commit: d988d58d98a2f08684b2c428a6583530634d96b8
parent af5fcf41878940ba4a3cf79726a61ee1b08e4538
Author: Michael Forney <mforney@mforney.org>
Date: Tue, 5 Oct 2021 14:02:43 -0700
python: Update to 3.10.0
Diffstat:
11 files changed, 471 insertions(+), 56 deletions(-)
diff --git a/pkg/python/.gitignore b/pkg/python/.gitignore
@@ -1,3 +1,3 @@
-/Python-3.9.5.tar.xz
+/Python-3.10.0.tar.xz
/modules.ninja
/src
diff --git a/pkg/python/README.md b/pkg/python/README.md
@@ -0,0 +1,13 @@
+# python
+
+## config.h
+Generated with
+
+ ./configure \
+ --without-pymalloc \
+ --with-builtin-hashlib-hashes='sha3,blake2' \
+ --with-ssl-default-suites='TLSv1.3:TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE' \
+ ax_cv_c_float_words_bigendian=no
+
+Use libtls's conversative default set of cipher suites since the
+python default uses `@SECLEVEL=2`, which is not supported by libressl.
diff --git a/pkg/python/gen.lua b/pkg/python/gen.lua
@@ -61,7 +61,7 @@ rule('makesetup', 'lua $dir/makesetup.lua $dir/modules.lua <$in >$out')
build('makesetup', '$outdir/config.c', {'$srcdir/Modules/config.c.in', '|', '$dir/makesetup.lua', '$dir/modules.lua'})
cc('Modules/getbuildinfo.c', nil, {
- cflags=[[$cflags -D 'DATE="Feb 19 2021"' -D 'TIME="13:32:09"']]
+ cflags=[[$cflags -D 'DATE="Oct 4 2021"' -D 'TIME="18:40:47"']]
})
cc('Modules/getpath.c', nil, {
cflags={
@@ -69,7 +69,7 @@ cc('Modules/getpath.c', nil, {
[[-D 'PYTHONPATH=":plat-linux"']],
[[-D 'PREFIX="/"']],
[[-D 'EXEC_PREFIX="/"']],
- [[-D 'VERSION="3.9"']],
+ [[-D 'VERSION="3.10"']],
[[-D 'VPATH=""']],
},
})
@@ -144,17 +144,17 @@ lib('libpython.a', {expand{'Modules/', srcs}, paths[[
typeobject.c
unicodeobject.c
unicodectype.c
+ unionobject.c
weakrefobject.c
)
Parser/(
- acceler.c
- grammar1.c
- listnode.c
- node.c
- parser.c
token.c
- pegen/(pegen.c parse.c parse_string.c peg_api.c)
- myreadline.c parsetok.c tokenizer.c
+ pegen.c
+ parser.c
+ string_parser.c
+ peg_api.c
+ myreadline.c
+ tokenizer.c
)
Python/(
_warnings.c
@@ -176,7 +176,6 @@ lib('libpython.a', {expand{'Modules/', srcs}, paths[[
getcopyright.c
getplatform.c.o
getversion.c
- graminit.c
hamt.c
hashtable.c
import.c
@@ -187,7 +186,6 @@ lib('libpython.a', {expand{'Modules/', srcs}, paths[[
mysnprintf.c
mystrtoul.c
pathconfig.c
- peephole.c
preconfig.c
pyarena.c
pyctype.c
@@ -211,6 +209,7 @@ lib('libpython.a', {expand{'Modules/', srcs}, paths[[
dtoa.c
formatter_unicode.c
fileutils.c
+ suggestions.c
dynload_stub.c
frozen.c
)
@@ -226,10 +225,10 @@ man{'$outdir/python3.1'}
sym('share/man/man1/python.1.gz', 'python3.1.gz')
for f in iterlines('pylibs.txt') do
- file('lib/python3.9/'..f, '644', '$srcdir/Lib/'..f)
+ file('lib/python3.10/'..f, '644', '$srcdir/Lib/'..f)
end
-file('lib/python3.9/_sysconfigdata_'..abiflags..'_'..platform..'_.py', '644', '$dir/lib/_sysconfigdata.py')
-file('lib/python3.9/Makefile', '644', '$dir/lib/Makefile')
-dir('lib/python3.9/lib-dynload', '755')
+file('lib/python3.10/_sysconfigdata_'..abiflags..'_'..platform..'_.py', '644', '$dir/lib/_sysconfigdata.py')
+file('lib/python3.10/Makefile', '644', '$dir/lib/Makefile')
+dir('lib/python3.10/lib-dynload', '755')
fetch 'curl'
diff --git a/pkg/python/modules.lua b/pkg/python/modules.lua
@@ -28,7 +28,6 @@ return {
},
faulthandler={'faulthandler.c'},
_tracemalloc={'_tracemalloc.c'},
- _peg_parser={'_peg_parser.c'},
--_symtable={'symtablemodule.c'},
--xxsubtype={'xxsubtype.c'},
@@ -44,7 +43,6 @@ return {
_bisect={'_bisectmodule.c'},
_heapq={'_heapqmodule.c'},
_pickle={'_pickle.c'},
- -- atexit defined above
_json={'_json.c'},
--_lsprof={'_lsprof.c', 'rotatingtree.c'},
unicodedata={'unicodedata.c'},
@@ -58,7 +56,6 @@ return {
grp={'grpmodule.c'},
spwd={'spwdmodule.c'},
select={'selectmodule.c'},
- parser={'parsermodule.c'},
mmap={'mmapmodule.c'},
--syslog={'syslogmodule.c'},
--_xxsubinterpreters={'_xxsubinterpretersmodule.c'},
@@ -96,10 +93,11 @@ return {
--_codecs_tw={'cjkcodecs/_codecs_tw.c'},
--_codecs_hk={'cjkcodecs/_codecs_hk.c'},
--_codecs_iso2022={'cjkcodecs/_codecs_iso2022.c'},
- _posixshmem={'_multiprocessing/posixshmem.c'},
_multiprocessing={'_multiprocessing/multiprocessing.c', '_multiprocessing/semaphore.c'},
+ _posixshmem={'_multiprocessing/posixshmem.c'},
--_uuid={'_uuidmodule.c'},
--xxlimited={'xxlimited.c'},
+ --xxlimited_35={'xxlimited_35.c'},
--_tkinter={'_tkinter.c', 'tkappinit.c'},
--_ctypes={'_ctypes/_ctypes.c', '_ctypes/callbacks.c', '_ctypes/callproc.c', '_ctypes/stgdict.c', '_ctypes/cfield.c'},
--_ctypes_test={'_ctypes/_ctypes_test.c'},
diff --git a/pkg/python/patch/0001-Add-BearSSL-implementation-of-_hashlib.patch b/pkg/python/patch/0001-Add-BearSSL-implementation-of-_hashlib.patch
@@ -1,21 +1,21 @@
-From 40cce685bfce6c2824177f3e550d6ffbd24e08c6 Mon Sep 17 00:00:00 2001
+From a21116a6e36fd6d2f7c815cc0ebf92fffe0e72c6 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Sat, 15 May 2021 22:48:13 -0700
Subject: [PATCH] Add BearSSL implementation of _hashlib
---
- Modules/_hashbearssl.c | 1136 +++++++++++++++++++++++++++++++
+ Modules/_hashbearssl.c | 1124 +++++++++++++++++++++++++++++++
Modules/clinic/_hashbearssl.c.h | 1113 ++++++++++++++++++++++++++++++
- 2 files changed, 2249 insertions(+)
+ 2 files changed, 2237 insertions(+)
create mode 100644 Modules/_hashbearssl.c
create mode 100644 Modules/clinic/_hashbearssl.c.h
diff --git a/Modules/_hashbearssl.c b/Modules/_hashbearssl.c
new file mode 100644
-index 0000000000..98fd1d84dc
+index 0000000000..3d51d99efb
--- /dev/null
+++ b/Modules/_hashbearssl.c
-@@ -0,0 +1,1136 @@
+@@ -0,0 +1,1124 @@
+/* Module that wraps all BearSSL hash algorithms */
+#define PY_SSIZE_T_CLEAN
+#include "Python.h"
@@ -58,15 +58,6 @@ index 0000000000..98fd1d84dc
+[clinic start generated code]*/
+/*[clinic end generated code: output=da39a3ee5e6b4b0d input=7a269412ec77c79a]*/
+
-+/* NULL .tp_new doesn't block __new__ */
-+static PyObject *
-+_disabled_new(PyTypeObject *type, PyObject *args, PyObject *kwargs)
-+{
-+ PyErr_Format(PyExc_TypeError,
-+ "cannot create '%.100s' instances", _PyType_Name(type));
-+ return NULL;
-+}
-+
+static const br_hash_class *
+py_hash_by_name(const char *name)
+{
@@ -108,7 +99,7 @@ index 0000000000..98fd1d84dc
+{
+ if (self->lock)
+ PyThread_free_lock(self->lock);
-+ PyObject_Del(self);
++ PyObject_Free(self);
+}
+
+/*[clinic input]
@@ -259,10 +250,9 @@ index 0000000000..98fd1d84dc
+ .tp_dealloc = (destructor)Hash_dealloc,
+ .tp_doc = Hash_doc,
+ .tp_basicsize = sizeof(Hash),
-+ .tp_flags = Py_TPFLAGS_DEFAULT,
++ .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
+ .tp_methods = Hash_methods,
+ .tp_getset = Hash_getset,
-+ .tp_new = _disabled_new,
+};
+
+PyDoc_STRVAR(SHAKE_doc,
@@ -288,7 +278,7 @@ index 0000000000..98fd1d84dc
+{
+ if (self->lock)
+ PyThread_free_lock(self->lock);
-+ PyObject_Del(self);
++ PyObject_Free(self);
+}
+
+/*[clinic input]
@@ -448,10 +438,9 @@ index 0000000000..98fd1d84dc
+ .tp_dealloc = (destructor)SHAKE_dealloc,
+ .tp_doc = SHAKE_doc,
+ .tp_basicsize = sizeof(SHAKE),
-+ .tp_flags = Py_TPFLAGS_DEFAULT,
++ .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
+ .tp_methods = SHAKE_methods,
+ .tp_getset = SHAKE_getset,
-+ .tp_new = _disabled_new,
+};
+
+PyDoc_STRVAR(HMAC_doc,
@@ -474,7 +463,7 @@ index 0000000000..98fd1d84dc
+{
+ if (self->lock)
+ PyThread_free_lock(self->lock);
-+ PyObject_Del(self);
++ PyObject_Free(self);
+}
+/*[clinic input]
+_hashlib.HMAC.copy as HMAC_copy
@@ -632,10 +621,9 @@ index 0000000000..98fd1d84dc
+ .tp_dealloc = (destructor)HMAC_dealloc,
+ .tp_doc = HMAC_doc,
+ .tp_basicsize = sizeof(HMAC),
-+ .tp_flags = Py_TPFLAGS_DEFAULT,
++ .tp_flags = Py_TPFLAGS_DEFAULT | Py_TPFLAGS_DISALLOW_INSTANTIATION | Py_TPFLAGS_IMMUTABLETYPE,
+ .tp_methods = HMAC_methods,
+ .tp_getset = HMAC_getset,
-+ .tp_new = _disabled_new,
+};
+
+static PyObject *
@@ -2272,5 +2260,5 @@ index 0000000000..49bf8f9287
+}
+/*[clinic end generated code: output=b4705bad5ece43e9 input=a9049054013a1b77]*/
--
-2.31.1
+2.32.0
diff --git a/pkg/python/patch/0002-Re-add-support-for-libressl.patch b/pkg/python/patch/0002-Re-add-support-for-libressl.patch
@@ -0,0 +1,403 @@
+From 308e4f113891bea997bcac7e7e48a18956478265 Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Tue, 5 Oct 2021 14:44:43 -0700
+Subject: [PATCH] Re-add support for libressl
+
+---
+ Modules/_hashopenssl.c | 4 +++
+ Modules/_ssl.c | 58 +++++++++++++++++++++------------
+ Modules/_ssl/debughelpers.c | 4 +++
+ Modules/clinic/_hashopenssl.c.h | 10 +++++-
+ Modules/clinic/_ssl.c.h | 28 ++++++++++++----
+ 5 files changed, 77 insertions(+), 27 deletions(-)
+
+diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c
+index b9e68c05c3..75eb76266a 100644
+--- a/Modules/_hashopenssl.c
++++ b/Modules/_hashopenssl.c
+@@ -40,10 +40,12 @@
+
+ #define MUNCH_SIZE INT_MAX
+
++#ifndef LIBRESSL_VERSION_NUMBER
+ #define PY_OPENSSL_HAS_SCRYPT 1
+ #define PY_OPENSSL_HAS_SHA3 1
+ #define PY_OPENSSL_HAS_SHAKE 1
+ #define PY_OPENSSL_HAS_BLAKE2 1
++#endif
+
+ static PyModuleDef _hashlibmodule;
+
+@@ -1794,6 +1796,7 @@ hashlib_md_meth_names(PyObject *module)
+ return 0;
+ }
+
++#ifndef LIBRESSL_VERSION_NUMBER
+ /*[clinic input]
+ _hashlib.get_fips_mode -> int
+
+@@ -1831,6 +1834,7 @@ _hashlib_get_fips_mode_impl(PyObject *module)
+ return result;
+ #endif
+ }
++#endif
+
+
+ static int
+diff --git a/Modules/_ssl.c b/Modules/_ssl.c
+index 6c63301b2a..d8a70d5511 100644
+--- a/Modules/_ssl.c
++++ b/Modules/_ssl.c
+@@ -291,8 +291,10 @@ typedef struct {
+ int post_handshake_auth;
+ #endif
+ PyObject *msg_cb;
++#ifndef LIBRESSL_VERSION_NUMBER
+ PyObject *keylog_filename;
+ BIO *keylog_bio;
++#endif
+ /* Cached module state, also used in SSLSocket and SSLSession code. */
+ _sslmodulestate *state;
+ } PySSLContext;
+@@ -1829,6 +1831,7 @@ _ssl__SSLSocket_getpeercert_impl(PySSLSocket *self, int binary_mode)
+ return result;
+ }
+
++#ifndef LIBRESSL_VERSION_NUMBER
+ /*[clinic input]
+ _ssl._SSLSocket.get_verified_chain
+
+@@ -1892,6 +1895,7 @@ _ssl__SSLSocket_get_unverified_chain_impl(PySSLSocket *self)
+ }
+ return retval;
+ }
++#endif
+
+ static PyObject *
+ cipher_to_tuple(const SSL_CIPHER *cipher)
+@@ -2298,8 +2302,7 @@ static PyObject *
+ _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
+ /*[clinic end generated code: output=aa7a6be5527358d8 input=77262d994fe5100a]*/
+ {
+- size_t count = 0;
+- int retval;
++ int len;
+ int sockstate;
+ _PySSLError err;
+ int nonblocking;
+@@ -2317,6 +2320,12 @@ _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
+ Py_INCREF(sock);
+ }
+
++ if (b->len > INT_MAX) {
++ PyErr_Format(PyExc_OverflowError,
++ "string longer than %d bytes", INT_MAX);
++ goto error;
++ }
++
+ if (sock != NULL) {
+ /* just in case the blocking state of the socket has been changed */
+ nonblocking = (sock->sock_timeout >= 0);
+@@ -2346,8 +2355,8 @@ _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
+
+ do {
+ PySSL_BEGIN_ALLOW_THREADS
+- retval = SSL_write_ex(self->ssl, b->buf, (size_t)b->len, &count);
+- err = _PySSL_errno(retval == 0, self->ssl, retval);
++ len = SSL_write(self->ssl, b->buf, (int)b->len);
++ err = _PySSL_errno(len <= 0, self->ssl, len);
+ PySSL_END_ALLOW_THREADS
+ self->err = err;
+
+@@ -2380,11 +2389,11 @@ _ssl__SSLSocket_write_impl(PySSLSocket *self, Py_buffer *b)
+ err.ssl == SSL_ERROR_WANT_WRITE);
+
+ Py_XDECREF(sock);
+- if (retval == 0)
+- return PySSL_SetError(self, retval, __FILE__, __LINE__);
++ if (len <= 0)
++ return PySSL_SetError(self, len, __FILE__, __LINE__);
+ if (PySSL_ChainExceptions(self) < 0)
+ return NULL;
+- return PyLong_FromSize_t(count);
++ return PyLong_FromLong(len);
+ error:
+ Py_XDECREF(sock);
+ PySSL_ChainExceptions(self);
+@@ -2418,7 +2427,7 @@ _ssl__SSLSocket_pending_impl(PySSLSocket *self)
+
+ /*[clinic input]
+ _ssl._SSLSocket.read
+- size as len: Py_ssize_t
++ size as len: int
+ [
+ buffer: Py_buffer(accept={rwbuffer})
+ ]
+@@ -2428,14 +2437,13 @@ Read up to size bytes from the SSL socket.
+ [clinic start generated code]*/
+
+ static PyObject *
+-_ssl__SSLSocket_read_impl(PySSLSocket *self, Py_ssize_t len,
+- int group_right_1, Py_buffer *buffer)
+-/*[clinic end generated code: output=49b16e6406023734 input=ec48bf622be1c4a1]*/
++_ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
++ Py_buffer *buffer)
++/*[clinic end generated code: output=00097776cec2a0af input=ff157eb918d0905b]*/
+ {
+ PyObject *dest = NULL;
+ char *mem;
+- size_t count = 0;
+- int retval;
++ int count;
+ int sockstate;
+ _PySSLError err;
+ int nonblocking;
+@@ -2498,8 +2506,8 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, Py_ssize_t len,
+
+ do {
+ PySSL_BEGIN_ALLOW_THREADS
+- retval = SSL_read_ex(self->ssl, mem, (size_t)len, &count);
+- err = _PySSL_errno(retval == 0, self->ssl, retval);
++ count = SSL_read(self->ssl, mem, len);
++ err = _PySSL_errno(count <= 0, self->ssl, count);
+ PySSL_END_ALLOW_THREADS
+ self->err = err;
+
+@@ -2532,8 +2540,8 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, Py_ssize_t len,
+ } while (err.ssl == SSL_ERROR_WANT_READ ||
+ err.ssl == SSL_ERROR_WANT_WRITE);
+
+- if (retval == 0) {
+- PySSL_SetError(self, retval, __FILE__, __LINE__);
++ if (count <= 0) {
++ PySSL_SetError(self, count, __FILE__, __LINE__);
+ goto error;
+ }
+ if (self->exc_type != NULL)
+@@ -2546,7 +2554,7 @@ _ssl__SSLSocket_read_impl(PySSLSocket *self, Py_ssize_t len,
+ return dest;
+ }
+ else {
+- return PyLong_FromSize_t(count);
++ return PyLong_FromLong(count);
+ }
+
+ error:
+@@ -3062,8 +3070,10 @@ _ssl__SSLContext_impl(PyTypeObject *type, int proto_version)
+ self->hostflags = X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS;
+ self->protocol = proto_version;
+ self->msg_cb = NULL;
++#ifndef LIBRESSL_VERSION_NUMBER
+ self->keylog_filename = NULL;
+ self->keylog_bio = NULL;
++#endif
+ self->alpn_protocols = NULL;
+ self->set_sni_cb = NULL;
+ self->state = get_ssl_state(module);
+@@ -3187,6 +3197,7 @@ context_clear(PySSLContext *self)
+ {
+ Py_CLEAR(self->set_sni_cb);
+ Py_CLEAR(self->msg_cb);
++#ifndef LIBRESSL_VERSION_NUMBER
+ Py_CLEAR(self->keylog_filename);
+ if (self->keylog_bio != NULL) {
+ PySSL_BEGIN_ALLOW_THREADS
+@@ -3194,6 +3205,7 @@ context_clear(PySSLContext *self)
+ PySSL_END_ALLOW_THREADS
+ self->keylog_bio = NULL;
+ }
++#endif
+ return 0;
+ }
+
+@@ -3535,7 +3547,7 @@ set_maximum_version(PySSLContext *self, PyObject *arg, void *c)
+ return set_min_max_proto_version(self, arg, 1);
+ }
+
+-#ifdef TLS1_3_VERSION
++#if defined(TLS1_3_VERSION) && !defined(LIBRESSL_VERSION_NUMBER)
+ static PyObject *
+ get_num_tickets(PySSLContext *self, void *c)
+ {
+@@ -3568,12 +3580,14 @@ PyDoc_STRVAR(PySSLContext_num_tickets_doc,
+ "Control the number of TLSv1.3 session tickets");
+ #endif /* TLS1_3_VERSION */
+
++#ifndef LIBRESSL_VERSION_NUMBER
+ static PyObject *
+ get_security_level(PySSLContext *self, void *c)
+ {
+ return PyLong_FromLong(SSL_CTX_get_security_level(self->ctx));
+ }
+ PyDoc_STRVAR(PySSLContext_security_level_doc, "The current security level");
++#endif
+
+ static PyObject *
+ get_options(PySSLContext *self, void *c)
+@@ -4603,13 +4617,15 @@ static PyGetSetDef context_getsetlist[] = {
+ (setter) set_minimum_version, NULL},
+ {"maximum_version", (getter) get_maximum_version,
+ (setter) set_maximum_version, NULL},
++#ifndef LIBRESSL_VERSION_NUMBER
+ {"keylog_filename", (getter) _PySSLContext_get_keylog_filename,
+ (setter) _PySSLContext_set_keylog_filename, NULL},
++#endif
+ {"_msg_callback", (getter) _PySSLContext_get_msg_callback,
+ (setter) _PySSLContext_set_msg_callback, NULL},
+ {"sni_callback", (getter) get_sni_callback,
+ (setter) set_sni_callback, PySSLContext_sni_callback_doc},
+-#ifdef TLS1_3_VERSION
++#if defined(TLS1_3_VERSION) && !defined(LIBRESSL_VERSION_NUMBER)
+ {"num_tickets", (getter) get_num_tickets,
+ (setter) set_num_tickets, PySSLContext_num_tickets_doc},
+ #endif
+@@ -4628,8 +4644,10 @@ static PyGetSetDef context_getsetlist[] = {
+ (setter) set_verify_flags, NULL},
+ {"verify_mode", (getter) get_verify_mode,
+ (setter) set_verify_mode, NULL},
++#ifndef LIBRESSL_VERSION_NUMBER
+ {"security_level", (getter) get_security_level,
+ NULL, PySSLContext_security_level_doc},
++#endif
+ {NULL}, /* sentinel */
+ };
+
+diff --git a/Modules/_ssl/debughelpers.c b/Modules/_ssl/debughelpers.c
+index 03c125eb44..d992c5bc02 100644
+--- a/Modules/_ssl/debughelpers.c
++++ b/Modules/_ssl/debughelpers.c
+@@ -114,6 +114,8 @@ _PySSLContext_set_msg_callback(PySSLContext *self, PyObject *arg, void *c) {
+ return 0;
+ }
+
++#ifndef LIBRESSL_VERSION_NUMBER
++
+ static void
+ _PySSL_keylog_callback(const SSL *ssl, const char *line)
+ {
+@@ -217,3 +219,5 @@ _PySSLContext_set_keylog_filename(PySSLContext *self, PyObject *arg, void *c) {
+ SSL_CTX_set_keylog_callback(self->ctx, _PySSL_keylog_callback);
+ return 0;
+ }
++
++#endif
+diff --git a/Modules/clinic/_hashopenssl.c.h b/Modules/clinic/_hashopenssl.c.h
+index de01489e6a..c686eddea8 100644
+--- a/Modules/clinic/_hashopenssl.c.h
++++ b/Modules/clinic/_hashopenssl.c.h
+@@ -1275,6 +1275,8 @@ _hashlib_HMAC_hexdigest(HMACobject *self, PyObject *Py_UNUSED(ignored))
+ return _hashlib_HMAC_hexdigest_impl(self);
+ }
+
++#if !defined(LIBRESSL_VERSION_NUMBER)
++
+ PyDoc_STRVAR(_hashlib_get_fips_mode__doc__,
+ "get_fips_mode($module, /)\n"
+ "--\n"
+@@ -1310,6 +1312,8 @@ _hashlib_get_fips_mode(PyObject *module, PyObject *Py_UNUSED(ignored))
+ return return_value;
+ }
+
++#endif /* !defined(LIBRESSL_VERSION_NUMBER) */
++
+ PyDoc_STRVAR(_hashlib_compare_digest__doc__,
+ "compare_digest($module, a, b, /)\n"
+ "--\n"
+@@ -1385,4 +1389,8 @@ _hashlib_compare_digest(PyObject *module, PyObject *const *args, Py_ssize_t narg
+ #ifndef _HASHLIB_SCRYPT_METHODDEF
+ #define _HASHLIB_SCRYPT_METHODDEF
+ #endif /* !defined(_HASHLIB_SCRYPT_METHODDEF) */
+-/*[clinic end generated code: output=162369cb9d43f1cc input=a9049054013a1b77]*/
++
++#ifndef _HASHLIB_GET_FIPS_MODE_METHODDEF
++ #define _HASHLIB_GET_FIPS_MODE_METHODDEF
++#endif /* !defined(_HASHLIB_GET_FIPS_MODE_METHODDEF) */
++/*[clinic end generated code: output=a110f274fb33395d input=a9049054013a1b77]*/
+diff --git a/Modules/clinic/_ssl.c.h b/Modules/clinic/_ssl.c.h
+index b59b129af8..f6bcd09e03 100644
+--- a/Modules/clinic/_ssl.c.h
++++ b/Modules/clinic/_ssl.c.h
+@@ -88,6 +88,8 @@ _ssl__SSLSocket_getpeercert(PySSLSocket *self, PyObject *const *args, Py_ssize_t
+ return return_value;
+ }
+
++#if !defined(LIBRESSL_VERSION_NUMBER)
++
+ PyDoc_STRVAR(_ssl__SSLSocket_get_verified_chain__doc__,
+ "get_verified_chain($self, /)\n"
+ "--\n"
+@@ -105,6 +107,10 @@ _ssl__SSLSocket_get_verified_chain(PySSLSocket *self, PyObject *Py_UNUSED(ignore
+ return _ssl__SSLSocket_get_verified_chain_impl(self);
+ }
+
++#endif /* !defined(LIBRESSL_VERSION_NUMBER) */
++
++#if !defined(LIBRESSL_VERSION_NUMBER)
++
+ PyDoc_STRVAR(_ssl__SSLSocket_get_unverified_chain__doc__,
+ "get_unverified_chain($self, /)\n"
+ "--\n"
+@@ -122,6 +128,8 @@ _ssl__SSLSocket_get_unverified_chain(PySSLSocket *self, PyObject *Py_UNUSED(igno
+ return _ssl__SSLSocket_get_unverified_chain_impl(self);
+ }
+
++#endif /* !defined(LIBRESSL_VERSION_NUMBER) */
++
+ PyDoc_STRVAR(_ssl__SSLSocket_shared_ciphers__doc__,
+ "shared_ciphers($self, /)\n"
+ "--\n"
+@@ -271,25 +279,25 @@ PyDoc_STRVAR(_ssl__SSLSocket_read__doc__,
+ {"read", (PyCFunction)_ssl__SSLSocket_read, METH_VARARGS, _ssl__SSLSocket_read__doc__},
+
+ static PyObject *
+-_ssl__SSLSocket_read_impl(PySSLSocket *self, Py_ssize_t len,
+- int group_right_1, Py_buffer *buffer);
++_ssl__SSLSocket_read_impl(PySSLSocket *self, int len, int group_right_1,
++ Py_buffer *buffer);
+
+ static PyObject *
+ _ssl__SSLSocket_read(PySSLSocket *self, PyObject *args)
+ {
+ PyObject *return_value = NULL;
+- Py_ssize_t len;
++ int len;
+ int group_right_1 = 0;
+ Py_buffer buffer = {NULL, NULL};
+
+ switch (PyTuple_GET_SIZE(args)) {
+ case 1:
+- if (!PyArg_ParseTuple(args, "n:read", &len)) {
++ if (!PyArg_ParseTuple(args, "i:read", &len)) {
+ goto exit;
+ }
+ break;
+ case 2:
+- if (!PyArg_ParseTuple(args, "nw*:read", &len, &buffer)) {
++ if (!PyArg_ParseTuple(args, "iw*:read", &len, &buffer)) {
+ goto exit;
+ }
+ group_right_1 = 1;
+@@ -1351,6 +1359,14 @@ _ssl_enum_crls(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObje
+
+ #endif /* defined(_MSC_VER) */
+
++#ifndef _SSL__SSLSOCKET_GET_VERIFIED_CHAIN_METHODDEF
++ #define _SSL__SSLSOCKET_GET_VERIFIED_CHAIN_METHODDEF
++#endif /* !defined(_SSL__SSLSOCKET_GET_VERIFIED_CHAIN_METHODDEF) */
++
++#ifndef _SSL__SSLSOCKET_GET_UNVERIFIED_CHAIN_METHODDEF
++ #define _SSL__SSLSOCKET_GET_UNVERIFIED_CHAIN_METHODDEF
++#endif /* !defined(_SSL__SSLSOCKET_GET_UNVERIFIED_CHAIN_METHODDEF) */
++
+ #ifndef _SSL_ENUM_CERTIFICATES_METHODDEF
+ #define _SSL_ENUM_CERTIFICATES_METHODDEF
+ #endif /* !defined(_SSL_ENUM_CERTIFICATES_METHODDEF) */
+@@ -1358,4 +1374,4 @@ _ssl_enum_crls(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObje
+ #ifndef _SSL_ENUM_CRLS_METHODDEF
+ #define _SSL_ENUM_CRLS_METHODDEF
+ #endif /* !defined(_SSL_ENUM_CRLS_METHODDEF) */
+-/*[clinic end generated code: output=5a7d7bf5cf8ee092 input=a9049054013a1b77]*/
++/*[clinic end generated code: output=0e12e5e4ee2221b5 input=a9049054013a1b77]*/
+--
+2.32.0
+
diff --git a/pkg/python/pyconfig.h b/pkg/python/pyconfig.h
@@ -3,12 +3,15 @@
/* #undef AC_APPLE_UNIVERSAL_BUILD */
/* #undef AIX_BUILDDATE */
/* #undef AIX_GENUINE_CPLUSPLUS */
+#define ALIGNOF_LONG 8
+#define ALIGNOF_SIZE_T 8
/* #undef ALT_SOABI */
/* #undef ANDROID_API_LEVEL */
/* #undef DOUBLE_IS_ARM_MIXED_ENDIAN_IEEE754 */
/* #undef DOUBLE_IS_BIG_ENDIAN_IEEE754 */
#define DOUBLE_IS_LITTLE_ENDIAN_IEEE754 1
#define ENABLE_IPV6 1
+/* #undef EXPERIMENTAL_ISOLATED_SUBINTERPRETERS */
/* #undef FLOAT_WORDS_BIGENDIAN */
/* #undef FLOCK_NEEDS_LIBBSD */
/* #undef GETPGRP_HAVE_ARG */
@@ -41,6 +44,7 @@
#define HAVE_CLOCK_GETRES 1
#define HAVE_CLOCK_GETTIME 1
#define HAVE_CLOCK_SETTIME 1
+/* #undef HAVE_CLOSE_RANGE */
#define HAVE_COMPUTED_GOTOS 1
#define HAVE_CONFSTR 1
/* #undef HAVE_CONIO_H */
@@ -93,6 +97,7 @@
#define HAVE_ERF 1
#define HAVE_ERFC 1
#define HAVE_ERRNO_H 1
+#define HAVE_EVENTFD 1
#define HAVE_EXECV 1
#define HAVE_EXPLICIT_BZERO 1
/* #undef HAVE_EXPLICIT_MEMSET */
@@ -234,6 +239,7 @@
#define HAVE_NETPACKET_PACKET_H 1
#define HAVE_NET_IF_H 1
#define HAVE_NICE 1
+/* #undef HAVE_NON_UNICODE_WCHAR_T_REPRESENTATION */
#define HAVE_OPENAT 1
#define HAVE_OPENPTY 1
#define HAVE_PATHCONF 1
@@ -326,6 +332,7 @@
#define HAVE_SOCKADDR_STORAGE 1
#define HAVE_SOCKETPAIR 1
#define HAVE_SPAWN_H 1
+#define HAVE_SPLICE 1
#define HAVE_SSIZE_T 1
#define HAVE_STATVFS 1
#define HAVE_STAT_TV_NSEC 1
@@ -334,7 +341,6 @@
#define HAVE_STDINT_H 1
#define HAVE_STDLIB_H 1
#define HAVE_STD_ATOMIC 1
-#define HAVE_STRDUP 1
#define HAVE_STRFTIME 1
#define HAVE_STRINGS_H 1
#define HAVE_STRING_H 1
@@ -361,6 +367,7 @@
/* #undef HAVE_SYS_DIR_H */
/* #undef HAVE_SYS_ENDIAN_H */
#define HAVE_SYS_EPOLL_H 1
+#define HAVE_SYS_EVENTFD_H 1
/* #undef HAVE_SYS_EVENT_H */
#define HAVE_SYS_FILE_H 1
#define HAVE_SYS_IOCTL_H 1
@@ -421,6 +428,7 @@
/* #undef HAVE_UUID_GENERATE_TIME_SAFE */
/* #undef HAVE_UUID_H */
/* #undef HAVE_UUID_UUID_H */
+#define HAVE_VFORK 1
#define HAVE_WAIT3 1
#define HAVE_WAIT4 1
#define HAVE_WAITID 1
@@ -432,7 +440,6 @@
#define HAVE_WMEMCMP 1
#define HAVE_WORKING_TZSET 1
#define HAVE_WRITEV 1
-#define HAVE_X509_VERIFY_PARAM_SET1_HOST 1
#define HAVE_ZLIB_COPY 1
/* #undef HAVE__GETPTY */
/* #undef MAJOR_IN_MKDEV */
@@ -451,8 +458,8 @@
#define PY_BUILTIN_HASHLIB_HASHES "sha3,blake2"
#define PY_COERCE_C_LOCALE 1
#define PY_FORMAT_SIZE_T "z"
-#define PY_SSL_DEFAULT_CIPHERS 1
-/* #undef PY_SSL_DEFAULT_CIPHER_STRING */
+#define PY_SSL_DEFAULT_CIPHERS 0
+#define PY_SSL_DEFAULT_CIPHER_STRING "TLSv1.3:TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE"
/* #undef Py_DEBUG */
/* #undef Py_ENABLE_SHARED */
/* #undef Py_HASH_ALGORITHM */
@@ -505,6 +512,7 @@
#define WITH_DOC_STRINGS 1
/* #undef WITH_DTRACE */
/* #undef WITH_DYLD */
+/* #undef WITH_EDITLINE */
/* #undef WITH_LIBINTL */
/* #undef WITH_NEXT_FRAMEWORK */
/* #undef WITH_PYMALLOC */
diff --git a/pkg/python/pylibs.txt b/pkg/python/pylibs.txt
@@ -2,7 +2,6 @@
__future__.py
__phello__.foo.py
_aix_support.py
-_bootlocale.py
_bootsubprocess.py
_collections_abc.py
_compat_pickle.py
@@ -36,6 +35,7 @@ asyncio/format_helpers.py
asyncio/futures.py
asyncio/locks.py
asyncio/log.py
+asyncio/mixins.py
asyncio/proactor_events.py
asyncio/protocols.py
asyncio/queues.py
@@ -117,7 +117,6 @@ distutils/command/bdist.py
distutils/command/bdist_dumb.py
distutils/command/bdist_msi.py
distutils/command/bdist_rpm.py
-distutils/command/bdist_wininst.py
distutils/command/build.py
distutils/command/build_clib.py
distutils/command/build_ext.py
@@ -317,7 +316,6 @@ enum.py
filecmp.py
fileinput.py
fnmatch.py
-formatter.py
fractions.py
ftplib.py
functools.py
@@ -402,12 +400,21 @@ imaplib.py
imghdr.py
imp.py
importlib/__init__.py
+importlib/_abc.py
+importlib/_adapters.py
importlib/_bootstrap.py
importlib/_bootstrap_external.py
importlib/_common.py
importlib/abc.py
importlib/machinery.py
-importlib/metadata.py
+importlib/metadata/__init__.py
+importlib/metadata/_adapters.py
+importlib/metadata/_collections.py
+importlib/metadata/_functools.py
+importlib/metadata/_itertools.py
+importlib/metadata/_meta.py
+importlib/metadata/_text.py
+importlib/readers.py
importlib/resources.py
importlib/util.py
inspect.py
@@ -593,7 +600,6 @@ stringprep.py
struct.py
subprocess.py
sunau.py
-symbol.py
symtable.py
sysconfig.py
tabnanny.py
diff --git a/pkg/python/sha256 b/pkg/python/sha256
@@ -1 +1 @@
-0c5a140665436ec3dbfbb79e2dfb6d192655f26ef4a29aeffcb6d1820d716d83 Python-3.9.5.tar.xz
+5a99f8e7a6a11a7b98b4e75e0d1303d3832cada5534068f69c7b6222a7b1b002 Python-3.10.0.tar.xz
diff --git a/pkg/python/url b/pkg/python/url
@@ -1 +1 @@
-url = "https://www.python.org/ftp/python/3.9.5/Python-3.9.5.tar.xz"
+url = "https://www.python.org/ftp/python/3.10.0/Python-3.10.0.tar.xz"
diff --git a/pkg/python/ver b/pkg/python/ver
@@ -1 +1 @@
-3.9.5 r0
+3.10.0 r0
