diff options
author | Michał Górny <mgorny@gentoo.org> | 2023-02-26 21:03:12 +0100 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2023-02-26 21:11:16 +0100 |
commit | 7ecd2c2d85b898277bb08f2e09d5ab2eefbdafc5 (patch) | |
tree | 55057d46b94659603709fa3a9acc3d265dfdeb25 /dev-python | |
parent | dev-lang/python: Backport CVE-2023-24329 fix to 3.8.16_p3 (diff) | |
download | gentoo-7ecd2c2d85b898277bb08f2e09d5ab2eefbdafc5.tar.gz gentoo-7ecd2c2d85b898277bb08f2e09d5ab2eefbdafc5.tar.bz2 gentoo-7ecd2c2d85b898277bb08f2e09d5ab2eefbdafc5.zip |
dev-python/pypy3: Backport CVE-2023-24329 fix to 7.3.11_p1
Bug: https://bugs.gentoo.org/897958
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'dev-python')
-rw-r--r-- | dev-python/pypy3/Manifest | 1 | ||||
-rw-r--r-- | dev-python/pypy3/pypy3-7.3.11_p1.ebuild | 205 |
2 files changed, 206 insertions, 0 deletions
diff --git a/dev-python/pypy3/Manifest b/dev-python/pypy3/Manifest index de5d9083b178..c6ec081e1ddd 100644 --- a/dev-python/pypy3/Manifest +++ b/dev-python/pypy3/Manifest @@ -1,2 +1,3 @@ DIST pypy3.9-gentoo-patches-7.3.11.tar.xz 6444 BLAKE2B adcc1ae4c3ae2c5317a05d6de51785945625d8bcc7cb35bd6608fa80f09b37c483c95663eacb0353013a5abec308d25b12666699c65512f5f3a6d7345f2b5b18 SHA512 f2064ecffa09ba23f5f8c281ca4c8c0740cb6b57185d66c02eec2bcb77cfb566b1a2db4f52c472bcaf0d5fb759ee8003b27761af37785d12465c2010fd73c49d +DIST pypy3.9-gentoo-patches-7.3.11_p1.tar.xz 7480 BLAKE2B ffb478402e82244af25dd67bb9e21abb4bb186d98495899f8ca8f323bdf27a77356e40efd33217a5238ef86f6156fc7d85c681a747ea5a35bd73bab659972986 SHA512 6c3ee21b51145907c2434f740e9849ac02ad83203fdcb2802b97ba199f37d08297d8016f659069bea3f0854ace30aefb947af4f057cbc91332106d9fc1389cf4 DIST pypy3.9-v7.3.11-src.tar.bz2 23460769 BLAKE2B fa8a827c28813243926c8689addb008c0a43acdc3f81a18749a8f2c1926b6294f2c0c95a4c315e3b77ce84b4f337af7a0bce5daf8dcb60ead965532d4af183cb SHA512 33c978ffbeeb39453028d1d1646ccfdace062ce48a5d939245bea41643038dd3687e80e34f88fa0622bcb175d7dd78f75cbe36b24229c8052f09d2d17dcdfd8c diff --git a/dev-python/pypy3/pypy3-7.3.11_p1.ebuild b/dev-python/pypy3/pypy3-7.3.11_p1.ebuild new file mode 100644 index 000000000000..d0f7918e6b5f --- /dev/null +++ b/dev-python/pypy3/pypy3-7.3.11_p1.ebuild @@ -0,0 +1,205 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit pax-utils python-utils-r1 toolchain-funcs + +PYPY_PV=${PV%_p*} +MY_P=pypy3.9-v${PYPY_PV/_rc/rc} +PATCHSET="pypy3.9-gentoo-patches-${PV/_rc/rc}" + +DESCRIPTION="A fast, compliant alternative implementation of the Python (3.9) language" +HOMEPAGE=" + https://www.pypy.org/ + https://foss.heptapod.net/pypy/pypy/ +" +SRC_URI=" + https://buildbot.pypy.org/pypy/${MY_P}-src.tar.bz2 + https://dev.gentoo.org/~mgorny/dist/python/${PATCHSET}.tar.xz +" +S="${WORKDIR}/${MY_P}-src" + +LICENSE="MIT" +# pypy3 -c 'import sysconfig; print(sysconfig.get_config_var("SOABI"))' +# also check pypy/interpreter/pycode.py -> pypy_incremental_magic +SLOT="0/pypy39-pp73-336" +KEYWORDS="~amd64 ~arm64 ~ppc64 ~x86 ~amd64-linux ~x86-linux" +IUSE="+ensurepip gdbm +jit ncurses sqlite tk" +# many tests are failing upstream +# see https://buildbot.pypy.org/summary?branch=py3.9 +RESTRICT="test" + +RDEPEND=" + || ( + >=dev-python/pypy3-exe-${PYPY_PV}:3.9-${PYPY_PV}[bzip2(+),ncurses?] + >=dev-python/pypy3-exe-bin-${PYPY_PV}:3.9-${PYPY_PV} + ) + dev-lang/python-exec[python_targets_pypy3(-)] + dev-libs/openssl:0= + dev-python/gentoo-common + ensurepip? ( dev-python/ensurepip-wheels ) + gdbm? ( sys-libs/gdbm:0= ) + sqlite? ( dev-db/sqlite:3= ) + tk? ( + dev-lang/tk:0= + dev-tcltk/tix:0= + ) +" +DEPEND=" + ${RDEPEND} +" + +src_prepare() { + local PATCHES=( + "${WORKDIR}/${PATCHSET}" + ) + default + + eapply_user +} + +src_configure() { + tc-export CC +} + +src_compile() { + mkdir bin || die + # switch to the layout expected for cffi module builds + mkdir include/pypy3.9 || die + # copy over to make sys.prefix happy + cp -p "${BROOT}"/usr/bin/pypy3.9-c-${PYPY_PV} pypy3.9-c || die + cp -p "${BROOT}"/usr/include/pypy3.9/${PYPY_PV}/* include/pypy3.9/ || die + # (not installed by pypy-exe) + rm pypy/module/cpyext/include/_numpypy/numpy/README || die + mv pypy/module/cpyext/include/* include/pypy3.9/ || die + mv pypy/module/cpyext/parse/*.h include/pypy3.9/ || die + pax-mark m pypy3.9-c + + # verify the subslot + local soabi=$( + ./pypy3.9-c - <<-EOF + import importlib.util + import sysconfig + soabi = sysconfig.get_config_var("SOABI") + magic = importlib.util._RAW_MAGIC_NUMBER & 0xffff + print(f"{soabi}-{magic}") + EOF + ) + [[ ${soabi} == ${SLOT#*/} ]] || die "update subslot to ${soabi}" + + # Add epython.py to the distribution + echo 'EPYTHON="pypy3"' > lib-python/3/epython.py || die + + einfo "Generating caches and CFFI modules ..." + + # Generate sysconfig data + local host_gnu_type=$(sh pypy/tool/release/config.guess) + local overrides=( + HOST_GNU_TYPE "${host_gnu_type:-unknown}" + INCLUDEPY "${EPREFIX}/usr/include/pypy3.9" + LIBDIR "${EPREFIX}/usr/$(get_libdir)" + TZPATH "${EPREFIX}/usr/share/zoneinfo" + WHEEL_PKG_DIR "${EPREFIX}/usr/lib/python/ensurepip" + ) + ./pypy3.9-c -m sysconfig --generate-posix-vars "${overrides[@]}" || die + local outdir + outdir=$(<pybuilddir.txt) || die + cp "${outdir}"/_sysconfigdata__*.py lib-python/3/ || die + + # Generate Grammar and PatternGrammar pickles. + ./pypy3.9-c - <<-EOF || die "Generation of Grammar and PatternGrammar pickles failed" + import lib2to3.pygram + import lib2to3.patcomp + lib2to3.patcomp.PatternCompiler() + EOF + + # Generate cffi modules + # Please keep in sync with pypy/tool/build_cffi_imports.py! + # (NB: we build CFFI modules first to avoid error log when importing + # build_cffi_imports). + cffi_targets=( pypy_util blake2/_blake2 sha3/_sha3 ssl + audioop syslog pwdgrp resource lzma posixshmem ) + use gdbm && cffi_targets+=( gdbm ) + use ncurses && cffi_targets+=( curses ) + use sqlite && cffi_targets+=( sqlite3 ) + use tk && cffi_targets+=( tkinter/tklib ) + + local t + # all modules except tkinter output to . + # tkinter outputs to the correct dir ... + cd lib_pypy || die + for t in "${cffi_targets[@]}"; do + # tkinter doesn't work via -m + ../pypy3.9-c "_${t}_build.py" || die "Failed to build CFFI bindings for ${t}" + done + + # Verify that CFFI module list is up-to-date + local expected_cksum=63d4659f + local local_cksum=$( + ../pypy3.9-c - <<-EOF + import binascii + import json + from pypy_tools.build_cffi_imports import cffi_build_scripts as x + print("%08x" % (binascii.crc32(json.dumps(x).encode()),)) + EOF + ) + if [[ ${local_cksum} != ${expected_cksum} ]]; then + die "Please verify cffi_targets and update checksum to ${local_cksum}" + fi + + # Cleanup temporary objects + find -name "*_cffi.[co]" -delete || die + find -type d -empty -delete || die +} + +src_install() { + einfo "Installing PyPy ..." + dodir /usr/bin + dosym pypy3.9-c-${PYPY_PV} /usr/bin/pypy3.9 + dosym pypy3.9 /usr/bin/pypy3 + insinto /usr/lib/pypy3.9 + # preserve mtimes to avoid obsoleting caches + insopts -p + doins -r lib-python/3/. lib_pypy/. + insinto /usr/include + doins -r include/pypy3.9 + + # replace copied headers with symlinks + for x in "${BROOT}"/usr/include/pypy3.9/${PYPY_PV}/*; do + dosym "${PYPY_PV}/${x##*/}" "/usr/include/pypy3.9/${x##*/}" + done + + dodoc README.rst + + local dest=/usr/lib/pypy3.9 + rm -r "${ED}${dest}"/ensurepip/_bundled || die + if ! use ensurepip; then + rm -r "${ED}${dest}"/ensurepip || die + fi + if ! use gdbm; then + rm -r "${ED}${dest}"/_gdbm* || die + fi + if ! use sqlite; then + rm -r "${ED}${dest}"/sqlite3 \ + "${ED}${dest}"/_sqlite3* \ + "${ED}${dest}"/test/test_sqlite.py || die + fi + if ! use tk; then + rm -r "${ED}${dest}"/{idlelib,tkinter} \ + "${ED}${dest}"/_tkinter \ + "${ED}${dest}"/test/test_{tcl,tk,ttk*}.py || die + fi + dosym ../python/EXTERNALLY-MANAGED "${dest}/EXTERNALLY-MANAGED" + + local -x EPYTHON=pypy3 + local -x PYTHON=${ED}/usr/bin/pypy3.9-c-${PYPY_PV} + # temporarily copy to build tree to facilitate module builds + cp -p "${BROOT}/usr/bin/pypy3.9-c-${PYPY_PV}" "${PYTHON}" || die + + einfo "Byte-compiling Python standard library..." + python_optimize "${ED}${dest}" + + # remove to avoid collisions + rm "${PYTHON}" || die +} |