Index: head/lang/python27/Makefile =================================================================== --- head/lang/python27/Makefile (revision 461914) +++ head/lang/python27/Makefile (revision 461915) @@ -1,157 +1,155 @@ # $FreeBSD$ PORTNAME= python PORTVERSION= ${PYTHON_PORTVERSION} PORTREVISION= 1 CATEGORIES= lang python ipv6 MASTER_SITES= PYTHON/ftp/python/${PORTVERSION} PKGNAMESUFFIX= 27 DISTNAME= Python-${PORTVERSION} DIST_SUBDIR= python MAINTAINER= python@FreeBSD.org COMMENT= Interpreted object-oriented programming language LICENSE= PSFL -BROKEN_SSL= openssl-devel - USES= cpe ncurses pathfix pkgconfig readline:port shebangfix ssl tar:xz PATHFIX_MAKEFILEIN= Makefile.pre.in USE_LDCONFIG= yes GNU_CONFIGURE= yes python_CMD= ${PREFIX}/bin/python${PYTHON_PORTVERSION:R} SHEBANG_FILES= Lib/lib2to3/pgen2/*.py Lib/lib2to3/tests/*.py Lib/lib2to3/tests/data/*.py \ Lib/idlelib/*.py Lib/encodings/*.py Lib/test/*.py Lib/UserString.py \ Lib/base64.py Lib/cProfile.py Lib/keyword.py Lib/mimify.py Lib/pdb.py \ Lib/platform.py Lib/profile.py Lib/pydoc.py Lib/quopri.py Lib/smtpd.py \ Lib/smtplib.py Lib/symbol.py Lib/tabnanny.py Lib/timeit.py Lib/trace.py \ Lib/uu.py Lib/webbrowser.py CONFIGURE_ARGS+= --enable-shared CONFIGURE_ENV+= ac_cv_opt_olimit_ok=no OPT="" # Null out OPT to respect user CFLAGS and remove optimizations INSTALL_TARGET= altinstall # Don't want cloberring of unprefixed files TEST_TARGET= buildbottest TEST_ARGS= TESTOPTS=-j${MAKE_JOBS_NUMBER} MAKE_ARGS+= INSTALL_SHARED="${INSTALL_LIB}" # Strip shared library MAKE_JOBS_UNSAFE= yes # Parser/pgen build bug. See Issue: 200622, 201974 PLIST_SUB= ABI=${ABIFLAGS} \ PORTVERSION=${PORTVERSION} \ OSMAJOR=${OSVERSION:C/([0-9]*)[0-9]{5}/\1/} # For plat-freebsd* in pkg-plist. https://bugs.python.org/issue19554 OPTIONS_DEFINE= DEBUG IPV6 LIBFFI NLS PYMALLOC THREADS OPTIONS_DEFAULT= LIBFFI PYMALLOC THREADS UCS4 OPTIONS_SINGLE= UNICODE OPTIONS_SINGLE_UNICODE= UCS2 UCS4 OPTIONS_SUB= yes LIBFFI_DESC= Use libffi from ports instead of bundled version NLS_DESC= Enable gettext support for the locale module UCS2_DESC= Enable UCS2 Unicode Strings UCS4_DESC= Enable UCS4 Unicode Strings PYMALLOC_DESC= Enable specialized mallocs DEBUG_CONFIGURE_WITH= pydebug IPV6_CONFIGURE_ENABLE= ipv6 LIBFFI_CONFIGURE_ON= --with-system-ffi LIBFFI_LIB_DEPENDS= libffi.so:devel/libffi # Use CPPFLAGS over CFLAGS due to -I ordering, causing elementtree and pyexpat # to break in Python 2.7, or preprocessor complaints in Python >= 3.3 # Upstream Issue: https://bugs.python.org/issue6299 NLS_USES= gettext NLS_CPPFLAGS= -I${LOCALBASE}/include NLS_LIBS= -L${LOCALBASE}/lib -lintl NLS_CONFIGURE_ENV_OFF= ac_cv_lib_intl_textdomain=no ac_cv_header_libintl_h=no PYMALLOC_CONFIGURE_WITH= pymalloc THREADS_CONFIGURE_WITH= threads THREADS_LDFLAGS= -lpthread UCS2_CONFIGURE_ON= --enable-unicode=ucs2 UCS4_CONFIGURE_ON= --enable-unicode=ucs4 .include "${.CURDIR}/Makefile.version" .include # https://bugs.python.org/issue22521 # https://bugs.python.org/issue23042 .if !${PORT_OPTIONS:MLIBFFI} && ${ARCH} == i386 BROKEN= You must use libffi from ports on i386. Enable the LIBFFI option .endif .if ${ARCH} == i386 PLIST_SUB+= X86_ONLY="" .else PLIST_SUB+= X86_ONLY="@comment " .endif .if ${ARCH} == aarch64 || ${ARCH} == amd64 || ${ARCH} == ia64 || ${ARCH} == sparc64 || ${ARCH} == powerpc64 || ${ARCH} == mips64 PLIST_SUB+= 32BIT_ONLY="@comment " .else PLIST_SUB+= 32BIT_ONLY="" .endif .if ${ARCH} == powerpc64 MAKE_ENV+= UNAME_m="powerpc64" .endif .if ${ARCH} == sparc64 CFLAGS+= -DPYTHON_DEFAULT_RECURSION_LIMIT=900 .endif # See https://bugs.freebsd.org/115940 and https://bugs.freebsd.org/193650 .if !exists(/usr/bin/ypcat) || defined(WITHOUT_NIS) PLIST_SUB+= NO_NIS="@comment " .else PLIST_SUB+= NO_NIS="" .endif post-patch: # readline shared library is present on base before FreeBSD 11 - r268461 # force setup.py ignore base and use readline from ports .if ${OPSYS} == FreeBSD && ${OSVERSION} < 1100000 @${REINPLACE_CMD} -e \ "s|lib_dirs,\ \'readline\'|[\'${LOCALBASE}/lib\',\ \'.\'],\ \'readline\'|" \ ${WRKSRC}/setup.py .endif @${REINPLACE_CMD} -e 's|/usr/local/bin/python|${python_CMD}|' \ ${WRKSRC}/Lib/cgi.py @${REINPLACE_CMD} -e \ 's,/usr/doc/python-docs-,${PREFIX}/share/doc/python,g' \ ${PATCH_WRKSRC}/Lib/pydoc.py .if !exists(/usr/bin/ypcat) || defined(WITHOUT_NIS) @${REINPLACE_CMD} -e 's/disabled_module_list =[^]]*/&, "nis"/' \ ${WRKSRC}/setup.py .endif post-install: for i in ${STAGEDIR}${PREFIX}/lib/python2.7/lib-dynload/*.so; do \ ${STRIP_CMD} $$i; done # Strip shared extensions # This code block exists for the qemu-user enabled cross build environment. # When using this environment in poudriere, CC is not set to the default # of /usr/bin/cc and a cross-compile toolchain is used. We need to hand # edit this so that the run time configuration for python matches what the # FreeBSD base system provides. sbruno 02Aug2017 .if ${CC} == /nxb-bin/usr/bin/cc @${REINPLACE_CMD} -e 's=/nxb-bin==' \ ${STAGEDIR}${PREFIX}/lib/python2.7/_sysconfigdata.py @cd ${WRKSRC} && ${SETENV} LD_LIBRARY_PATH=${WRKSRC} \ ./python -E -m compileall -d ${PREFIX}/lib/python2.7 \ ${STAGEDIR}${PREFIX}/lib/python2.7/_sysconfigdata.py @cd ${WRKSRC} && ${SETENV} LD_LIBRARY_PATH=${WRKSRC} \ ./python -E -O -m compileall -d ${PREFIX}/lib/python2.7 \ ${STAGEDIR}${PREFIX}/lib/python2.7/_sysconfigdata.py @${REINPLACE_CMD} -e 's=/nxb-bin==' \ ${STAGEDIR}${PREFIX}/lib/python2.7/config/Makefile .endif ${INSTALL_DATA} ${WRKSRC}/Tools/gdb/libpython.py \ ${STAGEDIR}${PREFIX}/lib/libpython2.7.so.1-gdb.py .include Index: head/lang/python27/files/patch-issue30622 =================================================================== --- head/lang/python27/files/patch-issue30622 (nonexistent) +++ head/lang/python27/files/patch-issue30622 (revision 461915) @@ -0,0 +1,128 @@ +From b2d096bd2a5ff86e53c25d00ee5fa097b36bf1d8 Mon Sep 17 00:00:00 2001 +From: Melvyn Sopacua +Date: Mon, 4 Sep 2017 23:35:15 +0200 +Subject: [PATCH] bpo-30622: Change NPN detection: (#2079) + +* Change NPN detection: + +Version breakdown, support disabled (pre-patch/post-patch): +- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False +- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will not be defined -> +False/False +- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and +OPENSSL_NO_NEXTPROTONEG will be defined -> True/False + +Version breakdown support enabled (pre-patch/post-patch): +- pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False +- 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will be defined and +OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True +- 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and +OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True + +* Refine NPN guard: + +- If NPN is disabled, but ALPN is available we need our callback +- Make clinic's ssl behave the same way + +This created a working ssl module for me, with NPN disabled and ALPN +enabled for OpenSSL 1.1.0f. + +Concerns to address: +The initial commit for NPN support into OpenSSL [1], had the +OPENSSL_NPN_* variables defined inside the OPENSSL_NO_NEXTPROTONEG +guard. The question is if that ever made it into a release. +This would need an ugly hack, something like: + + #if defined(OPENSSL_NO_NEXTPROTONEG) && \ + !defined(OPENSSL_NPN_NEGOTIATED) + # define OPENSSL_NPN_UNSUPPORTED 0 + # define OPENSSL_NPN_NEGOTIATED 1 + # define OPENSSL_NPN_NO_OVERLAP 2 + #endif + +[1] https://github.com/openssl/openssl/commit/68b33cc5c7 + +--- Modules/_ssl.c.orig 2017-09-16 17:38:35 UTC ++++ Modules/_ssl.c +@@ -280,7 +280,7 @@ static unsigned int _ssl_locks_count = 0 + typedef struct { + PyObject_HEAD + SSL_CTX *ctx; +-#ifdef OPENSSL_NPN_NEGOTIATED ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) + unsigned char *npn_protocols; + int npn_protocols_len; + #endif +@@ -1502,7 +1502,7 @@ static PyObject *PySSL_version(PySSLSock + return PyUnicode_FromString(version); + } + +-#ifdef OPENSSL_NPN_NEGOTIATED ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) + static PyObject *PySSL_selected_npn_protocol(PySSLSocket *self) { + const unsigned char *out; + unsigned int outlen; +@@ -2030,7 +2030,7 @@ static PyMethodDef PySSLMethods[] = { + PySSL_peercert_doc}, + {"cipher", (PyCFunction)PySSL_cipher, METH_NOARGS}, + {"version", (PyCFunction)PySSL_version, METH_NOARGS}, +-#ifdef OPENSSL_NPN_NEGOTIATED ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) + {"selected_npn_protocol", (PyCFunction)PySSL_selected_npn_protocol, METH_NOARGS}, + #endif + #ifdef HAVE_ALPN +@@ -2140,7 +2140,7 @@ context_new(PyTypeObject *type, PyObject + return NULL; + } + self->ctx = ctx; +-#ifdef OPENSSL_NPN_NEGOTIATED ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) + self->npn_protocols = NULL; + #endif + #ifdef HAVE_ALPN +@@ -2216,7 +2216,7 @@ context_dealloc(PySSLContext *self) + { + context_clear(self); + SSL_CTX_free(self->ctx); +-#ifdef OPENSSL_NPN_NEGOTIATED ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) + PyMem_FREE(self->npn_protocols); + #endif + #ifdef HAVE_ALPN +@@ -2246,7 +2246,7 @@ set_ciphers(PySSLContext *self, PyObject + Py_RETURN_NONE; + } + +-#ifdef OPENSSL_NPN_NEGOTIATED ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) || defined(HAVE_ALPN) + static int + do_protocol_selection(int alpn, unsigned char **out, unsigned char *outlen, + const unsigned char *server_protocols, unsigned int server_protocols_len, +@@ -2270,7 +2270,9 @@ do_protocol_selection(int alpn, unsigned + + return SSL_TLSEXT_ERR_OK; + } ++#endif + ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) + /* this callback gets passed to SSL_CTX_set_next_protos_advertise_cb */ + static int + _advertiseNPN_cb(SSL *s, +@@ -2305,7 +2307,7 @@ _selectNPN_cb(SSL *s, + static PyObject * + _set_npn_protocols(PySSLContext *self, PyObject *args) + { +-#ifdef OPENSSL_NPN_NEGOTIATED ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) + Py_buffer protos; + + if (!PyArg_ParseTuple(args, "s*:set_npn_protocols", &protos)) +@@ -4303,7 +4305,7 @@ init_ssl(void) + Py_INCREF(r); + PyModule_AddObject(m, "HAS_ECDH", r); + +-#ifdef OPENSSL_NPN_NEGOTIATED ++#if defined(OPENSSL_NPN_NEGOTIATED) && !defined(OPENSSL_NO_NEXTPROTONEG) + r = Py_True; + #else + r = Py_False; Property changes on: head/lang/python27/files/patch-issue30622 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property