rpms/ruby
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Upgrade to Ruby 3.3.0 (7c8932365f).

Browse source
This commit is contained in:
Vít Ondruch 2023-09-11 17:02:53 +02:00
commit 4c825f6bc8
17 changed files with 156 additions and 752 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ruby-2.1.0-Enable-configuration-of-archlibdir.patch
View file

@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
index d261ea57b5..3c13076b82 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3411,6 +3411,11 @@ AS_IF([test ${multiarch+set}], [
@@ -3431,6 +3431,11 @@ AS_IF([test ${multiarch+set}], [
])
archlibdir='${libdir}/${arch}'

2
ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch
View file

@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac
index c42436c23d..d261ea57b5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4196,7 +4196,8 @@ AS_CASE(["$ruby_version_dir_name"],
@@ -4259,7 +4259,8 @@ AS_CASE(["$ruby_version_dir_name"],
ruby_version_dir=/'${ruby_version_dir_name}'
if test -z "${ruby_version_dir_name}"; then

2
ruby-2.1.0-always-use-i386.patch
View file

@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
index 3c13076b82..93af30321d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4260,6 +4260,8 @@ AC_SUBST(vendorarchdir)dnl
@@ -4323,6 +4323,8 @@ AC_SUBST(vendorarchdir)dnl
AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl

4
ruby-2.1.0-custom-rubygems-location.patch
View file

@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac
index 93af30321d..bc13397e0e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4232,6 +4232,10 @@ AC_ARG_WITH(vendorarchdir,
@@ -4295,6 +4295,10 @@ AC_ARG_WITH(vendorarchdir,
[vendorarchdir=$withval],
[vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644
AS_IF([test "${LOAD_RELATIVE+set}"], [
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
RUBY_EXEC_PREFIX=''
@@ -4256,6 +4260,7 @@ AC_SUBST(sitearchdir)dnl
@@ -4319,6 +4323,7 @@ AC_SUBST(sitearchdir)dnl
AC_SUBST(vendordir)dnl
AC_SUBST(vendorlibdir)dnl
AC_SUBST(vendorarchdir)dnl

18
ruby-2.3.0-ruby_version.patch
View file

@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac
index 80b137e380..63cd3b4f8b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4146,9 +4146,6 @@ AS_CASE(["$target_os"],
@@ -4209,9 +4209,6 @@ AS_CASE(["$target_os"],
rubyw_install_name='$(RUBYW_INSTALL_NAME)'
])
@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644
rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'}
AC_ARG_WITH(rubyarchprefix,
AS_HELP_STRING([--with-rubyarchprefix=DIR],
@@ -4171,57 +4168,63 @@ AC_ARG_WITH(ridir,
@@ -4234,57 +4231,63 @@ AC_ARG_WITH(ridir,
AC_SUBST(ridir)
AC_SUBST(RI_BASE_NAME)
@ -122,7 +122,7 @@ index 80b137e380..63cd3b4f8b 100644
AS_IF([test "${LOAD_RELATIVE+set}"], [
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
@@ -4238,6 +4241,7 @@ AC_SUBST(sitearchincludedir)dnl
@@ -4301,6 +4304,7 @@ AC_SUBST(sitearchincludedir)dnl
AC_SUBST(arch)dnl
AC_SUBST(sitearch)dnl
AC_SUBST(ruby_version)dnl
@ -195,7 +195,7 @@ diff --git a/lib/rubygems/defaults.rb b/lib/rubygems/defaults.rb
index d4ff4a262c..3f9a5bf590 100644
--- a/lib/rubygems/defaults.rb
+++ b/lib/rubygems/defaults.rb
@@ -34,7 +34,7 @@ def self.default_spec_cache_dir
@@ -35,7 +35,7 @@ def self.default_spec_cache_dir
# specified in the environment
def self.default_dir
@ -204,7 +204,7 @@ index d4ff4a262c..3f9a5bf590 100644
end
##
@@ -103,7 +103,8 @@ def self.user_dir
@@ -104,7 +104,8 @@ def self.user_dir
gem_dir = File.join(Gem.user_home, ".gem")
gem_dir = File.join(Gem.data_home, "gem") unless File.exist?(gem_dir)
parts = [gem_dir, ruby_engine]
@ -214,7 +214,7 @@ index d4ff4a262c..3f9a5bf590 100644
File.join parts
end
@@ -248,7 +249,7 @@ def self.vendor_dir # :nodoc:
@@ -253,7 +254,7 @@ def self.vendor_dir # :nodoc:
return nil unless RbConfig::CONFIG.key? "vendordir"
File.join RbConfig::CONFIG["vendordir"], "gems",
@ -227,7 +227,7 @@ diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb
index b25068405d..e9fef4a311 100644
--- a/test/rubygems/test_gem.rb
+++ b/test/rubygems/test_gem.rb
@@ -1337,7 +1337,8 @@ def test_self_use_paths
@@ -1351,7 +1351,8 @@ def test_self_use_paths
def test_self_user_dir
parts = [@userhome, ".gem", Gem.ruby_engine]
@ -237,7 +237,7 @@ index b25068405d..e9fef4a311 100644
FileUtils.mkdir_p File.join(parts)
@@ -1413,7 +1414,7 @@ def test_self_vendor_dir
@@ -1427,7 +1428,7 @@ def test_self_vendor_dir
vendordir(File.join(@tempdir, "vendor")) do
expected =
File.join RbConfig::CONFIG["vendordir"], "gems",
@ -262,7 +262,7 @@ diff --git a/configure.ac b/configure.ac
index a00f2b6776..999e2d6d5d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -124,7 +124,7 @@ RUBY_BASE_NAME=`echo ruby | sed "$program_transform_name"`
@@ -135,7 +135,7 @@ RUBY_BASE_NAME=`echo ruby | sed "$program_transform_name"`
RUBYW_BASE_NAME=`echo rubyw | sed "$program_transform_name"`
AC_SUBST(RUBY_BASE_NAME)
AC_SUBST(RUBYW_BASE_NAME)

30
ruby-2.7.0-Initialize-ABRT-hook.patch
View file

@ -15,10 +15,11 @@ To keep the things simple for now, load the ABRT hook via C.
[4]: https://github.com/ruby/ruby/pull/2735
[5]: https://lists.fedoraproject.org/archives/list/ruby-sig@lists.fedoraproject.org/message/LH6L6YJOYQT4Y5ZNOO4SLIPTUWZ5V45Q/
---
abrt.c | 12 ++++++++++++
common.mk | 3 ++-
ruby.c | 4 ++++
3 files changed, 18 insertions(+), 1 deletion(-)
abrt.c | 12 ++++++++++++
common.mk | 3 ++-
ruby.c | 4 ++++
spec/ruby/core/kernel/require_spec.rb | 2 ++
4 files changed, 20 insertions(+), 1 deletion(-)
create mode 100644 abrt.c
diff --git a/abrt.c b/abrt.c
@ -43,9 +44,9 @@ diff --git a/common.mk b/common.mk
index b2e5b2b6d0..f39f81da5c 100644
--- a/common.mk
+++ b/common.mk
@@ -86,7 +86,8 @@ ENC_MK = enc.mk
MAKE_ENC = -f $(ENC_MK) V="$(V)" UNICODE_HDR_DIR="$(UNICODE_HDR_DIR)" \
RUBY="$(BOOTSTRAPRUBY)" MINIRUBY="$(BOOTSTRAPRUBY)" $(mflags)
@@ -115,7 +115,8 @@ YARP_FILES = yarp/api_node.$(OBJEXT) \
yarp/yarp.$(OBJEXT) \
yarp/yarp_init.$(OBJEXT)
-COMMONOBJS = array.$(OBJEXT) \
+COMMONOBJS = abrt.$(OBJEXT) \
@ -57,7 +58,7 @@ diff --git a/ruby.c b/ruby.c
index 60c57d6259..1eec16f2c8 100644
--- a/ruby.c
+++ b/ruby.c
@@ -1572,10 +1572,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt)
@@ -1699,10 +1699,14 @@ proc_options(long argc, char **argv, ruby_cmdline_options_t *opt, int envopt)
void Init_builtin_features(void);
@ -72,3 +73,16 @@ index 60c57d6259..1eec16f2c8 100644
rb_const_remove(rb_cObject, rb_intern_const("TMP_RUBY_PREFIX"));
}
diff --git a/spec/ruby/core/kernel/require_spec.rb b/spec/ruby/core/kernel/require_spec.rb
index 60c57d6259..1eec16f2c8 100644
--- a/spec/ruby/core/kernel/require_spec.rb
+++ b/spec/ruby/core/kernel/require_spec.rb
@@ -25,6 +25,8 @@
out = ruby_exe("puts $LOADED_FEATURES", options: '--disable-gems --disable-did-you-mean')
features = out.lines.map { |line| File.basename(line.chomp, '.*') }
+ # Ignore ABRT
+ features -= %w[abrt]
# Ignore CRuby internals
features -= %w[encdb transdb windows_1252]
features.reject! { |feature| feature.end_with?('-fake') }

31
ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch
View file

@ -1,31 +0,0 @@
From 9b42fce32bff25e0569581f76f532b9d57865aef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
Date: Mon, 27 Jul 2020 14:56:05 +0200
Subject: [PATCH] Timeout the test_bug_reporter_add witout raising error.
While timeouting the threads might be still good idea, it does not seems
the timeout impacts the TestBugReporter#test_bug_reporter_add result,
because the output of the child process has been already collected
earlier.
It seems that when the system is under heavy load, the thread might not
be sheduled to finish its processing. Even finishing the child process
might take tens of seconds and therefore the test case finish might take
a while.
---
test/-ext-/bug_reporter/test_bug_reporter.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/-ext-/bug_reporter/test_bug_reporter.rb b/test/-ext-/bug_reporter/test_bug_reporter.rb
index 628fcd0340..2c677cc8a7 100644
--- a/test/-ext-/bug_reporter/test_bug_reporter.rb
+++ b/test/-ext-/bug_reporter/test_bug_reporter.rb
@@ -28,7 +28,7 @@ def test_bug_reporter_add
"-C", tmpdir]
args.push("--yjit") if yjit_enabled? # We want the printed description to match this process's RUBY_DESCRIPTION
stdin = "#{no_core}register_sample_bug_reporter(12345); Process.kill :SEGV, $$"
- assert_in_out_err(args, stdin, [], expected_stderr, encoding: "ASCII-8BIT")
+ assert_in_out_err(args, stdin, [], expected_stderr, encoding: "ASCII-8BIT", timeout_error: nil)
ensure
FileUtils.rm_rf(tmpdir) if tmpdir
end

2
ruby-3.1.0-Don-t-query-RubyVM-FrozenCore-for-class-path.patch
View file

@ -21,7 +21,7 @@ diff --git a/vm.c b/vm.c
index 8ce8b279d4..3d189fa63a 100644
--- a/vm.c
+++ b/vm.c
@@ -547,7 +547,15 @@ rb_dtrace_setup(rb_execution_context_t *ec, VALUE klass, ID id,
@@ -565,7 +565,15 @@ rb_dtrace_setup(rb_execution_context_t *ec, VALUE klass, ID id,
}
type = BUILTIN_TYPE(klass);
if (type == T_CLASS || type == T_ICLASS || type == T_MODULE) {

73
ruby-3.2.0-Revert-Fix-test-syntax-suggest-order.patch
View file

@ -1,73 +0,0 @@
From 5e2f8761b2342ee58f9689a7d62d48ec031e59c0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
Date: Mon, 2 Jan 2023 14:30:13 +0100
Subject: [PATCH] Revert "Fix test-syntax-suggest order"
This reverts commit 18c1ca8f4c0748905d5cedb6c044df507ea8ad6a.
---
common.mk | 12 ++++--------
defs/gmake.mk | 2 +-
2 files changed, 5 insertions(+), 9 deletions(-)
diff --git a/common.mk b/common.mk
index d0558697d7..e73841aae7 100644
--- a/common.mk
+++ b/common.mk
@@ -767,7 +767,8 @@ clean-spec: PHONY
-$(Q) $(RMDIRS) $(RUBYSPEC_CAPIEXT) 2> $(NULL) || $(NULLCMD)
-$(Q) $(RMALL) rubyspec_temp
-check: main $(DOT_WAIT) test $(DOT_WAIT) test-tool $(DOT_WAIT) test-all
+check: main $(DOT_WAIT) test $(DOT_WAIT) test-tool $(DOT_WAIT) test-all \
+ $(DOT_WAIT) test-spec $(DOT_WAIT) test-syntax-suggest
$(ECHO) check succeeded
-$(Q) : : "run only on sh"; \
if [ x"$(GIT)" != x ] && $(CHDIR) "$(srcdir)" && \
@@ -903,8 +904,6 @@ yes-test-spec: test-spec-precheck
$(ACTIONS_ENDGROUP)
no-test-spec:
-check: $(DOT_WAIT) test-spec
-
RUNNABLE = $(LIBRUBY_RELATIVE:no=un)-runnable
runnable: $(RUNNABLE) prog $(tooldir)/mkrunnable.rb PHONY
$(Q) $(MINIRUBY) $(tooldir)/mkrunnable.rb -v $(EXTOUT)
@@ -1456,7 +1455,6 @@ test-syntax-suggest-precheck: $(TEST_RUNNABLE)-test-syntax-suggest-precheck
no-test-syntax-suggest-precheck:
yes-test-syntax-suggest-precheck: main
-test-syntax-suggest-prepare: $(TEST_RUNNABLE)-test-syntax-suggest-prepare
no-test-syntax-suggest-prepare: no-test-syntax-suggest-precheck
yes-test-syntax-suggest-prepare: yes-test-syntax-suggest-precheck
$(ACTIONS_GROUP)
@@ -1466,15 +1464,13 @@ yes-test-syntax-suggest-prepare: yes-test-syntax-suggest-precheck
RSPECOPTS =
SYNTAX_SUGGEST_SPECS =
-PREPARE_SYNTAX_SUGGEST = test-syntax-suggest-prepare
+PREPARE_SYNTAX_SUGGEST = yes-test-syntax-suggest-prepare
test-syntax-suggest: $(TEST_RUNNABLE)-test-syntax-suggest
-yes-test-syntax-suggest: yes-$(PREPARE_SYNTAX_SUGGEST)
+yes-test-syntax-suggest: $(PREPARE_SYNTAX_SUGGEST)
$(XRUBY) -C $(srcdir) -Ispec/syntax_suggest .bundle/bin/rspec \
--require spec_helper $(RSPECOPTS) spec/syntax_suggest/$(SYNTAX_SUGGEST_SPECS)
no-test-syntax-suggest:
-check: $(DOT_WAIT) $(TEST_RUNNABLE)-$(PREPARE_SYNTAX_SUGGEST) test-syntax-suggest
-
test-bundler-precheck: $(TEST_RUNNABLE)-test-bundler-precheck
no-test-bundler-precheck:
yes-test-bundler-precheck: main $(arch)-fake.rb
diff --git a/defs/gmake.mk b/defs/gmake.mk
index 54fef6685f..0aa403a4eb 100644
--- a/defs/gmake.mk
+++ b/defs/gmake.mk
@@ -84,7 +84,7 @@ endif
ORDERED_TEST_TARGETS := $(filter $(TEST_TARGETS), \
btest-ruby test-knownbug test-basic \
test-testframework test-tool test-ruby test-all \
- test-spec test-syntax-suggest-prepare test-syntax-suggest \
+ test-spec test-syntax-suggest \
test-bundler-prepare test-bundler test-bundler-parallel \
test-bundled-gems-precheck test-bundled-gems-fetch \
test-bundled-gems-prepare test-bundled-gems-run \

67
ruby-3.2.0-Revert-Test-syntax_suggest-by-make-check.patch
View file

@ -1,67 +0,0 @@
From cf60e383a9c98da5cd75012f2aabfa4a2774aade Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
Date: Mon, 2 Jan 2023 14:16:39 +0100
Subject: [PATCH] Revert "Test syntax_suggest by `make check`"
This reverts commit cae53842735237ccf71a13873fd0d1ae7f165582.
---
common.mk | 6 ++----
defs/gmake.mk | 6 ++----
2 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/common.mk b/common.mk
index 27f6a9d89d..8021f03a58 100644
--- a/common.mk
+++ b/common.mk
@@ -767,8 +767,7 @@ clean-spec: PHONY
-$(Q) $(RMDIRS) $(RUBYSPEC_CAPIEXT) 2> $(NULL) || $(NULLCMD)
-$(Q) $(RMALL) rubyspec_temp
-check: main $(DOT_WAIT) test $(DOT_WAIT) test-tool $(DOT_WAIT) test-all \
- $(DOT_WAIT) test-spec $(DOT_WAIT) test-syntax-suggest
+check: main $(DOT_WAIT) test $(DOT_WAIT) test-tool $(DOT_WAIT) test-all $(DOT_WAIT) test-spec
$(ECHO) check succeeded
-$(Q) : : "run only on sh"; \
if [ x"$(GIT)" != x ] && $(CHDIR) "$(srcdir)" && \
@@ -1464,9 +1463,8 @@ yes-test-syntax-suggest-prepare: yes-test-syntax-suggest-precheck
RSPECOPTS =
SYNTAX_SUGGEST_SPECS =
-PREPARE_SYNTAX_SUGGEST = yes-test-syntax-suggest-prepare
test-syntax-suggest: $(TEST_RUNNABLE)-test-syntax-suggest
-yes-test-syntax-suggest: $(PREPARE_SYNTAX_SUGGEST)
+yes-test-syntax-suggest: yes-test-syntax-suggest-prepare
$(XRUBY) -C $(srcdir) -Ispec/syntax_suggest .bundle/bin/rspec \
--require spec_helper $(RSPECOPTS) spec/syntax_suggest/$(SYNTAX_SUGGEST_SPECS)
no-test-syntax-suggest:
diff --git a/defs/gmake.mk b/defs/gmake.mk
index 0aa403a4eb..dc9d31f49e 100644
--- a/defs/gmake.mk
+++ b/defs/gmake.mk
@@ -27,7 +27,7 @@ TEST_DEPENDS := $(filter-out commit $(TEST_TARGETS),$(MAKECMDGOALS))
TEST_TARGETS := $(patsubst great,exam,$(TEST_TARGETS))
TEST_DEPENDS := $(filter-out great $(TEST_TARGETS),$(TEST_DEPENDS))
TEST_TARGETS := $(patsubst exam,check,$(TEST_TARGETS))
-TEST_TARGETS := $(patsubst check,test-syntax-suggest test-spec test-all test-tool test-short,$(TEST_TARGETS))
+TEST_TARGETS := $(patsubst check,test-spec test-all test-tool test-short,$(TEST_TARGETS))
TEST_TARGETS := $(patsubst test-rubyspec,test-spec,$(TEST_TARGETS))
TEST_DEPENDS := $(filter-out exam check test-spec $(TEST_TARGETS),$(TEST_DEPENDS))
TEST_TARGETS := $(patsubst love,check,$(TEST_TARGETS))
@@ -40,7 +40,6 @@ TEST_TARGETS := $(patsubst test-short,btest-ruby test-knownbug test-basic,$(TEST
TEST_TARGETS := $(patsubst test-bundled-gems,test-bundled-gems-run,$(TEST_TARGETS))
TEST_TARGETS := $(patsubst test-bundled-gems-run,test-bundled-gems-run $(PREPARE_BUNDLED_GEMS),$(TEST_TARGETS))
TEST_TARGETS := $(patsubst test-bundled-gems-prepare,test-bundled-gems-prepare $(PRECHECK_BUNDLED_GEMS) test-bundled-gems-fetch,$(TEST_TARGETS))
-TEST_TARGETS := $(patsubst test-syntax-suggest,test-syntax-suggest $(PREPARE_SYNTAX_SUGGEST),$(TEST_TARGETS))
TEST_DEPENDS := $(filter-out test-short $(TEST_TARGETS),$(TEST_DEPENDS))
TEST_DEPENDS += $(if $(filter great exam love check,$(MAKECMDGOALS)),all exts)
endif
@@ -84,8 +83,7 @@ endif
ORDERED_TEST_TARGETS := $(filter $(TEST_TARGETS), \
btest-ruby test-knownbug test-basic \
test-testframework test-tool test-ruby test-all \
- test-spec test-syntax-suggest \
- test-bundler-prepare test-bundler test-bundler-parallel \
+ test-spec test-bundler-prepare test-bundler test-bundler-parallel \
test-bundled-gems-precheck test-bundled-gems-fetch \
test-bundled-gems-prepare test-bundled-gems-run \
)

39
ruby-3.2.0-Use-SHA256-instead-of-SHA1.patch
View file

@ -1,39 +0,0 @@
From 9b9825d6cdda053fea49eb2f613bc62bde465e89 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
Date: Wed, 4 Jan 2023 17:23:35 +0100
Subject: [PATCH] Use SHA256 instead of SHA1
Systems such as CentOS 9 / RHEL 9 are moving away from SHA1 disabling it
by default via a system-wide crypto policy. This replaces SHA1 with
SHA256 in similar way as [[1]].
[1]: https://github.com/ruby/openssl/pull/554
---
spec/ruby/library/openssl/x509/name/verify_spec.rb | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/spec/ruby/library/openssl/x509/name/verify_spec.rb b/spec/ruby/library/openssl/x509/name/verify_spec.rb
index a8bf865bd..6dcfc9946 100644
--- a/spec/ruby/library/openssl/x509/name/verify_spec.rb
+++ b/spec/ruby/library/openssl/x509/name/verify_spec.rb
@@ -12,7 +12,7 @@ describe "OpenSSL::X509::Name.verify" do
cert.public_key = key.public_key
cert.not_before = Time.now - 10
cert.not_after = cert.not_before + 365 * 24 * 60 * 60
- cert.sign key, OpenSSL::Digest.new('SHA1')
+ cert.sign key, OpenSSL::Digest.new('SHA256')
store = OpenSSL::X509::Store.new
store.add_cert(cert)
[store.verify(cert), store.error, store.error_string].should == [true, 0, "ok"]
@@ -28,7 +28,7 @@ describe "OpenSSL::X509::Name.verify" do
cert.public_key = key.public_key
cert.not_before = Time.now - 10
cert.not_after = Time.now - 5
- cert.sign key, OpenSSL::Digest.new('SHA1')
+ cert.sign key, OpenSSL::Digest.new('SHA256')
store = OpenSSL::X509::Store.new
store.add_cert(cert)
store.verify(cert).should == false
--
2.38.1

23
ruby-3.3.0-Disable-syntax-suggest-test-case.patch Normal file
View file

@ -0,0 +1,23 @@
From 6365d1b79e10330fced83d00d4cb950380a3b0fe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch@redhat.com>
Date: Thu, 7 Sep 2023 13:13:02 +0200
Subject: [PATCH] Disable syntax-suggest test case.
This requires internet connection.
---
common.mk | 2 --
1 file changed, 2 deletions(-)
diff --git a/common.mk b/common.mk
index d55d1788aa..73755f6ccd 100644
--- a/common.mk
+++ b/common.mk
@@ -1563,8 +1563,6 @@ yes-test-syntax-suggest: $(PREPARE_SYNTAX_SUGGEST)
$(ACTIONS_ENDGROUP)
no-test-syntax-suggest:
-check: $(DOT_WAIT) $(PREPARE_SYNTAX_SUGGEST) test-syntax-suggest
-
test-bundler-precheck: $(TEST_RUNNABLE)-test-bundler-precheck
no-test-bundler-precheck:
yes-test-bundler-precheck: main $(arch)-fake.rb

32
ruby-3.3.0-openssl-3.2.0-fips-enable-tests.patch
View file

@ -1,32 +0,0 @@
From f0b254f1f6610294821bbfc06b414d2af452db5b Mon Sep 17 00:00:00 2001
From: Jun Aruga <jaruga@redhat.com>
Date: Thu, 13 Apr 2023 17:28:27 +0200
Subject: [PATCH] [ruby/openssl] Drop a common logic disabling the FIPS mode in
the tests.
We want to run the unit tests in the FIPS mode too.
https://github.com/ruby/openssl/commit/ab92baff34
---
test/openssl/utils.rb | 5 -----
1 file changed, 5 deletions(-)
diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb
index 4ebcb9837b..8a0be0d154 100644
--- a/test/openssl/utils.rb
+++ b/test/openssl/utils.rb
@@ -1,11 +1,6 @@
# frozen_string_literal: true
begin
require "openssl"
-
- # Disable FIPS mode for tests for installations
- # where FIPS mode would be enabled by default.
- # Has no effect on all other installations.
- OpenSSL.fips_mode=false
rescue LoadError
end
--
2.41.0

73
ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-dh-require-openssl.patch
View file

@ -1,73 +0,0 @@
From b6d7cdc2bad0eadbca73f3486917f0ec7a475814 Mon Sep 17 00:00:00 2001
From: Kazuki Yamaguchi <k@rhe.jp>
Date: Tue, 29 Aug 2023 19:46:02 +0900
Subject: [PATCH] [ruby/openssl] ssl: use ffdhe2048 from RFC 7919 as the
default DH group parameters
In TLS 1.2 or before, if DH group parameters for DHE are not supplied
with SSLContext#tmp_dh= or #tmp_dh_callback=, we currently use the
self-generated parameters added in commit https://github.com/ruby/openssl/commit/bb3399a61c03 ("support 2048
bit length DH-key", 2016-01-15) as the fallback.
While there is no known weakness in the current parameters, it would be
a good idea to switch to pre-defined, more well audited parameters.
This also allows the fallback to work in the FIPS mode.
The PEM encoding was derived with:
# RFC 7919 Appendix A.1. ffdhe2048
print OpenSSL::PKey.read(OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer((<<-END).split.join.to_i(16)), OpenSSL::ASN1::Integer(2)]).to_der).to_pem
FFFFFFFF FFFFFFFF ADF85458 A2BB4A9A AFDC5620 273D3CF1
D8B9C583 CE2D3695 A9E13641 146433FB CC939DCE 249B3EF9
7D2FE363 630C75D8 F681B202 AEC4617A D3DF1ED5 D5FD6561
2433F51F 5F066ED0 85636555 3DED1AF3 B557135E 7F57C935
984F0C70 E0E68B77 E2A689DA F3EFE872 1DF158A1 36ADE735
30ACCA4F 483A797A BC0AB182 B324FB61 D108A94B B2C8E3FB
B96ADAB7 60D7F468 1D4F42A3 DE394DF4 AE56EDE7 6372BB19
0B07A7C8 EE0A6D70 9E02FCE1 CDF7E2EC C03404CD 28342F61
9172FE9C E98583FF 8E4F1232 EEF28183 C3FE3B1B 4C6FAD73
3BB5FCBC 2EC22005 C58EF183 7D1683B2 C6F34A26 C1B2EFFA
886B4238 61285C97 FFFFFFFF FFFFFFFF
END
https://github.com/ruby/openssl/commit/a5527cb4f4
---
ext/openssl/lib/openssl/ssl.rb | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/ext/openssl/lib/openssl/ssl.rb b/ext/openssl/lib/openssl/ssl.rb
index ea8bb2a18e533..94be6ba80b894 100644
--- a/ext/openssl/lib/openssl/ssl.rb
+++ b/ext/openssl/lib/openssl/ssl.rb
@@ -34,21 +34,21 @@ class SSLContext
}
if defined?(OpenSSL::PKey::DH)
- DEFAULT_2048 = OpenSSL::PKey::DH.new <<-_end_of_pem_
+ DH_ffdhe2048 = OpenSSL::PKey::DH.new <<-_end_of_pem_
-----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY
-JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab
-VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6
-YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
-1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD
-7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg==
+MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
++8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
+87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
+YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
+7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
+ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
-----END DH PARAMETERS-----
_end_of_pem_
- private_constant :DEFAULT_2048
+ private_constant :DH_ffdhe2048
DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen| # :nodoc:
warn "using default DH parameters." if $VERBOSE
- DEFAULT_2048
+ DH_ffdhe2048
}
end

160
ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-read-in-openssl-3.patch
View file

@ -1,160 +0,0 @@
From 40451afa279c52ce7a508f8a9ec553cfe7a76a10 Mon Sep 17 00:00:00 2001
From: Jun Aruga <jaruga@redhat.com>
Date: Wed, 12 Apr 2023 17:15:21 +0200
Subject: [PATCH] Fix OpenSSL::PKey.read in OpenSSL 3 FIPS module.
This is a combination of the following 2 commits. Because the combined patch is
easy to merge.
This is the 1st commit message:
[ruby/openssl] Workaround: Fix OpenSSL::PKey.read that cannot parse PKey in the FIPS mode.
This commit is a workaround to avoid the error below that the
`OpenSSL::PKey.read` fails with the OpenSSL 3.0 FIPS mode.
```
$ openssl genrsa -out key.pem 4096
$ ruby -e "require 'openssl'; OpenSSL::PKey.read(File.read('key.pem'))"
-e:1:in `read': Could not parse PKey (OpenSSL::PKey::PKeyError)
from -e:1:in `<main>'
```
The root cause is on the OpenSSL side. The `OSSL_DECODER_CTX_set_selection`
doesn't apply the selection value properly if there are multiple providers, and
a provider (e.g. "base" provider) handles the decoder implementation, and
another provider (e.g. "fips" provider) handles the keys.
The workaround is to create `OSSL_DECODER_CTX` variable each time without using
the `OSSL_DECODER_CTX_set_selection`.
https://github.com/ruby/openssl/commit/5ff4a31621
This is the commit message #2:
[ruby/openssl] ossl_pkey.c: Workaround: Decode with non-zero selections.
This is a workaround for the decoding issue in ossl_pkey_read_generic().
The issue happens in the case that a key management provider is different from
a decoding provider.
Try all the non-zero selections in order, instead of selection 0 for OpenSSL 3
to avoid the issue.
https://github.com/ruby/openssl/commit/db688fa739
---
ext/openssl/ossl_pkey.c | 78 ++++++++++++++++++++++++++++++++++++++---
1 file changed, 73 insertions(+), 5 deletions(-)
diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c
index 476256679b..419422958e 100644
--- a/ext/openssl/ossl_pkey.c
+++ b/ext/openssl/ossl_pkey.c
@@ -82,18 +82,20 @@ ossl_pkey_new(EVP_PKEY *pkey)
#if OSSL_OPENSSL_PREREQ(3, 0, 0)
# include <openssl/decoder.h>
-EVP_PKEY *
-ossl_pkey_read_generic(BIO *bio, VALUE pass)
+static EVP_PKEY *
+ossl_pkey_read(BIO *bio, const char *input_type, int selection, VALUE pass)
{
void *ppass = (void *)pass;
OSSL_DECODER_CTX *dctx;
EVP_PKEY *pkey = NULL;
int pos = 0, pos2;
- dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, "DER", NULL, NULL, 0, NULL, NULL);
+ dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, input_type, NULL, NULL,
+ selection, NULL, NULL);
if (!dctx)
goto out;
- if (OSSL_DECODER_CTX_set_pem_password_cb(dctx, ossl_pem_passwd_cb, ppass) != 1)
+ if (OSSL_DECODER_CTX_set_pem_password_cb(dctx, ossl_pem_passwd_cb,
+ ppass) != 1)
goto out;
/* First check DER */
@@ -151,11 +153,77 @@ ossl_pkey_read_generic(BIO *bio, VALUE pass)
ossl_clear_error();
pos = pos2;
}
-
out:
+ OSSL_BIO_reset(bio);
OSSL_DECODER_CTX_free(dctx);
return pkey;
}
+
+EVP_PKEY *
+ossl_pkey_read_generic(BIO *bio, VALUE pass)
+{
+ EVP_PKEY *pkey = NULL;
+ /* First check DER, then check PEM. */
+ const char *input_types[] = {"DER", "PEM"};
+ int input_type_num = (int)(sizeof(input_types) / sizeof(char *));
+ /*
+ * Non-zero selections to try to decode.
+ *
+ * See EVP_PKEY_fromdata(3) - Selections to see all the selections.
+ *
+ * This is a workaround for the decoder failing to decode or returning
+ * bogus keys with selection 0, if a key management provider is different
+ * from a decoder provider. The workaround is to avoid using selection 0.
+ *
+ * Affected OpenSSL versions: >= 3.1.0, <= 3.1.2, or >= 3.0.0, <= 3.0.10
+ * Fixed OpenSSL versions: 3.2, next release of the 3.1.z and 3.0.z
+ *
+ * See https://github.com/openssl/openssl/pull/21519 for details.
+ *
+ * First check for private key formats (EVP_PKEY_KEYPAIR). This is to keep
+ * compatibility with ruby/openssl < 3.0 which decoded the following as a
+ * private key.
+ *
+ * $ openssl ecparam -name prime256v1 -genkey -outform PEM
+ * -----BEGIN EC PARAMETERS-----
+ * BggqhkjOPQMBBw==
+ * -----END EC PARAMETERS-----
+ * -----BEGIN EC PRIVATE KEY-----
+ * MHcCAQEEIAG8ugBbA5MHkqnZ9ujQF93OyUfL9tk8sxqM5Wv5tKg5oAoGCCqGSM49
+ * AwEHoUQDQgAEVcjhJfkwqh5C7kGuhAf8XaAjVuG5ADwb5ayg/cJijCgs+GcXeedj
+ * 86avKpGH84DXUlB23C/kPt+6fXYlitUmXQ==
+ * -----END EC PRIVATE KEY-----
+ *
+ * While the first PEM block is a proper encoding of ECParameters, thus
+ * OSSL_DECODER_from_bio() would pick it up, ruby/openssl used to return
+ * the latter instead. Existing applications expect this behavior.
+ *
+ * Note that normally, the input is supposed to contain a single decodable
+ * PEM block only, so this special handling should not create a new problem.
+ *
+ * Note that we need to create the OSSL_DECODER_CTX variable each time when
+ * we use the different selection as a workaround.
+ * See https://github.com/openssl/openssl/issues/20657 for details.
+ */
+ int selections[] = {
+ EVP_PKEY_KEYPAIR,
+ EVP_PKEY_KEY_PARAMETERS,
+ EVP_PKEY_PUBLIC_KEY
+ };
+ int selection_num = (int)(sizeof(selections) / sizeof(int));
+ int i, j;
+
+ for (i = 0; i < input_type_num; i++) {
+ for (j = 0; j < selection_num; j++) {
+ pkey = ossl_pkey_read(bio, input_types[i], selections[j], pass);
+ if (pkey) {
+ goto out;
+ }
+ }
+ }
+ out:
+ return pkey;
+}
#else
EVP_PKEY *
ossl_pkey_read_generic(BIO *bio, VALUE pass)
--
2.41.0

142
ruby-3.3.0-openssl-3.2.0-fix-fips-get-set-in-openssl-3.patch
View file

@ -1,142 +0,0 @@
From 29920ec109751459a65c6478525f2e59c644891f Mon Sep 17 00:00:00 2001
From: Jun Aruga <jaruga@redhat.com>
Date: Thu, 16 Mar 2023 21:36:43 +0100
Subject: [PATCH] [ruby/openssl] Implement FIPS functions on OpenSSL 3.
This commit is to implement the `OpenSSL::OPENSSL_FIPS`, `ossl_fips_mode_get`
and `ossl_fips_mode_set` to pass the test `test/openssl/test_fips.rb`.
It seems that the `OPENSSL_FIPS` macro is not used on the FIPS mode case any
more, and some FIPS related APIs also were removed in OpenSSL 3.
See the document <https://github.com/openssl/openssl/blob/master/doc/man7/migration_guide.pod#removed-fips_mode-and-fips_mode_set>
the section OPENSSL 3.0 > Main Changes from OpenSSL 1.1.1 >
Other notable deprecations and changes - Removed FIPS_mode() and FIPS_mode_set() .
The `OpenSSL::OPENSSL_FIPS` returns always true in OpenSSL 3 because the used
functions `EVP_default_properties_enable_fips` and `EVP_default_properties_is_fips_enabled`
works with the OpenSSL installed without FIPS option.
The `TEST_RUBY_OPENSSL_FIPS_ENABLED` is set on the FIPS mode case on the CI.
Because I want to test that the `OpenSSL.fips_mode` returns the `true` or
'false' surely in the CI. You can test the FIPS mode case by setting
`TEST_RUBY_OPENSSL_FIPS_ENABLED` on local too. Right now I don't find a better
way to get the status of the FIPS mode enabled or disabled for this purpose. I
am afraid of the possibility that the FIPS test case is unintentionally skipped.
I also replaced the ambiguous "returns" with "should return" in the tests.
https://github.com/ruby/openssl/commit/c5b2bc1268
---
ext/openssl/ossl.c | 25 +++++++++++++++++++++----
test/openssl/test_fips.rb | 32 ++++++++++++++++++++++++++++----
2 files changed, 49 insertions(+), 8 deletions(-)
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index 6c532aca94..fcf3744c65 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -418,7 +418,11 @@ static VALUE
ossl_fips_mode_get(VALUE self)
{
-#ifdef OPENSSL_FIPS
+#if OSSL_OPENSSL_PREREQ(3, 0, 0)
+ VALUE enabled;
+ enabled = EVP_default_properties_is_fips_enabled(NULL) ? Qtrue : Qfalse;
+ return enabled;
+#elif OPENSSL_FIPS
VALUE enabled;
enabled = FIPS_mode() ? Qtrue : Qfalse;
return enabled;
@@ -442,8 +446,18 @@ ossl_fips_mode_get(VALUE self)
static VALUE
ossl_fips_mode_set(VALUE self, VALUE enabled)
{
-
-#ifdef OPENSSL_FIPS
+#if OSSL_OPENSSL_PREREQ(3, 0, 0)
+ if (RTEST(enabled)) {
+ if (!EVP_default_properties_enable_fips(NULL, 1)) {
+ ossl_raise(eOSSLError, "Turning on FIPS mode failed");
+ }
+ } else {
+ if (!EVP_default_properties_enable_fips(NULL, 0)) {
+ ossl_raise(eOSSLError, "Turning off FIPS mode failed");
+ }
+ }
+ return enabled;
+#elif OPENSSL_FIPS
if (RTEST(enabled)) {
int mode = FIPS_mode();
if(!mode && !FIPS_mode_set(1)) /* turning on twice leads to an error */
@@ -1198,7 +1212,10 @@ Init_openssl(void)
* Boolean indicating whether OpenSSL is FIPS-capable or not
*/
rb_define_const(mOSSL, "OPENSSL_FIPS",
-#ifdef OPENSSL_FIPS
+/* OpenSSL 3 is FIPS-capable even when it is installed without fips option */
+#if OSSL_OPENSSL_PREREQ(3, 0, 0)
+ Qtrue
+#elif OPENSSL_FIPS
Qtrue
#else
Qfalse
diff --git a/test/openssl/test_fips.rb b/test/openssl/test_fips.rb
index 8cd474f9a3..56a12a94ce 100644
--- a/test/openssl/test_fips.rb
+++ b/test/openssl/test_fips.rb
@@ -4,22 +4,46 @@
if defined?(OpenSSL)
class OpenSSL::TestFIPS < OpenSSL::TestCase
+ def test_fips_mode_get_is_true_on_fips_mode_enabled
+ unless ENV["TEST_RUBY_OPENSSL_FIPS_ENABLED"]
+ omit "Only for FIPS mode environment"
+ end
+
+ assert_separately([{ "OSSL_MDEBUG" => nil }, "-ropenssl"], <<~"end;")
+ assert OpenSSL.fips_mode == true, ".fips_mode should return true on FIPS mode enabled"
+ end;
+ end
+
+ def test_fips_mode_get_is_false_on_fips_mode_disabled
+ if ENV["TEST_RUBY_OPENSSL_FIPS_ENABLED"]
+ omit "Only for non-FIPS mode environment"
+ end
+
+ assert_separately([{ "OSSL_MDEBUG" => nil }, "-ropenssl"], <<~"end;")
+ message = ".fips_mode should return false on FIPS mode disabled. " \
+ "If you run the test on FIPS mode, please set " \
+ "TEST_RUBY_OPENSSL_FIPS_ENABLED=true"
+ assert OpenSSL.fips_mode == false, message
+ end;
+ end
+
def test_fips_mode_is_reentrant
OpenSSL.fips_mode = false
OpenSSL.fips_mode = false
end
- def test_fips_mode_get
- return unless OpenSSL::OPENSSL_FIPS
+ def test_fips_mode_get_with_fips_mode_set
+ omit('OpenSSL is not FIPS-capable') unless OpenSSL::OPENSSL_FIPS
+
assert_separately([{ "OSSL_MDEBUG" => nil }, "-ropenssl"], <<~"end;")
require #{__FILE__.dump}
begin
OpenSSL.fips_mode = true
- assert OpenSSL.fips_mode == true, ".fips_mode returns true when .fips_mode=true"
+ assert OpenSSL.fips_mode == true, ".fips_mode should return true when .fips_mode=true"
OpenSSL.fips_mode = false
- assert OpenSSL.fips_mode == false, ".fips_mode returns false when .fips_mode=false"
+ assert OpenSSL.fips_mode == false, ".fips_mode should return false when .fips_mode=false"
rescue OpenSSL::OpenSSLError
pend "Could not set FIPS mode (OpenSSL::OpenSSLError: \#$!); skipping"
end
--
2.41.0

208
ruby.spec
View file

@ -1,6 +1,6 @@
%global major_version 3
%global minor_version 2
%global teeny_version 2
%global minor_version 3
%global teeny_version 0
%global major_minor_version %{major_version}.%{minor_version}
%global ruby_version %{major_minor_version}.%{teeny_version}
@ -10,7 +10,7 @@
#%%global milestone rc1
# Keep the revision enabled for pre-releases from GIT.
#%%global revision c5eefb7f37
%global revision 7c8932365f
%global ruby_archive %{name}-%{ruby_version}
@ -27,49 +27,50 @@
%global rubygems_dir %{_datadir}/rubygems
# Bundled libraries versions
%global rubygems_version 3.4.10
%global rubygems_version 3.5.0.dev
%global rubygems_molinillo_version 0.8.0
%global rubygems_optparse_version 0.3.0
%global rubygems_tsort_version 0.1.0
# Default gems.
%global bundler_version 2.4.10
%global bundler_version 2.5.0.dev
%global bundler_connection_pool_version 2.3.0
%global bundler_fileutils_version 1.7.0
%global bundler_pub_grub_version 0.5.0
%global bundler_net_http_persistent_version 4.0.1
%global bundler_thor_version 1.2.1
%global bundler_net_http_persistent_version 4.0.2
%global bundler_thor_version 1.2.2
%global bundler_tsort_version 0.1.1
%global bundler_uri_version 0.12.1
%global bundler_uri_version 0.12.2
%global bigdecimal_version 3.1.3
%global bigdecimal_version 3.1.4
%global did_you_mean_version 1.6.3
%global erb_version 4.0.2
%global erb_version 4.0.3
%global io_console_version 0.6.0
%global irb_version 1.6.2
%global irb_version 1.8.0
%global json_version 2.6.3
%global openssl_version 3.1.0
%global psych_version 5.0.1
%global racc_version 1.6.2
%global psych_version 5.1.0
%global racc_version 1.7.1
%global rdoc_version 6.5.0
%global stringio_version 3.0.4
%global stringio_version 3.0.9
%global syntax_suggest_version 1.1.0
# Bundled gems.
%global minitest_version 5.16.3
%global minitest_version 5.19.0
%global power_assert_version 2.0.3
%global rake_version 13.0.6
%global test_unit_version 3.5.7
%global rexml_version 3.2.5
%global rss_version 0.2.9
%global test_unit_version 3.6.1
%global rexml_version 3.2.6
%global rss_version 0.3.0
%global net_ftp_version 0.2.0
%global net_imap_version 0.3.4
%global net_imap_version 0.3.7
%global net_pop_version 0.1.2
%global net_smtp_version 0.3.3
%global matrix_version 0.4.2
%global prime_version 0.1.2
%global rbs_version 2.8.2
%global typeprof_version 0.21.3
%global debug_version 1.7.1
%global rbs_version 3.2.1
%global typeprof_version 0.21.8
%global debug_version 1.8.0
%global tapset_libdir %(echo %{_libdir} | sed 's/64//')*
@ -101,7 +102,7 @@
Summary: An interpreter of object-oriented scripting language
Name: ruby
Version: %{ruby_version}%{?development_release}
Release: 183%{?dist}
Release: 184%{?dist}
# BSD-3-Clause: missing/{crypt,mt19937,setproctitle}.c
# ISC: missing/strl{cat,cpy}.c
# Public Domain for example for: include/ruby/st.h, strftime.c, missing/*, ...
@ -164,68 +165,49 @@ Patch6: ruby-2.7.0-Initialize-ABRT-hook.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1986206
# https://bugs.ruby-lang.org/issues/18257
Patch7: ruby-3.1.0-Don-t-query-RubyVM-FrozenCore-for-class-path.patch
# Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add.
# https://bugs.ruby-lang.org/issues/16492
Patch8: ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch
# Disable syntax_suggest test suite, which tries to download its dependencies.
# https://bugs.ruby-lang.org/issues/19297
Patch9: ruby-3.2.0-Revert-Fix-test-syntax-suggest-order.patch
Patch10: ruby-3.2.0-Revert-Test-syntax_suggest-by-make-check.patch
# Fix `OpenSSL::X509::CertificateError: invalid digest` errors on ELN. This
# also might help Fedor, if/when
# https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Forewarning2
# is accepted.
# https://github.com/ruby/spec/pull/990
# https://bugs.ruby-lang.org/issues/19307
Patch11: ruby-3.2.0-Use-SHA256-instead-of-SHA1.patch
# Fix OpenSSL.fips_mode in OpenSSL 3 FIPS.
# https://github.com/ruby/openssl/pull/608
# https://github.com/ruby/ruby/commit/678d41bc51fe31834eec0b653ba0e47de5420aa0
Patch12: ruby-3.3.0-openssl-3.2.0-fix-fips-get-set-in-openssl-3.patch
# Fix OpenSSL::PKey.read in OpenSSL 3 FIPS.
# The patch is a combination of the following 2 commits to simplify the patch.
# https://github.com/ruby/openssl/pull/615
# https://github.com/ruby/ruby/commit/2a4834057b30a26c38ece3961b370c0b2ee59380
# https://github.com/ruby/openssl/pull/669
# https://github.com/ruby/ruby/commit/b0ec1db8a72c530460abd9462ac75845362886bd
Patch13: ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-read-in-openssl-3.patch
# Enable tests in OpenSSL FIPS.
# https://github.com/ruby/openssl/pull/615
# https://github.com/ruby/ruby/commit/920bc71284f417f9044b0dc1822b1d29a8fc61e5
Patch14: ruby-3.3.0-openssl-3.2.0-fips-enable-tests.patch
# ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters
# https://github.com/ruby/openssl/pull/674
# https://github.com/ruby/ruby/commit/b6d7cdc2bad0eadbca73f3486917f0ec7a475814
Patch15: ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-dh-require-openssl.patch
Patch9: ruby-3.3.0-Disable-syntax-suggest-test-case.patch
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%{?with_rubypick:Suggests: rubypick}
Recommends: ruby(rubygems) >= %{rubygems_version}
Recommends: rubygem(bigdecimal) >= %{bigdecimal_version}
# Build dependencies
BuildRequires: autoconf
%{?with_gmp:BuildRequires: gmp-devel}
BuildRequires: libffi-devel
BuildRequires: openssl-devel
BuildRequires: libyaml-devel
BuildRequires: readline-devel
# Needed to pass test_set_program_name(TestRubyOptions)
BuildRequires: procps
%{?with_systemtap:BuildRequires: %{_bindir}/dtrace}
# RubyGems test suite optional dependencies.
%{?with_git:BuildRequires: git}
%{?with_cmake:BuildRequires: %{_bindir}/cmake}
# Required to test hardening.
%{?with_hardening_test:BuildRequires: %{_bindir}/checksec}
%{?with_hostname:BuildRequires: %{_bindir}/hostname}
BuildRequires: multilib-rpm-config
BuildRequires: gcc
BuildRequires: make
BuildRequires: libffi-devel
BuildRequires: libyaml-devel
BuildRequires: openssl-devel
BuildRequires: zlib-devel
%{?with_gmp:BuildRequires: gmp-devel}
%{?with_systemtap:BuildRequires: %{_bindir}/dtrace}
%{?with_yjit:BuildRequires: %{_bindir}/rustc}
# Install section
BuildRequires: multilib-rpm-config
# Check dependencies
# Required to test hardening.
%{?with_hardening_test:BuildRequires: %{_bindir}/checksec}
# Needed to pass test_set_program_name(TestRubyOptions)
BuildRequires: procps
# Neede by `Socket.gethostname returns the host name ERROR`
%{?with_hostname:BuildRequires: %{_bindir}/hostname}
# RubyGems test suite optional dependencies.
%{?with_git:BuildRequires: git}
# `cmake` is required for test/rubygems/test_gem_ext_cmake_builder.rb.
%{?with_cmake:BuildRequires: %{_bindir}/cmake}
# The bundler/spec/runtime/setup_spec.rb requires the command `man`.
%{?with_bundler_tests:BuildRequires: %{_bindir}/man}
# This package provides %%{_bindir}/ruby-mri therefore it is marked by this
# virtual provide. It can be installed as dependency of rubypick.
Provides: ruby(runtime_executable) = %{ruby_release}
@ -265,7 +247,6 @@ Provides: bundled(ccan-list)
# StdLib default gems.
Provides: bundled(rubygem-did_you_mean) = %{did_you_mean_version}
Provides: bundled(rubygem-openssl) = %{openssl_version}
Provides: bundled(rubygem-racc) = %{racc_version}
# Tcl/Tk support was removed from stdlib in Ruby 2.4, i.e. F27 timeframe.
Obsoletes: ruby-tcltk < 2.4.0
@ -503,6 +484,8 @@ Provides: rubygem(net-pop) = %{net_pop_version}
Provides: rubygem(net-smtp) = %{net_smtp_version}
Provides: rubygem(matrix) = %{matrix_version}
Provides: rubygem(prime) = %{prime_version}
Provides: rubygem(racc) = %{racc_version}
Provides: bundled(rubygem-racc) = %{racc_version}
Provides: rubygem(debug) = %{debug_version}
%description bundled-gems
@ -663,14 +646,7 @@ analysis result in RBS format, a standard type description format for Ruby
%patch 4 -p1
%patch 6 -p1
%patch 7 -p1
%patch 8 -p1
%patch 9 -p1
%patch 10 -p1
%patch 11 -p1
%patch 12 -p1
%patch 13 -p1
%patch 14 -p1
%patch 15 -p1
# Provide an example of usage of the tapset:
cp -a %{SOURCE3} .
@ -721,9 +697,6 @@ rm -rf %{buildroot}
# Rename ruby/config.h to ruby/config-<arch>.h to avoid file conflicts on
# multilib systems and install config.h wrapper
%multilib_fix_c_header --file %{_includedir}/%{name}/config.h
# TODO: The correct patch should be %%{_includedir}/%%{name}/rb_mjit_min_header-%%{ruby_version}.h
# https://bugs.ruby-lang.org/issues/15425
%multilib_fix_c_header --file %{_includedir}/rb_mjit_min_header-%{ruby_version}.h
# Rename the ruby executable. It is replaced by RubyPick.
%{?with_rubypick:mv %{buildroot}%{_bindir}/%{name}{,-mri}}
@ -1013,7 +986,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.expand_path expands ~ENV..USER..* to.* the user.s
# Give an option to increase the timeout in tests.
# https://bugs.ruby-lang.org/issues/16921
%{?test_timeout_scale:RUBY_TEST_TIMEOUT_SCALE="%{test_timeout_scale}"} \
make -C %{_vpath_builddir} check TESTS="-v $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS"
make -C %{_vpath_builddir} check TESTS="-v --show-skip $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS"
# Run Ruby OpenSSL tests in OpenSSL FIPS.
make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
@ -1070,6 +1043,7 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{ruby_libdir}/abbrev.rb
%{ruby_libdir}/base64.rb
%{ruby_libdir}/benchmark*
%{ruby_libdir}/bundled_gems.rb
%{ruby_libdir}/cgi*
%{ruby_libdir}/coverage.rb
%{ruby_libdir}/csv*
@ -1089,8 +1063,6 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{ruby_libdir}/ipaddr.rb
%{ruby_libdir}/kconv.rb
%{ruby_libdir}/logger*
# https://bugs.ruby-lang.org/issues/19298
%exclude %{ruby_libdir}/mjit
%{ruby_libdir}/mkmf.rb
%{ruby_libdir}/monitor.rb
%{ruby_libdir}/mutex_m.rb
@ -1114,7 +1086,7 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{ruby_libdir}/rinda
%{ruby_libdir}/ripper*
%dir %{ruby_libdir}/ruby_vm
%{ruby_libdir}/ruby_vm/mjit
%{ruby_libdir}/ruby_vm/rjit
%{ruby_libdir}/securerandom.rb
%{ruby_libdir}/set*
%{ruby_libdir}/shellwords.rb
@ -1132,6 +1104,7 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{ruby_libdir}/uri*
%{ruby_libdir}/weakref*
%{ruby_libdir}/yaml*
%{ruby_libdir}/yarp*
# Platform specific libraries.
%{_libdir}/libruby.so.{%{major_minor_version},%{ruby_version}}
@ -1226,7 +1199,6 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%dir %{ruby_libarchdir}/rbconfig
%{ruby_libarchdir}/rbconfig.rb
%{ruby_libarchdir}/rbconfig/sizeof.so
%{ruby_libarchdir}/readline.so
%{ruby_libarchdir}/ripper.so
%{ruby_libarchdir}/socket.so
%{ruby_libarchdir}/stringio.so
@ -1238,9 +1210,6 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{ruby_libdir}/did_you_mean*
%{ruby_libdir}/openssl*
%{ruby_libarchdir}/openssl.so
%{ruby_libdir}/racc*
%dir %{ruby_libarchdir}/racc
%{ruby_libarchdir}/racc/cparse.so
%{?with_systemtap:%{_systemtap_datadir}}
@ -1278,10 +1247,10 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/specifications/default/base64-0.1.1.gemspec
%{gem_dir}/specifications/default/benchmark-0.2.1.gemspec
%{gem_dir}/specifications/default/cgi-0.3.6.gemspec
%{gem_dir}/specifications/default/csv-3.2.6.gemspec
%{gem_dir}/specifications/default/csv-3.2.8.gemspec
%{gem_dir}/specifications/default/date-3.3.3.gemspec
%{gem_dir}/specifications/default/delegate-0.3.0.gemspec
%{gem_dir}/specifications/default/did_you_mean-%{did_you_mean_version}.gemspec
%gem_spec -d did_you_mean
%{gem_dir}/specifications/default/digest-3.1.1.gemspec
%{gem_dir}/specifications/default/drb-2.1.1.gemspec
%{gem_dir}/specifications/default/english-0.7.2.gemspec
@ -1289,8 +1258,8 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/specifications/default/error_highlight-0.5.1.gemspec
%{gem_dir}/specifications/default/etc-1.4.2.gemspec
%{gem_dir}/specifications/default/fcntl-1.0.2.gemspec
%{gem_dir}/specifications/default/fiddle-1.1.1.gemspec
%{gem_dir}/specifications/default/fileutils-1.7.0.gemspec
%{gem_dir}/specifications/default/fiddle-1.1.2.gemspec
%{gem_dir}/specifications/default/fileutils-1.7.1.gemspec
%{gem_dir}/specifications/default/find-0.1.1.gemspec
%{gem_dir}/specifications/default/forwardable-1.3.3.gemspec
%{gem_dir}/specifications/default/getoptlong-0.2.0.gemspec
@ -1301,21 +1270,19 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/specifications/default/mutex_m-0.1.2.gemspec
%{gem_dir}/specifications/default/net-http-0.3.2.gemspec
%{gem_dir}/specifications/default/net-protocol-0.2.1.gemspec
%{gem_dir}/specifications/default/nkf-0.1.2.gemspec
%{gem_dir}/specifications/default/nkf-0.1.3.gemspec
%{gem_dir}/specifications/default/observer-0.1.1.gemspec
%{gem_dir}/specifications/default/open3-0.1.2.gemspec
%{gem_dir}/specifications/default/open-uri-0.3.0.gemspec
%{gem_dir}/specifications/default/optparse-0.3.1.gemspec
%{gem_dir}/specifications/default/optparse-0.4.0.pre.1.gemspec
%{gem_dir}/specifications/default/openssl-%{openssl_version}.gemspec
%{gem_dir}/specifications/default/ostruct-0.5.5.gemspec
%{gem_dir}/specifications/default/pathname-0.2.1.gemspec
%{gem_dir}/specifications/default/pp-0.4.0.gemspec
%{gem_dir}/specifications/default/prettyprint-0.1.1.gemspec
%{gem_dir}/specifications/default/pstore-0.1.2.gemspec
%{gem_dir}/specifications/default/racc-%{racc_version}.gemspec
%{gem_dir}/specifications/default/readline-0.0.3.gemspec
%{gem_dir}/specifications/default/readline-ext-0.1.5.gemspec
%{gem_dir}/specifications/default/reline-0.3.2.gemspec
%{gem_dir}/specifications/default/reline-0.3.8.gemspec
%{gem_dir}/specifications/default/resolv-0.2.2.gemspec
%{gem_dir}/specifications/default/resolv-replace-0.1.1.gemspec
%{gem_dir}/specifications/default/rinda-0.1.1.gemspec
@ -1324,29 +1291,26 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/specifications/default/set-1.0.3.gemspec
%{gem_dir}/specifications/default/shellwords-0.1.0.gemspec
%{gem_dir}/specifications/default/singleton-0.1.1.gemspec
%{gem_dir}/specifications/default/stringio-%{stringio_version}.gemspec
%{gem_dir}/specifications/default/strscan-3.0.5.gemspec
%{gem_dir}/specifications/default/syntax_suggest-1.0.2.gemspec
%gem_spec -d stringio
%{gem_dir}/specifications/default/strscan-3.0.7.gemspec
%gem_spec -d syntax_suggest
%{_bindir}/syntax_suggest
%{gem_dir}/gems/syntax_suggest-%{syntax_suggest_version}
%{gem_dir}/specifications/default/syslog-0.1.1.gemspec
%{gem_dir}/specifications/default/tempfile-0.1.3.gemspec
%{gem_dir}/specifications/default/time-0.2.2.gemspec
%{gem_dir}/specifications/default/timeout-0.3.1.gemspec
%{gem_dir}/specifications/default/timeout-0.4.0.gemspec
%{gem_dir}/specifications/default/tmpdir-0.1.3.gemspec
%{gem_dir}/specifications/default/tsort-0.1.1.gemspec
%{gem_dir}/specifications/default/un-0.2.1.gemspec
%{gem_dir}/specifications/default/uri-0.12.1.gemspec
%{gem_dir}/specifications/default/uri-0.12.2.gemspec
%{gem_dir}/specifications/default/weakref-0.1.2.gemspec
#%%{gem_dir}/specifications/default/win32ole-1.8.9.gemspec
%{gem_dir}/specifications/default/yaml-0.2.1.gemspec
%{gem_dir}/specifications/default/yarp-0.10.0.gemspec
%{gem_dir}/specifications/default/zlib-3.0.0.gemspec
%{gem_dir}/gems/erb-%{erb_version}
# Use standalone rubygem-racc if Racc binary is required. Shipping this
# executable in both packages might possibly cause conflicts. The situation
# could be better if Ruby generated these files:
# https://github.com/ruby/ruby/pull/2545
%exclude %{_bindir}/racc
%exclude %{gem_dir}/gems/racc-%{racc_version}/bin
%files -n rubygem-irb
%{_bindir}/irb
@ -1407,6 +1371,7 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{_mandir}/man5/gemfile.5*
%files bundled-gems
# rdbg
%{_bindir}/rdbg
%dir %{_libdir}/gems/%{name}/debug-%{debug_version}
%{_libdir}/gems/%{name}/debug-%{debug_version}/gem.build_complete
@ -1425,6 +1390,7 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/gems/debug-%{debug_version}/misc
%{gem_dir}/specifications/debug-%{debug_version}.gemspec
# net-ftp
%dir %{gem_dir}/gems/net-ftp-%{net_ftp_version}
%{gem_dir}/gems/net-ftp-%{net_ftp_version}/Gemfile
%license %{gem_dir}/gems/net-ftp-%{net_ftp_version}/LICENSE.txt
@ -1433,6 +1399,7 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/gems/net-ftp-%{net_ftp_version}/lib
%{gem_dir}/specifications/net-ftp-%{net_ftp_version}.gemspec
# net-imap
%dir %{gem_dir}/gems/net-imap-%{net_imap_version}
%{gem_dir}/gems/net-imap-%{net_imap_version}/Gemfile
%license %{gem_dir}/gems/net-imap-%{net_imap_version}/LICENSE.txt
@ -1444,6 +1411,7 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/gems/net-imap-%{net_imap_version}/rakelib
%{gem_dir}/specifications/net-imap-%{net_imap_version}.gemspec
# net-pop
%dir %{gem_dir}/gems/net-pop-%{net_pop_version}
%{gem_dir}/gems/net-pop-%{net_pop_version}/Gemfile
%license %{gem_dir}/gems/net-pop-%{net_pop_version}/LICENSE.txt
@ -1452,16 +1420,19 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/gems/net-pop-%{net_pop_version}/lib
%{gem_dir}/specifications/net-pop-%{net_pop_version}.gemspec
# net-smpt
%dir %{gem_dir}/gems/net-smtp-%{net_smtp_version}
%license %{gem_dir}/gems/net-smtp-%{net_smtp_version}/LICENSE.txt
%{gem_dir}/gems/net-smtp-%{net_smtp_version}/lib
%{gem_dir}/specifications/net-smtp-%{net_smtp_version}.gemspec
# matrix
%dir %{gem_dir}/gems/matrix-%{matrix_version}
%license %{gem_dir}/gems/matrix-%{matrix_version}/LICENSE.txt
%{gem_dir}/gems/matrix-%{matrix_version}/lib
%{gem_dir}/specifications/matrix-%{matrix_version}.gemspec
# prime
%dir %{gem_dir}/gems/prime-%{prime_version}
%{gem_dir}/gems/prime-%{prime_version}/Gemfile
%license %{gem_dir}/gems/prime-%{prime_version}/LICENSE.txt
@ -1471,6 +1442,20 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/gems/prime-%{prime_version}/lib
%{gem_dir}/specifications/prime-%{prime_version}.gemspec
# racc
%dir %{gem_dir}/gems/racc-%{racc_version}
%{_bindir}/racc
%{gem_archdir}/%{name}/racc-%{racc_version}
%license %{gem_dir}/gems/racc-%{racc_version}/COPYING
%doc %{gem_dir}/gems/racc-%{racc_version}/ChangeLog
%lang(ja) %doc %{gem_dir}/gems/racc-%{racc_version}/README.ja.rdoc
%doc %{gem_dir}/gems/racc-%{racc_version}/README.rdoc
%doc %{gem_dir}/gems/racc-%{racc_version}/TODO
%{gem_dir}/gems/racc-%{racc_version}/bin
%doc %{gem_dir}/gems/racc-%{racc_version}/doc
%{gem_dir}/gems/racc-%{racc_version}/lib
%{gem_dir}/specifications/racc-%{racc_version}.gemspec
%files -n rubygem-minitest
%dir %{gem_dir}/gems/minitest-%{minitest_version}
%exclude %{gem_dir}/gems/minitest-%{minitest_version}/.*
@ -1523,7 +1508,6 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%{gem_dir}/gems/rbs-%{rbs_version}/schema
%{gem_dir}/gems/rbs-%{rbs_version}/sig
%{gem_dir}/gems/rbs-%{rbs_version}/stdlib
%{gem_dir}/gems/rbs-%{rbs_version}/steep
%{gem_dir}/specifications/rbs-%{rbs_version}.gemspec
%files -n rubygem-test-unit
@ -1554,10 +1538,7 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%doc %{gem_dir}/gems/rss-%{rss_version}/NEWS.md
%{gem_dir}/gems/rss-%{rss_version}/lib
%{gem_dir}/specifications/rss-%{rss_version}.gemspec
%doc %{gem_dir}/gems/rss-%{rss_version}/Gemfile
%doc %{gem_dir}/gems/rss-%{rss_version}/README.md
%doc %{gem_dir}/gems/rss-%{rss_version}/Rakefile
%doc %{gem_dir}/gems/rss-%{rss_version}/test
%files -n rubygem-typeprof
%dir %{gem_dir}/gems/typeprof-%{typeprof_version}
@ -1575,6 +1556,9 @@ make -C %{_vpath_builddir} runruby TESTRUN_SCRIPT=" \
%changelog
* Thu Nov 09 2023 Vít Ondruch <vondruch@redhat.com> - 3.3.0-184
- Upgrade to Ruby 3.3.0 (7c8932365f).
* Thu Nov 09 2023 Jun Aruga <jaruga@redhat.com> - 3.2.2-183
- ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters