From: Christopher Baines <mail@cbaines.net>
To: Lars-Dominik Braun <lars@6xq.net>
Cc: 44656@debbugs.gnu.org
Subject: [bug#44656] [PATCH] Upgrade pypy3
Date: Mon, 16 Nov 2020 17:26:32 +0000 [thread overview]
Message-ID: <874klpnrg7.fsf@cbaines.net> (raw)
In-Reply-To: <20201115195549.GA1304@noor.fritz.box>
[-- Attachment #1: Type: text/plain, Size: 3727 bytes --]
Lars-Dominik Braun <lars@6xq.net> writes:
>> If there are things that aren't essential to change when changing the
>> version, they're fine to have in subsequent commits/patches.
> the patches do not depend on each other. The second patch merely
> contains quality of life improvements that work with or without bumping
> the version. But I though I just send them in one go.
Fair enough, the version upgrade works fine for me.
Regarding the second patch:
diff --git a/gnu/packages/patches/pypy3-7.3.1-ssl-paths.patch b/gnu/packages/patches/pypy3-7.3.1-ssl-paths.patch
new file mode 100644
index 0000000000..d21133b4ae
--- /dev/null
+++ b/gnu/packages/patches/pypy3-7.3.1-ssl-paths.patch
@@ -0,0 +1,41 @@
+Fix default certificate search path, still allowing the user to override it
+with environment variables.
+
+--- a/lib_pypy/_cffi_ssl/_stdssl/__init__.py
++++ b/lib_pypy/_cffi_ssl/_stdssl/__init__.py
+@@ -1679,20 +1679,9 @@ def get_default_verify_paths():
+ https://golang.org/src/crypto/x509/root_linux.go (for the files)
+ '''
+ certFiles = [
+- "/etc/ssl/certs/ca-certificates.crt", # Debian/Ubuntu/Gentoo etc.
+- "/etc/pki/tls/certs/ca-bundle.crt", # Fedora/RHEL 6
+- "/etc/ssl/ca-bundle.pem", # OpenSUSE
+- "/etc/pki/tls/cacert.pem", # OpenELEC
+- "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", # CentOS/RHEL 7
+- "/etc/ssl/cert.pem", # Alpine Linux
+ ]
+ certDirectories = [
+- "/etc/ssl/certs", # SLES10/SLES11
+- "/system/etc/security/cacerts", # Android
+- "/usr/local/share/certs", # FreeBSD
+- "/etc/pki/tls/certs", # Fedora/RHEL
+- "/etc/openssl/certs", # NetBSD
+- "/var/ssl/certs", # AIX
++ "@GUIX_CERT_PATH@",
+ ]
I'm not sure about removing these bits. pypy3 from Guix may be used on
Debian or Fedora, and maybe using certificates from those systems would
be appropriate then?
+
+ # optimization: reuse the values from a local varaible
+@@ -1707,9 +1696,10 @@ def get_default_verify_paths():
+ ofile = _cstr_decode_fs(lib.X509_get_default_cert_file())
+ odir = _cstr_decode_fs(lib.X509_get_default_cert_dir())
+
+- if os.path.exists(ofile) and os.path.exists(odir):
+- get_default_verify_paths.retval = (ofile_env, ofile, odir_env, odir)
+- return get_default_verify_paths.retval
++ if not os.path.exists(ofile):
++ ofile = None
++ if not os.path.exists(odir):
++ odir = None
+
+ # OpenSSL didn't supply the goods. Try some other options
+ for f in certFiles:
@@ -793,7 +806,12 @@ ease from the desktop to a microcontroller or embedded system.")
; attribute 'IntFlag'
(invoke "python2" "package.py"
"--archive-name" "pypy-dist"
- "--builddir" (getcwd)))))
+ "--builddir" (getcwd))
+ ;; install pip and setuptools into the dist directory.
+ ;; XXX: Breaks virtualenv, because it does not set +w
+ ;; on files copied from the store.
+ ;(invoke "pypy-dist/bin/pypy3" "-m" "ensurepip")
+ )))
(replace 'check
(lambda* (#:key tests? #:allow-other-keys)
(if tests?
I'm not quite sure what this would do if it's commented back in.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 987 bytes --]
next prev parent reply other threads:[~2020-11-16 17:27 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-15 12:39 [bug#44656] [PATCH] Upgrade pypy3 Lars-Dominik Braun
2020-11-15 19:33 ` Christopher Baines
2020-11-15 19:55 ` Lars-Dominik Braun
2020-11-16 17:26 ` Christopher Baines [this message]
2020-11-17 9:38 ` Lars-Dominik Braun
2021-08-03 21:39 ` Maxim Cournoyer
2021-08-05 16:54 ` bug#44656: " Maxim Cournoyer
2021-08-06 7:30 ` [bug#44656] " Lars-Dominik Braun
2021-08-06 14:22 ` Maxim Cournoyer
2021-08-06 14:43 ` Lars-Dominik Braun
2021-08-07 1:29 ` Maxim Cournoyer
2021-08-07 6:59 ` Lars-Dominik Braun
2021-08-20 10:39 ` zimoun
2021-08-20 14:25 ` Lars-Dominik Braun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874klpnrg7.fsf@cbaines.net \
--to=mail@cbaines.net \
--cc=44656@debbugs.gnu.org \
--cc=lars@6xq.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).