Staging
v0.5.1
v0.5.1
https://github.com/python/cpython
Revision 7316c6d4a57931e9786c06eae168b227d7463317 authored by Christian Heimes on 05 September 2017, 14:00:44 UTC, committed by GitHub on 05 September 2017, 14:00:44 UTC
* Change NPN detection: Version breakdown, support disabled (pre-patch/post-patch): - pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False - 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False - 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and OPENSSL_NO_NEXTPROTONEG will be defined -> True/False Version breakdown support enabled (pre-patch/post-patch): - pre-1.0.1: OPENSSL_NPN_NEGOTIATED will not be defined -> False/False - 1.0.1 and 1.0.2: OPENSSL_NPN_NEGOTIATED will be defined and OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True - 1.1.0+: OPENSSL_NPN_NEGOTIATED will be defined and OPENSSL_NO_NEXTPROTONEG will not be defined -> True/True * Refine NPN guard: - If NPN is disabled, but ALPN is available we need our callback - Make clinic's ssl behave the same way This created a working ssl module for me, with NPN disabled and ALPN enabled for OpenSSL 1.1.0f. Concerns to address: The initial commit for NPN support into OpenSSL [1], had the OPENSSL_NPN_* variables defined inside the OPENSSL_NO_NEXTPROTONEG guard. The question is if that ever made it into a release. This would need an ugly hack, something like: GH-if defined(OPENSSL_NO_NEXTPROTONEG) && \ !defined(OPENSSL_NPN_NEGOTIATED) GH- define OPENSSL_NPN_UNSUPPORTED 0 GH- define OPENSSL_NPN_NEGOTIATED 1 GH- define OPENSSL_NPN_NO_OVERLAP 2 GH-endif [1] https://github.com/openssl/openssl/commit/68b33cc5c7 (cherry picked from commit b2d096b)
1 parent e2543a6
Tip revision: 7316c6d4a57931e9786c06eae168b227d7463317 authored by Christian Heimes on 05 September 2017, 14:00:44 UTC
[3.6] bpo-30622: Change NPN detection: (GH-2079) (#3314)
[3.6] bpo-30622: Change NPN detection: (GH-2079) (#3314)
Tip revision: 7316c6d
.travis.yml
language: c
dist: trusty
sudo: false
group: beta
# To cache doc-building dependencies.
cache: pip
branches:
only:
- master
- /^\d\.\d$/
matrix:
fast_finish: true
allow_failures:
- env: OPTIONAL=true
include:
- os: linux
language: c
compiler: clang
# gcc also works, but to keep the # of concurrent builds down, we use one C
# compiler here and the other to run the coverage build. Clang is preferred
# in this instance for its better error messages.
env: TESTING=cpython
- os: osx
language: c
compiler: clang
# Testing under macOS is optional until testing stability has been demonstrated.
env: OPTIONAL=true
before_install:
- brew install openssl xz
- export CPPFLAGS="-I$(brew --prefix openssl)/include"
- export LDFLAGS="-L$(brew --prefix openssl)/lib"
- os: linux
language: python
python: 3.6
env: TESTING=docs
before_script:
- cd Doc
# Sphinx is pinned so that new versions that introduce new warnings won't suddenly cause build failures.
# (Updating the version is fine as long as no warnings are raised by doing so.)
- python -m pip install sphinx~=1.6.1 blurb
script:
- make check suspicious html SPHINXOPTS="-q -W -j4"
- os: linux
language: c
compiler: gcc
env: OPTIONAL=true
before_script:
- |
if ! git diff --name-only $TRAVIS_COMMIT_RANGE | grep -qvE '(\.rst$)|(^Doc)|(^Misc)'
then
echo "Only docs were updated, stopping build process."
exit
fi
./configure
make -s -j4
# Need a venv that can parse covered code.
./python -m venv venv
./venv/bin/python -m pip install -U coverage
./venv/bin/python -m test.pythoninfo
script:
# Skip tests that re-run the entire test suite.
- ./venv/bin/python -m coverage run --pylib -m test -uall,-cpu -x test_multiprocessing_fork -x test_multiprocessing_forkserver -x test_multiprocessing_spawn
after_script: # Probably should be after_success once test suite updated to run under coverage.py.
# Make the `coverage` command available to Codecov w/ a version of Python that can parse all source files.
- source ./venv/bin/activate
- bash <(curl -s https://codecov.io/bash)
# Travis provides only 2 cores, so don't overdo the parallelism and waste memory.
before_script:
- |
set -e
if ! git diff --name-only $TRAVIS_COMMIT_RANGE | grep -qvE '(\.rst$)|(^Doc)|(^Misc)'
then
echo "Only docs were updated, stopping build process."
exit
fi
./configure --with-pydebug
make -j4
make -j4 regen-all clinic
changes=`git status --porcelain`
if ! test -z "$changes"
then
echo "Generated files not up to date"
echo "$changes"
exit 1
fi
make pythoninfo
script:
# Using the built Python as patchcheck.py is built around the idea of using
# a checkout-build of CPython to know things like what base branch the changes
# should be compared against.
# Only run on Linux as the check only needs to be run once.
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then ./python Tools/scripts/patchcheck.py --travis $TRAVIS_PULL_REQUEST; fi
# `-r -w` implicitly provided through `make buildbottest`.
- make buildbottest TESTOPTS="-j4 -uall,-cpu"
notifications:
email: false
irc:
channels:
# This is set to a secure variable to prevent forks from notifying the
# IRC channel whenever they fail a build. This can be removed when travis
# implements https://github.com/travis-ci/travis-ci/issues/1094.
# The actual value here is: irc.freenode.net#python-dev
- secure: "s7kAkpcom2yUJ8XqyjFI0obJmhAGrn1xmoivdaPdgBIA++X47TBp1x4pgDsbEsoalef7bEwa4l07KdT4qa+DOd/c4QxaWom7fbN3BuLVsZuVfODnl79+gYq/TAbGfyH+yDs18DXrUfPgwD7C5aW32ugsqAOd4iWzfGJQ5OrOZzqzGjYdYQUEkJFXgxDEIb4aHvxNDWGO3Po9uKISrhb5saQ0l776yLo1Ur7M4oxl8RTbCdgX0vf5TzPg52BgvZpOgt3DHOUYPeiJLKNjAE6ibg0U95sEvMfHX77nz4aFY4/3UI6FFaRla34rZ+mYKrn0TdxOhera1QOgPmM6HzdO4K44FpfK1DS0Xxk9U9/uApq+cG0bU3W+cVUHDBe5+90lpRBAXHeHCgT7TI8gec614aiT8lEr3+yH8OBRYGzkjNK8E2LJZ/SxnVxDe7aLF6AWcoWLfS6/ziAIBFQ5Nc4U72CT8fGVSkl8ywPiRlvixKdvTODMSZo0jMqlfZSNaAPTsNRx4wu5Uis4qekwe32Fz4aB6KGpsuuVjBi+H6v0RKxNJNGY3JKDiEH2TK0UE2auJ5GvLW48aUVFcQMB7euCWYXlSWVRHh3WLU8QXF29Dw4JduRZqUpOdRgMHU79UHRq+mkE0jAS/nBcS6CvsmxCpTSrfVYuMOu32yt18QQoTyU="
on_success: change
on_failure: always
skip_join: true
Computing file changes ...
