diff options
Diffstat (limited to 'poky/meta/recipes-devtools/python')
51 files changed, 2820 insertions, 1346 deletions
diff --git a/poky/meta/recipes-devtools/python/files/0001-conditionally-do-not-fetch-code-by-easy_install.patch b/poky/meta/recipes-devtools/python/files/0001-conditionally-do-not-fetch-code-by-easy_install.patch new file mode 100644 index 0000000000..4b17921880 --- /dev/null +++ b/poky/meta/recipes-devtools/python/files/0001-conditionally-do-not-fetch-code-by-easy_install.patch @@ -0,0 +1,34 @@ +From 019422d19c6401fa8f45b1311ecd31bb087c809d Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Tue, 17 Jul 2018 10:13:38 +0800 +Subject: [PATCH] conditionally do not fetch code by easy_install + +If var-NO_FETCH_BUILD is set, do not allow to fetch code from +internet by easy_install. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + setuptools/command/easy_install.py | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/setuptools/command/easy_install.py b/setuptools/command/easy_install.py +index 85ee40f..7eb9d2a 100755 +--- a/setuptools/command/easy_install.py ++++ b/setuptools/command/easy_install.py +@@ -637,6 +637,11 @@ class easy_install(Command): + os.path.exists(tmpdir) and rmtree(rmtree_safe(tmpdir)) + + def easy_install(self, spec, deps=False): ++ if os.environ.get('NO_FETCH_BUILD', None): ++ log.error("ERROR: Do not try to fetch `%s' for building. " ++ "Please add its native recipe to DEPENDS." % spec) ++ return None ++ + if not self.editable: + self.install_site_py() + +-- +2.7.4 + diff --git a/poky/meta/recipes-devtools/python/python-extras.inc b/poky/meta/recipes-devtools/python/python-extras.inc new file mode 100644 index 0000000000..b5e11b711a --- /dev/null +++ b/poky/meta/recipes-devtools/python/python-extras.inc @@ -0,0 +1,12 @@ +SUMMARY = "Useful extra bits for Python - things that should be in the standard library" +HOMEPAGE = "https://pypi.python.org/pypi/extras/" +SECTION = "devel/python" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=6d108f338b2f68fe48ac366c4650bd8b" + +inherit pypi + +SRC_URI[md5sum] = "3a63ad60cf8f0186c9e3a02f55ec5b14" +SRC_URI[sha256sum] = "132e36de10b9c91d5d4cc620160a476e0468a88f16c9431817a6729611a81b4e" + +BBCLASSEXTEND = "nativesdk" diff --git a/poky/meta/recipes-devtools/python/python-git.inc b/poky/meta/recipes-devtools/python/python-git.inc index 8d37693960..7ccf1686fd 100644 --- a/poky/meta/recipes-devtools/python/python-git.inc +++ b/poky/meta/recipes-devtools/python/python-git.inc @@ -12,8 +12,8 @@ PYPI_PACKAGE = "GitPython" inherit pypi -SRC_URI[md5sum] = "7a94ee1b923fb772a2a0c6649430a17c" -SRC_URI[sha256sum] = "ad61bc25deadb535b047684d06f3654c001d9415e1971e51c9c20f5b510076e9" +SRC_URI[md5sum] = "cee43a39a1468084d49d1c49fb675204" +SRC_URI[sha256sum] = "8237dc5bfd6f1366abeee5624111b9d6879393d84745a507de0fda86043b65a8" DEPENDS = "${PYTHON_PN}-gitdb" diff --git a/poky/meta/recipes-devtools/python/python-gitdb.inc b/poky/meta/recipes-devtools/python/python-gitdb.inc index 2d5292e5d4..789ab959fd 100644 --- a/poky/meta/recipes-devtools/python/python-gitdb.inc +++ b/poky/meta/recipes-devtools/python/python-gitdb.inc @@ -8,8 +8,8 @@ inherit pypi PYPI_PACKAGE = "gitdb2" -SRC_URI[md5sum] = "d5217eb94ebd36fcec62b929d1f72b00" -SRC_URI[sha256sum] = "b60e29d4533e5e25bb50b7678bbc187c8f6bcff1344b4f293b2ba55c85795f09" +SRC_URI[md5sum] = "6e21f5795a204f7afecb0a72fff66932" +SRC_URI[sha256sum] = "bb4c85b8a58531c51373c89f92163b92f30f81369605a67cd52d1fc21246c044" DEPENDS = "${PYTHON_PN}-async ${PYTHON_PN}-setuptools-native ${PYTHON_PN}-smmap" diff --git a/poky/meta/recipes-devtools/python/python-pbr.inc b/poky/meta/recipes-devtools/python/python-pbr.inc new file mode 100644 index 0000000000..5a295c5f33 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python-pbr.inc @@ -0,0 +1,15 @@ +SUMMARY = "Python Build Reasonableness" +DESCRIPTION = "PBR is a library that injects some useful and sensible default behaviors into your setuptools run" +HOMEPAGE = "https://pypi.python.org/pypi/pbr" +SECTION = "devel/python" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=1dece7821bf3fd70fe1309eaa37d52a2" + +SRC_URI[md5sum] = "6619780896ca81c7cd19c6e2f439b6c9" +SRC_URI[sha256sum] = "1b8be50d938c9bb75d0eaf7eda111eec1bf6dc88a62a6412e33bf077457e0f45" + +inherit pypi + +RDEPENDS_${PN} += "${PYTHON_PN}-pip" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/python/python-setuptools.inc b/poky/meta/recipes-devtools/python/python-setuptools.inc index 74706bf045..315ba31396 100644 --- a/poky/meta/recipes-devtools/python/python-setuptools.inc +++ b/poky/meta/recipes-devtools/python/python-setuptools.inc @@ -2,27 +2,19 @@ SUMMARY = "Download, build, install, upgrade, and uninstall Python packages" HOMEPAGE = "https://pypi.python.org/pypi/setuptools" SECTION = "devel/python" LICENSE = "MIT" - LIC_FILES_CHKSUM = "file://LICENSE;beginline=1;endline=19;md5=9a33897f1bca1160d7aad3835152e158" PYPI_PACKAGE_EXT = "zip" inherit pypi -SRC_URI[md5sum] = "379642a4f17214071fdc1894255d8d11" -SRC_URI[sha256sum] = "94dc566247f35009ed42c0f4422f2b4f0a032fab1372c8308b864c8f26d93388" +SRC_URI_append_class-native = " file://0001-conditionally-do-not-fetch-code-by-easy_install.patch" -DEPENDS += "${PYTHON_PN}" -DEPENDS_class-native += "${PYTHON_PN}-native" -DEPENDS_class-nativesdk += "nativesdk-${PYTHON_PN}" +SRC_URI[md5sum] = "260630ae1a64bafa39dcc53404d63829" +SRC_URI[sha256sum] = "012adb8e25fbfd64c652e99e7bab58799a3aaf05d39ab38561f69190a909015f" -DISTUTILS_INSTALL_ARGS += "--install-lib=${D}${PYTHON_SITEPACKAGES_DIR} \ - --script-dir=${bindir}" +DEPENDS += "${PYTHON_PN}" -RDEPENDS_${PN}_class-native = "\ - ${PYTHON_PN}-distutils \ - ${PYTHON_PN}-compression \ -" RDEPENDS_${PN} = "\ ${PYTHON_PN}-compile \ ${PYTHON_PN}-compression \ @@ -40,7 +32,6 @@ RDEPENDS_${PN} = "\ ${PYTHON_PN}-unittest \ ${PYTHON_PN}-xml \ " - do_install_prepend() { install -d ${D}${PYTHON_SITEPACKAGES_DIR} } diff --git a/poky/meta/recipes-devtools/python/python-setuptools_39.0.0.bb b/poky/meta/recipes-devtools/python/python-setuptools_40.0.0.bb index cf9440495b..cf9440495b 100644 --- a/poky/meta/recipes-devtools/python/python-setuptools_39.0.0.bb +++ b/poky/meta/recipes-devtools/python/python-setuptools_40.0.0.bb diff --git a/poky/meta/recipes-devtools/python/python-subunit.inc b/poky/meta/recipes-devtools/python/python-subunit.inc new file mode 100644 index 0000000000..afaaa51fa5 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python-subunit.inc @@ -0,0 +1,14 @@ +SUMMARY = "Python implementation of subunit test streaming protocol" +HOMEPAGE = "https://pypi.python.org/pypi/python-subunit/" +SECTION = "devel/python" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://README.rst;beginline=1;endline=20;md5=909c08e291647fd985fbe5d9836d51b6" + +PYPI_PACKAGE = "python-subunit" + +SRC_URI[md5sum] = "16d468a3aeafe6c60a0c3b2b9132d65b" +SRC_URI[sha256sum] = "9607edbee4c1e5a30ff88549ce8d9feb0b9bcbcb5e55033a9d76e86075465cbb" + +inherit pypi + +BBCLASSEXTEND = "nativesdk" diff --git a/poky/meta/recipes-devtools/python/python-testtools.inc b/poky/meta/recipes-devtools/python/python-testtools.inc new file mode 100644 index 0000000000..1011c98a32 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python-testtools.inc @@ -0,0 +1,27 @@ +SUMMARY = "Extensions to the Python standard library unit testing framework" +HOMEPAGE = "https://pypi.python.org/pypi/testtools/" +SECTION = "devel/python" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=e2c9d3e8ba7141c83bfef190e0b9379a" + +inherit pypi + +SRC_URI[md5sum] = "0f0feb915497816cb99e39437494217e" +SRC_URI[sha256sum] = "5827ec6cf8233e0f29f51025addd713ca010061204fdea77484a2934690a0559" + +DEPENDS += " \ + ${PYTHON_PN}-pbr \ + " + +# Satisfy setup.py 'setup_requires' +DEPENDS += " \ + ${PYTHON_PN}-pbr-native \ + " + +RDEPENDS_${PN} += "\ + ${PYTHON_PN}-extras \ + ${PYTHON_PN}-pbr \ + ${PYTHON_PN}-six \ + " + +BBCLASSEXTEND = "nativesdk" diff --git a/poky/meta/recipes-devtools/python/python.inc b/poky/meta/recipes-devtools/python/python.inc index 062a20f68e..66923678b1 100644 --- a/poky/meta/recipes-devtools/python/python.inc +++ b/poky/meta/recipes-devtools/python/python.inc @@ -7,7 +7,13 @@ INC_PR = "r1" LIC_FILES_CHKSUM = "file://LICENSE;md5=f257cc14f81685691652a3d3e1b5d754" -SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz" +SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ + file://0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch \ + file://0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch \ + file://0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch \ + file://0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch \ + file://0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch \ + " SRC_URI[md5sum] = "a80ae3cc478460b922242f43a1b4094d" SRC_URI[sha256sum] = "22d9b1ac5b26135ad2b8c2901a9413537e08749a753356ee913c84dbd2df5574" @@ -33,6 +39,12 @@ EXTRA_OECONF = "\ ${PYTHONLSBOPTS} \ " +do_configure_prepend() { + libdirleaf="$(echo ${libdir} | sed -e 's:${prefix}/::')" + sed -i -e "s:SEDMELIBLEAF:${libdirleaf}:g" \ + ${S}/configure.ac +} + do_install_append () { sed -i -e 's:${HOSTTOOLS_DIR}/install:install:g' \ -e 's:${HOSTTOOLS_DIR}/mkdir:mkdir:g' \ diff --git a/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch b/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch index 42c64caaee..3c0d662296 100644 --- a/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch +++ b/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-34623-Use-XML_SetHashSalt-in-_elementtree-GH.patch @@ -19,9 +19,7 @@ Co-authored-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue34623 Upstream-Status: Backport - -Fix CVE-2018-14647 - +CVE: CVE-2018-14647 Signed-off-by: Chen Qi <Qi.Chen@windriver.com> --- Include/pyexpat.h | 4 +++- diff --git a/poky/meta/recipes-devtools/python/python/0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch b/poky/meta/recipes-devtools/python/python/0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch new file mode 100644 index 0000000000..4c0b3577b2 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python/0001-bpo-33354-Fix-test_ssl-when-a-filename-cannot-be-enc.patch @@ -0,0 +1,55 @@ +From 19f6bd06af3c7fc0db5f96878aaa68f5589ff13e Mon Sep 17 00:00:00 2001 +From: Pablo Galindo <Pablogsal@gmail.com> +Date: Thu, 24 May 2018 23:20:44 +0100 +Subject: [PATCH] bpo-33354: Fix test_ssl when a filename cannot be encoded + (GH-6613) + +Skip test_load_dh_params() of test_ssl when Python filesystem encoding +cannot encode the provided path. + +Upstream-Status: Backport [https://github.com/python/cpython/commit/19f6bd06af3c7fc0db5f96878aaa68f5589ff13e] +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Lib/test/test_ssl.py | 9 ++++++++- + .../next/Tests/2018-04-26-22-39-17.bpo-33354.g35-44.rst | 2 ++ + 2 files changed, 10 insertions(+), 1 deletion(-) + create mode 100644 Misc/NEWS.d/next/Tests/2018-04-26-22-39-17.bpo-33354.g35-44.rst + +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index b59fe73f04..7ced90fdf6 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -989,6 +989,13 @@ class ContextTests(unittest.TestCase): + + + def test_load_dh_params(self): ++ filename = u'dhpäräm.pem' ++ fs_encoding = sys.getfilesystemencoding() ++ try: ++ filename.encode(fs_encoding) ++ except UnicodeEncodeError: ++ self.skipTest("filename %r cannot be encoded to the filesystem encoding %r" % (filename, fs_encoding)) ++ + ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) + ctx.load_dh_params(DHFILE) + if os.name != 'nt': +@@ -1001,7 +1008,7 @@ class ContextTests(unittest.TestCase): + with self.assertRaises(ssl.SSLError) as cm: + ctx.load_dh_params(CERTFILE) + with support.temp_dir() as d: +- fname = os.path.join(d, u'dhpäräm.pem') ++ fname = os.path.join(d, filename) + shutil.copy(DHFILE, fname) + ctx.load_dh_params(fname) + +diff --git a/Misc/NEWS.d/next/Tests/2018-04-26-22-39-17.bpo-33354.g35-44.rst b/Misc/NEWS.d/next/Tests/2018-04-26-22-39-17.bpo-33354.g35-44.rst +new file mode 100644 +index 0000000000..c66cecac32 +--- /dev/null ++++ b/Misc/NEWS.d/next/Tests/2018-04-26-22-39-17.bpo-33354.g35-44.rst +@@ -0,0 +1,2 @@ ++Skip ``test_ssl.test_load_dh_params`` when Python filesystem encoding cannot encode the ++provided path. +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python/0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch b/poky/meta/recipes-devtools/python/python/0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch new file mode 100644 index 0000000000..1f70562fc0 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python/0001-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976-.patch @@ -0,0 +1,120 @@ +From a333351592f097220fc862911b34d3a300f0985e Mon Sep 17 00:00:00 2001 +From: Christian Heimes <christian@python.org> +Date: Wed, 15 Aug 2018 09:07:28 +0200 +Subject: [PATCH 1/4] bpo-33570: TLS 1.3 ciphers for OpenSSL 1.1.1 (GH-6976) + (GH-8760) + +Change TLS 1.3 cipher suite settings for compatibility with OpenSSL +1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by +default. + +Also update multissltests to test with latest OpenSSL. + +Signed-off-by: Christian Heimes <christian@python.org>. +(cherry picked from commit 3e630c541b35c96bfe5619165255e559f577ee71) + +Co-authored-by: Christian Heimes <christian@python.org> + +Upstream-Status: Accepted [https://github.com/python/cpython/pull/8771] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Doc/library/ssl.rst | 8 ++-- + Lib/test/test_ssl.py | 37 +++++++++++-------- + .../2018-05-18-21-50-47.bpo-33570.7CZy4t.rst | 3 ++ + 3 files changed, 27 insertions(+), 21 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst + +diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst +index 0421031772..7c7c85b833 100644 +--- a/Doc/library/ssl.rst ++++ b/Doc/library/ssl.rst +@@ -294,11 +294,6 @@ purposes. + + 3DES was dropped from the default cipher string. + +- .. versionchanged:: 2.7.15 +- +- TLS 1.3 cipher suites TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, +- and TLS_CHACHA20_POLY1305_SHA256 were added to the default cipher string. +- + .. function:: _https_verify_certificates(enable=True) + + Specifies whether or not server certificates are verified when creating +@@ -1179,6 +1174,9 @@ to speed up repeated connections from the same clients. + when connected, the :meth:`SSLSocket.cipher` method of SSL sockets will + give the currently selected cipher. + ++ OpenSSL 1.1.1 has TLS 1.3 cipher suites enabled by default. The suites ++ cannot be disabled with :meth:`~SSLContext.set_ciphers`. ++ + .. method:: SSLContext.set_alpn_protocols(protocols) + + Specify which protocols the socket should advertise during the SSL/TLS +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index dc14e22ad1..f51572e319 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -2772,19 +2772,24 @@ else: + sock.do_handshake() + self.assertEqual(cm.exception.errno, errno.ENOTCONN) + +- def test_default_ciphers(self): +- context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) +- try: +- # Force a set of weak ciphers on our client context +- context.set_ciphers("DES") +- except ssl.SSLError: +- self.skipTest("no DES cipher available") +- with ThreadedEchoServer(CERTFILE, +- ssl_version=ssl.PROTOCOL_SSLv23, +- chatty=False) as server: +- with closing(context.wrap_socket(socket.socket())) as s: +- with self.assertRaises(ssl.SSLError): +- s.connect((HOST, server.port)) ++ def test_no_shared_ciphers(self): ++ server_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) ++ server_context.load_cert_chain(SIGNED_CERTFILE) ++ client_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) ++ client_context.verify_mode = ssl.CERT_REQUIRED ++ client_context.check_hostname = True ++ ++ # OpenSSL enables all TLS 1.3 ciphers, enforce TLS 1.2 for test ++ client_context.options |= ssl.OP_NO_TLSv1_3 ++ # Force different suites on client and master ++ client_context.set_ciphers("AES128") ++ server_context.set_ciphers("AES256") ++ with ThreadedEchoServer(context=server_context) as server: ++ s = client_context.wrap_socket( ++ socket.socket(), ++ server_hostname="localhost") ++ with self.assertRaises(ssl.SSLError): ++ s.connect((HOST, server.port)) + self.assertIn("no shared cipher", str(server.conn_errors[0])) + + def test_version_basic(self): +@@ -2815,9 +2820,9 @@ else: + with context.wrap_socket(socket.socket()) as s: + s.connect((HOST, server.port)) + self.assertIn(s.cipher()[0], [ +- 'TLS13-AES-256-GCM-SHA384', +- 'TLS13-CHACHA20-POLY1305-SHA256', +- 'TLS13-AES-128-GCM-SHA256', ++ 'TLS_AES_256_GCM_SHA384', ++ 'TLS_CHACHA20_POLY1305_SHA256', ++ 'TLS_AES_128_GCM_SHA256', + ]) + + @unittest.skipUnless(ssl.HAS_ECDH, "test requires ECDH-enabled OpenSSL") +diff --git a/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst b/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst +new file mode 100644 +index 0000000000..bd719a47e8 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2018-05-18-21-50-47.bpo-33570.7CZy4t.rst +@@ -0,0 +1,3 @@ ++Change TLS 1.3 cipher suite settings for compatibility with OpenSSL ++1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by ++default. +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch b/poky/meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch index e6fe5f2cc4..125db8512a 100644 --- a/poky/meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch +++ b/poky/meta/recipes-devtools/python/python/0001-closes-bpo-34540-Convert-shutil._call_external_zip-t.patch @@ -5,9 +5,7 @@ Subject: [PATCH] closes bpo-34540: Convert shutil._call_external_zip to use subprocess rather than distutils.spawn. (GH-8985) Upstream-Status: Backport - -Fix CVE-2018-1000802 - +CVE: CVE-2018-1000802 Signed-off-by: Chen Qi <Qi.Chen@windriver.com> --- Lib/shutil.py | 16 ++++++++++------ diff --git a/poky/meta/recipes-devtools/python/python/0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch b/poky/meta/recipes-devtools/python/python/0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch new file mode 100644 index 0000000000..96882712e9 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python/0002-bpo-34818-Add-missing-closing-wrapper-in-test_tls1_3.patch @@ -0,0 +1,37 @@ +From 0e1f3856a7e1511fb64d99646c54ddf3897cd444 Mon Sep 17 00:00:00 2001 +From: Dimitri John Ledkov <xnox@ubuntu.com> +Date: Fri, 28 Sep 2018 14:15:52 +0100 +Subject: [PATCH 2/4] bpo-34818: Add missing closing() wrapper in test_tls1_3. + +Python 2.7 socket classes do not implement context manager protocol, +hence closing() is required around it. Resolves testcase error +traceback. + +Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com> + +https://bugs.python.org/issue34818 + +Patch taken from Ubuntu. + +Upstream-Status: Submitted [https://github.com/python/cpython/pull/9622] +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Lib/test/test_ssl.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index f51572e319..7a14053cee 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -2817,7 +2817,7 @@ else: + ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1 | ssl.OP_NO_TLSv1_2 + ) + with ThreadedEchoServer(context=context) as server: +- with context.wrap_socket(socket.socket()) as s: ++ with closing(context.wrap_socket(socket.socket())) as s: + s.connect((HOST, server.port)) + self.assertIn(s.cipher()[0], [ + 'TLS_AES_256_GCM_SHA384', +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python/0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch b/poky/meta/recipes-devtools/python/python/0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch new file mode 100644 index 0000000000..77016cb430 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python/0003-bpo-34834-Fix-test_ssl.test_options-to-account-for-O.patch @@ -0,0 +1,37 @@ +From 8b06d56d26eee289fec22b9b72ab4c7cc3d6c482 Mon Sep 17 00:00:00 2001 +From: Dimitri John Ledkov <xnox@ubuntu.com> +Date: Fri, 28 Sep 2018 16:34:16 +0100 +Subject: [PATCH 3/4] bpo-34834: Fix test_ssl.test_options to account for + OP_ENABLE_MIDDLEBOX_COMPAT. + +Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com> + +https://bugs.python.org/issue34834 + +Patch taken from Ubuntu. +Upstream-Status: Submitted [https://github.com/python/cpython/pull/9624] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Lib/test/test_ssl.py | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index 7a14053cee..efc906a5ba 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -777,6 +777,11 @@ class ContextTests(unittest.TestCase): + default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3) + if not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 0): + default |= ssl.OP_NO_COMPRESSION ++ if not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 1): ++ # define MIDDLEBOX constant, as python2.7 does not know about it ++ # but it is used by default. ++ OP_ENABLE_MIDDLEBOX_COMPAT = 1048576L ++ default |= OP_ENABLE_MIDDLEBOX_COMPAT + self.assertEqual(default, ctx.options) + ctx.options |= ssl.OP_NO_TLSv1 + self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options) +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch b/poky/meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch new file mode 100644 index 0000000000..39e1bcfc86 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python/0004-bpo-34836-fix-test_default_ecdh_curve-needs-no-tlsv1.patch @@ -0,0 +1,34 @@ +From 946a7969345c6697697effd226ec396d3fea05b7 Mon Sep 17 00:00:00 2001 +From: Dimitri John Ledkov <xnox@ubuntu.com> +Date: Fri, 28 Sep 2018 17:30:19 +0100 +Subject: [PATCH 4/4] bpo-34836: fix test_default_ecdh_curve, needs no tlsv1.3. + +Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com> + +https://bugs.python.org/issue34836 + +Patch taken from Ubuntu. +Upstream-Status: Submitted [https://github.com/python/cpython/pull/9626] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Lib/test/test_ssl.py | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index efc906a5ba..4a3286cd5f 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -2836,6 +2836,9 @@ else: + # should be enabled by default on SSL contexts. + context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) + context.load_cert_chain(CERTFILE) ++ # TLSv1.3 defaults to PFS key agreement and no longer has KEA in ++ # cipher name. ++ context.options |= ssl.OP_NO_TLSv1_3 + # Prior to OpenSSL 1.0.0, ECDH ciphers have to be enabled + # explicitly using the 'ECCdraft' cipher alias. Otherwise, + # our default cipher list should prefer ECDH-based ciphers +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python/create_manifest2.py b/poky/meta/recipes-devtools/python/python/create_manifest2.py index 1af1443f47..87999991d7 100644 --- a/poky/meta/recipes-devtools/python/python/create_manifest2.py +++ b/poky/meta/recipes-devtools/python/python/create_manifest2.py @@ -137,7 +137,7 @@ for key in old_manifest: # Handle special cases, we assume that when they were manually added # to the manifest we knew what we were doing. print ('Handling package %s' % key) - special_packages=['misc', 'modules', 'dev'] + special_packages=['misc', 'modules', 'tests', 'dev'] if key in special_packages or 'staticdev' in key: print('Passing %s package directly' % key) new_manifest[key]=old_manifest[key] diff --git a/poky/meta/recipes-devtools/python/python/multilib.patch b/poky/meta/recipes-devtools/python/python/multilib.patch index 1116dd518e..d24bc15f01 100644 --- a/poky/meta/recipes-devtools/python/python/multilib.patch +++ b/poky/meta/recipes-devtools/python/python/multilib.patch @@ -11,7 +11,7 @@ Index: Python-2.7.14/configure.ac +AC_SUBST(LIB) +AC_MSG_CHECKING(LIB) -+LIB=`basename ${libdir}` ++LIB="SEDMELIBLEAF" +AC_MSG_RESULT($LIB) AC_SUBST(LIBRARY) diff --git a/poky/meta/recipes-devtools/python/python/python2-manifest.json b/poky/meta/recipes-devtools/python/python/python2-manifest.json index 1e7004e05e..260fa6f80d 100644 --- a/poky/meta/recipes-devtools/python/python/python2-manifest.json +++ b/poky/meta/recipes-devtools/python/python/python2-manifest.json @@ -1,18 +1,18 @@ { "tests": { - "summary": "Python test suite", + "summary": "Python test suite", "rdepends": [ - "core", + "core", "modules" - ], + ], "files": [ - "${libdir}/python2.7/*/test", - "${libdir}/python2.7/*/tests", - "${libdir}/python2.7/idlelib/idle_test/", + "${libdir}/python2.7/*/test", + "${libdir}/python2.7/*/tests", + "${libdir}/python2.7/idlelib/idle_test/", "${libdir}/python2.7/test" - ], + ], "cached": [] - }, + }, "2to3": { "summary": "Python automated Python 2 to 3 code translator", "rdepends": [ @@ -881,10 +881,12 @@ "sqlite3": { "summary": "Python Sqlite3 database support", "rdepends": [ - "core" + "core", + "datetime" ], "files": [ - "${libdir}/python2.7/lib-dynload/_sqlite3.so" + "${libdir}/python2.7/lib-dynload/_sqlite3.so", + "${libdir}/python2.7/sqlite3" ] }, "stringold": { @@ -1041,4 +1043,4 @@ "${libdir}/python2.7/lib-dynload/zlib.so" ] } -} +}
\ No newline at end of file diff --git a/poky/meta/recipes-devtools/python/python3-dbus_1.2.6.bb b/poky/meta/recipes-devtools/python/python3-dbus_1.2.8.bb index 19cbae91a4..c9bf8df42d 100644 --- a/poky/meta/recipes-devtools/python/python3-dbus_1.2.6.bb +++ b/poky/meta/recipes-devtools/python/python3-dbus_1.2.8.bb @@ -8,15 +8,16 @@ DEPENDS = "expat dbus dbus-glib virtual/libintl" SRC_URI = "http://dbus.freedesktop.org/releases/dbus-python/dbus-python-${PV}.tar.gz \ " -RSRC_URI[md5sum] = "1ce1ddf2582060f8f971652ea54cc17e" -SRC_URI[sha256sum] = "32f29c17172cdb9cb61c68b1f1a71dfe7351506fc830869029c47449bd04faeb" +SRC_URI[md5sum] = "7379db774c10904f27e7e2743d90fb43" +SRC_URI[sha256sum] = "abf12bbb765e300bf8e2a1b2f32f85949eab06998dbda127952c31cb63957b6f" S = "${WORKDIR}/dbus-python-${PV}" inherit distutils3-base autotools pkgconfig -PACKAGECONFIG ?= "" -PACKAGECONFIG[docs] = "--enable-html-docs,--disable-html-docs,python3-docutils-native" -PACKAGECONFIG[api-docs] = "--enable-api-docs,--disable-api-docs,python3-docutils-native python3-epydoc-native" +# documentation needs python3-sphinx, which is not in oe-core or meta-python for now +# change to use PACKAGECONFIG when python3-sphinx is added to oe-core +EXTRA_OECONF += "--disable-documentation" + RDEPENDS_${PN} = "python3-io python3-logging python3-stringold python3-threading python3-xml" diff --git a/poky/meta/recipes-devtools/python/python3-extras_1.0.0.bb b/poky/meta/recipes-devtools/python/python3-extras_1.0.0.bb new file mode 100644 index 0000000000..76f87f2640 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-extras_1.0.0.bb @@ -0,0 +1,2 @@ +inherit setuptools3 +require python-extras.inc diff --git a/poky/meta/recipes-devtools/python/python3-git_2.1.8.bb b/poky/meta/recipes-devtools/python/python3-git_2.1.11.bb index ac320fa56b..ac320fa56b 100644 --- a/poky/meta/recipes-devtools/python/python3-git_2.1.8.bb +++ b/poky/meta/recipes-devtools/python/python3-git_2.1.11.bb diff --git a/poky/meta/recipes-devtools/python/python3-gitdb_2.0.3.bb b/poky/meta/recipes-devtools/python/python3-gitdb_2.0.4.bb index fe158327cb..fe158327cb 100644 --- a/poky/meta/recipes-devtools/python/python3-gitdb_2.0.3.bb +++ b/poky/meta/recipes-devtools/python/python3-gitdb_2.0.4.bb diff --git a/poky/meta/recipes-devtools/python/python3-native_3.5.5.bb b/poky/meta/recipes-devtools/python/python3-native_3.5.6.bb index 3098027d80..d5953cf4bb 100644 --- a/poky/meta/recipes-devtools/python/python3-native_3.5.5.bb +++ b/poky/meta/recipes-devtools/python/python3-native_3.5.6.bb @@ -1,13 +1,10 @@ -require recipes-devtools/python/python.inc +require recipes-devtools/python/python3.inc -PR = "${INC_PR}.0" -PYTHON_MAJMIN = "3.5" DISTRO_SRC_URI ?= "file://sitecustomize.py" DISTRO_SRC_URI_linuxstdbase = "" SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://12-distutils-prefix-is-inside-staging-area.patch \ file://python-config.patch \ -file://0001-cross-compile-support.patch \ file://030-fixup-include-dirs.patch \ file://070-dont-clean-ipkg-install.patch \ file://080-distutils-dont_adjust_files.patch \ @@ -16,7 +13,6 @@ file://150-fix-setupterm.patch \ file://python-3.3-multilib.patch \ file://03-fix-tkinter-detection.patch \ file://avoid_warning_about_tkinter.patch \ -file://shutil-follow-symlink-fix.patch \ file://0001-h2py-Fix-issue-13032-where-it-fails-with-UnicodeDeco.patch \ file://sysroot-include-headers.patch \ file://unixccompiler.patch \ @@ -26,18 +22,13 @@ file://setup.py-check-cross_compiling-when-get-FLAGS.patch \ file://0001-Do-not-use-the-shell-version-of-python-config-that-w.patch \ file://support_SOURCE_DATE_EPOCH_in_py_compile.patch \ file://regen-all.patch \ +file://0001-Issue-28043-SSLContext-has-improved-default-settings.patch \ +file://0002-bpo-29136-Add-TLS-1.3-cipher-suites-and-OP_NO_TLSv1_.patch \ +file://0003-bpo-32947-Fixes-for-TLS-1.3-and-OpenSSL-1.1.1-GH-876.patch \ +file://0004-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976.patch \ +file://0005-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-2305.patch \ " -SRC_URI[md5sum] = "f3763edf9824d5d3a15f5f646083b6e0" -SRC_URI[sha256sum] = "063d2c3b0402d6191b90731e0f735c64830e7522348aeb7ed382a83165d45009" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=b6ec515b22618f55fa07276b897bacea" - -# exclude pre-releases for both python 2.x and 3.x -UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" - -S = "${WORKDIR}/Python-${PV}" - EXTRANATIVEPATH += "bzip2-native" DEPENDS = "openssl-native bzip2-replacement-native zlib-native readline-native sqlite3-native gdbm-native" @@ -53,9 +44,6 @@ EXTRA_OEMAKE = '\ ARCH=${TARGET_ARCH} \ ' -# No ctypes option for python 3 -PYTHONLSBOPTS = "" - do_configure_append() { autoreconf --verbose --install --force --exclude=autopoint ../Python-${PV}/Modules/_ctypes/libffi sed -i -e 's,#define HAVE_GETRANDOM 1,/\* #undef HAVE_GETRANDOM \*/,' ${B}/pyconfig.h diff --git a/poky/meta/recipes-devtools/python/python3-pbr_4.2.0.bb b/poky/meta/recipes-devtools/python/python3-pbr_4.2.0.bb new file mode 100644 index 0000000000..97e7361b16 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-pbr_4.2.0.bb @@ -0,0 +1,2 @@ +inherit setuptools3 +require python-pbr.inc diff --git a/poky/meta/recipes-devtools/python/python3-pip_18.0.bb b/poky/meta/recipes-devtools/python/python3-pip_18.0.bb new file mode 100644 index 0000000000..3fcdb8014a --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-pip_18.0.bb @@ -0,0 +1,30 @@ +SUMMARY = "The PyPA recommended tool for installing Python packages" +HOMEPAGE = "https://pypi.python.org/pypi/pip" +SECTION = "devel/python" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=593c6cd9d639307226978cbcae61ad4b" + +DEPENDS += "python3 python3-setuptools-native" + +SRC_URI[md5sum] = "52f75ceb21e96c258f289859a2996b60" +SRC_URI[sha256sum] = "a0e11645ee37c90b40c46d607070c4fd583e2cd46231b1c06e389c5e814eed76" + +inherit pypi distutils3 + +do_install_append() { + # Install as pip3 and leave pip2 as default + rm ${D}/${bindir}/pip +} + +RDEPENDS_${PN} = "\ + python3-compile \ + python3-io \ + python3-html \ + python3-json \ + python3-netserver \ + python3-setuptools \ + python3-unixadmin \ + python3-xmlrpc \ +" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/python/python3-pip_9.0.2.bb b/poky/meta/recipes-devtools/python/python3-pip_9.0.2.bb deleted file mode 100644 index 53fd6dcf27..0000000000 --- a/poky/meta/recipes-devtools/python/python3-pip_9.0.2.bb +++ /dev/null @@ -1,48 +0,0 @@ -SUMMARY = "The PyPA recommended tool for installing Python packages" -HOMEPAGE = "https://pypi.python.org/pypi/pip" -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=25fba45109565f87de20bae85bc39452" - -DEPENDS += "python3 python3-setuptools-native" - -SRC_URI[md5sum] = "2fddd680422326b9d1fbf56112cf341d" -SRC_URI[sha256sum] = "88110a224e9d30e5d76592a0b2130ef10e7e67a6426e8617bb918fffbfe91fe5" - -inherit pypi distutils3 - -DISTUTILS_INSTALL_ARGS += "--install-lib=${D}${PYTHON_SITEPACKAGES_DIR}" - -do_install_prepend() { - install -d ${D}${PYTHON_SITEPACKAGES_DIR} -} - -# Use setuptools site.py instead, avoid shared state issue -do_install_append() { - rm ${D}${PYTHON_SITEPACKAGES_DIR}/site.py - rm ${D}${PYTHON_SITEPACKAGES_DIR}/__pycache__/site.cpython-*.pyc - - # Install as pip3 and leave pip2 as default - rm ${D}/${bindir}/pip - - # Installed eggs need to be passed directly to the interpreter via a pth file - echo "./${PYPI_PACKAGE}-${PV}-py${PYTHON_BASEVERSION}.egg" > ${D}${PYTHON_SITEPACKAGES_DIR}/${PYPI_PACKAGE}-${PV}.pth - - # Make sure we use /usr/bin/env python3 - for PYTHSCRIPT in `grep -rIl ${bindir} ${D}${bindir}/pip3*`; do - sed -i -e '1s|^#!.*|#!/usr/bin/env python3|' $PYTHSCRIPT - done -} - -RDEPENDS_${PN} = "\ - python3-compile \ - python3-io \ - python3-html \ - python3-json \ - python3-netserver \ - python3-setuptools \ - python3-unixadmin \ - python3-xmlrpc \ -" - -BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/python/python3-pygobject_3.28.1.bb b/poky/meta/recipes-devtools/python/python3-pygobject_3.28.3.bb index 97286f4e80..313af227b6 100644 --- a/poky/meta/recipes-devtools/python/python3-pygobject_3.28.1.bb +++ b/poky/meta/recipes-devtools/python/python3-pygobject_3.28.3.bb @@ -12,8 +12,8 @@ SRC_URI = " \ http://ftp.gnome.org/pub/GNOME/sources/${SRCNAME}/${@gnome_verdir("${PV}")}/${SRCNAME}-${PV}.tar.xz \ " -SRC_URI[md5sum] = "612e9e2863d117d810e78672f7bc3ad6" -SRC_URI[sha256sum] = "42312b4a5015571fa0a4f2d201005da46b71c251ea2625bc95702d071c4ff895" +SRC_URI[md5sum] = "3bac63c86bb963aa401f97859464aa90" +SRC_URI[sha256sum] = "3dd3e21015d06e00482ea665fc1733b77e754a6ab656a5db5d7f7bfaf31ad0b0" S = "${WORKDIR}/${SRCNAME}-${PV}" diff --git a/poky/meta/recipes-devtools/python/python3-setuptools_39.0.0.bb b/poky/meta/recipes-devtools/python/python3-setuptools_40.0.0.bb index 0dc1ed8622..0dc1ed8622 100644 --- a/poky/meta/recipes-devtools/python/python3-setuptools_39.0.0.bb +++ b/poky/meta/recipes-devtools/python/python3-setuptools_40.0.0.bb diff --git a/poky/meta/recipes-devtools/python/python3-subunit_1.3.0.bb b/poky/meta/recipes-devtools/python/python3-subunit_1.3.0.bb new file mode 100644 index 0000000000..2ece4451df --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-subunit_1.3.0.bb @@ -0,0 +1,2 @@ +inherit setuptools3 +require python-subunit.inc diff --git a/poky/meta/recipes-devtools/python/python3-testtools_2.3.0.bb b/poky/meta/recipes-devtools/python/python3-testtools_2.3.0.bb new file mode 100644 index 0000000000..896ecee65c --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-testtools_2.3.0.bb @@ -0,0 +1,2 @@ +inherit setuptools3 +require python-testtools.inc diff --git a/poky/meta/recipes-devtools/python/python3.inc b/poky/meta/recipes-devtools/python/python3.inc new file mode 100644 index 0000000000..f565b3f171 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3.inc @@ -0,0 +1,43 @@ +SUMMARY = "The Python Programming Language" +HOMEPAGE = "http://www.python.org" +LICENSE = "PSFv2" +SECTION = "devel/python" + +# TODO Remove this when we upgrade +INC_PR = "r1" +PR = "${INC_PR}.0" + +LIC_FILES_CHKSUM = "file://LICENSE;md5=b6ec515b22618f55fa07276b897bacea" + +# TODO consolidate patch set +SRC_URI[md5sum] = "f5a99f765e765336a3ebbb2a24ca2be3" +SRC_URI[sha256sum] = "f55cde04f521f273c7cba08912921cc5642cfc15ca7b22d5829f0aff4371155f" + +# exclude pre-releases for both python 2.x and 3.x +UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" + +CVE_PRODUCT = "python" + +PYTHON_MAJMIN = "3.5" +PYTHON_BINABI = "${PYTHON_MAJMIN}m" + +S = "${WORKDIR}/Python-${PV}" + +inherit autotools bluetooth pkgconfig + +EXTRA_OECONF = "\ + --with-threads \ + --with-pymalloc \ + --without-cxx-main \ + --with-signal-module \ + --enable-shared \ + --enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)} \ +" + +PACKAGECONFIG[bluetooth] = ",ac_cv_header_bluetooth_bluetooth_h=no ac_cv_header_bluetooth_h=no,${BLUEZ}" + +do_install_append () { + sed -i -e 's:${HOSTTOOLS_DIR}/install:install:g' \ + -e 's:${HOSTTOOLS_DIR}/mkdir:mkdir:g' \ + ${D}/${libdir}/python${PYTHON_MAJMIN}/_sysconfigdata.py +} diff --git a/poky/meta/recipes-devtools/python/python3/0001-Issue-28043-SSLContext-has-improved-default-settings.patch b/poky/meta/recipes-devtools/python/python3/0001-Issue-28043-SSLContext-has-improved-default-settings.patch new file mode 100644 index 0000000000..321b4afa12 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0001-Issue-28043-SSLContext-has-improved-default-settings.patch @@ -0,0 +1,272 @@ +From 758e7463c104f71b810c8588166747eeab6148d7 Mon Sep 17 00:00:00 2001 +From: Christian Heimes <christian@python.org> +Date: Sat, 10 Sep 2016 22:43:48 +0200 +Subject: [PATCH 1/4] Issue 28043: SSLContext has improved default settings + +The options OP_NO_COMPRESSION, OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE, OP_SINGLE_ECDH_USE, OP_NO_SSLv2 (except for PROTOCOL_SSLv2), and OP_NO_SSLv3 (except for PROTOCOL_SSLv3) are set by default. The initial cipher suite list contains only HIGH ciphers, no NULL ciphers and MD5 ciphers (except for PROTOCOL_SSLv2). + +Upstream-Status: Backport +[https://github.com/python/cpython/commit/358cfd426ccc0fcd6a7940d306602138e76420ae] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Doc/library/ssl.rst | 9 ++++++- + Lib/ssl.py | 30 +++++---------------- + Lib/test/test_ssl.py | 62 +++++++++++++++++++++++--------------------- + Modules/_ssl.c | 31 ++++++++++++++++++++++ + 4 files changed, 78 insertions(+), 54 deletions(-) + +diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst +index a2f008346b..14f2d68217 100644 +--- a/Doc/library/ssl.rst ++++ b/Doc/library/ssl.rst +@@ -1151,7 +1151,14 @@ to speed up repeated connections from the same clients. + + .. versionchanged:: 3.5.3 + +- :data:`PROTOCOL_TLS` is the default value. ++ The context is created with secure default values. The options ++ :data:`OP_NO_COMPRESSION`, :data:`OP_CIPHER_SERVER_PREFERENCE`, ++ :data:`OP_SINGLE_DH_USE`, :data:`OP_SINGLE_ECDH_USE`, ++ :data:`OP_NO_SSLv2` (except for :data:`PROTOCOL_SSLv2`), ++ and :data:`OP_NO_SSLv3` (except for :data:`PROTOCOL_SSLv3`) are ++ set by default. The initial cipher suite list contains only ``HIGH`` ++ ciphers, no ``NULL`` ciphers and no ``MD5`` ciphers (except for ++ :data:`PROTOCOL_SSLv2`). + + + :class:`SSLContext` objects have the following methods and attributes: +diff --git a/Lib/ssl.py b/Lib/ssl.py +index e1913904f3..4d302a78fa 100644 +--- a/Lib/ssl.py ++++ b/Lib/ssl.py +@@ -446,32 +446,16 @@ def create_default_context(purpose=Purpose.SERVER_AUTH, *, cafile=None, + if not isinstance(purpose, _ASN1Object): + raise TypeError(purpose) + ++ # SSLContext sets OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_COMPRESSION, ++ # OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE and OP_SINGLE_ECDH_USE ++ # by default. + context = SSLContext(PROTOCOL_TLS) + +- # SSLv2 considered harmful. +- context.options |= OP_NO_SSLv2 +- +- # SSLv3 has problematic security and is only required for really old +- # clients such as IE6 on Windows XP +- context.options |= OP_NO_SSLv3 +- +- # disable compression to prevent CRIME attacks (OpenSSL 1.0+) +- context.options |= getattr(_ssl, "OP_NO_COMPRESSION", 0) +- + if purpose == Purpose.SERVER_AUTH: + # verify certs and host name in client mode + context.verify_mode = CERT_REQUIRED + context.check_hostname = True + elif purpose == Purpose.CLIENT_AUTH: +- # Prefer the server's ciphers by default so that we get stronger +- # encryption +- context.options |= getattr(_ssl, "OP_CIPHER_SERVER_PREFERENCE", 0) +- +- # Use single use keys in order to improve forward secrecy +- context.options |= getattr(_ssl, "OP_SINGLE_DH_USE", 0) +- context.options |= getattr(_ssl, "OP_SINGLE_ECDH_USE", 0) +- +- # disallow ciphers with known vulnerabilities + context.set_ciphers(_RESTRICTED_SERVER_CIPHERS) + + if cafile or capath or cadata: +@@ -497,12 +481,10 @@ def _create_unverified_context(protocol=PROTOCOL_TLS, *, cert_reqs=None, + if not isinstance(purpose, _ASN1Object): + raise TypeError(purpose) + ++ # SSLContext sets OP_NO_SSLv2, OP_NO_SSLv3, OP_NO_COMPRESSION, ++ # OP_CIPHER_SERVER_PREFERENCE, OP_SINGLE_DH_USE and OP_SINGLE_ECDH_USE ++ # by default. + context = SSLContext(protocol) +- # SSLv2 considered harmful. +- context.options |= OP_NO_SSLv2 +- # SSLv3 has problematic security and is only required for really old +- # clients such as IE6 on Windows XP +- context.options |= OP_NO_SSLv3 + + if cert_reqs is not None: + context.verify_mode = cert_reqs +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index ffb7314f57..f91af7bd05 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -73,6 +73,12 @@ NULLBYTECERT = data_file("nullbytecert.pem") + DHFILE = data_file("dh1024.pem") + BYTES_DHFILE = os.fsencode(DHFILE) + ++# Not defined in all versions of OpenSSL ++OP_NO_COMPRESSION = getattr(ssl, "OP_NO_COMPRESSION", 0) ++OP_SINGLE_DH_USE = getattr(ssl, "OP_SINGLE_DH_USE", 0) ++OP_SINGLE_ECDH_USE = getattr(ssl, "OP_SINGLE_ECDH_USE", 0) ++OP_CIPHER_SERVER_PREFERENCE = getattr(ssl, "OP_CIPHER_SERVER_PREFERENCE", 0) ++ + + def handle_error(prefix): + exc_format = ' '.join(traceback.format_exception(*sys.exc_info())) +@@ -839,8 +845,9 @@ class ContextTests(unittest.TestCase): + ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) + # OP_ALL | OP_NO_SSLv2 | OP_NO_SSLv3 is the default value + default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3) +- if not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 0): +- default |= ssl.OP_NO_COMPRESSION ++ # SSLContext also enables these by default ++ default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE | ++ OP_SINGLE_DH_USE | OP_SINGLE_ECDH_USE) + self.assertEqual(default, ctx.options) + ctx.options |= ssl.OP_NO_TLSv1 + self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options) +@@ -1205,16 +1212,29 @@ class ContextTests(unittest.TestCase): + stats["x509"] += 1 + self.assertEqual(ctx.cert_store_stats(), stats) + ++ def _assert_context_options(self, ctx): ++ self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) ++ if OP_NO_COMPRESSION != 0: ++ self.assertEqual(ctx.options & OP_NO_COMPRESSION, ++ OP_NO_COMPRESSION) ++ if OP_SINGLE_DH_USE != 0: ++ self.assertEqual(ctx.options & OP_SINGLE_DH_USE, ++ OP_SINGLE_DH_USE) ++ if OP_SINGLE_ECDH_USE != 0: ++ self.assertEqual(ctx.options & OP_SINGLE_ECDH_USE, ++ OP_SINGLE_ECDH_USE) ++ if OP_CIPHER_SERVER_PREFERENCE != 0: ++ self.assertEqual(ctx.options & OP_CIPHER_SERVER_PREFERENCE, ++ OP_CIPHER_SERVER_PREFERENCE) ++ + def test_create_default_context(self): + ctx = ssl.create_default_context() ++ + self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) + self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED) + self.assertTrue(ctx.check_hostname) +- self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) +- self.assertEqual( +- ctx.options & getattr(ssl, "OP_NO_COMPRESSION", 0), +- getattr(ssl, "OP_NO_COMPRESSION", 0), +- ) ++ self._assert_context_options(ctx) ++ + + with open(SIGNING_CA) as f: + cadata = f.read() +@@ -1222,40 +1242,24 @@ class ContextTests(unittest.TestCase): + cadata=cadata) + self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) + self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED) +- self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) +- self.assertEqual( +- ctx.options & getattr(ssl, "OP_NO_COMPRESSION", 0), +- getattr(ssl, "OP_NO_COMPRESSION", 0), +- ) ++ self._assert_context_options(ctx) + + ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) + self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) + self.assertEqual(ctx.verify_mode, ssl.CERT_NONE) +- self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) +- self.assertEqual( +- ctx.options & getattr(ssl, "OP_NO_COMPRESSION", 0), +- getattr(ssl, "OP_NO_COMPRESSION", 0), +- ) +- self.assertEqual( +- ctx.options & getattr(ssl, "OP_SINGLE_DH_USE", 0), +- getattr(ssl, "OP_SINGLE_DH_USE", 0), +- ) +- self.assertEqual( +- ctx.options & getattr(ssl, "OP_SINGLE_ECDH_USE", 0), +- getattr(ssl, "OP_SINGLE_ECDH_USE", 0), +- ) ++ self._assert_context_options(ctx) + + def test__create_stdlib_context(self): + ctx = ssl._create_stdlib_context() + self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) + self.assertEqual(ctx.verify_mode, ssl.CERT_NONE) + self.assertFalse(ctx.check_hostname) +- self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) ++ self._assert_context_options(ctx) + + ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1) + self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1) + self.assertEqual(ctx.verify_mode, ssl.CERT_NONE) +- self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) ++ self._assert_context_options(ctx) + + ctx = ssl._create_stdlib_context(ssl.PROTOCOL_TLSv1, + cert_reqs=ssl.CERT_REQUIRED, +@@ -1263,12 +1267,12 @@ class ContextTests(unittest.TestCase): + self.assertEqual(ctx.protocol, ssl.PROTOCOL_TLSv1) + self.assertEqual(ctx.verify_mode, ssl.CERT_REQUIRED) + self.assertTrue(ctx.check_hostname) +- self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) ++ self._assert_context_options(ctx) + + ctx = ssl._create_stdlib_context(purpose=ssl.Purpose.CLIENT_AUTH) + self.assertEqual(ctx.protocol, ssl.PROTOCOL_SSLv23) + self.assertEqual(ctx.verify_mode, ssl.CERT_NONE) +- self.assertEqual(ctx.options & ssl.OP_NO_SSLv2, ssl.OP_NO_SSLv2) ++ self._assert_context_options(ctx) + + def test_check_hostname(self): + ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1) +diff --git a/Modules/_ssl.c b/Modules/_ssl.c +index 86482677ae..0d5c121d2c 100644 +--- a/Modules/_ssl.c ++++ b/Modules/_ssl.c +@@ -2330,6 +2330,7 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version) + PySSLContext *self; + long options; + SSL_CTX *ctx = NULL; ++ int result; + #if defined(SSL_MODE_RELEASE_BUFFERS) + unsigned long libver; + #endif +@@ -2393,8 +2394,38 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version) + options |= SSL_OP_NO_SSLv2; + if (proto_version != PY_SSL_VERSION_SSL3) + options |= SSL_OP_NO_SSLv3; ++ /* Minimal security flags for server and client side context. ++ * Client sockets ignore server-side parameters. */ ++#ifdef SSL_OP_NO_COMPRESSION ++ options |= SSL_OP_NO_COMPRESSION; ++#endif ++#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE ++ options |= SSL_OP_CIPHER_SERVER_PREFERENCE; ++#endif ++#ifdef SSL_OP_SINGLE_DH_USE ++ options |= SSL_OP_SINGLE_DH_USE; ++#endif ++#ifdef SSL_OP_SINGLE_ECDH_USE ++ options |= SSL_OP_SINGLE_ECDH_USE; ++#endif + SSL_CTX_set_options(self->ctx, options); + ++ /* A bare minimum cipher list without completly broken cipher suites. ++ * It's far from perfect but gives users a better head start. */ ++ if (proto_version != PY_SSL_VERSION_SSL2) { ++ result = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!eNULL:!MD5"); ++ } else { ++ /* SSLv2 needs MD5 */ ++ result = SSL_CTX_set_cipher_list(ctx, "HIGH:!aNULL:!eNULL"); ++ } ++ if (result == 0) { ++ Py_DECREF(self); ++ ERR_clear_error(); ++ PyErr_SetString(PySSLErrorObject, ++ "No cipher can be selected."); ++ return NULL; ++ } ++ + #if defined(SSL_MODE_RELEASE_BUFFERS) + /* Set SSL_MODE_RELEASE_BUFFERS. This potentially greatly reduces memory + usage for no cost at all. However, don't do this for OpenSSL versions +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python3/0001-cross-compile-support.patch b/poky/meta/recipes-devtools/python/python3/0001-cross-compile-support.patch deleted file mode 100644 index 7cd7e3b490..0000000000 --- a/poky/meta/recipes-devtools/python/python3/0001-cross-compile-support.patch +++ /dev/null @@ -1,96 +0,0 @@ -From ecde3ea170999a9ef734e8af4d7c25be5ba81697 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin <alex.kanavin@gmail.com> -Date: Fri, 31 Mar 2017 15:42:46 +0300 -Subject: [PATCH] cross-compile support - -We cross compile python. This patch uses tools from host/native -python instead of in-tree tools - --Khem - -Rebased on 3.5.4 - -Upstream-Status: Inappropriate[Configuration Specific] -Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> -Signed-off-by: Derek Straka <derek@asterius.io> ---- - Makefile.pre.in | 14 ++++++++------ - 1 file changed, 8 insertions(+), 6 deletions(-) - -diff --git a/Makefile.pre.in b/Makefile.pre.in -index 144c1f8629..f252ac2417 100644 ---- a/Makefile.pre.in -+++ b/Makefile.pre.in -@@ -223,6 +223,7 @@ LIBOBJS= @LIBOBJS@ - - PYTHON= python$(EXE) - BUILDPYTHON= python$(BUILDEXE) -+HOSTPYTHON= $(BUILDPYTHON) - - PYTHON_FOR_REGEN=@PYTHON_FOR_REGEN@ - PYTHON_FOR_BUILD=@PYTHON_FOR_BUILD@ -@@ -277,6 +278,7 @@ LIBFFI_INCLUDEDIR= @LIBFFI_INCLUDEDIR@ - ########################################################################## - # Parser - PGEN= Parser/pgen$(EXE) -+HOSTPGEN= $(PGEN)$(EXE) - - PSRCS= \ - Parser/acceler.c \ -@@ -478,7 +480,7 @@ build_all_generate_profile: - - run_profile_task: - : # FIXME: can't run for a cross build -- $(LLVM_PROF_FILE) $(RUNSHARED) ./$(BUILDPYTHON) $(PROFILE_TASK) || true -+ $(LLVM_PROF_FILE) $(RUNSHARED) $(HOSTPYTHON) $(PROFILE_TASK) || true - - build_all_merge_profile: - $(LLVM_PROF_MERGER) -@@ -772,7 +774,7 @@ regen-grammar: $(PGEN) - # Regenerate Include/graminit.h and Python/graminit.c - # from Grammar/Grammar using pgen - @$(MKDIR_P) Include -- $(PGEN) $(srcdir)/Grammar/Grammar \ -+ $(HOSTPGEN) $(srcdir)/Grammar/Grammar \ - $(srcdir)/Include/graminit.h \ - $(srcdir)/Python/graminit.c - -@@ -978,7 +980,7 @@ $(LIBRARY_OBJS) $(MODOBJS) Programs/python.o: $(PYTHON_HEADERS) - ###################################################################### - - TESTOPTS= $(EXTRATESTOPTS) --TESTPYTHON= $(RUNSHARED) ./$(BUILDPYTHON) $(TESTPYTHONOPTS) -+TESTPYTHON= $(RUNSHARED) $(HOSTPYTHON) $(TESTPYTHONOPTS) - TESTRUNNER= $(TESTPYTHON) $(srcdir)/Tools/scripts/run_tests.py - TESTTIMEOUT= 3600 - -@@ -1470,7 +1472,7 @@ frameworkinstallstructure: $(LDLIBRARY) - fi; \ - done - $(LN) -fsn include/python$(LDVERSION) $(DESTDIR)$(prefix)/Headers -- sed 's/%VERSION%/'"`$(RUNSHARED) ./$(BUILDPYTHON) -c 'import platform; print(platform.python_version())'`"'/g' < $(RESSRCDIR)/Info.plist > $(DESTDIR)$(prefix)/Resources/Info.plist -+ sed 's/%VERSION%/'"`$(RUNSHARED) $(HOSTPYTHON) -c 'import platform; print(platform.python_version())'`"'/g' < $(RESSRCDIR)/Info.plist > $(DESTDIR)$(prefix)/Resources/Info.plist - $(LN) -fsn $(VERSION) $(DESTDIR)$(PYTHONFRAMEWORKINSTALLDIR)/Versions/Current - $(LN) -fsn Versions/Current/$(PYTHONFRAMEWORK) $(DESTDIR)$(PYTHONFRAMEWORKINSTALLDIR)/$(PYTHONFRAMEWORK) - $(LN) -fsn Versions/Current/Headers $(DESTDIR)$(PYTHONFRAMEWORKINSTALLDIR)/Headers -@@ -1543,7 +1545,7 @@ Python/dtoa.o: Python/dtoa.c - - # Run reindent on the library - reindent: -- ./$(BUILDPYTHON) $(srcdir)/Tools/scripts/reindent.py -r $(srcdir)/Lib -+ $(HOSTPYTHON) $(srcdir)/Tools/scripts/reindent.py -r $(srcdir)/Lib - - # Rerun configure with the same options as it was run last time, - # provided the config.status script exists -@@ -1678,7 +1680,7 @@ funny: - - # Perform some verification checks on any modified files. - patchcheck: @DEF_MAKE_RULE@ -- $(RUNSHARED) ./$(BUILDPYTHON) $(srcdir)/Tools/scripts/patchcheck.py -+ $(RUNSHARED) $(HOSTPYTHON) $(srcdir)/Tools/scripts/patchcheck.py - - # Dependencies - --- -2.11.0 - diff --git a/poky/meta/recipes-devtools/python/python3/0002-Makefile-add-target-to-split-profile-generation.patch b/poky/meta/recipes-devtools/python/python3/0002-Makefile-add-target-to-split-profile-generation.patch new file mode 100644 index 0000000000..2b4ba316e4 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0002-Makefile-add-target-to-split-profile-generation.patch @@ -0,0 +1,40 @@ +From 98586d6dc598e40b8b821b0dde57599e188a7ca4 Mon Sep 17 00:00:00 2001 +From: Anuj Mittal <anuj.mittal@intel.com> +Date: Tue, 7 Aug 2018 16:43:17 +0800 +Subject: [PATCH 2/2] Makefile: add target to split profile generation + +We don't want to have profile task invoked from here and want to use +qemu-user instead. Split the profile-opt task so qemu can be invoked +once binaries have been built with instrumentation and then we can go +ahead and build again using the profile data generated. + +Upstream-Status: Inappropriate [OE-specific] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Makefile.pre.in | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/Makefile.pre.in b/Makefile.pre.in +index 84bc3ff..017a2c4 100644 +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -469,13 +469,12 @@ profile-opt: + $(MAKE) profile-removal + $(MAKE) build_all_generate_profile + $(MAKE) profile-removal +- @echo "Running code to generate profile data (this can take a while):" +- $(MAKE) run_profile_task +- $(MAKE) build_all_merge_profile ++ ++clean_and_use_profile: + @echo "Rebuilding with profile guided optimizations:" + $(MAKE) clean + $(MAKE) build_all_use_profile + $(MAKE) profile-removal + + build_all_generate_profile: + $(MAKE) @DEF_MAKE_RULE@ CFLAGS_NODIST="$(CFLAGS) $(EXTRA_CFLAGS) $(PGO_PROF_GEN_FLAG) @LTOFLAGS@" LDFLAGS="$(LDFLAGS) $(PGO_PROF_GEN_FLAG) @LTOFLAGS@" LIBS="$(LIBS)" +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python3/0002-bpo-29136-Add-TLS-1.3-cipher-suites-and-OP_NO_TLSv1_.patch b/poky/meta/recipes-devtools/python/python3/0002-bpo-29136-Add-TLS-1.3-cipher-suites-and-OP_NO_TLSv1_.patch new file mode 100644 index 0000000000..d48cad7586 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0002-bpo-29136-Add-TLS-1.3-cipher-suites-and-OP_NO_TLSv1_.patch @@ -0,0 +1,227 @@ +From e950ea68dab006944af194c9910b8f2341d1437d Mon Sep 17 00:00:00 2001 +From: Christian Heimes <christian@python.org> +Date: Thu, 7 Sep 2017 20:23:52 -0700 +Subject: [PATCH] bpo-29136: Add TLS 1.3 cipher suites and OP_NO_TLSv1_3 + (GH-1363) (#3444) + +* bpo-29136: Add TLS 1.3 support + +TLS 1.3 introduces a new, distinct set of cipher suites. The TLS 1.3 +cipher suites don't overlap with cipher suites from TLS 1.2 and earlier. +Since Python sets its own set of permitted ciphers, TLS 1.3 handshake +will fail as soon as OpenSSL 1.1.1 is released. Let's enable the common +AES-GCM and ChaCha20 suites. + +Additionally the flag OP_NO_TLSv1_3 is added. It defaults to 0 (no op) with +OpenSSL prior to 1.1.1. This allows applications to opt-out from TLS 1.3 +now. + +Signed-off-by: Christian Heimes <christian@python.org>. +(cherry picked from commit cb5b68abdeb1b1d56c581d5b4d647018703d61e3) + +Upstream-Status: Backport +[https://github.com/python/cpython/commit/cb5b68abdeb1b1d56c581d5b4d647018703d61e3] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Doc/library/ssl.rst | 21 ++++++++++++++ + Lib/ssl.py | 7 +++++ + Lib/test/test_ssl.py | 29 ++++++++++++++++++- + .../2017-09-04-16-39-49.bpo-29136.vSn1oR.rst | 1 + + Modules/_ssl.c | 13 +++++++++ + 5 files changed, 70 insertions(+), 1 deletion(-) + create mode 100644 Misc/NEWS.d/next/Library/2017-09-04-16-39-49.bpo-29136.vSn1oR.rst + +diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst +index 14f2d68217..29c5e94cf6 100644 +--- a/Doc/library/ssl.rst ++++ b/Doc/library/ssl.rst +@@ -285,6 +285,11 @@ purposes. + + 3DES was dropped from the default cipher string. + ++ .. versionchanged:: 3.7 ++ ++ TLS 1.3 cipher suites TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, ++ and TLS_CHACHA20_POLY1305_SHA256 were added to the default cipher string. ++ + + Random generation + ^^^^^^^^^^^^^^^^^ +@@ -719,6 +724,16 @@ Constants + + .. versionadded:: 3.4 + ++.. data:: OP_NO_TLSv1_3 ++ ++ Prevents a TLSv1.3 connection. This option is only applicable in conjunction ++ with :const:`PROTOCOL_TLS`. It prevents the peers from choosing TLSv1.3 as ++ the protocol version. TLS 1.3 is available with OpenSSL 1.1.1 or later. ++ When Python has been compiled against an older version of OpenSSL, the ++ flag defaults to *0*. ++ ++ .. versionadded:: 3.7 ++ + .. data:: OP_CIPHER_SERVER_PREFERENCE + + Use the server's cipher ordering preference, rather than the client's. +@@ -783,6 +798,12 @@ Constants + + .. versionadded:: 3.3 + ++.. data:: HAS_TLSv1_3 ++ ++ Whether the OpenSSL library has built-in support for the TLS 1.3 protocol. ++ ++ .. versionadded:: 3.7 ++ + .. data:: CHANNEL_BINDING_TYPES + + List of supported TLS channel binding types. Strings in this list +diff --git a/Lib/ssl.py b/Lib/ssl.py +index 4d302a78fa..f233e72e1f 100644 +--- a/Lib/ssl.py ++++ b/Lib/ssl.py +@@ -122,6 +122,7 @@ _import_symbols('OP_') + _import_symbols('ALERT_DESCRIPTION_') + _import_symbols('SSL_ERROR_') + _import_symbols('VERIFY_') ++from _ssl import HAS_SNI, HAS_ECDH, HAS_NPN, HAS_ALPN, HAS_TLSv1_3 + + from _ssl import HAS_SNI, HAS_ECDH, HAS_NPN, HAS_ALPN + +@@ -162,6 +163,7 @@ else: + # (OpenSSL's default setting is 'DEFAULT:!aNULL:!eNULL') + # Enable a better set of ciphers by default + # This list has been explicitly chosen to: ++# * TLS 1.3 ChaCha20 and AES-GCM cipher suites + # * Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE) + # * Prefer ECDHE over DHE for better performance + # * Prefer AEAD over CBC for better performance and security +@@ -173,6 +175,8 @@ else: + # * Disable NULL authentication, NULL encryption, 3DES and MD5 MACs + # for security reasons + _DEFAULT_CIPHERS = ( ++ 'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:' ++ 'TLS13-AES-128-GCM-SHA256:' + 'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:' + 'ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:' + '!aNULL:!eNULL:!MD5:!3DES' +@@ -180,6 +184,7 @@ _DEFAULT_CIPHERS = ( + + # Restricted and more secure ciphers for the server side + # This list has been explicitly chosen to: ++# * TLS 1.3 ChaCha20 and AES-GCM cipher suites + # * Prefer cipher suites that offer perfect forward secrecy (DHE/ECDHE) + # * Prefer ECDHE over DHE for better performance + # * Prefer AEAD over CBC for better performance and security +@@ -190,6 +195,8 @@ _DEFAULT_CIPHERS = ( + # * Disable NULL authentication, NULL encryption, MD5 MACs, DSS, RC4, and + # 3DES for security reasons + _RESTRICTED_SERVER_CIPHERS = ( ++ 'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:' ++ 'TLS13-AES-128-GCM-SHA256:' + 'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:' + 'ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH:' + '!aNULL:!eNULL:!MD5:!DSS:!RC4:!3DES' +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index f91af7bd05..1acc12ec2d 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -150,6 +150,13 @@ class BasicSocketTests(unittest.TestCase): + ssl.OP_NO_COMPRESSION + self.assertIn(ssl.HAS_SNI, {True, False}) + self.assertIn(ssl.HAS_ECDH, {True, False}) ++ ssl.OP_NO_SSLv2 ++ ssl.OP_NO_SSLv3 ++ ssl.OP_NO_TLSv1 ++ ssl.OP_NO_TLSv1_3 ++ if ssl.OPENSSL_VERSION_INFO >= (1, 0, 1): ++ ssl.OP_NO_TLSv1_1 ++ ssl.OP_NO_TLSv1_2 + + def test_str_for_enums(self): + # Make sure that the PROTOCOL_* constants have enum-like string +@@ -3028,12 +3035,33 @@ else: + self.assertEqual(s.version(), 'TLSv1') + self.assertIs(s.version(), None) + ++ @unittest.skipUnless(ssl.HAS_TLSv1_3, ++ "test requires TLSv1.3 enabled OpenSSL") ++ def test_tls1_3(self): ++ context = ssl.SSLContext(ssl.PROTOCOL_TLS) ++ context.load_cert_chain(CERTFILE) ++ # disable all but TLS 1.3 ++ context.options |= ( ++ ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1 | ssl.OP_NO_TLSv1_2 ++ ) ++ with ThreadedEchoServer(context=context) as server: ++ with context.wrap_socket(socket.socket()) as s: ++ s.connect((HOST, server.port)) ++ self.assertIn(s.cipher()[0], [ ++ 'TLS13-AES-256-GCM-SHA384', ++ 'TLS13-CHACHA20-POLY1305-SHA256', ++ 'TLS13-AES-128-GCM-SHA256', ++ ]) ++ + @unittest.skipUnless(ssl.HAS_ECDH, "test requires ECDH-enabled OpenSSL") + def test_default_ecdh_curve(self): + # Issue #21015: elliptic curve-based Diffie Hellman key exchange + # should be enabled by default on SSL contexts. + context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) + context.load_cert_chain(CERTFILE) ++ # TLSv1.3 defaults to PFS key agreement and no longer has KEA in ++ # cipher name. ++ context.options |= ssl.OP_NO_TLSv1_3 + # Prior to OpenSSL 1.0.0, ECDH ciphers have to be enabled + # explicitly using the 'ECCdraft' cipher alias. Otherwise, + # our default cipher list should prefer ECDH-based ciphers +@@ -3394,7 +3422,6 @@ else: + s.sendfile(file) + self.assertEqual(s.recv(1024), TEST_DATA) + +- + def test_main(verbose=False): + if support.verbose: + import warnings +diff --git a/Misc/NEWS.d/next/Library/2017-09-04-16-39-49.bpo-29136.vSn1oR.rst b/Misc/NEWS.d/next/Library/2017-09-04-16-39-49.bpo-29136.vSn1oR.rst +new file mode 100644 +index 0000000000..e76997ef83 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2017-09-04-16-39-49.bpo-29136.vSn1oR.rst +@@ -0,0 +1 @@ ++Add TLS 1.3 cipher suites and OP_NO_TLSv1_3. +diff --git a/Modules/_ssl.c b/Modules/_ssl.c +index 0d5c121d2c..c71d89607c 100644 +--- a/Modules/_ssl.c ++++ b/Modules/_ssl.c +@@ -4842,6 +4842,11 @@ PyInit__ssl(void) + #if HAVE_TLSv1_2 + PyModule_AddIntConstant(m, "OP_NO_TLSv1_1", SSL_OP_NO_TLSv1_1); + PyModule_AddIntConstant(m, "OP_NO_TLSv1_2", SSL_OP_NO_TLSv1_2); ++#endif ++#ifdef SSL_OP_NO_TLSv1_3 ++ PyModule_AddIntConstant(m, "OP_NO_TLSv1_3", SSL_OP_NO_TLSv1_3); ++#else ++ PyModule_AddIntConstant(m, "OP_NO_TLSv1_3", 0); + #endif + PyModule_AddIntConstant(m, "OP_CIPHER_SERVER_PREFERENCE", + SSL_OP_CIPHER_SERVER_PREFERENCE); +@@ -4890,6 +4895,14 @@ PyInit__ssl(void) + Py_INCREF(r); + PyModule_AddObject(m, "HAS_ALPN", r); + ++#if defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3) ++ r = Py_True; ++#else ++ r = Py_False; ++#endif ++ Py_INCREF(r); ++ PyModule_AddObject(m, "HAS_TLSv1_3", r); ++ + /* Mappings for error codes */ + err_codes_to_names = PyDict_New(); + err_names_to_codes = PyDict_New(); +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python3/0003-bpo-32947-Fixes-for-TLS-1.3-and-OpenSSL-1.1.1-GH-876.patch b/poky/meta/recipes-devtools/python/python3/0003-bpo-32947-Fixes-for-TLS-1.3-and-OpenSSL-1.1.1-GH-876.patch new file mode 100644 index 0000000000..56d591d1b5 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0003-bpo-32947-Fixes-for-TLS-1.3-and-OpenSSL-1.1.1-GH-876.patch @@ -0,0 +1,173 @@ +From 170a614904febd14ff6cfd7a75c9bccc114b3948 Mon Sep 17 00:00:00 2001 +From: Christian Heimes <christian@python.org> +Date: Tue, 14 Aug 2018 16:56:32 +0200 +Subject: [PATCH] bpo-32947: Fixes for TLS 1.3 and OpenSSL 1.1.1 (GH-8761) + +Backport of TLS 1.3 related fixes from 3.7. + +Misc fixes and workarounds for compatibility with OpenSSL 1.1.1 from git +master and TLS 1.3 support. With OpenSSL 1.1.1, Python negotiates TLS 1.3 by +default. Some test cases only apply to TLS 1.2. + +OpenSSL 1.1.1 has added a new option OP_ENABLE_MIDDLEBOX_COMPAT for TLS +1.3. The feature is enabled by default for maximum compatibility with +broken middle boxes. Users should be able to disable the hack and CPython's test suite needs +it to verify default options + +Signed-off-by: Christian Heimes <christian@python.org> + +Upstream-Status: Backport +[https://github.com/python/cpython/commit/2a4ee8aa01d61b6a9c8e9c65c211e61bdb471826] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Doc/library/ssl.rst | 9 ++++++ + Lib/test/test_asyncio/test_events.py | 6 +++- + Lib/test/test_ssl.py | 29 +++++++++++++++---- + .../2018-08-14-08-57-01.bpo-32947.mqStVW.rst | 2 ++ + Modules/_ssl.c | 4 +++ + 5 files changed, 44 insertions(+), 6 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2018-08-14-08-57-01.bpo-32947.mqStVW.rst + +diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst +index 29c5e94cf6..f63a3deec5 100644 +--- a/Doc/library/ssl.rst ++++ b/Doc/library/ssl.rst +@@ -757,6 +757,15 @@ Constants + + .. versionadded:: 3.3 + ++.. data:: OP_ENABLE_MIDDLEBOX_COMPAT ++ ++ Send dummy Change Cipher Spec (CCS) messages in TLS 1.3 handshake to make ++ a TLS 1.3 connection look more like a TLS 1.2 connection. ++ ++ This option is only available with OpenSSL 1.1.1 and later. ++ ++ .. versionadded:: 3.6.7 ++ + .. data:: OP_NO_COMPRESSION + + Disable compression on the SSL channel. This is useful if the application +diff --git a/Lib/test/test_asyncio/test_events.py b/Lib/test/test_asyncio/test_events.py +index 492a84a231..6f208474b9 100644 +--- a/Lib/test/test_asyncio/test_events.py ++++ b/Lib/test/test_asyncio/test_events.py +@@ -1169,7 +1169,11 @@ class EventLoopTestsMixin: + self.loop.run_until_complete(f_c) + + # close connection +- proto.transport.close() ++ # transport may be None with TLS 1.3, because connection is ++ # interrupted, server is unable to send session tickets, and ++ # transport is closed. ++ if proto.transport is not None: ++ proto.transport.close() + server.close() + + def test_legacy_create_server_ssl_match_failed(self): +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index 1acc12ec2d..a2e1d32a62 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -78,6 +78,7 @@ OP_NO_COMPRESSION = getattr(ssl, "OP_NO_COMPRESSION", 0) + OP_SINGLE_DH_USE = getattr(ssl, "OP_SINGLE_DH_USE", 0) + OP_SINGLE_ECDH_USE = getattr(ssl, "OP_SINGLE_ECDH_USE", 0) + OP_CIPHER_SERVER_PREFERENCE = getattr(ssl, "OP_CIPHER_SERVER_PREFERENCE", 0) ++OP_ENABLE_MIDDLEBOX_COMPAT = getattr(ssl, "OP_ENABLE_MIDDLEBOX_COMPAT", 0) + + + def handle_error(prefix): +@@ -155,8 +156,8 @@ class BasicSocketTests(unittest.TestCase): + ssl.OP_NO_TLSv1 + ssl.OP_NO_TLSv1_3 + if ssl.OPENSSL_VERSION_INFO >= (1, 0, 1): +- ssl.OP_NO_TLSv1_1 +- ssl.OP_NO_TLSv1_2 ++ ssl.OP_NO_TLSv1_1 ++ ssl.OP_NO_TLSv1_2 + + def test_str_for_enums(self): + # Make sure that the PROTOCOL_* constants have enum-like string +@@ -854,7 +855,8 @@ class ContextTests(unittest.TestCase): + default = (ssl.OP_ALL | ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3) + # SSLContext also enables these by default + default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE | +- OP_SINGLE_DH_USE | OP_SINGLE_ECDH_USE) ++ OP_SINGLE_DH_USE | OP_SINGLE_ECDH_USE | ++ OP_ENABLE_MIDDLEBOX_COMPAT) + self.assertEqual(default, ctx.options) + ctx.options |= ssl.OP_NO_TLSv1 + self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options) +@@ -1860,11 +1862,26 @@ else: + self.sock, server_side=True) + self.server.selected_npn_protocols.append(self.sslconn.selected_npn_protocol()) + self.server.selected_alpn_protocols.append(self.sslconn.selected_alpn_protocol()) +- except (ssl.SSLError, ConnectionResetError) as e: ++ except (ConnectionResetError, BrokenPipeError) as e: + # We treat ConnectionResetError as though it were an + # SSLError - OpenSSL on Ubuntu abruptly closes the + # connection when asked to use an unsupported protocol. + # ++ # BrokenPipeError is raised in TLS 1.3 mode, when OpenSSL ++ # tries to send session tickets after handshake. ++ # https://github.com/openssl/openssl/issues/6342 ++ self.server.conn_errors.append(str(e)) ++ if self.server.chatty: ++ handle_error( ++ "\n server: bad connection attempt from " + repr( ++ self.addr) + ":\n") ++ self.running = False ++ self.close() ++ return False ++ except (ssl.SSLError, OSError) as e: ++ # OSError may occur with wrong protocols, e.g. both ++ # sides use PROTOCOL_TLS_SERVER. ++ # + # XXX Various errors can have happened here, for example + # a mismatching protocol version, an invalid certificate, + # or a low-level bug. This should be made more discriminating. +@@ -2974,7 +2991,7 @@ else: + # Block on the accept and wait on the connection to close. + evt.set() + remote, peer = server.accept() +- remote.recv(1) ++ remote.send(remote.recv(4)) + + t = threading.Thread(target=serve) + t.start() +@@ -2982,6 +2999,8 @@ else: + evt.wait() + client = context.wrap_socket(socket.socket()) + client.connect((host, port)) ++ client.send(b'data') ++ client.recv() + client_addr = client.getsockname() + client.close() + t.join() +diff --git a/Misc/NEWS.d/next/Library/2018-08-14-08-57-01.bpo-32947.mqStVW.rst b/Misc/NEWS.d/next/Library/2018-08-14-08-57-01.bpo-32947.mqStVW.rst +new file mode 100644 +index 0000000000..28de360c36 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2018-08-14-08-57-01.bpo-32947.mqStVW.rst +@@ -0,0 +1,2 @@ ++Add OP_ENABLE_MIDDLEBOX_COMPAT and test workaround for TLSv1.3 for future ++compatibility with OpenSSL 1.1.1. +diff --git a/Modules/_ssl.c b/Modules/_ssl.c +index c71d89607c..eb123a87ba 100644 +--- a/Modules/_ssl.c ++++ b/Modules/_ssl.c +@@ -4858,6 +4858,10 @@ PyInit__ssl(void) + PyModule_AddIntConstant(m, "OP_NO_COMPRESSION", + SSL_OP_NO_COMPRESSION); + #endif ++#ifdef SSL_OP_ENABLE_MIDDLEBOX_COMPAT ++ PyModule_AddIntConstant(m, "OP_ENABLE_MIDDLEBOX_COMPAT", ++ SSL_OP_ENABLE_MIDDLEBOX_COMPAT); ++#endif + + #if HAVE_SNI + r = Py_True; +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python3/0004-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976.patch b/poky/meta/recipes-devtools/python/python3/0004-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976.patch new file mode 100644 index 0000000000..b97d5501e1 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0004-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976.patch @@ -0,0 +1,110 @@ +From 0c9354362bfa5f90fbea8ff8237a1f1f5dba686f Mon Sep 17 00:00:00 2001 +From: Christian Heimes <christian@python.org> +Date: Wed, 12 Sep 2018 15:20:31 +0800 +Subject: [PATCH] bpo-33570: TLS 1.3 ciphers for OpenSSL 1.1.1 (GH-6976) + +Change TLS 1.3 cipher suite settings for compatibility with OpenSSL +1.1.1-pre6 and newer. OpenSSL 1.1.1 will have TLS 1.3 cipers enabled by +default. + +Also update multissltests and Travis config to test with latest OpenSSL. + +Signed-off-by: Christian Heimes <christian@python.org> +(cherry picked from commit e8eb6cb7920ded66abc5d284319a8539bdc2bae3) + +Co-authored-by: Christian Heimes <christian@python.org + +Upstream-Status: Backport +[https://github.com/python/cpython/commit/3e630c541b35c96bfe5619165255e559f577ee71] + +Tweaked patch to not take changes for multissltests and Travis config. + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Lib/test/test_ssl.py | 51 ++++++++++++++++++++++---------------------- + 1 file changed, 26 insertions(+), 25 deletions(-) + +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index a2e1d32a62..c484ead5ff 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -3024,17 +3024,21 @@ else: + sock.do_handshake() + self.assertEqual(cm.exception.errno, errno.ENOTCONN) + +- def test_default_ciphers(self): +- context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) +- try: +- # Force a set of weak ciphers on our client context +- context.set_ciphers("DES") +- except ssl.SSLError: +- self.skipTest("no DES cipher available") +- with ThreadedEchoServer(CERTFILE, +- ssl_version=ssl.PROTOCOL_SSLv23, +- chatty=False) as server: +- with context.wrap_socket(socket.socket()) as s: ++ def test_no_shared_ciphers(self): ++ server_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) ++ server_context.load_cert_chain(SIGNED_CERTFILE) ++ client_context = ssl.SSLContext(ssl.PROTOCOL_SSLv23) ++ client_context.verify_mode = ssl.CERT_REQUIRED ++ client_context.check_hostname = True ++ ++ client_context.set_ciphers("AES128") ++ server_context.set_ciphers("AES256") ++ # OpenSSL enables all TLS 1.3 ciphers, enforce TLS 1.2 for test ++ client_context.options |= ssl.OP_NO_TLSv1_3 ++ with ThreadedEchoServer(context=server_context) as server: ++ with client_context.wrap_socket( ++ socket.socket(), ++ server_hostname="localhost") as s: + with self.assertRaises(OSError): + s.connect((HOST, server.port)) + self.assertIn("no shared cipher", str(server.conn_errors[0])) +@@ -3067,9 +3071,9 @@ else: + with context.wrap_socket(socket.socket()) as s: + s.connect((HOST, server.port)) + self.assertIn(s.cipher()[0], [ +- 'TLS13-AES-256-GCM-SHA384', +- 'TLS13-CHACHA20-POLY1305-SHA256', +- 'TLS13-AES-128-GCM-SHA256', ++ 'TLS_AES_256_GCM_SHA384', ++ 'TLS_CHACHA20_POLY1305_SHA256', ++ 'TLS_AES_128_GCM_SHA256', + ]) + + @unittest.skipUnless(ssl.HAS_ECDH, "test requires ECDH-enabled OpenSSL") +@@ -3391,22 +3395,19 @@ else: + client_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) + client_context.verify_mode = ssl.CERT_REQUIRED + client_context.load_verify_locations(SIGNING_CA) +- if ssl.OPENSSL_VERSION_INFO >= (1, 0, 2): +- client_context.set_ciphers("AES128:AES256") +- server_context.set_ciphers("AES256") +- alg1 = "AES256" +- alg2 = "AES-256" +- else: +- client_context.set_ciphers("AES:3DES") +- server_context.set_ciphers("3DES") +- alg1 = "3DES" +- alg2 = "DES-CBC3" ++ client_context.set_ciphers("AES128:AES256") ++ server_context.set_ciphers("AES256") ++ expected_algs = [ ++ "AES256", "AES-256", ++ # TLS 1.3 ciphers are always enabled ++ "TLS_CHACHA20", "TLS_AES", ++ ] + + stats = server_params_test(client_context, server_context) + ciphers = stats['server_shared_ciphers'][0] + self.assertGreater(len(ciphers), 0) + for name, tls_version, bits in ciphers: +- if not alg1 in name.split("-") and alg2 not in name: ++ if not any (alg in name for alg in expected_algs): + self.fail(name) + + def test_read_write_after_close_raises_valuerror(self): +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python3/0005-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-2305.patch b/poky/meta/recipes-devtools/python/python3/0005-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-2305.patch new file mode 100644 index 0000000000..d609847204 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/0005-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-2305.patch @@ -0,0 +1,68 @@ +From 7b40cb7293cb14e5c7c8ed123efaf9acb33edae2 Mon Sep 17 00:00:00 2001 +From: Christian Heimes <christian@python.org> +Date: Tue, 15 Aug 2017 10:33:43 +0200 +Subject: [PATCH] bpo-30714: ALPN changes for OpenSSL 1.1.0f (#2305) + +OpenSSL 1.1.0 to 1.1.0e aborted the handshake when server and client +could not agree on a protocol using ALPN. OpenSSL 1.1.0f changed that. +The most recent version now behaves like OpenSSL 1.0.2 again. The ALPN +callback can pretend to not been set. + +See https://github.com/openssl/openssl/pull/3158 for more details + +Signed-off-by: Christian Heimes <christian@python.org> + +Upstream-Status: Backport +[https://github.com/python/cpython/commit/7b40cb7293cb14e5c7c8ed123efaf9acb33edae2] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Doc/library/ssl.rst | 5 +++-- + Lib/test/test_ssl.py | 5 +++-- + .../next/Tests/2017-07-25-15-27-44.bpo-30715.Sp7bTF.rst | 2 ++ + 3 files changed, 8 insertions(+), 4 deletions(-) + create mode 100644 Misc/NEWS.d/next/Tests/2017-07-25-15-27-44.bpo-30715.Sp7bTF.rst + +diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst +index 729a239a1b..0a09e7e9d4 100644 +--- a/Doc/library/ssl.rst ++++ b/Doc/library/ssl.rst +@@ -1447,8 +1447,9 @@ to speed up repeated connections from the same clients. + This method will raise :exc:`NotImplementedError` if :data:`HAS_ALPN` is + False. + +- OpenSSL 1.1.0+ will abort the handshake and raise :exc:`SSLError` when +- both sides support ALPN but cannot agree on a protocol. ++ OpenSSL 1.1.0 to 1.1.0e will abort the handshake and raise :exc:`SSLError` ++ when both sides support ALPN but cannot agree on a protocol. 1.1.0f+ ++ behaves like 1.0.2, :meth:`SSLSocket.selected_alpn_protocol` returns None. + + .. versionadded:: 3.5 + +diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py +index d960d82065..104b7f377a 100644 +--- a/Lib/test/test_ssl.py ++++ b/Lib/test/test_ssl.py +@@ -3268,8 +3268,9 @@ if _have_threads: + except ssl.SSLError as e: + stats = e + +- if expected is None and IS_OPENSSL_1_1: +- # OpenSSL 1.1.0 raises handshake error ++ if (expected is None and IS_OPENSSL_1_1 ++ and ssl.OPENSSL_VERSION_INFO < (1, 1, 0, 6)): ++ # OpenSSL 1.1.0 to 1.1.0e raises handshake error + self.assertIsInstance(stats, ssl.SSLError) + else: + msg = "failed trying %s (s) and %s (c).\n" \ +diff --git a/Misc/NEWS.d/next/Tests/2017-07-25-15-27-44.bpo-30715.Sp7bTF.rst b/Misc/NEWS.d/next/Tests/2017-07-25-15-27-44.bpo-30715.Sp7bTF.rst +new file mode 100644 +index 0000000000..88394e585c +--- /dev/null ++++ b/Misc/NEWS.d/next/Tests/2017-07-25-15-27-44.bpo-30715.Sp7bTF.rst +@@ -0,0 +1,2 @@ ++Address ALPN callback changes for OpenSSL 1.1.0f. The latest version behaves ++like OpenSSL 1.0.2 and no longer aborts handshake. +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python3/CVE-2018-1061.patch b/poky/meta/recipes-devtools/python/python3/CVE-2018-1061.patch deleted file mode 100644 index 6373be389a..0000000000 --- a/poky/meta/recipes-devtools/python/python3/CVE-2018-1061.patch +++ /dev/null @@ -1,165 +0,0 @@ -From 6d7ef39198856395edd62ef143bfcfaaf2ed6e25 Mon Sep 17 00:00:00 2001 -From: Ned Deily <nad@python.org> -Date: Sun, 11 Mar 2018 14:29:05 -0400 -Subject: [PATCH] [3.5] bpo-32981: Fix catastrophic backtracking vulns - (GH-5955) (#6034) - -* Prevent low-grade poplib REDOS (CVE-2018-1060) - -The regex to test a mail server's timestamp is susceptible to -catastrophic backtracking on long evil responses from the server. - -Happily, the maximum length of malicious inputs is 2K thanks -to a limit introduced in the fix for CVE-2013-1752. - -A 2KB evil response from the mail server would result in small slowdowns -(milliseconds vs. microseconds) accumulated over many apop calls. -This is a potential DOS vector via accumulated slowdowns. - -Replace it with a similar non-vulnerable regex. - -The new regex is RFC compliant. -The old regex was non-compliant in edge cases. - -* Prevent difflib REDOS (CVE-2018-1061) - -The default regex for IS_LINE_JUNK is susceptible to -catastrophic backtracking. -This is a potential DOS vector. - -Replace it with an equivalent non-vulnerable regex. - -Also introduce unit and REDOS tests for difflib. - -Co-authored-by: Tim Peters <tim.peters@gmail.com> -Co-authored-by: Christian Heimes <christian@python.org>. -(cherry picked from commit 0e6c8ee2358a2e23117501826c008842acb835ac) -CVE: CVE-2018-1061 -CVE: CVE-2018-1060 -Upstream-Status: Backport [https://github.com/python/cpython/commit/937ac1fe069a4dc8471dff205f553d82e724015b] -Signed-off-by: Sinan Kaya <okaya@kernel.org> ---- - Lib/difflib.py | 2 +- - Lib/poplib.py | 2 +- - Lib/test/test_difflib.py | 22 ++++++++++++++++++- - Lib/test/test_poplib.py | 12 +++++++++- - Misc/ACKS | 1 + - .../2018-03-02-10-24-52.bpo-32981.O_qDyj.rst | 4 ++++ - 6 files changed, 39 insertions(+), 4 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2018-03-02-10-24-52.bpo-32981.O_qDyj.rst - -diff --git a/Lib/difflib.py b/Lib/difflib.py -index 076bbac01d..b4ec335056 100644 ---- a/Lib/difflib.py -+++ b/Lib/difflib.py -@@ -1083,7 +1083,7 @@ class Differ: - - import re - --def IS_LINE_JUNK(line, pat=re.compile(r"\s*#?\s*$").match): -+def IS_LINE_JUNK(line, pat=re.compile(r"\s*(?:#\s*)?$").match): - r""" - Return 1 for ignorable line: iff `line` is blank or contains a single '#'. - -diff --git a/Lib/poplib.py b/Lib/poplib.py -index 516b6f060d..2437ea0e27 100644 ---- a/Lib/poplib.py -+++ b/Lib/poplib.py -@@ -308,7 +308,7 @@ class POP3: - return self._shortcmd('RPOP %s' % user) - - -- timestamp = re.compile(br'\+OK.*(<[^>]+>)') -+ timestamp = re.compile(br'\+OK.[^<]*(<.*>)') - - def apop(self, user, password): - """Authorisation -diff --git a/Lib/test/test_difflib.py b/Lib/test/test_difflib.py -index ab9debf8e2..b6c8a7dd5b 100644 ---- a/Lib/test/test_difflib.py -+++ b/Lib/test/test_difflib.py -@@ -466,13 +466,33 @@ class TestBytes(unittest.TestCase): - list(generator(*args)) - self.assertEqual(msg, str(ctx.exception)) - -+class TestJunkAPIs(unittest.TestCase): -+ def test_is_line_junk_true(self): -+ for line in ['#', ' ', ' #', '# ', ' # ', '']: -+ self.assertTrue(difflib.IS_LINE_JUNK(line), repr(line)) -+ -+ def test_is_line_junk_false(self): -+ for line in ['##', ' ##', '## ', 'abc ', 'abc #', 'Mr. Moose is up!']: -+ self.assertFalse(difflib.IS_LINE_JUNK(line), repr(line)) -+ -+ def test_is_line_junk_REDOS(self): -+ evil_input = ('\t' * 1000000) + '##' -+ self.assertFalse(difflib.IS_LINE_JUNK(evil_input)) -+ -+ def test_is_character_junk_true(self): -+ for char in [' ', '\t']: -+ self.assertTrue(difflib.IS_CHARACTER_JUNK(char), repr(char)) -+ -+ def test_is_character_junk_false(self): -+ for char in ['a', '#', '\n', '\f', '\r', '\v']: -+ self.assertFalse(difflib.IS_CHARACTER_JUNK(char), repr(char)) - - def test_main(): - difflib.HtmlDiff._default_prefix = 0 - Doctests = doctest.DocTestSuite(difflib) - run_unittest( - TestWithAscii, TestAutojunk, TestSFpatches, TestSFbugs, -- TestOutputFormat, TestBytes, Doctests) -+ TestOutputFormat, TestBytes, TestJunkAPIs, Doctests) - - if __name__ == '__main__': - test_main() -diff --git a/Lib/test/test_poplib.py b/Lib/test/test_poplib.py -index bceeb93ad1..799e403652 100644 ---- a/Lib/test/test_poplib.py -+++ b/Lib/test/test_poplib.py -@@ -300,9 +300,19 @@ class TestPOP3Class(TestCase): - def test_rpop(self): - self.assertOK(self.client.rpop('foo')) - -- def test_apop(self): -+ def test_apop_normal(self): - self.assertOK(self.client.apop('foo', 'dummypassword')) - -+ def test_apop_REDOS(self): -+ # Replace welcome with very long evil welcome. -+ # NB The upper bound on welcome length is currently 2048. -+ # At this length, evil input makes each apop call take -+ # on the order of milliseconds instead of microseconds. -+ evil_welcome = b'+OK' + (b'<' * 1000000) -+ with test_support.swap_attr(self.client, 'welcome', evil_welcome): -+ # The evil welcome is invalid, so apop should throw. -+ self.assertRaises(poplib.error_proto, self.client.apop, 'a', 'kb') -+ - def test_top(self): - expected = (b'+OK 116 bytes', - [b'From: postmaster@python.org', b'Content-Type: text/plain', -diff --git a/Misc/ACKS b/Misc/ACKS -index 1a35aad66c..72c5d740bd 100644 ---- a/Misc/ACKS -+++ b/Misc/ACKS -@@ -341,6 +341,7 @@ Kushal Das - Jonathan Dasteel - Pierre-Yves David - A. Jesse Jiryu Davis -+Jamie (James C.) Davis - Merlijn van Deen - John DeGood - Ned Deily -diff --git a/Misc/NEWS.d/next/Security/2018-03-02-10-24-52.bpo-32981.O_qDyj.rst b/Misc/NEWS.d/next/Security/2018-03-02-10-24-52.bpo-32981.O_qDyj.rst -new file mode 100644 -index 0000000000..9ebabb44f9 ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2018-03-02-10-24-52.bpo-32981.O_qDyj.rst -@@ -0,0 +1,4 @@ -+Regexes in difflib and poplib were vulnerable to catastrophic backtracking. -+These regexes formed potential DOS vectors (REDOS). They have been -+refactored. This resolves CVE-2018-1060 and CVE-2018-1061. -+Patch by Jamie Davis. --- -2.19.0 - diff --git a/poky/meta/recipes-devtools/python/python3/Use-correct-CFLAGS-for-extensions-when-cross-compili.patch b/poky/meta/recipes-devtools/python/python3/Use-correct-CFLAGS-for-extensions-when-cross-compili.patch new file mode 100644 index 0000000000..ae74ef531d --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/Use-correct-CFLAGS-for-extensions-when-cross-compili.patch @@ -0,0 +1,56 @@ +From 7fd121bb7d6c25c2e0a1c31cf76fb9bd4a9794de Mon Sep 17 00:00:00 2001 +From: Markus Lehtonen <markus.lehtonen@linux.intel.com> +Date: Tue, 14 Aug 2018 14:11:35 +0800 +Subject: [PATCH 1/2] Use correct CFLAGS for extensions when cross-compiling + +Take PY_CFLAGS_NODIST into account, like in native build. This is needed +in order to to profile-optimized build. Also, pass EXTRA_CFLAGS to +profile-optimized build. + +Upstream-Status: Pending + +Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com> +--- + Makefile.pre.in | 4 ++-- + setup.py | 3 ++- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/Makefile.pre.in b/Makefile.pre.in +index e2d5d3d..84bc3ff 100644 +--- a/Makefile.pre.in ++++ b/Makefile.pre.in +@@ -478,7 +478,7 @@ profile-opt: + $(MAKE) profile-removal + + build_all_generate_profile: +- $(MAKE) @DEF_MAKE_RULE@ CFLAGS_NODIST="$(CFLAGS) $(PGO_PROF_GEN_FLAG) @LTOFLAGS@" LDFLAGS="$(LDFLAGS) $(PGO_PROF_GEN_FLAG) @LTOFLAGS@" LIBS="$(LIBS)" ++ $(MAKE) @DEF_MAKE_RULE@ CFLAGS_NODIST="$(CFLAGS) $(EXTRA_CFLAGS) $(PGO_PROF_GEN_FLAG) @LTOFLAGS@" LDFLAGS="$(LDFLAGS) $(PGO_PROF_GEN_FLAG) @LTOFLAGS@" LIBS="$(LIBS)" + + run_profile_task: + : # FIXME: can't run for a cross build +@@ -488,7 +488,7 @@ build_all_merge_profile: + $(LLVM_PROF_MERGER) + + build_all_use_profile: +- $(MAKE) @DEF_MAKE_RULE@ CFLAGS_NODIST="$(CFLAGS) $(PGO_PROF_USE_FLAG) @LTOFLAGS@" LDFLAGS="$(LDFLAGS) @LTOFLAGS@" ++ $(MAKE) @DEF_MAKE_RULE@ CFLAGS_NODIST="$(CFLAGS) $(EXTRA_CFLAGS) $(PGO_PROF_USE_FLAG) @LTOFLAGS@" LDFLAGS="$(LDFLAGS) @LTOFLAGS@" + + # Compile and run with gcov + .PHONY=coverage coverage-lcov coverage-report +diff --git a/setup.py b/setup.py +index add3346..65e83b1 100644 +--- a/setup.py ++++ b/setup.py +@@ -263,7 +263,8 @@ class PyBuildExt(build_ext): + # compilers + if compiler is not None: + if cross_compiling: +- (ccshared,cflags) = (os.environ.get('CCSHARED') or '', os.environ.get('CFLAGS') or '') ++ (ccshared,cflags) = (os.environ.get('CCSHARED') or '', ++ (os.environ.get('CFLAGS') or '') + ' ' + sysconfig.get_config_var('PY_CFLAGS_NODIST')) + else: + (ccshared,cflags) = sysconfig.get_config_vars('CCSHARED','CFLAGS') + args['compiler_so'] = compiler + ' ' + ccshared + ' ' + cflags +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python3/create_manifest3.py b/poky/meta/recipes-devtools/python/python3/create_manifest3.py index 2f944f9b13..fddb23cdc4 100644 --- a/poky/meta/recipes-devtools/python/python3/create_manifest3.py +++ b/poky/meta/recipes-devtools/python/python3/create_manifest3.py @@ -43,194 +43,239 @@ import sys import subprocess import json import os +import collections + +# Get python version from ${PYTHON_MAJMIN} +pyversion = str(sys.argv[1]) # Hack to get native python search path (for folders), not fond of it but it works for now -pivot='recipe-sysroot-native' +pivot = 'recipe-sysroot-native' for p in sys.path: - if pivot in p: - nativelibfolder=p[:p.find(pivot)+len(pivot)] + if pivot in p: + nativelibfolder = p[:p.find(pivot)+len(pivot)] # Empty dict to hold the whole manifest -new_manifest = {} +new_manifest = collections.OrderedDict() # Check for repeated files, folders and wildcards -allfiles=[] -repeated=[] -wildcards=[] +allfiles = [] +repeated = [] +wildcards = [] -hasfolders=[] -allfolders=[] +hasfolders = [] +allfolders = [] def isFolder(value): - if os.path.isdir(value.replace('${libdir}',nativelibfolder+'/usr/lib')) or os.path.isdir(value.replace('${libdir}',nativelibfolder+'/usr/lib64')) or os.path.isdir(value.replace('${libdir}',nativelibfolder+'/usr/lib32')): - return True - else: - return False + value = value.replace('${PYTHON_MAJMIN}',pyversion) + if os.path.isdir(value.replace('${libdir}',nativelibfolder+'/usr/lib')) or os.path.isdir(value.replace('${libdir}',nativelibfolder+'/usr/lib64')) or os.path.isdir(value.replace('${libdir}',nativelibfolder+'/usr/lib32')): + return True + else: + return False def isCached(item): - if '__pycache__' in item: - return True - else: - return False + if '__pycache__' in item: + return True + else: + return False # Read existing JSON manifest with open('python3-manifest.json') as manifest: - old_manifest=json.load(manifest) - + old_manifest = json.load(manifest, object_pairs_hook=collections.OrderedDict) +# # First pass to get core-package functionality, because we base everything on the fact that core is actually working # Not exactly the same so it should not be a function +# + print ('Getting dependencies for package: core') -# Special call to check for core package + +# This special call gets the core dependencies and +# appends to the old manifest so it doesnt hurt what it +# currently holds. +# This way when other packages check for dependencies +# on the new core package, they will still find them +# even when checking the old_manifest + output = subprocess.check_output([sys.executable, 'get_module_deps3.py', 'python-core-package']).decode('utf8') -for item in output.split(): - # We append it so it doesnt hurt what we currently have: - if isCached(item): - if item not in old_manifest['core']['cached']: - # We use the same data structure since its the one which will be used to check - # dependencies for other packages - old_manifest['core']['cached'].append(item) - else: - if item not in old_manifest['core']['files']: - # We use the same data structure since its the one which will be used to check - # dependencies for other packages - old_manifest['core']['files'].append(item) - -for value in old_manifest['core']['files']: - # Ignore folders, since we don't import those, difficult to handle multilib - if isFolder(value): - # Pass it directly - if isCached(value): - if value not in old_manifest['core']['cached']: - old_manifest['core']['cached'].append(value) +for coredep in output.split(): + coredep = coredep.replace(pyversion,'${PYTHON_MAJMIN}') + if isCached(coredep): + if coredep not in old_manifest['core']['cached']: + old_manifest['core']['cached'].append(coredep) else: - if value not in old_manifest['core']['files']: - old_manifest['core']['files'].append(value) - continue - # Ignore binaries, since we don't import those, assume it was added correctly (manually) - if '${bindir}' in value: - # Pass it directly - if value not in old_manifest['core']['files']: - old_manifest['core']['files'].append(value) - continue - # Ignore empty values - if value == '': - continue - if '${includedir}' in value: - if value not in old_manifest['core']['files']: - old_manifest['core']['files'].append(value) - continue - # Get module name , shouldnt be affected by libdir/bindir - value = os.path.splitext(os.path.basename(os.path.normpath(value)))[0] - - # Launch separate task for each module for deterministic behavior - # Each module will only import what is necessary for it to work in specific - print ('Getting dependencies for module: %s' % value) - output = subprocess.check_output([sys.executable, 'get_module_deps3.py', '%s' % value]).decode('utf8') - print ('The following dependencies were found for module %s:\n' % value) - print (output) - for item in output.split(): - # We append it so it doesnt hurt what we currently have: - if isCached(item): - if item not in old_manifest['core']['cached']: - # We use the same data structure since its the one which will be used to check - # dependencies for other packages - old_manifest['core']['cached'].append(item) - else: - if item not in old_manifest['core']['files']: - # We use the same data structure since its the one which will be used to check - # dependencies for other packages - old_manifest['core']['files'].append(item) - - -# We check which packages include folders -for key in old_manifest: - for value in old_manifest[key]['files']: - # Ignore folders, since we don't import those, difficult to handle multilib - if isFolder(value): - print ('%s is a folder' % value) - if key not in hasfolders: - hasfolders.append(key) - if value not in allfolders: - allfolders.append(value) - -for key in old_manifest: + if coredep not in old_manifest['core']['files']: + old_manifest['core']['files'].append(coredep) + + +# The second step is to loop through the existing files contained in the core package +# according to the old manifest, identify if they are modules, or some other type +# of file that we cant import (directories, binaries, configs) in which case we +# can only assume they were added correctly (manually) so we ignore those and +# pass them to the manifest directly. + +for filedep in old_manifest['core']['files']: + if isFolder(filedep): + if isCached(filedep): + if filedep not in old_manifest['core']['cached']: + old_manifest['core']['cached'].append(filedep) + else: + if filedep not in old_manifest['core']['files']: + old_manifest['core']['files'].append(filedep) + continue + if '${bindir}' in filedep: + if filedep not in old_manifest['core']['files']: + old_manifest['core']['files'].append(filedep) + continue + if filedep == '': + continue + if '${includedir}' in filedep: + if filedep not in old_manifest['core']['files']: + old_manifest['core']['files'].append(filedep) + continue + + # Get actual module name , shouldnt be affected by libdir/bindir, etc. + pymodule = os.path.splitext(os.path.basename(os.path.normpath(filedep)))[0] + + + # We now know that were dealing with a python module, so we can import it + # and check what its dependencies are. + # We launch a separate task for each module for deterministic behavior. + # Each module will only import what is necessary for it to work in specific. + # The output of each task will contain each module's dependencies + + print ('Getting dependencies for module: %s' % pymodule) + output = subprocess.check_output([sys.executable, 'get_module_deps3.py', '%s' % pymodule]).decode('utf8') + print ('The following dependencies were found for module %s:\n' % pymodule) + print (output) + + + for pymodule_dep in output.split(): + pymodule_dep = pymodule_dep.replace(pyversion,'${PYTHON_MAJMIN}') + + if isCached(pymodule_dep): + if pymodule_dep not in old_manifest['core']['cached']: + old_manifest['core']['cached'].append(pymodule_dep) + else: + if pymodule_dep not in old_manifest['core']['files']: + old_manifest['core']['files'].append(pymodule_dep) + + +# At this point we are done with the core package. +# The old_manifest dictionary is updated only for the core package because +# all others will use this a base. + + +# To improve the script speed, we check which packages contain directories +# since we will be looping through (only) those later. +for pypkg in old_manifest: + for filedep in old_manifest[pypkg]['files']: + if isFolder(filedep): + print ('%s is a folder' % filedep) + if pypkg not in hasfolders: + hasfolders.append(pypkg) + if filedep not in allfolders: + allfolders.append(filedep) + + + +# This is the main loop that will handle each package. +# It works in a similar fashion than the step before, but +# we will now be updating a new dictionary that will eventually +# become the new manifest. +# +# The following loops though all packages in the manifest, +# through all files on each of them, and checks whether or not +# they are modules and can be imported. +# If they can be imported, then it checks for dependencies for +# each of them by launching a separate task. +# The output of that task is then parsed and the manifest is updated +# accordingly, wether it should add the module on FILES for the current package +# or if that module already belongs to another package then the current one +# will RDEPEND on it + +for pypkg in old_manifest: # Use an empty dict as data structure to hold data for each package and fill it up - new_manifest[key]={} - new_manifest[key]['files']=[] - - new_manifest[key]['rdepends']=[] + new_manifest[pypkg] = collections.OrderedDict() + new_manifest[pypkg]['summary'] = old_manifest[pypkg]['summary'] + new_manifest[pypkg]['rdepends'] = [] + new_manifest[pypkg]['files'] = [] + new_manifest[pypkg]['cached'] = old_manifest[pypkg]['cached'] + # All packages should depend on core - if key != 'core': - new_manifest[key]['rdepends'].append('core') - new_manifest[key]['cached']=[] - else: - new_manifest[key]['cached']=old_manifest[key]['cached'] - new_manifest[key]['summary']=old_manifest[key]['summary'] + if pypkg != 'core': + new_manifest[pypkg]['rdepends'].append('core') + new_manifest[pypkg]['cached'] = [] - # Handle special cases, we assume that when they were manually added - # to the manifest we knew what we were doing. print('\n') print('--------------------------') - print ('Handling package %s' % key) + print ('Handling package %s' % pypkg) print('--------------------------') - special_packages=['misc', 'modules', 'dev'] - if key in special_packages or 'staticdev' in key: - print('Passing %s package directly' % key) - new_manifest[key]=old_manifest[key] + + # Handle special cases, we assume that when they were manually added + # to the manifest we knew what we were doing. + special_packages = ['misc', 'modules', 'dev', 'tests'] + if pypkg in special_packages or 'staticdev' in pypkg: + print('Passing %s package directly' % pypkg) + new_manifest[pypkg] = old_manifest[pypkg] continue - for value in old_manifest[key]['files']: - # We already handled core on the first pass - if key == 'core': - new_manifest[key]['files'].append(value) + for filedep in old_manifest[pypkg]['files']: + # We already handled core on the first pass, we can ignore it now + if pypkg == 'core': + if filedep not in new_manifest[pypkg]['files']: + new_manifest[pypkg]['files'].append(filedep) continue - # Ignore folders, since we don't import those, difficult to handle multilib - if isFolder(value): - # Pass folders directly - new_manifest[key]['files'].append(value) - # Ignore binaries, since we don't import those - if '${bindir}' in value: - # Pass it directly to the new manifest data structure - if value not in new_manifest[key]['files']: - new_manifest[key]['files'].append(value) + + # Handle/ignore what we cant import + if isFolder(filedep): + new_manifest[pypkg]['files'].append(filedep) + # Asyncio (and others) are both the package and the folder name, we should not skip those... + path,mod = os.path.split(filedep) + if mod != pypkg: + continue + if '${bindir}' in filedep: + if filedep not in new_manifest[pypkg]['files']: + new_manifest[pypkg]['files'].append(filedep) continue - # Ignore empty values - if value == '': + if filedep == '': continue - if '${includedir}' in value: - if value not in new_manifest[key]['files']: - new_manifest[key]['files'].append(value) + if '${includedir}' in filedep: + if filedep not in new_manifest[pypkg]['files']: + new_manifest[pypkg]['files'].append(filedep) continue - # Get module name , shouldnt be affected by libdir/bindir + # Get actual module name , shouldnt be affected by libdir/bindir, etc. # We need to check if the imported module comes from another (e.g. sqlite3.dump) - path,value = os.path.split(value) + path,pymodule = os.path.split(filedep) path = os.path.basename(path) - value = os.path.splitext(os.path.basename(value))[0] + pymodule = os.path.splitext(os.path.basename(pymodule))[0] # If this condition is met, it means we need to import it from another module # or its the folder itself (e.g. unittest) - if path == key: - if value: - value = path + '.' + value - else: - value = path - - # Launch separate task for each module for deterministic behavior - # Each module will only import what is necessary for it to work in specific - print ('\nGetting dependencies for module: %s' % value) - output = subprocess.check_output([sys.executable, 'get_module_deps3.py', '%s' % value]).decode('utf8') - # We can print dependencies for debugging purposes - print ('The following dependencies were found for module %s:\n' % value) + if path == pypkg: + if pymodule: + pymodule = path + '.' + pymodule + else: + pymodule = path + + + + # We now know that were dealing with a python module, so we can import it + # and check what its dependencies are. + # We launch a separate task for each module for deterministic behavior. + # Each module will only import what is necessary for it to work in specific. + # The output of each task will contain each module's dependencies + + print ('\nGetting dependencies for module: %s' % pymodule) + output = subprocess.check_output([sys.executable, 'get_module_deps3.py', '%s' % pymodule]).decode('utf8') + print ('The following dependencies were found for module %s:\n' % pymodule) print (output) - # Output will have all dependencies reportFILES = [] reportRDEPS = [] - for item in output.split(): + for pymodule_dep in output.split(): # Warning: This first part is ugly # One of the dependencies that was found, could be inside of one of the folders included by another package @@ -250,22 +295,22 @@ for key in old_manifest: # is folder_string inside path/folder1/folder2/filename?, # Yes, it works, but we waste a couple of milliseconds. - inFolders=False + pymodule_dep = pymodule_dep.replace(pyversion,'${PYTHON_MAJMIN}') + inFolders = False for folder in allfolders: - if folder in item: + if folder in pymodule_dep: inFolders = True # Did we find a folder? folderFound = False # Second flag to break inner for # Loop only through packages which contain folders - for keyfolder in hasfolders: + for pypkg_with_folder in hasfolders: if (folderFound == False): - #print('Checking folder %s on package %s' % (item,keyfolder)) - for file_folder in old_manifest[keyfolder]['files'] or file_folder in old_manifest[keyfolder]['cached']: - if file_folder==folder: - print ('%s folder found in %s' % (folder, keyfolder)) + # print('Checking folder %s on package %s' % (pymodule_dep,pypkg_with_folder)) + for folder_dep in old_manifest[pypkg_with_folder]['files'] or folder_dep in old_manifest[pypkg_with_folder]['cached']: + if folder_dep == folder: + print ('%s folder found in %s' % (folder, pypkg_with_folder)) folderFound = True - if keyfolder not in new_manifest[key]['rdepends'] and keyfolder != key: - new_manifest[key]['rdepends'].append(keyfolder) - + if pypkg_with_folder not in new_manifest[pypkg]['rdepends'] and pypkg_with_folder != pypkg: + new_manifest[pypkg]['rdepends'].append(pypkg_with_folder) else: break @@ -274,81 +319,95 @@ for key in old_manifest: continue - # We might already have it on the dictionary since it could depend on a (previously checked) module - if item not in new_manifest[key]['files'] and item not in new_manifest[key]['cached']: + + # No directories beyond this point + # We might already have this module on the dictionary since it could depend on a (previously checked) module + if pymodule_dep not in new_manifest[pypkg]['files'] and pymodule_dep not in new_manifest[pypkg]['cached']: # Handle core as a special package, we already did it so we pass it to NEW data structure directly - if key=='core': - print('Adding %s to %s FILES' % (item, key)) - if item.endswith('*'): - wildcards.append(item) - if isCached(item): - new_manifest[key]['cached'].append(item) - else: - new_manifest[key]['files'].append(item) - - # Check for repeated files - if item not in allfiles: - allfiles.append(item) - else: - repeated.append(item) + if pypkg == 'core': + print('Adding %s to %s FILES' % (pymodule_dep, pypkg)) + if pymodule_dep.endswith('*'): + wildcards.append(pymodule_dep) + if isCached(pymodule_dep): + new_manifest[pypkg]['cached'].append(pymodule_dep) + else: + new_manifest[pypkg]['files'].append(pymodule_dep) + # Check for repeated files + if pymodule_dep not in allfiles: + allfiles.append(pymodule_dep) + else: + if pymodule_dep not in repeated: + repeated.append(pymodule_dep) else: - # Check if this dependency is already contained on another package, so we add it + # Last step: Figure out if we this belongs to FILES or RDEPENDS + # We check if this module is already contained on another package, so we add that one # as an RDEPENDS, or if its not, it means it should be contained on the current - # package, so we should add it to FILES - for newkey in old_manifest: + # package, and we should add it to FILES + for possible_rdep in old_manifest: # Debug - #print('Checking %s ' % item + ' in %s' % newkey) - if item in old_manifest[newkey]['files'] or item in old_manifest[newkey]['cached']: - # Since were nesting, we need to check its not the same key - if(newkey!=key): - if newkey not in new_manifest[key]['rdepends']: - # Add it to the new manifest data struct - reportRDEPS.append('Adding %s to %s RDEPENDS, because it contains %s\n' % (newkey, key, item)) - new_manifest[key]['rdepends'].append(newkey) - break + # print('Checking %s ' % pymodule_dep + ' in %s' % possible_rdep) + if pymodule_dep in old_manifest[possible_rdep]['files'] or pymodule_dep in old_manifest[possible_rdep]['cached']: + # Since were nesting, we need to check its not the same pypkg + if(possible_rdep != pypkg): + if possible_rdep not in new_manifest[pypkg]['rdepends']: + # Add it to the new manifest data struct as RDEPENDS since it contains something this module needs + reportRDEPS.append('Adding %s to %s RDEPENDS, because it contains %s\n' % (possible_rdep, pypkg, pymodule_dep)) + new_manifest[pypkg]['rdepends'].append(possible_rdep) + break else: + + # Since this module wasnt found on another package, it is not an RDEP, + # so we add it to FILES for this package. # A module shouldn't contain itself (${libdir}/python3/sqlite3 shouldnt be on sqlite3 files) - if os.path.basename(item) != key: - reportFILES.append(('Adding %s to %s FILES\n' % (item, key))) - # Since it wasnt found on another package, its not an RDEP, so add it to FILES for this package - if isCached(item): - new_manifest[key]['cached'].append(item) + if os.path.basename(pymodule_dep) != pypkg: + reportFILES.append(('Adding %s to %s FILES\n' % (pymodule_dep, pypkg))) + if isCached(pymodule_dep): + new_manifest[pypkg]['cached'].append(pymodule_dep) else: - new_manifest[key]['files'].append(item) - - if item.endswith('*'): - wildcards.append(item) - if item not in allfiles: - allfiles.append(item) + new_manifest[pypkg]['files'].append(pymodule_dep) + if pymodule_dep.endswith('*'): + wildcards.append(pymodule_dep) + if pymodule_dep not in allfiles: + allfiles.append(pymodule_dep) else: - repeated.append(item) + if pymodule_dep not in repeated: + repeated.append(pymodule_dep) print('\n') print('#################################') - print('Summary for module %s' % value) - print('FILES found for module %s:' % value) + print('Summary for module %s' % pymodule) + print('FILES found for module %s:' % pymodule) print(''.join(reportFILES)) - print('RDEPENDS found for module %s:' % value) + print('RDEPENDS found for module %s:' % pymodule) print(''.join(reportRDEPS)) print('#################################') -print ('The following files are repeated (contained in more than one package), please check which package should get it:') -print (repeated) -print('The following files contain wildcards, please check they are necessary') +print('The following FILES contain wildcards, please check if they are necessary') print(wildcards) -print('The following files contain folders, please check they are necessary') +print('The following FILES contain folders, please check if they are necessary') print(hasfolders) + # Sort it just so it looks nicer -for key in new_manifest: - new_manifest[key]['files'].sort() - new_manifest[key]['cached'].sort() - new_manifest[key]['rdepends'].sort() +for pypkg in new_manifest: + new_manifest[pypkg]['files'].sort() + new_manifest[pypkg]['cached'].sort() + new_manifest[pypkg]['rdepends'].sort() # Create the manifest from the data structure that was built with open('python3-manifest.json.new','w') as outfile: - json.dump(new_manifest,outfile,sort_keys=True, indent=4) + json.dump(new_manifest,outfile, indent=4) outfile.write('\n') + +if (repeated): + error_msg = '\n\nERROR:\n' + error_msg += 'The following files are repeated (contained in more than one package),\n' + error_msg += 'this is likely to happen when new files are introduced after an upgrade,\n' + error_msg += 'please check which package should get it,\n modify the manifest accordingly and re-run the create_manifest task:\n' + error_msg += '\n'.join(repeated) + error_msg += '\n' + sys.exit(error_msg) + diff --git a/poky/meta/recipes-devtools/python/python3/float-endian.patch b/poky/meta/recipes-devtools/python/python3/float-endian.patch new file mode 100644 index 0000000000..6ba3f5c252 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/float-endian.patch @@ -0,0 +1,212 @@ +Python uses AC_RUN_IFELSE to determine the byte order for floats and doubles, +and falls back onto "I don't know" if it can't run code. This results in +crippled floating point numbers in Python, and the regression tests fail. + +Instead of running code, take a macro from autoconf-archive which compiles C +with a special double in which has an ASCII representation, and then greps the +binary to identify the format. + +Upstream-Status: Submitted [https://bugs.python.org/issue34585] +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 50df2a4c3a65ed06322be7c26d42b06ce81730c1 Mon Sep 17 00:00:00 2001 +From: Ross Burton <ross.burton@intel.com> +Date: Wed, 5 Sep 2018 11:45:52 +0100 +Subject: [PATCH] Don't do runtime test to get float byte order + +--- + configure.ac | 74 +++++------------------------------ + m4/ax_c_float_words_bigendian.m4 | 83 ++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 92 insertions(+), 65 deletions(-) + create mode 100644 m4/ax_c_float_words_bigendian.m4 + +diff --git a/configure.ac b/configure.ac +index c9b755f0f4..1215969871 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -9,6 +9,8 @@ AC_PREREQ(2.65) + + AC_INIT(python, PYTHON_VERSION, https://bugs.python.org/) + ++AC_CONFIG_MACRO_DIR(m4) ++ + AC_SUBST(BASECPPFLAGS) + if test "$srcdir" != . -a "$srcdir" != "$(pwd)"; then + # If we're building out-of-tree, we need to make sure the following +@@ -4128,77 +4130,19 @@ fi + # * Check for various properties of floating point * + # ************************************************** + +-AC_MSG_CHECKING(whether C doubles are little-endian IEEE 754 binary64) +-AC_CACHE_VAL(ac_cv_little_endian_double, [ +-AC_RUN_IFELSE([AC_LANG_SOURCE([[ +-#include <string.h> +-int main() { +- double x = 9006104071832581.0; +- if (memcmp(&x, "\x05\x04\x03\x02\x01\xff\x3f\x43", 8) == 0) +- return 0; +- else +- return 1; +-} +-]])], +-[ac_cv_little_endian_double=yes], +-[ac_cv_little_endian_double=no], +-[ac_cv_little_endian_double=no])]) +-AC_MSG_RESULT($ac_cv_little_endian_double) +-if test "$ac_cv_little_endian_double" = yes +-then +- AC_DEFINE(DOUBLE_IS_LITTLE_ENDIAN_IEEE754, 1, +- [Define if C doubles are 64-bit IEEE 754 binary format, stored +- with the least significant byte first]) +-fi +- +-AC_MSG_CHECKING(whether C doubles are big-endian IEEE 754 binary64) +-AC_CACHE_VAL(ac_cv_big_endian_double, [ +-AC_RUN_IFELSE([AC_LANG_SOURCE([[ +-#include <string.h> +-int main() { +- double x = 9006104071832581.0; +- if (memcmp(&x, "\x43\x3f\xff\x01\x02\x03\x04\x05", 8) == 0) +- return 0; +- else +- return 1; +-} +-]])], +-[ac_cv_big_endian_double=yes], +-[ac_cv_big_endian_double=no], +-[ac_cv_big_endian_double=no])]) +-AC_MSG_RESULT($ac_cv_big_endian_double) +-if test "$ac_cv_big_endian_double" = yes ++AX_C_FLOAT_WORDS_BIGENDIAN ++if test "$ax_cv_c_float_words_bigendian" = "yes" + then + AC_DEFINE(DOUBLE_IS_BIG_ENDIAN_IEEE754, 1, + [Define if C doubles are 64-bit IEEE 754 binary format, stored + with the most significant byte first]) +-fi +- +-# Some ARM platforms use a mixed-endian representation for doubles. +-# While Python doesn't currently have full support for these platforms +-# (see e.g., issue 1762561), we can at least make sure that float <-> string +-# conversions work. +-AC_MSG_CHECKING(whether C doubles are ARM mixed-endian IEEE 754 binary64) +-AC_CACHE_VAL(ac_cv_mixed_endian_double, [ +-AC_RUN_IFELSE([AC_LANG_SOURCE([[ +-#include <string.h> +-int main() { +- double x = 9006104071832581.0; +- if (memcmp(&x, "\x01\xff\x3f\x43\x05\x04\x03\x02", 8) == 0) +- return 0; +- else +- return 1; +-} +-]])], +-[ac_cv_mixed_endian_double=yes], +-[ac_cv_mixed_endian_double=no], +-[ac_cv_mixed_endian_double=no])]) +-AC_MSG_RESULT($ac_cv_mixed_endian_double) +-if test "$ac_cv_mixed_endian_double" = yes ++elif test "$ax_cv_c_float_words_bigendian" = "no" + then +- AC_DEFINE(DOUBLE_IS_ARM_MIXED_ENDIAN_IEEE754, 1, ++ AC_DEFINE(DOUBLE_IS_LITTLE_ENDIAN_IEEE754, 1, + [Define if C doubles are 64-bit IEEE 754 binary format, stored +- in ARM mixed-endian order (byte order 45670123)]) ++ with the least significant byte first]) ++else ++ AC_MSG_ERROR([Cannot identify floating point byte order]) + fi + + # The short float repr introduced in Python 3.1 requires the +diff --git a/m4/ax_c_float_words_bigendian.m4 b/m4/ax_c_float_words_bigendian.m4 +new file mode 100644 +index 0000000000..216b90d803 +--- /dev/null ++++ b/m4/ax_c_float_words_bigendian.m4 +@@ -0,0 +1,83 @@ ++# =============================================================================== ++# https://www.gnu.org/software/autoconf-archive/ax_c_float_words_bigendian.html ++# =============================================================================== ++# ++# SYNOPSIS ++# ++# AX_C_FLOAT_WORDS_BIGENDIAN([ACTION-IF-TRUE], [ACTION-IF-FALSE], [ACTION-IF-UNKNOWN]) ++# ++# DESCRIPTION ++# ++# Checks the ordering of words within a multi-word float. This check is ++# necessary because on some systems (e.g. certain ARM systems), the float ++# word ordering can be different from the byte ordering. In a multi-word ++# float context, "big-endian" implies that the word containing the sign ++# bit is found in the memory location with the lowest address. This ++# implementation was inspired by the AC_C_BIGENDIAN macro in autoconf. ++# ++# The endianness is detected by first compiling C code that contains a ++# special double float value, then grepping the resulting object file for ++# certain strings of ASCII values. The double is specially crafted to have ++# a binary representation that corresponds with a simple string. In this ++# implementation, the string "noonsees" was selected because the ++# individual word values ("noon" and "sees") are palindromes, thus making ++# this test byte-order agnostic. If grep finds the string "noonsees" in ++# the object file, the target platform stores float words in big-endian ++# order. If grep finds "seesnoon", float words are in little-endian order. ++# If neither value is found, the user is instructed to specify the ++# ordering. ++# ++# LICENSE ++# ++# Copyright (c) 2008 Daniel Amelang <dan@amelang.net> ++# ++# Copying and distribution of this file, with or without modification, are ++# permitted in any medium without royalty provided the copyright notice ++# and this notice are preserved. This file is offered as-is, without any ++# warranty. ++ ++#serial 11 ++ ++AC_DEFUN([AX_C_FLOAT_WORDS_BIGENDIAN], ++ [AC_CACHE_CHECK(whether float word ordering is bigendian, ++ ax_cv_c_float_words_bigendian, [ ++ ++ax_cv_c_float_words_bigendian=unknown ++AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ ++ ++double d = 90904234967036810337470478905505011476211692735615632014797120844053488865816695273723469097858056257517020191247487429516932130503560650002327564517570778480236724525140520121371739201496540132640109977779420565776568942592.0; ++ ++]])], [ ++ ++if grep noonsees conftest.$ac_objext >/dev/null ; then ++ ax_cv_c_float_words_bigendian=yes ++fi ++if grep seesnoon conftest.$ac_objext >/dev/null ; then ++ if test "$ax_cv_c_float_words_bigendian" = unknown; then ++ ax_cv_c_float_words_bigendian=no ++ else ++ ax_cv_c_float_words_bigendian=unknown ++ fi ++fi ++ ++])]) ++ ++case $ax_cv_c_float_words_bigendian in ++ yes) ++ m4_default([$1], ++ [AC_DEFINE([FLOAT_WORDS_BIGENDIAN], 1, ++ [Define to 1 if your system stores words within floats ++ with the most significant word first])]) ;; ++ no) ++ $2 ;; ++ *) ++ m4_default([$3], ++ [AC_MSG_ERROR([ ++ ++Unknown float word ordering. You need to manually preset ++ax_cv_c_float_words_bigendian=no (or yes) according to your system. ++ ++ ])]) ;; ++esac ++ ++])# AX_C_FLOAT_WORDS_BIGENDIAN +-- +2.11.0 + diff --git a/poky/meta/recipes-devtools/python/python3/ftplib.patch b/poky/meta/recipes-devtools/python/python3/ftplib.patch new file mode 100644 index 0000000000..49c5b2736b --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/ftplib.patch @@ -0,0 +1,60 @@ +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From cabe916dc694997d4892b58986e73a713d5a2f8d Mon Sep 17 00:00:00 2001 +From: "Miss Islington (bot)" + <31488909+miss-islington@users.noreply.github.com> +Date: Thu, 16 Aug 2018 15:38:03 -0400 +Subject: [PATCH] [3.6] bpo-34391: Fix ftplib test for TLS 1.3 (GH-8787) + (#8790) + +Read from data socket to avoid "[SSL] shutdown while in init" exception +during shutdown of the dummy server. + +Signed-off-by: Christian Heimes <christian@python.org> + + +<!-- issue-number: [bpo-34391](https://www.bugs.python.org/issue34391) --> +https://bugs.python.org/issue34391 +<!-- /issue-number --> +(cherry picked from commit 1590c393360df059160145e7475754427bfc6680) + + +Co-authored-by: Christian Heimes <christian@python.org> +--- + Lib/test/test_ftplib.py | 5 +++++ + Misc/NEWS.d/next/Tests/2018-08-16-18-48-47.bpo-34391.ouNfxC.rst | 1 + + 2 files changed, 6 insertions(+) + create mode 100644 Misc/NEWS.d/next/Tests/2018-08-16-18-48-47.bpo-34391.ouNfxC.rst + +diff --git a/Lib/test/test_ftplib.py b/Lib/test/test_ftplib.py +index 44dd73aeca..4ff2f71afb 100644 +--- a/Lib/test/test_ftplib.py ++++ b/Lib/test/test_ftplib.py +@@ -876,18 +876,23 @@ class TestTLS_FTPClass(TestCase): + # clear text + with self.client.transfercmd('list') as sock: + self.assertNotIsInstance(sock, ssl.SSLSocket) ++ self.assertEqual(sock.recv(1024), LIST_DATA.encode('ascii')) + self.assertEqual(self.client.voidresp(), "226 transfer complete") + + # secured, after PROT P + self.client.prot_p() + with self.client.transfercmd('list') as sock: + self.assertIsInstance(sock, ssl.SSLSocket) ++ # consume from SSL socket to finalize handshake and avoid ++ # "SSLError [SSL] shutdown while in init" ++ self.assertEqual(sock.recv(1024), LIST_DATA.encode('ascii')) + self.assertEqual(self.client.voidresp(), "226 transfer complete") + + # PROT C is issued, the connection must be in cleartext again + self.client.prot_c() + with self.client.transfercmd('list') as sock: + self.assertNotIsInstance(sock, ssl.SSLSocket) ++ self.assertEqual(sock.recv(1024), LIST_DATA.encode('ascii')) + self.assertEqual(self.client.voidresp(), "226 transfer complete") + + def test_login(self): +-- +2.11.0 + diff --git a/poky/meta/recipes-devtools/python/python3/python3-manifest.json b/poky/meta/recipes-devtools/python/python3/python3-manifest.json index 2491f36db2..5329bf7c57 100644 --- a/poky/meta/recipes-devtools/python/python3/python3-manifest.json +++ b/poky/meta/recipes-devtools/python/python3/python3-manifest.json @@ -1,22 +1,31 @@ { - "2to3": { - "cached": [], + "tests": { + "summary": "Python test suite", + "rdepends": [ + "core", + "modules" + ], "files": [ - "${bindir}/2to3-*", - "${libdir}/python3.5/lib2to3" + "${libdir}/python${PYTHON_MAJMIN}/*/test", + "${libdir}/python${PYTHON_MAJMIN}/*/tests", + "${libdir}/python${PYTHON_MAJMIN}/idlelib/idle_test/", + "${libdir}/python${PYTHON_MAJMIN}/test" ], + "cached": [] + }, + "2to3": { + "summary": "Python automated Python 2 to 3 code translator", "rdepends": [ "core" ], - "summary": "Python automated Python 2 to 3 code translator" - }, - "asyncio": { - "cached": [], "files": [ - "${libdir}/python3.5/asyncio", - "${libdir}/python3.5/concurrent", - "${libdir}/python3.5/concurrent/futures" + "${bindir}/2to3-*", + "${libdir}/python${PYTHON_MAJMIN}/lib2to3" ], + "cached": [] + }, + "asyncio": { + "summary": "Python Asynchronous I/", "rdepends": [ "compression", "core", @@ -32,50 +41,48 @@ "threading", "unixadmin" ], - "summary": "Python Asynchronous I/" - }, - "audio": { - "cached": [ - "${libdir}/python3.5/__pycache__/chunk.*.pyc", - "${libdir}/python3.5/__pycache__/sndhdr.*.pyc", - "${libdir}/python3.5/__pycache__/sunau.*.pyc", - "${libdir}/python3.5/__pycache__/wave.*.pyc" - ], "files": [ - "${libdir}/python3.5/chunk.py", - "${libdir}/python3.5/lib-dynload/audioop.*.so", - "${libdir}/python3.5/lib-dynload/ossaudiodev.*.so", - "${libdir}/python3.5/sndhdr.py", - "${libdir}/python3.5/sunau.py", - "${libdir}/python3.5/wave.py" + "${libdir}/python${PYTHON_MAJMIN}/asyncio", + "${libdir}/python${PYTHON_MAJMIN}/concurrent", + "${libdir}/python${PYTHON_MAJMIN}/concurrent/futures" ], + "cached": [] + }, + "audio": { + "summary": "Python Audio Handling", "rdepends": [ "core" ], - "summary": "Python Audio Handling" - }, - "codecs": { - "cached": [ - "${libdir}/python3.5/__pycache__/xdrlib.*.pyc" - ], "files": [ - "${libdir}/python3.5/lib-dynload/_multibytecodec.*.so", - "${libdir}/python3.5/xdrlib.py" + "${libdir}/python${PYTHON_MAJMIN}/chunk.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/audioop.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/ossaudiodev.*.so", + "${libdir}/python${PYTHON_MAJMIN}/sndhdr.py", + "${libdir}/python${PYTHON_MAJMIN}/sunau.py", + "${libdir}/python${PYTHON_MAJMIN}/wave.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/chunk.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/sndhdr.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/sunau.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/wave.*.pyc" + ] + }, + "codecs": { + "summary": "Python codec", "rdepends": [ "core" ], - "summary": "Python codec" - }, - "compile": { - "cached": [ - "${libdir}/python3.5/__pycache__/compileall.*.pyc", - "${libdir}/python3.5/__pycache__/py_compile.*.pyc" - ], "files": [ - "${libdir}/python3.5/compileall.py", - "${libdir}/python3.5/py_compile.py" + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_multibytecodec.*.so", + "${libdir}/python${PYTHON_MAJMIN}/xdrlib.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/xdrlib.*.pyc" + ] + }, + "compile": { + "summary": "Python bytecode compilation support", "rdepends": [ "asyncio", "compression", @@ -91,305 +98,309 @@ "threading", "unixadmin" ], - "summary": "Python bytecode compilation support" - }, - "compression": { - "cached": [ - "${libdir}/python3.5/__pycache__/_compression.*.pyc", - "${libdir}/python3.5/__pycache__/bz2.*.pyc", - "${libdir}/python3.5/__pycache__/gzip.*.pyc", - "${libdir}/python3.5/__pycache__/lzma.*.pyc", - "${libdir}/python3.5/__pycache__/tarfile.*.pyc", - "${libdir}/python3.5/__pycache__/zipfile.*.pyc" - ], "files": [ - "${libdir}/python3.5/_compression.py", - "${libdir}/python3.5/bz2.py", - "${libdir}/python3.5/gzip.py", - "${libdir}/python3.5/lib-dynload/_bz2.*.so", - "${libdir}/python3.5/lib-dynload/_lzma.*.so", - "${libdir}/python3.5/lib-dynload/zlib.*.so", - "${libdir}/python3.5/lzma.py", - "${libdir}/python3.5/tarfile.py", - "${libdir}/python3.5/zipfile.py" + "${libdir}/python${PYTHON_MAJMIN}/compileall.py", + "${libdir}/python${PYTHON_MAJMIN}/py_compile.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/compileall.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/py_compile.*.pyc" + ] + }, + "compression": { + "summary": "Python high-level compression support", "rdepends": [ "core", "shell", "unixadmin" ], - "summary": "Python high-level compression support" + "files": [ + "${libdir}/python${PYTHON_MAJMIN}/_compression.py", + "${libdir}/python${PYTHON_MAJMIN}/bz2.py", + "${libdir}/python${PYTHON_MAJMIN}/gzip.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_bz2.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_lzma.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/zlib.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lzma.py", + "${libdir}/python${PYTHON_MAJMIN}/tarfile.py", + "${libdir}/python${PYTHON_MAJMIN}/zipfile.py" + ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_compression.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/bz2.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/gzip.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/lzma.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/tarfile.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/zipfile.*.pyc" + ] }, "core": { - "cached": [ - "${libdir}/python3.5/__pycache__/__future__.*.pyc", - "${libdir}/python3.5/__pycache__/_bootlocale.*.pyc", - "${libdir}/python3.5/__pycache__/_collections_abc.*.pyc", - "${libdir}/python3.5/__pycache__/_markupbase.*.pyc", - "${libdir}/python3.5/__pycache__/_sitebuiltins.*.pyc", - "${libdir}/python3.5/__pycache__/_sysconfigdata.*.pyc", - "${libdir}/python3.5/__pycache__/_weakrefset.*.pyc", - "${libdir}/python3.5/__pycache__/abc.*.pyc", - "${libdir}/python3.5/__pycache__/argparse.*.pyc", - "${libdir}/python3.5/__pycache__/ast.*.pyc", - "${libdir}/python3.5/__pycache__/bisect.*.pyc", - "${libdir}/python3.5/__pycache__/code.*.pyc", - "${libdir}/python3.5/__pycache__/codecs.*.pyc", - "${libdir}/python3.5/__pycache__/codeop.*.pyc", - "${libdir}/python3.5/__pycache__/configparser.*.pyc", - "${libdir}/python3.5/__pycache__/contextlib.*.pyc", - "${libdir}/python3.5/__pycache__/copy.*.pyc", - "${libdir}/python3.5/__pycache__/copyreg.*.pyc", - "${libdir}/python3.5/__pycache__/csv.*.pyc", - "${libdir}/python3.5/__pycache__/dis.*.pyc", - "${libdir}/python3.5/__pycache__/enum.*.pyc", - "${libdir}/python3.5/__pycache__/functools.*.pyc", - "${libdir}/python3.5/__pycache__/genericpath.*.pyc", - "${libdir}/python3.5/__pycache__/getopt.*.pyc", - "${libdir}/python3.5/__pycache__/gettext.*.pyc", - "${libdir}/python3.5/__pycache__/heapq.*.pyc", - "${libdir}/python3.5/__pycache__/imp.*.pyc", - "${libdir}/python3.5/__pycache__/inspect.*.pyc", - "${libdir}/python3.5/__pycache__/io.*.pyc", - "${libdir}/python3.5/__pycache__/keyword.*.pyc", - "${libdir}/python3.5/__pycache__/linecache.*.pyc", - "${libdir}/python3.5/__pycache__/locale.*.pyc", - "${libdir}/python3.5/__pycache__/opcode.*.pyc", - "${libdir}/python3.5/__pycache__/operator.*.pyc", - "${libdir}/python3.5/__pycache__/optparse.*.pyc", - "${libdir}/python3.5/__pycache__/os.*.pyc", - "${libdir}/python3.5/__pycache__/platform.*.pyc", - "${libdir}/python3.5/__pycache__/posixpath.*.pyc", - "${libdir}/python3.5/__pycache__/re.*.pyc", - "${libdir}/python3.5/__pycache__/reprlib.*.pyc", - "${libdir}/python3.5/__pycache__/rlcompleter.*.pyc", - "${libdir}/python3.5/__pycache__/selectors.*.pyc", - "${libdir}/python3.5/__pycache__/signal.*.pyc", - "${libdir}/python3.5/__pycache__/site.*.pyc", - "${libdir}/python3.5/__pycache__/sre_compile.*.pyc", - "${libdir}/python3.5/__pycache__/sre_constants.*.pyc", - "${libdir}/python3.5/__pycache__/sre_parse.*.pyc", - "${libdir}/python3.5/__pycache__/stat.*.pyc", - "${libdir}/python3.5/__pycache__/stringprep.*.pyc", - "${libdir}/python3.5/__pycache__/struct.*.pyc", - "${libdir}/python3.5/__pycache__/subprocess.*.pyc", - "${libdir}/python3.5/__pycache__/symbol.*.pyc", - "${libdir}/python3.5/__pycache__/sysconfig.*.pyc", - "${libdir}/python3.5/__pycache__/textwrap.*.pyc", - "${libdir}/python3.5/__pycache__/threading.*.pyc", - "${libdir}/python3.5/__pycache__/token.*.pyc", - "${libdir}/python3.5/__pycache__/tokenize.*.pyc", - "${libdir}/python3.5/__pycache__/traceback.*.pyc", - "${libdir}/python3.5/__pycache__/types.*.pyc", - "${libdir}/python3.5/__pycache__/warnings.*.pyc", - "${libdir}/python3.5/__pycache__/weakref.*.pyc", - "${libdir}/python3.5/collections/__pycache__", - "${libdir}/python3.5/collections/__pycache__/abc.*.pyc", - "${libdir}/python3.5/encodings/__pycache__", - "${libdir}/python3.5/encodings/__pycache__/aliases.*.pyc", - "${libdir}/python3.5/encodings/__pycache__/latin_1.*.pyc", - "${libdir}/python3.5/encodings/__pycache__/utf_8.*.pyc", - "${libdir}/python3.5/importlib/__pycache__", - "${libdir}/python3.5/importlib/__pycache__/abc.*.pyc", - "${libdir}/python3.5/importlib/__pycache__/machinery.*.pyc", - "${libdir}/python3.5/importlib/__pycache__/util.*.pyc" - ], + "summary": "Python interpreter and core modules", + "rdepends": [], "files": [ "${bindir}/python*[!-config]", "${includedir}/python${PYTHON_BINABI}/pyconfig*.h", + "${libdir}/python${PYTHON_MAJMIN}/UserDict.py", + "${libdir}/python${PYTHON_MAJMIN}/UserList.py", + "${libdir}/python${PYTHON_MAJMIN}/UserString.py", + "${libdir}/python${PYTHON_MAJMIN}/__future__.py", + "${libdir}/python${PYTHON_MAJMIN}/_abcoll.py", + "${libdir}/python${PYTHON_MAJMIN}/_bootlocale.py", "${libdir}/python${PYTHON_MAJMIN}/_collections_abc.py", + "${libdir}/python${PYTHON_MAJMIN}/_markupbase.py", "${libdir}/python${PYTHON_MAJMIN}/_sitebuiltins.py", + "${libdir}/python${PYTHON_MAJMIN}/_sysconfigdata.py", + "${libdir}/python${PYTHON_MAJMIN}/_weakrefset.py", + "${libdir}/python${PYTHON_MAJMIN}/abc.py", + "${libdir}/python${PYTHON_MAJMIN}/argparse.py", + "${libdir}/python${PYTHON_MAJMIN}/ast.py", + "${libdir}/python${PYTHON_MAJMIN}/bisect.py", + "${libdir}/python${PYTHON_MAJMIN}/code.py", + "${libdir}/python${PYTHON_MAJMIN}/codecs.py", + "${libdir}/python${PYTHON_MAJMIN}/codeop.py", "${libdir}/python${PYTHON_MAJMIN}/collections", + "${libdir}/python${PYTHON_MAJMIN}/collections/abc.py", + "${libdir}/python${PYTHON_MAJMIN}/configparser.py", + "${libdir}/python${PYTHON_MAJMIN}/contextlib.py", + "${libdir}/python${PYTHON_MAJMIN}/copy.py", + "${libdir}/python${PYTHON_MAJMIN}/copyreg.py", + "${libdir}/python${PYTHON_MAJMIN}/csv.py", + "${libdir}/python${PYTHON_MAJMIN}/dis.py", + "${libdir}/python${PYTHON_MAJMIN}/encodings", + "${libdir}/python${PYTHON_MAJMIN}/encodings/aliases.py", + "${libdir}/python${PYTHON_MAJMIN}/encodings/latin_1.py", + "${libdir}/python${PYTHON_MAJMIN}/encodings/utf_8.py", + "${libdir}/python${PYTHON_MAJMIN}/enum.py", + "${libdir}/python${PYTHON_MAJMIN}/functools.py", + "${libdir}/python${PYTHON_MAJMIN}/genericpath.py", + "${libdir}/python${PYTHON_MAJMIN}/getopt.py", + "${libdir}/python${PYTHON_MAJMIN}/gettext.py", + "${libdir}/python${PYTHON_MAJMIN}/heapq.py", + "${libdir}/python${PYTHON_MAJMIN}/imp.py", + "${libdir}/python${PYTHON_MAJMIN}/importlib", + "${libdir}/python${PYTHON_MAJMIN}/importlib/_bootstrap.py", + "${libdir}/python${PYTHON_MAJMIN}/importlib/_bootstrap_external.py", + "${libdir}/python${PYTHON_MAJMIN}/importlib/abc.py", + "${libdir}/python${PYTHON_MAJMIN}/importlib/machinery.py", + "${libdir}/python${PYTHON_MAJMIN}/importlib/util.py", + "${libdir}/python${PYTHON_MAJMIN}/inspect.py", + "${libdir}/python${PYTHON_MAJMIN}/io.py", + "${libdir}/python${PYTHON_MAJMIN}/keyword.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/__pycache__/_struct.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/__pycache__/binascii.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/__pycache__/time.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/__pycache__/xreadlines.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_bisect.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_csv.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_heapq.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_opcode.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_posixsubprocess.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_struct.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/array.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/binascii.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/math.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/parser.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/readline.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/select.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/time.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/unicodedata.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/xreadlines.*.so", + "${libdir}/python${PYTHON_MAJMIN}/linecache.py", + "${libdir}/python${PYTHON_MAJMIN}/locale.py", + "${libdir}/python${PYTHON_MAJMIN}/new.py", + "${libdir}/python${PYTHON_MAJMIN}/opcode.py", + "${libdir}/python${PYTHON_MAJMIN}/operator.py", + "${libdir}/python${PYTHON_MAJMIN}/optparse.py", + "${libdir}/python${PYTHON_MAJMIN}/os.py", + "${libdir}/python${PYTHON_MAJMIN}/platform.py", + "${libdir}/python${PYTHON_MAJMIN}/posixpath.py", + "${libdir}/python${PYTHON_MAJMIN}/re.py", + "${libdir}/python${PYTHON_MAJMIN}/reprlib.py", + "${libdir}/python${PYTHON_MAJMIN}/rlcompleter.py", + "${libdir}/python${PYTHON_MAJMIN}/selectors.py", + "${libdir}/python${PYTHON_MAJMIN}/signal.py", + "${libdir}/python${PYTHON_MAJMIN}/site.py", "${libdir}/python${PYTHON_MAJMIN}/sitecustomize.py", - "${libdir}/python3.5/UserDict.py", - "${libdir}/python3.5/UserList.py", - "${libdir}/python3.5/UserString.py", - "${libdir}/python3.5/__future__.py", - "${libdir}/python3.5/_abcoll.py", - "${libdir}/python3.5/_bootlocale.py", - "${libdir}/python3.5/_collections_abc.py", - "${libdir}/python3.5/_markupbase.py", - "${libdir}/python3.5/_sitebuiltins.py", - "${libdir}/python3.5/_sysconfigdata.py", - "${libdir}/python3.5/_weakrefset.py", - "${libdir}/python3.5/abc.py", - "${libdir}/python3.5/argparse.py", - "${libdir}/python3.5/ast.py", - "${libdir}/python3.5/bisect.py", - "${libdir}/python3.5/code.py", - "${libdir}/python3.5/codecs.py", - "${libdir}/python3.5/codeop.py", - "${libdir}/python3.5/collections", - "${libdir}/python3.5/collections/abc.py", - "${libdir}/python3.5/configparser.py", - "${libdir}/python3.5/contextlib.py", - "${libdir}/python3.5/copy.py", - "${libdir}/python3.5/copyreg.py", - "${libdir}/python3.5/csv.py", - "${libdir}/python3.5/dis.py", - "${libdir}/python3.5/encodings", - "${libdir}/python3.5/encodings/aliases.py", - "${libdir}/python3.5/encodings/latin_1.py", - "${libdir}/python3.5/encodings/utf_8.py", - "${libdir}/python3.5/enum.py", - "${libdir}/python3.5/functools.py", - "${libdir}/python3.5/genericpath.py", - "${libdir}/python3.5/getopt.py", - "${libdir}/python3.5/gettext.py", - "${libdir}/python3.5/heapq.py", - "${libdir}/python3.5/imp.py", - "${libdir}/python3.5/importlib", - "${libdir}/python3.5/importlib/_bootstrap.py", - "${libdir}/python3.5/importlib/_bootstrap_external.py", - "${libdir}/python3.5/importlib/abc.py", - "${libdir}/python3.5/importlib/machinery.py", - "${libdir}/python3.5/importlib/util.py", - "${libdir}/python3.5/inspect.py", - "${libdir}/python3.5/io.py", - "${libdir}/python3.5/keyword.py", - "${libdir}/python3.5/lib-dynload/__pycache__/_struct.*.so", - "${libdir}/python3.5/lib-dynload/__pycache__/binascii.*.so", - "${libdir}/python3.5/lib-dynload/__pycache__/time.*.so", - "${libdir}/python3.5/lib-dynload/__pycache__/xreadlines.*.so", - "${libdir}/python3.5/lib-dynload/_bisect.*.so", - "${libdir}/python3.5/lib-dynload/_csv.*.so", - "${libdir}/python3.5/lib-dynload/_heapq.*.so", - "${libdir}/python3.5/lib-dynload/_opcode.*.so", - "${libdir}/python3.5/lib-dynload/_posixsubprocess.*.so", - "${libdir}/python3.5/lib-dynload/_struct.*.so", - "${libdir}/python3.5/lib-dynload/array.*.so", - "${libdir}/python3.5/lib-dynload/binascii.*.so", - "${libdir}/python3.5/lib-dynload/math.*.so", - "${libdir}/python3.5/lib-dynload/parser.*.so", - "${libdir}/python3.5/lib-dynload/readline.*.so", - "${libdir}/python3.5/lib-dynload/select.*.so", - "${libdir}/python3.5/lib-dynload/time.*.so", - "${libdir}/python3.5/lib-dynload/unicodedata.*.so", - "${libdir}/python3.5/lib-dynload/xreadlines.*.so", - "${libdir}/python3.5/linecache.py", - "${libdir}/python3.5/locale.py", - "${libdir}/python3.5/new.py", - "${libdir}/python3.5/opcode.py", - "${libdir}/python3.5/operator.py", - "${libdir}/python3.5/optparse.py", - "${libdir}/python3.5/os.py", - "${libdir}/python3.5/platform.py", - "${libdir}/python3.5/posixpath.py", - "${libdir}/python3.5/re.py", - "${libdir}/python3.5/reprlib.py", - "${libdir}/python3.5/rlcompleter.py", - "${libdir}/python3.5/selectors.py", - "${libdir}/python3.5/signal.py", - "${libdir}/python3.5/site.py", - "${libdir}/python3.5/sre_compile.py", - "${libdir}/python3.5/sre_constants.py", - "${libdir}/python3.5/sre_parse.py", - "${libdir}/python3.5/stat.py", - "${libdir}/python3.5/stringprep.py", - "${libdir}/python3.5/struct.py", - "${libdir}/python3.5/subprocess.py", - "${libdir}/python3.5/symbol.py", - "${libdir}/python3.5/sysconfig.py", - "${libdir}/python3.5/textwrap.py", - "${libdir}/python3.5/threading.py", - "${libdir}/python3.5/token.py", - "${libdir}/python3.5/tokenize.py", - "${libdir}/python3.5/traceback.py", - "${libdir}/python3.5/types.py", - "${libdir}/python3.5/warnings.py", - "${libdir}/python3.5/weakref.py" + "${libdir}/python${PYTHON_MAJMIN}/sre_compile.py", + "${libdir}/python${PYTHON_MAJMIN}/sre_constants.py", + "${libdir}/python${PYTHON_MAJMIN}/sre_parse.py", + "${libdir}/python${PYTHON_MAJMIN}/stat.py", + "${libdir}/python${PYTHON_MAJMIN}/stringprep.py", + "${libdir}/python${PYTHON_MAJMIN}/struct.py", + "${libdir}/python${PYTHON_MAJMIN}/subprocess.py", + "${libdir}/python${PYTHON_MAJMIN}/symbol.py", + "${libdir}/python${PYTHON_MAJMIN}/sysconfig.py", + "${libdir}/python${PYTHON_MAJMIN}/textwrap.py", + "${libdir}/python${PYTHON_MAJMIN}/threading.py", + "${libdir}/python${PYTHON_MAJMIN}/token.py", + "${libdir}/python${PYTHON_MAJMIN}/tokenize.py", + "${libdir}/python${PYTHON_MAJMIN}/traceback.py", + "${libdir}/python${PYTHON_MAJMIN}/types.py", + "${libdir}/python${PYTHON_MAJMIN}/warnings.py", + "${libdir}/python${PYTHON_MAJMIN}/weakref.py" ], - "rdepends": [], - "summary": "Python interpreter and core modules" + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/__future__.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_bootlocale.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_collections_abc.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_markupbase.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_sitebuiltins.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_sysconfigdata.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_weakrefset.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/abc.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/argparse.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/ast.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/bisect.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/code.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/codecs.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/codeop.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/configparser.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/contextlib.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/copy.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/copyreg.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/csv.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/dis.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/enum.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/functools.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/genericpath.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/getopt.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/gettext.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/heapq.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/imp.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/inspect.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/io.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/keyword.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/linecache.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/locale.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/opcode.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/operator.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/optparse.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/os.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/platform.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/posixpath.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/re.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/reprlib.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/rlcompleter.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/selectors.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/signal.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/site.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/sre_compile.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/sre_constants.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/sre_parse.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/stat.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/stringprep.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/struct.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/subprocess.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/symbol.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/sysconfig.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/textwrap.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/threading.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/token.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/tokenize.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/traceback.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/types.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/warnings.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/weakref.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/collections/__pycache__", + "${libdir}/python${PYTHON_MAJMIN}/collections/__pycache__/abc.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/encodings/__pycache__", + "${libdir}/python${PYTHON_MAJMIN}/encodings/__pycache__/aliases.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/encodings/__pycache__/latin_1.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/encodings/__pycache__/utf_8.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__", + "${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__/abc.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__/machinery.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__/util.*.pyc" + ] }, "crypt": { - "cached": [ - "${libdir}/python3.5/__pycache__/crypt.*.pyc", - "${libdir}/python3.5/__pycache__/hashlib.*.pyc" - ], - "files": [ - "${libdir}/python3.5/crypt.py", - "${libdir}/python3.5/hashlib.py", - "${libdir}/python3.5/lib-dynload/_crypt.*.so", - "${libdir}/python3.5/lib-dynload/_hashlib.*.so", - "${libdir}/python3.5/lib-dynload/_sha256.*.so", - "${libdir}/python3.5/lib-dynload/_sha512.*.so" - ], + "summary": "Python basic cryptographic and hashing support", "rdepends": [ "core", "math", "stringold" ], - "summary": "Python basic cryptographic and hashing support" - }, - "ctypes": { - "cached": [], "files": [ - "${libdir}/python3.5/ctypes", - "${libdir}/python3.5/lib-dynload/_ctypes.*.so", - "${libdir}/python3.5/lib-dynload/_ctypes_test.*.so" + "${libdir}/python${PYTHON_MAJMIN}/crypt.py", + "${libdir}/python${PYTHON_MAJMIN}/hashlib.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_crypt.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_hashlib.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_sha256.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_sha512.*.so" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/crypt.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/hashlib.*.pyc" + ] + }, + "ctypes": { + "summary": "Python C types support", "rdepends": [ "core" ], - "summary": "Python C types support" - }, - "curses": { - "cached": [], "files": [ - "${libdir}/python3.5/curses", - "${libdir}/python3.5/lib-dynload/_curses.*.so", - "${libdir}/python3.5/lib-dynload/_curses_panel.*.so" + "${libdir}/python${PYTHON_MAJMIN}/ctypes", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_ctypes.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_ctypes_test.*.so" ], + "cached": [] + }, + "curses": { + "summary": "Python curses support", "rdepends": [ "core" ], - "summary": "Python curses support" - }, - "datetime": { - "cached": [ - "${libdir}/python3.5/__pycache__/_strptime.*.pyc", - "${libdir}/python3.5/__pycache__/calendar.*.pyc", - "${libdir}/python3.5/__pycache__/datetime.*.pyc" - ], "files": [ - "${libdir}/python3.5/_strptime.py", - "${libdir}/python3.5/calendar.py", - "${libdir}/python3.5/datetime.py", - "${libdir}/python3.5/lib-dynload/_datetime.*.so" + "${libdir}/python${PYTHON_MAJMIN}/curses", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_curses.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_curses_panel.*.so" ], + "cached": [] + }, + "datetime": { + "summary": "Python calendar and time support", "rdepends": [ "core" ], - "summary": "Python calendar and time support" - }, - "db": { - "cached": [], "files": [ - "${libdir}/python3.5/dbm", - "${libdir}/python3.5/lib-dynload/_dbm.*.so" + "${libdir}/python${PYTHON_MAJMIN}/_strptime.py", + "${libdir}/python${PYTHON_MAJMIN}/calendar.py", + "${libdir}/python${PYTHON_MAJMIN}/datetime.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_datetime.*.so" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_strptime.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/calendar.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/datetime.*.pyc" + ] + }, + "db": { + "summary": "Python file-based database support", "rdepends": [ "core" ], - "summary": "Python file-based database support" - }, - "debugger": { - "cached": [ - "${libdir}/python3.5/__pycache__/bdb.*.pyc", - "${libdir}/python3.5/__pycache__/pdb.*.pyc" - ], "files": [ - "${libdir}/python3.5/bdb.py", - "${libdir}/python3.5/pdb.py" + "${libdir}/python${PYTHON_MAJMIN}/dbm", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_dbm.*.so" ], + "cached": [] + }, + "debugger": { + "summary": "Python debugger", "rdepends": [ "core", "pprint", "shell", "stringold" ], - "summary": "Python debugger" + "files": [ + "${libdir}/python${PYTHON_MAJMIN}/bdb.py", + "${libdir}/python${PYTHON_MAJMIN}/pdb.py" + ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/bdb.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pdb.*.pyc" + ] }, "dev": { "cached": [], @@ -405,8 +416,8 @@ "${libdir}/*.o", "${libdir}/lib*${SOLIBSDEV}", "${libdir}/pkgconfig", - "${libdir}/python3.5/config*/Makefile", - "${libdir}/python3.5/config*/Makefile/__pycache__" + "${libdir}/python${PYTHON_MAJMIN}/config*/Makefile", + "${libdir}/python${PYTHON_MAJMIN}/config*/Makefile/__pycache__" ], "rdepends": [ "core" @@ -414,46 +425,41 @@ "summary": "Python development package" }, "difflib": { - "cached": [ - "${libdir}/python3.5/__pycache__/difflib.*.pyc" - ], - "files": [ - "${libdir}/python3.5/difflib.py" - ], + "summary": "Python helpers for computing deltas between objects", "rdepends": [ "core" ], - "summary": "Python helpers for computing deltas between objects" - }, - "distutils": { - "cached": [], "files": [ - "${libdir}/python3.5/distutils" - ], - "rdepends": [ - "core" + "${libdir}/python${PYTHON_MAJMIN}/difflib.py" ], - "summary": "Python Distribution Utilities" + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/difflib.*.pyc" + ] }, "distutils-staticdev": { "cached": [ - "${libdir}/python3.5/config/__pycache__/lib*.a" + "${libdir}/python${PYTHON_MAJMIN}/config/__pycache__/lib*.a" ], "files": [ - "${libdir}/python3.5/config/lib*.a" + "${libdir}/python${PYTHON_MAJMIN}/config/lib*.a" ], "rdepends": [ "distutils" ], "summary": "Python distribution utilities (static libraries)" }, - "doctest": { - "cached": [ - "${libdir}/python3.5/__pycache__/doctest.*.pyc" + "distutils": { + "summary": "Python Distribution Utilities", + "rdepends": [ + "core" ], "files": [ - "${libdir}/python3.5/doctest.py" + "${libdir}/python${PYTHON_MAJMIN}/distutils" ], + "cached": [] + }, + "doctest": { + "summary": "Python framework for running examples in docstrings", "rdepends": [ "core", "debugger", @@ -464,16 +470,15 @@ "stringold", "unittest" ], - "summary": "Python framework for running examples in docstrings" - }, - "email": { - "cached": [ - "${libdir}/python3.5/__pycache__/imaplib.*.pyc" - ], "files": [ - "${libdir}/python3.5/email", - "${libdir}/python3.5/imaplib.py" + "${libdir}/python${PYTHON_MAJMIN}/doctest.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/doctest.*.pyc" + ] + }, + "email": { + "summary": "Python email support", "rdepends": [ "core", "crypt", @@ -482,86 +487,74 @@ "math", "netclient" ], - "summary": "Python email support" - }, - "fcntl": { - "cached": [], "files": [ - "${libdir}/python3.5/lib-dynload/fcntl.*.so" + "${libdir}/python${PYTHON_MAJMIN}/email", + "${libdir}/python${PYTHON_MAJMIN}/imaplib.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/imaplib.*.pyc" + ] + }, + "fcntl": { + "summary": "Python's fcntl interface", "rdepends": [ "core" ], - "summary": "Python's fcntl interface" - }, - "gdbm": { - "cached": [], "files": [ - "${libdir}/python3.5/lib-dynload/_gdbm.*.so" + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/fcntl.*.so" ], + "cached": [] + }, + "gdbm": { + "summary": "Python GNU database support", "rdepends": [ "core" ], - "summary": "Python GNU database support" + "files": [ + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_gdbm.*.so" + ], + "cached": [] }, "html": { - "cached": [ - "${libdir}/python3.5/__pycache__/formatter.*.pyc" + "summary": "Python HTML processing support", + "rdepends": [ + "core" ], "files": [ - "${libdir}/python3.5/formatter.py", - "${libdir}/python3.5/html" + "${libdir}/python${PYTHON_MAJMIN}/formatter.py", + "${libdir}/python${PYTHON_MAJMIN}/html" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/formatter.*.pyc" + ] + }, + "idle": { + "summary": "Python Integrated Development Environment", "rdepends": [ "core" ], - "summary": "Python HTML processing support" - }, - "idle": { - "cached": [], "files": [ "${bindir}/idle*", - "${libdir}/python3.5/idlelib" + "${libdir}/python${PYTHON_MAJMIN}/idlelib" ], - "rdepends": [ - "core" - ], - "summary": "Python Integrated Development Environment" + "cached": [] }, "image": { - "cached": [ - "${libdir}/python3.5/__pycache__/colorsys.*.pyc", - "${libdir}/python3.5/__pycache__/imghdr.*.pyc" - ], - "files": [ - "${libdir}/python3.5/colorsys.py", - "${libdir}/python3.5/imghdr.py" - ], + "summary": "Python graphical image handling", "rdepends": [ "core" ], - "summary": "Python graphical image handling" - }, - "io": { - "cached": [ - "${libdir}/python3.5/__pycache__/_pyio.*.pyc", - "${libdir}/python3.5/__pycache__/ipaddress.*.pyc", - "${libdir}/python3.5/__pycache__/pipes.*.pyc", - "${libdir}/python3.5/__pycache__/socket.*.pyc", - "${libdir}/python3.5/__pycache__/ssl.*.pyc", - "${libdir}/python3.5/__pycache__/tempfile.*.pyc" - ], "files": [ - "${libdir}/python3.5/_pyio.py", - "${libdir}/python3.5/ipaddress.py", - "${libdir}/python3.5/lib-dynload/_socket.*.so", - "${libdir}/python3.5/lib-dynload/_ssl.*.so", - "${libdir}/python3.5/lib-dynload/termios.*.so", - "${libdir}/python3.5/pipes.py", - "${libdir}/python3.5/socket.py", - "${libdir}/python3.5/ssl.py", - "${libdir}/python3.5/tempfile.py" + "${libdir}/python${PYTHON_MAJMIN}/colorsys.py", + "${libdir}/python${PYTHON_MAJMIN}/imghdr.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/colorsys.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/imghdr.*.pyc" + ] + }, + "io": { + "summary": "Python low-level I/O", "rdepends": [ "compression", "core", @@ -571,37 +564,50 @@ "shell", "unixadmin" ], - "summary": "Python low-level I/O" - }, - "json": { - "cached": [], "files": [ - "${libdir}/python3.5/json", - "${libdir}/python3.5/lib-dynload/_json.*.so" + "${libdir}/python${PYTHON_MAJMIN}/_pyio.py", + "${libdir}/python${PYTHON_MAJMIN}/ipaddress.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_socket.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_ssl.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/termios.*.so", + "${libdir}/python${PYTHON_MAJMIN}/pipes.py", + "${libdir}/python${PYTHON_MAJMIN}/socket.py", + "${libdir}/python${PYTHON_MAJMIN}/ssl.py", + "${libdir}/python${PYTHON_MAJMIN}/tempfile.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_pyio.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/ipaddress.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pipes.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/socket.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/ssl.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/tempfile.*.pyc" + ] + }, + "json": { + "summary": "Python JSON support", "rdepends": [ "core" ], - "summary": "Python JSON support" - }, - "logging": { - "cached": [], "files": [ - "${libdir}/python3.5/logging" + "${libdir}/python${PYTHON_MAJMIN}/json", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_json.*.so" ], + "cached": [] + }, + "logging": { + "summary": "Python logging support", "rdepends": [ "core", "stringold" ], - "summary": "Python logging support" - }, - "mailbox": { - "cached": [ - "${libdir}/python3.5/__pycache__/mailbox.*.pyc" - ], "files": [ - "${libdir}/python3.5/mailbox.py" + "${libdir}/python${PYTHON_MAJMIN}/logging" ], + "cached": [] + }, + "mailbox": { + "summary": "Python mailbox format support", "rdepends": [ "core", "crypt", @@ -614,46 +620,51 @@ "netclient", "stringold" ], - "summary": "Python mailbox format support" - }, - "math": { - "cached": [ - "${libdir}/python3.5/__pycache__/random.*.pyc" - ], "files": [ - "${libdir}/python3.5/lib-dynload/_random.*.so", - "${libdir}/python3.5/lib-dynload/cmath.*.so", - "${libdir}/python3.5/random.py" + "${libdir}/python${PYTHON_MAJMIN}/mailbox.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/mailbox.*.pyc" + ] + }, + "math": { + "summary": "Python math support", "rdepends": [ "core", "crypt" ], - "summary": "Python math support" - }, - "mime": { - "cached": [ - "${libdir}/python3.5/__pycache__/quopri.*.pyc", - "${libdir}/python3.5/__pycache__/uu.*.pyc" - ], "files": [ - "${libdir}/python3.5/quopri.py", - "${libdir}/python3.5/uu.py" + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_random.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/cmath.*.so", + "${libdir}/python${PYTHON_MAJMIN}/random.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/random.*.pyc" + ] + }, + "mime": { + "summary": "Python MIME handling APIs", "rdepends": [ "core" ], - "summary": "Python MIME handling APIs" - }, - "mmap": { - "cached": [], "files": [ - "${libdir}/python3.5/lib-dynload/mmap.*.so" + "${libdir}/python${PYTHON_MAJMIN}/quopri.py", + "${libdir}/python${PYTHON_MAJMIN}/uu.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/quopri.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/uu.*.pyc" + ] + }, + "mmap": { + "summary": "Python memory-mapped file support", "rdepends": [ "core" ], - "summary": "Python memory-mapped file support" + "files": [ + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/mmap.*.so" + ], + "cached": [] }, "modules": { "cached": [], @@ -710,49 +721,25 @@ "typing", "unittest", "unixadmin", + "venv", "xml", "xmlrpc" ], "summary": "All Python modules" }, "multiprocessing": { - "cached": [], - "files": [ - "${libdir}/python3.5/lib-dynload/_multiprocessing.*.so", - "${libdir}/python3.5/multiprocessing" - ], + "summary": "Python multiprocessing support", "rdepends": [ "core" ], - "summary": "Python multiprocessing support" - }, - "netclient": { - "cached": [ - "${libdir}/python3.5/__pycache__/base64.*.pyc", - "${libdir}/python3.5/__pycache__/ftplib.*.pyc", - "${libdir}/python3.5/__pycache__/hmac.*.pyc", - "${libdir}/python3.5/__pycache__/mimetypes.*.pyc", - "${libdir}/python3.5/__pycache__/nntplib.*.pyc", - "${libdir}/python3.5/__pycache__/poplib.*.pyc", - "${libdir}/python3.5/__pycache__/smtplib.*.pyc", - "${libdir}/python3.5/__pycache__/telnetlib.*.pyc", - "${libdir}/python3.5/__pycache__/uuid.*.pyc" - ], "files": [ - "${libdir}/python3.5/base64.py", - "${libdir}/python3.5/ftplib.py", - "${libdir}/python3.5/hmac.py", - "${libdir}/python3.5/http", - "${libdir}/python3.5/http/__pycache__", - "${libdir}/python3.5/mimetypes.py", - "${libdir}/python3.5/nntplib.py", - "${libdir}/python3.5/poplib.py", - "${libdir}/python3.5/smtplib.py", - "${libdir}/python3.5/telnetlib.py", - "${libdir}/python3.5/urllib", - "${libdir}/python3.5/urllib/__pycache__", - "${libdir}/python3.5/uuid.py" + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_multiprocessing.*.so", + "${libdir}/python${PYTHON_MAJMIN}/multiprocessing" ], + "cached": [] + }, + "netclient": { + "summary": "Python Internet Protocol clients", "rdepends": [ "compression", "core", @@ -767,17 +754,35 @@ "stringold", "unixadmin" ], - "summary": "Python Internet Protocol clients" - }, - "netserver": { - "cached": [ - "${libdir}/python3.5/__pycache__/cgi.*.pyc", - "${libdir}/python3.5/__pycache__/socketserver.*.pyc" - ], "files": [ - "${libdir}/python3.5/cgi.py", - "${libdir}/python3.5/socketserver.py" + "${libdir}/python${PYTHON_MAJMIN}/base64.py", + "${libdir}/python${PYTHON_MAJMIN}/ftplib.py", + "${libdir}/python${PYTHON_MAJMIN}/hmac.py", + "${libdir}/python${PYTHON_MAJMIN}/http", + "${libdir}/python${PYTHON_MAJMIN}/http/__pycache__", + "${libdir}/python${PYTHON_MAJMIN}/mimetypes.py", + "${libdir}/python${PYTHON_MAJMIN}/nntplib.py", + "${libdir}/python${PYTHON_MAJMIN}/poplib.py", + "${libdir}/python${PYTHON_MAJMIN}/smtplib.py", + "${libdir}/python${PYTHON_MAJMIN}/telnetlib.py", + "${libdir}/python${PYTHON_MAJMIN}/urllib", + "${libdir}/python${PYTHON_MAJMIN}/urllib/__pycache__", + "${libdir}/python${PYTHON_MAJMIN}/uuid.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/base64.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/ftplib.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/hmac.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/mimetypes.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/nntplib.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/poplib.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/smtplib.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/telnetlib.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/uuid.*.pyc" + ] + }, + "netserver": { + "summary": "Python Internet Protocol servers", "rdepends": [ "compression", "core", @@ -793,175 +798,172 @@ "stringold", "unixadmin" ], - "summary": "Python Internet Protocol servers" - }, - "numbers": { - "cached": [ - "${libdir}/python3.5/__pycache__/_pydecimal.*.pyc", - "${libdir}/python3.5/__pycache__/decimal.*.pyc", - "${libdir}/python3.5/__pycache__/fractions.*.pyc", - "${libdir}/python3.5/__pycache__/numbers.*.pyc" - ], "files": [ - "${libdir}/python3.5/_pydecimal.py", - "${libdir}/python3.5/decimal.py", - "${libdir}/python3.5/fractions.py", - "${libdir}/python3.5/lib-dynload/_decimal.*.so", - "${libdir}/python3.5/numbers.py" + "${libdir}/python${PYTHON_MAJMIN}/cgi.py", + "${libdir}/python${PYTHON_MAJMIN}/socketserver.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/cgi.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/socketserver.*.pyc" + ] + }, + "numbers": { + "summary": "Python number APIs", "rdepends": [ "core" ], - "summary": "Python number APIs" - }, - "pickle": { - "cached": [ - "${libdir}/python3.5/__pycache__/_compat_pickle.*.pyc", - "${libdir}/python3.5/__pycache__/pickle.*.pyc", - "${libdir}/python3.5/__pycache__/pickletools.*.pyc", - "${libdir}/python3.5/__pycache__/shelve.*.pyc" - ], "files": [ - "${libdir}/python3.5/_compat_pickle.py", - "${libdir}/python3.5/lib-dynload/_pickle.*.so", - "${libdir}/python3.5/pickle.py", - "${libdir}/python3.5/pickletools.py", - "${libdir}/python3.5/shelve.py" + "${libdir}/python${PYTHON_MAJMIN}/_pydecimal.py", + "${libdir}/python${PYTHON_MAJMIN}/decimal.py", + "${libdir}/python${PYTHON_MAJMIN}/fractions.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_decimal.*.so", + "${libdir}/python${PYTHON_MAJMIN}/numbers.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_pydecimal.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/decimal.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/fractions.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/numbers.*.pyc" + ] + }, + "pickle": { + "summary": "Python serialisation/persistence support", "rdepends": [ "core" ], - "summary": "Python serialisation/persistence support" - }, - "pkgutil": { - "cached": [ - "${libdir}/python3.5/__pycache__/pkgutil.*.pyc" - ], "files": [ - "${libdir}/python3.5/pkgutil.py" + "${libdir}/python${PYTHON_MAJMIN}/_compat_pickle.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_pickle.*.so", + "${libdir}/python${PYTHON_MAJMIN}/pickle.py", + "${libdir}/python${PYTHON_MAJMIN}/pickletools.py", + "${libdir}/python${PYTHON_MAJMIN}/shelve.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_compat_pickle.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pickle.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pickletools.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/shelve.*.pyc" + ] + }, + "pkgutil": { + "summary": "Python package extension utility support", "rdepends": [ "core" ], - "summary": "Python package extension utility support" - }, - "plistlib": { - "cached": [ - "${libdir}/python3.5/__pycache__/plistlib.*.pyc" - ], "files": [ - "${libdir}/python3.5/plistlib.py" + "${libdir}/python${PYTHON_MAJMIN}/pkgutil.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pkgutil.*.pyc" + ] + }, + "plistlib": { + "summary": "Generate and parse Mac OS X .plist files", "rdepends": [ "core", "datetime", "xml" ], - "summary": "Generate and parse Mac OS X .plist files" - }, - "pprint": { - "cached": [ - "${libdir}/python3.5/__pycache__/pprint.*.pyc" - ], "files": [ - "${libdir}/python3.5/pprint.py" + "${libdir}/python${PYTHON_MAJMIN}/plistlib.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/plistlib.*.pyc" + ] + }, + "pprint": { + "summary": "Python pretty-print support", "rdepends": [ "core" ], - "summary": "Python pretty-print support" - }, - "profile": { - "cached": [ - "${libdir}/python3.5/__pycache__/cProfile.*.pyc", - "${libdir}/python3.5/__pycache__/profile.*.pyc", - "${libdir}/python3.5/__pycache__/pstats.*.pyc" - ], "files": [ - "${libdir}/python3.5/cProfile.py", - "${libdir}/python3.5/lib-dynload/_lsprof.*.so", - "${libdir}/python3.5/profile.py", - "${libdir}/python3.5/pstats.py" + "${libdir}/python${PYTHON_MAJMIN}/pprint.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pprint.*.pyc" + ] + }, + "profile": { + "summary": "Python basic performance profiling support", "rdepends": [ "core" ], - "summary": "Python basic performance profiling support" - }, - "pydoc": { - "cached": [ - "${libdir}/python3.5/__pycache__/pydoc.*.pyc" - ], "files": [ - "${bindir}/pydoc*", - "${libdir}/python3.5/pydoc.py", - "${libdir}/python3.5/pydoc_data" + "${libdir}/python${PYTHON_MAJMIN}/cProfile.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_lsprof.*.so", + "${libdir}/python${PYTHON_MAJMIN}/profile.py", + "${libdir}/python${PYTHON_MAJMIN}/pstats.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/cProfile.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/profile.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pstats.*.pyc" + ] + }, + "pydoc": { + "summary": "Python interactive help support", "rdepends": [ "core", "netclient", "pkgutil" ], - "summary": "Python interactive help support" - }, - "resource": { - "cached": [], "files": [ - "${libdir}/python3.5/lib-dynload/resource.*.so" + "${bindir}/pydoc*", + "${libdir}/python${PYTHON_MAJMIN}/pydoc.py", + "${libdir}/python${PYTHON_MAJMIN}/pydoc_data" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pydoc.*.pyc" + ] + }, + "resource": { + "summary": "Python resource control interface", "rdepends": [ "core" ], - "summary": "Python resource control interface" - }, - "runpy": { - "cached": [ - "${libdir}/python3.5/__pycache__/runpy.*.pyc" - ], "files": [ - "${libdir}/python3.5/runpy.py" + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/resource.*.so" ], + "cached": [] + }, + "runpy": { + "summary": "Python helper for locating/executing scripts in module namespace", "rdepends": [ "core", "pkgutil" ], - "summary": "Python helper for locating/executing scripts in module namespace" - }, - "shell": { - "cached": [ - "${libdir}/python3.5/__pycache__/cmd.*.pyc", - "${libdir}/python3.5/__pycache__/fnmatch.*.pyc", - "${libdir}/python3.5/__pycache__/glob.*.pyc", - "${libdir}/python3.5/__pycache__/shlex.*.pyc", - "${libdir}/python3.5/__pycache__/shutil.*.pyc" - ], "files": [ - "${libdir}/python3.5/cmd.py", - "${libdir}/python3.5/fnmatch.py", - "${libdir}/python3.5/glob.py", - "${libdir}/python3.5/shlex.py", - "${libdir}/python3.5/shutil.py" + "${libdir}/python${PYTHON_MAJMIN}/runpy.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/runpy.*.pyc" + ] + }, + "shell": { + "summary": "Python shell-like functionality", "rdepends": [ "compression", "core", "stringold", "unixadmin" ], - "summary": "Python shell-like functionality" - }, - "smtpd": { - "cached": [ - "${libdir}/python3.5/__pycache__/asynchat.*.pyc", - "${libdir}/python3.5/__pycache__/asyncore.*.pyc", - "${libdir}/python3.5/__pycache__/smtpd.*.pyc" - ], "files": [ - "${bindir}/smtpd.py", - "${libdir}/python3.5/asynchat.py", - "${libdir}/python3.5/asyncore.py", - "${libdir}/python3.5/smtpd.py" + "${libdir}/python${PYTHON_MAJMIN}/cmd.py", + "${libdir}/python${PYTHON_MAJMIN}/fnmatch.py", + "${libdir}/python${PYTHON_MAJMIN}/glob.py", + "${libdir}/python${PYTHON_MAJMIN}/shlex.py", + "${libdir}/python${PYTHON_MAJMIN}/shutil.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/cmd.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/fnmatch.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/glob.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/shlex.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/shutil.*.pyc" + ] + }, + "smtpd": { + "summary": "Python Simple Mail Transport Daemon", "rdepends": [ "core", "crypt", @@ -973,130 +975,109 @@ "netclient", "stringold" ], - "summary": "Python Simple Mail Transport Daemon" - }, - "sqlite3": { - "cached": [ - "${libdir}/python3.5/sqlite3/__pycache__", - "${libdir}/python3.5/sqlite3/__pycache__/dbapi2.*.pyc", - "${libdir}/python3.5/sqlite3/__pycache__/dump.*.pyc" - ], "files": [ - "${libdir}/python3.5/lib-dynload/_sqlite3.*.so", - "${libdir}/python3.5/sqlite3/dbapi2.py", - "${libdir}/python3.5/sqlite3/dump.py" + "${bindir}/smtpd.py", + "${libdir}/python${PYTHON_MAJMIN}/asynchat.py", + "${libdir}/python${PYTHON_MAJMIN}/asyncore.py", + "${libdir}/python${PYTHON_MAJMIN}/smtpd.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/asynchat.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/asyncore.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/smtpd.*.pyc" + ] + }, + "sqlite3": { + "summary": "Python Sqlite3 database support", "rdepends": [ "core", "datetime" ], - "summary": "Python Sqlite3 database support" - }, - "sqlite3-tests": { - "cached": [], "files": [ - "${libdir}/python3.5/sqlite3/test" + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_sqlite3.*.so", + "${libdir}/python${PYTHON_MAJMIN}/sqlite3" ], - "rdepends": [ - "core", - "tests" - ], - "summary": "Python Sqlite3 database support tests" + "cached": [] }, "stringold": { - "cached": [ - "${libdir}/python3.5/__pycache__/string.*.pyc" - ], - "files": [ - "${libdir}/python3.5/string.py" - ], + "summary": "Python string APIs [deprecated]", "rdepends": [ "core" ], - "summary": "Python string APIs [deprecated]" - }, - "syslog": { - "cached": [], "files": [ - "${libdir}/python3.5/lib-dynload/syslog.*.so" + "${libdir}/python${PYTHON_MAJMIN}/string.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/string.*.pyc" + ] + }, + "syslog": { + "summary": "Python syslog interface", "rdepends": [ "core" ], - "summary": "Python syslog interface" - }, - "terminal": { - "cached": [ - "${libdir}/python3.5/__pycache__/pty.*.pyc", - "${libdir}/python3.5/__pycache__/tty.*.pyc" - ], "files": [ - "${libdir}/python3.5/pty.py", - "${libdir}/python3.5/tty.py" + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/syslog.*.so" ], + "cached": [] + }, + "terminal": { + "summary": "Python terminal controlling support", "rdepends": [ "core", "io" ], - "summary": "Python terminal controlling support" - }, - "tests": { - "cached": [], "files": [ - "${libdir}/python3.5/test" + "${libdir}/python${PYTHON_MAJMIN}/pty.py", + "${libdir}/python${PYTHON_MAJMIN}/tty.py" ], - "rdepends": [ - "core" - ], - "summary": "Python tests" + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pty.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/tty.*.pyc" + ] }, "threading": { - "cached": [ - "${libdir}/python3.5/__pycache__/_dummy_thread.*.pyc", - "${libdir}/python3.5/__pycache__/_threading_local.*.pyc", - "${libdir}/python3.5/__pycache__/dummy_threading.*.pyc", - "${libdir}/python3.5/__pycache__/queue.*.pyc" - ], - "files": [ - "${libdir}/python3.5/_dummy_thread.py", - "${libdir}/python3.5/_threading_local.py", - "${libdir}/python3.5/dummy_threading.py", - "${libdir}/python3.5/queue.py" - ], + "summary": "Python threading & synchronization support", "rdepends": [ "core" ], - "summary": "Python threading & synchronization support" - }, - "tkinter": { - "cached": [], "files": [ - "${libdir}/python3.5/tkinter" + "${libdir}/python${PYTHON_MAJMIN}/_dummy_thread.py", + "${libdir}/python${PYTHON_MAJMIN}/_threading_local.py", + "${libdir}/python${PYTHON_MAJMIN}/dummy_threading.py", + "${libdir}/python${PYTHON_MAJMIN}/queue.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_dummy_thread.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_threading_local.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/dummy_threading.*.pyc", + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/queue.*.pyc" + ] + }, + "tkinter": { + "summary": "Python Tcl/Tk bindings", "rdepends": [ "core" ], - "summary": "Python Tcl/Tk bindings" - }, - "typing": { - "cached": [ - "${libdir}/python3.5/__pycache__/typing.*.pyc" - ], "files": [ - "${libdir}/python3.5/typing.py" + "${libdir}/python${PYTHON_MAJMIN}/tkinter" ], + "cached": [] + }, + "typing": { + "summary": "Python typing support", "rdepends": [ "core" ], - "summary": "Python typing support" - }, - "unittest": { - "cached": [], "files": [ - "${libdir}/python3.5/unittest", - "${libdir}/python3.5/unittest/", - "${libdir}/python3.5/unittest/__pycache__" + "${libdir}/python${PYTHON_MAJMIN}/typing.py" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/typing.*.pyc" + ] + }, + "unittest": { + "summary": "Python unit testing framework", "rdepends": [ "core", "difflib", @@ -1105,45 +1086,66 @@ "shell", "stringold" ], - "summary": "Python unit testing framework" + "files": [ + "${libdir}/python${PYTHON_MAJMIN}/unittest", + "${libdir}/python${PYTHON_MAJMIN}/unittest/", + "${libdir}/python${PYTHON_MAJMIN}/unittest/__pycache__" + ], + "cached": [] }, "unixadmin": { - "cached": [ - "${libdir}/python3.5/__pycache__/getpass.*.pyc" + "summary": "Python Unix administration support", + "rdepends": [ + "core", + "io" ], "files": [ - "${libdir}/python3.5/getpass.py", - "${libdir}/python3.5/lib-dynload/grp.*.so", - "${libdir}/python3.5/lib-dynload/nis.*.so" + "${libdir}/python${PYTHON_MAJMIN}/getpass.py", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/grp.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/nis.*.so" ], + "cached": [ + "${libdir}/python${PYTHON_MAJMIN}/__pycache__/getpass.*.pyc" + ] + }, + "venv": { + "summary": "Provides support for creating lightweight virtual environments with their own site directories, optionally isolated from system site directories.", "rdepends": [ + "compression", "core", - "io" + "logging", + "shell", + "stringold", + "unixadmin" ], - "summary": "Python Unix administration support" - }, - "xml": { - "cached": [], "files": [ - "${libdir}/python3.5/lib-dynload/_elementtree.*.so", - "${libdir}/python3.5/lib-dynload/pyexpat.*.so", - "${libdir}/python3.5/xml" + "${libdir}/python${PYTHON_MAJMIN}/venv", + "${bindir}/pyvenv*" ], + "cached": [] + }, + "xml": { + "summary": "Python basic XML support", "rdepends": [ "core" ], - "summary": "Python basic XML support" - }, - "xmlrpc": { - "cached": [], "files": [ - "${libdir}/python3.5/xmlrpc", - "${libdir}/python3.5/xmlrpc/__pycache__" + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/_elementtree.*.so", + "${libdir}/python${PYTHON_MAJMIN}/lib-dynload/pyexpat.*.so", + "${libdir}/python${PYTHON_MAJMIN}/xml" ], + "cached": [] + }, + "xmlrpc": { + "summary": "Python XML-RPC support", "rdepends": [ "core", "xml" ], - "summary": "Python XML-RPC support" + "files": [ + "${libdir}/python${PYTHON_MAJMIN}/xmlrpc", + "${libdir}/python${PYTHON_MAJMIN}/xmlrpc/__pycache__" + ], + "cached": [] } -}
\ No newline at end of file +} diff --git a/poky/meta/recipes-devtools/python/python3/run-ptest b/poky/meta/recipes-devtools/python/python3/run-ptest new file mode 100644 index 0000000000..3863c6d314 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/run-ptest @@ -0,0 +1,3 @@ +#!/bin/sh + +python3 -m test -v | sed -e '/\.\.\. ok/ s/^/PASS: /g' -e '/\.\.\. [ERROR|FAIL]/ s/^/FAIL: /g' -e '/\.\.\. skipped/ s/^/SKIP: /g' -e 's/ \.\.\. ok//g' -e 's/ \.\.\. ERROR//g' -e 's/ \.\.\. FAIL//g' -e 's/ \.\.\. skipped//g' diff --git a/poky/meta/recipes-devtools/python/python3/shutil-follow-symlink-fix.patch b/poky/meta/recipes-devtools/python/python3/shutil-follow-symlink-fix.patch deleted file mode 100644 index 802b1c7203..0000000000 --- a/poky/meta/recipes-devtools/python/python3/shutil-follow-symlink-fix.patch +++ /dev/null @@ -1,17 +0,0 @@ -shutils should consider symlinks - --Khem - -Upstream-Status: Pending - ---- a/Lib/shutil.py 2013-01-29 12:31:06.926555779 -0800 -+++ b/Lib/shutil.py 2013-01-29 16:31:39.097554182 -0800 -@@ -132,7 +132,7 @@ def copymode(src, dst, *, follow_symlink - st = stat_func(src) - chmod_func(dst, stat.S_IMODE(st.st_mode)) - --if hasattr(os, 'listxattr'): -+if hasattr(os, 'listxattr') and os.listxattr in os.supports_follow_symlinks: - def _copyxattr(src, dst, *, follow_symlinks=True): - """Copy extended filesystem attributes from `src` to `dst`. - diff --git a/poky/meta/recipes-devtools/python/python3/signal.patch b/poky/meta/recipes-devtools/python/python3/signal.patch new file mode 100644 index 0000000000..534a097771 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/signal.patch @@ -0,0 +1,56 @@ +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 4315389df3c4e8c1f94a18ab11a4b234762132b1 Mon Sep 17 00:00:00 2001 +From: Antoine Pitrou <pitrou@free.fr> +Date: Mon, 23 Apr 2018 22:22:49 +0200 +Subject: [PATCH] [3.6] bpo-33329: Fix multiprocessing regression on newer + glibcs (GH-6575) (GH-6582) + +Starting with glibc 2.27.9000-xxx, sigaddset() can return EINVAL for some +reserved signal numbers between 1 and NSIG. The `range(1, NSIG)` idiom +is commonly used to select all signals for blocking with `pthread_sigmask`. +So we ignore the sigaddset() return value until we expose sigfillset() +to provide a better idiom. +(cherry picked from commit 25038ecfb665bef641abf8cb61afff7505b0e008) +--- + .../next/Library/2018-04-23-13-21-39.bpo-33329.lQ-Eod.rst | 1 + + Modules/signalmodule.c | 14 ++++++++------ + 2 files changed, 9 insertions(+), 6 deletions(-) + create mode 100644 Misc/NEWS.d/next/Library/2018-04-23-13-21-39.bpo-33329.lQ-Eod.rst + +diff --git a/Modules/signalmodule.c b/Modules/signalmodule.c +index e0d06b434d..138e74e8a9 100644 +--- a/Modules/signalmodule.c ++++ b/Modules/signalmodule.c +@@ -744,7 +744,6 @@ iterable_to_sigset(PyObject *iterable, sigset_t *mask) + int result = -1; + PyObject *iterator, *item; + long signum; +- int err; + + sigemptyset(mask); + +@@ -766,11 +765,14 @@ iterable_to_sigset(PyObject *iterable, sigset_t *mask) + Py_DECREF(item); + if (signum == -1 && PyErr_Occurred()) + goto error; +- if (0 < signum && signum < NSIG) +- err = sigaddset(mask, (int)signum); +- else +- err = 1; +- if (err) { ++ if (0 < signum && signum < NSIG) { ++ /* bpo-33329: ignore sigaddset() return value as it can fail ++ * for some reserved signals, but we want the `range(1, NSIG)` ++ * idiom to allow selecting all valid signals. ++ */ ++ (void) sigaddset(mask, (int)signum); ++ } ++ else { + PyErr_Format(PyExc_ValueError, + "signal number %ld out of range", signum); + goto error; +-- +2.11.0 + diff --git a/poky/meta/recipes-devtools/python/python3_3.5.5.bb b/poky/meta/recipes-devtools/python/python3_3.5.6.bb index c28be32925..31f8eada11 100644 --- a/poky/meta/recipes-devtools/python/python3_3.5.5.bb +++ b/poky/meta/recipes-devtools/python/python3_3.5.6.bb @@ -1,15 +1,13 @@ -require recipes-devtools/python/python.inc +require recipes-devtools/python/python3.inc -DEPENDS = "python3-native libffi bzip2 gdbm openssl sqlite3 zlib virtual/libintl xz" +DEPENDS = "python3-native libffi bzip2 gdbm openssl \ + sqlite3 zlib virtual/libintl xz qemu-native \ + qemu-helper-native virtual/crypt" -PR = "${INC_PR}.0" -PYTHON_MAJMIN = "3.5" -PYTHON_BINABI= "${PYTHON_MAJMIN}m" DISTRO_SRC_URI ?= "file://sitecustomize.py" DISTRO_SRC_URI_linuxstdbase = "" SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://python-config.patch \ -file://0001-cross-compile-support.patch \ file://030-fixup-include-dirs.patch \ file://070-dont-clean-ipkg-install.patch \ file://080-distutils-dont_adjust_files.patch \ @@ -27,7 +25,6 @@ SRC_URI += "\ file://cgi_py.patch \ file://host_include_contamination.patch \ file://python-3.3-multilib.patch \ - file://shutil-follow-symlink-fix.patch \ file://sysroot-include-headers.patch \ file://unixccompiler.patch \ file://avoid-ncursesw-include-path.patch \ @@ -37,19 +34,26 @@ SRC_URI += "\ file://configure.ac-fix-LIBPL.patch \ file://0001-Issue-21272-Use-_sysconfigdata.py-to-initialize-dist.patch \ file://pass-missing-libraries-to-Extension-for-mul.patch \ - file://CVE-2018-1061.patch \ + file://Use-correct-CFLAGS-for-extensions-when-cross-compili.patch \ + file://0002-Makefile-add-target-to-split-profile-generation.patch \ + file://float-endian.patch \ + file://ftplib.patch \ + file://signal.patch \ + file://0001-Issue-28043-SSLContext-has-improved-default-settings.patch \ + file://0002-bpo-29136-Add-TLS-1.3-cipher-suites-and-OP_NO_TLSv1_.patch \ + file://0003-bpo-32947-Fixes-for-TLS-1.3-and-OpenSSL-1.1.1-GH-876.patch \ + file://0004-bpo-33570-TLS-1.3-ciphers-for-OpenSSL-1.1.1-GH-6976.patch \ + file://0005-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-2305.patch \ + file://run-ptest \ " -SRC_URI[md5sum] = "f3763edf9824d5d3a15f5f646083b6e0" -SRC_URI[sha256sum] = "063d2c3b0402d6191b90731e0f735c64830e7522348aeb7ed382a83165d45009" -LIC_FILES_CHKSUM = "file://LICENSE;md5=b6ec515b22618f55fa07276b897bacea" +inherit multilib_header python3native update-alternatives qemu ptest -# exclude pre-releases for both python 2.x and 3.x -UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" +MULTILIB_SUFFIX = "${@d.getVar('base_libdir',1).split('/')[-1]}" -S = "${WORKDIR}/Python-${PV}" - -inherit autotools multilib_header python3native pkgconfig +ALTERNATIVE_${PN}-dev = "python-config" +ALTERNATIVE_LINK_NAME[python-config] = "${bindir}/python${PYTHON_BINABI}-config" +ALTERNATIVE_TARGET[python-config] = "${bindir}/python${PYTHON_BINABI}-config-${MULTILIB_SUFFIX}" CONFIGUREOPTS += " --with-system-ffi " @@ -66,37 +70,46 @@ SDK_CC_ARCH += "-DNDEBUG -fno-inline" EXTRA_OEMAKE += "CROSS_COMPILE=yes" EXTRA_OECONF += "CROSSPYTHONPATH=${STAGING_LIBDIR_NATIVE}/python${PYTHON_MAJMIN}/lib-dynload/ --without-ensurepip" +PYTHON3_PROFILE_TASK ?= "./python -m test.regrtest --pgo test_grammar test_opcodes test_dict test_builtin test_exceptions test_types test_support || true" + export CROSS_COMPILE = "${TARGET_PREFIX}" -export _PYTHON_PROJECT_BASE = "${B}" -export _PYTHON_PROJECT_SRC = "${S}" export CCSHARED = "-fPIC" # Fix cross compilation of different modules export CROSSPYTHONPATH = "${STAGING_LIBDIR_NATIVE}/python${PYTHON_MAJMIN}/lib-dynload/:${B}/build/lib.linux-${TARGET_ARCH}-${PYTHON_MAJMIN}:${S}/Lib:${S}/Lib/plat-linux" -# No ctypes option for python 3 -PYTHONLSBOPTS = "" - -PACKAGECONFIG ??= "readline" +PACKAGECONFIG ??= "readline ${@bb.utils.contains('MACHINE_FEATURES', 'qemu-usermode', 'pgo', '', d)}" PACKAGECONFIG[readline] = ",,readline" +# Use profile guided optimisation by running PyBench inside qemu-user +PACKAGECONFIG[pgo] = "--enable-optimizations" do_configure_append() { rm -f ${S}/Makefile.orig - autoreconf -Wcross --verbose --install --force --exclude=autopoint ../Python-${PV}/Modules/_ctypes/libffi } -do_compile() { - # regenerate platform specific files, because they depend on system headers - cd ${S}/Lib/plat-linux* - include=${STAGING_INCDIR} ${STAGING_BINDIR_NATIVE}/python3-native/python3 \ - ${S}/Tools/scripts/h2py.py -i '(u_long)' \ - ${STAGING_INCDIR}/dlfcn.h \ - ${STAGING_INCDIR}/linux/cdrom.h \ - ${STAGING_INCDIR}/netinet/in.h \ - ${STAGING_INCDIR}/sys/types.h - sed -e 's,${STAGING_DIR_HOST},,g' -i *.py - cd - +run_make() { + oe_runmake PGEN=${STAGING_BINDIR_NATIVE}/python3-native/pgen \ + HOSTPYTHON=${STAGING_BINDIR_NATIVE}/python3-native/python3 \ + STAGING_LIBDIR=${STAGING_LIBDIR} \ + STAGING_INCDIR=${STAGING_INCDIR} \ + STAGING_BASELIBDIR=${STAGING_BASELIBDIR} \ + LIB=${baselib} \ + ARCH=${TARGET_ARCH} \ + OPT="${CFLAGS}" \ + "$@" +} +do_compile() { + # regenerate platform specific files, because they depend on system headers + cd ${S}/Lib/plat-linux* + include=${STAGING_INCDIR} ${STAGING_BINDIR_NATIVE}/python3-native/python3 \ + ${S}/Tools/scripts/h2py.py -i '(u_long)' \ + ${STAGING_INCDIR}/dlfcn.h \ + ${STAGING_INCDIR}/linux/cdrom.h \ + ${STAGING_INCDIR}/netinet/in.h \ + ${STAGING_INCDIR}/sys/types.h + sed -e 's,${STAGING_DIR_HOST},,g' -i *.py + cd - # remove any bogus LD_LIBRARY_PATH sed -i -e s,RUNSHARED=.*,RUNSHARED=, Makefile @@ -116,23 +129,23 @@ do_compile() { # then call do_install twice we get Makefile.orig == Makefile.sysroot install -m 0644 Makefile Makefile.sysroot - oe_runmake HOSTPGEN=${STAGING_BINDIR_NATIVE}/python3-native/pgen \ - HOSTPYTHON=${STAGING_BINDIR_NATIVE}/python3-native/python3 \ - STAGING_LIBDIR=${STAGING_LIBDIR} \ - STAGING_BASELIBDIR=${STAGING_BASELIBDIR} \ - STAGING_INCDIR=${STAGING_INCDIR} \ - LIB=${baselib} \ - ARCH=${TARGET_ARCH} \ - OPT="${CFLAGS}" libpython3.so - - oe_runmake HOSTPGEN=${STAGING_BINDIR_NATIVE}/python3-native/pgen \ - HOSTPYTHON=${STAGING_BINDIR_NATIVE}/python3-native/python3 \ - STAGING_LIBDIR=${STAGING_LIBDIR} \ - STAGING_INCDIR=${STAGING_INCDIR} \ - STAGING_BASELIBDIR=${STAGING_BASELIBDIR} \ - LIB=${baselib} \ - ARCH=${TARGET_ARCH} \ - OPT="${CFLAGS}" + if ${@bb.utils.contains('PACKAGECONFIG', 'pgo', 'true', 'false', d)}; then + run_make profile-opt + qemu_binary="${@qemu_wrapper_cmdline(d, '${STAGING_DIR_TARGET}', ['${B}', '${STAGING_DIR_TARGET}/${base_libdir}'])}" + cat >pgo-wrapper <<EOF +#!/bin/sh +cd ${B} +$qemu_binary "\$@" +EOF + chmod +x pgo-wrapper + bbnote Gathering profiling data + ./pgo-wrapper ${PYTHON3_PROFILE_TASK} + bbnote Profiling data gathered, rebuilding + run_make clean_and_use_profile + else + run_make libpython3.so + run_make + fi } do_install() { @@ -145,23 +158,13 @@ do_install() { # rerun the build once again with original makefile this time # run install in a separate step to avoid compile/install race - oe_runmake HOSTPGEN=${STAGING_BINDIR_NATIVE}/python3-native/pgen \ - HOSTPYTHON=${STAGING_BINDIR_NATIVE}/python3-native/python3 \ - STAGING_LIBDIR=${STAGING_LIBDIR} \ - STAGING_INCDIR=${STAGING_INCDIR} \ - STAGING_BASELIBDIR=${STAGING_BASELIBDIR} \ - LIB=${baselib} \ - ARCH=${TARGET_ARCH} \ - DESTDIR=${D} LIBDIR=${libdir} - - oe_runmake HOSTPGEN=${STAGING_BINDIR_NATIVE}/python3-native/pgen \ - HOSTPYTHON=${STAGING_BINDIR_NATIVE}/python3-native/python3 \ - STAGING_LIBDIR=${STAGING_LIBDIR} \ - STAGING_INCDIR=${STAGING_INCDIR} \ - STAGING_BASELIBDIR=${STAGING_BASELIBDIR} \ - LIB=${baselib} \ - ARCH=${TARGET_ARCH} \ - DESTDIR=${D} LIBDIR=${libdir} install + if ${@bb.utils.contains('PACKAGECONFIG', 'pgo', 'true', 'false', d)}; then + run_make DESTDIR=${D} LIBDIR=${libdir} build_all_use_profile + else + run_make DESTDIR=${D} LIBDIR=${libdir} + fi + + run_make DESTDIR=${D} LIBDIR=${libdir} install # avoid conflict with 2to3 from Python 2 rm -f ${D}/${bindir}/2to3 @@ -177,7 +180,7 @@ do_install() { } do_install_append_class-nativesdk () { - create_wrapper ${D}${bindir}/python${PYTHON_MAJMIN} TERMINFO_DIRS='${sysconfdir}/terminfo:/etc/terminfo:/usr/share/terminfo:/usr/share/misc/terminfo:/lib/terminfo' PYTHONNOUSERSITE='1' + create_wrapper ${D}${bindir}/python${PYTHON_MAJMIN} PYTHONHOME='${prefix}' TERMINFO_DIRS='${sysconfdir}/terminfo:/etc/terminfo:/usr/share/terminfo:/usr/share/misc/terminfo:/lib/terminfo' PYTHONNOUSERSITE='1' } SSTATE_SCAN_FILES += "Makefile" @@ -208,20 +211,23 @@ py_package_preprocess () { ${STAGING_BINDIR_NATIVE}/${PYTHON_PN}-native/${PYTHON_PN} \ -c "from py_compile import compile; compile('./${libdir}/python${PYTHON_MAJMIN}/_sysconfigdata.py', optimize=2)" cd - + + mv ${PKGD}/${bindir}/python${PYTHON_BINABI}-config ${PKGD}/${bindir}/python${PYTHON_BINABI}-config-${MULTILIB_SUFFIX} } +PACKAGES_remove = "${PN}" + # manual dependency additions RPROVIDES_${PN}-modules = "${PN}" RRECOMMENDS_${PN}-core_append_class-nativesdk = " nativesdk-python3-modules" -RRECOMMENDS_${PN}-crypt = "openssl" -RRECOMMENDS_${PN}-crypt_class-nativesdk = "nativesdk-openssl" +RRECOMMENDS_${PN}-crypt = "openssl ca-certificates" FILES_${PN}-2to3 += "${bindir}/2to3-${PYTHON_MAJMIN}" FILES_${PN}-pydoc += "${bindir}/pydoc${PYTHON_MAJMIN} ${bindir}/pydoc3" FILES_${PN}-idle += "${bindir}/idle3 ${bindir}/idle${PYTHON_MAJMIN}" -PACKAGES =+ "${PN}-pyvenv" -FILES_${PN}-pyvenv += "${bindir}/pyvenv-${PYTHON_MAJMIN} ${bindir}/pyvenv" +# provide python-pyvenv from python3-venv +RPROVIDES_${PN}-venv += "${PN}-pyvenv" # package libpython3 PACKAGES =+ "libpython3 libpython3-staticdev" @@ -239,16 +245,18 @@ FILES_${PN}-misc = "${libdir}/python${PYTHON_MAJMIN}" PACKAGES += "${PN}-man" FILES_${PN}-man = "${datadir}/man" -BBCLASSEXTEND = "nativesdk" +RDEPENDS_${PN}-ptest = "${PN}-modules ${PN}-tests unzip bzip2" -RPROVIDES_${PN} += "${PN}-modules" +RDEPENDS_${PN}-dev = "" + +BBCLASSEXTEND = "nativesdk" # We want bytecode precompiled .py files (.pyc's) by default # but the user may set it on their own conf INCLUDE_PYCS ?= "1" python(){ - import json + import collections, json filename = os.path.join(d.getVar('THISDIR'), 'python3', 'python3-manifest.json') # This python changes the datastore based on the contents of a file, so mark @@ -256,7 +264,7 @@ python(){ bb.parse.mark_dependency(d, filename) with open(filename) as manifest_file: - python_manifest=json.load(manifest_file) + python_manifest=json.load(manifest_file, object_pairs_hook=collections.OrderedDict) include_pycs = d.getVar('INCLUDE_PYCS') @@ -282,7 +290,6 @@ python(){ for value in python_manifest[key]['cached']: d.appendVar('FILES_' + pypackage, ' ' + value) - d.setVar('RDEPENDS_' + pypackage, '') for value in python_manifest[key]['rdepends']: # Make it work with or without $PN if '${PN}' in value: @@ -290,8 +297,6 @@ python(){ d.appendVar('RDEPENDS_' + pypackage, ' ' + pn + '-' + value) d.setVar('SUMMARY_' + pypackage, python_manifest[key]['summary']) - # We need to ensure staticdev packages match for files first so we sort in reverse - newpackages.sort(reverse=True) # Prepending so to avoid python-misc getting everything packages = newpackages + packages d.setVar('PACKAGES', ' '.join(packages)) @@ -312,7 +317,7 @@ do_create_manifest() { cd ${WORKDIR} # This needs to be executed by python-native and NOT by HOST's python - nativepython3 create_manifest3.py + nativepython3 create_manifest3.py ${PYTHON_MAJMIN} cp python3-manifest.json.new ${THISDIR}/python3/python3-manifest.json } diff --git a/poky/meta/recipes-devtools/python/python_2.7.15.bb b/poky/meta/recipes-devtools/python/python_2.7.15.bb index 0b3958d414..dd969d8e7e 100644 --- a/poky/meta/recipes-devtools/python/python_2.7.15.bb +++ b/poky/meta/recipes-devtools/python/python_2.7.15.bb @@ -1,6 +1,7 @@ require python.inc -DEPENDS = "python-native libffi bzip2 gdbm openssl readline sqlite3 zlib" +DEPENDS = "python-native libffi bzip2 gdbm openssl \ + readline sqlite3 zlib virtual/crypt" PR = "${INC_PR}" @@ -153,6 +154,7 @@ py_package_preprocess () { (cd ${PKGD}; python -m py_compile ./${libdir}/python${PYTHON_MAJMIN}/_sysconfigdata.py) } +PACKAGES_remove = "${PN}" # manual dependency additions RPROVIDES_${PN}-core = "${PN}" @@ -178,9 +180,9 @@ FILES_${PN}-man = "${datadir}/man" # Nasty but if bdb isn't enabled the package won't be generated RDEPENDS_${PN}-modules_remove = "${@bb.utils.contains('PACKAGECONFIG', 'bdb', '', '${PN}-bsddb', d)}" -BBCLASSEXTEND = "nativesdk" +RDEPENDS_${PN}-dev = "" -RPROVIDES_${PN} += "${PN}-modules" +BBCLASSEXTEND = "nativesdk" # We want bytecode precompiled .py files (.pyc's) by default # but the user may set it on their own conf @@ -221,7 +223,6 @@ python(){ if value.endswith('.py'): d.appendVar('FILES_' + pypackage, ' ' + value + 'c') - d.setVar('RDEPENDS_' + pypackage, '') for value in python_manifest[key]['rdepends']: # Make it work with or without $PN if '${PN}' in value: |