1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
|
# Maintainer: Michał Wojdyła < micwoj9292 at gmail dot com >
# Contributor: Felix Yan <felixonmars@archlinux.org>
# Contributor: Stéphane Gaudreault <stephane@archlinux.org>
# Contributor: Allan McRae <allan@archlinux.org>
# Contributor: Jason Chu <jason@archlinux.org>
pkgname=python2
pkgver=2.7.18
pkgrel=11
_pybasever=2.7
pkgdesc="A high-level scripting language"
arch=('x86_64' 'aarch64')
license=('PSF-2.0')
url="https://www.python.org/"
depends=('bzip2' 'expat' 'gdbm' 'libffi' 'libnsl' 'libxcrypt' 'openssl-1.1' 'sqlite' 'zlib')
makedepends=('tk' 'bluez-libs')
checkdepends=('gdb' 'file' 'xorg-server-xvfb' 'xterm')
optdepends=('tk: for IDLE'
'python2-setuptools'
'python2-pip')
conflicts=('python<3')
_gentoo_patches="python-gentoo-patches-${pkgver}_p16"
source=("https://www.python.org/ftp/python/${pkgver%rc?}/Python-${pkgver}.tar.xz"{,.asc}
mtime-workaround.patch
"https://dev.gentoo.org/~mgorny/dist/python/$_gentoo_patches.tar.xz")
sha512sums=('a7bb62b51f48ff0b6df0b18f5b0312a523e3110f49c3237936bfe56ed0e26838c0274ff5401bda6fc21bf24337477ccac49e8026c5d651e4b4cafb5eb5086f6c'
'SKIP'
'4e761cfd57791e8b72ecdf84c2e03875bf074311130eea5b8e97409fa304fa3468dbd359a511c4e9978e686e662c58054b4174d3e73f845fa9ded2e83a3a8076'
'810be590d0e06fab4b2165e6852ca49662f09dcd7e20b47a29f613ad7653252c8dfac3f0eb228d77c8a914efa7c08788b2fbd552a4b47504f5fd0ec17450c48f')
validpgpkeys=('C01E1CAD5EA2C4F0B8E3571504C367C218ADD4FF') # Benjamin Peterson
noextract=("$_gentoo_patches.tar.xz")
prepare() {
bsdtar -xf $_gentoo_patches.tar.xz -s /$_gentoo_patches//
cd Python-${pkgver}
# makepkg will touch all files to $SOURCE_DATE_EPOCH which will break pyc file's mtime check.
# workaround this by touching them to $SOURCE_DATE_EPOCH before running compileall.
patch -p0 -i ../mtime-workaround.patch
patch -p1 -i ../0001-bpo-39017-Avoid-infinite-loop-in-the-tarfile-module-.patch #CVE-2019-20907
patch -p1 -i ../0002-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch #CVE-2020-8492
patch -p1 -i ../0003-bpo-39603-Prevent-header-injection-in-http-methods-G.patch #CVE-2020-26116
patch -p1 -i ../0004-bpo-42051-Reject-XML-entity-declarations-in-plist-fi.patch
patch -p1 -i ../0005-bpo-41944-No-longer-call-eval-on-content-received-vi.patch #CVE-2020-27619
patch -p1 -i ../0006-bpo-40791-Make-compare_digest-more-constant-time.-GH.patch
patch -p1 -i ../0007-3.6-closes-bpo-42938-Replace-snprintf-with-Python-un.patch #CVE-2021-3177
patch -p1 -i ../0008-3.6-bpo-42967-only-use-as-a-query-string-separator-G.patch #CVE-2021-23336
patch -p1 -i ../0009-py2-ize-the-CJK-codec-test.patch
patch -p1 -i ../0010-3.6-bpo-43285-Make-ftplib-not-trust-the-PASV-respons.patch
patch -p1 -i ../0011-bpo-43075-Fix-ReDoS-in-urllib-AbstractBasicAuthHandl.patch
patch -p1 -i ../0012-3.9-bpo-43882-urllib.parse-should-sanitize-urls-cont.patch
patch -p1 -i ../0013-Backport-bpo-44022-Fix-http-client-infinite-line-rea.patch
patch -p1 -i ../0014-bpo-43124-Fix-smtplib-multiple-CRLF-injection-GH-259.patch
patch -p1 -i ../0015-bpo-42278-Use-tempfile.TemporaryDirectory-rather-tha.patch
patch -p1 -i ../0016-Fix-accidentally-leaving-one-sub-test-commented-out.patch
patch -p1 -i ../0017-bpo-46811-Make-test-suite-support-Expat-2.4.5-GH-314.patch
patch -p1 -i ../0018-bpo-46756-Fix-authorization-check-in-urllib.request-.patch
patch -p1 -i ../0019-Install-libpythonX.Y.a-in-usr-lib-instead-of-usr-lib.patch
patch -p1 -i ../0020-Disable-modules-and-SSL.patch
# patch -p1 -i ../0021-Gentoo-libdir.patch # Gentoo specific patch
# patch -p1 -i ../0022-Non-zero-exit-status-on-failure.patch # Don't need this
# patch -p1 -i ../0023-sqlite-loadable-extensions.patch # causes error: IndentationError: expected an indented block
patch -p1 -i ../0024-Regenerate-platform-specific-modules.patch
# patch -p1 -i ../0025-distutils-C.patch # Causes failure on test_distutils
patch -p1 -i ../0026-Turkish-locale.patch
patch -p1 -i ../0027-ARM-OABI.patch
patch -p1 -i ../0028-use_pyxml.patch
patch -p1 -i ../0029-Disable-nis.patch
# patch -p1 -i ../0030-Make-module-byte-compilation-non-fatal.patch # Does not apply cleanly
patch -p1 -i ../0031-Use-ncurses-to-find-pkg-config.patch
patch -p1 -i ../0032-Use-specific-Werror-for-cross-compile-tests.patch
patch -p1 -i ../0033-Force-using-system-libffi.patch
patch -p1 -i ../0034-test.support.unlink-ignore-EACCES.patch
patch -p1 -i ../0035-ssl-Hard-disable-SSLv3-to-avoid-automagic-deps.patch
patch -p1 -i ../0036-Fix-Wimplicit-int-Wimplicit-function-declaration.patch
# Temporary workaround for FS#22322
# See http://bugs.python.org/issue10835 for upstream report
sed -i "/progname =/s/python/python${_pybasever}/" Python/pythonrun.c
# Enable built-in SQLite module to load extensions (fix FS#22122)
sed -i "/SQLITE_OMIT_LOAD_EXTENSION/d" setup.py
# FS#23997
sed -i -e "s|^#.* /usr/local/bin/python|#!/usr/bin/python2|" Lib/cgi.py
sed -i "s/python2.3/python2/g" Lib/distutils/tests/test_build_scripts.py \
Lib/distutils/tests/test_install_scripts.py
# Ensure that we are using the system copy of various libraries (expat, zlib and libffi),
# rather than copies shipped in the tarball
rm -r Modules/expat
rm -r Modules/zlib
rm -r Modules/_ctypes/{darwin,libffi}*
# clean up #!s
find . -name '*.py' | \
xargs sed -i "s|#[ ]*![ ]*/usr/bin/env python$|#!/usr/bin/env python2|"
# Workaround asdl_c.py/makeopcodetargets.py errors after we touched the shebangs
touch Include/Python-ast.h Python/Python-ast.c Python/opcode_targets.h
}
build() {
cd "${srcdir}/Python-${pkgver}"
CPPFLAGS+=" -I/usr/include/openssl-1.1"
LDFLAGS+=" -L/usr/lib/openssl-1.1"
export OPT="${CFLAGS}"
./configure --prefix=/usr \
--enable-shared \
--with-threads \
--enable-optimizations \
--with-lto \
--enable-ipv6 \
--enable-unicode=ucs4 \
--with-system-expat \
--with-system-ffi \
--with-dbmliborder=gdbm:ndbm \
--without-ensurepip
make
}
check() {
# Since 2.7.14 with latest xvfb
# test_idle, test_tk, test_ttk_guionly: segfaults
# Since 2.7.15: test_ctypes
# test_ftplib test_imaplib test_urllib2_localnet: krb5 errors
# test_codecmaps_jp: TODO
export TERM=xterm
local -x TZ=UTC
cd Python-${pkgver}
LD_LIBRARY_PATH="${srcdir}/Python-${pkgver}":${LD_LIBRARY_PATH} \
xvfb-run "${srcdir}/Python-${pkgver}/python" -m test.regrtest -v -uall -x test_idle test_tk test_ttk_guionly test_ctypes test_ssl test_ftplib test_imaplib test_urllib2_localnet test_codecmaps_jp test_ossaudiodev
}
package() {
cd Python-${pkgver}
# Hack to avoid building again
sed -i 's/^all:.*$/all: build_all/' Makefile
make DESTDIR="${pkgdir}" altinstall maninstall
rm "${pkgdir}"/usr/share/man/man1/python.1
ln -sf python${_pybasever} "${pkgdir}"/usr/bin/python2
ln -sf python${_pybasever}-config "${pkgdir}"/usr/bin/python2-config
ln -sf python${_pybasever}.1 "${pkgdir}"/usr/share/man/man1/python2.1
# FS#33954
ln -sf python-${_pybasever}.pc "${pkgdir}"/usr/lib/pkgconfig/python2.pc
ln -sf ../../libpython${_pybasever}.so "${pkgdir}"/usr/lib/python${_pybasever}/config/libpython${_pybasever}.so
mv "${pkgdir}"/usr/bin/smtpd.py "${pkgdir}"/usr/lib/python${_pybasever}/
# some useful "stuff"
install -dm755 "${pkgdir}"/usr/lib/python${_pybasever}/Tools/{i18n,scripts}
install -m755 Tools/i18n/{msgfmt,pygettext}.py "${pkgdir}"/usr/lib/python${_pybasever}/Tools/i18n/
install -m755 Tools/scripts/{README,*py} "${pkgdir}"/usr/lib/python${_pybasever}/Tools/scripts/
# fix conflicts with python
mv "${pkgdir}"/usr/bin/idle{,2}
mv "${pkgdir}"/usr/bin/pydoc{,2}
mv "${pkgdir}"/usr/bin/2to3{,-2.7}
# clean-up reference to build directory
sed -i "s#${srcdir}/Python-${pkgver}:##" "${pkgdir}"/usr/lib/python${_pybasever}/config/Makefile
}
|