Index: head/lang/python33/Makefile =================================================================== --- head/lang/python33/Makefile (revision 404625) +++ head/lang/python33/Makefile (revision 404626) @@ -1,122 +1,122 @@ # $FreeBSD$ PORTNAME= python33 PORTVERSION= 3.3.6 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= lang python ipv6 MASTER_SITES= PYTHON/ftp/python/${PORTVERSION} DISTNAME= Python-${PORTVERSION} DIST_SUBDIR= python MAINTAINER= python@FreeBSD.org COMMENT= Interpreted object-oriented programming language LICENSE= PSFL DEPRECATED= No longer receives bug fixes, only security updates. Please update to Python 3.5 EXPIRATION_DATE= 2017-09-01 USES= cpe ncurses pkgconfig readline tar:xz USE_OPENSSL= yes USE_LDCONFIG= yes GNU_CONFIGURE= yes CPE_VENDOR= python CPE_PRODUCT= ${CPE_VENDOR} CPE_VERSION= ${PORTVERSION} CONFIGURE_ARGS+= --enable-shared CONFIGURE_ENV+= OPT="" # Null out OPT to respect user CFLAGS and remove optimizations INSTALL_TARGET= altinstall # Don't want cloberring of unprefixed files MAKE_ARGS+= INSTALL_SHARED="${INSTALL_LIB}" # Strip shared library MAKE_ARGS+= LIBPC="${PREFIX}/libdata/pkgconfig" # Until pathfix gets support for files other than Makefile.in MAKE_JOBS_UNSAFE= yes # Parser/pgen build bug. See Issue: 200622, 201974 TEST_TARGET= buildbottest TEST_ARGS= TESTOPTS=-j${MAKE_JOBS_NUMBER} SUB_FILES= pkg-message SUB_LIST= PYTHON_SUFFIX=${PORTVERSION:R:S/.//g} PLIST_SUB= ABI=${ABIFLAGS} \ OSMAJOR=${OSVERSION:C/([0-9]*)[0-9]{5}/\1/} # For plat-freebsd* in pkg-plist. http://bugs.python.org/issue19554 OPTIONS_DEFINE= DEBUG IPV6 LIBFFI NLS PYMALLOC THREADS TSC OPTIONS_DEFAULT= IPV6 LIBFFI NLS PYMALLOC THREADS OPTIONS_SUB= yes LIBFFI_DESC= Use libffi from ports instead of bundled version NLS_DESC= Enable gettext support for the locale module PYMALLOC_DESC= Enable specialized mallocs TSC_DESC= Enable rocessor timestamp counter profiling DEBUG_CONFIGURE_WITH= pydebug IPV6_CONFIGURE_ENABLE= ipv6 LIBFFI_CONFIGURE_ON= --with-system-ffi LIBFFI_LIB_DEPENDS= libffi.so:${PORTSDIR}/devel/libffi # Use CPPFLAGS over CFLAGS due to -I ordering, causing elementtree and pyexpat # to break in Python 2.7, or preprocessor complaints in Python >= 3.3 # Upstream Issue: http://bugs.python.org/issue6299 NLS_USES= gettext NLS_CPPFLAGS= -I${LOCALBASE}/include NLS_LIBS= -L${LOCALBASE}/lib -lintl NLS_CONFIGURE_ENV_OFF= ac_cv_lib_intl_textdomain=no ac_cv_header_libintl_h=no PYMALLOC_CONFIGURE_WITH= pymalloc THREADS_CONFIGURE_WITH= threads THREADS_LDFLAGS= -lpthread TSC_CONFIGURE_WITH= tsc .include .if ${PORT_OPTIONS:MPYMALLOC} ABIFLAGS:= m${ABIFLAGS} .endif .if ${PORT_OPTIONS:MDEBUG} ABIFLAGS:= d${ABIFLAGS} .endif .if !empty(ABIFLAGS) PLIST_FILES+= bin/python3.3%%ABI%% PLIST_FILES+= bin/python3.3%%ABI%%-config PLIST_FILES+= libdata/pkgconfig/python-3.3%%ABI%%.pc .endif # http://bugs.python.org/issue22521 # http://bugs.python.org/issue23042 .if ${ARCH} == i386 && !${PORT_OPTIONS:MLIBFFI} BROKEN= You must use libffi from ports on i386. Enable the LIBFFI option .endif .if ${ARCH} == sparc64 CFLAGS+= -DPYTHON_DEFAULT_RECURSION_LIMIT=900 .endif # See http://bugs.freebsd.org/115940 and http://bugs.freebsd.org/193650 .if !exists(/usr/bin/ypcat) || defined(WITHOUT_NIS) PLIST_SUB+= NO_NIS="@comment " .else PLIST_SUB+= NO_NIS="" .endif post-patch: .if !exists(/usr/bin/ypcat) || defined(WITHOUT_NIS) @${REINPLACE_CMD} -e 's/disabled_module_list =[^]]*/&, "nis"/' \ ${WRKSRC}/setup.py .endif post-install: .if ! ${PORT_OPTIONS:MDEBUG} ${RM} -f ${STAGEDIR}${PREFIX}/lib/libpython3.so # Upstream Issue: http://bugs.python.org/issue17975 .endif for i in ${STAGEDIR}${PREFIX}/lib/python3.3/lib-dynload/*.so; do \ ${STRIP_CMD} $$i; done # Strip shared extensions .include Index: head/lang/python33/files/patch-PR195511 =================================================================== --- head/lang/python33/files/patch-PR195511 (revision 404625) +++ head/lang/python33/files/patch-PR195511 (revision 404626) @@ -1,166 +1,166 @@ --- Modules/_ssl.c.orig 2014-03-09 09:40:26.000000000 +0100 +++ Modules/_ssl.c 2015-09-26 15:53:49.266985391 +0200 @@ -1746,8 +1746,10 @@ context_new(PyTypeObject *type, PyObject PySSL_BEGIN_ALLOW_THREADS if (proto_version == PY_SSL_VERSION_TLS1) ctx = SSL_CTX_new(TLSv1_method()); +#ifndef OPENSSL_NO_SSL3 else if (proto_version == PY_SSL_VERSION_SSL3) ctx = SSL_CTX_new(SSLv3_method()); +#endif #ifndef OPENSSL_NO_SSL2 else if (proto_version == PY_SSL_VERSION_SSL2) ctx = SSL_CTX_new(SSLv2_method()); @@ -2559,6 +2561,9 @@ Returns 1 if the OpenSSL PRNG has been s It is necessary to seed the PRNG with RAND_add() on some platforms before\n\ using the ssl() function."); +/* ### Fix build with LibreSSL (does not have RAND_egd) + ### PR195511, http://bugs.python.org/issue21356 */ +#ifndef OPENSSL_NO_EGD static PyObject * PySSL_RAND_egd(PyObject *self, PyObject *args) { @@ -2586,6 +2591,8 @@ PyDoc_STRVAR(PySSL_RAND_egd_doc, Queries the entropy gather daemon (EGD) on the socket named by 'path'.\n\ Returns number of bytes read. Raises SSLError if connection to EGD\n\ fails or if it does not provide enough data to seed PRNG."); +#endif /* OPENSSL_NO_EGD */ +/* ### End PR195511 */ #endif /* HAVE_OPENSSL_RAND */ @@ -2604,8 +2611,13 @@ static PyMethodDef PySSL_methods[] = { PySSL_RAND_bytes_doc}, {"RAND_pseudo_bytes", PySSL_RAND_pseudo_bytes, METH_VARARGS, PySSL_RAND_pseudo_bytes_doc}, +/* ### Fix build with LibreSSL (does not have RAND_egd) + ### PR195511, http://bugs.python.org/issue21356 */ +#ifndef OPENSSL_NO_EGD {"RAND_egd", PySSL_RAND_egd, METH_VARARGS, PySSL_RAND_egd_doc}, +#endif /* OPENSSL_NO_EGD */ +/* ### End PR195511 */ {"RAND_status", (PyCFunction)PySSL_RAND_status, METH_NOARGS, PySSL_RAND_status_doc}, #endif @@ -2842,8 +2854,10 @@ PyInit__ssl(void) PyModule_AddIntConstant(m, "PROTOCOL_SSLv2", PY_SSL_VERSION_SSL2); #endif +#ifndef OPENSSL_NO_SSL3 PyModule_AddIntConstant(m, "PROTOCOL_SSLv3", PY_SSL_VERSION_SSL3); +#endif PyModule_AddIntConstant(m, "PROTOCOL_SSLv23", PY_SSL_VERSION_SSL23); PyModule_AddIntConstant(m, "PROTOCOL_TLSv1", --- Lib/ssl.py.orig 2014-03-09 09:40:13.000000000 +0100 +++ Lib/ssl.py 2015-09-26 15:55:40.209981202 +0200 @@ -78,7 +78,15 @@ try: from _ssl import OP_SINGLE_ECDH_USE except ImportError: pass -from _ssl import RAND_status, RAND_egd, RAND_add, RAND_bytes, RAND_pseudo_bytes +### Fix build with LibreSSL (does not have RAND_egd) +### PR195511, http://bugs.python.org/issue21356 +from _ssl import RAND_status, RAND_add, RAND_bytes, RAND_pseudo_bytes +try: + from _ssl import RAND_egd +except ImportError: + # LibreSSL does not provide RAND_egd + pass +### End PR195511 from _ssl import ( SSL_ERROR_ZERO_RETURN, SSL_ERROR_WANT_READ, @@ -91,14 +99,13 @@ from _ssl import ( SSL_ERROR_INVALID_ERROR_CODE, ) from _ssl import HAS_SNI, HAS_ECDH, HAS_NPN -from _ssl import (PROTOCOL_SSLv3, PROTOCOL_SSLv23, +from _ssl import (PROTOCOL_SSLv23, PROTOCOL_TLSv1) from _ssl import _OPENSSL_API_VERSION _PROTOCOL_NAMES = { PROTOCOL_TLSv1: "TLSv1", PROTOCOL_SSLv23: "SSLv23", - PROTOCOL_SSLv3: "SSLv3", } try: from _ssl import PROTOCOL_SSLv2 @@ -107,6 +114,13 @@ except ImportError: _SSLv2_IF_EXISTS = None else: _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv2" +try: + from _ssl import PROTOCOL_SSLv3 + _SSLv3_IF_EXISTS = PROTOCOL_SSLv3 +except ImportError: + _SSLv3_IF_EXISTS = None +else: -+ _PROTOCOL_NAMES[PROTOCOL_SSLv2] = "SSLv3" ++ _PROTOCOL_NAMES[PROTOCOL_SSLv3] = "SSLv3" from socket import getnameinfo as _getnameinfo from socket import error as socket_error @@ -664,7 +678,7 @@ def PEM_cert_to_DER_cert(pem_cert_string d = pem_cert_string.strip()[len(PEM_HEADER):-len(PEM_FOOTER)] return base64.decodebytes(d.encode('ASCII', 'strict')) -def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv3, ca_certs=None): +def get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None): """Retrieve the certificate from the server at the specified address, and return it as a PEM-encoded string. If 'ca_certs' is specified, validate the server cert against it. --- Lib/test/test_ssl.py.orig 2014-03-09 09:40:19.000000000 +0100 +++ Lib/test/test_ssl.py 2015-09-26 15:58:58.264964564 +0200 @@ -21,11 +21,12 @@ import functools ssl = support.import_module("ssl") PROTOCOLS = [ - ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv23, ssl.PROTOCOL_TLSv1 ] if hasattr(ssl, 'PROTOCOL_SSLv2'): PROTOCOLS.append(ssl.PROTOCOL_SSLv2) +if hasattr(ssl, 'PROTOCOL_SSLv3'): + PROTOCOLS.append(ssl.PROTOCOL_SSLv3) HOST = support.HOST @@ -96,7 +97,8 @@ class BasicSocketTests(unittest.TestCase def test_constants(self): #ssl.PROTOCOL_SSLv2 ssl.PROTOCOL_SSLv23 - ssl.PROTOCOL_SSLv3 + if hasattr(ssl, 'PROTOCOL_SSLv3'): + ssl.PROTOCOL_SSLv3 ssl.PROTOCOL_TLSv1 ssl.CERT_NONE ssl.CERT_OPTIONAL @@ -130,8 +132,12 @@ class BasicSocketTests(unittest.TestCase self.assertRaises(ValueError, ssl.RAND_bytes, -5) self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5) - self.assertRaises(TypeError, ssl.RAND_egd, 1) - self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1) +### Fix build with LibreSSL (does not have RAND_egd) +### PR195511, http://bugs.python.org/issue21356 + if hasattr(ssl, 'RAND_egd'): + self.assertRaises(TypeError, ssl.RAND_egd, 1) + self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1) +### End PR195511 ssl.RAND_add("this is a random string", 75.0) @unittest.skipUnless(os.name == 'posix', 'requires posix') @@ -512,7 +518,8 @@ class ContextTests(unittest.TestCase): if hasattr(ssl, 'PROTOCOL_SSLv2'): ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv2) ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) - ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv3) + if hasattr(ssl, 'PROTOCOL_SSLv3'): + ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv3) ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) self.assertRaises(TypeError, ssl.SSLContext) self.assertRaises(ValueError, ssl.SSLContext, -1)