[packages/python] - don't use getentropy on glibc 2.25 (because there are no fallbacks)

arekm arekm at pld-linux.org
Wed Jan 11 17:20:38 CET 2017 

commit fc5063445047789d0e84839f2f0c4ca9a5305737
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Wed Jan 11 17:20:29 2017 +0100

    - don't use getentropy on glibc 2.25 (because there are no fallbacks)

 python-no-getentropy.patch | 35 +++++++++++++++++++++++++++++++++++
 python.spec                |  3 +++
 2 files changed, 38 insertions(+)
---
diff --git a/python.spec b/python.spec
index 10b34c1..40f562c 100644
--- a/python.spec
+++ b/python.spec
@@ -63,6 +63,8 @@ Patch8:		%{name}-bdist_rpm.patch
 # https://bugs.python.org/issue10496
 Patch9:		https://bugs.python.org/file21896/nonexistent_user.patch
 # Patch9-md5:	db706fbe6de467c6e4c97c675eddf29a
+# https://hg.python.org/cpython/rev/13a39142c047
+Patch10:	%{name}-no-getentropy.patch
 URL:		https://www.python.org/
 BuildRequires:	autoconf >= 2.65
 BuildRequires:	automake
@@ -587,6 +589,7 @@ napisanego w Pythonie.
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
+%patch10 -p1
 
 tar xjf %{SOURCE1}
 
diff --git a/python-no-getentropy.patch b/python-no-getentropy.patch
new file mode 100644
index 0000000..35977a5
--- /dev/null
+++ b/python-no-getentropy.patch
@@ -0,0 +1,35 @@
+
+# HG changeset patch
+# User Victor Stinner <victor.stinner at gmail.com>
+# Date 1483956641 -3600
+# Node ID 13a39142c0473ecb64fcd4b12a915025df6e4310
+# Parent  cb4f73be9486d47f1dc4285998d1532d8857c59e
+Don't use getentropy() on Linux
+
+Issue #29188: Support glibc 2.24 on Linux: don't use getentropy() function but
+read from /dev/urandom to get random bytes, for example in os.urandom().  On
+Linux, getentropy() is implemented which getrandom() is blocking mode, whereas
+os.urandom() should not block.
+
+diff --git a/Python/random.c b/Python/random.c
+--- a/Python/random.c
++++ b/Python/random.c
+@@ -97,8 +97,15 @@ win32_urandom(unsigned char *buffer, Py_
+ }
+ 
+ /* Issue #25003: Don't use getentropy() on Solaris (available since
+- * Solaris 11.3), it is blocking whereas os.urandom() should not block. */
+-#elif defined(HAVE_GETENTROPY) && !defined(sun)
++   Solaris 11.3), it is blocking whereas os.urandom() should not block.
++
++   Issue #29188: Don't use getentropy() on Linux since the glibc 2.24
++   implements it with the getrandom() syscall which can fail with ENOSYS,
++   and this error is not supported in py_getentropy() and getrandom() is called
++   with flags=0 which blocks until system urandom is initialized, which is not
++   the desired behaviour to seed the Python hash secret nor for os.urandom():
++   see the PEP 524 which was only implemented in Python 3.6. */
++#elif defined(HAVE_GETENTROPY) && !defined(sun) && !defined(linux)
+ #define PY_GETENTROPY 1
+ 
+ /* Fill buffer with size pseudo-random bytes generated by getentropy().
+
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/python.git/commitdiff/fc5063445047789d0e84839f2f0c4ca9a5305737

More information about the pld-cvs-commit mailing list