diff options
| author | Ned Deily <nad@python.org> | 2021-08-30 07:10:21 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-30 07:10:21 (GMT) |
| commit | 94b2639fad50d7ff8acd12c11e5fe5f9a6e1da5c (patch) | |
| tree | cbf33affe0b60cecd287ffce8dbde10daebcaddf | |
| parent | 71853a73024a98aa38a3c0444fe364dbd9709134 (diff) | |
| download | cpython-94b2639fad50d7ff8acd12c11e5fe5f9a6e1da5c.zip cpython-94b2639fad50d7ff8acd12c11e5fe5f9a6e1da5c.tar.gz cpython-94b2639fad50d7ff8acd12c11e5fe5f9a6e1da5c.tar.bz2 | |
bpo 45007: Update macOS installer builds to use OpenSSL 1.1.1l. (GH-28051)
3 files changed, 64 insertions, 3 deletions
diff --git a/Mac/BuildScript/0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch b/Mac/BuildScript/0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch new file mode 100644 index 0000000..51ccdc2 --- /dev/null +++ b/Mac/BuildScript/0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch @@ -0,0 +1,59 @@ +From cef404f1e7a598166cbc2fd2e0048f7e2d752ad5 Mon Sep 17 00:00:00 2001 +From: David Carlier <devnexen@gmail.com> +Date: Tue, 24 Aug 2021 22:40:14 +0100 +Subject: [PATCH] Darwin platform allows to build on releases before + Yosemite/ios 8. + +issue #16407 #16408 +--- + crypto/rand/rand_unix.c | 5 +---- + include/crypto/rand.h | 10 ++++++++++ + 2 files changed, 11 insertions(+), 4 deletions(-) + +diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c +index 43f1069d15..0f4525106a 100644 +--- a/crypto/rand/rand_unix.c ++++ b/crypto/rand/rand_unix.c +@@ -34,9 +34,6 @@ + #if defined(__OpenBSD__) + # include <sys/param.h> + #endif +-#if defined(__APPLE__) +-# include <CommonCrypto/CommonRandom.h> +-#endif + + #if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) + # include <sys/types.h> +@@ -381,7 +378,7 @@ static ssize_t syscall_random(void *buf, size_t buflen) + if (errno != ENOSYS) + return -1; + } +-# elif defined(__APPLE__) ++# elif defined(OPENSSL_APPLE_CRYPTO_RANDOM) + if (CCRandomGenerateBytes(buf, buflen) == kCCSuccess) + return (ssize_t)buflen; + +diff --git a/include/crypto/rand.h b/include/crypto/rand.h +index 5350d3a931..674f840fd1 100644 +--- a/include/crypto/rand.h ++++ b/include/crypto/rand.h +@@ -20,6 +20,16 @@ + + # include <openssl/rand.h> + ++# if defined(__APPLE__) && !defined(OPENSSL_NO_APPLE_CRYPTO_RANDOM) ++# include <Availability.h> ++# if (defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101000) || \ ++ (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 80000) ++# define OPENSSL_APPLE_CRYPTO_RANDOM 1 ++# include <CommonCrypto/CommonCryptoError.h> ++# include <CommonCrypto/CommonRandom.h> ++# endif ++# endif ++ + /* forward declaration */ + typedef struct rand_pool_st RAND_POOL; + +-- +2.33.0 + diff --git a/Mac/BuildScript/build-installer.py b/Mac/BuildScript/build-installer.py index 56d3d4b..e89b1c1 100755 --- a/Mac/BuildScript/build-installer.py +++ b/Mac/BuildScript/build-installer.py @@ -246,9 +246,10 @@ def library_recipes(): result.extend([ dict( - name="OpenSSL 1.1.1k", - url="https://www.openssl.org/source/openssl-1.1.1k.tar.gz", - checksum='c4e7d95f782b08116afa27b30393dd27', + name="OpenSSL 1.1.1l", + url="https://www.openssl.org/source/openssl-1.1.1l.tar.gz", + checksum='ac0d4387f3ba0ad741b0580dd45f6ff3', + patches=['0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch'], buildrecipe=build_universal_openssl, configure=None, install=None, diff --git a/Misc/NEWS.d/next/macOS/2021-08-30-00-04-10.bpo-45007.pixqUB.rst b/Misc/NEWS.d/next/macOS/2021-08-30-00-04-10.bpo-45007.pixqUB.rst new file mode 100644 index 0000000..e4f1ac6 --- /dev/null +++ b/Misc/NEWS.d/next/macOS/2021-08-30-00-04-10.bpo-45007.pixqUB.rst @@ -0,0 +1 @@ +Update macOS installer builds to use OpenSSL 1.1.1l. |