1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
# Maintainer: libele <libele@disroot.org>
# Contributor: FadeMind <fademind@gmail.com>
# Contributor: Que Quotion <quequotion@bugmenot.com>
# Contributor: Jameson Pugh <imntreal@gmail.com>
_pkgbasename=python2
pkgname=lib32-$_pkgbasename
pkgver=2.7.18
pkgrel=4
_pybasever=2.7
pkgdesc="A high-level scripting language (32 bit)"
arch=('x86_64')
license=('PSF')
url="https://www.python.org/"
depends=(lib32-{bzip2,db,expat,gdbm,libffi,openssl-1.1,sqlite,zlib} python2)
makedepends=('lib32-tk')
optdepends=('lib32-tk: for IDLE')
conflicts=('lib32-python<3')
_gentoo_patches="python-gentoo-patches-${pkgver}_p16"
noextract=("${_gentoo_patches}.tar.xz")
options=('!makeflags')
source=("https://www.python.org/ftp/python/${pkgver%rc?}/Python-${pkgver}.tar.xz"
"https://dev.gentoo.org/~mgorny/dist/python/${_gentoo_patches}.tar.xz"
'mtime-workaround.patch'
'python-config-32.patch'
'lib32-distutils-sysconfig.patch')
sha512sums=('a7bb62b51f48ff0b6df0b18f5b0312a523e3110f49c3237936bfe56ed0e26838c0274ff5401bda6fc21bf24337477ccac49e8026c5d651e4b4cafb5eb5086f6c'
'810be590d0e06fab4b2165e6852ca49662f09dcd7e20b47a29f613ad7653252c8dfac3f0eb228d77c8a914efa7c08788b2fbd552a4b47504f5fd0ec17450c48f'
'4e761cfd57791e8b72ecdf84c2e03875bf074311130eea5b8e97409fa304fa3468dbd359a511c4e9978e686e662c58054b4174d3e73f845fa9ded2e83a3a8076'
'68643c7632bd5a8c17fd095589ae97b137313852f75904cc1065d424b731702c9ef5bed4ff711bbde9ce1fe869eac3a32de0743e56070faca66ab63e227d6469'
'6a661446a022f3c2e7f0273310c90cd6325efa3aaa0cad833b8fc63f89afd3f70a07795fe46b160a227f5094af25e03e19d094996d49f76f4ecb867b92edff49')
prepare() {
bsdtar -xf "${_gentoo_patches}.tar.xz" -s /"${_gentoo_patches}"//
cd "${srcdir}/Python-${pkgver}"
# makepkg will touch all files to $SOURCE_DATE_EPOCH which will break pyc file's mtime check.
# workaround this by touching them to $SOURCE_DATE_EPOCH before running compileall.
patch -p0 -i ../mtime-workaround.patch
patch -p1 -i ../0001-bpo-39017-Avoid-infinite-loop-in-the-tarfile-module-.patch #CVE-2019-20907
patch -p1 -i ../0002-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch #CVE-2020-8492
patch -p1 -i ../0003-bpo-39603-Prevent-header-injection-in-http-methods-G.patch #CVE-2020-26116
patch -p1 -i ../0004-bpo-42051-Reject-XML-entity-declarations-in-plist-fi.patch
patch -p1 -i ../0005-bpo-41944-No-longer-call-eval-on-content-received-vi.patch #CVE-2020-27619
patch -p1 -i ../0006-bpo-40791-Make-compare_digest-more-constant-time.-GH.patch
patch -p1 -i ../0007-3.6-closes-bpo-42938-Replace-snprintf-with-Python-un.patch #CVE-2021-3177
patch -p1 -i ../0008-3.6-bpo-42967-only-use-as-a-query-string-separator-G.patch #CVE-2021-23336
patch -p1 -i ../0009-py2-ize-the-CJK-codec-test.patch
patch -p1 -i ../0017-bpo-46811-Make-test-suite-support-Expat-2.4.5-GH-314.patch
# Temporary workaround for FS#22322
# See http://bugs.python.org/issue10835 for upstream report
sed -i "/progname =/s/python/python${_pybasever}/" Python/pythonrun.c
# Enable built-in SQLite3 module to load extensions (fix FS#22122)
sed -i "/SQLITE_OMIT_LOAD_EXTENSION/d" setup.py
# Ensure that we are using the system copy of various libraries (expat, zlib and libffi),
# rather than copies shipped in the tarball
rm -r Modules/expat
rm -r Modules/zlib
rm -r Modules/_ctypes/{darwin,libffi}*
# Here start the patches lib32 specific
# Temporary workaround for FS#22322
# See http://bugs.python.org/issue10835 for upstream report
sed -i "/progname =/s/python/python${_pybasever}-32/" Python/pythonrun.c
# FS#23997
sed -i -e "s|^#.* /usr/local/bin/python|#!/usr/bin/python2-32|" Lib/cgi.py
# Just how many places does one have to patch Python?
patch -Np2 < "${srcdir}/lib32-distutils-sysconfig.patch"
# Give the configuration script an extention
patch -Np2 < "${srcdir}/python-config-32.patch"
# Fix hard-coded paths
sed -i "s|base}/lib|base}/lib32|g" "${srcdir}/Python-${pkgver}/Lib/sysconfig.py"
sed -i "s|/include|/lib32/python{py_version_short}/include|g" "${srcdir}/Python-${pkgver}/Lib/sysconfig.py"
sed -i "s|lib/|lib32/|g" "${srcdir}/Python-${pkgver}/Modules/getpath.c"
sed -i "s|base/lib|base/lib32|g" "${srcdir}/Python-${pkgver}/Lib/distutils/command/install.py"
sed -i "s|/include|/lib32/python{py_version_short}/include|g" "${srcdir}/Python-${pkgver}/Lib/distutils/command/install.py"
sed -i "s|prefix)/lib|prefix)/lib32|g" "${srcdir}/Python-${pkgver}/Makefile.pre.in"
}
build() {
cd "${srcdir}/Python-${pkgver}"
export CC='gcc -m32'
export CXX='g++ -m32'
export LDFLAGS='-m32'
export PKG_CONFIG_PATH='/usr/lib32/pkgconfig'
CPPFLAGS+=" -I/usr/include/openssl-1.1"
LDFLAGS+=" -L/usr/lib32/openssl-1.1"
export OPT="${CFLAGS}"
./configure --prefix=/usr \
--enable-shared \
--with-threads \
--enable-optimizations \
--with-lto \
--enable-ipv6 \
--enable-unicode=ucs4 \
--with-system-expat \
--with-system-ffi \
--with-dbmliborder=gdbm:ndbm \
--without-ensurepip \
--libdir=/usr/lib32 \
--libexecdir=/usr/lib32 \
--includedir=/usr/lib32/python${_pybasever}/include \
--exec_prefix=/usr/lib32/python${_pybasever}/ \
--bindir=/usr/bin \
--sbindir=/usr/bin \
--with-suffix='-32'
make
}
package() {
cd "${srcdir}/Python-${pkgver}"
make DESTDIR="${pkgdir}" altinstall
ln -sf ../../libpython${_pybasever}.so "${pkgdir}"/usr/lib32/python${_pybasever}/config/libpython${_pybasever}.so
mv "${pkgdir}"/usr/bin/smtpd.py "${pkgdir}"/usr/lib32/python${_pybasever}/
# some useful "stuff"
install -dm755 "${pkgdir}"/usr/lib32/python${_pybasever}/Tools/{i18n,scripts}
install -m755 Tools/i18n/{msgfmt,pygettext}.py "${pkgdir}"/usr/lib32/python${_pybasever}/Tools/i18n/
install -m755 Tools/scripts/{README,*py} "${pkgdir}"/usr/lib32/python${_pybasever}/Tools/scripts/
# create symlinks
ln -s python2.7-32 "${pkgdir}"/usr/bin/python2-32
ln -s python2.7-32-config "${pkgdir}"/usr/bin/python2-32-config
# clean up #!s
find "${pkgdir}"/usr/lib32/python2.7/ -name '*.py' | xargs sed -i "s|#[ ]*![ ]*/usr/bin/env python$|#!/usr/bin/env python2.7-32|"
# clean-up reference to build directory
sed -i "s#${srcdir}/Python-${pkgver}:##" "${pkgdir}"/usr/lib32/python${_pybasever}/config/Makefile
# Clean up
rm -rf "${pkgdir}"/{etc,usr/{share,include}} # needs bin/
# Leave the python binary and configure script for depedants to find the headers
cd "${pkgdir}"/usr/bin
rm pydoc idle 2to3
}
|