dev-lang/python: add libressl support

This only affects ~arch or unkeyworded ebuilds.

1 files changed, 197 insertions, 0 deletions

diff --git a/dev-lang/python/files/python-3.3-libressl.patch b/dev-lang/python/files/python-3.3-libressl.patch
new file mode 100644
index 000000000000..38119c50dd56
--- /dev/null
+++ b/dev-lang/python/files/python-3.3-libressl.patch
@@ -0,0 +1,197 @@
+From eed8d3b553e00e04c1f97c87ea02723630fb15a4 Mon Sep 17 00:00:00 2001
+From: hasufell <hasufell@gentoo.org>
+Date: Sun, 20 Sep 2015 14:25:43 +0200
+Subject: [PATCH] Backport upstream libressl patches to python-3.3
+
+https://hg.python.org/cpython/raw-rev/7f82f50fdad0
+https://hg.python.org/cpython/raw-rev/4dac45f88d45
+---
+ Lib/ssl.py           |  7 ++++++-
+ Lib/test/test_ssl.py | 21 +++++++++++++--------
+ Modules/_ssl.c       |  4 ++++
+ configure            | 42 ++++++++++++++++++++++++++++++++++++++++++
+ configure.ac         |  3 +++
+ pyconfig.h.in        |  3 +++
+ 6 files changed, 71 insertions(+), 9 deletions(-)
+
+diff --git a/Lib/ssl.py b/Lib/ssl.py
+index cd8d6b4..445ae87 100644
+--- a/Lib/ssl.py
++++ b/Lib/ssl.py
+@@ -78,7 +78,12 @@ try:
+     from _ssl import OP_SINGLE_ECDH_USE
+ except ImportError:
+     pass
+-from _ssl import RAND_status, RAND_egd, RAND_add, RAND_bytes, RAND_pseudo_bytes
++from _ssl import RAND_status, RAND_add, RAND_bytes, RAND_pseudo_bytes
++try:
++    from _ssl import RAND_egd
++except ImportError:
++    # LibreSSL does not provide RAND_egd
++    pass
+ from _ssl import (
+     SSL_ERROR_ZERO_RETURN,
+     SSL_ERROR_WANT_READ,
+diff --git a/Lib/test/test_ssl.py b/Lib/test/test_ssl.py
+index 9fc6027..879f791 100644
+--- a/Lib/test/test_ssl.py
++++ b/Lib/test/test_ssl.py
+@@ -130,8 +130,9 @@ class BasicSocketTests(unittest.TestCase):
+         self.assertRaises(ValueError, ssl.RAND_bytes, -5)
+         self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5)
+ 
+-        self.assertRaises(TypeError, ssl.RAND_egd, 1)
+-        self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
++        if hasattr(ssl, 'RAND_egd'):
++            self.assertRaises(TypeError, ssl.RAND_egd, 1)
++            self.assertRaises(TypeError, ssl.RAND_egd, 'foo', 1)
+         ssl.RAND_add("this is a random string", 75.0)
+ 
+     @unittest.skipUnless(os.name == 'posix', 'requires posix')
+@@ -250,11 +251,11 @@ class BasicSocketTests(unittest.TestCase):
+         # Some sanity checks follow
+         # >= 0.9
+         self.assertGreaterEqual(n, 0x900000)
+-        # < 2.0
+-        self.assertLess(n, 0x20000000)
++        # < 3.0
++        self.assertLess(n, 0x30000000)
+         major, minor, fix, patch, status = t
+         self.assertGreaterEqual(major, 0)
+-        self.assertLess(major, 2)
++        self.assertLess(major, 3)
+         self.assertGreaterEqual(minor, 0)
+         self.assertLess(minor, 256)
+         self.assertGreaterEqual(fix, 0)
+@@ -263,9 +264,13 @@ class BasicSocketTests(unittest.TestCase):
+         self.assertLessEqual(patch, 26)
+         self.assertGreaterEqual(status, 0)
+         self.assertLessEqual(status, 15)
+-        # Version string as returned by OpenSSL, the format might change
+-        self.assertTrue(s.startswith("OpenSSL {:d}.{:d}.{:d}".format(major, minor, fix)),
+-                        (s, t))
++        # Version string as returned by {Open,Libre}SSL, the format might change
++        if "LibreSSL" in s:
++            self.assertTrue(s.startswith("LibreSSL {:d}.{:d}".format(major, minor)),
++                            (s, t))
++        else:
++            self.assertTrue(s.startswith("OpenSSL {:d}.{:d}.{:d}".format(major, minor, fix)),
++                            (s, t))
+ 
+     @support.cpython_only
+     def test_refcycle(self):
+diff --git a/Modules/_ssl.c b/Modules/_ssl.c
+index 499e8ba..cb151ba 100644
+--- a/Modules/_ssl.c
++++ b/Modules/_ssl.c
+@@ -2559,6 +2559,7 @@ Returns 1 if the OpenSSL PRNG has been seeded with enough data and 0 if not.\n\
+ It is necessary to seed the PRNG with RAND_add() on some platforms before\n\
+ using the ssl() function.");
+ 
++#ifdef HAVE_RAND_EGD
+ static PyObject *
+ PySSL_RAND_egd(PyObject *self, PyObject *args)
+ {
+@@ -2586,6 +2587,7 @@ PyDoc_STRVAR(PySSL_RAND_egd_doc,
+ Queries the entropy gather daemon (EGD) on the socket named by 'path'.\n\
+ Returns number of bytes read.  Raises SSLError if connection to EGD\n\
+ fails or if it does not provide enough data to seed PRNG.");
++#endif /* HAVE_RAND_EGD */
+ 
+ #endif /* HAVE_OPENSSL_RAND */
+ 
+@@ -2604,8 +2606,10 @@ static PyMethodDef PySSL_methods[] = {
+      PySSL_RAND_bytes_doc},
+     {"RAND_pseudo_bytes",   PySSL_RAND_pseudo_bytes, METH_VARARGS,
+      PySSL_RAND_pseudo_bytes_doc},
++#ifdef HAVE_RAND_EGD
+     {"RAND_egd",            PySSL_RAND_egd, METH_VARARGS,
+      PySSL_RAND_egd_doc},
++#endif
+     {"RAND_status",         (PyCFunction)PySSL_RAND_status, METH_NOARGS,
+      PySSL_RAND_status_doc},
+ #endif
+diff --git a/configure b/configure
+index 6be41f5..5b5a2a0 100755
+--- a/configure
++++ b/configure
+@@ -8823,6 +8823,48 @@ _ACEOF
+ 
+ fi
+ 	# Dynamic linking for HP-UX
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for RAND_egd in -lcrypto" >&5
++$as_echo_n "checking for RAND_egd in -lcrypto... " >&6; }
++if ${ac_cv_lib_crypto_RAND_egd+:} false; then :
++  $as_echo_n "(cached) " >&6
++else
++  ac_check_lib_save_LIBS=$LIBS
++LIBS="-lcrypto  $LIBS"
++cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++
++/* Override any GCC internal prototype to avoid an error.
++   Use char because int might match the return type of a GCC
++   builtin and then its argument prototype would still apply.  */
++#ifdef __cplusplus
++extern "C"
++#endif
++char RAND_egd ();
++int
++main ()
++{
++return RAND_egd ();
++  ;
++  return 0;
++}
++_ACEOF
++if ac_fn_c_try_link "$LINENO"; then :
++  ac_cv_lib_crypto_RAND_egd=yes
++else
++  ac_cv_lib_crypto_RAND_egd=no
++fi
++rm -f core conftest.err conftest.$ac_objext \
++    conftest$ac_exeext conftest.$ac_ext
++LIBS=$ac_check_lib_save_LIBS
++fi
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_RAND_egd" >&5
++$as_echo "$ac_cv_lib_crypto_RAND_egd" >&6; }
++if test "x$ac_cv_lib_crypto_RAND_egd" = xyes; then :
++
++$as_echo "#define HAVE_RAND_EGD 1" >>confdefs.h
++
++fi
++
+ 
+ # only check for sem_init if thread support is requested
+ if test "$with_threads" = "yes" -o -z "$with_threads"; then
+diff --git a/configure.ac b/configure.ac
+index 6a64bff..90f315a 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -2181,6 +2181,9 @@ AC_MSG_RESULT($SHLIBS)
+ AC_CHECK_LIB(sendfile, sendfile)
+ AC_CHECK_LIB(dl, dlopen)	# Dynamic linking for SunOS/Solaris and SYSV
+ AC_CHECK_LIB(dld, shl_load)	# Dynamic linking for HP-UX
++AC_CHECK_LIB(crypto, RAND_egd,
++             AC_DEFINE(HAVE_RAND_EGD, 1,
++             [Define if the libcrypto has RAND_egd]))
+ 
+ # only check for sem_init if thread support is requested
+ if test "$with_threads" = "yes" -o -z "$with_threads"; then
+diff --git a/pyconfig.h.in b/pyconfig.h.in
+index 0020300..0d37f67 100644
+--- a/pyconfig.h.in
++++ b/pyconfig.h.in
+@@ -660,6 +660,9 @@
+ /* Define to 1 if you have the `pwrite' function. */
+ #undef HAVE_PWRITE
+ 
++/* Define if the libcrypto has RAND_egd */
++#undef HAVE_RAND_EGD
++
+ /* Define to 1 if you have the `readlink' function. */
+ #undef HAVE_READLINK
+ 
+-- 
+2.5.2
+