From cc000a1a2c3946a849d8a557c81dbd5675261b24 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Mon, 22 May 2023 23:26:19 +0800 Subject: [PATCH] python3: Fix hashlib module not compiled for host Python 026-openssl-feature-flags.patch and 028-host-python-support-ssl-with-libressl.patch were removed in 4ecd9d67e90651a8e93760bf0b5771f7057c74a8 to fix the ssl module after libressl was upgraded to 3.7.0[1]. However, the cause of the ssl module build failure was only 028-host-python-support-ssl-with-libressl.patch. Removing 026-openssl-feature-flags.patch caused a build failure for the hashlib module. This restores 026-openssl-feature-flags.patch with an updated version of the patch from OpenBSD[2]. [1]: https://github.com/openwrt/packages/issues/20107 [2]: https://github.com/openbsd/ports/blob/26a04435bf2a09dcbe22b718bfee08997617a906/lang/python/3.10/patches/patch-Modules__hashopenssl_c Fixes: 4ecd9d67e906 ("python3: fix ssl support by removing libressl patches") Signed-off-by: Jeffery To (cherry picked from commit 02eb5c100c8462823ea19df6af637be97570ccdb) --- lang/python/python3/Makefile | 2 +- .../patches/026-openssl-feature-flags.patch | 65 +++++++++++++++++++ 2 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 lang/python/python3/patches/026-openssl-feature-flags.patch diff --git a/lang/python/python3/Makefile b/lang/python/python3/Makefile index 24e9a4a3a9..b1e292cbb3 100644 --- a/lang/python/python3/Makefile +++ b/lang/python/python3/Makefile @@ -11,7 +11,7 @@ include $(TOPDIR)/rules.mk include ../python3-version.mk PKG_NAME:=python3 -PKG_RELEASE:=9 +PKG_RELEASE:=10 PKG_VERSION:=$(PYTHON3_VERSION).$(PYTHON3_VERSION_MICRO) PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz diff --git a/lang/python/python3/patches/026-openssl-feature-flags.patch b/lang/python/python3/patches/026-openssl-feature-flags.patch new file mode 100644 index 0000000000..2546048b0d --- /dev/null +++ b/lang/python/python3/patches/026-openssl-feature-flags.patch @@ -0,0 +1,65 @@ +--- a/Modules/_hashopenssl.c ++++ b/Modules/_hashopenssl.c +@@ -45,10 +45,18 @@ + + #define MUNCH_SIZE INT_MAX + ++#ifdef NID_id_scrypt + #define PY_OPENSSL_HAS_SCRYPT 1 ++#endif ++#ifdef NID_sha3_256 + #define PY_OPENSSL_HAS_SHA3 1 ++#endif ++#ifdef NID_shake256 + #define PY_OPENSSL_HAS_SHAKE 1 ++#endif ++#ifdef NID_blake2s256 + #define PY_OPENSSL_HAS_BLAKE2 1 ++#endif + + #if OPENSSL_VERSION_NUMBER >= 0x30000000L + #define PY_EVP_MD EVP_MD +@@ -120,19 +128,27 @@ static const py_hashentry_t py_hashes[] + PY_HASH_ENTRY(Py_hash_sha384, "SHA384", SN_sha384, NID_sha384), + PY_HASH_ENTRY(Py_hash_sha512, "SHA512", SN_sha512, NID_sha512), + /* truncated sha2 */ ++#ifdef NID_sha512_256 + PY_HASH_ENTRY(Py_hash_sha512_224, "SHA512_224", SN_sha512_224, NID_sha512_224), + PY_HASH_ENTRY(Py_hash_sha512_256, "SHA512_256", SN_sha512_256, NID_sha512_256), ++#endif + /* sha3 */ ++#ifdef PY_OPENSSL_HAS_SHA3 + PY_HASH_ENTRY(Py_hash_sha3_224, NULL, SN_sha3_224, NID_sha3_224), + PY_HASH_ENTRY(Py_hash_sha3_256, NULL, SN_sha3_256, NID_sha3_256), + PY_HASH_ENTRY(Py_hash_sha3_384, NULL, SN_sha3_384, NID_sha3_384), + PY_HASH_ENTRY(Py_hash_sha3_512, NULL, SN_sha3_512, NID_sha3_512), ++#endif + /* sha3 shake */ ++#ifdef PY_OPENSSL_HAS_SHAKE + PY_HASH_ENTRY(Py_hash_shake_128, NULL, SN_shake128, NID_shake128), + PY_HASH_ENTRY(Py_hash_shake_256, NULL, SN_shake256, NID_shake256), ++#endif + /* blake2 digest */ ++#ifdef PY_OPENSSL_HAS_BLAKE2 + PY_HASH_ENTRY(Py_hash_blake2s, "blake2s256", SN_blake2s256, NID_blake2s256), + PY_HASH_ENTRY(Py_hash_blake2b, "blake2b512", SN_blake2b512, NID_blake2b512), ++#endif + PY_HASH_ENTRY(NULL, NULL, NULL, 0), + }; + +@@ -873,11 +889,15 @@ py_evp_fromname(PyObject *module, const + goto exit; + } + ++#ifndef EVP_MD_FLAG_XOF ++ type = get_hashlib_state(module)->EVPtype; ++#else + if ((EVP_MD_flags(digest) & EVP_MD_FLAG_XOF) == EVP_MD_FLAG_XOF) { + type = get_hashlib_state(module)->EVPXOFtype; + } else { + type = get_hashlib_state(module)->EVPtype; + } ++#endif + + self = newEVPobject(type); + if (self == NULL) { -- 2.30.2