--- /dev/null
+
+# HG changeset patch
+# User Victor Stinner <victor.stinner@gmail.com>
+# Date 1483956641 -3600
+# Node ID 13a39142c0473ecb64fcd4b12a915025df6e4310
+# Parent cb4f73be9486d47f1dc4285998d1532d8857c59e
+Don't use getentropy() on Linux
+
+Issue #29188: Support glibc 2.24 on Linux: don't use getentropy() function but
+read from /dev/urandom to get random bytes, for example in os.urandom(). On
+Linux, getentropy() is implemented which getrandom() is blocking mode, whereas
+os.urandom() should not block.
+
+diff --git a/Python/random.c b/Python/random.c
+--- a/Python/random.c
++++ b/Python/random.c
+@@ -97,8 +97,15 @@ win32_urandom(unsigned char *buffer, Py_
+ }
+
+ /* Issue #25003: Don't use getentropy() on Solaris (available since
+- * Solaris 11.3), it is blocking whereas os.urandom() should not block. */
+-#elif defined(HAVE_GETENTROPY) && !defined(sun)
++ Solaris 11.3), it is blocking whereas os.urandom() should not block.
++
++ Issue #29188: Don't use getentropy() on Linux since the glibc 2.24
++ implements it with the getrandom() syscall which can fail with ENOSYS,
++ and this error is not supported in py_getentropy() and getrandom() is called
++ with flags=0 which blocks until system urandom is initialized, which is not
++ the desired behaviour to seed the Python hash secret nor for os.urandom():
++ see the PEP 524 which was only implemented in Python 3.6. */
++#elif defined(HAVE_GETENTROPY) && !defined(sun) && !defined(linux)
+ #define PY_GETENTROPY 1
+
+ /* Fill buffer with size pseudo-random bytes generated by getentropy().
+
# https://bugs.python.org/issue10496
Patch9: https://bugs.python.org/file21896/nonexistent_user.patch
# Patch9-md5: db706fbe6de467c6e4c97c675eddf29a
+# https://hg.python.org/cpython/rev/13a39142c047
+Patch10: %{name}-no-getentropy.patch
URL: https://www.python.org/
BuildRequires: autoconf >= 2.65
BuildRequires: automake
%patch7 -p1
%patch8 -p1
%patch9 -p1
+%patch10 -p1
tar xjf %{SOURCE1}
projects / packages / python.git / commitdiff