[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#44656] [PATCH] Upgrade pypy3
From: |
Christopher Baines |
Subject: |
[bug#44656] [PATCH] Upgrade pypy3 |
Date: |
Mon, 16 Nov 2020 17:26:32 +0000 |
User-agent: |
mu4e 1.4.13; emacs 27.1 |
Lars-Dominik Braun <lars@6xq.net> writes:
>> If there are things that aren't essential to change when changing the
>> version, they're fine to have in subsequent commits/patches.
> the patches do not depend on each other. The second patch merely
> contains quality of life improvements that work with or without bumping
> the version. But I though I just send them in one go.
Fair enough, the version upgrade works fine for me.
Regarding the second patch:
diff --git a/gnu/packages/patches/pypy3-7.3.1-ssl-paths.patch
b/gnu/packages/patches/pypy3-7.3.1-ssl-paths.patch
new file mode 100644
index 0000000000..d21133b4ae
--- /dev/null
+++ b/gnu/packages/patches/pypy3-7.3.1-ssl-paths.patch
@@ -0,0 +1,41 @@
+Fix default certificate search path, still allowing the user to override it
+with environment variables.
+
+--- a/lib_pypy/_cffi_ssl/_stdssl/__init__.py
++++ b/lib_pypy/_cffi_ssl/_stdssl/__init__.py
+@@ -1679,20 +1679,9 @@ def get_default_verify_paths():
+ https://golang.org/src/crypto/x509/root_linux.go (for the files)
+ '''
+ certFiles = [
+- "/etc/ssl/certs/ca-certificates.crt", #
Debian/Ubuntu/Gentoo etc.
+- "/etc/pki/tls/certs/ca-bundle.crt", # Fedora/RHEL 6
+- "/etc/ssl/ca-bundle.pem", # OpenSUSE
+- "/etc/pki/tls/cacert.pem", # OpenELEC
+- "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", # CentOS/RHEL 7
+- "/etc/ssl/cert.pem", # Alpine Linux
+ ]
+ certDirectories = [
+- "/etc/ssl/certs", # SLES10/SLES11
+- "/system/etc/security/cacerts", # Android
+- "/usr/local/share/certs", # FreeBSD
+- "/etc/pki/tls/certs", # Fedora/RHEL
+- "/etc/openssl/certs", # NetBSD
+- "/var/ssl/certs", # AIX
++ "@GUIX_CERT_PATH@",
+ ]
I'm not sure about removing these bits. pypy3 from Guix may be used on
Debian or Fedora, and maybe using certificates from those systems would
be appropriate then?
+
+ # optimization: reuse the values from a local varaible
+@@ -1707,9 +1696,10 @@ def get_default_verify_paths():
+ ofile = _cstr_decode_fs(lib.X509_get_default_cert_file())
+ odir = _cstr_decode_fs(lib.X509_get_default_cert_dir())
+
+- if os.path.exists(ofile) and os.path.exists(odir):
+- get_default_verify_paths.retval = (ofile_env, ofile, odir_env, odir)
+- return get_default_verify_paths.retval
++ if not os.path.exists(ofile):
++ ofile = None
++ if not os.path.exists(odir):
++ odir = None
+
+ # OpenSSL didn't supply the goods. Try some other options
+ for f in certFiles:
@@ -793,7 +806,12 @@ ease from the desktop to a microcontroller or embedded
system.")
; attribute 'IntFlag'
(invoke "python2" "package.py"
"--archive-name" "pypy-dist"
- "--builddir" (getcwd)))))
+ "--builddir" (getcwd))
+ ;; install pip and setuptools into the dist directory.
+ ;; XXX: Breaks virtualenv, because it does not set +w
+ ;; on files copied from the store.
+ ;(invoke "pypy-dist/bin/pypy3" "-m" "ensurepip")
+ )))
(replace 'check
(lambda* (#:key tests? #:allow-other-keys)
(if tests?
I'm not quite sure what this would do if it's commented back in.
signature.asc
Description: PGP signature