blob: 7e2aa94d9a789c4de5f5d86f4deeeee2e122d070 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=python2
# the python2-tkinter's pkgver needs to be synchronized with this.
pkgver=2.7.17
_verbase=${pkgver%.*}
pkgrel=0
pkgdesc="A high-level scripting language"
url="https://www.python.org/"
arch="all"
license="custom"
provides="python=$pkgver-r$pkgrel"
replaces="python"
subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc $pkgname-tests py-gdbm:gdbm
$pkgname-wininst"
makedepends="expat-dev openssl-dev zlib-dev ncurses-dev bzip2-dev
gdbm-dev sqlite-dev libffi-dev readline-dev linux-headers paxmark"
source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
musl-find_library.patch
unchecked-ioctl.patch
"
builddir="$srcdir/Python-$pkgver"
# secfixes:
# 2.7.17-r0:
# - CVE-2019-15903
# 2.7.16-r3:
# - CVE-2019-16056
# - CVE-2019-16935
# 2.7.16-r1:
# - CVE-2019-9636
# - CVE-2019-9948
# 2.7.16-r0:
# - CVE-2018-14647
# 2.7.15-r3:
# - CVE-2019-5010
# 2.7.15-r0:
# - CVE-2018-1060
# - CVE-2018-1061
prepare() {
default_prepare
# Make sure we use system libs
rm -r Modules/expat Modules/_ctypes/libffi* Modules/zlib
# make sure our /dev/shm is world writeable
if ! touch /dev/shm/$pkgname-$pkgver; then
error "/dev/shm is not world writeable. this will cause a broken python2 build"
return 1
fi
rm /dev/shm/$pkgname-$pkgver
}
build() {
cd "$builddir"
export OPT="$CFLAGS -DTHREAD_STACK_SIZE=0x100000"
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--enable-ipv6 \
--enable-optimizations \
--enable-shared \
--enable-unicode=ucs4 \
--with-system-expat \
--with-system-ffi \
--with-system-zlib \
--with-threads
make
}
check() {
cd "$builddir"
# test that we reach recursionlimit before we segfault
cat > test-stacksize.py <<-EOF
import threading
import sys
def fun(i):
try:
fun(i+1)
except:
sys.exit(0)
t = threading.Thread(target=fun, args=[1])
t.start()
EOF
LD_LIBRARY_PATH=$PWD ./python test-stacksize.py
}
package() {
cd "$builddir"
make -j1 DESTDIR="$pkgdir" install
install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE
rm "$pkgdir/usr/bin/2to3"
# we need to enable emutramp - needed for virt-manager
# disable mprotect - needed for cffi
paxmark -zm "$pkgdir"/usr/bin/python$_verbase
}
_mv_files() {
local i
for i in "$@"; do
mkdir -p "$subpkgdir"/${i%/*}
mv "$pkgdir"/$i "$subpkgdir"/$i
done
}
dev() {
provides="python-dev=$pkgver-r$pkgrel"
replaces="python-dev"
# pyconfig.h is needed runtime so we move it back
default_dev
mkdir -p "$pkgdir"/usr/include/python$_verbase
mv "$subpkgdir"/usr/include/python$_verbase/pyconfig.h \
"$pkgdir"/usr/include/python$_verbase/
}
tests() {
pkgdesc="The test modules from the main python package"
provides="python-tests=$pkgver-r$pkgrel"
replaces="python-tests"
cd "$pkgdir"
_mv_files usr/lib/python*/*/test \
usr/lib/python*/test
}
gdbm() {
pkgdesc="GNU dbm database support for Python"
provides="python-gdbm=$pkgver-r$pkgrel"
replaces="python-gdbm py-gdbm"
cd "$pkgdir"
_mv_files $(find usr/lib -name '*gdbm*')
}
wininst() {
pkgdesc="Python wininst files"
mkdir -p "$subpkgdir"/usr/lib/python$_verbase/distutils/command
mv "$pkgdir"/usr/lib/python$_verbase/distutils/command/*.exe \
"$subpkgdir"/usr/lib/python$_verbase/distutils/command
}
sha512sums="2dc19a0b0d818c71429dae94783e58b2aac0fa31f5faa1e840cac06245a59932ecc4658d913515736601bcf70a78c9ec60367aed75f4567d1e41ff3bb104da9a Python-2.7.17.tar.xz
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch
5a8e013a4132d71c4360771f130d27b37275ae59330cf9a75378dc8a11236017f540eb224f2a148984e82ca3fb6b29129375b1080ba05b81044faa717520ab82 unchecked-ioctl.patch"
|