aboutsummaryrefslogtreecommitdiffstats
path: root/main/python2/APKBUILD
blob: 7e2aa94d9a789c4de5f5d86f4deeeee2e122d070 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>

pkgname=python2
# the python2-tkinter's pkgver needs to be synchronized with this.
pkgver=2.7.17
_verbase=${pkgver%.*}
pkgrel=0
pkgdesc="A high-level scripting language"
url="https://www.python.org/"
arch="all"
license="custom"
provides="python=$pkgver-r$pkgrel"
replaces="python"
subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc $pkgname-tests py-gdbm:gdbm
	$pkgname-wininst"
makedepends="expat-dev openssl-dev zlib-dev ncurses-dev bzip2-dev
	gdbm-dev sqlite-dev libffi-dev readline-dev linux-headers paxmark"
source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
	musl-find_library.patch
	unchecked-ioctl.patch
	"
builddir="$srcdir/Python-$pkgver"

# secfixes:
#   2.7.17-r0:
#   - CVE-2019-15903
#   2.7.16-r3:
#   - CVE-2019-16056
#   - CVE-2019-16935
#   2.7.16-r1:
#   - CVE-2019-9636
#   - CVE-2019-9948
#   2.7.16-r0:
#   - CVE-2018-14647
#   2.7.15-r3:
#   - CVE-2019-5010
#   2.7.15-r0:
#   - CVE-2018-1060
#   - CVE-2018-1061

prepare() {
	default_prepare

	# Make sure we use system libs
	rm -r Modules/expat Modules/_ctypes/libffi* Modules/zlib

	# make sure our /dev/shm is world writeable
	if ! touch /dev/shm/$pkgname-$pkgver; then
		error "/dev/shm is not world writeable. this will cause a broken python2 build"
		return 1
	fi
	rm /dev/shm/$pkgname-$pkgver
}

build() {
	cd "$builddir"
	export OPT="$CFLAGS -DTHREAD_STACK_SIZE=0x100000"
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--enable-ipv6 \
		--enable-optimizations \
		--enable-shared \
		--enable-unicode=ucs4 \
		--with-system-expat \
		--with-system-ffi \
		--with-system-zlib \
		--with-threads
	make
}

check() {
	cd "$builddir"

	# test that we reach recursionlimit before we segfault
	cat > test-stacksize.py <<-EOF
	import threading
	import sys

	def fun(i):
	  try:
	    fun(i+1)
	  except:
	    sys.exit(0)

	t = threading.Thread(target=fun, args=[1])
	t.start()
EOF
	LD_LIBRARY_PATH=$PWD ./python test-stacksize.py
}

package() {
	cd "$builddir"
	make -j1 DESTDIR="$pkgdir" install
	install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE
	rm "$pkgdir/usr/bin/2to3"
	# we need to enable emutramp - needed for virt-manager
	# disable mprotect - needed for cffi
	paxmark -zm "$pkgdir"/usr/bin/python$_verbase
}

_mv_files() {
	local i
	for i in "$@"; do
		mkdir -p "$subpkgdir"/${i%/*}
		mv "$pkgdir"/$i "$subpkgdir"/$i
	done
}

dev() {
	provides="python-dev=$pkgver-r$pkgrel"
	replaces="python-dev"

	# pyconfig.h is needed runtime so we move it back
	default_dev
	mkdir -p "$pkgdir"/usr/include/python$_verbase
	mv "$subpkgdir"/usr/include/python$_verbase/pyconfig.h \
		"$pkgdir"/usr/include/python$_verbase/
}

tests() {
	pkgdesc="The test modules from the main python package"
	provides="python-tests=$pkgver-r$pkgrel"
	replaces="python-tests"

	cd "$pkgdir"
	_mv_files usr/lib/python*/*/test \
		usr/lib/python*/test
}

gdbm() {
	pkgdesc="GNU dbm database support for Python"
	provides="python-gdbm=$pkgver-r$pkgrel"
	replaces="python-gdbm py-gdbm"

	cd "$pkgdir"
	_mv_files $(find usr/lib -name '*gdbm*')
}

wininst() {
	pkgdesc="Python wininst files"
	mkdir -p "$subpkgdir"/usr/lib/python$_verbase/distutils/command
	mv "$pkgdir"/usr/lib/python$_verbase/distutils/command/*.exe \
		"$subpkgdir"/usr/lib/python$_verbase/distutils/command
}

sha512sums="2dc19a0b0d818c71429dae94783e58b2aac0fa31f5faa1e840cac06245a59932ecc4658d913515736601bcf70a78c9ec60367aed75f4567d1e41ff3bb104da9a  Python-2.7.17.tar.xz
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2  musl-find_library.patch
5a8e013a4132d71c4360771f130d27b37275ae59330cf9a75378dc8a11236017f540eb224f2a148984e82ca3fb6b29129375b1080ba05b81044faa717520ab82  unchecked-ioctl.patch"