Upstream r79310 removed the "Modules" directory from sys.path when Python is
# running from the build directory on POSIX to fix a unit test (issue #8205).
# This seems to have broken the compileall.py done in "make install": it cannot
@ -476,12 +470,6 @@ Patch121: 00121-add-Modules-to-build-path.patch
# Not yet sent upstream
Patch125: 00125-less-verbose-COUNT_ALLOCS.patch
# Upstream as of Python 2.7.5
# Patch126: fix-dbm_contains-on-64bit-bigendian.patch
# Upstream as of Python 2.7.5
# Patch127: fix-test_structmember-on-64bit-bigendian.patch
# 2.7.1 (in r84230) added a test to test_abc which fails if python is
# configured with COUNT_ALLOCS, which is the case for our debug build
# (the COUNT_ALLOCS instrumentation keeps "C" alive).
@ -583,10 +571,6 @@ Patch143: 00143-tsc-on-ppc.patch
# (Optionally) disable the gdbm module:
Patch144: 00144-no-gdbm.patch
# 00145 #
# Upstream as of Python 2.7.3:
# Patch145: 00145-force-sys-platform-to-be-linux2.patch
# 00146 #
# Support OpenSSL FIPS mode (e.g. when OPENSSL_FORCE_FIPS_MODE=1 is set)
# - handle failures from OpenSSL (e.g. on attempts to use MD5 in a
@ -611,28 +595,6 @@ Patch146: 00146-hashlib-fips.patch
# Sent upstream as http://bugs.python.org/issue14785
Patch147: 00147-add-debug-malloc-stats.patch
# 00148 #
# Upstream as of Python 2.7.3:
# Patch148: 00148-gdbm-1.9-magic-values.patch
# 00149 #
# python3.spec's
# Patch149: 00149-backport-issue11254-pycache-bytecompilation-fix.patch
# is not relevant for Python 2
# 00150 #
# python3.spec has:
# Patch150: 00150-disable-rAssertAlmostEqual-cmath-on-ppc.patch
# as a workaround for a glibc bug on PPC (bz #750811)
# 00151 #
# Upstream as of Python 2.7.3:
# Patch151: 00151-fork-deadlock.patch
# 00152 #
# python3.spec has:
# Patch152: 00152-fix-test-gdb-regex.patch
# 00153 #
# Strip out lines of the form "warning: Unable to open ..." from gdb's stderr
# when running test_gdb.py; also cope with change to gdb in F17 onwards in
@ -640,10 +602,6 @@ Patch147: 00147-add-debug-malloc-stats.patch
# Not yet sent upstream
Patch153: 00153-fix-test_gdb-noise.patch
# 00154 #
# python3.spec on f15 has:
# Patch154: 00154-skip-urllib-test-requiring-working-DNS.patch
# 00155 #
# Avoid allocating thunks in ctypes unless absolutely necessary, to avoid
# generating SELinux denials on "import ctypes" and "import uuid" when
@ -673,31 +631,6 @@ Patch156: 00156-gdb-autoload-safepath.patch
# (rhbz#697470)
Patch157: 00157-uid-gid-overflows.patch
# Upstream as of Python 2.7.4
# Patch158: 00158-fix-hashlib-leak.patch
# 00160 #
# python3.spec's
# Patch160: 00160-disable-test_fs_holes-in-rpm-build.patch
# is not relevant for Python 2
# 00161 #
# python3.spec has:
# Patch161: 00161-fix-test_tools-directory.patch
# which will likely become relevant for Python 2 next time we rebase
# 00162 #
# python3.spec has:
# Patch162: 00162-distutils-sysconfig-fix-CC-options.patch
# 00163 #
# python3.spec has:
# Patch163: 00163-disable-parts-of-test_socket-in-rpm-build.patch
# 00164 #
# python3.spec has:
# Patch164: 00164-disable-interrupted_write-tests-on-ppc.patch
# 00165 #
# Backport to Python 2 from Python 3.3 of improvements to the "crypt" module
# adding precanned ways of salting a password (rhbz#835021)
@ -707,16 +640,6 @@ Patch157: 00157-uid-gid-overflows.patch
# within 2.7
Patch165: 00165-crypt-module-salt-backport.patch
# 00166 #
# Bulletproof the gdb debugging hooks against the case where co_filename for
# a frame can't be read from the inferior process (rhbz#912025)
#
# Not yet sent upstream
# This issue seems to have been fixed most probably by https://bugs.python.org/issue26799
# as of Python 2.7.12 and test_gdb seems to fail with the patch applied
# so dropping it for now.
#Patch166: 00166-fix-fake-repr-in-gdb-hooks.patch
# 00167 #
# Don't run any of the stack navigation tests in test_gdb when Python is
# optimized, since there appear to be many different ways in which gdb can
@ -757,12 +680,6 @@ Patch169: 00169-avoid-implicit-usage-of-md5-in-multiprocessing.patch
# (rhbz#850013)
Patch170: 00170-gc-assertions.patch
# Upstream as of Python 2.7.4
# Patch171: 00171-raise-correct-exception-when-dev-urandom-is-missing.patch
# Upstream as of Python 2.7.4
# Patch172: 00172-use-poll-for-multiprocessing-socket-connection.patch
# 00173 #
# Workaround for ENOPROTOOPT seen in Koji within
# test.test_support.bind_port()
@ -777,30 +694,6 @@ Patch173: 00173-workaround-ENOPROTOOPT-in-bind_port.patch
# e.g. cmpi-bindings under systemd (rhbz#817554):
Patch174: 00174-fix-for-usr-move.patch
# 00175 #
# Upstream as of Python 2.7.5
# Patch175: 00175-fix-configure-Wformat.patch
# 00176 #
# python3.spec had:
# Patch176: 00176-upstream-issue16754-so-extension.patch
# doesn't affect python2
# 00177 #
# python3.spec has
# Patch177: 00177-platform-unicode.patch
# Does not affect python2
# 00178 #
# python3.spec has
# Patch178: 00178-dont-duplicate-flags-in-sysconfig.patch
# Does not affect python2 AFAICS (different sysconfig values initialization)
# 00179 #
# python3.spec has
# Patch179: 00179-dont-raise-error-on-gdb-corrupted-frames-in-backtrace.patch
# Doesn't seem to affect python2
# 00180 #
# Enable building on ppc64p7
# Not appropriate for upstream, Fedora-specific naming
@ -815,14 +708,6 @@ Patch180: 00180-python-add-support-for-ppc64p7.patch
# Doesn't apply to Python 3, where this is fixed otherwise and works.
Patch181: 00181-allow-arbitrary-timeout-in-condition-wait.patch
# 00182 #
# python3.spec had
# Patch182: 00182-fix-test_gdb-test_threads.patch
# 00183 #
# python3.spec has
# Patch183: 00183-cve-2013-2099-fix-ssl-match_hostname-dos.patch
# 00184 #
# Fix for https://bugzilla.redhat.com/show_bug.cgi?id=979696
# Fixes build of ctypes against libffi with multilib wrapper
@ -850,23 +735,10 @@ Patch187: 00187-add-RPATH-to-pyexpat.patch
# rhbz#1008154 (patch by Attila Fazekas)
Patch189: 00189-gdb-py-bt-dont-raise-exception-from-eval.patch
# 00190 #
# Importing get_python_version in bdist_rpm
# http://bugs.python.org/issue18045
# rhbz#1029082
# FIXED UPSTREAM
#Patch190: 00190-get_python_version.patch
# 00191 #
# Disabling NOOP test as it fails without internet connection
Patch191: 00191-disable-NOOP.patch
# 00192 #
# Fixing buffer overflow (upstream patch)
# rhbz#1062375
# FIXED UPSTREAM
#Patch192: 00192-buffer-overflow.patch
# 00193 #
# Enable loading sqlite extensions. This patch isn't needed for
# python3.spec, since Python 3 has a configuration option for this.
@ -874,35 +746,6 @@ Patch191: 00191-disable-NOOP.patch
# Patch provided by John C. Peterson
Patch193: 00193-enable-loading-sqlite-extensions.patch
# 00194 #
# Fix tests with SQLite >= 3.8.4
# http://bugs.python.org/issue20901
# http://hg.python.org/cpython/raw-rev/1763e27a182d
# FIXED UPSTREAM
#Patch194: 00194-fix-tests-with-sqlite-3.8.4.patch
# 00195 #
# Since openssl-1.0.1h-5.fc21 SSLv2 and SSLV3 protocols
# are disabled by default in openssl, according the comment in openssl
# patch this affects only SSLv23_method, this patch enables SSLv2
# and SSLv3 when SSLv23_method is used
# Update:
# Patch disabled, Openssl reverted disabling sslv3 and now
# disables only sslv2 all tests pass
#Patch195: 00195-enable-sslv23-in-ssl.patch
# 00196 #
# http://bugs.python.org/issue21308
# Backport of ssl module from python3
# FIXED UPSTREAM
# Patch196: 00196-ssl-backport.patch
# 00197 #
# http://bugs.python.org/issue22023
# Patch seg fault in unicodeobject.c
# FIXED UPSTREAM
# Patch197: 00197-unicode_fromformat.patch
# 00198 #
%if 0%{with_rewheel}
Patch198: 00198-add-rewheel-module.patch
@ -920,23 +763,6 @@ Patch200: 00200-skip-thread-test.patch
# FIXED UPSTREAM: http://bugs.python.org/issue27369
Patch209: 00209-fix-test-pyexpat-failure.patch
# 00237 #
# CVE-2016-0772 python: smtplib StartTLS stripping attack
# rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647
# rhbz#1346344: https://bugzilla.redhat.com/show_bug.cgi?id=1346344
# FIXED UPSTREAM: https://hg.python.org/cpython/rev/b3ce713fb9be
# Raise an error when STARTTLS fails
# Patch237: 00237-Raise-an-error-when-STARTTLS-fails.patch
# 00241 #
# CVE-2016-5636: http://seclists.org/oss-sec/2016/q2/560
# rhbz#1345858: https://bugzilla.redhat.com/show_bug.cgi?id=1345858
# https://hg.python.org/cpython/rev/985fc64c60d6/
# https://hg.python.org/cpython/rev/2edbdb79cd6d
# Fix possible integer overflow and heap corruption in zipimporter.get_data()
# FIXED UPSTREAM: https://bugs.python.org/issue26171
#Patch241: 00241-CVE-2016-5636-buffer-overflow-in-zipimport-module-fix.patch
# 00242 #
# HTTPoxy attack (CVE-2016-1000110)
# https://httpoxy.org/
@ -945,10 +771,6 @@ Patch209: 00209-fix-test-pyexpat-failure.patch
# Resolves: rhbz#1359175
Patch242: 00242-CVE-2016-1000110-httpoxy.patch
# 00243 #
# Patch243: 00243-fix-mips64-triplet.patch
# only necessary for python3
# (New patches go here ^^^)
#
# When adding new patches to "python" and "python3" in Fedora, EL, etc.,
@ -1185,10 +1007,6 @@ done
%patch6 -p1 -b .plural
%patch7 -p1
# Try not disabling egg-infos, bz#414711
#patch50 -p1 -b .egginfo
# patch101: upstream as of Python 2.7.4
%if "%{_lib}" == "lib64"
%patch102 -p1 -b .lib64
%patch103 -p1 -b .lib64-sysconfig
@ -1196,7 +1014,6 @@ done
%endif
%patch10 -p1 -b .binutils-no-dep
# patch11: upstream as of Python 2.7.3
%patch13 -p1 -b .socketmodule
%patch14 -p1 -b .socketmodule2
%patch16 -p1 -b .rpath
@ -1214,12 +1031,9 @@ done
%patch114 -p1 -b .statvfs-f-flag-constants
# patch115: upstream as of Python 2.7.3
%patch121 -p1
%patch125 -p1 -b .less-verbose-COUNT_ALLOCS
# 00126: upstream as of Python 2.7.5
# 00127: upstream as of Python 2.7.5
%patch128 -p1
%patch130 -p1
@ -1247,64 +1061,33 @@ done
%if !%{with_gdbm}
%patch144 -p1
%endif
# 00145: upstream as of Python 2.7.3
%patch146 -p1
%patch147 -p1
# 00148: upstream as of Python 2.7.3
# 00149: not for python 2
# 00150: not for python 2
# 00151: upstream as of Python 2.7.3
# 00152: not for python 2
%patch153 -p0
# 00154: not for python 2
%patch155 -p1
%patch156 -p1
%patch157 -p1
# 00158: upstream as of Python 2.7.4
# 00160: not for python 2
# 00161: not for python 2 yet
# 00162: not for python 2 yet
# 00163: not for python 2 yet
# 00164: not for python 2 yet
%patch165 -p1
mv Modules/cryptmodule.c Modules/_cryptmodule.c
# 00166: dropped as of Python 2.7.12
%patch167 -p1
%patch168 -p1
%patch169 -p1
%patch170 -p1
# 00171: upstream as of Python 2.7.4
# 00171: upstream as of Python 2.7.4
%patch173 -p1
%patch174 -p1 -b .fix-for-usr-move
# 00175: upstream as of Python 2.7.5
# 00176: not for python 2
# 00177: not for python 2
# 00178: not for python 2
# 00179: not for python 2
%patch180 -p1
%patch181 -p1
# 00182: not for python 2
# 00183: not for python 2
%patch184 -p1
%patch185 -p1
%patch187 -p1
%patch189 -p1
# 00190: upstream as of Python 2.7.7
%patch191 -p1
# 00192: upstream as of Python 2.7.7
%patch193 -p1
# 00194: upstream as of Python 2.7.7
#%patch195 -p1
# 00196: upstream as of Python 2.7.9
# 00197: upstream as of Python 2.7.9
%if 0%{with_rewheel}
%patch198 -p1
%endif
%patch200 -p1
%patch209 -p1
# 00237: upstream as of Python 2.7.12
# 00241: upstream as of Python 2.7.12
%patch242 -p1
@ -2160,6 +1943,10 @@ rm -fr %{buildroot}
# ======================================================
%changelog
* Tue Aug 09 2016 Charalampos Stratakis <cstratak@redhat.com> - 2.7.12-4
- SPEC file cleanup
- Removal of unapplied patches
* Tue Aug 09 2016 Charalampos Stratakis <cstratak@redhat.com> - 2.7.12-3
- Fix for CVE-2016-1000110 HTTPoxy attack
- SPEC file cleanup