SLFO-pool/python-grpcio
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: SLFO-pool:1.1
Branches Tags
SLFO-pool:main SLFO-pool:1.1
...
pull from: SLFO-pool:main
Branches Tags
SLFO-pool:main SLFO-pool:1.1

1 Commits
1.1 ... main

Author SHA256 Message Date
Adrian Schröter
8261337b6d Sync from SUSE:SLFO:Main python-grpcio revision c265f3309b951c8456ab12728185d56a 2025-04-25 21:32:24 +02:00
10 changed files with 166 additions and 309 deletions
Expand all files Collapse all files

64
fix-return-values.patch Normal file
View File

@@ -0,0 +1,64 @@
Index: grpcio-1.68.1/src/core/lib/promise/party.h
===================================================================
--- grpcio-1.68.1.orig/src/core/lib/promise/party.h
+++ grpcio-1.68.1/src/core/lib/promise/party.h
@@ -269,6 +269,7 @@ class Party : public Activity, private W
Crash(
"unreachable: promises should not be repolled after completion");
}
+ return false;
}
// Outside party poll: check whether the spawning party has completed this
@@ -281,6 +282,7 @@ class Party : public Activity, private W
case State::kResult:
return std::move(result_);
}
+ return Pending{};
}
void Destroy() override { this->Unref(); }
Index: grpcio-1.68.1/src/core/lib/transport/call_state.h
===================================================================
--- grpcio-1.68.1.orig/src/core/lib/transport/call_state.h
+++ grpcio-1.68.1/src/core/lib/transport/call_state.h
@@ -151,6 +151,7 @@ class CallState {
case ClientToServerPullState::kTerminated:
return "Terminated";
}
+ return "";
}
template <typename Sink>
friend void AbslStringify(Sink& out, ClientToServerPullState state) {
@@ -181,6 +182,7 @@ class CallState {
case ClientToServerPushState::kFinished:
return "Finished";
}
+ return "";
}
template <typename Sink>
friend void AbslStringify(Sink& out, ClientToServerPushState state) {
@@ -231,6 +233,7 @@ class CallState {
case ServerToClientPullState::kTerminated:
return "Terminated";
}
+ return "";
}
template <typename Sink>
friend void AbslStringify(Sink& out, ServerToClientPullState state) {
@@ -268,6 +271,7 @@ class CallState {
case ServerToClientPushState::kFinished:
return "Finished";
}
+ return "";
}
template <typename Sink>
friend void AbslStringify(Sink& out, ServerToClientPushState state) {
@@ -298,6 +302,7 @@ class CallState {
case ServerTrailingMetadataState::kPulledCancel:
return "PulledCancel";
}
+ return "";
}
template <typename Sink>
friend void AbslStringify(Sink& out, ServerTrailingMetadataState state) {

BIN
grpcio-1.60.0.tar.gz (Stored with Git LFS)
View File

Binary file not shown.

BIN
grpcio-1.69.0.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

25
python-grpcio-CVE-2024-11407.patch
View File

@@ -1,25 +0,0 @@
From e9046b2bbebc0cb7f5dc42008f807f6c7e98e791 Mon Sep 17 00:00:00 2001
From: Vignesh Babu <vigneshbabu@google.com>
Date: Thu, 12 Sep 2024 11:13:45 -0700
Subject: [PATCH] [EventEngine] Fix bug in Tx0cp code path in posix endpoint.
This fix ensures that the iov_base pointers point to the right address.
PiperOrigin-RevId: 673923651
---
src/core/lib/event_engine/posix_engine/posix_endpoint.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: grpc-1.60.0/src/core/lib/event_engine/posix_engine/posix_endpoint.cc
===================================================================
--- grpc-1.60.0.orig/src/core/lib/event_engine/posix_engine/posix_endpoint.cc
+++ grpc-1.60.0/src/core/lib/event_engine/posix_engine/posix_endpoint.cc
@@ -239,7 +239,7 @@ msg_iovlen_type TcpZerocopySendRecord::P
iov_size++) {
MutableSlice& slice = internal::SliceCast<MutableSlice>(
buf_.MutableSliceAt(out_offset_.slice_idx));
- iov[iov_size].iov_base = slice.begin();
+ iov[iov_size].iov_base = slice.begin() + out_offset_.byte_idx;
iov[iov_size].iov_len = slice.length() - out_offset_.byte_idx;
*sending_length += iov[iov_size].iov_len;
++(out_offset_.slice_idx);

181
python-grpcio-CVE-2024-7246.patch
View File

@@ -1,181 +0,0 @@
diff --git a/src/core/ext/transport/chttp2/transport/hpack_parser.cc b/src/core/ext/transport/chttp2/transport/hpack_parser.cc
index 31bf46456f1d0..f2fe80c504e58 100644
--- a/src/core/ext/transport/chttp2/transport/hpack_parser.cc
+++ b/src/core/ext/transport/chttp2/transport/hpack_parser.cc
@@ -91,12 +91,14 @@ constexpr Base64InverseTable kBase64InverseTable;
class HPackParser::Input {
public:
Input(grpc_slice_refcount* current_slice_refcount, const uint8_t* begin,
- const uint8_t* end, absl::BitGenRef bitsrc, HpackParseResult& error)
+ const uint8_t* end, absl::BitGenRef bitsrc,
+ HpackParseResult& frame_error, HpackParseResult& field_error)
: current_slice_refcount_(current_slice_refcount),
begin_(begin),
end_(end),
frontier_(begin),
- error_(error),
+ frame_error_(frame_error),
+ field_error_(field_error),
bitsrc_(bitsrc) {}
// If input is backed by a slice, retrieve its refcount. If not, return
@@ -215,14 +217,18 @@ class HPackParser::Input {
// Check if we saw an EOF
bool eof_error() const {
- return min_progress_size_ != 0 || error_.connection_error();
+ return min_progress_size_ != 0 || frame_error_.connection_error();
+ }
+
+ // Reset the field error to be ok
+ void ClearFieldError() {
+ if (field_error_.ok()) return;
+ field_error_ = HpackParseResult();
}
// Minimum number of bytes to unstuck the current parse
size_t min_progress_size() const { return min_progress_size_; }
- bool has_error() const { return !error_.ok(); }
-
// Set the current error - tweaks the error to include a stream id so that
// chttp2 does not close the connection.
// Intended for errors that are specific to a stream and recoverable.
@@ -246,10 +252,7 @@ class HPackParser::Input {
// read prior to being able to get further in this parse.
void UnexpectedEOF(size_t min_progress_size) {
GPR_ASSERT(min_progress_size > 0);
- if (min_progress_size_ != 0 || error_.connection_error()) {
- GPR_DEBUG_ASSERT(eof_error());
- return;
- }
+ if (eof_error()) return;
// Set min progress size, taking into account bytes parsed already but not
// consumed.
min_progress_size_ = min_progress_size + (begin_ - frontier_);
@@ -302,13 +305,18 @@ class HPackParser::Input {
// Do not use this directly, instead use SetErrorAndContinueParsing or
// SetErrorAndStopParsing.
void SetError(HpackParseResult error) {
- if (!error_.ok() || min_progress_size_ > 0) {
- if (error.connection_error() && !error_.connection_error()) {
- error_ = std::move(error); // connection errors dominate
+ SetErrorFor(frame_error_, error);
+ SetErrorFor(field_error_, std::move(error));
+ }
+
+ void SetErrorFor(HpackParseResult& error, HpackParseResult new_error) {
+ if (!error.ok() || min_progress_size_ > 0) {
+ if (new_error.connection_error() && !error.connection_error()) {
+ error = std::move(new_error); // connection errors dominate
}
return;
}
- error_ = std::move(error);
+ error = std::move(new_error);
}
// Refcount if we are backed by a slice
@@ -320,7 +328,8 @@ class HPackParser::Input {
// Frontier denotes the first byte past successfully processed input
const uint8_t* frontier_;
// Current error
- HpackParseResult& error_;
+ HpackParseResult& frame_error_;
+ HpackParseResult& field_error_;
// If the error was EOF, we flag it here by noting how many more bytes would
// be needed to make progress
size_t min_progress_size_ = 0;
@@ -597,6 +606,7 @@ class HPackParser::Parser {
bool ParseTop() {
GPR_DEBUG_ASSERT(state_.parse_state == ParseState::kTop);
auto cur = *input_->Next();
+ input_->ClearFieldError();
switch (cur >> 4) {
// Literal header not indexed - First byte format: 0000xxxx
// Literal header never indexed - First byte format: 0001xxxx
@@ -702,7 +712,7 @@ class HPackParser::Parser {
break;
}
gpr_log(
- GPR_DEBUG, "HTTP:%d:%s:%s: %s%s", log_info_.stream_id, type,
+ GPR_INFO, "HTTP:%d:%s:%s: %s%s", log_info_.stream_id, type,
log_info_.is_client ? "CLI" : "SVR", memento.md.DebugString().c_str(),
memento.parse_status == nullptr
? ""
@@ -951,11 +961,10 @@ class HPackParser::Parser {
state_.string_length)
: String::Parse(input_, state_.is_string_huff_compressed,
state_.string_length);
- HpackParseResult& status = state_.frame_error;
absl::string_view key_string;
if (auto* s = absl::get_if<Slice>(&state_.key)) {
key_string = s->as_string_view();
- if (status.ok()) {
+ if (state_.field_error.ok()) {
auto r = ValidateKey(key_string);
if (r != ValidateMetadataResult::kOk) {
input_->SetErrorAndContinueParsing(
@@ -965,7 +974,7 @@ class HPackParser::Parser {
} else {
const auto* memento = absl::get<const HPackTable::Memento*>(state_.key);
key_string = memento->md.key();
- if (status.ok() && memento->parse_status != nullptr) {
+ if (state_.field_error.ok() && memento->parse_status != nullptr) {
input_->SetErrorAndContinueParsing(*memento->parse_status);
}
}
@@ -992,16 +1001,16 @@ class HPackParser::Parser {
key_string.size() + value.wire_size + hpack_constants::kEntryOverhead;
auto md = grpc_metadata_batch::Parse(
key_string, std::move(value_slice), state_.add_to_table, transport_size,
- [key_string, &status, this](absl::string_view message, const Slice&) {
- if (!status.ok()) return;
+ [key_string, this](absl::string_view message, const Slice&) {
+ if (!state_.field_error.ok()) return;
input_->SetErrorAndContinueParsing(
HpackParseResult::MetadataParseError(key_string));
gpr_log(GPR_ERROR, "Error parsing '%s' metadata: %s",
std::string(key_string).c_str(),
std::string(message).c_str());
});
- HPackTable::Memento memento{std::move(md),
- status.PersistentStreamErrorOrNullptr()};
+ HPackTable::Memento memento{
+ std::move(md), state_.field_error.PersistentStreamErrorOrNullptr()};
input_->UpdateFrontier();
state_.parse_state = ParseState::kTop;
if (state_.add_to_table) {
@@ -1163,13 +1172,13 @@ grpc_error_handle HPackParser::Parse(
std::vector<uint8_t> buffer = std::move(unparsed_bytes_);
return ParseInput(
Input(nullptr, buffer.data(), buffer.data() + buffer.size(), bitsrc,
- state_.frame_error),
+ state_.frame_error, state_.field_error),
is_last, call_tracer);
}
- return ParseInput(
- Input(slice.refcount, GRPC_SLICE_START_PTR(slice),
- GRPC_SLICE_END_PTR(slice), bitsrc, state_.frame_error),
- is_last, call_tracer);
+ return ParseInput(Input(slice.refcount, GRPC_SLICE_START_PTR(slice),
+ GRPC_SLICE_END_PTR(slice), bitsrc, state_.frame_error,
+ state_.field_error),
+ is_last, call_tracer);
}
grpc_error_handle HPackParser::ParseInput(
diff --git a/src/core/ext/transport/chttp2/transport/hpack_parser.h b/src/core/ext/transport/chttp2/transport/hpack_parser.h
index 37456683b6468..55842e47eb228 100644
--- a/src/core/ext/transport/chttp2/transport/hpack_parser.h
+++ b/src/core/ext/transport/chttp2/transport/hpack_parser.h
@@ -236,6 +236,8 @@ class HPackParser {
HPackTable hpack_table;
// Error so far for this frame (set by class Input)
HpackParseResult frame_error;
+ // Error so far for this field (set by class Input)
+ HpackParseResult field_error;
// Length of frame so far.
uint32_t frame_length = 0;
// Length of the string being parsed

63
python-grpcio-cython3-compat.patch
View File

@@ -1,63 +0,0 @@
Index: grpcio-1.60.0/src/python/grpcio/grpc/_cython/_cygrpc/vtable.pyx.pxi
===================================================================
--- grpcio-1.60.0.orig/src/python/grpcio/grpc/_cython/_cygrpc/vtable.pyx.pxi
+++ grpcio-1.60.0/src/python/grpcio/grpc/_cython/_cygrpc/vtable.pyx.pxi
@@ -13,16 +13,16 @@
# limitations under the License.
# TODO(https://github.com/grpc/grpc/issues/15662): Reform this.
-cdef void* _copy_pointer(void* pointer):
+cdef void* _copy_pointer(void* pointer) noexcept:
return pointer
# TODO(https://github.com/grpc/grpc/issues/15662): Reform this.
-cdef void _destroy_pointer(void* pointer):
+cdef void _destroy_pointer(void* pointer) noexcept:
pass
-cdef int _compare_pointer(void* first_pointer, void* second_pointer):
+cdef int _compare_pointer(void* first_pointer, void* second_pointer) noexcept:
if first_pointer < second_pointer:
return -1
elif first_pointer > second_pointer:
Index: grpcio-1.60.0/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi
===================================================================
--- grpcio-1.60.0.orig/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi
+++ grpcio-1.60.0/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi
@@ -316,7 +316,7 @@ def server_credentials_ssl_dynamic_cert_
return credentials
cdef grpc_ssl_certificate_config_reload_status _server_cert_config_fetcher_wrapper(
- void* user_data, grpc_ssl_server_certificate_config **config) with gil:
+ void* user_data, grpc_ssl_server_certificate_config **config) noexcept with gil:
# This is a credentials.ServerCertificateConfig
cdef ServerCertificateConfig cert_config = None
if not user_data:
Index: grpcio-1.60.0/src/python/grpcio/grpc/_cython/_cygrpc/aio/callback_common.pyx.pxi
===================================================================
--- grpcio-1.60.0.orig/src/python/grpcio/grpc/_cython/_cygrpc/aio/callback_common.pyx.pxi
+++ grpcio-1.60.0/src/python/grpcio/grpc/_cython/_cygrpc/aio/callback_common.pyx.pxi
@@ -50,7 +50,7 @@ cdef class CallbackWrapper:
@staticmethod
cdef void functor_run(
grpc_completion_queue_functor* functor,
- int success):
+ int success) noexcept:
cdef CallbackContext *context = <CallbackContext *>functor
cdef object waiter = <object>context.waiter
if not waiter.cancelled():
Index: grpcio-1.60.0/src/python/grpcio/grpc/_cython/_cygrpc/aio/callback_common.pxd.pxi
===================================================================
--- grpcio-1.60.0.orig/src/python/grpcio/grpc/_cython/_cygrpc/aio/callback_common.pxd.pxi
+++ grpcio-1.60.0/src/python/grpcio/grpc/_cython/_cygrpc/aio/callback_common.pxd.pxi
@@ -48,7 +48,7 @@ cdef class CallbackWrapper:
@staticmethod
cdef void functor_run(
grpc_completion_queue_functor* functor,
- int succeed)
+ int succeed) noexcept
cdef grpc_completion_queue_functor *c_functor(self)

102
python-grpcio.changes
View File

@@ -1,12 +1,88 @@
-------------------------------------------------------------------
Tue Dec 17 15:06:09 UTC 2024 - pgajdos@suse.com
Mon Jan 20 14:23:28 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- security update
- added patches
fix CVE-2024-11407 [bsc#1233821], servers with transmit zero copy enabled through GRPC_ARG_TCP_TX_ZEROCOPY_ENABLED can experience data corruption issues
+ python-grpcio-CVE-2024-11407.patch
fix CVE-2024-7246 [bsc#1228919], gRPC clients communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend
+ python-grpcio-CVE-2024-7246.patch
- Update to version 1.69.0
* [Build] Override MACOSX_DEPLOYMENT_TARGET for gRPC Python. (#37997)
- from version 1.68.2
* No Python-specific changes.
-------------------------------------------------------------------
Wed Dec 18 11:13:30 UTC 2024 - Atri Bhattacharya <badshah400@gmail.com>
- Update to version 1.68.1 (CVE-2024-11407, bsc#1233821):
* No Python specific changes.
- Changes from version 1.68.0:
* Add templating and support for Python 3.13
(gh#grpc/grpc#37643).
-------------------------------------------------------------------
Mon Nov 11 14:35:18 UTC 2024 - Adrian Schröter <adrian@suse.de>
- Update to version 1.67.1 (CVE-2024-7246, bsc#1228919):
* Add templating and support for Python 3.13
* Add templating and support for Python 3.13
* Change warning to RuntimeError for version incompatibility.
* reflection returns original_request.
- Added fix-return-values.patch for compile failures
- Removed obsolete terminate.patch
-------------------------------------------------------------------
Wed Jul 17 10:56:55 UTC 2024 - Atri Bhattacharya <badshah400@gmail.com>
- Update to version 1.65.0:
* [Python O11y] Implement CSM observability for Python
(gh#grpc/grpc#36557).
* [Python AIO] Return EOF from UnaryStreamCall.read() as
documented (gh#grpc/grpc#36660).
* [Python Otel] Deprecate target_attribute_filter
(gh#grpc/grpc#36697).
* [Python Server] Remove abstractmethod notation for
add_registered_method_handlers (gh#grpc/grpc#36684).
- Drop python-grpcio-cython3-compat.patch: upstreamed.
- Rebase xxhash-avoid-armv6-unaligned-access.patch and
xxhash-ppc64le-gcc7.patch to apply with -p1 from top level dir,
for easier maintenance.
-------------------------------------------------------------------
Sun Apr 21 16:12:45 UTC 2024 - Dirk Müller <dmueller@suse.com>
- update to 1.62.2:
* [Fix Python Deadlock] Guard
grpc_google_default_credentials_create with nogil
-------------------------------------------------------------------
Wed Mar 20 07:41:06 UTC 2024 - Atri Bhattacharya <badshah400@gmail.com>
- Update to version 1.62.1:
* This release contains refinements, improvements, and bug
fixes.
-------------------------------------------------------------------
Mon Feb 26 19:09:09 UTC 2024 - Robert Schweikert <rjschwei@suse.com>
- Version update in SLE 15 SP4 and later (jsc#PED-6697)
-------------------------------------------------------------------
Fri Feb 23 22:10:40 UTC 2024 - Atri Bhattacharya <badshah400@gmail.com>
- Update to version 1.62.0:
* [Python AIO] Handle DeprecationWarnings when get current loop
(gh#grpc/grpc#35583).
* [Python AIO] Raise resource_exhausted error in case of
concurrent RPC limit exceeded (gh#grpc/grpc#35376).
* [Python O11y] Build and distrib O11y package
(gh#grpc/grpc#35578).
* [Python setuptools] Import error from distutils for lower
version of setuptools (gh#grpc/grpc#35561).
- Add terminate.patch: Fix control reaching end of non-void
function.
- Rebase python-grpcio-cython3-compat.patch for updated version.
-------------------------------------------------------------------
Fri Feb 9 12:10:38 UTC 2024 - Dirk Müller <dmueller@suse.com>
- update to 1.60.1:
* Revert change to print backtrace in server
-------------------------------------------------------------------
Fri Dec 15 14:47:42 UTC 2023 - Atri Bhattacharya <badshah400@gmail.com>
@@ -22,7 +98,7 @@ Wed Nov 22 17:38:11 UTC 2023 - Antonio Larrosa <alarrosa@suse.com>
when using gcc 7 (boo#1208794).
- add patch xxhash-avoid-armv6-unaligned-access.patch
do not expect unaligned accesses to work on armv6, it breaks
in our build setup using aarch64 kernels
in our build setup using aarch64 kernels
-------------------------------------------------------------------
Tue Oct 31 08:50:42 UTC 2023 - Atri Bhattacharya <badshah400@gmail.com>
@@ -54,7 +130,7 @@ Sun Sep 17 13:22:25 UTC 2023 - Atri Bhattacharya <badshah400@gmail.com>
-------------------------------------------------------------------
Wed Aug 30 17:07:21 UTC 2023 - Atri Bhattacharya <badshah400@gmail.com>
- Update to version 1.57.0:
- Update to version 1.57.0: (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)
* [posix] Enable systemd sockets for libsystemd>=233
(gh#grpc/grpc#32671).
* [python O11Y] Initial Implementation (gh#grpc/grpc#32974).
@@ -93,7 +169,7 @@ Sun Jul 2 12:33:22 UTC 2023 - ecsos <ecsos@opensuse.org>
-------------------------------------------------------------------
Fri Jun 30 15:47:01 UTC 2023 - Atri Bhattacharya <badshah400@gmail.com>
- Update to version 1.56.0:
- Update to version 1.56.0: (CVE-2023-32731, bsc#1212180)
* [aio types] Fix some grpc.aio python types
(gh#grpc/grpc#32475).
@@ -111,7 +187,7 @@ Sat Jun 10 16:26:53 UTC 2023 - Atri Bhattacharya <badshah400@gmail.com>
-------------------------------------------------------------------
Fri Apr 28 04:39:48 UTC 2023 - Atri Bhattacharya <badshah400@gmail.com>
- Update to version 1.54.0:
- Update to version 1.54.0: (CVE-2023-32732, bsc#1212182)
* Fix DeprecationWarning when calling asyncio.get_event_loop()
(gh#grpc/grpc#32533).
* Remove references to deprecated syntax field
@@ -159,7 +235,7 @@ Sat Jun 4 14:52:05 UTC 2022 - Dirk Müller <dmueller@suse.com>
- update to 1.46.3:
* backport: xds: use federation env var to guard new-style resource name parsing
* This release contains refinements, improvements, and bug fixes.
* This release contains refinements, improvements, and bug fixes.
-------------------------------------------------------------------
Fri May 6 17:37:43 UTC 2022 - Atri Bhattacharya <badshah400@gmail.com>
@@ -214,7 +290,7 @@ Tue Feb 8 23:52:07 UTC 2022 - Atri Bhattacharya <badshah400@gmail.com>
Tue Oct 26 20:44:15 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 1.41.1:
* This is release 1.41.0 (goat) of gRPC Core.
* This is release 1.41.0 (goat) of gRPC Core.
-------------------------------------------------------------------
Thu Oct 21 13:16:01 UTC 2021 - Atri Bhattacharya <badshah400@gmail.com>

22
python-grpcio.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package python-grpcio
#
# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,27 +17,20 @@
%global modname grpcio
# PYTHON2 NOT SUPPORTED BY UPSTREAM
%define skip_python2 1
%{?sle15_python_module_pythons}
Name: python-grpcio
Version: 1.60.0
Version: 1.69.0
Release: 0
Summary: HTTP/2-based Remote Procedure Call implementation
License: Apache-2.0
Group: Development/Languages/Python
URL: https://grpc.io
Source: https://files.pythonhosted.org/packages/source/g/grpcio/grpcio-%{version}.tar.gz
# PATCH-FIX-UPSTREAM python-grpcio-cython3-compat.patch gh#grpc/grpc#33918 badshah400@gmail.com -- Fix noexcept errors upon compiling with Cython 3+
Patch0: python-grpcio-cython3-compat.patch
# PATCH-FIX-SLE xxhash-avoid-armv6-unaligned-access.patch alarrosa@suse.com -- do not expect unaligned accesses to work on armv6
Patch1: xxhash-avoid-armv6-unaligned-access.patch
# PATCH-FIX-SLE xxhash-ppc64le-gcc7.patch boo#1208794 alarrosa@suse.com -- fix build failure on ppc64le when using gcc 7
Patch2: xxhash-ppc64le-gcc7.patch
# CVE-2024-7246 [bsc#1228919], gRPC clients communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend
Patch3: python-grpcio-CVE-2024-7246.patch
# CVE-2024-11407 [bsc#1233821], servers with transmit zero copy enabled through GRPC_ARG_TCP_TX_ZEROCOPY_ENABLED can experience data corruption issues
Patch4: python-grpcio-CVE-2024-11407.patch
Patch3: fix-return-values.patch
BuildRequires: %{python_module Cython >= 0.29.8}
BuildRequires: %{python_module devel >= 3.7}
BuildRequires: %{python_module pip}
@@ -64,14 +57,7 @@ and server applications to communicate, and enables the building of
connected systems.
%prep
%autosetup -N -n grpcio-%{version}
%patch0 -p1
pushd third_party/xxhash
%patch1 -p1
%patch2 -p1
popd
%patch3 -p1
%patch4 -p1
%autosetup -p1 -n grpcio-%{version}
%build
export GRPC_BUILD_WITH_BORING_SSL_ASM=false

6
xxhash-avoid-armv6-unaligned-access.patch
View File

@@ -1,7 +1,7 @@
Index: xxHash-0.8.1/xxhash.h
Index: grpcio/third_party/xxhash/xxhash.h
===================================================================
--- xxHash-0.8.1.orig/xxhash.h
+++ xxHash-0.8.1/xxhash.h
--- grpcio.orig/third_party/xxhash/xxhash.h
+++ grpcio/third_party/xxhash/xxhash.h
@@ -1408,7 +1408,7 @@ XXH3_128bits_reset_withSecretandSeed(XXH
(defined(__INTEL_COMPILER) && !defined(_WIN32)) || \
( \

6
xxhash-ppc64le-gcc7.patch
View File

@@ -7,10 +7,10 @@ Subject: [PATCH] Fix compilation on RHEL 7 ppc64le (gcc 4.8)
xxhash.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/xxhash.h b/xxhash.h
diff --git a/third_party/xxhash/xxhash.h b/third_party/xxhash/xxhash.h
index 08ab794..7850622 100644
--- a/xxhash.h
+++ b/xxhash.h
--- a/third_party/xxhash/xxhash.h
+++ b/third_party/xxhash/xxhash.h
@@ -4129,7 +4129,7 @@ XXH3_accumulate_512_vsx( void* XXH_RESTRICT acc,
const void* XXH_RESTRICT secret)
{