From 9fa4687efcbf018e9a88daa36b5c67505aec56e487dda4fe0316ab69d1d35454 Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Sat, 19 Apr 2025 18:46:57 +0000 Subject: [PATCH] - Add gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch which makes test_ssl not to stop ThreadedEchoServer on OSError, which makes test_ssl pass with OpenSSL 3.5 (bsc#1241067, gh#python/cpython!126572) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python311?expand=0&rev=170 --- ...l-no-stop-ThreadedEchoServer-OSError.patch | 82 +++++++++++++++++++ python311-rpmlintrc | 1 + python311.changes | 6 +- python311.spec | 5 ++ 4 files changed, 93 insertions(+), 1 deletion(-) create mode 100644 gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch diff --git a/gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch b/gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch new file mode 100644 index 0000000..5c26386 --- /dev/null +++ b/gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch @@ -0,0 +1,82 @@ +From 3d390148c05a7ea2d401c4633e7d4db75ebf97d9 Mon Sep 17 00:00:00 2001 +From: Petr Viktorin +Date: Thu, 7 Nov 2024 11:07:02 +0100 +Subject: [PATCH] gh-126500: test_ssl: Don't stop ThreadedEchoServer on OSError + in ConnectionHandler; rely on __exit__ (GH-126503) + +If `read()` in the ConnectionHandler thread raises `OSError` (except `ConnectionError`), +the ConnectionHandler shuts down the entire ThreadedEchoServer, +preventing further connections. +It also does that for `EPROTOTYPE` in `wrap_conn`. + +As far as I can see, this is done to avoid the server thread getting stuck, +forgotten, in its accept loop. However, since 2011 (5b95eb90a7167285b6544b50865227c584943c9a) +the server is used as a context manager, and its `__exit__` does `stop()` and `join()`. +(I'm not sure if we *always* used `with` since that commit, but currently we do.) + +Make sure that the context manager *is* used, and remove the `server.stop()` +calls from ConnectionHandler. +(cherry picked from commit c9cda1608edf7664c10f4f467e24591062c2fe62) + +Co-authored-by: Petr Viktorin +--- + Lib/test/test_ssl.py | 17 ++++++++++++----- + 1 file changed, 12 insertions(+), 5 deletions(-) + +Index: Python-3.11.12/Lib/test/test_ssl.py +=================================================================== +--- Python-3.11.12.orig/Lib/test/test_ssl.py 2025-04-19 19:55:02.157545844 +0200 ++++ Python-3.11.12/Lib/test/test_ssl.py 2025-04-19 19:55:05.014552345 +0200 +@@ -2516,7 +2516,6 @@ + # See also http://erickt.github.io/blog/2014/11/19/adventures-in-debugging-a-potential-osx-kernel-bug/ + if e.errno != errno.EPROTOTYPE and sys.platform != "darwin": + self.running = False +- self.server.stop() + self.close() + return False + else: +@@ -2651,10 +2650,6 @@ + self.close() + self.running = False + +- # normally, we'd just stop here, but for the test +- # harness, we want to stop the server +- self.server.stop() +- + def __init__(self, certificate=None, ssl_version=None, + certreqs=None, cacerts=None, + chatty=True, connectionchatty=False, starttls_server=False, +@@ -2688,21 +2683,33 @@ + self.conn_errors = [] + threading.Thread.__init__(self) + self.daemon = True ++ self._in_context = False + + def __enter__(self): ++ if self._in_context: ++ raise ValueError('Re-entering ThreadedEchoServer context') ++ self._in_context = True + self.start(threading.Event()) + self.flag.wait() + return self + + def __exit__(self, *args): ++ assert self._in_context ++ self._in_context = False + self.stop() + self.join() + + def start(self, flag=None): ++ if not self._in_context: ++ raise ValueError( ++ 'ThreadedEchoServer must be used as a context manager') + self.flag = flag + threading.Thread.start(self) + + def run(self): ++ if not self._in_context: ++ raise ValueError( ++ 'ThreadedEchoServer must be used as a context manager') + self.sock.settimeout(1.0) + self.sock.listen(5) + self.active = True diff --git a/python311-rpmlintrc b/python311-rpmlintrc index 5b35f34..6c3d3b0 100644 --- a/python311-rpmlintrc +++ b/python311-rpmlintrc @@ -1,3 +1,4 @@ addFilter("pem-certificate.*/usr/lib.*/python.*/test/*.pem") addFilter("devel-file-in-non-devel-package.*/usr/lib.*/python.*/tests/*.c") addFilter("devel-file-in-non-devel-package.*/usr/lib.*/python.*/test/*.cpp") +addFilter("python-bytecode-inconsistent-mtime.*\.pyc") diff --git a/python311.changes b/python311.changes index 8cee3dc..04405ea 100644 --- a/python311.changes +++ b/python311.changes @@ -1,5 +1,5 @@ ------------------------------------------------------------------- -Fri Apr 11 08:54:19 UTC 2025 - Matej Cepl +Fri Apr 18 14:05:38 UTC 2025 - Matej Cepl - Update to 3.11.12: - gh-131809: Update bundled libexpat to 2.7.1 @@ -46,6 +46,10 @@ Fri Apr 11 08:54:19 UTC 2025 - Matej Cepl interpreter to deadlock. - Remove upstreamed patch: - CVE-2025-0938-sq-brackets-domain-names.patch +- Add gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch + which makes test_ssl not to stop ThreadedEchoServer on OSError, + which makes test_ssl pass with OpenSSL 3.5 (bsc#1241067, + gh#python/cpython!126572) ------------------------------------------------------------------- Wed Mar 12 15:05:46 UTC 2025 - Bernhard Wiedemann diff --git a/python311.spec b/python311.spec index 592223c..9293320 100644 --- a/python311.spec +++ b/python311.spec @@ -188,8 +188,12 @@ Patch19: bso1227999-reproducible-builds.patch Patch22: gh120226-fix-sendfile-test-kernel-610.patch # PATCH-FIX-UPSTREAM Add platform triplets for 64-bit LoongArch gh#python/cpython#30939 glaubitz@suse.com Patch24: add-loongarch64-support.patch +# PATCH-FIX-UPSTREAM gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch bsc#1241067 mcepl@suse.com +# don't stop ThreadedEchoServer on OSError, makes test_ssl fail with OpenSSL 3.5 +Patch25: gh-126572-test_ssl-no-stop-ThreadedEchoServer-OSError.patch BuildRequires: autoconf-archive BuildRequires: automake +BuildRequires: crypto-policies-scripts BuildRequires: fdupes BuildRequires: gmp-devel BuildRequires: lzma-devel @@ -451,6 +455,7 @@ other applications. %patch -p1 -P 19 %patch -p1 -P 22 %patch -p1 -P 24 +%patch -p1 -P 25 # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac