commit: a67db7a3cb4295fa103b5d2879931f560f0a81bd Author: Mike Gilbert <floppym <AT> gentoo <DOT> org> AuthorDate: Wed Nov 1 16:02:54 2017 +0000 Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> CommitDate: Wed Nov 1 16:03:13 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a67db7a3
dev-lang/python: 3.4: disable getentropy() on linux Closes: https://bugs.gentoo.org/635534 Package-Manager: Portage-2.3.13, Repoman-2.3.3_p80 dev-lang/python/files/3.4-getentropy-linux.patch | 40 ++++++++++++++++++++++++ dev-lang/python/python-3.4.5.ebuild | 1 + dev-lang/python/python-3.4.6.ebuild | 1 + 3 files changed, 42 insertions(+) diff --git a/dev-lang/python/files/3.4-getentropy-linux.patch b/dev-lang/python/files/3.4-getentropy-linux.patch new file mode 100644 index 00000000000..9f12389bb25 --- /dev/null +++ b/dev-lang/python/files/3.4-getentropy-linux.patch @@ -0,0 +1,40 @@ +From 5635d44079e1bbd9c495951ede8d078e7b8d67d5 Mon Sep 17 00:00:00 2001 +From: Victor Stinner <[email protected]> +Date: Mon, 9 Jan 2017 11:10:41 +0100 +Subject: [PATCH] Don't use getentropy() on Linux + +Issue #29188: Support glibc 2.24 on Linux: don't use getentropy() function but +read from /dev/urandom to get random bytes, for example in os.urandom(). On +Linux, getentropy() is implemented which getrandom() is blocking mode, whereas +os.urandom() should not block. +--- + Python/random.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/Python/random.c b/Python/random.c +index af3d0bd0d5..dc6400d3b8 100644 +--- a/Python/random.c ++++ b/Python/random.c +@@ -67,9 +67,16 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) + return 0; + } + +-/* Issue #25003: Don' use getentropy() on Solaris (available since +- * Solaris 11.3), it is blocking whereas os.urandom() should not block. */ +-#elif defined(HAVE_GETENTROPY) && !defined(sun) ++/* Issue #25003: Don't use getentropy() on Solaris (available since ++ Solaris 11.3), it is blocking whereas os.urandom() should not block. ++ ++ Issue #29188: Don't use getentropy() on Linux since the glibc 2.24 ++ implements it with the getrandom() syscall which can fail with ENOSYS, ++ and this error is not supported in py_getentropy() and getrandom() is called ++ with flags=0 which blocks until system urandom is initialized, which is not ++ the desired behaviour to seed the Python hash secret nor for os.urandom(): ++ see the PEP 524 which was only implemented in Python 3.6. */ ++#elif defined(HAVE_GETENTROPY) && !defined(sun) && !defined(linux) + #define PY_GETENTROPY 1 + + /* Fill buffer with size pseudo-random bytes generated by getentropy(). +-- +2.15.0.rc2 + diff --git a/dev-lang/python/python-3.4.5.ebuild b/dev-lang/python/python-3.4.5.ebuild index 20fadf8ea6f..29991dd53ae 100644 --- a/dev-lang/python/python-3.4.5.ebuild +++ b/dev-lang/python/python-3.4.5.ebuild @@ -72,6 +72,7 @@ src_prepare() { EPATCH_SUFFIX="patch" epatch "${WORKDIR}/patches" epatch "${FILESDIR}/${PN}-3.4.3-ncurses-pkg-config.patch" epatch "${FILESDIR}/${PN}-3.4.5-cross.patch" + epatch "${FILESDIR}/3.4-getentropy-linux.patch" epatch_user diff --git a/dev-lang/python/python-3.4.6.ebuild b/dev-lang/python/python-3.4.6.ebuild index 80dffce2af5..4e06debaade 100644 --- a/dev-lang/python/python-3.4.6.ebuild +++ b/dev-lang/python/python-3.4.6.ebuild @@ -72,6 +72,7 @@ src_prepare() { EPATCH_SUFFIX="patch" epatch "${WORKDIR}/patches" epatch "${FILESDIR}/${PN}-3.4.3-ncurses-pkg-config.patch" epatch "${FILESDIR}/${PN}-3.4.5-cross.patch" + epatch "${FILESDIR}/3.4-getentropy-linux.patch" epatch_user
