Attachment #172152 for bug #205960

View | Details | Raw Unified | Return to bug 205960 | Differences between
Collapse All | Expand All





LICENSE=	PSFL

USES=		cpe ncurses pkgconfig readline ssl tar:xz
USE_OPENSSL=	yes
USE_LDCONFIG=	yes
GNU_CONFIGURE=	yes

CPE_VENDOR=	python
CPE_PRODUCT=	${CPE_VENDOR}
CPE_VERSION=	${DISTVERSION}

# Duplicate python.mk variables. TODO: Let lang/python?? ports use python.mk bits.
PYTHON_VER=		${PYTHON_PORTVERSION:R}

DISABLED_EXTENSIONS=	_sqlite3 _tkinter _gdbm
CONFIGURE_ARGS+=	--enable-shared --without-ensurepip
CONFIGURE_ENV+=		OPT="" DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS}"	# Null out OPT to respect user CFLAGS and remove optimizations
CFLAGS+=		-I${OPENSSLINC}						# Move OpenSSL include path to beginning of parameters. Issue 205960 

INSTALL_TARGET=		altinstall						# Don't want cloberring of unprefixed files





https://github.com/python/cpython/pull/26

As of OpenSSL 1.1 EGD is disabled by default and OPENSSL_NO_EGD is defined.
EGD default disabled https://github.com/openssl/openssl/blob/master/Configure#L363 
EGD methods not available https://github.com/openssl/openssl/blob/master/include/openssl/rand.h#L61

As of LibreSSL 2.2.3 the headers define OPENSSL_NO_EGD in the same way that other missing features are documented there.

In addition this fixes a build failure on FreeBSD where configure does not use the correct libraries to detect RAND_egd in libcrypto.
--- Modules/_ssl.c.orig	2015-12-07 01:39:10 UTC
+++ Modules/_ssl.c
@@ -3916,7 +3916,7 @@ _ssl_RAND_status_impl(PyModuleDef *modul
     return PyLong_FromLong(RAND_status());
 }
 
-#ifdef HAVE_RAND_EGD
+#ifndef OPENSSL_NO_EGD
 /*[clinic input]
 _ssl.RAND_egd
     path: object(converter="PyUnicode_FSConverter")
@@ -3942,7 +3942,7 @@ _ssl_RAND_egd_impl(PyModuleDef *module, 
     }
     return PyLong_FromLong(bytes);
 }
-#endif /* HAVE_RAND_EGD */
+#endif /* OPENSSL_NO_EGD */
 
 
 
--- Modules/clinic/_ssl.c.h.orig	2015-12-07 01:39:10 UTC
+++ Modules/clinic/_ssl.c.h
@@ -893,7 +893,7 @@ _ssl_RAND_status(PyModuleDef *module, Py
     return _ssl_RAND_status_impl(module);
 }
 
-#if defined(HAVE_RAND_EGD)
+#if !defined(OPENSSL_NO_EGD)
 
 PyDoc_STRVAR(_ssl_RAND_egd__doc__,
 "RAND_egd($module, path, /)\n"
@@ -924,7 +924,7 @@ exit:
     return return_value;
 }
 
-#endif /* defined(HAVE_RAND_EGD) */
+#endif /* defined(OPENSSL_NO_EGD) */
 
 PyDoc_STRVAR(_ssl_get_default_verify_paths__doc__,
 "get_default_verify_paths($module, /)\n"

Return to bug 205960

Lines 14-27 Link Here

(-)lang/python35/Makefile (-3 / +2 lines)
14		14
15	LICENSE= PSFL	15	LICENSE= PSFL
16		16
17	USES= cpe ncurses pkgconfig readline tar:xz	17	USES= cpe ncurses pkgconfig readline ssl tar:xz
18	USE_OPENSSL= yes
19	USE_LDCONFIG= yes	18	USE_LDCONFIG= yes
20	GNU_CONFIGURE= yes	19	GNU_CONFIGURE= yes
21		20
22	CPE_VENDOR= python	21	CPE_VENDOR= python
23	CPE_PRODUCT= ${CPE_VENDOR}	22	CPE_PRODUCT= ${CPE_VENDOR}
24	CPE_VERSION= ${DISTVERSION}
25		23
26	# Duplicate python.mk variables. TODO: Let lang/python?? ports use python.mk bits.	24	# Duplicate python.mk variables. TODO: Let lang/python?? ports use python.mk bits.
27	PYTHON_VER= ${PYTHON_PORTVERSION:R}	25	PYTHON_VER= ${PYTHON_PORTVERSION:R}
Lines 31-36 Link Here
31	DISABLED_EXTENSIONS= _sqlite3 _tkinter _gdbm	29	DISABLED_EXTENSIONS= _sqlite3 _tkinter _gdbm
32	CONFIGURE_ARGS+= --enable-shared --without-ensurepip	30	CONFIGURE_ARGS+= --enable-shared --without-ensurepip
33	CONFIGURE_ENV+= OPT="" DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS}" # Null out OPT to respect user CFLAGS and remove optimizations	31	CONFIGURE_ENV+= OPT="" DISABLED_EXTENSIONS="${DISABLED_EXTENSIONS}" # Null out OPT to respect user CFLAGS and remove optimizations
		32	CFLAGS+= -I${OPENSSLINC} # Move OpenSSL include path to beginning of parameters. Issue 205960
34		33
35	INSTALL_TARGET= altinstall # Don't want cloberring of unprefixed files	34	INSTALL_TARGET= altinstall # Don't want cloberring of unprefixed files
36		35

Line 0 Link Here

(-)lang/python35/files/patch-issue24557 (+49 lines)
	1	https://github.com/python/cpython/pull/26
	2
	3	As of OpenSSL 1.1 EGD is disabled by default and OPENSSL_NO_EGD is defined.
	4	EGD default disabled https://github.com/openssl/openssl/blob/master/Configure#L363
	5	EGD methods not available https://github.com/openssl/openssl/blob/master/include/openssl/rand.h#L61
	6
	7	As of LibreSSL 2.2.3 the headers define OPENSSL_NO_EGD in the same way that other missing features are documented there.
	8
	9	In addition this fixes a build failure on FreeBSD where configure does not use the correct libraries to detect RAND_egd in libcrypto.
	10	--- Modules/_ssl.c.orig 2015-12-07 01:39:10 UTC
	11	+++ Modules/_ssl.c
	12	@@ -3916,7 +3916,7 @@ _ssl_RAND_status_impl(PyModuleDef *modul
	13	return PyLong_FromLong(RAND_status());
	14	}
	15
	16	-#ifdef HAVE_RAND_EGD
	17	+#ifndef OPENSSL_NO_EGD
	18	/*[clinic input]
	19	_ssl.RAND_egd
	20	path: object(converter="PyUnicode_FSConverter")
	21	@@ -3942,7 +3942,7 @@ _ssl_RAND_egd_impl(PyModuleDef *module,
	22	}
	23	return PyLong_FromLong(bytes);
	24	}
	25	-#endif /* HAVE_RAND_EGD */
	26	+#endif /* OPENSSL_NO_EGD */
	27
	28
	29
	30	--- Modules/clinic/_ssl.c.h.orig 2015-12-07 01:39:10 UTC
	31	+++ Modules/clinic/_ssl.c.h
	32	@@ -893,7 +893,7 @@ _ssl_RAND_status(PyModuleDef *module, Py
	33	return _ssl_RAND_status_impl(module);
	34	}
	35
	36	-#if defined(HAVE_RAND_EGD)
	37	+#if !defined(OPENSSL_NO_EGD)
	38
	39	PyDoc_STRVAR(_ssl_RAND_egd__doc__,
	40	"RAND_egd($module, path, /)\n"
	41	@@ -924,7 +924,7 @@ exit:
	42	return return_value;
	43	}
	44
	45	-#endif /* defined(HAVE_RAND_EGD) */
	46	+#endif /* defined(OPENSSL_NO_EGD) */
	47
	48	PyDoc_STRVAR(_ssl_get_default_verify_paths__doc__,
	49	"get_default_verify_paths($module, /)\n"