Accepting request 1228503 from server:http

OBS-URL: https://build.opensuse.org/request/show/1228503
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/uwsgi?expand=0&rev=58

python313.patch

@@ -0,0 +1,99 @@
+From 699dc20f8204ee18812951600b0221156d217530 Mon Sep 17 00:00:00 2001
+From: Riccardo Magliocchetti <riccardo.magliocchetti@gmail.com>
+Date: Sun, 21 Jul 2024 16:32:31 +0200
+Subject: [PATCH] plugins/python: handle cframe removal from CPython thread
+ state
+
+Use current_frame instead
+---
+ plugins/python/python_plugin.c | 16 ++++++++++++++++
+ plugins/python/uwsgi_python.h  | 12 ++++++++++++
+ 2 files changed, 28 insertions(+)
+
+Index: uwsgi-2.0.28/plugins/python/python_plugin.c
+===================================================================
+--- uwsgi-2.0.28.orig/plugins/python/python_plugin.c
++++ uwsgi-2.0.28/plugins/python/python_plugin.c
+@@ -1615,7 +1615,11 @@ void uwsgi_python_suspend(struct wsgi_re
+ #elif defined UWSGI_PY312
+ 		up.current_c_recursion_remaining[wsgi_req->async_id] = tstate->c_recursion_remaining;
+ 		up.current_py_recursion_remaining[wsgi_req->async_id] = tstate->py_recursion_remaining;
++#ifdef UWSGI_PY313
++		up.current_frame[wsgi_req->async_id] = tstate->current_frame;
++#else
+ 		up.current_frame[wsgi_req->async_id] = tstate->cframe;
++#endif
+ #elif defined UWSGI_PY311
+ 		up.current_recursion_remaining[wsgi_req->async_id] = tstate->recursion_remaining;
+ 		up.current_frame[wsgi_req->async_id] = tstate->cframe;
+@@ -1632,7 +1636,11 @@ void uwsgi_python_suspend(struct wsgi_re
+ #elif defined UWSGI_PY312
+ 		up.current_main_c_recursion_remaining = tstate->c_recursion_remaining;
+ 		up.current_main_py_recursion_remaining = tstate->py_recursion_remaining;
++#ifdef UWSGI_PY313
++		up.current_main_frame = tstate->current_frame;
++#else
+ 		up.current_main_frame = tstate->cframe;
++#endif
+ #elif defined UWSGI_PY311
+ 		up.current_main_recursion_remaining = tstate->recursion_remaining;
+ 		up.current_main_frame = tstate->cframe;
+@@ -1876,7 +1884,11 @@ void uwsgi_python_resume(struct wsgi_req
+ #elif defined UWSGI_PY312
+ 		tstate->c_recursion_remaining = up.current_c_recursion_remaining[wsgi_req->async_id];
+ 		tstate->py_recursion_remaining = up.current_py_recursion_remaining[wsgi_req->async_id];
++#ifdef UWSGI_PY313
++		tstate->current_frame = up.current_frame[wsgi_req->async_id];
++#else
+ 		tstate->cframe = up.current_frame[wsgi_req->async_id];
++#endif
+ #elif defined UWSGI_PY311
+ 		tstate->recursion_remaining = up.current_recursion_remaining[wsgi_req->async_id];
+ 		tstate->cframe = up.current_frame[wsgi_req->async_id];
+@@ -1893,7 +1905,11 @@ void uwsgi_python_resume(struct wsgi_req
+ #elif defined UWSGI_PY312
+ 		tstate->c_recursion_remaining = up.current_main_c_recursion_remaining;
+ 		tstate->py_recursion_remaining = up.current_main_py_recursion_remaining;
++#ifdef UWSGI_PY313
++		tstate->current_frame = up.current_main_frame;
++#else
+ 		tstate->cframe = up.current_main_frame;
++#endif
+ #elif defined UWSGI_PY311
+ 		tstate->recursion_remaining = up.current_main_recursion_remaining;
+ 		tstate->cframe = up.current_main_frame;
+Index: uwsgi-2.0.28/plugins/python/uwsgi_python.h
+===================================================================
+--- uwsgi-2.0.28.orig/plugins/python/uwsgi_python.h
++++ uwsgi-2.0.28/plugins/python/uwsgi_python.h
+@@ -29,6 +29,10 @@
+ #  define UWSGI_PY313
+ #endif
+ 
++#if (PY_VERSION_HEX >= 0x030d0000)
++#  define UWSGI_PY313
++#endif
++
+ #if PY_MAJOR_VERSION == 2 && PY_MINOR_VERSION < 7
+ #define HAS_NOT_PyMemoryView_FromBuffer
+ #endif
+@@ -183,11 +187,19 @@ struct uwsgi_python {
+ #elif defined UWSGI_PY312
+ 	int *current_c_recursion_remaining;
+ 	int *current_py_recursion_remaining;
++#ifdef UWSGI_PY313
++	struct _PyInterpreterFrame **current_frame;
++#else
+ 	_PyCFrame **current_frame;
++#endif
+ 
+ 	int current_main_c_recursion_remaining;
+ 	int current_main_py_recursion_remaining;
++#ifdef UWSGI_PY313
++	struct _PyInterpreterFrame *current_main_frame;
++#else
+ 	_PyCFrame *current_main_frame;
++#endif
+ #elif defined UWSGI_PY311
+ 	int *current_recursion_remaining;
+ 	_PyCFrame **current_frame;

uwsgi-2.0.25.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a1e4a401f71d29e49d4762223412c32a42594c415f9d72d0f759680e5b8f4cf9
-size 811635

uwsgi-2.0.28.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4bb0762c5becb0414352cca664957206df4d6847e9a1c472e87708dc2cdad610
+size 815887

uwsgi-93d07ec38b31.patch

@@ -1,23 +0,0 @@
-From 93d07ec38b319c2fba7c71d3fd0d5acc2882d65a Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Tue, 14 May 2024 21:08:14 -0700
-Subject: [PATCH] fix 32-bit compilation with GCC14
-
-Wrong pointer type is used.
----
- core/regexp.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/core/regexp.c b/core/regexp.c
-index 74bb77751..2b59f16fb 100644
---- a/core/regexp.c
-+++ b/core/regexp.c
-@@ -23,7 +23,7 @@ int uwsgi_regexp_build(char *re, uwsgi_pcre ** pattern) {
- 
- #ifdef UWSGI_PCRE2
- 	int errnbr;
--	long unsigned int erroff;
-+	size_t erroff;
- 
- 	*pattern = pcre2_compile((const unsigned char *) re, PCRE2_ZERO_TERMINATED, 0, &errnbr, &erroff, NULL);
- #else

uwsgi-reproducible-jar-mtime.patch

@@ -0,0 +1,11 @@
+--- uwsgi-2.0.25.1/plugins/jvm/uwsgiplugin.py	2024-09-26 21:40:38.319789843 +0200
++++ uwsgi-2.0.25.1/plugins/jvm/uwsgiplugin.py	2024-09-26 21:43:21.557662471 +0200
+@@ -77,7 +77,7 @@
+ def post_build(config):
+     if subprocess.call("javac %s/plugins/jvm/uwsgi.java" % os.getcwd(), shell=True) != 0:
+         os._exit(1)
+-    if subprocess.call("cd %s/plugins/jvm ; jar cvf uwsgi.jar *.class" % os.getcwd(), shell=True) != 0:
++    if subprocess.call("cd %s/plugins/jvm ; jar --date=\"$(date -u -d @${SOURCE_DATE_EPOCH:-$(date +%%s)} +%%Y-%%m-%%dT%%H:%%M:%%SZ)\" --create --verbose --file=uwsgi.jar *.class" % os.getcwd(), shell=True) != 0:
+         os._exit(1)
+     print("*** uwsgi.jar available in %s/plugins/jvm/uwsgi.jar ***" % os.getcwd())
+ 

uwsgi.changes

@@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Thu Dec  5 07:06:07 UTC 2024 - Fridrich Strba <fstrba@suse.com>
+
+- Added patch:
+  * uwsgi-reproducible-jar-mtime.patch
+    + Use SOURCE_DATE_EPOCH for reproducible jar mtime
+    + Applied if building with Java >= 17
+
+-------------------------------------------------------------------
+Tue Nov  5 14:58:48 UTC 2024 - Markéta Machová <mmachova@suse.com>
+
+- add python313.patch to support the newest CPython
+
+-------------------------------------------------------------------
+Tue Oct 29 17:46:07 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 2.0.28 (bsc#1222332, CVE-2024-24795):
+  * Bit more friendly log messages
+  * Add more integration tests
+  * Fix static library not found install error on conda
+  * pyuwsgi: avoid interleaving pywsgi threadstate
+  * Fix gracefully_kill_them_all with running requests
+  * Fix –catch-exceptions causing a segfault in Python 3.5+
+  * plugins/php: Add support for uwsgi.disconnect() function
+  * plugins/python: use PyOS_*Fork stable API functions on 3.7+
+  * core/uwsgi: set enable threads by default
+  * plugins/python: fix compilation with Python 3.13
+  * use pipe in gracefully_kill() to stop worker loop
+  * port pypy plugin to python3
+  * add some integrations tests
+  * apache2/mod_proxy_uwsgi: let httpd handle CL/TE for
+    non-http handlers CVE-2024-24795
+  * remove race-condition over termination of uWSGI process
+    when using need-app and lazy-apps (Hanan .T)
+  * fix 32-bit compilation with GCC14 (Rosen Penev)
+  * uwsgiconfig: get compiler version with -dumpfullversion
+  * Fix uwsgi_regexp_match() with pcre2
+- drop uwsgi-93d07ec38b31.patch (upstream)
+
 -------------------------------------------------------------------
 Thu Jul 25 16:31:34 UTC 2024 - Martin Jambor <mjambor@suse.com>
 
@@ -89,7 +128,7 @@ Fri Jan  6 20:36:08 UTC 2023 - Dirk Müller <dmueller@suse.com>
   * fix memory corruption in uwsgi_cache
   * Fix segfault from GEVENT_SWITCH
   * Support php 8.1
-  * Use parenthesis in print() statement 
+  * Use parenthesis in print() statement
 
 -------------------------------------------------------------------
 Tue Dec 13 19:44:00 UTC 2022 - sven@uebelacker.net
@@ -167,7 +206,7 @@ Thu Nov 26 18:51:29 UTC 2020 - Dirk Mueller <dmueller@suse.com>
 
 - update 2.0.19.1:
   * Reverted CGI chunked encoding support
-  * Fixed bug with WSGI responses returning 
+  * Fixed bug with WSGI responses returning
   * Update travis to xenial (Terence D. Honles)
   * Fix segfault in logsocket plugin (Riccardo Magliocchetti, #2010)
   * Backport Coverity fixes from master (Riccardo Magliocchetti)
@@ -451,7 +490,7 @@ Wed Jun  8 18:53:26 UTC 2016 - buschmann23@opensuse.org
 - Update to 2.0.13.1:
   * Fixed support for python 2.5 and python 2.6
   * Fixed support for older glibc
-  * Reverted EPOLLEXCLUSIVE patch, requires more investigation 
+  * Reverted EPOLLEXCLUSIVE patch, requires more investigation
 
 -------------------------------------------------------------------
 Thu May 12 04:43:00 UTC 2016 - jfunk@funktronics.ca
@@ -514,7 +553,7 @@ Fri Nov  6 17:33:31 UTC 2015 - buschmann23@opensuse.org
     * fixed http-socket parser state after harakiri
     * fixed threaded request logger
     * fixed fastrouter subscriptions modifiers
-    * fixed alarm backlog 
+    * fixed alarm backlog
 
 -------------------------------------------------------------------
 Sat Sep 26 17:39:41 UTC 2015 - jfunk@funktronics.ca
@@ -565,7 +604,7 @@ Sat Sep 26 17:39:41 UTC 2015 - jfunk@funktronics.ca
 -------------------------------------------------------------------
 Wed Aug 12 11:10:35 UTC 2015 - dvaleev@suse.com
 
-- Don't build v8 plugin for PowerPC 
+- Don't build v8 plugin for PowerPC
 
 -------------------------------------------------------------------
 Sun Jun 28 18:10:21 UTC 2015 - jfunk@funktronics.ca
@@ -867,7 +906,7 @@ Sun Mar 16 18:00:35 UTC 2014 - jfunk@funktronics.ca
     * fixed end-for and end-if
     * fixed loop in internal-routing response chain
     * fixed pypy execute_source usage
-    * logpipe: Don't setsid() twice (credits: INADA Naoki) 
+    * logpipe: Don't setsid() twice (credits: INADA Naoki)
   * New features and improvements
     * CGI plugin
       * The plugin has been improved to support streaming
@@ -1025,7 +1064,7 @@ Changes from 2.0.0:
 Sun Nov 10 20:06:51 UTC 2013 - jfunk@funktronics.ca
 
 - Update to 1.9.19:
-  * This release starts the 'hardening' cycle for uWSGI 2.0 (scheduled for the 
+  * This release starts the 'hardening' cycle for uWSGI 2.0 (scheduled for the
     end of december 2013). The metrics subsystem was the last piece missing
     and this version (after 1 year of analysis) finally includes it. During
     the following 2 months we will start deprecating features or plugins that
@@ -1383,7 +1422,7 @@ Mon Sep 23 18:47:59 UTC 2013 - jfunk@funktronics.ca
 -------------------------------------------------------------------
 Fri Sep 20 15:06:48 UTC 2013 - dvaleev@suse.com
 
-- enable v8 conditionally (enables build for powerpc and s390) 
+- enable v8 conditionally (enables build for powerpc and s390)
 
 -------------------------------------------------------------------
 Thu Sep  5 18:43:14 CEST 2013 - mls@suse.de

uwsgi.spec

@@ -29,8 +29,7 @@
 %endif
 
 Name:           uwsgi
-Version:        2.0.25.1
-
+Version:        2.0.28
 Release:        0
 Summary:        Application Container Server for Networked/Clustered Web Applications
 License:        Apache-2.0 AND GPL-2.0-only WITH GCC-exception-2.0
@@ -58,8 +57,10 @@ Patch3:         uwsgi-1.9.11-systemd_logger-old_systemd.patch
 Patch4:         uwsgi-2.0.18-postgresql-config.patch
 # PATCH-FIX-UPSTREAM uwsgi-ld-noexecstack.patch - Do not create executable stack
 Patch5:         uwsgi-ld-noexecstack.patch
-# PATCH-FIX-UPSTREAM uwsgi-93d07ec38b31.patch - Fix build with GCC 14 on 32bit platforms
-Patch6:         uwsgi-93d07ec38b31.patch
+# PATCH-FIX-UPSTREAM python313.patch - plugins/python: handle cframe removal from CPython thread state https://github.com/unbit/uwsgi/commit/699dc20f8204ee18812951600b0221156d217530
+Patch6:         python313.patch
+# PATCH-FIX-OPENSUSE
+Patch100:       uwsgi-reproducible-jar-mtime.patch
 BuildRequires:  apache-rpm-macros
 %if 0%{suse_version} < 1500
 BuildRequires:  apache2-devel
@@ -443,7 +444,18 @@ This package contains support for PHP version 7.
 %endif
 
 %prep
-%autosetup -p1 -n uwsgi-%{version}
+%setup -n uwsgi-%{version}
+%patch -P 0 -p1
+%patch -P 1 -p1
+%patch -P 2 -p1
+%patch -P 3 -p1
+%patch -P 4 -p1
+%patch -P 5 -p1
+%patch -P 6 -p1
+# The "--date" option was added into jar in OpenJDK 17
+%if %{?pkg_vcmp:%pkg_vcmp java-devel >= 17}%{!?pkg_vcmp:0}
+%patch -P 100 -p1
+%endif
 
 # Generate a config that builds all plugins except for examples and stuff we
 # can't satisfy the requirements for or are just broken