From f8ac959d34058595958b2cb034300f144e1b2165 Mon Sep 17 00:00:00 2001 From: Pavel Valena Date: Thu, 4 Apr 2019 13:15:09 +0200 Subject: [PATCH 01/19] Update to Ruby 2.5.5. --- ...-additional-preludes-by-configuratio.patch | 2 +- ...0-Enable-configuration-of-archlibdir.patch | 2 +- ...ed-paths-when-empty-version-string-i.patch | 2 +- ruby-2.1.0-always-use-i386.patch | 2 +- ruby-2.1.0-custom-rubygems-location.patch | 4 +- ruby-2.3.0-ruby_version.patch | 10 +- ....0-Add-Gem.operating_system_defaults.patch | 2 +- ruby-2.6.0-Try-to-update-cert.patch | 502 ------------------ ruby-2.6.0-Update-for-tzdata-2018f.patch | 44 -- ruby.spec | 22 +- sources | 2 +- 11 files changed, 19 insertions(+), 575 deletions(-) delete mode 100644 ruby-2.6.0-Try-to-update-cert.patch delete mode 100644 ruby-2.6.0-Update-for-tzdata-2018f.patch diff --git a/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch b/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch index 47bf9bc..68e4abc 100644 --- a/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch +++ b/ruby-2.1.0-Allow-to-specify-additional-preludes-by-configuratio.patch @@ -39,7 +39,7 @@ diff --git a/configure.ac b/configure.ac index 028ef7ca3e..cdeff87871 100644 --- a/configure.ac +++ b/configure.ac -@@ -4396,6 +4396,13 @@ AC_SUBST(rubyarchhdrdir)dnl +@@ -4397,6 +4397,13 @@ AC_SUBST(rubyarchhdrdir)dnl AC_SUBST(sitearchhdrdir)dnl AC_SUBST(vendorarchhdrdir)dnl diff --git a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch index 36ec460..555b6b5 100644 --- a/ruby-2.1.0-Enable-configuration-of-archlibdir.patch +++ b/ruby-2.1.0-Enable-configuration-of-archlibdir.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index 11fc237552..b77e88fc37 100644 --- a/configure.ac +++ b/configure.ac -@@ -3641,6 +3641,11 @@ AS_IF([test ${multiarch+set}], [ +@@ -3642,6 +3642,11 @@ AS_IF([test ${multiarch+set}], [ ]) archlibdir='${libdir}/${arch}' diff --git a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch index d0cffab..20539fd 100644 --- a/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch +++ b/ruby-2.1.0-Prevent-duplicated-paths-when-empty-version-string-i.patch @@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac index 999e2d6d5d..11fc237552 100644 --- a/configure.ac +++ b/configure.ac -@@ -4251,7 +4251,8 @@ AS_CASE(["$ruby_version_dir_name"], +@@ -4252,7 +4252,8 @@ AS_CASE(["$ruby_version_dir_name"], ruby_version_dir=/'${ruby_version_dir_name}' if test -z "${ruby_version_dir_name}"; then diff --git a/ruby-2.1.0-always-use-i386.patch b/ruby-2.1.0-always-use-i386.patch index 555ad45..5d45fac 100644 --- a/ruby-2.1.0-always-use-i386.patch +++ b/ruby-2.1.0-always-use-i386.patch @@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac index b77e88fc37..6bba453e3c 100644 --- a/configure.ac +++ b/configure.ac -@@ -4315,6 +4315,8 @@ AC_SUBST(vendorarchdir)dnl +@@ -4316,6 +4316,8 @@ AC_SUBST(vendorarchdir)dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch index cc45741..4b54560 100644 --- a/ruby-2.1.0-custom-rubygems-location.patch +++ b/ruby-2.1.0-custom-rubygems-location.patch @@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac index 6bba453e3c..028ef7ca3e 100644 --- a/configure.ac +++ b/configure.ac -@@ -4287,6 +4287,10 @@ AC_ARG_WITH(vendorarchdir, +@@ -4288,6 +4288,10 @@ AC_ARG_WITH(vendorarchdir, [vendorarchdir=$withval], [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) @@ -26,7 +26,7 @@ index 6bba453e3c..028ef7ca3e 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) RUBY_EXEC_PREFIX='' -@@ -4311,6 +4315,7 @@ AC_SUBST(sitearchdir)dnl +@@ -4312,6 +4316,7 @@ AC_SUBST(sitearchdir)dnl AC_SUBST(vendordir)dnl AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorarchdir)dnl diff --git a/ruby-2.3.0-ruby_version.patch b/ruby-2.3.0-ruby_version.patch index 8f57319..30370e1 100644 --- a/ruby-2.3.0-ruby_version.patch +++ b/ruby-2.3.0-ruby_version.patch @@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac index 8ea969412f..a00f2b6776 100644 --- a/configure.ac +++ b/configure.ac -@@ -4202,9 +4202,6 @@ AS_CASE(["$target_os"], +@@ -4203,9 +4203,6 @@ AS_CASE(["$target_os"], rubyw_install_name='$(RUBYW_INSTALL_NAME)' ]) @@ -30,7 +30,7 @@ index 8ea969412f..a00f2b6776 100644 rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} AC_ARG_WITH(rubyarchprefix, AS_HELP_STRING([--with-rubyarchprefix=DIR], -@@ -4227,56 +4224,62 @@ AC_ARG_WITH(ridir, +@@ -4228,56 +4225,62 @@ AC_ARG_WITH(ridir, AC_SUBST(ridir) AC_SUBST(RI_BASE_NAME) @@ -120,7 +120,7 @@ index 8ea969412f..a00f2b6776 100644 AS_IF([test "${LOAD_RELATIVE+set}"], [ AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) -@@ -4293,6 +4296,7 @@ AC_SUBST(sitearchincludedir)dnl +@@ -4294,6 +4297,7 @@ AC_SUBST(sitearchincludedir)dnl AC_SUBST(arch)dnl AC_SUBST(sitearch)dnl AC_SUBST(ruby_version)dnl @@ -245,7 +245,7 @@ diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb index 0428bea..b6e090e 100644 --- a/test/rubygems/test_gem.rb +++ b/test/rubygems/test_gem.rb -@@ -1156,7 +1156,8 @@ def test_self_use_paths +@@ -1191,7 +1191,8 @@ def test_self_use_paths def test_self_user_dir parts = [@userhome, '.gem', Gem.ruby_engine] @@ -255,7 +255,7 @@ index 0428bea..b6e090e 100644 assert_equal File.join(parts), Gem.user_dir end -@@ -1283,7 +1284,7 @@ def test_self_user_home_user_drive_and_path +@@ -1318,7 +1319,7 @@ def test_self_user_home_user_drive_and_path def test_self_vendor_dir expected = File.join RbConfig::CONFIG['vendordir'], 'gems', diff --git a/ruby-2.5.0-Add-Gem.operating_system_defaults.patch b/ruby-2.5.0-Add-Gem.operating_system_defaults.patch index 6838701..7ac0e41 100644 --- a/ruby-2.5.0-Add-Gem.operating_system_defaults.patch +++ b/ruby-2.5.0-Add-Gem.operating_system_defaults.patch @@ -64,7 +64,7 @@ diff --git a/test/rubygems/test_gem.rb b/test/rubygems/test_gem.rb index 3225a05c6b..62b80c4945 100644 --- a/test/rubygems/test_gem.rb +++ b/test/rubygems/test_gem.rb -@@ -1802,6 +1802,13 @@ def test_use_gemdeps_specific +@@ -1837,6 +1837,13 @@ def test_use_gemdeps_specific ENV['RUBYGEMS_GEMDEPS'] = rubygems_gemdeps end diff --git a/ruby-2.6.0-Try-to-update-cert.patch b/ruby-2.6.0-Try-to-update-cert.patch deleted file mode 100644 index 013688d..0000000 --- a/ruby-2.6.0-Try-to-update-cert.patch +++ /dev/null @@ -1,502 +0,0 @@ -From f234e6c3d3170f37508e214cdaef78d4b2584e5a Mon Sep 17 00:00:00 2001 -From: kazu -Date: Wed, 2 Jan 2019 03:08:20 +0000 -Subject: [PATCH 1/2] Try to update cert - -git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66685 b2dd03c8-39d4-4d8f-98ff-823fe69b080e ---- - test/net/fixtures/cacert.pem | 86 +++++++------------------- - test/net/fixtures/server.crt | 113 +++++++++++++++++++++++------------ - test/net/fixtures/server.key | 43 ++++++++----- - 3 files changed, 124 insertions(+), 118 deletions(-) - -diff --git a/test/net/fixtures/cacert.pem b/test/net/fixtures/cacert.pem -index 7073387877..f623bd62ed 100644 ---- a/test/net/fixtures/cacert.pem -+++ b/test/net/fixtures/cacert.pem -@@ -1,66 +1,24 @@ --Certificate: -- Data: -- Version: 3 (0x2) -- Serial Number: -- b9:90:a2:bf:62:69:17:9c -- Signature Algorithm: sha1WithRSAEncryption -- Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org -- Validity -- Not Before: Jan 3 01:34:17 2014 GMT -- Not After : Jan 2 01:34:17 2019 GMT -- Subject: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org -- Subject Public Key Info: -- Public Key Algorithm: rsaEncryption -- RSA Public Key: (1024 bit) -- Modulus (1024 bit): -- 00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6: -- bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be: -- 9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13: -- 9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5: -- b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40: -- 0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d: -- a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89: -- af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6: -- d0:fc:d6:eb:fc:06:82:10:fb -- Exponent: 65537 (0x10001) -- X509v3 extensions: -- X509v3 Subject Key Identifier: -- E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2 -- X509v3 Authority Key Identifier: -- keyid:E8:7E:58:AC:13:7B:03:22:8D:9E:AF:32:0B:84:89:80:80:0C:1E:C2 -- DirName:/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org -- serial:B9:90:A2:BF:62:69:17:9C -- -- X509v3 Basic Constraints: -- CA:TRUE -- Signature Algorithm: sha1WithRSAEncryption -- 8f:77:06:4e:31:72:12:ee:68:09:70:27:d4:31:85:ef:10:95: -- f9:0f:2b:66:63:08:37:88:6e:b7:9b:40:3e:18:77:33:86:e8: -- 61:6a:b7:3c:cb:c7:a6:d6:d5:92:6a:1f:56:d0:9f:5c:32:56: -- d3:37:52:fe:0e:20:c2:7a:0d:fe:2d:3c:81:da:b8:7f:4d:6a: -- 08:01:d9:be:7a:a2:15:be:a6:ce:49:64:90:8c:9a:ca:6e:2e: -- 84:48:1d:94:19:56:94:46:aa:25:9b:68:c2:80:60:bf:cb:2e: -- 35:03:ea:0a:65:5a:33:38:c6:cc:81:46:c0:bc:36:86:96:39: -- 10:7d - -----BEGIN CERTIFICATE----- --MIIDjTCCAvagAwIBAgIJALmQor9iaRecMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYD --VQQGEwJKUDEQMA4GA1UECBMHU2hpbWFuZTEUMBIGA1UEBxMLTWF0ei1lIGNpdHkx --FzAVBgNVBAoTDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDEwxSdWJ5IFRlc3QgQ0Ex --JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTQwMTAz --MDEzNDE3WhcNMTkwMTAyMDEzNDE3WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgT --B1NoaW1hbmUxFDASBgNVBAcTC01hdHotZSBjaXR5MRcwFQYDVQQKEw5SdWJ5IENv --cmUgVGVhbTEVMBMGA1UEAxMMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz --ZWN1cml0eUBydWJ5LWxhbmcub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB --gQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv70BpBrLJE51+ --66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl9Ny7XaVBYOep --dLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQABo4H0MIHxMB0G --A1UdDgQWBBToflisE3sDIo2erzILhImAgAwewjCBwQYDVR0jBIG5MIG2gBToflis --E3sDIo2erzILhImAgAwewqGBkqSBjzCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgT --B1NoaW1hbmUxFDASBgNVBAcTC01hdHotZSBjaXR5MRcwFQYDVQQKEw5SdWJ5IENv --cmUgVGVhbTEVMBMGA1UEAxMMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz --ZWN1cml0eUBydWJ5LWxhbmcub3JnggkAuZCiv2JpF5wwDAYDVR0TBAUwAwEB/zAN --BgkqhkiG9w0BAQUFAAOBgQCPdwZOMXIS7mgJcCfUMYXvEJX5DytmYwg3iG63m0A+ --GHczhuhharc8y8em1tWSah9W0J9cMlbTN1L+DiDCeg3+LTyB2rh/TWoIAdm+eqIV --vqbOSWSQjJrKbi6ESB2UGVaURqolm2jCgGC/yy41A+oKZVozOMbMgUbAvDaGljkQ --fQ== -+MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD -+VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx -+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex -+JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy -+MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM -+B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv -+cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz -+ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -+CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV -+SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI -+3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d -+BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L -+2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R -+WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9 -+I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw -+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA -+of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q -+aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS -+2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee -+uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s -+K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+ -+mA== - -----END CERTIFICATE----- -diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt -index fa4f99493a..817ecc222c 100644 ---- a/test/net/fixtures/server.crt -+++ b/test/net/fixtures/server.crt -@@ -1,48 +1,83 @@ - Certificate: - Data: -- Version: 1 (0x0) -- Serial Number: 0 (0x0) -- Signature Algorithm: sha1WithRSAEncryption -+ Version: 3 (0x2) -+ Serial Number: 1 (0x1) -+ Signature Algorithm: sha256WithRSAEncryption - Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org - Validity -- Not Before: Jan 3 01:34:17 2014 GMT -- Not After : Jan 2 01:34:17 2019 GMT -- Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost -+ Not Before: Jan 2 03:06:53 2019 GMT -+ Not After : Jan 1 03:06:53 2024 GMT -+ Subject: C=JP, ST=Shimane, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org - Subject Public Key Info: - Public Key Algorithm: rsaEncryption -- RSA Public Key: (1024 bit) -- Modulus (1024 bit): -- 00:db:75:d0:45:de:b1:df:bf:71:a0:0e:b0:a5:e6: -- bc:f4:1c:9d:e5:25:67:64:c5:7b:cb:f1:af:c6:be: -- 9a:aa:ea:7e:0f:cc:05:af:ef:40:69:06:b2:c9:13: -- 9d:7e:eb:a2:06:e2:ea:7d:07:c7:c7:99:c7:fb:d5: -- b8:eb:63:77:62:2b:18:12:c3:53:58:d0:f5:c7:40: -- 0c:01:d1:26:82:34:16:09:e3:dc:65:f4:dc:bb:5d: -- a5:41:60:e7:a9:74:ba:d7:4c:b6:a3:9c:c5:8c:89: -- af:cb:e8:9f:05:fe:ea:fe:64:24:bf:e7:ed:e3:f6: -- d0:fc:d6:eb:fc:06:82:10:fb -+ Public-Key: (2048 bit) -+ Modulus: -+ 00:c1:a9:64:ef:d3:f2:e1:1a:7f:24:df:7f:65:86: -+ c1:98:55:16:83:91:16:5b:63:6e:26:bb:c0:73:68: -+ 7b:f7:00:ba:37:db:7f:a9:5c:c8:98:aa:43:96:87: -+ e1:a0:63:69:0c:d8:22:90:f5:56:22:b1:57:6e:71: -+ 3b:30:04:d0:64:4d:38:33:a0:ea:c1:16:3d:16:be: -+ c0:49:4c:f0:14:15:af:09:95:da:bf:c7:23:34:c3: -+ 7d:af:b7:70:b3:6d:1b:de:21:93:c0:7c:6c:0e:fd: -+ 0e:e5:ff:f3:80:51:0c:df:80:7c:40:46:c9:ca:57: -+ d4:88:02:0f:f0:1e:14:18:f1:98:0f:c6:42:1d:cc: -+ 90:29:71:1b:af:4a:22:e0:e7:86:fc:dd:d3:d8:84: -+ 0e:5e:f0:9b:93:5f:0a:9a:1d:f8:f5:f3:e7:c7:b0: -+ 7a:0e:25:20:13:02:1a:22:c2:d9:e0:7f:4f:a1:7f: -+ 72:f6:e6:e1:14:7c:c5:93:7f:a6:96:3b:ab:d8:f1: -+ dc:2b:01:d6:e5:fe:5c:cf:08:db:06:e9:fd:7d:bd: -+ fe:2c:f4:8a:7b:9f:15:88:05:2e:f7:ba:c9:86:7e: -+ 14:50:f4:96:a1:84:17:5d:f7:8b:0a:7a:14:2c:de: -+ ca:00:74:f8:23:32:9d:66:af:1c:a6:58:1a:de:82: -+ 96:a9 - Exponent: 65537 (0x10001) -- Signature Algorithm: sha1WithRSAEncryption -- 85:f5:d3:05:8b:8c:f4:43:1c:88:f2:8f:b2:f2:93:77:b7:3d: -- 95:c6:a0:34:bc:33:6a:d8:85:5f:3e:86:08:10:c5:5c:c1:76: -- a3:53:3c:dc:38:98:23:97:e7:da:21:ac:e8:4d:3c:96:70:29: -- ff:ff:1e:4a:9a:17:2b:db:04:62:b9:ef:ab:ea:a7:a5:e8:7c: -- b1:d5:ed:30:a8:6c:78:de:51:7e:e3:8a:c2:a4:64:a8:63:a2: -- bc:fd:43:9c:f3:55:7d:54:c9:6a:d8:53:1c:4b:6b:03:aa:b6: -- 19:e6:a4:4f:47:00:96:c5:42:59:85:4e:c3:4e:cd:41:82:53: -- 10:f8 -+ X509v3 extensions: -+ X509v3 Basic Constraints: -+ CA:FALSE -+ Netscape Comment: -+ OpenSSL Generated Certificate -+ X509v3 Subject Key Identifier: -+ F2:C9:35:05:31:EF:08:EE:EF:B0:FE:1A:72:C2:9E:70:E3:E3:EC:43 -+ X509v3 Authority Key Identifier: -+ keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53 -+ -+ Signature Algorithm: sha256WithRSAEncryption -+ 02:e7:0a:22:7c:5e:d9:92:d2:b9:fb:4a:bf:75:3f:00:e6:19: -+ 3e:90:a5:9d:38:41:82:4c:6f:b9:f3:f2:58:a1:91:7f:4a:d4: -+ 28:38:9c:7c:4d:6c:2f:2f:95:f5:55:55:25:a1:71:0c:05:42: -+ 08:a3:a6:ab:e3:04:47:9a:42:24:8f:b2:ba:50:55:af:b8:d7: -+ fc:1a:13:92:5d:75:7d:e1:4d:87:5e:57:82:c5:5f:d6:b8:ea: -+ 86:4e:05:b0:7f:07:27:a5:36:1f:1e:54:f1:32:35:7f:9c:75: -+ 26:6a:21:75:37:32:bb:89:01:78:97:cc:d3:de:3a:e8:ce:45: -+ ed:12:24:2e:a8:25:73:b3:cd:70:47:b8:81:f9:06:aa:8d:87: -+ 2f:a9:cd:fe:79:40:cc:c9:47:3d:2f:82:c2:82:bf:5d:8a:06: -+ 5b:a9:90:d3:b0:a7:fc:f3:1a:fb:0e:cb:8f:d8:f2:4e:f4:8d: -+ bb:4b:d5:2d:20:c0:6e:d5:08:2b:81:32:c4:e0:d2:4b:31:27: -+ f1:55:96:0e:d4:b9:92:02:71:98:69:e5:73:cc:52:45:a0:07: -+ fb:28:9e:b0:fc:b1:58:42:5a:08:4a:30:49:e5:f1:a5:c8:d5: -+ 8a:67:f0:ed:9e:3f:1b:71:a6:80:91:81:cb:1a:3d:b5:8e:87: -+ 9d:64:28:ce - -----BEGIN CERTIFICATE----- --MIICXDCCAcUCAQAwDQYJKoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD --VQQIEwdTaGltYW5lMRQwEgYDVQQHEwtNYXR6LWUgY2l0eTEXMBUGA1UEChMOUnVi --eSBDb3JlIFRlYW0xFTATBgNVBAMTDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ --ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0xNDAxMDMwMTM0MTdaFw0xOTAx --MDIwMTM0MTdaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIEwdTaGltYW5lMRcwFQYD --VQQKEw5SdWJ5IENvcmUgVGVhbTESMBAGA1UECxMJUnVieSBUZXN0MRIwEAYDVQQD --Ewlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANt10EXesd+/ --caAOsKXmvPQcneUlZ2TFe8vxr8a+mqrqfg/MBa/vQGkGsskTnX7rogbi6n0Hx8eZ --x/vVuOtjd2IrGBLDU1jQ9cdADAHRJoI0Fgnj3GX03LtdpUFg56l0utdMtqOcxYyJ --r8vonwX+6v5kJL/n7eP20PzW6/wGghD7AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEA --hfXTBYuM9EMciPKPsvKTd7c9lcagNLwzatiFXz6GCBDFXMF2o1M83DiYI5fn2iGs --6E08lnAp//8eSpoXK9sEYrnvq+qnpeh8sdXtMKhseN5RfuOKwqRkqGOivP1DnPNV --fVTJathTHEtrA6q2GeakT0cAlsVCWYVOw07NQYJTEPg= -+MIID+TCCAuGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx -+EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK -+DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI -+hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMDY1M1oX -+DTI0MDEwMTAzMDY1M1owdjELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx -+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex -+JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqG -+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqWTv0/LhGn8k339lhsGYVRaDkRZbY24m -+u8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVducTswBNBkTTgzoOrBFj0W -+vsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l//OAUQzfgHxARsnKV9SI -+Ag/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuTXwqaHfj18+fHsHoOJSAT -+Ahoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzPCNsG6f19vf4s9Ip7nxWI -+BS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxymWBregpapAgMBAAGjezB5 -+MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl -+cnRpZmljYXRlMB0GA1UdDgQWBBTyyTUFMe8I7u+w/hpywp5w4+PsQzAfBgNVHSME -+GDAWgBT20SIp1T0j116tDJzmdY+dzfidUzANBgkqhkiG9w0BAQsFAAOCAQEAAucK -+Inxe2ZLSuftKv3U/AOYZPpClnThBgkxvufPyWKGRf0rUKDicfE1sLy+V9VVVJaFx -+DAVCCKOmq+MER5pCJI+yulBVr7jX/BoTkl11feFNh15XgsVf1rjqhk4FsH8HJ6U2 -+Hx5U8TI1f5x1JmohdTcyu4kBeJfM09466M5F7RIkLqglc7PNcEe4gfkGqo2HL6nN -+/nlAzMlHPS+CwoK/XYoGW6mQ07Cn/PMa+w7Lj9jyTvSNu0vVLSDAbtUIK4EyxODS -+SzEn8VWWDtS5kgJxmGnlc8xSRaAH+yiesPyxWEJaCEowSeXxpcjVimfw7Z4/G3Gm -+gJGByxo9tY6HnWQozg== - -----END CERTIFICATE----- -diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key -index 7c57546ece..1e73232728 100644 ---- a/test/net/fixtures/server.key -+++ b/test/net/fixtures/server.key -@@ -1,15 +1,28 @@ -------BEGIN RSA PRIVATE KEY----- --MIICXQIBAAKBgQDbddBF3rHfv3GgDrCl5rz0HJ3lJWdkxXvL8a/Gvpqq6n4PzAWv --70BpBrLJE51+66IG4up9B8fHmcf71bjrY3diKxgSw1NY0PXHQAwB0SaCNBYJ49xl --9Ny7XaVBYOepdLrXTLajnMWMia/L6J8F/ur+ZCS/5+3j9tD81uv8BoIQ+wIDAQAB --AoGAGtYHR+P5gFDaxiXFuCPFC1zMeg7e29XCU6gURIteQnQ2QhxCvcbV64HkLu51 --HeYWhB0Pa4aeCWxmpgb2e+JH4MEoIjeJSGyZQeqwkQLgWJDdvkgWx5am58QzA60I --ipkZ9QHcPffSs5RiGx4yfr58KqAmwFphGCY8W7v4LqaENdECQQD9H5VTW9g4gj1c --j3uNYvSI/D7a9P7gfI+ziczuwMm5xsBx3D/t5TAr3SJKNne3sl1E6ZERCUbzxf+C --k58EiHx1AkEA3fRLGqDOq7EcQhbjTcA/v/t5MwlGEUsS9+XrqOWn50YuoIwRZJ3v --qHRQzfQfFNklGtfBvwQ4md3irXjMeGVprwJBAMEAuwiDiHuV+xm/ofKtmE13IKot --ksYy1BOOp/8IawhHXueyi+BmF/PqOkIiA+jCjNGF0oIN89beizPSQbbgJx0CQG/K --qL1bu1ys0y/SeWBi8XkP/0aeaCUzq/UiYCTsrzoEll2UzvnftqMhGsXxLGqCyHaR --r2s3hA6zvIVlL4+AfM8CQQClq+WDrC5VKciLYakZNWJjV1m+H2Ut/0fXdUjKHajE --FWLcsrOhADf6bkTb71GwPxnKRkkRmud5upP0ZYYTqM4X -------END RSA PRIVATE KEY----- -+-----BEGIN PRIVATE KEY----- -+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBqWTv0/LhGn8k -+339lhsGYVRaDkRZbY24mu8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVdu -+cTswBNBkTTgzoOrBFj0WvsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l -+//OAUQzfgHxARsnKV9SIAg/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuT -+XwqaHfj18+fHsHoOJSATAhoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzP -+CNsG6f19vf4s9Ip7nxWIBS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxym -+WBregpapAgMBAAECggEAYQJ20oBMcSBxwknGqlfnkGRHI97A4UScgACa9fTH7EJM -+BgEJIRCeV4Mq2jP0/P/vNoTqQ8zxue02C9fiuzoeHbBkz8/y6Ig4T7V74vwMYzM9 -+fEK50klxxFONGUF9zhOA2zPcrJZnFtcC6InfM07mcOsO0q/jE14N05ec3j5i+N7j -+hDHsHjS3hUiSEGra/U6TRGA26imDUZR5S3h3WMuFmpQgAg0STHc2inYjS9iVhn+T -+uAV2igYR89MOTcH1ZVoxjeYXwhqjWT6Kbw4Er4TWTVzwGf9ktv04EjZjhgUAqw7Q -+8Sc7Olt2q2tA7hQqdgJVgNMaszHqpKAECbAfuxuDtQKBgQD/r0zI9ZcTDQOgezaB -+s9UGbT5O5LruxLc/ExHRL7gpU7UsF/cc3Hp9zmDrzuUsq+UZlGewNnPBLHzaEq1z -+AZD9aa85umzXxcLzyg9ZnvN4kHLKIXhnnTEiShHtpRbqfybBKM7J+iQxXIYUf5tl -+lHTfEqG2/nTt4E50dhniIbIaAwKBgQDB5oS3LGXSn6zAWyUsAJaSeS8/3/O4Vz+x -+u8tZrICSFWBodwg46eHR9I379eayKhMGCsaAWx4ybWJWWEb/nM+fBGxBSnxb9jmm -+gHu93BQjK3sWS8qAGTwO5ehLEy0QRcCc+wb0lyo9hfh1grJioESVsiB9SXrxp8dr -+45JvxCCC4wKBgDGSKQ7lHm8hHMzmVoD6/pgKYgQlsGBOX0CpT9EAsXHBuuRbmRtN -+W6o8cuoE6MWqZfZ5oUi2peaT23jkGiCr8xJOhRxqGmQTAWMGj8dOW+HKD5dEufVM -+spP1TFiIo1K/aCIW6VCbYJz5VT1wKA6fo7EECbpSxxS/YjaOFyKSaddFAoGBAKk3 -+bdcVrf70TqTIZlZSZRWLIMsTvPTBX9rSUxL9Um8qrKo+RzS0F9lNHaQn457UzSlW -+uglGe8HyaAGGpN9qkF7sUzVftcvjxEgklNkKeaB/z7mThzPn0dwGlIUARTGQThox -+kM5gJgLvKfgTiW49A93ISEZOnDbM/2KOhjt35A+VAoGAYsNAMBwjubVo0v1vqry+ -+XG6VvPpgVjMiDQCsTEEcBqgRRuf6R5zndIhIvwmTNiUkGkE3w/vG0uCjtB82/kwE -+bzVheR0vZDN7s52OYRz4j0ddtYCqGSkvkWuEQfQFZUDTyLodwVQAT5aR+mcr4Qml -+uCiVeqoPl+JIg4m8Tz76XWo= -+-----END PRIVATE KEY----- --- -2.20.1 - - -From 1e0b49a293d3792826c67b7e05c5fcbd09c9ea6e Mon Sep 17 00:00:00 2001 -From: kazu -Date: Wed, 2 Jan 2019 03:29:01 +0000 -Subject: [PATCH 2/2] Try to update cert (2nd try) - -git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66686 b2dd03c8-39d4-4d8f-98ff-823fe69b080e ---- - test/net/fixtures/server.crt | 115 +++++++++++++++++------------------ - test/net/fixtures/server.key | 52 ++++++++-------- - 2 files changed, 83 insertions(+), 84 deletions(-) - -diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt -index 817ecc222c..5ca78a6d14 100644 ---- a/test/net/fixtures/server.crt -+++ b/test/net/fixtures/server.crt -@@ -1,35 +1,35 @@ - Certificate: - Data: - Version: 3 (0x2) -- Serial Number: 1 (0x1) -+ Serial Number: 2 (0x2) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org - Validity -- Not Before: Jan 2 03:06:53 2019 GMT -- Not After : Jan 1 03:06:53 2024 GMT -- Subject: C=JP, ST=Shimane, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org -+ Not Before: Jan 2 03:27:13 2019 GMT -+ Not After : Jan 1 03:27:13 2024 GMT -+ Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: -- 00:c1:a9:64:ef:d3:f2:e1:1a:7f:24:df:7f:65:86: -- c1:98:55:16:83:91:16:5b:63:6e:26:bb:c0:73:68: -- 7b:f7:00:ba:37:db:7f:a9:5c:c8:98:aa:43:96:87: -- e1:a0:63:69:0c:d8:22:90:f5:56:22:b1:57:6e:71: -- 3b:30:04:d0:64:4d:38:33:a0:ea:c1:16:3d:16:be: -- c0:49:4c:f0:14:15:af:09:95:da:bf:c7:23:34:c3: -- 7d:af:b7:70:b3:6d:1b:de:21:93:c0:7c:6c:0e:fd: -- 0e:e5:ff:f3:80:51:0c:df:80:7c:40:46:c9:ca:57: -- d4:88:02:0f:f0:1e:14:18:f1:98:0f:c6:42:1d:cc: -- 90:29:71:1b:af:4a:22:e0:e7:86:fc:dd:d3:d8:84: -- 0e:5e:f0:9b:93:5f:0a:9a:1d:f8:f5:f3:e7:c7:b0: -- 7a:0e:25:20:13:02:1a:22:c2:d9:e0:7f:4f:a1:7f: -- 72:f6:e6:e1:14:7c:c5:93:7f:a6:96:3b:ab:d8:f1: -- dc:2b:01:d6:e5:fe:5c:cf:08:db:06:e9:fd:7d:bd: -- fe:2c:f4:8a:7b:9f:15:88:05:2e:f7:ba:c9:86:7e: -- 14:50:f4:96:a1:84:17:5d:f7:8b:0a:7a:14:2c:de: -- ca:00:74:f8:23:32:9d:66:af:1c:a6:58:1a:de:82: -- 96:a9 -+ 00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07: -+ 9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48: -+ e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57: -+ 7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67: -+ cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1: -+ 0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7: -+ bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc: -+ 74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1: -+ 8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9: -+ 40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19: -+ 47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04: -+ 79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3: -+ 02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4: -+ de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d: -+ 86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc: -+ e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d: -+ 74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10: -+ 4f:41 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: -@@ -37,47 +37,46 @@ Certificate: - Netscape Comment: - OpenSSL Generated Certificate - X509v3 Subject Key Identifier: -- F2:C9:35:05:31:EF:08:EE:EF:B0:FE:1A:72:C2:9E:70:E3:E3:EC:43 -+ ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36 - X509v3 Authority Key Identifier: - keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53 - - Signature Algorithm: sha256WithRSAEncryption -- 02:e7:0a:22:7c:5e:d9:92:d2:b9:fb:4a:bf:75:3f:00:e6:19: -- 3e:90:a5:9d:38:41:82:4c:6f:b9:f3:f2:58:a1:91:7f:4a:d4: -- 28:38:9c:7c:4d:6c:2f:2f:95:f5:55:55:25:a1:71:0c:05:42: -- 08:a3:a6:ab:e3:04:47:9a:42:24:8f:b2:ba:50:55:af:b8:d7: -- fc:1a:13:92:5d:75:7d:e1:4d:87:5e:57:82:c5:5f:d6:b8:ea: -- 86:4e:05:b0:7f:07:27:a5:36:1f:1e:54:f1:32:35:7f:9c:75: -- 26:6a:21:75:37:32:bb:89:01:78:97:cc:d3:de:3a:e8:ce:45: -- ed:12:24:2e:a8:25:73:b3:cd:70:47:b8:81:f9:06:aa:8d:87: -- 2f:a9:cd:fe:79:40:cc:c9:47:3d:2f:82:c2:82:bf:5d:8a:06: -- 5b:a9:90:d3:b0:a7:fc:f3:1a:fb:0e:cb:8f:d8:f2:4e:f4:8d: -- bb:4b:d5:2d:20:c0:6e:d5:08:2b:81:32:c4:e0:d2:4b:31:27: -- f1:55:96:0e:d4:b9:92:02:71:98:69:e5:73:cc:52:45:a0:07: -- fb:28:9e:b0:fc:b1:58:42:5a:08:4a:30:49:e5:f1:a5:c8:d5: -- 8a:67:f0:ed:9e:3f:1b:71:a6:80:91:81:cb:1a:3d:b5:8e:87: -- 9d:64:28:ce -+ 1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c: -+ ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35: -+ 2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51: -+ fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a: -+ 56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a: -+ 04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15: -+ 89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64: -+ 93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62: -+ d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab: -+ 1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d: -+ 1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2: -+ 5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff: -+ 63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf: -+ da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69: -+ fd:be:bd:6e - -----BEGIN CERTIFICATE----- --MIID+TCCAuGgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx -+MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx - EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK - DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI --hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMDY1M1oX --DTI0MDEwMTAzMDY1M1owdjELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx --FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex --JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqG --SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqWTv0/LhGn8k339lhsGYVRaDkRZbY24m --u8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVducTswBNBkTTgzoOrBFj0W --vsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l//OAUQzfgHxARsnKV9SI --Ag/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuTXwqaHfj18+fHsHoOJSAT --Ahoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzPCNsG6f19vf4s9Ip7nxWI --BS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxymWBregpapAgMBAAGjezB5 --MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENl --cnRpZmljYXRlMB0GA1UdDgQWBBTyyTUFMe8I7u+w/hpywp5w4+PsQzAfBgNVHSME --GDAWgBT20SIp1T0j116tDJzmdY+dzfidUzANBgkqhkiG9w0BAQsFAAOCAQEAAucK --Inxe2ZLSuftKv3U/AOYZPpClnThBgkxvufPyWKGRf0rUKDicfE1sLy+V9VVVJaFx --DAVCCKOmq+MER5pCJI+yulBVr7jX/BoTkl11feFNh15XgsVf1rjqhk4FsH8HJ6U2 --Hx5U8TI1f5x1JmohdTcyu4kBeJfM09466M5F7RIkLqglc7PNcEe4gfkGqo2HL6nN --/nlAzMlHPS+CwoK/XYoGW6mQ07Cn/PMa+w7Lj9jyTvSNu0vVLSDAbtUIK4EyxODS --SzEn8VWWDtS5kgJxmGnlc8xSRaAH+yiesPyxWEJaCEowSeXxpcjVimfw7Z4/G3Gm --gJGByxo9tY6HnWQozg== -+hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX -+DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx -+FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ -+BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -+AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ -+zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj -+VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ -+wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r -+sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d -+dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC -+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o -+wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N -++J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ -+y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW -+EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL -+Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1 -+oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j -+28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u - -----END CERTIFICATE----- -diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key -index 1e73232728..7f2380e71e 100644 ---- a/test/net/fixtures/server.key -+++ b/test/net/fixtures/server.key -@@ -1,28 +1,28 @@ - -----BEGIN PRIVATE KEY----- --MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBqWTv0/LhGn8k --339lhsGYVRaDkRZbY24mu8BzaHv3ALo323+pXMiYqkOWh+GgY2kM2CKQ9VYisVdu --cTswBNBkTTgzoOrBFj0WvsBJTPAUFa8Jldq/xyM0w32vt3CzbRveIZPAfGwO/Q7l --//OAUQzfgHxARsnKV9SIAg/wHhQY8ZgPxkIdzJApcRuvSiLg54b83dPYhA5e8JuT --XwqaHfj18+fHsHoOJSATAhoiwtngf0+hf3L25uEUfMWTf6aWO6vY8dwrAdbl/lzP --CNsG6f19vf4s9Ip7nxWIBS73usmGfhRQ9JahhBdd94sKehQs3soAdPgjMp1mrxym --WBregpapAgMBAAECggEAYQJ20oBMcSBxwknGqlfnkGRHI97A4UScgACa9fTH7EJM --BgEJIRCeV4Mq2jP0/P/vNoTqQ8zxue02C9fiuzoeHbBkz8/y6Ig4T7V74vwMYzM9 --fEK50klxxFONGUF9zhOA2zPcrJZnFtcC6InfM07mcOsO0q/jE14N05ec3j5i+N7j --hDHsHjS3hUiSEGra/U6TRGA26imDUZR5S3h3WMuFmpQgAg0STHc2inYjS9iVhn+T --uAV2igYR89MOTcH1ZVoxjeYXwhqjWT6Kbw4Er4TWTVzwGf9ktv04EjZjhgUAqw7Q --8Sc7Olt2q2tA7hQqdgJVgNMaszHqpKAECbAfuxuDtQKBgQD/r0zI9ZcTDQOgezaB --s9UGbT5O5LruxLc/ExHRL7gpU7UsF/cc3Hp9zmDrzuUsq+UZlGewNnPBLHzaEq1z --AZD9aa85umzXxcLzyg9ZnvN4kHLKIXhnnTEiShHtpRbqfybBKM7J+iQxXIYUf5tl --lHTfEqG2/nTt4E50dhniIbIaAwKBgQDB5oS3LGXSn6zAWyUsAJaSeS8/3/O4Vz+x --u8tZrICSFWBodwg46eHR9I379eayKhMGCsaAWx4ybWJWWEb/nM+fBGxBSnxb9jmm --gHu93BQjK3sWS8qAGTwO5ehLEy0QRcCc+wb0lyo9hfh1grJioESVsiB9SXrxp8dr --45JvxCCC4wKBgDGSKQ7lHm8hHMzmVoD6/pgKYgQlsGBOX0CpT9EAsXHBuuRbmRtN --W6o8cuoE6MWqZfZ5oUi2peaT23jkGiCr8xJOhRxqGmQTAWMGj8dOW+HKD5dEufVM --spP1TFiIo1K/aCIW6VCbYJz5VT1wKA6fo7EECbpSxxS/YjaOFyKSaddFAoGBAKk3 --bdcVrf70TqTIZlZSZRWLIMsTvPTBX9rSUxL9Um8qrKo+RzS0F9lNHaQn457UzSlW --uglGe8HyaAGGpN9qkF7sUzVftcvjxEgklNkKeaB/z7mThzPn0dwGlIUARTGQThox --kM5gJgLvKfgTiW49A93ISEZOnDbM/2KOhjt35A+VAoGAYsNAMBwjubVo0v1vqry+ --XG6VvPpgVjMiDQCsTEEcBqgRRuf6R5zndIhIvwmTNiUkGkE3w/vG0uCjtB82/kwE --bzVheR0vZDN7s52OYRz4j0ddtYCqGSkvkWuEQfQFZUDTyLodwVQAT5aR+mcr4Qml --uCiVeqoPl+JIg4m8Tz76XWo= -+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN -+XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU -+Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC -+6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE -+cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ -+n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u -+/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ -+DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho -+LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX -+QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej -+hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ -+1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt -+liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd -+U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc -+pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC -+A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1 -+ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs -+oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD -+gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ -+xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn -+kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ -+uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ -+y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ -+g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8 -+wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7 -+2whRF0FEjKA8ehrNhAq+VFfFNw== - -----END PRIVATE KEY----- --- -2.20.1 - diff --git a/ruby-2.6.0-Update-for-tzdata-2018f.patch b/ruby-2.6.0-Update-for-tzdata-2018f.patch deleted file mode 100644 index edc58b6..0000000 --- a/ruby-2.6.0-Update-for-tzdata-2018f.patch +++ /dev/null @@ -1,44 +0,0 @@ -From e71ca6cdcf108e6a2fa47ec9fadefe7554717908 Mon Sep 17 00:00:00 2001 -From: nobu -Date: Fri, 26 Oct 2018 01:47:09 +0000 -Subject: [PATCH] Update for tzdata-2018f - -git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65365 b2dd03c8-39d4-4d8f-98ff-823fe69b080e ---- - test/ruby/test_time_tz.rb | 12 +++++++++--- - 1 file changed, 9 insertions(+), 3 deletions(-) - -diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb -index 2da4fd8d9ce4..328fde48fc34 100644 ---- a/test/ruby/test_time_tz.rb -+++ b/test/ruby/test_time_tz.rb -@@ -86,7 +86,9 @@ def group_by(e, &block) - has_lisbon_tz &&= have_tz_offset?("Europe/Lisbon") - CORRECT_TOKYO_DST_1951 = with_tz("Asia/Tokyo") { - if Time.local(1951, 5, 6, 12, 0, 0).dst? # noon, DST -- Time.local(1951, 5, 6, 1, 0, 0).dst? # DST with fixed tzdata -+ if Time.local(1951, 5, 6, 1, 0, 0).dst? # DST with fixed tzdata -+ Time.local(1951, 9, 8, 23, 0, 0).dst? ? "2018f" : "2018e" -+ end - end - } - CORRECT_KIRITIMATI_SKIP_1994 = with_tz("Pacific/Kiritimati") { -@@ -347,12 +349,16 @@ def self.gen_zdump_test(data) - Asia/Singapore Thu Dec 31 16:29:59 1981 UTC = Thu Dec 31 23:59:59 1981 SGT isdst=0 gmtoff=27000 - Asia/Singapore Thu Dec 31 16:30:00 1981 UTC = Fri Jan 1 00:30:00 1982 SGT isdst=0 gmtoff=28800 - End -- gen_zdump_test CORRECT_TOKYO_DST_1951 ? <<'End' : <<'End' -+ gen_zdump_test CORRECT_TOKYO_DST_1951 ? <<'End' + (CORRECT_TOKYO_DST_1951 < "2018f" ? <<'2018e' : <<'2018f') : <<'End' - Asia/Tokyo Sat May 5 14:59:59 1951 UTC = Sat May 5 23:59:59 1951 JST isdst=0 gmtoff=32400 - Asia/Tokyo Sat May 5 15:00:00 1951 UTC = Sun May 6 01:00:00 1951 JDT isdst=1 gmtoff=36000 -+End - Asia/Tokyo Sat Sep 8 13:59:59 1951 UTC = Sat Sep 8 23:59:59 1951 JDT isdst=1 gmtoff=36000 - Asia/Tokyo Sat Sep 8 14:00:00 1951 UTC = Sat Sep 8 23:00:00 1951 JST isdst=0 gmtoff=32400 --End -+2018e -+Asia/Tokyo Sat Sep 8 14:59:59 1951 UTC = Sun Sep 9 00:59:59 1951 JDT isdst=1 gmtoff=36000 -+Asia/Tokyo Sat Sep 8 15:00:00 1951 UTC = Sun Sep 9 00:00:00 1951 JST isdst=0 gmtoff=32400 -+2018f - Asia/Tokyo Sat May 5 16:59:59 1951 UTC = Sun May 6 01:59:59 1951 JST isdst=0 gmtoff=32400 - Asia/Tokyo Sat May 5 17:00:00 1951 UTC = Sun May 6 03:00:00 1951 JDT isdst=1 gmtoff=36000 - Asia/Tokyo Fri Sep 7 15:59:59 1951 UTC = Sat Sep 8 01:59:59 1951 JDT isdst=1 gmtoff=36000 diff --git a/ruby.spec b/ruby.spec index 0741d70..e1857ac 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %global major_version 2 %global minor_version 5 -%global teeny_version 3 +%global teeny_version 5 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -21,7 +21,7 @@ %endif -%global release 104 +%global release 105 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} # The RubyGems library has to stay out of Ruby directory tree, since the @@ -29,7 +29,7 @@ %global rubygems_dir %{_datadir}/rubygems # Bundled libraries versions -%global rubygems_version 2.7.6 +%global rubygems_version 2.7.6.2 %global molinillo_version 0.5.7 # TODO: The IRB has strange versioning. Keep the Ruby's versioning ATM. @@ -147,17 +147,7 @@ Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch # Properly harden package using -fstack-protector-strong. # https://bugs.ruby-lang.org/issues/15053 Patch24: ruby-2.6.0-configure-fstack-protector-strong.patch -# Fix Tokyo TZ tests. -# https://github.com/ruby/ruby/commit/e71ca6cdcf108e6a2fa47ec9fadefe7554717908 -Patch25: ruby-2.6.0-Update-for-tzdata-2018f.patch -# Refresh expired certificates. -# https://bugs.ruby-lang.org/issues/15502 -# https://github.com/ruby/ruby/commit/6f9b40ea53d8f3fb2a5b1c7ac55c207d42c77ef4 -Patch11: ruby-2.6.0-Try-to-update-cert.patch -# Fix some OpenSSL 1.1.1 test failures. -# https://github.com/ruby/ruby/commit/1dfc377ae3b174b043d3f0ed36de57b0296b34d0 -Patch19: ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch # Add support for .include directive used by OpenSSL config files. # https://github.com/ruby/openssl/pull/216 Patch22: ruby-2.6.0-config-support-include-directive.patch @@ -546,15 +536,12 @@ rm -rf ext/fiddle/libffi* %patch7 -p1 %patch9 -p1 %patch10 -p1 -%patch11 -p1 %patch15 -p1 %patch16 -p1 -%patch19 -p1 %patch20 -p1 %patch22 -p1 %patch23 -p1 %patch24 -p1 -%patch25 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1101,6 +1088,9 @@ make check TESTS="-v $DISABLE_TESTS" %{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec %changelog +* Tue Apr 30 2019 Jun Aruga - 2.5.5-105 +- Update to Ruby 2.5.5. + * Mon Jan 14 2019 Björn Esser - 2.5.3-104 - Rebuilt for libcrypt.so.2 (#1666033) diff --git a/sources b/sources index 5927406..e2dbc39 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (ruby-2.5.3.tar.xz) = 6dcae0e8d0bacdb2cbde636e2030596308b5af53f2eb85d3adccb67b02e6f8f9751e8117d12f8484829fdd9d995f6e327f701d9b433bcf94f1f59d13a1fd7518 +SHA512 (ruby-2.5.5.tar.xz) = 06b1d58536ebfacb7b56c1e6ed4b8ab816fadc4f48c845a452554cd262e7908199a30e5793f3cbaec2db56a8803aa5c6089abf7bf06c8fc47867e97870b7dfec From b4195d1ec610840b8d04d9f6f995504c7e986cac Mon Sep 17 00:00:00 2001 From: Arjen Heidinga Date: Wed, 27 Mar 2019 09:29:42 +0000 Subject: [PATCH 02/19] Add zlib-devel as BuildRequire This is needed to compile zlib support. I think it is by accident available in the original buildroot, but not in mine. I think it is better to explicitly name it. --- ruby.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/ruby.spec b/ruby.spec index e1857ac..3af1d90 100644 --- a/ruby.spec +++ b/ruby.spec @@ -179,6 +179,7 @@ BuildRequires: procps %{?with_hardening_test:BuildRequires: %{_bindir}/checksec} BuildRequires: multilib-rpm-config BuildRequires: gcc +BuildRequires: zlib-devel # This package provides %%{_bindir}/ruby-mri therefore it is marked by this # virtual provide. It can be installed as dependency of rubypick. From 22d9b04bd1063defef58b1c2506bc562d7385a69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Tue, 5 Mar 2019 10:39:38 +0100 Subject: [PATCH 03/19] Fix ".include =" support in openssl.cnf. Because of rhbz#1668916, OpenSSL now supports = character in openssl.cnf. --- ruby-2.6.0-config-support-include-directive.patch | 6 +++--- ruby.spec | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ruby-2.6.0-config-support-include-directive.patch b/ruby-2.6.0-config-support-include-directive.patch index 27ef50f..31cc721 100644 --- a/ruby-2.6.0-config-support-include-directive.patch +++ b/ruby-2.6.0-config-support-include-directive.patch @@ -46,8 +46,8 @@ index 88225451..ba3a54c8 100644 - key = $2 - else - key = $1 -+ when /\A\.include (.+)\z/ -+ path = $1 ++ when /\A\.include (\s*=\s*)?(.+)\z/ ++ path = $2 + if File.directory?(path) + files = Dir.glob(File.join(path, "*.{cnf,conf}"), File::FNM_EXTGLOB) + else @@ -141,7 +141,7 @@ index 99dcc497..5653b5d0 100644 + file-main = unnamed + [sec-main] + main = 123 -+ .include include-child.conf ++ .include = include-child.conf + __EOC__ + + # Include a file by relative path diff --git a/ruby.spec b/ruby.spec index 3af1d90..bf2a2b7 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1091,6 +1091,7 @@ make check TESTS="-v $DISABLE_TESTS" %changelog * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. +- Fix ".include =" support in openssl.cnf (rhbz#1668916). * Mon Jan 14 2019 Björn Esser - 2.5.3-104 - Rebuilt for libcrypt.so.2 (#1666033) From c7f5d94be605c4cf9ba18fc89ca8549eb0441ed4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Wed, 4 Sep 2019 11:46:44 +0200 Subject: [PATCH 04/19] Fix checksec 2.0+ compatibility. --- ruby.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/ruby.spec b/ruby.spec index bf2a2b7..ac104dc 100644 --- a/ruby.spec +++ b/ruby.spec @@ -21,7 +21,7 @@ %endif -%global release 105 +%global release 106 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} # The RubyGems library has to stay out of Ruby directory tree, since the @@ -724,7 +724,7 @@ sed -i 's/^/%lang(ja) /' .ruby-doc.ja %check %if 0%{?with_hardening_test} # Check Ruby hardening. -checksec -f libruby.so.%{ruby_version} | \ +checksec --file=libruby.so.%{ruby_version} | \ grep "Full RELRO.*Canary found.*NX enabled.*DSO.*No RPATH.*No RUNPATH.*Yes.*\d*.*\d*.*libruby.so.%{ruby_version}" %endif @@ -1089,6 +1089,9 @@ make check TESTS="-v $DISABLE_TESTS" %{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec %changelog +* Wed Oct 14 2020 Jun Aruga - 2.5.5-106 +- Fix checksec 2.0+ compatibility. + * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. - Fix ".include =" support in openssl.cnf (rhbz#1668916). From df80b747297142395d004afc1453bd4005667378 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Wed, 1 Apr 2020 19:08:27 +0200 Subject: [PATCH 05/19] Fix FTBFS due to glibc 2.31.9000 implementing lchmod(2). --- ...-the-fact-that-lchmod-can-EOPNOTSUPP.patch | 91 ++++++++++++ ...0-Moved-not-implemented-method-tests.patch | 130 ++++++++++++++++++ ruby.spec | 15 +- 3 files changed, 235 insertions(+), 1 deletion(-) create mode 100644 ruby-2.8.0-Brace-the-fact-that-lchmod-can-EOPNOTSUPP.patch create mode 100644 ruby-2.8.0-Moved-not-implemented-method-tests.patch diff --git a/ruby-2.8.0-Brace-the-fact-that-lchmod-can-EOPNOTSUPP.patch b/ruby-2.8.0-Brace-the-fact-that-lchmod-can-EOPNOTSUPP.patch new file mode 100644 index 0000000..42f47a9 --- /dev/null +++ b/ruby-2.8.0-Brace-the-fact-that-lchmod-can-EOPNOTSUPP.patch @@ -0,0 +1,91 @@ +From 29d9f866f686e81818fb9cf402c4fb479decb282 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E5=8D=9C=E9=83=A8=E6=98=8C=E5=B9=B3?= + +Date: Thu, 23 Jan 2020 15:33:42 +0900 +Subject: [PATCH 1/2] brace the fact that lchmod(2) can EOPNOTSUPP + +Musl libc has this function as a tiny wrapper of fchmodat(3posix). On +the other hand Linux kernel does not support changing modes of a symlink. +The operation always fails with EOPNOTSUPP. This fchmodat behaviour is +defined in POSIX. We have to take care of such exceptions. +--- + lib/fileutils.rb | 3 ++- + test/pathname/test_pathname.rb | 2 +- + test/ruby/test_notimp.rb | 19 ++++++++++++------- + 3 files changed, 15 insertions(+), 9 deletions(-) + +diff --git a/lib/fileutils.rb b/lib/fileutils.rb +index f56d7f9cb9..1a02d5435e 100644 +--- a/lib/fileutils.rb ++++ b/lib/fileutils.rb +@@ -1242,6 +1242,7 @@ def chmod(mode) + else + File.chmod mode, path() + end ++ rescue Errno::EOPNOTSUPP + end + + def chown(uid, gid) +@@ -1317,7 +1318,7 @@ def copy_metadata(path) + if st.symlink? + begin + File.lchmod mode, path +- rescue NotImplementedError ++ rescue NotImplementedError, Errno::EOPNOTSUPP + end + else + File.chmod mode, path +diff --git a/test/pathname/test_pathname.rb b/test/pathname/test_pathname.rb +index 8a72b8026d..e381d3fa58 100644 +--- a/test/pathname/test_pathname.rb ++++ b/test/pathname/test_pathname.rb +@@ -823,7 +823,7 @@ def test_lchmod + old = path.lstat.mode + begin + path.lchmod(0444) +- rescue NotImplementedError ++ rescue NotImplementedError, Errno::EOPNOTSUPP + next + end + assert_equal(0444, path.lstat.mode & 0777) +diff --git a/test/ruby/test_notimp.rb b/test/ruby/test_notimp.rb +index ddebb657bf..daa5a82d7b 100644 +--- a/test/ruby/test_notimp.rb ++++ b/test/ruby/test_notimp.rb +@@ -13,11 +13,11 @@ def test_respond_to_fork + + def test_respond_to_lchmod + assert_include(File.methods, :lchmod) +- if /linux/ =~ RUBY_PLATFORM +- assert_equal(false, File.respond_to?(:lchmod)) +- end +- if /freebsd/ =~ RUBY_PLATFORM ++ case RUBY_PLATFORM ++ when /freebsd/, /linux-musl/ + assert_equal(true, File.respond_to?(:lchmod)) ++ when /linux/ ++ assert_equal(false, File.respond_to?(:lchmod)) + end + end + +@@ -57,9 +57,14 @@ def test_call_lchmod + File.open(f, "w") {} + File.symlink f, g + newmode = 0444 +- File.lchmod newmode, "#{d}/g" +- snew = File.lstat(g) +- assert_equal(newmode, snew.mode & 0777) ++ begin ++ File.lchmod newmode, "#{d}/g" ++ rescue Errno::EOPNOTSUPP ++ skip $! ++ else ++ snew = File.lstat(g) ++ assert_equal(newmode, snew.mode & 0777) ++ end + } + end + end +-- +2.26.2 + diff --git a/ruby-2.8.0-Moved-not-implemented-method-tests.patch b/ruby-2.8.0-Moved-not-implemented-method-tests.patch new file mode 100644 index 0000000..8202043 --- /dev/null +++ b/ruby-2.8.0-Moved-not-implemented-method-tests.patch @@ -0,0 +1,130 @@ +From 5400fc3c67446e2f7f35ea317c596e71f0cb1ca4 Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada +Date: Fri, 28 Feb 2020 21:15:37 +0900 +Subject: [PATCH 2/2] Moved not-implemented method tests [Bug #16662] + +Test not-implemented method with the dedicated methods, instead of +platform dependent features. +--- + test/-ext-/test_notimplement.rb | 7 +++ + test/ruby/test_notimp.rb | 90 --------------------------------- + 2 files changed, 7 insertions(+), 90 deletions(-) + delete mode 100644 test/ruby/test_notimp.rb + +diff --git a/test/-ext-/test_notimplement.rb b/test/-ext-/test_notimplement.rb +index 0eba7bdaf8..be8c3623cc 100644 +--- a/test/-ext-/test_notimplement.rb ++++ b/test/-ext-/test_notimplement.rb +@@ -10,6 +10,13 @@ def test_funcall_notimplement + end + + def test_respond_to ++ assert_include(Bug.methods(false), :notimplement) ++ assert_include(Bug::NotImplement.instance_methods(false), :notimplement) + assert_not_respond_to(Bug, :notimplement) + end ++ ++ def test_method_inspect_notimplement ++ assert_match(/not-implemented/, Bug.method(:notimplement).inspect) ++ assert_match(/not-implemented/, Bug::NotImplement.instance_method(:notimplement).inspect) ++ end + end +diff --git a/test/ruby/test_notimp.rb b/test/ruby/test_notimp.rb +deleted file mode 100644 +index daa5a82d7b..0000000000 +--- a/test/ruby/test_notimp.rb ++++ /dev/null +@@ -1,90 +0,0 @@ +-# frozen_string_literal: false +-require 'test/unit' +-require 'timeout' +-require 'tmpdir' +- +-class TestNotImplement < Test::Unit::TestCase +- def test_respond_to_fork +- assert_include(Process.methods, :fork) +- if /linux/ =~ RUBY_PLATFORM +- assert_equal(true, Process.respond_to?(:fork)) +- end +- end +- +- def test_respond_to_lchmod +- assert_include(File.methods, :lchmod) +- case RUBY_PLATFORM +- when /freebsd/, /linux-musl/ +- assert_equal(true, File.respond_to?(:lchmod)) +- when /linux/ +- assert_equal(false, File.respond_to?(:lchmod)) +- end +- end +- +- def test_call_fork +- GC.start +- pid = nil +- ps = +- case RUBY_PLATFORM +- when /linux/ # assume Linux Distribution uses procps +- proc {`ps -eLf #{pid}`} +- when /freebsd/ +- proc {`ps -lH #{pid}`} +- when /darwin/ +- proc {`ps -lM #{pid}`} +- else +- proc {`ps -l #{pid}`} +- end +- assert_nothing_raised(Timeout::Error, ps) do +- Timeout.timeout(EnvUtil.apply_timeout_scale(5)) { +- pid = fork {} +- Process.wait pid +- pid = nil +- } +- end +- ensure +- if pid +- Process.kill(:KILL, pid) +- Process.wait pid +- end +- end if Process.respond_to?(:fork) +- +- def test_call_lchmod +- if File.respond_to?(:lchmod) +- Dir.mktmpdir {|d| +- f = "#{d}/f" +- g = "#{d}/g" +- File.open(f, "w") {} +- File.symlink f, g +- newmode = 0444 +- begin +- File.lchmod newmode, "#{d}/g" +- rescue Errno::EOPNOTSUPP +- skip $! +- else +- snew = File.lstat(g) +- assert_equal(newmode, snew.mode & 0777) +- end +- } +- end +- end +- +- def test_method_inspect_fork +- m = Process.method(:fork) +- if Process.respond_to?(:fork) +- assert_not_match(/not-implemented/, m.inspect) +- else +- assert_match(/not-implemented/, m.inspect) +- end +- end +- +- def test_method_inspect_lchmod +- m = File.method(:lchmod) +- if File.respond_to?(:lchmod) +- assert_not_match(/not-implemented/, m.inspect) +- else +- assert_match(/not-implemented/, m.inspect) +- end +- end +- +-end +-- +2.26.2 + diff --git a/ruby.spec b/ruby.spec index ac104dc..40d9cf4 100644 --- a/ruby.spec +++ b/ruby.spec @@ -154,6 +154,11 @@ Patch22: ruby-2.6.0-config-support-include-directive.patch # Use larger keys to prevent test failures. # https://github.com/ruby/openssl/pull/217 Patch23: ruby-2.6.0-use-larger-keys-for-SSL-tests.patch +# Fix lchmod test failures. +# https://github.com/ruby/ruby/commit/a19228f878d955eaf2cce086bcf53f46fdf894b9 +Patch41: ruby-2.8.0-Brace-the-fact-that-lchmod-can-EOPNOTSUPP.patch +# https://github.com/ruby/ruby/commit/72c02aa4b79731c7f25c9267f74b347f1946c704 +Patch42: ruby-2.8.0-Moved-not-implemented-method-tests.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Suggests: rubypick @@ -543,6 +548,8 @@ rm -rf ext/fiddle/libffi* %patch22 -p1 %patch23 -p1 %patch24 -p1 +%patch41 -p1 +%patch42 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -770,7 +777,12 @@ sed -i '/def test_mdns_each_address$/,/^ end$/ s/^/#/' test/resolv/test_mdns.rb # https://github.com/rubygems/rubygems/issues/2388 DISABLE_TESTS="$DISABLE_TESTS -n !/test_do_not_allow_invalid_client_cert_auth_connection/" -make check TESTS="-v $DISABLE_TESTS" +# Disable File.lchmod specs, which fails when building against glibc 2.31.9000. +# https://bugs.ruby-lang.org/issues/16749 +MSPECOPTS="$MSPECOPTS -P 'File.lchmod returns false from \#respond_to?'" +MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" + +make check TESTS="-v $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS" %files %license BSDL @@ -1091,6 +1103,7 @@ make check TESTS="-v $DISABLE_TESTS" %changelog * Wed Oct 14 2020 Jun Aruga - 2.5.5-106 - Fix checksec 2.0+ compatibility. +- Fix FTBFS due to glibc 2.31.9000 implementing lchmod(2). * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From 3e278dba2fb90bc4bded73626f7f962c1898cfb0 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Fri, 11 Sep 2020 14:47:07 +0200 Subject: [PATCH 06/19] Remove tests using Bug::NotImplement class. On Ruby 2.5.5, it's not implemented in ext/-test-/notimplement/bug.c . The patch is available from 2.6. See https://github.com/ruby/ruby/commit/0381ec5164c12a20bf5889c18b3a5d94ad7af623 --- ruby-2.8.0-Moved-not-implemented-method-tests.patch | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/ruby-2.8.0-Moved-not-implemented-method-tests.patch b/ruby-2.8.0-Moved-not-implemented-method-tests.patch index 8202043..72d09bc 100644 --- a/ruby-2.8.0-Moved-not-implemented-method-tests.patch +++ b/ruby-2.8.0-Moved-not-implemented-method-tests.patch @@ -15,18 +15,16 @@ diff --git a/test/-ext-/test_notimplement.rb b/test/-ext-/test_notimplement.rb index 0eba7bdaf8..be8c3623cc 100644 --- a/test/-ext-/test_notimplement.rb +++ b/test/-ext-/test_notimplement.rb -@@ -10,6 +10,13 @@ def test_funcall_notimplement +@@ -10,6 +10,11 @@ def test_funcall_notimplement end def test_respond_to + assert_include(Bug.methods(false), :notimplement) -+ assert_include(Bug::NotImplement.instance_methods(false), :notimplement) assert_not_respond_to(Bug, :notimplement) end + + def test_method_inspect_notimplement + assert_match(/not-implemented/, Bug.method(:notimplement).inspect) -+ assert_match(/not-implemented/, Bug::NotImplement.instance_method(:notimplement).inspect) + end end diff --git a/test/ruby/test_notimp.rb b/test/ruby/test_notimp.rb From dbae48339f639c6b3c655052b56d167037361848 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Wed, 14 Oct 2020 12:12:31 +0200 Subject: [PATCH 07/19] Adjust ruby-2.6.0-library-options-to-MAINLIBS.patch to fix Hunk lines. The issue comes from the past commit. --- ruby-2.6.0-library-options-to-MAINLIBS.patch | 28 ++++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/ruby-2.6.0-library-options-to-MAINLIBS.patch b/ruby-2.6.0-library-options-to-MAINLIBS.patch index 199798d..dec4e5a 100644 --- a/ruby-2.6.0-library-options-to-MAINLIBS.patch +++ b/ruby-2.6.0-library-options-to-MAINLIBS.patch @@ -16,7 +16,7 @@ git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62627 b2dd03c8-39d4-4d8f-98ff- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/configure.ac b/configure.ac -index aebbae1969a5..733a0c992fd7 100644 +index 5f492585b3..976be1a835 100644 --- a/configure.ac +++ b/configure.ac @@ -10,6 +10,7 @@ AC_DISABLE_OPTION_CHECKING @@ -27,7 +27,7 @@ index aebbae1969a5..733a0c992fd7 100644 AC_DEFUN([RUBY_RM_RECURSIVE], [ m4_version_prereq([2.70], [-1], [ -@@ -2938,13 +2939,11 @@ AS_IF([test x"$enable_pthread" = xyes], [ +@@ -2939,13 +2940,11 @@ AS_IF([test x"$enable_pthread" = xyes], [ AC_DEFINE(_THREAD_SAFE) AC_DEFINE(HAVE_LIBPTHREAD) AC_CHECK_HEADERS(pthread_np.h, [], [], [@%:@include ]) @@ -46,7 +46,7 @@ index aebbae1969a5..733a0c992fd7 100644 ], [ AC_MSG_WARN("Don't know how to find pthread library on your system -- thread support disabled") ]) -@@ -3623,7 +3622,7 @@ LIBRUBY_A='lib$(RUBY_SO_NAME)-static.a' +@@ -3624,7 +3623,7 @@ LIBRUBY_A='lib$(RUBY_SO_NAME)-static.a' LIBRUBY='$(LIBRUBY_A)' LIBRUBYARG_STATIC='-l$(RUBY_SO_NAME)-static' LIBRUBYARG='$(LIBRUBYARG_STATIC)' @@ -55,7 +55,7 @@ index aebbae1969a5..733a0c992fd7 100644 AS_CASE(["$target_os"], [cygwin*|mingw*|haiku*|darwin*], [ -@@ -3689,9 +3688,6 @@ AS_CASE("$enable_shared", [yes], [ +@@ -3690,9 +3689,6 @@ AS_CASE("$enable_shared", [yes], [ LIBRUBY_RELATIVE=no test -z "$CCDLFLAGS" || CFLAGS="$CFLAGS $CCDLFLAGS" ENABLE_SHARED=yes @@ -65,7 +65,7 @@ index aebbae1969a5..733a0c992fd7 100644 # libdir can be overridden in config.site file (on OpenSUSE at least). libdir_basename=lib -@@ -3726,7 +3722,6 @@ AS_CASE("$enable_shared", [yes], [ +@@ -3727,7 +3723,6 @@ AS_CASE("$enable_shared", [yes], [ ]) ], [freebsd*|dragonfly*], [ @@ -73,7 +73,7 @@ index aebbae1969a5..733a0c992fd7 100644 LIBRUBY_SO='lib$(RUBY_SO_NAME).$(SOEXT).$(MAJOR)$(MINOR)' LIBRUBY_SONAME='$(LIBRUBY_SO)' AS_IF([test "$rb_cv_binary_elf" != "yes" ], [ -@@ -3735,7 +3730,6 @@ AS_CASE("$enable_shared", [yes], [ +@@ -3736,7 +3731,6 @@ AS_CASE("$enable_shared", [yes], [ ]) ], [netbsd*], [ @@ -81,7 +81,7 @@ index aebbae1969a5..733a0c992fd7 100644 LIBRUBY_SONAME='lib$(RUBY_SO_NAME).$(SOEXT).$(MAJOR)$(MINOR)' LIBRUBY_SO="${LIBRUBY_SONAME}"'.$(TEENY)' RUBY_APPEND_OPTIONS(LIBRUBY_DLDFLAGS, ['-Wl,-soname,$(LIBRUBY_SONAME)' "$LDFLAGS_OPTDIR"]) -@@ -3746,11 +3740,9 @@ AS_CASE("$enable_shared", [yes], [ +@@ -3747,11 +3741,9 @@ AS_CASE("$enable_shared", [yes], [ ]) ], [openbsd*|mirbsd*], [ @@ -93,7 +93,7 @@ index aebbae1969a5..733a0c992fd7 100644 LIBRUBY_SO='lib$(RUBY_SO_NAME).$(SOEXT).$(MAJOR)' LIBRUBY_SONAME='lib$(RUBY_SO_NAME).$(SOEXT).$(RUBY_PROGRAM_VERSION)' LIBRUBY_ALIASES='$(LIBRUBY_SONAME) lib$(RUBY_SO_NAME).$(SOEXT)' -@@ -3768,7 +3760,7 @@ AS_CASE("$enable_shared", [yes], [ +@@ -3769,7 +3761,7 @@ AS_CASE("$enable_shared", [yes], [ [aix*], [ RUBY_APPEND_OPTIONS(LIBRUBY_DLDFLAGS, ["${linker_flag}-bnoentry" "$XLDFLAGS" "$LDFLAGS_OPTDIR"]) LIBRUBYARG_SHARED='-L${libdir} -l${RUBY_SO_NAME}' @@ -102,7 +102,7 @@ index aebbae1969a5..733a0c992fd7 100644 ], [darwin*], [ LIBRUBY_LDSHARED='$(CC) -dynamiclib' -@@ -3788,7 +3780,6 @@ AS_CASE("$enable_shared", [yes], [ +@@ -3789,7 +3781,6 @@ AS_CASE("$enable_shared", [yes], [ LIBRUBY_SO='lib$(RUBY_SO_NAME).$(SOEXT)' LIBRUBY_SONAME='lib$(RUBY_BASE_NAME).$(RUBY_API_VERSION).$(SOEXT)' LIBRUBY_ALIASES='$(LIBRUBY_SONAME) lib$(RUBY_INSTALL_NAME).$(SOEXT)' @@ -110,7 +110,7 @@ index aebbae1969a5..733a0c992fd7 100644 ], [interix*], [ LIBRUBYARG_SHARED='-L. -L${libdir} -l$(RUBY_SO_NAME)' -@@ -4031,7 +4022,6 @@ AS_CASE(["$target_os"], +@@ -4032,7 +4023,6 @@ AS_CASE(["$target_os"], ]) LIBRUBY_ALIASES='' FIRSTMAKEFILE=GNUmakefile:cygwin/GNUmakefile.in @@ -118,7 +118,7 @@ index aebbae1969a5..733a0c992fd7 100644 AS_IF([test x"$enable_shared" = xyes], [ LIBRUBY='lib$(RUBY_SO_NAME).dll.a' ], [ -@@ -4131,6 +4121,13 @@ AS_IF([test "${universal_binary-no}" = yes ], [ +@@ -4132,6 +4122,13 @@ AS_IF([test "${universal_binary-no}" = yes ], [ [rb_cv_architecture_available=yes], [rb_cv_architecture_available=no])) ]) @@ -133,7 +133,7 @@ index aebbae1969a5..733a0c992fd7 100644 test -z "$CPPFLAGS" || CPPFLAGS="$CPPFLAGS "; CPPFLAGS="$CPPFLAGS"'${cppflags}' AS_IF([test -n "${cflags+set}"], [ diff --git a/template/ruby.pc.in b/template/ruby.pc.in -index d874f92c3b20..7ce4461c05df 100644 +index 9f3e8847bb..c4d46f6a9c 100644 --- a/template/ruby.pc.in +++ b/template/ruby.pc.in @@ -39,6 +39,7 @@ sitehdrdir=@sitehdrdir@ @@ -145,10 +145,10 @@ index d874f92c3b20..7ce4461c05df 100644 LIBPATH=@LIBPATH@ LIBRUBY_A=@LIBRUBY_A@ diff --git a/win32/Makefile.sub b/win32/Makefile.sub -index 8673c121641e..f8316cccb68e 100644 +index 70440e1c9d..2f8cf74c3f 100644 --- a/win32/Makefile.sub +++ b/win32/Makefile.sub -@@ -279,6 +279,7 @@ MJIT_DEBUGFLAGS = $(DEBUGFLAGS) +@@ -279,6 +279,7 @@ LDSHARED_2 = @if exist $(@).manifest @$(RM) $(@:/=\).manifest CPPFLAGS = $(DEFS) $(ARCHDEFS) $(CPPFLAGS) DLDFLAGS = $(LDFLAGS) -dll From 65a530cc0351d986e9e477bdab60badf843d9ccc Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Tue, 9 Jun 2020 16:11:19 +0200 Subject: [PATCH 08/19] Fix FTBFS due to libyaml 0.2.5. --- ruby-2.7.2-psych-fix-yaml-tests.patch | 162 ++++++++++++++++++++++++++ ruby.spec | 5 + 2 files changed, 167 insertions(+) create mode 100644 ruby-2.7.2-psych-fix-yaml-tests.patch diff --git a/ruby-2.7.2-psych-fix-yaml-tests.patch b/ruby-2.7.2-psych-fix-yaml-tests.patch new file mode 100644 index 0000000..e556f0a --- /dev/null +++ b/ruby-2.7.2-psych-fix-yaml-tests.patch @@ -0,0 +1,162 @@ +From 3c55d93cf68b1a969b90b306de4dd8b88d74a2f2 Mon Sep 17 00:00:00 2001 +From: nagachika +Date: Sat, 13 Jun 2020 11:29:51 +0900 +Subject: [PATCH] merge revision(s) 7e289cdf3fed588b2d5a6973e29f9ff95cb8d76c: + [Backport #16949] + + [ruby/psych] Fixing compatibility with libyaml 0.2.5 + + The main issue is that commas aren't allowed in local tags. libyaml + was updated to follow the spec, and our tests were out of date. + + See: https://github.com/yaml/libyaml/issues/196 + + https://github.com/ruby/psych/commit/3f5e520fd3 +--- + test/psych/test_nil.rb | 4 ++-- + test/psych/test_psych.rb | 17 +++++++---------- + test/psych/test_yaml.rb | 24 ++++++++++++------------ + version.h | 4 ++-- + 4 files changed, 23 insertions(+), 26 deletions(-) + +diff --git a/test/psych/test_nil.rb b/test/psych/test_nil.rb +index 910a2e697def..bcbbcb9c9397 100644 +--- a/test/psych/test_nil.rb ++++ b/test/psych/test_nil.rb +@@ -5,13 +5,13 @@ module Psych + class TestNil < TestCase + def test_nil + yml = Psych.dump nil +- assert_match(/--- \n(?:\.\.\.\n)?/, yml) ++ assert_match(/---[ ]?\n(?:\.\.\.\n)?/, yml) + assert_nil Psych.load(yml) + end + + def test_array_nil + yml = Psych.dump [nil] +- assert_equal "---\n- \n", yml ++ assert_match(/---\n-[ ]?\n/, yml) + assert_equal [nil], Psych.load(yml) + end + +diff --git a/test/psych/test_psych.rb b/test/psych/test_psych.rb +index eeadc864ef4e..e557feffb76a 100644 +--- a/test/psych/test_psych.rb ++++ b/test/psych/test_psych.rb +@@ -121,17 +121,17 @@ def test_add_builtin_type + + def test_domain_types + got = nil +- Psych.add_domain_type 'foo.bar,2002', 'foo' do |type, val| ++ Psych.add_domain_type 'foo.bar/2002', 'foo' do |type, val| + got = val + end + +- Psych.load('--- !foo.bar,2002/foo hello') ++ Psych.load('--- !foo.bar/2002:foo hello') + assert_equal 'hello', got + +- Psych.load("--- !foo.bar,2002/foo\n- hello\n- world") ++ Psych.load("--- !foo.bar/2002:foo\n- hello\n- world") + assert_equal %w{ hello world }, got + +- Psych.load("--- !foo.bar,2002/foo\nhello: world") ++ Psych.load("--- !foo.bar/2002:foo\nhello: world") + assert_equal({ 'hello' => 'world' }, got) + end + +@@ -170,16 +170,13 @@ def test_callbacks + types = [] + appender = lambda { |*args| types << args } + +- Psych.add_builtin_type('foo', &appender) +- Psych.add_domain_type('example.com,2002', 'foo', &appender) ++ Psych.add_domain_type('example.com:2002', 'foo', &appender) + Psych.load <<-eoyml +-- !tag:yaml.org,2002:foo bar +-- !tag:example.com,2002:foo bar ++- !tag:example.com:2002:foo bar + eoyml + + assert_equal [ +- ["tag:yaml.org,2002:foo", "bar"], +- ["tag:example.com,2002:foo", "bar"] ++ ["tag:example.com:2002:foo", "bar"] + ], types + end + +diff --git a/test/psych/test_yaml.rb b/test/psych/test_yaml.rb +index 5fa759c981b2..0dfd60f89434 100644 +--- a/test/psych/test_yaml.rb ++++ b/test/psych/test_yaml.rb +@@ -617,11 +617,11 @@ def test_spec_domain_prefix + raise ArgumentError, "Not a Hash in domain.tld,2002/invoice: " + val.inspect + end + } +- Psych.add_domain_type( "domain.tld,2002", 'invoice', &customer_proc ) +- Psych.add_domain_type( "domain.tld,2002", 'customer', &customer_proc ) ++ Psych.add_domain_type( "domain.tld/2002", 'invoice', &customer_proc ) ++ Psych.add_domain_type( "domain.tld/2002", 'customer', &customer_proc ) + assert_parse_only( { "invoice"=> { "customers"=> [ { "given"=>"Chris", "type"=>"domain customer", "family"=>"Dumars" } ], "type"=>"domain invoice" } }, <7, "center"=>{"x"=>73, "y"=>129}, "TYPE"=>"Shape: graph/circle"}, {"finish"=>{"x"=>89, "y"=>102}, "TYPE"=>"Shape: graph/line", "start"=>{"x"=>73, "y"=>129}}, {"TYPE"=>"Shape: graph/text", "value"=>"Pretty vector drawing.", "start"=>{"x"=>73, "y"=>129}, "color"=>16772795}, "Shape Container"]], < - 2.5.5-106 - Fix checksec 2.0+ compatibility. - Fix FTBFS due to glibc 2.31.9000 implementing lchmod(2). +- Fix FTBFS due to libyaml 0.2.5. * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From 8855a68692262f4d661a3e3ff1cf265ddff5e803 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ondruch?= Date: Mon, 27 Jul 2020 17:15:32 +0200 Subject: [PATCH 09/19] Disable LTO, which appear to cause issues with SIGSEV handler. https://src.fedoraproject.org/rpms/redhat-rpm-config/c/5baaf4a99cc77572d3496a7000674098bef7ed68?branch=master --- ruby.spec | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ruby.spec b/ruby.spec index 0bdcad7..ee3b629 100644 --- a/ruby.spec +++ b/ruby.spec @@ -71,6 +71,10 @@ %bcond_without hardening_test %endif +# LTO appears to cause some issue to SEGV handler. +# https://bugs.ruby-lang.org/issues/17052 +%define _lto_cflags %{nil} + Summary: An interpreter of object-oriented scripting language Name: ruby Version: %{ruby_version} @@ -1109,6 +1113,7 @@ make check TESTS="-v $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS" - Fix checksec 2.0+ compatibility. - Fix FTBFS due to glibc 2.31.9000 implementing lchmod(2). - Fix FTBFS due to libyaml 0.2.5. +- Disable LTO, which appear to cause issues with SIGSEV handler. * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From 763e371dd60742c5578c31a23c935cfafb0a0497 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Thu, 6 Aug 2020 13:54:28 +0200 Subject: [PATCH 10/19] Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add. --- ..._bug_reporter_add-witout-raising-err.patch | 34 +++++++++++++++++++ ruby.spec | 6 +++- 2 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch diff --git a/ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch b/ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch new file mode 100644 index 0000000..b7ea046 --- /dev/null +++ b/ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch @@ -0,0 +1,34 @@ +From 9b42fce32bff25e0569581f76f532b9d57865aef Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?V=C3=ADt=20Ondruch?= +Date: Mon, 27 Jul 2020 14:56:05 +0200 +Subject: [PATCH] Timeout the test_bug_reporter_add witout raising error. + +While timeouting the threads might be still good idea, it does not seems +the timeout impacts the TestBugReporter#test_bug_reporter_add result, +because the output of the child process has been already collected +earlier. + +It seems that when the system is under heavy load, the thread might not +be sheduled to finish its processing. Even finishing the child process +might take tens of seconds and therefore the test case finish might take +a while. +--- + test/-ext-/bug_reporter/test_bug_reporter.rb | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/-ext-/bug_reporter/test_bug_reporter.rb b/test/-ext-/bug_reporter/test_bug_reporter.rb +index 628fcd0340..2c677cc8a7 100644 +--- a/test/-ext-/bug_reporter/test_bug_reporter.rb ++++ b/test/-ext-/bug_reporter/test_bug_reporter.rb +@@ -17,7 +17,7 @@ def test_bug_reporter_add + args = ["--disable-gems", "-r-test-/bug_reporter", + "-C", tmpdir] + stdin = "register_sample_bug_reporter(12345); Process.kill :SEGV, $$" +- assert_in_out_err(args, stdin, [], expected_stderr, encoding: "ASCII-8BIT") ++ assert_in_out_err(args, stdin, [], expected_stderr, encoding: "ASCII-8BIT", timeout_error: nil) + ensure + FileUtils.rm_rf(tmpdir) if tmpdir + end +-- +2.27.0 + diff --git a/ruby.spec b/ruby.spec index ee3b629..3c85b82 100644 --- a/ruby.spec +++ b/ruby.spec @@ -150,11 +150,13 @@ Patch15: ruby-2.6.0-library-options-to-MAINLIBS.patch # https://github.com/rubygems/rubygems/pull/2367 Patch16: ruby-2.5.1-Avoid-need-of-C++-compiler-to-pass-the-test-suite.patch # https://github.com/ruby/rdoc/commit/d05e6269d4a4dfd701f5ddb3ae34306cba891511 +# Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add. +# https://bugs.ruby-lang.org/issues/16492 +Patch19: ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch # Properly harden package using -fstack-protector-strong. # https://bugs.ruby-lang.org/issues/15053 Patch24: ruby-2.6.0-configure-fstack-protector-strong.patch - # Add support for .include directive used by OpenSSL config files. # https://github.com/ruby/openssl/pull/216 Patch22: ruby-2.6.0-config-support-include-directive.patch @@ -552,6 +554,7 @@ rm -rf ext/fiddle/libffi* %patch14 -p1 %patch15 -p1 %patch16 -p1 +%patch19 -p1 %patch20 -p1 %patch22 -p1 %patch23 -p1 @@ -1114,6 +1117,7 @@ make check TESTS="-v $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS" - Fix FTBFS due to glibc 2.31.9000 implementing lchmod(2). - Fix FTBFS due to libyaml 0.2.5. - Disable LTO, which appear to cause issues with SIGSEV handler. +- Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add. * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From 027b62ae4eecc8bd61dee87a436f3daf73396f7d Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Thu, 28 May 2020 17:31:05 +0200 Subject: [PATCH 11/19] Give an option to increase the timeout in tests. Because setting the option makes some tests stable that are currently randomly failing with error on especially s390x and aarch64. We observed the failing tests are calling `assert_in_out_err` method calling `invoke_ruby` calling method. Then when the `th_stdout.join(timeout)` or `th_stderr.join(timeout)` returns `nil` as thread timeout in `invoke_ruby` method, it causes the error. [1][2] The `test_timeout_scale` macro is to set the environment variable `RUBY_TEST_TIMEOUT_SCALE` to increase the timeout in `apply_timeout_scale` method as = * . As an example, `TestBugReporter#test_bug_reporter_add` test's maximum thread timeout was 56+ seconds for the default timeout 10 seconds. [3] In this case setting `RUBY_TEST_TIMEOUT_SCALE=6` (6 * 10 = 60) is good enough for 56+ seconds. [1] https://github.com/ruby/ruby/blob/v2_7_1/tool/lib/envutil.rb#L149 [2] https://bugs.ruby-lang.org/issues/16492#note-8 [3] https://bugs.ruby-lang.org/issues/16492#note-4 --- ruby.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ruby.spec b/ruby.spec index 3c85b82..0025319 100644 --- a/ruby.spec +++ b/ruby.spec @@ -793,7 +793,10 @@ DISABLE_TESTS="$DISABLE_TESTS -n !/test_do_not_allow_invalid_client_cert_auth_co MSPECOPTS="$MSPECOPTS -P 'File.lchmod returns false from \#respond_to?'" MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" -make check TESTS="-v $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS" +# Give an option to increase the timeout in tests. +# https://bugs.ruby-lang.org/issues/16921 +%{?test_timeout_scale:RUBY_TEST_TIMEOUT_SCALE="%{test_timeout_scale}"} \ + make check TESTS="-v $DISABLE_TESTS" MSPECOPT="-fs $MSPECOPTS" %files %license BSDL From c3cfe81c22a238cb7ccca77629bb910e81fd567c Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Wed, 23 Sep 2020 18:09:46 +0200 Subject: [PATCH 12/19] Use larger keys for test_ssl test failures. --- ...2.6.0-use-larger-keys-for-SSL-tests2.patch | 51 +++++++++++++++++++ ruby.spec | 5 ++ 2 files changed, 56 insertions(+) create mode 100644 ruby-2.6.0-use-larger-keys-for-SSL-tests2.patch diff --git a/ruby-2.6.0-use-larger-keys-for-SSL-tests2.patch b/ruby-2.6.0-use-larger-keys-for-SSL-tests2.patch new file mode 100644 index 0000000..78ccf1f --- /dev/null +++ b/ruby-2.6.0-use-larger-keys-for-SSL-tests2.patch @@ -0,0 +1,51 @@ +From 6872cefaf682c7e9d538ef9d87f94f7a77c21154 Mon Sep 17 00:00:00 2001 +From: nagachika +Date: Wed, 7 Aug 2019 12:38:15 +0000 +Subject: [PATCH] merge revision(s) 1e54903684aa3c9ea3fe54520157846a1b1f07be: + [Backport #16051] + + test/openssl: Support OpenSSL 1.1.1 + + OpenSSL 1.1.1 rejects some shorter keys, which caused some failures of + `make test-all TESTS=openssl`. + + https://rubyci.org/logs/rubyci.s3.amazonaws.com/debian/ruby-master/log/20190606T003005Z.fail.html.gz + + This change merges 6bbc31ddd1 and 63fb3a36d1 in + https://github.com/ruby/openssl. + Reference: https://github.com/ruby/openssl/pull/217 + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67735 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + test/openssl/test_ssl.rb | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb +index 46570b8b95..51d63859c0 100644 +--- a/test/openssl/test_ssl.rb ++++ b/test/openssl/test_ssl.rb +@@ -81,7 +81,7 @@ def test_add_certificate_multiple_certs + add0_chain_supported = openssl?(1, 0, 2) + + if add0_chain_supported +- ca2_key = Fixtures.pkey("rsa1024") ++ ca2_key = Fixtures.pkey("rsa2048") + ca2_exts = [ + ["basicConstraints", "CA:TRUE", true], + ["keyUsage", "cRLSign, keyCertSign", true], +@@ -1357,7 +1357,12 @@ def test_fallback_scsv + # Server support better, so refuse the connection + sock1, sock2 = socketpair + begin ++ # This test is for the downgrade protection mechanism of TLS1.2. ++ # This is why ctx1 bounds max_version == TLS1.2. ++ # Otherwise, this test fails when using openssl 1.1.1 (or later) that supports TLS1.3. ++ # TODO: We may need another test for TLS1.3 because it seems to have a different mechanism. + ctx1 = OpenSSL::SSL::SSLContext.new ++ ctx1.max_version = OpenSSL::SSL::TLS1_2_VERSION + s1 = OpenSSL::SSL::SSLSocket.new(sock1, ctx1) + + ctx2 = OpenSSL::SSL::SSLContext.new +-- +2.26.2 + diff --git a/ruby.spec b/ruby.spec index 0025319..653c9e9 100644 --- a/ruby.spec +++ b/ruby.spec @@ -168,6 +168,9 @@ Patch23: ruby-2.6.0-use-larger-keys-for-SSL-tests.patch Patch41: ruby-2.8.0-Brace-the-fact-that-lchmod-can-EOPNOTSUPP.patch # https://github.com/ruby/ruby/commit/72c02aa4b79731c7f25c9267f74b347f1946c704 Patch42: ruby-2.8.0-Moved-not-implemented-method-tests.patch +# Use larger keys for test_ssl test failures. +# https://github.com/ruby/ruby/commit/a3843824c455d0b0efcfc5af03cbcebaac090eda +Patch43: ruby-2.6.0-use-larger-keys-for-SSL-tests2.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Suggests: rubypick @@ -561,6 +564,7 @@ rm -rf ext/fiddle/libffi* %patch24 -p1 %patch41 -p1 %patch42 -p1 +%patch43 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1121,6 +1125,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" - Fix FTBFS due to libyaml 0.2.5. - Disable LTO, which appear to cause issues with SIGSEV handler. - Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add. +- Use larger keys for test_ssl test failures. * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From a612f78c698c9ed06afbc43ea3ad27b4b9f82e11 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Thu, 24 Sep 2020 16:20:17 +0200 Subject: [PATCH 13/19] Regenerate server certificates with larger keys for open-uri tests. --- ...nerate-server-certificates-for-tests.patch | 447 ++++++++++++++++++ ruby.spec | 5 + 2 files changed, 452 insertions(+) create mode 100644 ruby-2.6.4-open-uri-regenerate-server-certificates-for-tests.patch diff --git a/ruby-2.6.4-open-uri-regenerate-server-certificates-for-tests.patch b/ruby-2.6.4-open-uri-regenerate-server-certificates-for-tests.patch new file mode 100644 index 0000000..32f22a9 --- /dev/null +++ b/ruby-2.6.4-open-uri-regenerate-server-certificates-for-tests.patch @@ -0,0 +1,447 @@ +From 57bf80dc7d6ef19baf2171a55b538ed56bebb6a7 Mon Sep 17 00:00:00 2001 +From: nagachika +Date: Wed, 7 Aug 2019 12:25:24 +0000 +Subject: [PATCH] merge revision(s) 43730256e800dd8e0c5cc482e9861868590ae037: + + open-uri: Regenerate server certificates for tests + + OpenSSL 1.1.1 requires 2048 bits or more. This change will fix: + https://rubyci.org/logs/rubyci.s3.amazonaws.com/debian/ruby-master/log/20190527T003004Z.fail.html.gz#test%2Fopen-uri + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67734 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + test/open-uri/test_ssl.rb | 341 ++++++++++++++++++++++++-------------- + 1 file changed, 217 insertions(+), 124 deletions(-) + +diff --git a/test/open-uri/test_ssl.rb b/test/open-uri/test_ssl.rb +index 948cb6a959..337139604f 100644 +--- a/test/open-uri/test_ssl.rb ++++ b/test/open-uri/test_ssl.rb +@@ -175,18 +175,18 @@ def test_proxy_cacert_dir + end if defined?(OpenSSL::SSL) + + if defined?(OpenSSL::SSL) +-# cp /etc/ssl/openssl.cnf . # I copied from OpenSSL 1.0.2h source ++# cp /etc/ssl/openssl.cnf . # I copied from OpenSSL 1.1.1b source + + # mkdir demoCA demoCA/private demoCA/newcerts + # touch demoCA/index.txt + # echo 00 > demoCA/serial +-# openssl genrsa -des3 -out demoCA/private/cakey.pem 1024 ++# openssl genrsa -des3 -out demoCA/private/cakey.pem 2048 + # openssl req -new -key demoCA/private/cakey.pem -out demoCA/careq.pem -subj "/C=JP/ST=Tokyo/O=RubyTest/CN=Ruby Test CA" + # # basicConstraints=CA:TRUE is required; the default openssl.cnf has it in [v3_ca] + # openssl ca -config openssl.cnf -extensions v3_ca -out demoCA/cacert.pem -startdate 090101000000Z -enddate 491231235959Z -batch -keyfile demoCA/private/cakey.pem -selfsign -infiles demoCA/careq.pem + + # mkdir server +-# openssl genrsa -des3 -out server/server.key 1024 ++# openssl genrsa -des3 -out server/server.key 2048 + # openssl req -new -key server/server.key -out server/csr.pem -subj "/C=JP/ST=Tokyo/O=RubyTest/CN=127.0.0.1" + # openssl ca -config openssl.cnf -startdate 090101000000Z -enddate 491231235959Z -in server/csr.pem -keyfile demoCA/private/cakey.pem -cert demoCA/cacert.pem -out server/cert.pem + +@@ -199,7 +199,7 @@ def test_proxy_cacert_dir + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) +- Signature Algorithm: sha256WithRSAEncryption ++ Signature Algorithm: sha256WithRSAEncryption + Issuer: C=JP, ST=Tokyo, O=RubyTest, CN=Ruby Test CA + Validity + Not Before: Jan 1 00:00:00 2009 GMT +@@ -207,49 +207,70 @@ def test_proxy_cacert_dir + Subject: C=JP, ST=Tokyo, O=RubyTest, CN=Ruby Test CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption +- Public-Key: (1024 bit) ++ RSA Public-Key: (2048 bit) + Modulus: +- 00:be:74:41:33:c9:1b:e1:12:78:6b:b4:52:2e:ae: +- b6:e2:1e:58:65:57:2d:cb:07:3f:91:c9:53:7a:e7: +- 2e:68:2c:0c:5d:8b:16:a7:42:4a:5c:6f:c7:aa:44: +- ff:6d:c6:d7:49:0e:b1:5d:03:5b:51:ce:d5:cc:cd: +- ab:69:cc:c2:43:76:b1:b2:30:3b:e7:f6:1f:3e:35: +- 1d:21:75:41:96:eb:84:a0:34:6f:a4:5d:70:a2:b2: +- d5:fe:b9:45:47:a1:e8:ca:e3:b7:bb:4d:37:1c:f3: +- 96:d4:2d:80:85:cd:8e:31:96:53:92:a0:fe:e4:4c: +- 16:47:5e:c8:27:32:70:a8:6b ++ 00:ad:f3:4d:5b:0b:01:54:cc:86:36:d1:93:6b:33: ++ 56:25:90:61:d6:9a:a0:f4:24:20:ee:c8:14:ab:0f: ++ 4b:89:d8:7c:bb:c0:f8:7f:fb:e9:a2:d5:1c:6b:6f: ++ dc:5c:23:b1:49:aa:2c:e8:ca:43:48:64:69:4b:8a: ++ bd:44:57:9b:14:d9:7a:b2:49:00:d6:c2:74:67:62: ++ 52:1d:a9:32:df:fe:7a:22:20:49:83:e1:cb:3d:dc: ++ 1a:2a:f0:36:20:c1:e8:c8:89:d4:51:1a:68:91:20: ++ e0:ba:67:0a:b2:6b:f8:e3:8c:f5:ee:a1:36:b1:89: ++ ec:23:b6:f2:39:a9:b9:2e:ea:de:d9:86:e5:42:11: ++ 46:ed:10:9a:90:76:44:4e:4d:49:2d:49:e8:e3:cb: ++ ff:7a:7d:80:cb:bf:c4:c3:69:ba:9c:60:4a:de:af: ++ bf:26:78:b8:fb:46:d1:37:d0:89:ba:78:93:6a:37: ++ a5:e9:58:e7:e2:e3:7d:7c:95:20:79:41:56:15:cd: ++ b2:c6:3b:e1:b7:e7:ba:47:60:9a:05:b1:07:f3:26: ++ 72:9d:3b:1b:02:18:3d:d5:de:e6:e9:30:a9:b5:8f: ++ 15:1b:40:f9:64:61:54:d3:53:e8:c4:29:4a:89:f3: ++ e5:0d:fd:16:61:ee:f2:6d:8a:45:a8:34:7e:53:46: ++ 8e:87 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: +- 71:DB:DC:BA:F6:7F:75:31:7A:ED:AB:8B:48:93:86:94:1A:FF:30:58 ++ A0:7E:0B:AD:A3:AD:37:D7:21:0B:75:6F:8A:90:5F:8C:C9:69:DF:98 + X509v3 Authority Key Identifier: +- keyid:71:DB:DC:BA:F6:7F:75:31:7A:ED:AB:8B:48:93:86:94:1A:FF:30:58 ++ keyid:A0:7E:0B:AD:A3:AD:37:D7:21:0B:75:6F:8A:90:5F:8C:C9:69:DF:98 + +- X509v3 Basic Constraints: ++ X509v3 Basic Constraints: critical + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption +- 91:1c:45:a5:c0:4e:fc:54:39:62:33:80:7d:03:c1:b8:51:f7: +- 56:83:6c:a3:15:50:cf:92:a0:77:a3:34:16:b5:30:f0:33:5a: +- be:6a:ac:17:87:70:f8:4e:4d:49:ac:8b:84:fd:e5:0f:15:d7: +- 9a:29:cc:a9:f5:97:f5:13:2a:86:3b:2d:f4:b7:b4:a2:7c:e1: +- 0e:2a:ff:91:64:31:8f:12:cc:99:bf:e1:de:8f:6f:7c:1b:e4: +- cc:56:c8:bb:85:c9:ba:df:7f:07:7a:cd:03:22:2c:b6:f8:06: +- 35:72:72:b8:52:eb:62:15:85:2b:8f:8c:bc:27:3c:8b:de:32: +- db:95 ++ 06:ea:06:02:19:9a:cb:94:a2:7e:c0:86:71:66:e7:a5:71:46: ++ a2:25:55:f5:e5:58:df:d1:91:58:e6:8a:0e:91:b3:22:4c:88: ++ 4d:5f:02:af:0f:73:65:0d:af:9a:f2:e4:36:f3:1f:e8:28:1d: ++ 9c:74:72:5b:f7:12:e8:fa:45:d6:df:e5:f1:d3:91:f4:0e:db: ++ e2:56:63:ee:82:57:6f:12:ad:d7:0d:de:5a:8c:3d:76:d2:87: ++ c9:48:1c:c4:f3:89:63:3c:c2:25:e0:dd:63:a6:4c:6c:5a:07: ++ 7b:86:78:62:86:02:a1:ef:0e:41:75:c5:d4:61:ab:c3:3b:9b: ++ 51:0b:e6:34:6d:0b:14:5a:2d:aa:d3:58:26:43:8f:4c:d7:45: ++ 73:1e:67:66:5e:f3:0c:69:70:27:a1:d5:70:f3:5a:10:98:c8: ++ 4f:8a:3b:9f:ad:8e:8d:49:8f:fb:f6:36:5d:4f:70:f9:4f:54: ++ 33:cf:a2:a6:1d:8c:61:b9:30:42:f2:49:d1:3d:a1:f1:eb:1e: ++ 78:a6:30:f8:8a:48:89:c7:3e:bd:0d:d8:72:04:a6:00:e5:62: ++ a4:13:3f:9e:b6:86:25:dc:d1:ff:3a:fc:f5:0e:e4:0e:f7:b8: ++ 66:90:fe:4f:c2:54:2a:7f:61:6e:e7:4b:bf:40:7e:75:30:02: ++ 5b:bb:91:1b + -----BEGIN CERTIFICATE----- +-MIICVDCCAb2gAwIBAgIBADANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJKUDEO ++MIIDXDCCAkSgAwIBAgIBADANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJKUDEO + MAwGA1UECAwFVG9reW8xETAPBgNVBAoMCFJ1YnlUZXN0MRUwEwYDVQQDDAxSdWJ5 + IFRlc3QgQ0EwHhcNMDkwMTAxMDAwMDAwWhcNNDkxMjMxMjM1OTU5WjBHMQswCQYD + VQQGEwJKUDEOMAwGA1UECAwFVG9reW8xETAPBgNVBAoMCFJ1YnlUZXN0MRUwEwYD +-VQQDDAxSdWJ5IFRlc3QgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL50 +-QTPJG+ESeGu0Ui6utuIeWGVXLcsHP5HJU3rnLmgsDF2LFqdCSlxvx6pE/23G10kO +-sV0DW1HO1czNq2nMwkN2sbIwO+f2Hz41HSF1QZbrhKA0b6RdcKKy1f65RUeh6Mrj +-t7tNNxzzltQtgIXNjjGWU5Kg/uRMFkdeyCcycKhrAgMBAAGjUDBOMB0GA1UdDgQW +-BBRx29y69n91MXrtq4tIk4aUGv8wWDAfBgNVHSMEGDAWgBRx29y69n91MXrtq4tI +-k4aUGv8wWDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAJEcRaXATvxU +-OWIzgH0DwbhR91aDbKMVUM+SoHejNBa1MPAzWr5qrBeHcPhOTUmsi4T95Q8V15op +-zKn1l/UTKoY7LfS3tKJ84Q4q/5FkMY8SzJm/4d6Pb3wb5MxWyLuFybrffwd6zQMi +-LLb4BjVycrhS62IVhSuPjLwnPIveMtuV ++VQQDDAxSdWJ5IFRlc3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB ++AQCt801bCwFUzIY20ZNrM1YlkGHWmqD0JCDuyBSrD0uJ2Hy7wPh/++mi1Rxrb9xc ++I7FJqizoykNIZGlLir1EV5sU2XqySQDWwnRnYlIdqTLf/noiIEmD4cs93Boq8DYg ++wejIidRRGmiRIOC6Zwqya/jjjPXuoTaxiewjtvI5qbku6t7ZhuVCEUbtEJqQdkRO ++TUktSejjy/96fYDLv8TDabqcYErer78meLj7RtE30Im6eJNqN6XpWOfi4318lSB5 ++QVYVzbLGO+G357pHYJoFsQfzJnKdOxsCGD3V3ubpMKm1jxUbQPlkYVTTU+jEKUqJ ++8+UN/RZh7vJtikWoNH5TRo6HAgMBAAGjUzBRMB0GA1UdDgQWBBSgfguto6031yEL ++dW+KkF+MyWnfmDAfBgNVHSMEGDAWgBSgfguto6031yELdW+KkF+MyWnfmDAPBgNV ++HRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAG6gYCGZrLlKJ+wIZxZuel ++cUaiJVX15Vjf0ZFY5ooOkbMiTIhNXwKvD3NlDa+a8uQ28x/oKB2cdHJb9xLo+kXW ++3+Xx05H0DtviVmPugldvEq3XDd5ajD120ofJSBzE84ljPMIl4N1jpkxsWgd7hnhi ++hgKh7w5BdcXUYavDO5tRC+Y0bQsUWi2q01gmQ49M10VzHmdmXvMMaXAnodVw81oQ ++mMhPijufrY6NSY/79jZdT3D5T1Qzz6KmHYxhuTBC8knRPaHx6x54pjD4ikiJxz69 ++DdhyBKYA5WKkEz+etoYl3NH/Ovz1DuQO97hmkP5PwlQqf2Fu50u/QH51MAJbu5Eb + -----END CERTIFICATE----- + End + +@@ -258,7 +279,7 @@ def test_proxy_cacert_dir + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) +- Signature Algorithm: sha256WithRSAEncryption ++ Signature Algorithm: sha256WithRSAEncryption + Issuer: C=JP, ST=Tokyo, O=RubyTest, CN=Ruby Test CA + Validity + Not Before: Jan 1 00:00:00 2009 GMT +@@ -266,17 +287,26 @@ def test_proxy_cacert_dir + Subject: C=JP, ST=Tokyo, O=RubyTest, CN=127.0.0.1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption +- Public-Key: (1024 bit) ++ RSA Public-Key: (2048 bit) + Modulus: +- 00:bb:bd:74:69:53:58:50:24:79:f2:eb:db:8b:97: +- e4:69:a4:dd:48:0c:40:35:62:42:b3:35:8c:96:2a: +- 62:76:98:b5:2a:e0:f8:78:33:b6:ff:f8:55:bf:44: +- 69:21:d7:b5:0e:bd:8a:dd:31:1b:88:d5:b4:5e:7a: +- 82:e0:ba:99:6c:04:76:e9:ff:e6:f8:f5:06:8e:7e: +- a4:db:db:eb:43:44:12:a7:ca:ca:2b:aa:5f:83:10: +- e2:9e:35:55:e8:e8:af:be:c8:7d:bb:c2:d4:aa:c1: +- 1c:57:0b:c0:0c:3a:1d:6e:23:a9:03:26:7c:ea:8c: +- f0:86:61:ce:f1:ff:42:c7:23 ++ 00:cb:b3:71:95:12:70:fc:db:d4:a9:a7:66:d6:d3: ++ 09:dd:06:80:19:e1:f2:d6:1e:31:b6:6b:20:75:51: ++ dc:a7:37:a9:ac:5b:57:5d:69:36:b6:de:1d:2c:f6: ++ 44:64:f8:e8:d6:f0:da:38:6a:ba:c2:b1:9e:dc:bb: ++ 79:94:e0:25:0c:ce:76:87:17:5d:79:9e:14:9e:bd: ++ 4c:0d:aa:74:10:3a:96:ef:76:82:d5:72:16:b5:c1: ++ ac:17:2d:90:83:73:5c:d7:a6:f5:36:0f:4c:55:f3: ++ 30:5d:19:dc:01:0e:f8:e6:fe:a5:ad:52:88:59:dc: ++ 4a:07:ed:a2:eb:a1:01:63:c4:8a:92:ba:06:80:9b: ++ 0d:85:f2:9f:f9:70:ac:d7:ad:f0:7a:3f:b8:92:2a: ++ 33:ca:69:d0:01:65:5d:31:38:1d:f6:1f:b2:17:07: ++ 7e:ac:88:67:a6:c4:5f:3e:93:94:61:e6:e4:49:9d: ++ ba:d4:d2:e8:e3:93:d1:66:79:c5:e3:1d:f8:5a:50: ++ 54:58:3d:04:b0:fd:65:d1:b3:8a:b5:8a:30:5f:b2: ++ dc:34:1a:14:f7:74:4c:03:29:97:63:5a:d7:de:bb: ++ eb:7f:4a:2a:90:59:c0:2b:47:09:82:8f:75:de:14: ++ 3f:bc:78:9a:69:25:80:5b:6c:a0:65:12:0d:29:61: ++ ac:f9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: +@@ -284,104 +314,167 @@ def test_proxy_cacert_dir + Netscape Comment: + OpenSSL Generated Certificate + X509v3 Subject Key Identifier: +- 7F:17:5A:58:88:96:E1:1F:44:EA:FF:AD:C6:2E:90:E2:95:32:DD:F0 ++ EC:6B:7C:79:B8:3B:11:1D:42:F3:9A:2A:CF:9A:15:59:D7:F9:D8:C6 + X509v3 Authority Key Identifier: +- keyid:71:DB:DC:BA:F6:7F:75:31:7A:ED:AB:8B:48:93:86:94:1A:FF:30:58 ++ keyid:A0:7E:0B:AD:A3:AD:37:D7:21:0B:75:6F:8A:90:5F:8C:C9:69:DF:98 + + Signature Algorithm: sha256WithRSAEncryption +- 1c:80:02:67:f0:4e:a8:5a:6a:73:9c:de:75:ad:7d:2e:e9:ce: +- c3:2e:cd:70:b4:21:d9:42:0d:7c:0e:77:9e:97:91:13:02:77: +- 4a:cd:f6:fc:26:3d:42:2e:08:85:05:10:df:3a:5f:f0:77:85: +- 44:29:41:dd:03:6b:eb:e7:c8:89:8e:d1:57:a8:ac:43:c8:85: +- c3:95:64:9f:a5:6e:e9:2e:6e:06:45:21:36:ec:d5:79:f5:0e: +- a8:53:b5:f7:02:b0:59:12:e3:ae:73:25:fd:18:ab:23:b2:fc: +- a9:f9:60:e5:a7:d8:ba:0f:db:be:17:81:25:90:fd:7a:21:cb: +- fa:8b ++ 29:14:db:71:e9:a0:86:f8:cc:4d:e4:8a:76:78:a7:ff:4e:94: ++ b4:4d:92:dc:57:9a:52:64:46:27:15:8b:4f:2a:18:a7:0d:fc: ++ d2:75:ce:4e:49:97:0b:46:71:57:23:e3:a5:c0:c5:71:94:fc: ++ f2:1d:3b:06:93:82:03:59:56:d4:fb:09:06:08:b4:97:50:33: ++ cf:58:89:dd:91:31:07:26:9a:7e:7f:8d:71:de:09:dc:4f:e5: ++ 6b:a3:10:71:d4:50:24:43:a0:1c:f5:2a:d9:1a:fb:e3:d6:f1: ++ bc:6b:42:67:16:b4:3b:31:f4:ec:03:7d:78:e2:64:16:57:6d: ++ ba:7c:0c:e1:14:b2:7c:75:4e:2b:09:3e:86:e4:aa:cc:7e:5c: ++ 2b:bd:8d:26:4d:49:36:74:86:fe:c5:a6:15:4a:af:e8:b4:4e: ++ d5:f2:e1:59:c2:fb:7e:c3:c4:f1:63:d8:c2:b0:9a:ae:31:96: ++ 90:c3:09:d0:ce:2e:31:90:d7:83:dd:ac:31:cc:f7:87:41:08: ++ 92:33:28:52:fa:2d:9e:ad:ae:6a:9f:c3:be:ce:c1:a6:e4:16: ++ 2f:69:34:40:86:b6:10:21:0e:31:69:81:9e:fc:fd:c3:06:25: ++ 65:37:d3:d9:4a:20:84:aa:e7:0e:60:7c:bf:3f:88:67:ac:e5: ++ 8c:e0:61:d6 + -----BEGIN CERTIFICATE----- +-MIICfDCCAeWgAwIBAgIBATANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJKUDEO ++MIIDgTCCAmmgAwIBAgIBATANBgkqhkiG9w0BAQsFADBHMQswCQYDVQQGEwJKUDEO + MAwGA1UECAwFVG9reW8xETAPBgNVBAoMCFJ1YnlUZXN0MRUwEwYDVQQDDAxSdWJ5 + IFRlc3QgQ0EwHhcNMDkwMTAxMDAwMDAwWhcNNDkxMjMxMjM1OTU5WjBEMQswCQYD + VQQGEwJKUDEOMAwGA1UECAwFVG9reW8xETAPBgNVBAoMCFJ1YnlUZXN0MRIwEAYD +-VQQDDAkxMjcuMC4wLjEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALu9dGlT +-WFAkefLr24uX5Gmk3UgMQDViQrM1jJYqYnaYtSrg+Hgztv/4Vb9EaSHXtQ69it0x +-G4jVtF56guC6mWwEdun/5vj1Bo5+pNvb60NEEqfKyiuqX4MQ4p41Vejor77IfbvC +-1KrBHFcLwAw6HW4jqQMmfOqM8IZhzvH/QscjAgMBAAGjezB5MAkGA1UdEwQCMAAw +-LAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0G +-A1UdDgQWBBR/F1pYiJbhH0Tq/63GLpDilTLd8DAfBgNVHSMEGDAWgBRx29y69n91 +-MXrtq4tIk4aUGv8wWDANBgkqhkiG9w0BAQsFAAOBgQAcgAJn8E6oWmpznN51rX0u +-6c7DLs1wtCHZQg18Dneel5ETAndKzfb8Jj1CLgiFBRDfOl/wd4VEKUHdA2vr58iJ +-jtFXqKxDyIXDlWSfpW7pLm4GRSE27NV59Q6oU7X3ArBZEuOucyX9GKsjsvyp+WDl +-p9i6D9u+F4ElkP16Icv6iw== ++VQQDDAkxMjcuMC4wLjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL ++s3GVEnD829Spp2bW0wndBoAZ4fLWHjG2ayB1UdynN6msW1ddaTa23h0s9kRk+OjW ++8No4arrCsZ7cu3mU4CUMznaHF115nhSevUwNqnQQOpbvdoLVcha1wawXLZCDc1zX ++pvU2D0xV8zBdGdwBDvjm/qWtUohZ3EoH7aLroQFjxIqSugaAmw2F8p/5cKzXrfB6 ++P7iSKjPKadABZV0xOB32H7IXB36siGemxF8+k5Rh5uRJnbrU0ujjk9FmecXjHfha ++UFRYPQSw/WXRs4q1ijBfstw0GhT3dEwDKZdjWtfeu+t/SiqQWcArRwmCj3XeFD+8 ++eJppJYBbbKBlEg0pYaz5AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgEN ++BB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTsa3x5 ++uDsRHULzmirPmhVZ1/nYxjAfBgNVHSMEGDAWgBSgfguto6031yELdW+KkF+MyWnf ++mDANBgkqhkiG9w0BAQsFAAOCAQEAKRTbcemghvjMTeSKdnin/06UtE2S3FeaUmRG ++JxWLTyoYpw380nXOTkmXC0ZxVyPjpcDFcZT88h07BpOCA1lW1PsJBgi0l1Azz1iJ ++3ZExByaafn+Ncd4J3E/la6MQcdRQJEOgHPUq2Rr749bxvGtCZxa0OzH07AN9eOJk ++FldtunwM4RSyfHVOKwk+huSqzH5cK72NJk1JNnSG/sWmFUqv6LRO1fLhWcL7fsPE ++8WPYwrCarjGWkMMJ0M4uMZDXg92sMcz3h0EIkjMoUvotnq2uap/Dvs7BpuQWL2k0 ++QIa2ECEOMWmBnvz9wwYlZTfT2UoghKrnDmB8vz+IZ6zljOBh1g== + -----END CERTIFICATE----- + End + + TestOpenURISSL::SERVER_KEY = <<'End' +-Private-Key: (1024 bit) ++RSA Private-Key: (2048 bit, 2 primes) + modulus: +- 00:bb:bd:74:69:53:58:50:24:79:f2:eb:db:8b:97: +- e4:69:a4:dd:48:0c:40:35:62:42:b3:35:8c:96:2a: +- 62:76:98:b5:2a:e0:f8:78:33:b6:ff:f8:55:bf:44: +- 69:21:d7:b5:0e:bd:8a:dd:31:1b:88:d5:b4:5e:7a: +- 82:e0:ba:99:6c:04:76:e9:ff:e6:f8:f5:06:8e:7e: +- a4:db:db:eb:43:44:12:a7:ca:ca:2b:aa:5f:83:10: +- e2:9e:35:55:e8:e8:af:be:c8:7d:bb:c2:d4:aa:c1: +- 1c:57:0b:c0:0c:3a:1d:6e:23:a9:03:26:7c:ea:8c: +- f0:86:61:ce:f1:ff:42:c7:23 ++ 00:cb:b3:71:95:12:70:fc:db:d4:a9:a7:66:d6:d3: ++ 09:dd:06:80:19:e1:f2:d6:1e:31:b6:6b:20:75:51: ++ dc:a7:37:a9:ac:5b:57:5d:69:36:b6:de:1d:2c:f6: ++ 44:64:f8:e8:d6:f0:da:38:6a:ba:c2:b1:9e:dc:bb: ++ 79:94:e0:25:0c:ce:76:87:17:5d:79:9e:14:9e:bd: ++ 4c:0d:aa:74:10:3a:96:ef:76:82:d5:72:16:b5:c1: ++ ac:17:2d:90:83:73:5c:d7:a6:f5:36:0f:4c:55:f3: ++ 30:5d:19:dc:01:0e:f8:e6:fe:a5:ad:52:88:59:dc: ++ 4a:07:ed:a2:eb:a1:01:63:c4:8a:92:ba:06:80:9b: ++ 0d:85:f2:9f:f9:70:ac:d7:ad:f0:7a:3f:b8:92:2a: ++ 33:ca:69:d0:01:65:5d:31:38:1d:f6:1f:b2:17:07: ++ 7e:ac:88:67:a6:c4:5f:3e:93:94:61:e6:e4:49:9d: ++ ba:d4:d2:e8:e3:93:d1:66:79:c5:e3:1d:f8:5a:50: ++ 54:58:3d:04:b0:fd:65:d1:b3:8a:b5:8a:30:5f:b2: ++ dc:34:1a:14:f7:74:4c:03:29:97:63:5a:d7:de:bb: ++ eb:7f:4a:2a:90:59:c0:2b:47:09:82:8f:75:de:14: ++ 3f:bc:78:9a:69:25:80:5b:6c:a0:65:12:0d:29:61: ++ ac:f9 + publicExponent: 65537 (0x10001) + privateExponent: +- 00:af:3a:ec:17:0a:f5:d9:07:d2:d3:4c:15:c5:3b: +- 66:b4:bc:6e:d5:ba:a9:8b:aa:45:3b:63:f5:ee:8b: +- 6d:0f:e9:04:e0:1a:cf:8f:d2:25:32:d1:a5:a7:3a: +- c1:2e:17:5a:25:82:00:c4:e7:fb:1d:42:ea:71:6c: +- c4:0f:e1:db:23:ff:1e:d6:c8:d6:60:ca:2d:06:fc: +- 54:3c:03:d4:09:96:bb:38:7a:22:a1:61:2c:f7:d0: +- d0:90:6c:9f:61:ba:61:30:5a:aa:64:ad:43:3a:53: +- 38:e8:ba:cc:8c:51:3e:68:3e:3a:6a:0f:5d:5d:e0: +- d6:df:f2:54:93:d3:14:22:a1 ++ 12:be:d5:b2:01:3b:72:99:8c:4d:7c:81:43:3d:b2: ++ 87:ab:84:78:5d:49:aa:98:a6:bc:81:c9:3f:e2:a3: ++ aa:a3:bd:b2:85:c9:59:68:48:47:b5:d2:fb:83:42: ++ 32:04:91:f0:cd:c3:57:33:c3:32:0d:84:70:0d:b4: ++ 97:95:b4:f3:23:c0:d6:97:b8:db:6b:47:bc:7f:f1: ++ 12:c4:df:df:6a:74:df:5e:89:95:b8:e5:0c:1e:e1: ++ 86:54:84:1b:04:af:c3:8c:b2:be:21:d4:45:88:96: ++ a7:ca:ac:6b:50:84:69:45:7f:db:9e:5f:bb:dd:40: ++ d6:cf:f0:91:3c:84:d3:38:65:c9:15:f7:9e:37:aa: ++ 1a:2e:bc:16:b6:95:be:bc:af:45:76:ba:ad:99:f6: ++ ef:6a:e8:fd:f0:31:89:19:c4:04:67:a1:ec:c4:79: ++ 59:08:77:ab:0b:65:88:88:02:b1:38:5c:80:4e:27: ++ 78:b2:a5:bd:b5:ad:d5:9c:4c:ea:ad:db:05:56:25: ++ 70:28:da:22:fb:d8:de:8c:3b:78:fe:3e:cf:ed:1b: ++ f9:97:c6:b6:4a:bf:60:08:8f:dc:85:5e:b1:49:ab: ++ 87:8b:68:72:f4:6a:3f:bc:db:a3:6c:f7:e8:b0:15: ++ bb:4b:ba:37:49:a2:d1:7c:f8:4f:1b:05:11:22:d9: ++ 81 + prime1: +- 00:e8:ec:11:fe:e6:2b:23:21:29:d5:40:a6:11:ec: +- 4c:ae:4d:08:2a:71:18:ac:d1:3e:40:2f:12:41:59: +- 12:09:e2:f7:c2:d7:6b:0a:96:0a:06:e3:90:6a:4e: +- b2:eb:25:b7:09:68:e9:13:ab:d0:5a:29:7a:e4:72: +- 1a:ee:46:a0:8b ++ 00:fb:d2:cb:14:61:00:c1:7a:83:ba:fe:79:97:a2: ++ 4d:5a:ea:40:78:96:6e:d2:be:71:5b:c6:2c:1f:c9: ++ 18:48:6b:ae:20:86:87:b5:08:0b:17:69:ca:93:cd: ++ 00:36:22:51:7b:d5:2d:8c:0c:0e:de:bc:86:a8:07: ++ 0e:c5:57:e4:df:be:ed:7d:cc:b1:a4:d6:a8:2b:00: ++ 65:2a:69:30:5e:dc:6d:6d:c4:c8:7e:20:34:eb:6f: ++ 5e:cf:b3:b8:2e:8d:56:31:44:a8:17:ea:be:65:19: ++ ff:da:14:e0:0c:73:56:14:08:47:4c:5b:79:51:74: ++ 5d:bc:e7:fe:01:2f:55:27:69 + prime2: +- 00:ce:57:5e:31:e9:c9:a8:5b:1f:55:af:67:e2:49: +- 2a:af:90:b6:02:c0:32:2f:ca:ae:1e:de:47:81:73: +- a8:f8:37:53:70:93:24:62:77:d4:b8:80:30:9f:65: +- 26:20:46:ae:5a:65:6e:6d:af:68:4c:8d:e8:3c:f3: +- d1:d1:d9:6e:c9 ++ 00:cf:14:54:47:bb:5f:5d:d6:2b:2d:ed:a6:8a:6f: ++ 36:fc:47:5e:9f:84:ae:aa:1f:f8:44:50:91:15:f5: ++ ed:9d:29:d9:2b:2a:19:66:56:2e:96:15:b5:8e:a9: ++ 7f:89:27:21:b5:57:55:7e:2a:c5:8c:93:fe:f6:0a: ++ a5:17:15:91:91:b3:7d:35:1a:d5:9a:2e:b8:0d:ad: ++ e6:97:6d:83:a3:27:29:ee:00:74:ef:57:34:f3:07: ++ ad:12:43:37:0c:5c:b7:26:34:bc:4e:3a:43:65:6b: ++ 0c:b8:23:ac:77:fd:b2:23:eb:7b:65:70:f6:96:c4: ++ 17:2c:aa:24:b8:a5:5e:b7:11 + exponent1: +- 03:f1:02:b8:f2:82:26:5d:08:4d:30:83:de:e7:c5: +- c0:69:53:4b:0c:90:e3:53:c3:1e:e8:ed:01:28:15: +- b3:0f:21:2c:2d:e3:04:d1:d7:27:98:b0:37:ec:4f: +- 00:c5:a9:9c:42:27:37:8a:ff:c2:96:d3:1a:8c:87: +- c2:22:75:d3 ++ 00:92:32:ae:f4:05:dd:0a:76:b6:43:b9:b9:9d:ee: ++ fc:39:ec:05:c1:fc:94:1a:85:b6:0a:31:e3:2c:10: ++ f3:a8:17:db:df:c6:3a:c3:3f:08:31:6f:99:cc:75: ++ 17:ca:55:e2:38:a2:6a:ef:03:91:1e:7f:15:2e:37: ++ ea:bb:67:6b:d8:fa:5f:a6:c9:4f:d9:03:46:5e:b0: ++ bc:0b:03:46:b1:cc:07:3b:d3:23:13:16:5f:a2:cf: ++ e5:9b:70:1b:5d:eb:70:3e:ea:3d:2c:a5:7c:23:f6: ++ 14:33:e8:2a:ab:0f:ca:c9:96:84:ce:2f:cd:1f:1d: ++ 0f:ce:bc:61:1b:0e:ff:c1:01 + exponent2: +- 6f:17:32:ab:84:c7:01:51:2d:e9:9f:ea:3a:36:52: +- 38:fb:9c:42:96:df:6e:43:9c:c3:19:c1:3d:bc:db: +- 77:e7:b1:90:a6:67:ac:6b:ff:a6:e5:bd:47:d3:d9: +- 56:ff:36:d7:8c:4c:8b:d9:28:3a:2f:1c:9d:d4:57: +- 5e:b7:c5:a1 ++ 00:9e:0b:f3:03:48:73:d1:e7:9a:cf:13:f9:ae:e0: ++ 91:03:dc:e8:d0:30:f1:2a:30:fa:48:11:81:9a:54: ++ 37:c5:62:e2:37:fa:8a:a6:3b:92:94:c3:fe:ec:e2: ++ 5a:cf:70:09:5f:21:47:c3:e2:9b:21:de:f6:92:0c: ++ af:d1:bd:89:7b:bd:95:0b:49:ee:cb:1d:6b:26:2d: ++ 9a:b7:ea:42:b4:ec:38:29:49:39:f6:4e:05:c0:93: ++ 14:39:c3:09:29:ab:3d:b1:b0:40:24:28:7d:b5:d3: ++ 0d:43:21:1f:09:f9:9b:d3:a4:6f:6a:8d:db:f6:57: ++ b5:24:46:bb:7e:1d:e0:fb:31 + coefficient: +- 45:50:47:66:56:e9:21:d9:40:0e:af:3f:f2:05:77: +- ab:e7:08:40:97:88:2a:51:b3:7e:86:b0:b2:03:2e: +- 6d:36:3f:46:42:97:7d:5a:a2:93:6c:05:c2:8b:8b: +- 2d:af:d5:7d:75:e9:70:f0:2d:21:e3:b9:cf:4d:9a: +- c4:97:e2:79 ++ 10:93:1d:c8:33:a5:c1:d3:84:6a:22:68:e5:60:cc: ++ 9c:27:0a:52:0b:58:a3:0c:83:f4:f4:46:09:0c:a1: ++ 41:a6:ea:bf:80:9d:0e:5d:d8:3d:25:00:c5:a1:35: ++ 7a:8c:ea:95:16:94:c3:7c:8f:2b:e0:53:ea:66:ae: ++ 19:be:55:04:3d:ee:e2:4b:a8:69:1b:7e:d8:09:7f: ++ ed:7c:ee:95:88:10:dc:4b:5b:bf:81:a4:e8:dc:7e: ++ 4f:e5:c3:90:c4:e5:5a:90:10:32:d6:08:b5:1f:5d: ++ 09:18:d8:44:28:e4:c4:c7:07:75:9b:9b:b3:80:86: ++ 68:9d:fe:68:f3:4d:db:66 ++writing RSA key + -----BEGIN RSA PRIVATE KEY----- +-MIICXAIBAAKBgQC7vXRpU1hQJHny69uLl+RppN1IDEA1YkKzNYyWKmJ2mLUq4Ph4 +-M7b/+FW/RGkh17UOvYrdMRuI1bReeoLguplsBHbp/+b49QaOfqTb2+tDRBKnysor +-ql+DEOKeNVXo6K++yH27wtSqwRxXC8AMOh1uI6kDJnzqjPCGYc7x/0LHIwIDAQAB +-AoGBAK867BcK9dkH0tNMFcU7ZrS8btW6qYuqRTtj9e6LbQ/pBOAaz4/SJTLRpac6 +-wS4XWiWCAMTn+x1C6nFsxA/h2yP/HtbI1mDKLQb8VDwD1AmWuzh6IqFhLPfQ0JBs +-n2G6YTBaqmStQzpTOOi6zIxRPmg+OmoPXV3g1t/yVJPTFCKhAkEA6OwR/uYrIyEp +-1UCmEexMrk0IKnEYrNE+QC8SQVkSCeL3wtdrCpYKBuOQak6y6yW3CWjpE6vQWil6 +-5HIa7kagiwJBAM5XXjHpyahbH1WvZ+JJKq+QtgLAMi/Krh7eR4FzqPg3U3CTJGJ3 +-1LiAMJ9lJiBGrlplbm2vaEyN6Dzz0dHZbskCQAPxArjygiZdCE0wg97nxcBpU0sM +-kONTwx7o7QEoFbMPISwt4wTR1yeYsDfsTwDFqZxCJzeK/8KW0xqMh8IiddMCQG8X +-MquExwFRLemf6jo2Ujj7nEKW325DnMMZwT2823fnsZCmZ6xr/6blvUfT2Vb/NteM +-TIvZKDovHJ3UV163xaECQEVQR2ZW6SHZQA6vP/IFd6vnCECXiCpRs36GsLIDLm02 +-P0ZCl31aopNsBcKLiy2v1X116XDwLSHjuc9NmsSX4nk= ++MIIEpAIBAAKCAQEAy7NxlRJw/NvUqadm1tMJ3QaAGeHy1h4xtmsgdVHcpzeprFtX ++XWk2tt4dLPZEZPjo1vDaOGq6wrGe3Lt5lOAlDM52hxddeZ4Unr1MDap0EDqW73aC ++1XIWtcGsFy2Qg3Nc16b1Ng9MVfMwXRncAQ745v6lrVKIWdxKB+2i66EBY8SKkroG ++gJsNhfKf+XCs163wej+4kiozymnQAWVdMTgd9h+yFwd+rIhnpsRfPpOUYebkSZ26 ++1NLo45PRZnnF4x34WlBUWD0EsP1l0bOKtYowX7LcNBoU93RMAymXY1rX3rvrf0oq ++kFnAK0cJgo913hQ/vHiaaSWAW2ygZRINKWGs+QIDAQABAoIBABK+1bIBO3KZjE18 ++gUM9soerhHhdSaqYpryByT/io6qjvbKFyVloSEe10vuDQjIEkfDNw1czwzINhHAN ++tJeVtPMjwNaXuNtrR7x/8RLE399qdN9eiZW45Qwe4YZUhBsEr8OMsr4h1EWIlqfK ++rGtQhGlFf9ueX7vdQNbP8JE8hNM4ZckV9543qhouvBa2lb68r0V2uq2Z9u9q6P3w ++MYkZxARnoezEeVkId6sLZYiIArE4XIBOJ3iypb21rdWcTOqt2wVWJXAo2iL72N6M ++O3j+Ps/tG/mXxrZKv2AIj9yFXrFJq4eLaHL0aj+826Ns9+iwFbtLujdJotF8+E8b ++BREi2YECgYEA+9LLFGEAwXqDuv55l6JNWupAeJZu0r5xW8YsH8kYSGuuIIaHtQgL ++F2nKk80ANiJRe9UtjAwO3ryGqAcOxVfk377tfcyxpNaoKwBlKmkwXtxtbcTIfiA0 ++629ez7O4Lo1WMUSoF+q+ZRn/2hTgDHNWFAhHTFt5UXRdvOf+AS9VJ2kCgYEAzxRU ++R7tfXdYrLe2mim82/Eden4Suqh/4RFCRFfXtnSnZKyoZZlYulhW1jql/iSchtVdV ++firFjJP+9gqlFxWRkbN9NRrVmi64Da3ml22Doycp7gB071c08wetEkM3DFy3JjS8 ++TjpDZWsMuCOsd/2yI+t7ZXD2lsQXLKokuKVetxECgYEAkjKu9AXdCna2Q7m5ne78 ++OewFwfyUGoW2CjHjLBDzqBfb38Y6wz8IMW+ZzHUXylXiOKJq7wORHn8VLjfqu2dr ++2PpfpslP2QNGXrC8CwNGscwHO9MjExZfos/lm3AbXetwPuo9LKV8I/YUM+gqqw/K ++yZaEzi/NHx0PzrxhGw7/wQECgYEAngvzA0hz0eeazxP5ruCRA9zo0DDxKjD6SBGB ++mlQ3xWLiN/qKpjuSlMP+7OJaz3AJXyFHw+KbId72kgyv0b2Je72VC0nuyx1rJi2a ++t+pCtOw4KUk59k4FwJMUOcMJKas9sbBAJCh9tdMNQyEfCfmb06Rvao3b9le1JEa7 ++fh3g+zECgYAQkx3IM6XB04RqImjlYMycJwpSC1ijDIP09EYJDKFBpuq/gJ0OXdg9 ++JQDFoTV6jOqVFpTDfI8r4FPqZq4ZvlUEPe7iS6hpG37YCX/tfO6ViBDcS1u/gaTo ++3H5P5cOQxOVakBAy1gi1H10JGNhEKOTExwd1m5uzgIZonf5o803bZg== + -----END RSA PRIVATE KEY----- + End + +-- +2.26.2 + diff --git a/ruby.spec b/ruby.spec index 653c9e9..4a9a6f0 100644 --- a/ruby.spec +++ b/ruby.spec @@ -171,6 +171,9 @@ Patch42: ruby-2.8.0-Moved-not-implemented-method-tests.patch # Use larger keys for test_ssl test failures. # https://github.com/ruby/ruby/commit/a3843824c455d0b0efcfc5af03cbcebaac090eda Patch43: ruby-2.6.0-use-larger-keys-for-SSL-tests2.patch +# Regenerate server certificates with larger keys for open-uri tests. +# https://github.com/ruby/ruby/commit/eaddc972820d49212c495542816f9f7845e7828c +Patch44: ruby-2.6.4-open-uri-regenerate-server-certificates-for-tests.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Suggests: rubypick @@ -565,6 +568,7 @@ rm -rf ext/fiddle/libffi* %patch41 -p1 %patch42 -p1 %patch43 -p1 +%patch44 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1126,6 +1130,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" - Disable LTO, which appear to cause issues with SIGSEV handler. - Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add. - Use larger keys for test_ssl test failures. +- Regenerate server certificates with larger keys for open-uri tests. * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From 94a588ca2825fa21cc22981bb7751fe75ad6b243 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Fri, 25 Sep 2020 14:16:36 +0200 Subject: [PATCH 14/19] Use larger keys for webrick test failures. --- ...se-larger-keys-for-SSL-webrick-tests.patch | 52 +++++++++++++++++++ ruby.spec | 5 ++ 2 files changed, 57 insertions(+) create mode 100644 ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch diff --git a/ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch b/ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch new file mode 100644 index 0000000..2c82134 --- /dev/null +++ b/ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch @@ -0,0 +1,52 @@ +From ef6153f727d118d4e7854c0f52d3d8b0e4ed7817 Mon Sep 17 00:00:00 2001 +From: normal +Date: Mon, 3 Dec 2018 04:51:08 +0000 +Subject: [PATCH] webrick: fix tests on Debian sid/unstable with OpenSSL 1.1.1a + +OpenSSL complains abour our keys being small and weak :< +Make them big and strong with 2048-bit RSA keys and SHA256 digests + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + lib/webrick/ssl.rb | 4 ++-- + test/webrick/test_httpproxy.rb | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/lib/webrick/ssl.rb b/lib/webrick/ssl.rb +index 8a334eaff1..d125083528 100644 +--- a/lib/webrick/ssl.rb ++++ b/lib/webrick/ssl.rb +@@ -130,7 +130,7 @@ def create_self_signed_cert(bits, cn, comment) + aki = ef.create_extension("authorityKeyIdentifier", + "keyid:always,issuer:always") + cert.add_extension(aki) +- cert.sign(rsa, OpenSSL::Digest::SHA1.new) ++ cert.sign(rsa, OpenSSL::Digest::SHA256.new) + + return [ cert, rsa ] + end +@@ -181,7 +181,7 @@ def setup_ssl_context(config) # :nodoc: + unless config[:SSLCertificate] + cn = config[:SSLCertName] + comment = config[:SSLCertComment] +- cert, key = Utils::create_self_signed_cert(1024, cn, comment) ++ cert, key = Utils::create_self_signed_cert(2048, cn, comment) + config[:SSLCertificate] = cert + config[:SSLPrivateKey] = key + end +diff --git a/test/webrick/test_httpproxy.rb b/test/webrick/test_httpproxy.rb +index 452e7b94b7..780d95937a 100644 +--- a/test/webrick/test_httpproxy.rb ++++ b/test/webrick/test_httpproxy.rb +@@ -133,7 +133,7 @@ def make_certificate(key, cn) + cert.not_after = Time.now + 3600 + ef = OpenSSL::X509::ExtensionFactory.new(cert, cert) + exts.each {|args| cert.add_extension(ef.create_extension(*args)) } +- cert.sign(key, "sha1") ++ cert.sign(key, "sha256") + return cert + end if defined?(OpenSSL::SSL) + +-- +2.26.2 + diff --git a/ruby.spec b/ruby.spec index 4a9a6f0..5c5bbbe 100644 --- a/ruby.spec +++ b/ruby.spec @@ -174,6 +174,9 @@ Patch43: ruby-2.6.0-use-larger-keys-for-SSL-tests2.patch # Regenerate server certificates with larger keys for open-uri tests. # https://github.com/ruby/ruby/commit/eaddc972820d49212c495542816f9f7845e7828c Patch44: ruby-2.6.4-open-uri-regenerate-server-certificates-for-tests.patch +# Use larger keys for webrick test failures. +# https://github.com/ruby/ruby/commit/a063f71a7ccc733d8ab4b997dfc3ffb1ab987afc +Patch45: ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Suggests: rubypick @@ -569,6 +572,7 @@ rm -rf ext/fiddle/libffi* %patch42 -p1 %patch43 -p1 %patch44 -p1 +%patch45 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1131,6 +1135,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" - Avoid possible timeout errors in TestBugReporter#test_bug_reporter_add. - Use larger keys for test_ssl test failures. - Regenerate server certificates with larger keys for open-uri tests. +- Use larger keys for webrick test failures. * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From 370f73f8a8c3c4fe19f6d18cad060041289dfdd3 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Tue, 29 Sep 2020 15:01:31 +0200 Subject: [PATCH 15/19] Use larger keys for drb test failures. --- ....0-use-larger-keys-for-SSL-drb-tests.patch | 38 +++++++++++++++++++ ruby.spec | 5 +++ 2 files changed, 43 insertions(+) create mode 100644 ruby-2.6.0-use-larger-keys-for-SSL-drb-tests.patch diff --git a/ruby-2.6.0-use-larger-keys-for-SSL-drb-tests.patch b/ruby-2.6.0-use-larger-keys-for-SSL-drb-tests.patch new file mode 100644 index 0000000..1df2234 --- /dev/null +++ b/ruby-2.6.0-use-larger-keys-for-SSL-drb-tests.patch @@ -0,0 +1,38 @@ +From 8af6b87023cbb1ba6cebea7daaafa275e0dc687e Mon Sep 17 00:00:00 2001 +From: normal +Date: Mon, 3 Dec 2018 04:51:13 +0000 +Subject: [PATCH] drb: fix tests on Debian sid/unstable with OpenSSL 1.1.1a + +OpenSSL complains abour our keys being small and weak :< +Make them big and strong with 2048-bit RSA keys and SHA256 digests + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66153 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + lib/drb/ssl.rb | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/drb/ssl.rb b/lib/drb/ssl.rb +index 45fe4f1f74..8c2c1cc65d 100644 +--- a/lib/drb/ssl.rb ++++ b/lib/drb/ssl.rb +@@ -162,7 +162,7 @@ def setup_certificate + return + end + +- rsa = OpenSSL::PKey::RSA.new(1024){|p, n| ++ rsa = OpenSSL::PKey::RSA.new(2048){|p, n| + next unless self[:verbose] + case p + when 0; $stderr.putc "." # BN_generate_prime +@@ -196,7 +196,7 @@ def setup_certificate + if comment = self[:SSLCertComment] + cert.add_extension(ef.create_extension("nsComment", comment)) + end +- cert.sign(rsa, OpenSSL::Digest::SHA1.new) ++ cert.sign(rsa, OpenSSL::Digest::SHA256.new) + + @cert = cert + @pkey = rsa +-- +2.26.2 + diff --git a/ruby.spec b/ruby.spec index 5c5bbbe..8065bea 100644 --- a/ruby.spec +++ b/ruby.spec @@ -177,6 +177,9 @@ Patch44: ruby-2.6.4-open-uri-regenerate-server-certificates-for-tests.patch # Use larger keys for webrick test failures. # https://github.com/ruby/ruby/commit/a063f71a7ccc733d8ab4b997dfc3ffb1ab987afc Patch45: ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch +# Use larger keys for drb test failures. +# https://github.com/ruby/ruby/commit/fb0009cfdc203247f808f4dcd72c7baf272172ce +Patch46: ruby-2.6.0-use-larger-keys-for-SSL-drb-tests.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Suggests: rubypick @@ -573,6 +576,7 @@ rm -rf ext/fiddle/libffi* %patch43 -p1 %patch44 -p1 %patch45 -p1 +%patch46 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1136,6 +1140,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" - Use larger keys for test_ssl test failures. - Regenerate server certificates with larger keys for open-uri tests. - Use larger keys for webrick test failures. +- Use larger keys for drb test failures. * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From 345c72a827f3ac187c5d1834918485d55e39d015 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Wed, 14 Oct 2020 15:47:27 +0200 Subject: [PATCH 16/19] Regenerate certificates with larger keys for rubygems tests. --- ...ms-regenerate-certificates-for-tests.patch | 502 ++++++++++++++++++ ruby.spec | 5 + 2 files changed, 507 insertions(+) create mode 100644 ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch diff --git a/ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch b/ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch new file mode 100644 index 0000000..23eb3e7 --- /dev/null +++ b/ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch @@ -0,0 +1,502 @@ +From e87b38abddcceebd6d525031c5422e343ab151da Mon Sep 17 00:00:00 2001 +From: usa +Date: Mon, 26 Aug 2019 16:12:14 +0000 +Subject: [PATCH] merge revision(s) + ae2a904ce9bffedee7d110dc60fd51c0a2879a5b,165ddfda20f6db8a3149d14c4f431fc242ddab70,fa7a768fdfe5223a29db4fa71b3e6101fb02ad51: + [Backport #16051] + + Update the certificate files to make the test pass on Debian 10 + + The old certificate files (for example, test/rubygems/ca_cert.pem) were + signed by SHA1. This message digest is considered too weak and rejected + by OpenSSL 1.1.1 or later. Because of this, the test suite does not + pass on Debian 10. + + https://rubyci.org/logs/rubyci.s3.amazonaws.com/debian/ruby-master/log/20190527T123003Z.fail.html.gz#test%2Frubygems + + This change regenerates the files. + A shell script for the regeneration (util/create_certs.sh) is also + added. + + * remove trailing spaces. + + Removed inconsistency file from upstream repository of rubygems. + + followed up ae2a904ce9bffedee7d110dc60fd51c0a2879a5b + +git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67768 b2dd03c8-39d4-4d8f-98ff-823fe69b080e +--- + test/rubygems/ca_cert.pem | 139 ++++++++++---------- + test/rubygems/client.pem | 148 +++++++++++++++------- + test/rubygems/ssl_cert.pem | 95 +++++++++++--- + test/rubygems/ssl_key.pem | 38 ++++-- + test/rubygems/test_gem_security_policy.rb | 2 +- + 5 files changed, 281 insertions(+), 141 deletions(-) + +diff --git a/test/rubygems/ca_cert.pem b/test/rubygems/ca_cert.pem +index 5207531bc2..b3977e26ad 100644 +--- a/test/rubygems/ca_cert.pem ++++ b/test/rubygems/ca_cert.pem +@@ -1,68 +1,77 @@ +------BEGIN CERTIFICATE----- +-MIID0DCCArigAwIBAgIBADANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES +-MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X +-DTA0MDEzMDAwNDIzMloXDTM2MDEyMjAwNDIzMlowPDELMAkGA1UEBgwCSlAxEjAQ +-BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQswCQYDVQQDDAJDQTCCASIw +-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbv0x42BTKFEQOE+KJ2XmiSdZpR +-wjzQLAkPLRnLB98tlzs4xo+y4RyY/rd5TT9UzBJTIhP8CJi5GbS1oXEerQXB3P0d +-L5oSSMwGGyuIzgZe5+vZ1kgzQxMEKMMKlzA73rbMd4Jx3u5+jdbP0EDrPYfXSvLY +-bS04n2aX7zrN3x5KdDrNBfwBio2/qeaaj4+9OxnwRvYP3WOvqdW0h329eMfHw0pi +-JI0drIVdsEqClUV4pebT/F+CPUPkEh/weySgo9wANockkYu5ujw2GbLFcO5LXxxm +-dEfcVr3r6t6zOA4bJwL0W/e6LBcrwiG/qPDFErhwtgTLYf6Er67SzLyA66UCAwEA +-AaOB3DCB2TAPBgNVHRMBAf8EBTADAQH/MDEGCWCGSAGG+EIBDQQkFiJSdWJ5L09w +-ZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRJ7Xd380KzBV7f +-USKIQ+O/vKbhDzAOBgNVHQ8BAf8EBAMCAQYwZAYDVR0jBF0wW4AUSe13d/NCswVe +-31EiiEPjv7ym4Q+hQKQ+MDwxCzAJBgNVBAYMAkpQMRIwEAYDVQQKDAlKSU4uR1Iu +-SlAxDDAKBgNVBAsMA1JSUjELMAkGA1UEAwwCQ0GCAQAwDQYJKoZIhvcNAQEFBQAD +-ggEBAIu/mfiez5XN5tn2jScgShPgHEFJBR0BTJBZF6xCk0jyqNx/g9HMj2ELCuK+ +-r/Y7KFW5c5M3AQ+xWW0ZSc4kvzyTcV7yTVIwj2jZ9ddYMN3nupZFgBK1GB4Y05GY +-MJJFRkSu6d/Ph5ypzBVw2YMT/nsOo5VwMUGLgS7YVjU+u/HNWz80J3oO17mNZllj +-PvORJcnjwlroDnS58KoJ7GDgejv3ESWADvX1OHLE4cRkiQGeLoEU4pxdCxXRqX0U +-PbwIkZN9mXVcrmPHq8MWi4eC/V7hnbZETMHuWhUoiNdOEfsAXr3iP4KjyyRdwc7a +-d/xgcK06UVQRL/HbEYGiQL056mc= +------END CERTIFICATE----- +- +------BEGIN CERTIFICATE----- +-MIIDaDCCAlCgAwIBAgIBATANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES +-MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X +-DTA0MDEzMDAwNDMyN1oXDTM1MDEyMjAwNDMyN1owPzELMAkGA1UEBgwCSlAxEjAQ +-BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQ4wDAYDVQQDDAVTdWJDQTCC +-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0Ou7AyRcRXnB/kVHv/6kwe +-ANzgg/DyJfsAUqW90m7Lu1nqyug8gK0RBd77yU0w5HOAMHTVSdpjZK0g2sgx4Mb1 +-d/213eL9TTl5MRVEChTvQr8q5DVG/8fxPPE7fMI8eOAzd98/NOAChk+80r4Sx7fC +-kGVEE1bKwY1MrUsUNjOY2d6t3M4HHV3HX1V8ShuKfsHxgCmLzdI8U+5CnQedFgkm +-3e+8tr8IX5RR1wA1Ifw9VadF7OdI/bGMzog/Q8XCLf+WPFjnK7Gcx6JFtzF6Gi4x +-4dp1Xl45JYiVvi9zQ132wu8A1pDHhiNgQviyzbP+UjcB/tsOpzBQF8abYzgEkWEC +-AwEAAaNyMHAwDwYDVR0TAQH/BAUwAwEB/zAxBglghkgBhvhCAQ0EJBYiUnVieS9P +-cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUlCjXWLsReYzH +-LzsxwVnCXmKoB/owCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCJ/OyN +-rT8Cq2Y+G2yA/L1EMRvvxwFBqxavqaqHl/6rwsIBFlB3zbqGA/0oec6MAVnYynq4 +-c4AcHTjx3bQ/S4r2sNTZq0DH4SYbQzIobx/YW8PjQUJt8KQdKMcwwi7arHP7A/Ha +-LKu8eIC2nsUBnP4NhkYSGhbmpJK+PFD0FVtD0ZIRlY/wsnaZNjWWcnWF1/FNuQ4H +-ySjIblqVQkPuzebv3Ror6ZnVDukn96Mg7kP4u6zgxOeqlJGRe1M949SS9Vudjl8X +-SF4aZUUB9pQGhsqQJVqaz2OlhGOp9D0q54xko/rekjAIcuDjl1mdX4F2WRrzpUmZ +-uY/bPeOBYiVsOYVe +------END CERTIFICATE----- ++Certificate: ++ Data: ++ Version: 3 (0x2) ++ Serial Number: 0 (0x0) ++ Signature Algorithm: sha256WithRSAEncryption ++ Issuer: C=JP, ST=Tokyo, O=RubyGemsTest, CN=CA ++ Validity ++ Not Before: Jan 1 00:00:00 2009 GMT ++ Not After : Dec 31 23:59:59 2049 GMT ++ Subject: C=JP, ST=Tokyo, O=RubyGemsTest, CN=CA ++ Subject Public Key Info: ++ Public Key Algorithm: rsaEncryption ++ RSA Public-Key: (2048 bit) ++ Modulus: ++ 00:c8:19:2c:5a:1d:4d:2a:65:1d:9a:0b:d6:3a:5c: ++ 5f:54:90:ac:17:6f:58:18:8f:e6:0f:33:36:ca:a0: ++ 92:02:b8:49:85:96:e9:74:16:14:40:67:98:4a:1f: ++ 4d:1c:d8:0b:c4:4e:f8:78:0a:68:70:39:d8:66:64: ++ c6:d5:ca:49:e9:02:c7:1a:1c:03:ba:a1:85:68:0a: ++ 03:05:27:b5:7f:97:21:94:20:f3:fe:ea:2e:f5:2e: ++ 99:34:6b:e0:e7:96:ca:51:4e:4d:40:48:09:d6:5f: ++ 64:7b:e5:df:eb:3d:44:bf:42:25:f7:84:c7:2d:22: ++ e0:7f:00:37:c6:c3:16:75:75:37:6a:e5:56:da:1c: ++ 77:37:3c:00:d3:1f:f4:9d:3b:27:08:ff:cd:cf:1e: ++ 60:74:65:90:c2:59:b4:12:3e:a0:7f:22:47:87:ff: ++ 52:f3:47:39:d1:91:02:1c:bb:8c:c9:20:1f:00:db: ++ d1:3a:b0:e0:ba:ee:55:05:8f:1a:f8:1e:dd:6d:83: ++ 1c:1d:18:01:44:92:27:22:f1:2a:07:fe:43:83:08: ++ 82:d3:2b:f1:ec:b1:68:b3:f8:94:1b:81:29:54:01: ++ 56:12:54:66:ba:60:e7:5c:27:04:4d:a3:61:e3:f9: ++ 8f:86:53:0b:83:eb:1f:1d:89:0c:83:66:88:c8:50: ++ 8d:c5 ++ Exponent: 65537 (0x10001) ++ X509v3 extensions: ++ X509v3 Subject Key Identifier: ++ D6:DB:87:AD:D3:45:FC:D4:8D:6B:2B:97:F4:CF:95:08:B6:FA:62:A4 ++ X509v3 Authority Key Identifier: ++ keyid:D6:DB:87:AD:D3:45:FC:D4:8D:6B:2B:97:F4:CF:95:08:B6:FA:62:A4 + ++ X509v3 Basic Constraints: critical ++ CA:TRUE ++ Signature Algorithm: sha256WithRSAEncryption ++ 06:92:f7:9a:0f:40:da:1a:7f:9f:0c:9e:04:37:4d:be:a4:1e: ++ 86:65:b3:4a:be:87:13:a1:e4:6b:3b:d6:58:9d:ca:f8:ba:6d: ++ e4:dd:de:c5:e3:a2:ec:ef:32:2d:c0:06:01:3a:d5:81:5a:e1: ++ e4:f7:5f:68:67:ea:cd:28:90:b1:9c:82:d3:4e:00:51:b6:eb: ++ d5:8d:ec:ab:c3:18:b2:8b:8d:5b:63:6d:f8:f5:40:c6:c6:7e: ++ 72:7b:ed:98:c5:5e:24:b9:ad:4f:5b:8f:1d:53:a3:d7:6a:4f: ++ 07:2e:6a:b6:63:5c:dc:05:22:ac:77:af:b0:72:9d:39:6f:77: ++ 9c:45:8b:ad:de:e8:bf:6a:b5:87:0b:58:47:af:11:1a:9e:84: ++ 25:21:68:48:2a:b3:3c:5a:97:54:20:03:bd:87:34:dd:db:24: ++ a6:c7:50:e9:6c:87:55:f2:e5:33:9c:83:8f:8c:9e:f3:3a:38: ++ a0:92:a1:a7:c4:89:31:bd:33:83:11:dd:ad:bb:e0:47:19:bb: ++ 62:6c:49:58:b3:13:12:c3:d0:dd:02:5f:6f:4f:13:07:6d:aa: ++ 7b:2c:46:5a:74:52:6d:13:10:9c:f7:3d:5d:84:5b:b8:5b:a9: ++ c5:ae:56:4b:9a:8c:e2:fd:7f:55:80:cb:b0:2d:56:d7:a4:3c: ++ cf:3c:b2:ff + -----BEGIN CERTIFICATE----- +-MIIDtTCCAp2gAwIBAgIJANz6ehBcVuuiMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV +-BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +-aWRnaXRzIFB0eSBMdGQwHhcNMTMwNTAxMTQ0NTQxWhcNMjMwMzEwMTQ0NTQxWjBF +-MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 +-ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +-CgKCAQEAzlpZwhEYoALOEKU4lmMw5l3YI/gadzDOoELtdcidvVvovKK8IIOTDwbA +-3XcjwV0UPGEPOK4Uk1aD0EKkOQVg8ivSre2a3FFGffs2kXck+doJMzAA+pf8tvFk +-QsETVOurOp74GN+er2xbbRSDVxQKq6d+QTe1E60btyXQS5M1Nt5SvLn8dazZJgvv +-3yzJQ1IOQl+xeEO0WVVhPIx5Mx3VtjjcDyl8aewPkYkzia6UOrAyQZnl5sIzWGOb +-kYKCNeKjTPepzlbMx0dN6jBupPYGNB+4FYY9GezInjGbRP5np5382wd3EWwsVzic +-Nau8kXHTL2r7GzNvoy0p//iPCqx9FQIDAQABo4GnMIGkMB0GA1UdDgQWBBS7B027 +-H/ZIkW3ngm1SrR0X/aTCwDB1BgNVHSMEbjBsgBS7B027H/ZIkW3ngm1SrR0X/aTC +-wKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV +-BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJANz6ehBcVuuiMAwGA1UdEwQF +-MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAC0glUrUiylTfuOWlwkQvi74oiYC5CzW +-Jfusg6o/Gg1XEuJhaHiYMsK/do16gSc6Za3934rHQbYu3mesyFkCWF9kD4J6/hEO +-OQL8xmmgN7wS6GXy6oIODpny0MgnFrV4gd1aEx69NIfL/wXaM8Gw2sj1TnuGLs8+ +-HFmWLRRH3WSR7ZLnqYzPVJwhHu8vtZBL9HZk1J6xyq00Nwi2Cz5WdiHamgaza3TS +-OgBdWwDeSClwhrTJni4d30dbq+eNMByIZ7QNGBQivpFzDxeNV/2UBrTU0CilKG5Q +-j7ZwknfKeA4xUTd8TMK3vKab5JJCfjbXOTHZQsYUcEEGSjOMS8/YVQs= ++MIIDUDCCAjigAwIBAgIBADANBgkqhkiG9w0BAQsFADBBMQswCQYDVQQGEwJKUDEO ++MAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDELMAkGA1UEAwwC ++Q0EwHhcNMDkwMTAxMDAwMDAwWhcNNDkxMjMxMjM1OTU5WjBBMQswCQYDVQQGEwJK ++UDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDELMAkGA1UE ++AwwCQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIGSxaHU0qZR2a ++C9Y6XF9UkKwXb1gYj+YPMzbKoJICuEmFlul0FhRAZ5hKH00c2AvETvh4CmhwOdhm ++ZMbVyknpAscaHAO6oYVoCgMFJ7V/lyGUIPP+6i71Lpk0a+DnlspRTk1ASAnWX2R7 ++5d/rPUS/QiX3hMctIuB/ADfGwxZ1dTdq5VbaHHc3PADTH/SdOycI/83PHmB0ZZDC ++WbQSPqB/IkeH/1LzRznRkQIcu4zJIB8A29E6sOC67lUFjxr4Ht1tgxwdGAFEkici ++8SoH/kODCILTK/HssWiz+JQbgSlUAVYSVGa6YOdcJwRNo2Hj+Y+GUwuD6x8diQyD ++ZojIUI3FAgMBAAGjUzBRMB0GA1UdDgQWBBTW24et00X81I1rK5f0z5UItvpipDAf ++BgNVHSMEGDAWgBTW24et00X81I1rK5f0z5UItvpipDAPBgNVHRMBAf8EBTADAQH/ ++MA0GCSqGSIb3DQEBCwUAA4IBAQAGkveaD0DaGn+fDJ4EN02+pB6GZbNKvocToeRr ++O9ZYncr4um3k3d7F46Ls7zItwAYBOtWBWuHk919oZ+rNKJCxnILTTgBRtuvVjeyr ++wxiyi41bY2349UDGxn5ye+2YxV4kua1PW48dU6PXak8HLmq2Y1zcBSKsd6+wcp05 ++b3ecRYut3ui/arWHC1hHrxEanoQlIWhIKrM8WpdUIAO9hzTd2ySmx1DpbIdV8uUz ++nIOPjJ7zOjigkqGnxIkxvTODEd2tu+BHGbtibElYsxMSw9DdAl9vTxMHbap7LEZa ++dFJtExCc9z1dhFu4W6nFrlZLmozi/X9VgMuwLVbXpDzPPLL/ + -----END CERTIFICATE----- +diff --git a/test/rubygems/client.pem b/test/rubygems/client.pem +index 63a52c574a..9824d9cd4a 100644 +--- a/test/rubygems/client.pem ++++ b/test/rubygems/client.pem +@@ -1,49 +1,107 @@ ++Certificate: ++ Data: ++ Version: 3 (0x2) ++ Serial Number: 2 (0x2) ++ Signature Algorithm: sha256WithRSAEncryption ++ Issuer: C=JP, ST=Tokyo, O=RubyGemsTest, CN=CA ++ Validity ++ Not Before: Jan 1 00:00:00 2009 GMT ++ Not After : Dec 31 23:59:59 2049 GMT ++ Subject: C=JP, ST=Tokyo, O=RubyGemsTest, CN=client ++ Subject Public Key Info: ++ Public Key Algorithm: rsaEncryption ++ RSA Public-Key: (2048 bit) ++ Modulus: ++ 00:c7:87:4a:f4:77:32:54:0e:56:0a:80:04:ac:b5: ++ 71:b6:29:9f:c6:aa:f5:9b:3b:75:0a:c2:55:2c:cf: ++ 34:c8:78:b7:38:ed:af:48:7d:7e:6c:4c:39:d8:0f: ++ cf:fc:ba:f5:e0:50:47:a0:76:72:cf:c7:de:91:a6: ++ 1a:99:8b:5f:6f:0c:06:fc:f1:78:6b:0f:c5:bc:91: ++ cc:91:f0:85:05:5d:66:d3:cb:ac:54:a1:bc:9b:6c: ++ e8:17:f2:17:20:b8:b0:b2:03:cc:9d:a6:8e:c0:33: ++ 6c:8b:5f:ef:1a:f6:38:6d:80:3f:4d:b5:e3:a5:a4: ++ f1:86:15:76:62:8b:6c:9d:fa:24:59:32:8f:60:b0: ++ 80:f4:22:a2:68:57:13:aa:60:e4:cd:01:34:87:76: ++ 2a:15:ca:86:9b:b7:aa:b5:66:fd:72:d8:35:86:7e: ++ c8:1d:a1:71:71:85:ac:65:64:c2:ea:19:52:7b:34: ++ 1e:12:c4:87:8f:75:d7:65:35:85:dd:5a:33:5d:2c: ++ 31:f8:2f:b4:84:a7:b6:56:56:2b:e1:9c:c9:c8:f9: ++ 41:18:40:19:d9:bb:d4:3c:0d:c4:93:dc:b8:d1:99: ++ 44:d0:3d:a2:de:de:29:7f:d6:0c:a8:07:df:bc:ed: ++ 66:5b:aa:cc:64:44:b8:79:49:ed:48:77:88:e2:d1: ++ 94:b9 ++ Exponent: 65537 (0x10001) ++ X509v3 extensions: ++ X509v3 Basic Constraints: ++ CA:FALSE ++ Netscape Comment: ++ OpenSSL Generated Certificate ++ X509v3 Subject Key Identifier: ++ EF:5A:B6:46:3A:44:5F:0F:E4:F9:E0:6B:B2:C8:45:8D:07:0D:70:15 ++ X509v3 Authority Key Identifier: ++ keyid:D6:DB:87:AD:D3:45:FC:D4:8D:6B:2B:97:F4:CF:95:08:B6:FA:62:A4 ++ ++ Signature Algorithm: sha256WithRSAEncryption ++ 55:b5:5a:51:cd:0b:2a:81:10:e6:d1:d9:d6:6c:78:99:9b:01: ++ 18:e7:91:32:89:6c:fd:3b:eb:c0:03:82:f8:5c:e2:19:c1:04: ++ 5d:37:10:5b:97:0b:be:76:8b:98:71:d4:63:68:8c:0e:61:c9: ++ ec:3d:cf:ed:01:57:9f:9b:53:07:27:1a:7e:20:f3:8a:13:8c: ++ 4f:30:bd:e6:a0:eb:d7:2c:a1:95:35:3f:a6:53:c9:00:11:f9: ++ f6:b3:9d:53:e4:b5:71:33:f1:dc:86:47:94:6f:a9:64:01:d4: ++ c5:1b:7c:95:0a:02:0e:6f:d1:70:94:5a:5f:7b:ac:77:f7:56: ++ 35:6b:ad:a2:e2:fc:74:91:1e:c3:46:fc:32:01:19:a1:a5:27: ++ f3:31:14:79:86:7c:4d:9a:83:7c:28:03:9f:ac:3c:8c:e4:d9: ++ c8:b0:4e:a3:fe:75:cd:a9:8e:34:57:3b:6b:14:d6:df:35:42: ++ 7b:c9:3d:88:0d:ea:5f:1e:c6:5f:80:0e:a5:b9:bf:25:06:ac: ++ ac:38:7f:cc:f9:a5:9e:68:cc:08:77:1e:de:45:0d:91:e5:38: ++ d2:b3:62:ea:03:ec:3c:18:9f:16:ec:43:21:30:7a:a7:8b:42: ++ c6:cb:e4:a8:ac:0b:15:82:a5:9c:93:b2:2c:20:1f:d2:de:e1: ++ cf:c0:74:bc + -----BEGIN CERTIFICATE----- +-MIIDgTCCAmmgAwIBAgICEAIwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQVUx +-EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMg +-UHR5IEx0ZDAeFw0xMzA1MDExNTAxMzFaFw0yMzAzMTAxNTAxMzFaMEUxCzAJBgNV +-BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +-aWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw +-+lcrpdWcloQCgAlxcM3GjvBxZ3yjzi6SgXKRBSi54i0J1LXxznWKcJ5P/O1+j+7i +-LjHK+OWqsa0+EbKTwSu+0tx20h0z++YJF9GWEoCwT5aH1kor/0+EQLgYnxBaF8GC +-2xAbkRkWmbSu2aLDIey3lg7lqAazYqdS2wH0UjSDjFKDLxz9LwpfFm0yGL3DgwLW +-+dobYkgt1A6F/8Pz6D2FjwYKcM8JE6w7KJSJDUvXcv2E18wmhZ/qF/MtFAF4coB1 +-f5ALnz8YqY6eyDF5aY/VfaHZvXdirLlMH6/miie9GBVMnJWF0ah5ssbsMvcpmnDJ +-qkiYju2e1oLFEE7zztU/AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgEN +-BB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTcOELj +-hSUdiLrdRF3CFZDZkWaGzDAfBgNVHSMEGDAWgBS7B027H/ZIkW3ngm1SrR0X/aTC +-wDANBgkqhkiG9w0BAQUFAAOCAQEAlQMzHlnT6L1qqA4hL6tABPbiMsVwXyKCcfNB +-zBn82Wkxgbg7Mp31fbR6/qvGeXOtaX6IdPdgtVf8nh1NURk0MmFBP+gfnwfNBD+m +-Q1cldDt9kY2LGIrPii40xbugF1/xqEYcZMgXU08aEvQ2IHX46J8wZoqMa2KhrU8/ +-mzY0F+UEFOGWtKDgUzz3dyBPsdzVrX+SXULwH0lqZX8Nsw5LyfrlVt3xQvS5Ogm4 +-kYlt8kqhF8lUS3WTbuADrIs3NaDPRWSs1iLRRFgosgUtHN7tkrkrVaHeBo0KbAJG +-mMqtxSY0XZI9WBxffP9UtoY3EiTWNVWLtuCN3OSvryP6NDe4BA== ++MIIDfDCCAmSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBBMQswCQYDVQQGEwJKUDEO ++MAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDELMAkGA1UEAwwC ++Q0EwHhcNMDkwMTAxMDAwMDAwWhcNNDkxMjMxMjM1OTU5WjBFMQswCQYDVQQGEwJK ++UDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDEPMA0GA1UE ++AwwGY2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4dK9Hcy ++VA5WCoAErLVxtimfxqr1mzt1CsJVLM80yHi3OO2vSH1+bEw52A/P/Lr14FBHoHZy ++z8fekaYamYtfbwwG/PF4aw/FvJHMkfCFBV1m08usVKG8m2zoF/IXILiwsgPMnaaO ++wDNsi1/vGvY4bYA/TbXjpaTxhhV2YotsnfokWTKPYLCA9CKiaFcTqmDkzQE0h3Yq ++FcqGm7eqtWb9ctg1hn7IHaFxcYWsZWTC6hlSezQeEsSHj3XXZTWF3VozXSwx+C+0 ++hKe2VlYr4ZzJyPlBGEAZ2bvUPA3Ek9y40ZlE0D2i3t4pf9YMqAffvO1mW6rMZES4 ++eUntSHeI4tGUuQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P ++cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU71q2RjpEXw/k +++eBrsshFjQcNcBUwHwYDVR0jBBgwFoAU1tuHrdNF/NSNayuX9M+VCLb6YqQwDQYJ ++KoZIhvcNAQELBQADggEBAFW1WlHNCyqBEObR2dZseJmbARjnkTKJbP0768ADgvhc ++4hnBBF03EFuXC752i5hx1GNojA5hyew9z+0BV5+bUwcnGn4g84oTjE8wveag69cs ++oZU1P6ZTyQAR+faznVPktXEz8dyGR5RvqWQB1MUbfJUKAg5v0XCUWl97rHf3VjVr ++raLi/HSRHsNG/DIBGaGlJ/MxFHmGfE2ag3woA5+sPIzk2ciwTqP+dc2pjjRXO2sU ++1t81QnvJPYgN6l8exl+ADqW5vyUGrKw4f8z5pZ5ozAh3Ht5FDZHlONKzYuoD7DwY ++nxbsQyEweqeLQsbL5KisCxWCpZyTsiwgH9Le4c/AdLw= + -----END CERTIFICATE----- +- + -----BEGIN RSA PRIVATE KEY----- +-MIIEowIBAAKCAQEAsPpXK6XVnJaEAoAJcXDNxo7wcWd8o84ukoFykQUoueItCdS1 +-8c51inCeT/ztfo/u4i4xyvjlqrGtPhGyk8ErvtLcdtIdM/vmCRfRlhKAsE+Wh9ZK +-K/9PhEC4GJ8QWhfBgtsQG5EZFpm0rtmiwyHst5YO5agGs2KnUtsB9FI0g4xSgy8c +-/S8KXxZtMhi9w4MC1vnaG2JILdQOhf/D8+g9hY8GCnDPCROsOyiUiQ1L13L9hNfM +-JoWf6hfzLRQBeHKAdX+QC58/GKmOnsgxeWmP1X2h2b13Yqy5TB+v5oonvRgVTJyV +-hdGoebLG7DL3KZpwyapImI7tntaCxRBO887VPwIDAQABAoIBAFOpdG3gzlNg3/Ti +-nBQxdEVqKwYhGs3A2UlOwl8F5lPBNPNRx9UQeYZBaMV9VrQezJnFpqpB8Sg5KCGQ +-ci/hAJIL0kalW0LI0Nz5ko10H7u5U/rQ9W1JG0j041JYV32Pf14husKdXBPQA5co +-sQW30tSSrmYogUpp15mWiJz8A3EvqiCTlQv5JwwMFGnjVl8+HNfuLghK/vqY/Eb9 +-YmwTKxPFejqN7E0Mud2ylNiuPTSLwBy8UvV9uxOlDc6lMyZjVRO0woiEzrjw5dKF +-yf5tUkICRcPkekcx+XtpGrCMlRLl770bZBZX+YNmbYXVWhFp09cNR+U0KZqPNcDp +-jg73vXECgYEA3huOKzfHGt3qUdMlEHd1FvQhW9fYIrmUSnuVYQJOnY8lFfKfmrOH +-gpwOIHDNiVHYlhAJaNocCLYx4hWHgZXarY7NKxmlY2+Vp8mcCIf2Cw3Kr/sFklUJ +-KpiRxqEPGR7U4C/E31kkH/C+w7m9Zh3ndhltU2Pki9/Eq0lk8YClMMkCgYEAy/vU +-jxzviIk8bll5uCIuXJyCfao7ywaZABbL6a20kdVGKrHj57O/OJ2WZVwBihhB7OS+ +-QsKC/J8LrUJkobOFtQvQ8O23uep5rB6kqCkXsXCG4SCl2L5xZySBp/qhiqbuMwvp +-EAWPSIA6UNoR0J2rDYVmq6jtY526wQf5ivE8IccCgYEAphfzJAyNH2FOZixArmS2 +-shiUjasG3UjsRRrP5YClK5wtPpF2m2if8KMkyUux2HvVPLr3XmqkxjsBaLFy6QwY +-QOvmL9H45Tg/sP7KaXLLIw8IQLu2OezPcwQvF1u//6gXxyLR1bhClIQjFBjlMuUv +-/xgasl6kPZlz6Cd1jkgGwEkCgYAI1IT2EQWZfn9cM4leXDRvk+LeN8FQ35897r6z +-Be78JSRdcsfv3ssXU1MQXjQ+2x/3dkt6LltnPidOP8KFcXUHSlSoKVI7vRe5SLZO +-BUFeUAW2tygWwt+73Eu0jtfxXZqQISLcq7DxLYPYvifpRPoDotO3+J8WIdzUwFig +-GCNHPwKBgHqXOyRef7ykVUCptMf61/BvNU8NP1f9PkKQBMYQZC39UwqEQ675QBUh +-hSG9t/kyc44zUVmBeKIlWHVyLQ83Dv+ennz/D9t7tstet0VMKvALNdiVT0sjFKN7 +-1VINygCeFkqrlTXlOwFcRSo1gHn3/JIrhSgRuYKHSf0GZOcN6d9l ++MIIEogIBAAKCAQEAx4dK9HcyVA5WCoAErLVxtimfxqr1mzt1CsJVLM80yHi3OO2v ++SH1+bEw52A/P/Lr14FBHoHZyz8fekaYamYtfbwwG/PF4aw/FvJHMkfCFBV1m08us ++VKG8m2zoF/IXILiwsgPMnaaOwDNsi1/vGvY4bYA/TbXjpaTxhhV2YotsnfokWTKP ++YLCA9CKiaFcTqmDkzQE0h3YqFcqGm7eqtWb9ctg1hn7IHaFxcYWsZWTC6hlSezQe ++EsSHj3XXZTWF3VozXSwx+C+0hKe2VlYr4ZzJyPlBGEAZ2bvUPA3Ek9y40ZlE0D2i ++3t4pf9YMqAffvO1mW6rMZES4eUntSHeI4tGUuQIDAQABAoIBAHbfhuuQ3D4x8Fb/ ++IEnZK+8Qa22MSxl52ehYETDKHjNVoCtdiDGS+rAA1fGAsjRrGrPSgGn8R7i85kA2 ++CuDxpSDetIccQdbfJbqLzqof9tBUbj++t2QQm/KpdrlVdSv8fOEB3HUMVz3xJTkA ++Jc8VZFbwskZVGFSGqZJt1QMu975By8mrNBiQ92dpWUwH6bcJ2rL+GgpW8LkosAtW +++bqAH86je2utErCStHTBMq459JIcef+dZxQ1iNALny+Q54MIsFbh21TbUf+mPsBK ++B5Pe+RnlEw9uFmFH0gQybmZBIB/IDnsDj/+L0gRrSp6nYaQBD2Gw2jPJQL0PEu0s ++nS1B4tECgYEA+E1z73eA35jBvDg/CI4mcL/f17xRCW9YsaeXTqEDMSi27b5OSgdP ++0ETl3xreVgKGeDHygyaaJ6MR7uoPRPJhZR1ifrhWKoyPLuD55rwGIvKIbAWXVj7/ ++AvcY+qligVcK2dTJjczh6Tv8/XVYEPrfg4QdDlg9rodAlNJGofaX0WUCgYEAzbbD ++8Yw/KbX1bSN6TtHoAAIVd/y2a4TEgHxOOOM5LAQ98fgP4L7njse8CBFUCH9RXYIS ++lWyT7aHxykK/32wsd/6CfP1IlNcOSrBe5nA0b1m9piT6K9nZd7NMv1DpznaZ/roO ++6jPxXrtQAgAC4jPCehH23t8SqP+abBIWvTlZisUCgYB4Jvqf+UL6b+/nxYvy9t5x ++FtgZi/3mw+O2a/OSz+U8h4gleT5nIiykCoL1uAm4sxYg2YKRpj9YSNentclXwrYQ ++eOyth0Pi6QtsUt96oKeTh6suInJ+AJPj+nAy835AOj988zPpEyiKdUXR3FOWO9+m ++w2pQA7EtYDOHEE2vmCUU5QKBgCSP10OXKaLANF6xb4uSwyk9NZOd1s5FSqeLcFus ++Bv1Lw7a94BSR2ZYG6eSFL+pStqNn+uWT5rbVkaPhOTj8gOrS0V5lpgDOODwOHM/Y ++IXmo+YwOBmjEz2H2/C0EtIl9iuE7MGtvz/aGVDIGznxltqr7hmUWQLrIsymCDYiU ++KNYBAoGAeZd1hDEK3dmzNAzNUWaIVWg2yq+B1RF7k1yzk7XcAc13vGEyZc2gILji ++y+0IMS60/uKVZ7zYBvxuaDJImi1woEzAVSM2LUo2vHgFClrhHCF+tGKVEa1hbhhO ++ScifJC8f/HoKI+Ddn0hrFF0ndBJ7g4mB9sm7RBHfm+1steGCV3Q= + -----END RSA PRIVATE KEY----- +diff --git a/test/rubygems/ssl_cert.pem b/test/rubygems/ssl_cert.pem +index 998ccc5892..b99938e15b 100644 +--- a/test/rubygems/ssl_cert.pem ++++ b/test/rubygems/ssl_cert.pem +@@ -1,19 +1,80 @@ ++Certificate: ++ Data: ++ Version: 3 (0x2) ++ Serial Number: 1 (0x1) ++ Signature Algorithm: sha256WithRSAEncryption ++ Issuer: C=JP, ST=Tokyo, O=RubyGemsTest, CN=CA ++ Validity ++ Not Before: Jan 1 00:00:00 2009 GMT ++ Not After : Dec 31 23:59:59 2049 GMT ++ Subject: C=JP, ST=Tokyo, O=RubyGemsTest, CN=localhost ++ Subject Public Key Info: ++ Public Key Algorithm: rsaEncryption ++ RSA Public-Key: (2048 bit) ++ Modulus: ++ 00:c1:9b:13:e1:65:2a:87:a9:3c:84:2e:c3:21:e1: ++ 63:a2:8c:7c:6e:63:9a:ac:3e:45:f5:fa:37:08:aa: ++ c0:a7:6b:ff:42:27:1a:66:13:b9:ad:ca:d0:35:62: ++ 52:00:56:56:71:cd:dc:74:04:fe:2a:a6:7d:00:61: ++ e2:b8:9a:0f:d1:2c:56:b7:50:c4:23:f1:52:68:f3: ++ fd:cf:6c:6b:86:93:91:f0:d8:7a:67:d8:55:fc:0d: ++ d1:30:f8:aa:a4:79:f2:17:ca:11:b3:8c:e5:01:34: ++ ad:21:bc:a8:4d:ea:18:bc:13:9c:0a:94:bf:fb:46: ++ cf:29:d2:52:03:e4:97:4e:92:ae:b7:9d:b0:d9:19: ++ 49:5f:7a:5b:20:80:87:05:db:f4:73:df:04:69:12: ++ e8:14:1e:d2:c8:dd:d0:d3:81:72:04:f5:34:d7:9c: ++ 61:b5:b6:d3:4b:61:ee:a9:04:36:60:79:c8:77:74: ++ 24:70:89:a8:16:f8:6e:21:51:e9:30:61:fb:21:f6: ++ b3:6b:c1:b1:09:fa:26:ed:9f:3d:d2:2a:b6:34:d9: ++ b8:e8:46:d7:08:c3:3c:5d:0e:96:7a:e5:a1:ff:0a: ++ e2:36:bc:b4:06:3e:32:5a:9e:a5:4b:38:9e:0a:cc: ++ 08:3a:9f:07:4e:74:d0:16:4b:0f:51:e4:d5:24:f3: ++ 76:5d ++ Exponent: 65537 (0x10001) ++ X509v3 extensions: ++ X509v3 Basic Constraints: ++ CA:FALSE ++ Netscape Comment: ++ OpenSSL Generated Certificate ++ X509v3 Subject Key Identifier: ++ 1E:0A:57:4F:0E:BC:B5:26:26:B9:01:80:E8:9A:25:98:4A:C0:D6:05 ++ X509v3 Authority Key Identifier: ++ keyid:D6:DB:87:AD:D3:45:FC:D4:8D:6B:2B:97:F4:CF:95:08:B6:FA:62:A4 ++ ++ Signature Algorithm: sha256WithRSAEncryption ++ 85:13:fa:00:1d:65:c4:f3:82:12:94:67:e3:34:a1:ac:0c:7b: ++ f1:2c:e7:20:db:ea:b8:d1:54:52:3e:34:00:bf:d3:1f:04:be: ++ df:c3:7d:96:20:b6:e5:cf:d3:67:b4:27:95:57:41:e9:51:9e: ++ 90:88:a9:0e:97:4f:37:42:35:21:b5:e3:6e:82:c9:4c:66:1c: ++ 61:df:84:28:00:6a:93:d4:dd:25:96:18:55:89:cc:3d:70:a5: ++ 50:a4:e0:b9:db:c1:8e:aa:b1:aa:cc:89:dc:c1:1d:2d:c8:49: ++ ad:5b:96:eb:62:57:2e:0e:c0:5d:de:0a:86:27:b9:3c:92:bd: ++ 2d:db:0a:3c:ed:ef:1a:cf:0e:33:c9:61:a2:44:c1:ad:53:e6: ++ ca:28:ee:4c:19:6f:dd:75:a2:cc:d8:9a:36:e7:8c:64:35:da: ++ 1b:cb:9b:31:53:ca:a0:7b:d8:ac:ff:ee:a3:e8:9b:32:8f:5d: ++ 0d:ce:0c:eb:b5:ed:82:d6:70:0e:c3:ca:9e:8b:e4:c1:fc:c0: ++ 1e:ed:81:7e:5a:0a:a7:34:26:f7:0e:28:a0:7b:ba:21:42:14: ++ 84:48:12:df:e8:9e:21:91:fc:c8:c0:f5:f8:6a:9f:c7:27:d4: ++ 73:c5:9d:1a:5c:c8:62:24:71:d5:ae:4c:f2:c4:ad:14:c3:6d: ++ db:d6:56:bb + -----BEGIN CERTIFICATE----- +-MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQGDAJKUDES +-MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxDjAMBgNVBAMMBVN1YkNB +-MB4XDTA0MDEzMTAzMTMxNloXDTMzMDEyMzAzMTMxNlowQzELMAkGA1UEBgwCSlAx +-EjAQBgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMRIwEAYDVQQDDAlsb2Nh +-bGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANFJTxWqup3nV9dsJAku +-p+WaXnPNIzcpAA3qMGZDJTJsfa8Du7ZxTP0XJK5mETttBrn711cJxAuP3KjqnW9S +-vtZ9lY2sXJ6Zj62sN5LwG3VVe25dI28yR1EsbHjJ5Zjf9tmggMC6am52dxuHbt5/ +-vHo4ngJuKE/U+eeGRivMn6gFAgMBAAGjgYUwgYIwDAYDVR0TAQH/BAIwADAxBglg +-hkgBhvhCAQ0EJBYiUnVieS9PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd +-BgNVHQ4EFgQUpZIyygD9JxFYHHOTEuWOLbCKfckwCwYDVR0PBAQDAgWgMBMGA1Ud +-JQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4IBAQBwAIj5SaBHaA5X31IP +-CFCJiep96awfp7RANO0cuUj+ZpGoFn9d6FXY0g+Eg5wAkCNIzZU5NHN9xsdOpnUo +-zIBbyTfQEPrge1CMWMvL6uGaoEXytq84VTitF/xBTky4KtTn6+es4/e7jrrzeUXQ +-RC46gkHObmDT91RkOEGjHLyld2328jo3DIN/VTHIryDeVHDWjY5dENwpwdkhhm60 +-DR9IrNBbXWEe9emtguNXeN0iu1ux0lG1Hc6pWGQxMlRKNvGh0yZB9u5EVe38tOV0 +-jQaoNyL7qzcQoXD3Dmbi1p0iRmg/+HngISsz8K7k7MBNVsSclztwgCzTZOBiVtkM +-rRlQ ++MIIDfzCCAmegAwIBAgIBATANBgkqhkiG9w0BAQsFADBBMQswCQYDVQQGEwJKUDEO ++MAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDELMAkGA1UEAwwC ++Q0EwHhcNMDkwMTAxMDAwMDAwWhcNNDkxMjMxMjM1OTU5WjBIMQswCQYDVQQGEwJK ++UDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDESMBAGA1UE ++AwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZsT ++4WUqh6k8hC7DIeFjoox8bmOarD5F9fo3CKrAp2v/QicaZhO5rcrQNWJSAFZWcc3c ++dAT+KqZ9AGHiuJoP0SxWt1DEI/FSaPP9z2xrhpOR8Nh6Z9hV/A3RMPiqpHnyF8oR ++s4zlATStIbyoTeoYvBOcCpS/+0bPKdJSA+SXTpKut52w2RlJX3pbIICHBdv0c98E ++aRLoFB7SyN3Q04FyBPU015xhtbbTS2HuqQQ2YHnId3QkcImoFvhuIVHpMGH7Ifaz ++a8GxCfom7Z890iq2NNm46EbXCMM8XQ6WeuWh/wriNry0Bj4yWp6lSzieCswIOp8H ++TnTQFksPUeTVJPN2XQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf ++Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUHgpXTw68 ++tSYmuQGA6JolmErA1gUwHwYDVR0jBBgwFoAU1tuHrdNF/NSNayuX9M+VCLb6YqQw ++DQYJKoZIhvcNAQELBQADggEBAIUT+gAdZcTzghKUZ+M0oawMe/Es5yDb6rjRVFI+ ++NAC/0x8Evt/DfZYgtuXP02e0J5VXQelRnpCIqQ6XTzdCNSG1426CyUxmHGHfhCgA ++apPU3SWWGFWJzD1wpVCk4LnbwY6qsarMidzBHS3ISa1blutiVy4OwF3eCoYnuTyS ++vS3bCjzt7xrPDjPJYaJEwa1T5soo7kwZb911oszYmjbnjGQ12hvLmzFTyqB72Kz/ ++7qPomzKPXQ3ODOu17YLWcA7Dyp6L5MH8wB7tgX5aCqc0JvcOKKB7uiFCFIRIEt/o ++niGR/MjA9fhqn8cn1HPFnRpcyGIkcdWuTPLErRTDbdvWVrs= + -----END CERTIFICATE----- +diff --git a/test/rubygems/ssl_key.pem b/test/rubygems/ssl_key.pem +index 9ba2218a03..4883043b77 100644 +--- a/test/rubygems/ssl_key.pem ++++ b/test/rubygems/ssl_key.pem +@@ -1,15 +1,27 @@ + -----BEGIN RSA PRIVATE KEY----- +-MIICXQIBAAKBgQDRSU8Vqrqd51fXbCQJLqflml5zzSM3KQAN6jBmQyUybH2vA7u2 +-cUz9FySuZhE7bQa5+9dXCcQLj9yo6p1vUr7WfZWNrFyemY+trDeS8Bt1VXtuXSNv +-MkdRLGx4yeWY3/bZoIDAumpudncbh27ef7x6OJ4CbihP1PnnhkYrzJ+oBQIDAQAB +-AoGBAIf4CstW2ltQO7+XYGoex7Hh8s9lTSW/G2vu5Hbr1LTHy3fzAvdq8MvVR12O +-rk9fa+lU9vhzPc0NMB0GIDZ9GcHuhW5hD1Wg9OSCbTOkZDoH3CAFqonjh4Qfwv5W +-IPAFn9KHukdqGXkwEMdErsUaPTy9A1V/aROVEaAY+HJgq/eZAkEA/BP1QMV04WEZ +-Oynzz7/lLizJGGxp2AOvEVtqMoycA/Qk+zdKP8ufE0wbmCE3Qd6GoynavsHb6aGK +-gQobb8zDZwJBANSK6MrXlrZTtEaeZuyOB4mAmRzGzOUVkUyULUjEx2GDT93ujAma +-qm/2d3E+wXAkNSeRpjUmlQXy/2oSqnGvYbMCQQDRM+cYyEcGPUVpWpnj0shrF/QU +-9vSot/X1G775EMTyaw6+BtbyNxVgOIu2J+rqGbn3c+b85XqTXOPL0A2RLYkFAkAm +-syhSDtE9X55aoWsCNZY/vi+i4rvaFoQ/WleogVQAeGVpdo7/DK9t9YWoFBIqth0L +-mGSYFu9ZhvZkvQNV8eYrAkBJ+rOIaLDsmbrgkeDruH+B/9yrm4McDtQ/rgnOGYnH +-LjLpLLOrgUxqpzLWe++EwSLwK2//dHO+SPsQJ4xsyQJy ++MIIEpAIBAAKCAQEAwZsT4WUqh6k8hC7DIeFjoox8bmOarD5F9fo3CKrAp2v/Qica ++ZhO5rcrQNWJSAFZWcc3cdAT+KqZ9AGHiuJoP0SxWt1DEI/FSaPP9z2xrhpOR8Nh6 ++Z9hV/A3RMPiqpHnyF8oRs4zlATStIbyoTeoYvBOcCpS/+0bPKdJSA+SXTpKut52w ++2RlJX3pbIICHBdv0c98EaRLoFB7SyN3Q04FyBPU015xhtbbTS2HuqQQ2YHnId3Qk ++cImoFvhuIVHpMGH7Ifaza8GxCfom7Z890iq2NNm46EbXCMM8XQ6WeuWh/wriNry0 ++Bj4yWp6lSzieCswIOp8HTnTQFksPUeTVJPN2XQIDAQABAoIBAG0KWZ0VrGlxsKrF ++55L6bXJMa3yEzsV54U9TmJFiElV5Ju/sNBsPuwEd/DxE3uhfuBoqlqIleb0tvbNs ++bhQIeSYXMdPXQlD4BrEj0mxzpO/Lx2N9mRtJpcvrQEmzk/BE2kv5vBSDIyuVrnkU ++1zniwgGTjcwL0UDFtcHZOeYFZg6S5Co7vbwBItIAcZKdZUXTHj7gt5j1uGD9a0FL ++fOFYiysrr9Nh8lVJgTv5W/gdYxE4vmyG6nfIUIPSyZwTgzItk4RZU3ygGTA1bP3D ++O0U3bW4avXKtJTdLUpy7MHT5edErZ0UX7LKYByfvinGMH9FpsBcp2XAcBKZmZwrG ++e00XR+UCgYEA+g3Gj2GUwGz/LUmPUb2fT7vqbuoOJpNQUxsx1csbX6NetH7eJU4y ++P/iZKSmAeVbf+RdfySf4/Z1brrwtKz700FMY7CYhfXiHH3vL+TCZgLq/wuU/hJYQ ++YHV5P1/71YQg3ArCP4ukkoJH4Zm8ACN5MUx8YbRrwvdVYycf9nwVGWcCgYEAxjWr ++b8kTCPhzbZIJiDWq5fDlnt5PwU+bXGDQMK5LnagxfcQg7LLlJm5c7+fxBX1Q0n6U ++dtAdswaTiL5VotV9zQhF/Kmehjl7GAMxpcSfMYpwxSQEY5jDswTVCRej4B4GLDQD ++7jO6Ih+o6fvxhxh6yP9kO5IMn/ATGqnxipwsI5sCgYB+pIt0As/7xThYD3FuzMLq ++9xl8oz4Xe3SrIpLS3NM4VN2aPMb1zezVSWsI1eQjkERPO+9fScdpa1EL5nJZ/MCw ++4eU1dPpxOaH16BUeV+bms657XvAUjowszlJiLpK1SP37c9d9p5PqP+F3+QymZVD0 ++DvDP6zjIvcuZNC+T/rQQ8QKBgQCUzZwMCye4N1Xo75cqZCgOAqFQeNPla89WNfR2 ++Z5OrI6csJP8W1GNGS9qH3VhL572ymYb5/9ocGhbOtR3zZlXQhKKOQgUZ/bNU3qj6 ++KzfcaHOq/RQydXCOSFVrQw0rZz75Fn/Q55KYpa4ZI6U65/zeQyXLtyS1OfYNsYH9 ++rqtQewKBgQDCXBOUc/wSzc77EFC6A3j4nETS1D4WLpz/sKljTDRES7zsIGqgur7N ++P0Lbijz3HiW8RCS4Kt0VPXApsXEa6D8aYordzk2rp3Uk1pdWhcMoOr4FaXyRYgl7 +++XYlxe0kzAFY7ZR6M0p9cXjh9XZ1Is15xJQg3q0/ru/J3QS0BTSrFg== + -----END RSA PRIVATE KEY----- +diff --git a/test/rubygems/test_gem_security_policy.rb b/test/rubygems/test_gem_security_policy.rb +index 4108551dca..170e296a10 100644 +--- a/test/rubygems/test_gem_security_policy.rb ++++ b/test/rubygems/test_gem_security_policy.rb +@@ -293,7 +293,7 @@ def test_check_trust_no_trust_child + + def test_subject + assert_equal 'email:nobody@example', @no.subject(PUBLIC_CERT) +- assert_equal '/C=JP/O=JIN.GR.JP/OU=RRR/CN=CA', @no.subject(CA_CERT) ++ assert_equal '/C=JP/ST=Tokyo/O=RubyGemsTest/CN=CA', @no.subject(CA_CERT) + end + + def test_verify +-- +2.26.2 + diff --git a/ruby.spec b/ruby.spec index 8065bea..c0b8dcc 100644 --- a/ruby.spec +++ b/ruby.spec @@ -180,6 +180,9 @@ Patch45: ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch # Use larger keys for drb test failures. # https://github.com/ruby/ruby/commit/fb0009cfdc203247f808f4dcd72c7baf272172ce Patch46: ruby-2.6.0-use-larger-keys-for-SSL-drb-tests.patch +# Regenerate certificates with larger keys for rubygems tests. +# https://github.com/ruby/ruby/commit/2b97b8e09028be1d03ed03980f2ad34db6349b9f +Patch47: ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Suggests: rubypick @@ -577,6 +580,7 @@ rm -rf ext/fiddle/libffi* %patch44 -p1 %patch45 -p1 %patch46 -p1 +%patch47 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1141,6 +1145,7 @@ MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" - Regenerate server certificates with larger keys for open-uri tests. - Use larger keys for webrick test failures. - Use larger keys for drb test failures. +- Regenerate certificates with larger keys for rubygems tests. * Tue Apr 30 2019 Jun Aruga - 2.5.5-105 - Update to Ruby 2.5.5. From fe11680a051cffa4fe1dc4d3c513522db56dd0e7 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Wed, 14 Oct 2020 15:48:10 +0200 Subject: [PATCH 17/19] Remove unused patch. The file should be removed on the past commit: Update to Ruby 2.5.5. --- ...-fix-session-resumption-with-TLS-1.3.patch | 157 ------------------ 1 file changed, 157 deletions(-) delete mode 100644 ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch diff --git a/ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch b/ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch deleted file mode 100644 index b81800e..0000000 --- a/ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch +++ /dev/null @@ -1,157 +0,0 @@ -From 1dfc377ae3b174b043d3f0ed36de57b0296b34d0 Mon Sep 17 00:00:00 2001 -From: rhe -Date: Wed, 8 Aug 2018 14:13:55 +0000 -Subject: [PATCH] net/http, net/ftp: fix session resumption with TLS 1.3 - -When TLS 1.3 is in use, the session ticket may not have been sent yet -even though a handshake has finished. Also, the ticket could change if -multiple session ticket messages are sent by the server. Use -SSLContext#session_new_cb instead of calling SSLSocket#session -immediately after a handshake. This way also works with earlier protocol -versions. - -git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64234 b2dd03c8-39d4-4d8f-98ff-823fe69b080e ---- - lib/net/ftp.rb | 5 ++++- - lib/net/http.rb | 7 +++++-- - test/net/http/test_https.rb | 35 ++++++++++------------------------- - 3 files changed, 19 insertions(+), 28 deletions(-) - -diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb -index c3ee47ef4d36..9902f9dc657a 100644 ---- a/lib/net/ftp.rb -+++ b/lib/net/ftp.rb -@@ -230,6 +230,10 @@ def initialize(host = nil, user_or_options = {}, passwd = nil, acct = nil) - if defined?(VerifyCallbackProc) - @ssl_context.verify_callback = VerifyCallbackProc - end -+ @ssl_context.session_cache_mode = -+ OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT | -+ OpenSSL::SSL::SSLContext::SESSION_CACHE_NO_INTERNAL_STORE -+ @ssl_context.session_new_cb = proc {|sock, sess| @ssl_session = sess } - @ssl_session = nil - if options[:private_data_connection].nil? - @private_data_connection = true -@@ -349,7 +353,6 @@ def start_tls_session(sock) - if @ssl_context.verify_mode != VERIFY_NONE - ssl_sock.post_connection_check(@host) - end -- @ssl_session = ssl_sock.session - return ssl_sock - end - private :start_tls_session -diff --git a/lib/net/http.rb b/lib/net/http.rb -index 281b15cedff0..683a884f5dbe 100644 ---- a/lib/net/http.rb -+++ b/lib/net/http.rb -@@ -969,6 +969,10 @@ def connect - end - @ssl_context = OpenSSL::SSL::SSLContext.new - @ssl_context.set_params(ssl_parameters) -+ @ssl_context.session_cache_mode = -+ OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT | -+ OpenSSL::SSL::SSLContext::SESSION_CACHE_NO_INTERNAL_STORE -+ @ssl_context.session_new_cb = proc {|sock, sess| @ssl_session = sess } - D "starting SSL for #{conn_address}:#{conn_port}..." - s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context) - s.sync_close = true -@@ -976,13 +980,12 @@ def connect - s.hostname = @address if s.respond_to? :hostname= - if @ssl_session and - Process.clock_gettime(Process::CLOCK_REALTIME) < @ssl_session.time.to_f + @ssl_session.timeout -- s.session = @ssl_session if @ssl_session -+ s.session = @ssl_session - end - ssl_socket_connect(s, @open_timeout) - if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE - s.post_connection_check(@address) - end -- @ssl_session = s.session - D "SSL established" - end - @socket = BufferedIO.new(s, read_timeout: @read_timeout, -diff --git a/test/net/http/test_https.rb b/test/net/http/test_https.rb -index 8004d5c5f29f..a5182a1fe9db 100644 ---- a/test/net/http/test_https.rb -+++ b/test/net/http/test_https.rb -@@ -71,20 +71,11 @@ def test_session_reuse - http.get("/") - http.finish - -- http.start -- http.get("/") -- http.finish # three times due to possible bug in OpenSSL 0.9.8 -- -- sid = http.instance_variable_get(:@ssl_session).id -- - http.start - http.get("/") - - socket = http.instance_variable_get(:@socket).io -- -- assert socket.session_reused? -- -- assert_equal sid, http.instance_variable_get(:@ssl_session).id -+ assert_equal true, socket.session_reused? - - http.finish - rescue SystemCallError -@@ -101,16 +92,12 @@ def test_session_reuse_but_expire - http.get("/") - http.finish - -- sid = http.instance_variable_get(:@ssl_session).id -- - http.start - http.get("/") - - socket = http.instance_variable_get(:@socket).io - assert_equal false, socket.session_reused? - -- assert_not_equal sid, http.instance_variable_get(:@ssl_session).id -- - http.finish - rescue SystemCallError - skip $! -@@ -160,15 +147,16 @@ def test_certificate_verify_failure - end - - def test_identity_verify_failure -+ # the certificate's subject has CN=localhost - http = Net::HTTP.new("127.0.0.1", config("port")) - http.use_ssl = true -- http.verify_callback = Proc.new do |preverify_ok, store_ctx| -- true -- end -+ http.cert_store = TEST_STORE -+ @log_tester = lambda {|_| } - ex = assert_raise(OpenSSL::SSL::SSLError){ - http.request_get("/") {|res| } - } -- assert_match(/hostname \"127.0.0.1\" does not match/, ex.message) -+ re_msg = /certificate verify failed|hostname \"127.0.0.1\" does not match/ -+ assert_match(re_msg, ex.message) - end - - def test_timeout_during_SSL_handshake -@@ -193,16 +181,13 @@ def test_timeout_during_SSL_handshake - end - - def test_min_version -- http = Net::HTTP.new("127.0.0.1", config("port")) -+ http = Net::HTTP.new("localhost", config("port")) - http.use_ssl = true - http.min_version = :TLS1 -- http.verify_callback = Proc.new do |preverify_ok, store_ctx| -- true -- end -- ex = assert_raise(OpenSSL::SSL::SSLError){ -- http.request_get("/") {|res| } -+ http.cert_store = TEST_STORE -+ http.request_get("/") {|res| -+ assert_equal($test_net_http_data, res.body) - } -- assert_match(/hostname \"127.0.0.1\" does not match/, ex.message) - end - - def test_max_version From bf3038f41da5a5512707f21536002744b381e816 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Mon, 26 Oct 2020 11:41:17 +0100 Subject: [PATCH 18/19] Update to Ruby 2.5.8. --- ruby-2.1.0-custom-rubygems-location.patch | 10 +- ruby-2.3.0-ruby_version.patch | 2 +- ...ms-regenerate-certificates-for-tests.patch | 502 ------------------ ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch | 21 +- ruby.spec | 15 +- sources | 2 +- 6 files changed, 20 insertions(+), 532 deletions(-) delete mode 100644 ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch diff --git a/ruby-2.1.0-custom-rubygems-location.patch b/ruby-2.1.0-custom-rubygems-location.patch index 4b54560..5ebe1ce 100644 --- a/ruby-2.1.0-custom-rubygems-location.patch +++ b/ruby-2.1.0-custom-rubygems-location.patch @@ -67,15 +67,15 @@ diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb index b47b6e1..0b99408 100755 --- a/tool/rbinstall.rb +++ b/tool/rbinstall.rb -@@ -331,6 +331,7 @@ def CONFIG.[](name, mandatory = false) - sitearchlibdir = CONFIG["sitearchdir"] - vendorlibdir = CONFIG["vendorlibdir"] - vendorarchlibdir = CONFIG["vendorarchdir"] +@@ -335,6 +335,7 @@ def CONFIG.[](name, mandatory = false) + vendorlibdir = CONFIG["vendorlibdir"] + vendorarchlibdir = CONFIG["vendorarchdir"] + end +rubygemsdir = CONFIG["rubygemsdir"] mandir = CONFIG["mandir", true] docdir = CONFIG["docdir", true] configure_args = Shellwords.shellwords(CONFIG["configure_args"]) -@@ -537,7 +538,13 @@ def install(src, cmd) +@@ -541,7 +542,13 @@ def install(src, cmd) install?(:local, :comm, :lib) do prepare "library scripts", rubylibdir noinst = %w[*.txt *.rdoc *.gemspec] diff --git a/ruby-2.3.0-ruby_version.patch b/ruby-2.3.0-ruby_version.patch index 30370e1..7cc747f 100644 --- a/ruby-2.3.0-ruby_version.patch +++ b/ruby-2.3.0-ruby_version.patch @@ -171,7 +171,7 @@ diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb index d4c110e..d39c9a6 100755 --- a/tool/rbinstall.rb +++ b/tool/rbinstall.rb -@@ -417,7 +417,7 @@ def CONFIG.[](name, mandatory = false) +@@ -421,7 +421,7 @@ def CONFIG.[](name, mandatory = false) install?(:doc, :rdoc) do if $rdocdir diff --git a/ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch b/ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch deleted file mode 100644 index 23eb3e7..0000000 --- a/ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch +++ /dev/null @@ -1,502 +0,0 @@ -From e87b38abddcceebd6d525031c5422e343ab151da Mon Sep 17 00:00:00 2001 -From: usa -Date: Mon, 26 Aug 2019 16:12:14 +0000 -Subject: [PATCH] merge revision(s) - ae2a904ce9bffedee7d110dc60fd51c0a2879a5b,165ddfda20f6db8a3149d14c4f431fc242ddab70,fa7a768fdfe5223a29db4fa71b3e6101fb02ad51: - [Backport #16051] - - Update the certificate files to make the test pass on Debian 10 - - The old certificate files (for example, test/rubygems/ca_cert.pem) were - signed by SHA1. This message digest is considered too weak and rejected - by OpenSSL 1.1.1 or later. Because of this, the test suite does not - pass on Debian 10. - - https://rubyci.org/logs/rubyci.s3.amazonaws.com/debian/ruby-master/log/20190527T123003Z.fail.html.gz#test%2Frubygems - - This change regenerates the files. - A shell script for the regeneration (util/create_certs.sh) is also - added. - - * remove trailing spaces. - - Removed inconsistency file from upstream repository of rubygems. - - followed up ae2a904ce9bffedee7d110dc60fd51c0a2879a5b - -git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67768 b2dd03c8-39d4-4d8f-98ff-823fe69b080e ---- - test/rubygems/ca_cert.pem | 139 ++++++++++---------- - test/rubygems/client.pem | 148 +++++++++++++++------- - test/rubygems/ssl_cert.pem | 95 +++++++++++--- - test/rubygems/ssl_key.pem | 38 ++++-- - test/rubygems/test_gem_security_policy.rb | 2 +- - 5 files changed, 281 insertions(+), 141 deletions(-) - -diff --git a/test/rubygems/ca_cert.pem b/test/rubygems/ca_cert.pem -index 5207531bc2..b3977e26ad 100644 ---- a/test/rubygems/ca_cert.pem -+++ b/test/rubygems/ca_cert.pem -@@ -1,68 +1,77 @@ -------BEGIN CERTIFICATE----- --MIID0DCCArigAwIBAgIBADANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES --MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X --DTA0MDEzMDAwNDIzMloXDTM2MDEyMjAwNDIzMlowPDELMAkGA1UEBgwCSlAxEjAQ --BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQswCQYDVQQDDAJDQTCCASIw --DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbv0x42BTKFEQOE+KJ2XmiSdZpR --wjzQLAkPLRnLB98tlzs4xo+y4RyY/rd5TT9UzBJTIhP8CJi5GbS1oXEerQXB3P0d --L5oSSMwGGyuIzgZe5+vZ1kgzQxMEKMMKlzA73rbMd4Jx3u5+jdbP0EDrPYfXSvLY --bS04n2aX7zrN3x5KdDrNBfwBio2/qeaaj4+9OxnwRvYP3WOvqdW0h329eMfHw0pi --JI0drIVdsEqClUV4pebT/F+CPUPkEh/weySgo9wANockkYu5ujw2GbLFcO5LXxxm --dEfcVr3r6t6zOA4bJwL0W/e6LBcrwiG/qPDFErhwtgTLYf6Er67SzLyA66UCAwEA --AaOB3DCB2TAPBgNVHRMBAf8EBTADAQH/MDEGCWCGSAGG+EIBDQQkFiJSdWJ5L09w --ZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRJ7Xd380KzBV7f --USKIQ+O/vKbhDzAOBgNVHQ8BAf8EBAMCAQYwZAYDVR0jBF0wW4AUSe13d/NCswVe --31EiiEPjv7ym4Q+hQKQ+MDwxCzAJBgNVBAYMAkpQMRIwEAYDVQQKDAlKSU4uR1Iu --SlAxDDAKBgNVBAsMA1JSUjELMAkGA1UEAwwCQ0GCAQAwDQYJKoZIhvcNAQEFBQAD --ggEBAIu/mfiez5XN5tn2jScgShPgHEFJBR0BTJBZF6xCk0jyqNx/g9HMj2ELCuK+ --r/Y7KFW5c5M3AQ+xWW0ZSc4kvzyTcV7yTVIwj2jZ9ddYMN3nupZFgBK1GB4Y05GY --MJJFRkSu6d/Ph5ypzBVw2YMT/nsOo5VwMUGLgS7YVjU+u/HNWz80J3oO17mNZllj --PvORJcnjwlroDnS58KoJ7GDgejv3ESWADvX1OHLE4cRkiQGeLoEU4pxdCxXRqX0U --PbwIkZN9mXVcrmPHq8MWi4eC/V7hnbZETMHuWhUoiNdOEfsAXr3iP4KjyyRdwc7a --d/xgcK06UVQRL/HbEYGiQL056mc= -------END CERTIFICATE----- -- -------BEGIN CERTIFICATE----- --MIIDaDCCAlCgAwIBAgIBATANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES --MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X --DTA0MDEzMDAwNDMyN1oXDTM1MDEyMjAwNDMyN1owPzELMAkGA1UEBgwCSlAxEjAQ --BgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQ4wDAYDVQQDDAVTdWJDQTCC --ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0Ou7AyRcRXnB/kVHv/6kwe --ANzgg/DyJfsAUqW90m7Lu1nqyug8gK0RBd77yU0w5HOAMHTVSdpjZK0g2sgx4Mb1 --d/213eL9TTl5MRVEChTvQr8q5DVG/8fxPPE7fMI8eOAzd98/NOAChk+80r4Sx7fC --kGVEE1bKwY1MrUsUNjOY2d6t3M4HHV3HX1V8ShuKfsHxgCmLzdI8U+5CnQedFgkm --3e+8tr8IX5RR1wA1Ifw9VadF7OdI/bGMzog/Q8XCLf+WPFjnK7Gcx6JFtzF6Gi4x --4dp1Xl45JYiVvi9zQ132wu8A1pDHhiNgQviyzbP+UjcB/tsOpzBQF8abYzgEkWEC --AwEAAaNyMHAwDwYDVR0TAQH/BAUwAwEB/zAxBglghkgBhvhCAQ0EJBYiUnVieS9P --cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUlCjXWLsReYzH --LzsxwVnCXmKoB/owCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCJ/OyN --rT8Cq2Y+G2yA/L1EMRvvxwFBqxavqaqHl/6rwsIBFlB3zbqGA/0oec6MAVnYynq4 --c4AcHTjx3bQ/S4r2sNTZq0DH4SYbQzIobx/YW8PjQUJt8KQdKMcwwi7arHP7A/Ha --LKu8eIC2nsUBnP4NhkYSGhbmpJK+PFD0FVtD0ZIRlY/wsnaZNjWWcnWF1/FNuQ4H --ySjIblqVQkPuzebv3Ror6ZnVDukn96Mg7kP4u6zgxOeqlJGRe1M949SS9Vudjl8X --SF4aZUUB9pQGhsqQJVqaz2OlhGOp9D0q54xko/rekjAIcuDjl1mdX4F2WRrzpUmZ --uY/bPeOBYiVsOYVe -------END CERTIFICATE----- -+Certificate: -+ Data: -+ Version: 3 (0x2) -+ Serial Number: 0 (0x0) -+ Signature Algorithm: sha256WithRSAEncryption -+ Issuer: C=JP, ST=Tokyo, O=RubyGemsTest, CN=CA -+ Validity -+ Not Before: Jan 1 00:00:00 2009 GMT -+ Not After : Dec 31 23:59:59 2049 GMT -+ Subject: C=JP, ST=Tokyo, O=RubyGemsTest, CN=CA -+ Subject Public Key Info: -+ Public Key Algorithm: rsaEncryption -+ RSA Public-Key: (2048 bit) -+ Modulus: -+ 00:c8:19:2c:5a:1d:4d:2a:65:1d:9a:0b:d6:3a:5c: -+ 5f:54:90:ac:17:6f:58:18:8f:e6:0f:33:36:ca:a0: -+ 92:02:b8:49:85:96:e9:74:16:14:40:67:98:4a:1f: -+ 4d:1c:d8:0b:c4:4e:f8:78:0a:68:70:39:d8:66:64: -+ c6:d5:ca:49:e9:02:c7:1a:1c:03:ba:a1:85:68:0a: -+ 03:05:27:b5:7f:97:21:94:20:f3:fe:ea:2e:f5:2e: -+ 99:34:6b:e0:e7:96:ca:51:4e:4d:40:48:09:d6:5f: -+ 64:7b:e5:df:eb:3d:44:bf:42:25:f7:84:c7:2d:22: -+ e0:7f:00:37:c6:c3:16:75:75:37:6a:e5:56:da:1c: -+ 77:37:3c:00:d3:1f:f4:9d:3b:27:08:ff:cd:cf:1e: -+ 60:74:65:90:c2:59:b4:12:3e:a0:7f:22:47:87:ff: -+ 52:f3:47:39:d1:91:02:1c:bb:8c:c9:20:1f:00:db: -+ d1:3a:b0:e0:ba:ee:55:05:8f:1a:f8:1e:dd:6d:83: -+ 1c:1d:18:01:44:92:27:22:f1:2a:07:fe:43:83:08: -+ 82:d3:2b:f1:ec:b1:68:b3:f8:94:1b:81:29:54:01: -+ 56:12:54:66:ba:60:e7:5c:27:04:4d:a3:61:e3:f9: -+ 8f:86:53:0b:83:eb:1f:1d:89:0c:83:66:88:c8:50: -+ 8d:c5 -+ Exponent: 65537 (0x10001) -+ X509v3 extensions: -+ X509v3 Subject Key Identifier: -+ D6:DB:87:AD:D3:45:FC:D4:8D:6B:2B:97:F4:CF:95:08:B6:FA:62:A4 -+ X509v3 Authority Key Identifier: -+ keyid:D6:DB:87:AD:D3:45:FC:D4:8D:6B:2B:97:F4:CF:95:08:B6:FA:62:A4 - -+ X509v3 Basic Constraints: critical -+ CA:TRUE -+ Signature Algorithm: sha256WithRSAEncryption -+ 06:92:f7:9a:0f:40:da:1a:7f:9f:0c:9e:04:37:4d:be:a4:1e: -+ 86:65:b3:4a:be:87:13:a1:e4:6b:3b:d6:58:9d:ca:f8:ba:6d: -+ e4:dd:de:c5:e3:a2:ec:ef:32:2d:c0:06:01:3a:d5:81:5a:e1: -+ e4:f7:5f:68:67:ea:cd:28:90:b1:9c:82:d3:4e:00:51:b6:eb: -+ d5:8d:ec:ab:c3:18:b2:8b:8d:5b:63:6d:f8:f5:40:c6:c6:7e: -+ 72:7b:ed:98:c5:5e:24:b9:ad:4f:5b:8f:1d:53:a3:d7:6a:4f: -+ 07:2e:6a:b6:63:5c:dc:05:22:ac:77:af:b0:72:9d:39:6f:77: -+ 9c:45:8b:ad:de:e8:bf:6a:b5:87:0b:58:47:af:11:1a:9e:84: -+ 25:21:68:48:2a:b3:3c:5a:97:54:20:03:bd:87:34:dd:db:24: -+ a6:c7:50:e9:6c:87:55:f2:e5:33:9c:83:8f:8c:9e:f3:3a:38: -+ a0:92:a1:a7:c4:89:31:bd:33:83:11:dd:ad:bb:e0:47:19:bb: -+ 62:6c:49:58:b3:13:12:c3:d0:dd:02:5f:6f:4f:13:07:6d:aa: -+ 7b:2c:46:5a:74:52:6d:13:10:9c:f7:3d:5d:84:5b:b8:5b:a9: -+ c5:ae:56:4b:9a:8c:e2:fd:7f:55:80:cb:b0:2d:56:d7:a4:3c: -+ cf:3c:b2:ff - -----BEGIN CERTIFICATE----- --MIIDtTCCAp2gAwIBAgIJANz6ehBcVuuiMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV --BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX --aWRnaXRzIFB0eSBMdGQwHhcNMTMwNTAxMTQ0NTQxWhcNMjMwMzEwMTQ0NTQxWjBF --MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 --ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB --CgKCAQEAzlpZwhEYoALOEKU4lmMw5l3YI/gadzDOoELtdcidvVvovKK8IIOTDwbA --3XcjwV0UPGEPOK4Uk1aD0EKkOQVg8ivSre2a3FFGffs2kXck+doJMzAA+pf8tvFk --QsETVOurOp74GN+er2xbbRSDVxQKq6d+QTe1E60btyXQS5M1Nt5SvLn8dazZJgvv --3yzJQ1IOQl+xeEO0WVVhPIx5Mx3VtjjcDyl8aewPkYkzia6UOrAyQZnl5sIzWGOb --kYKCNeKjTPepzlbMx0dN6jBupPYGNB+4FYY9GezInjGbRP5np5382wd3EWwsVzic --Nau8kXHTL2r7GzNvoy0p//iPCqx9FQIDAQABo4GnMIGkMB0GA1UdDgQWBBS7B027 --H/ZIkW3ngm1SrR0X/aTCwDB1BgNVHSMEbjBsgBS7B027H/ZIkW3ngm1SrR0X/aTC --wKFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNV --BAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJANz6ehBcVuuiMAwGA1UdEwQF --MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAC0glUrUiylTfuOWlwkQvi74oiYC5CzW --Jfusg6o/Gg1XEuJhaHiYMsK/do16gSc6Za3934rHQbYu3mesyFkCWF9kD4J6/hEO --OQL8xmmgN7wS6GXy6oIODpny0MgnFrV4gd1aEx69NIfL/wXaM8Gw2sj1TnuGLs8+ --HFmWLRRH3WSR7ZLnqYzPVJwhHu8vtZBL9HZk1J6xyq00Nwi2Cz5WdiHamgaza3TS --OgBdWwDeSClwhrTJni4d30dbq+eNMByIZ7QNGBQivpFzDxeNV/2UBrTU0CilKG5Q --j7ZwknfKeA4xUTd8TMK3vKab5JJCfjbXOTHZQsYUcEEGSjOMS8/YVQs= -+MIIDUDCCAjigAwIBAgIBADANBgkqhkiG9w0BAQsFADBBMQswCQYDVQQGEwJKUDEO -+MAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDELMAkGA1UEAwwC -+Q0EwHhcNMDkwMTAxMDAwMDAwWhcNNDkxMjMxMjM1OTU5WjBBMQswCQYDVQQGEwJK -+UDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDELMAkGA1UE -+AwwCQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIGSxaHU0qZR2a -+C9Y6XF9UkKwXb1gYj+YPMzbKoJICuEmFlul0FhRAZ5hKH00c2AvETvh4CmhwOdhm -+ZMbVyknpAscaHAO6oYVoCgMFJ7V/lyGUIPP+6i71Lpk0a+DnlspRTk1ASAnWX2R7 -+5d/rPUS/QiX3hMctIuB/ADfGwxZ1dTdq5VbaHHc3PADTH/SdOycI/83PHmB0ZZDC -+WbQSPqB/IkeH/1LzRznRkQIcu4zJIB8A29E6sOC67lUFjxr4Ht1tgxwdGAFEkici -+8SoH/kODCILTK/HssWiz+JQbgSlUAVYSVGa6YOdcJwRNo2Hj+Y+GUwuD6x8diQyD -+ZojIUI3FAgMBAAGjUzBRMB0GA1UdDgQWBBTW24et00X81I1rK5f0z5UItvpipDAf -+BgNVHSMEGDAWgBTW24et00X81I1rK5f0z5UItvpipDAPBgNVHRMBAf8EBTADAQH/ -+MA0GCSqGSIb3DQEBCwUAA4IBAQAGkveaD0DaGn+fDJ4EN02+pB6GZbNKvocToeRr -+O9ZYncr4um3k3d7F46Ls7zItwAYBOtWBWuHk919oZ+rNKJCxnILTTgBRtuvVjeyr -+wxiyi41bY2349UDGxn5ye+2YxV4kua1PW48dU6PXak8HLmq2Y1zcBSKsd6+wcp05 -+b3ecRYut3ui/arWHC1hHrxEanoQlIWhIKrM8WpdUIAO9hzTd2ySmx1DpbIdV8uUz -+nIOPjJ7zOjigkqGnxIkxvTODEd2tu+BHGbtibElYsxMSw9DdAl9vTxMHbap7LEZa -+dFJtExCc9z1dhFu4W6nFrlZLmozi/X9VgMuwLVbXpDzPPLL/ - -----END CERTIFICATE----- -diff --git a/test/rubygems/client.pem b/test/rubygems/client.pem -index 63a52c574a..9824d9cd4a 100644 ---- a/test/rubygems/client.pem -+++ b/test/rubygems/client.pem -@@ -1,49 +1,107 @@ -+Certificate: -+ Data: -+ Version: 3 (0x2) -+ Serial Number: 2 (0x2) -+ Signature Algorithm: sha256WithRSAEncryption -+ Issuer: C=JP, ST=Tokyo, O=RubyGemsTest, CN=CA -+ Validity -+ Not Before: Jan 1 00:00:00 2009 GMT -+ Not After : Dec 31 23:59:59 2049 GMT -+ Subject: C=JP, ST=Tokyo, O=RubyGemsTest, CN=client -+ Subject Public Key Info: -+ Public Key Algorithm: rsaEncryption -+ RSA Public-Key: (2048 bit) -+ Modulus: -+ 00:c7:87:4a:f4:77:32:54:0e:56:0a:80:04:ac:b5: -+ 71:b6:29:9f:c6:aa:f5:9b:3b:75:0a:c2:55:2c:cf: -+ 34:c8:78:b7:38:ed:af:48:7d:7e:6c:4c:39:d8:0f: -+ cf:fc:ba:f5:e0:50:47:a0:76:72:cf:c7:de:91:a6: -+ 1a:99:8b:5f:6f:0c:06:fc:f1:78:6b:0f:c5:bc:91: -+ cc:91:f0:85:05:5d:66:d3:cb:ac:54:a1:bc:9b:6c: -+ e8:17:f2:17:20:b8:b0:b2:03:cc:9d:a6:8e:c0:33: -+ 6c:8b:5f:ef:1a:f6:38:6d:80:3f:4d:b5:e3:a5:a4: -+ f1:86:15:76:62:8b:6c:9d:fa:24:59:32:8f:60:b0: -+ 80:f4:22:a2:68:57:13:aa:60:e4:cd:01:34:87:76: -+ 2a:15:ca:86:9b:b7:aa:b5:66:fd:72:d8:35:86:7e: -+ c8:1d:a1:71:71:85:ac:65:64:c2:ea:19:52:7b:34: -+ 1e:12:c4:87:8f:75:d7:65:35:85:dd:5a:33:5d:2c: -+ 31:f8:2f:b4:84:a7:b6:56:56:2b:e1:9c:c9:c8:f9: -+ 41:18:40:19:d9:bb:d4:3c:0d:c4:93:dc:b8:d1:99: -+ 44:d0:3d:a2:de:de:29:7f:d6:0c:a8:07:df:bc:ed: -+ 66:5b:aa:cc:64:44:b8:79:49:ed:48:77:88:e2:d1: -+ 94:b9 -+ Exponent: 65537 (0x10001) -+ X509v3 extensions: -+ X509v3 Basic Constraints: -+ CA:FALSE -+ Netscape Comment: -+ OpenSSL Generated Certificate -+ X509v3 Subject Key Identifier: -+ EF:5A:B6:46:3A:44:5F:0F:E4:F9:E0:6B:B2:C8:45:8D:07:0D:70:15 -+ X509v3 Authority Key Identifier: -+ keyid:D6:DB:87:AD:D3:45:FC:D4:8D:6B:2B:97:F4:CF:95:08:B6:FA:62:A4 -+ -+ Signature Algorithm: sha256WithRSAEncryption -+ 55:b5:5a:51:cd:0b:2a:81:10:e6:d1:d9:d6:6c:78:99:9b:01: -+ 18:e7:91:32:89:6c:fd:3b:eb:c0:03:82:f8:5c:e2:19:c1:04: -+ 5d:37:10:5b:97:0b:be:76:8b:98:71:d4:63:68:8c:0e:61:c9: -+ ec:3d:cf:ed:01:57:9f:9b:53:07:27:1a:7e:20:f3:8a:13:8c: -+ 4f:30:bd:e6:a0:eb:d7:2c:a1:95:35:3f:a6:53:c9:00:11:f9: -+ f6:b3:9d:53:e4:b5:71:33:f1:dc:86:47:94:6f:a9:64:01:d4: -+ c5:1b:7c:95:0a:02:0e:6f:d1:70:94:5a:5f:7b:ac:77:f7:56: -+ 35:6b:ad:a2:e2:fc:74:91:1e:c3:46:fc:32:01:19:a1:a5:27: -+ f3:31:14:79:86:7c:4d:9a:83:7c:28:03:9f:ac:3c:8c:e4:d9: -+ c8:b0:4e:a3:fe:75:cd:a9:8e:34:57:3b:6b:14:d6:df:35:42: -+ 7b:c9:3d:88:0d:ea:5f:1e:c6:5f:80:0e:a5:b9:bf:25:06:ac: -+ ac:38:7f:cc:f9:a5:9e:68:cc:08:77:1e:de:45:0d:91:e5:38: -+ d2:b3:62:ea:03:ec:3c:18:9f:16:ec:43:21:30:7a:a7:8b:42: -+ c6:cb:e4:a8:ac:0b:15:82:a5:9c:93:b2:2c:20:1f:d2:de:e1: -+ cf:c0:74:bc - -----BEGIN CERTIFICATE----- --MIIDgTCCAmmgAwIBAgICEAIwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQVUx --EzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMg --UHR5IEx0ZDAeFw0xMzA1MDExNTAxMzFaFw0yMzAzMTAxNTAxMzFaMEUxCzAJBgNV --BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX --aWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw --+lcrpdWcloQCgAlxcM3GjvBxZ3yjzi6SgXKRBSi54i0J1LXxznWKcJ5P/O1+j+7i --LjHK+OWqsa0+EbKTwSu+0tx20h0z++YJF9GWEoCwT5aH1kor/0+EQLgYnxBaF8GC --2xAbkRkWmbSu2aLDIey3lg7lqAazYqdS2wH0UjSDjFKDLxz9LwpfFm0yGL3DgwLW --+dobYkgt1A6F/8Pz6D2FjwYKcM8JE6w7KJSJDUvXcv2E18wmhZ/qF/MtFAF4coB1 --f5ALnz8YqY6eyDF5aY/VfaHZvXdirLlMH6/miie9GBVMnJWF0ah5ssbsMvcpmnDJ --qkiYju2e1oLFEE7zztU/AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgEN --BB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTcOELj --hSUdiLrdRF3CFZDZkWaGzDAfBgNVHSMEGDAWgBS7B027H/ZIkW3ngm1SrR0X/aTC --wDANBgkqhkiG9w0BAQUFAAOCAQEAlQMzHlnT6L1qqA4hL6tABPbiMsVwXyKCcfNB --zBn82Wkxgbg7Mp31fbR6/qvGeXOtaX6IdPdgtVf8nh1NURk0MmFBP+gfnwfNBD+m --Q1cldDt9kY2LGIrPii40xbugF1/xqEYcZMgXU08aEvQ2IHX46J8wZoqMa2KhrU8/ --mzY0F+UEFOGWtKDgUzz3dyBPsdzVrX+SXULwH0lqZX8Nsw5LyfrlVt3xQvS5Ogm4 --kYlt8kqhF8lUS3WTbuADrIs3NaDPRWSs1iLRRFgosgUtHN7tkrkrVaHeBo0KbAJG --mMqtxSY0XZI9WBxffP9UtoY3EiTWNVWLtuCN3OSvryP6NDe4BA== -+MIIDfDCCAmSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBBMQswCQYDVQQGEwJKUDEO -+MAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDELMAkGA1UEAwwC -+Q0EwHhcNMDkwMTAxMDAwMDAwWhcNNDkxMjMxMjM1OTU5WjBFMQswCQYDVQQGEwJK -+UDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDEPMA0GA1UE -+AwwGY2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4dK9Hcy -+VA5WCoAErLVxtimfxqr1mzt1CsJVLM80yHi3OO2vSH1+bEw52A/P/Lr14FBHoHZy -+z8fekaYamYtfbwwG/PF4aw/FvJHMkfCFBV1m08usVKG8m2zoF/IXILiwsgPMnaaO -+wDNsi1/vGvY4bYA/TbXjpaTxhhV2YotsnfokWTKPYLCA9CKiaFcTqmDkzQE0h3Yq -+FcqGm7eqtWb9ctg1hn7IHaFxcYWsZWTC6hlSezQeEsSHj3XXZTWF3VozXSwx+C+0 -+hKe2VlYr4ZzJyPlBGEAZ2bvUPA3Ek9y40ZlE0D2i3t4pf9YMqAffvO1mW6rMZES4 -+eUntSHeI4tGUuQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1P -+cGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU71q2RjpEXw/k -++eBrsshFjQcNcBUwHwYDVR0jBBgwFoAU1tuHrdNF/NSNayuX9M+VCLb6YqQwDQYJ -+KoZIhvcNAQELBQADggEBAFW1WlHNCyqBEObR2dZseJmbARjnkTKJbP0768ADgvhc -+4hnBBF03EFuXC752i5hx1GNojA5hyew9z+0BV5+bUwcnGn4g84oTjE8wveag69cs -+oZU1P6ZTyQAR+faznVPktXEz8dyGR5RvqWQB1MUbfJUKAg5v0XCUWl97rHf3VjVr -+raLi/HSRHsNG/DIBGaGlJ/MxFHmGfE2ag3woA5+sPIzk2ciwTqP+dc2pjjRXO2sU -+1t81QnvJPYgN6l8exl+ADqW5vyUGrKw4f8z5pZ5ozAh3Ht5FDZHlONKzYuoD7DwY -+nxbsQyEweqeLQsbL5KisCxWCpZyTsiwgH9Le4c/AdLw= - -----END CERTIFICATE----- -- - -----BEGIN RSA PRIVATE KEY----- --MIIEowIBAAKCAQEAsPpXK6XVnJaEAoAJcXDNxo7wcWd8o84ukoFykQUoueItCdS1 --8c51inCeT/ztfo/u4i4xyvjlqrGtPhGyk8ErvtLcdtIdM/vmCRfRlhKAsE+Wh9ZK --K/9PhEC4GJ8QWhfBgtsQG5EZFpm0rtmiwyHst5YO5agGs2KnUtsB9FI0g4xSgy8c --/S8KXxZtMhi9w4MC1vnaG2JILdQOhf/D8+g9hY8GCnDPCROsOyiUiQ1L13L9hNfM --JoWf6hfzLRQBeHKAdX+QC58/GKmOnsgxeWmP1X2h2b13Yqy5TB+v5oonvRgVTJyV --hdGoebLG7DL3KZpwyapImI7tntaCxRBO887VPwIDAQABAoIBAFOpdG3gzlNg3/Ti --nBQxdEVqKwYhGs3A2UlOwl8F5lPBNPNRx9UQeYZBaMV9VrQezJnFpqpB8Sg5KCGQ --ci/hAJIL0kalW0LI0Nz5ko10H7u5U/rQ9W1JG0j041JYV32Pf14husKdXBPQA5co --sQW30tSSrmYogUpp15mWiJz8A3EvqiCTlQv5JwwMFGnjVl8+HNfuLghK/vqY/Eb9 --YmwTKxPFejqN7E0Mud2ylNiuPTSLwBy8UvV9uxOlDc6lMyZjVRO0woiEzrjw5dKF --yf5tUkICRcPkekcx+XtpGrCMlRLl770bZBZX+YNmbYXVWhFp09cNR+U0KZqPNcDp --jg73vXECgYEA3huOKzfHGt3qUdMlEHd1FvQhW9fYIrmUSnuVYQJOnY8lFfKfmrOH --gpwOIHDNiVHYlhAJaNocCLYx4hWHgZXarY7NKxmlY2+Vp8mcCIf2Cw3Kr/sFklUJ --KpiRxqEPGR7U4C/E31kkH/C+w7m9Zh3ndhltU2Pki9/Eq0lk8YClMMkCgYEAy/vU --jxzviIk8bll5uCIuXJyCfao7ywaZABbL6a20kdVGKrHj57O/OJ2WZVwBihhB7OS+ --QsKC/J8LrUJkobOFtQvQ8O23uep5rB6kqCkXsXCG4SCl2L5xZySBp/qhiqbuMwvp --EAWPSIA6UNoR0J2rDYVmq6jtY526wQf5ivE8IccCgYEAphfzJAyNH2FOZixArmS2 --shiUjasG3UjsRRrP5YClK5wtPpF2m2if8KMkyUux2HvVPLr3XmqkxjsBaLFy6QwY --QOvmL9H45Tg/sP7KaXLLIw8IQLu2OezPcwQvF1u//6gXxyLR1bhClIQjFBjlMuUv --/xgasl6kPZlz6Cd1jkgGwEkCgYAI1IT2EQWZfn9cM4leXDRvk+LeN8FQ35897r6z --Be78JSRdcsfv3ssXU1MQXjQ+2x/3dkt6LltnPidOP8KFcXUHSlSoKVI7vRe5SLZO --BUFeUAW2tygWwt+73Eu0jtfxXZqQISLcq7DxLYPYvifpRPoDotO3+J8WIdzUwFig --GCNHPwKBgHqXOyRef7ykVUCptMf61/BvNU8NP1f9PkKQBMYQZC39UwqEQ675QBUh --hSG9t/kyc44zUVmBeKIlWHVyLQ83Dv+ennz/D9t7tstet0VMKvALNdiVT0sjFKN7 --1VINygCeFkqrlTXlOwFcRSo1gHn3/JIrhSgRuYKHSf0GZOcN6d9l -+MIIEogIBAAKCAQEAx4dK9HcyVA5WCoAErLVxtimfxqr1mzt1CsJVLM80yHi3OO2v -+SH1+bEw52A/P/Lr14FBHoHZyz8fekaYamYtfbwwG/PF4aw/FvJHMkfCFBV1m08us -+VKG8m2zoF/IXILiwsgPMnaaOwDNsi1/vGvY4bYA/TbXjpaTxhhV2YotsnfokWTKP -+YLCA9CKiaFcTqmDkzQE0h3YqFcqGm7eqtWb9ctg1hn7IHaFxcYWsZWTC6hlSezQe -+EsSHj3XXZTWF3VozXSwx+C+0hKe2VlYr4ZzJyPlBGEAZ2bvUPA3Ek9y40ZlE0D2i -+3t4pf9YMqAffvO1mW6rMZES4eUntSHeI4tGUuQIDAQABAoIBAHbfhuuQ3D4x8Fb/ -+IEnZK+8Qa22MSxl52ehYETDKHjNVoCtdiDGS+rAA1fGAsjRrGrPSgGn8R7i85kA2 -+CuDxpSDetIccQdbfJbqLzqof9tBUbj++t2QQm/KpdrlVdSv8fOEB3HUMVz3xJTkA -+Jc8VZFbwskZVGFSGqZJt1QMu975By8mrNBiQ92dpWUwH6bcJ2rL+GgpW8LkosAtW -++bqAH86je2utErCStHTBMq459JIcef+dZxQ1iNALny+Q54MIsFbh21TbUf+mPsBK -+B5Pe+RnlEw9uFmFH0gQybmZBIB/IDnsDj/+L0gRrSp6nYaQBD2Gw2jPJQL0PEu0s -+nS1B4tECgYEA+E1z73eA35jBvDg/CI4mcL/f17xRCW9YsaeXTqEDMSi27b5OSgdP -+0ETl3xreVgKGeDHygyaaJ6MR7uoPRPJhZR1ifrhWKoyPLuD55rwGIvKIbAWXVj7/ -+AvcY+qligVcK2dTJjczh6Tv8/XVYEPrfg4QdDlg9rodAlNJGofaX0WUCgYEAzbbD -+8Yw/KbX1bSN6TtHoAAIVd/y2a4TEgHxOOOM5LAQ98fgP4L7njse8CBFUCH9RXYIS -+lWyT7aHxykK/32wsd/6CfP1IlNcOSrBe5nA0b1m9piT6K9nZd7NMv1DpznaZ/roO -+6jPxXrtQAgAC4jPCehH23t8SqP+abBIWvTlZisUCgYB4Jvqf+UL6b+/nxYvy9t5x -+FtgZi/3mw+O2a/OSz+U8h4gleT5nIiykCoL1uAm4sxYg2YKRpj9YSNentclXwrYQ -+eOyth0Pi6QtsUt96oKeTh6suInJ+AJPj+nAy835AOj988zPpEyiKdUXR3FOWO9+m -+w2pQA7EtYDOHEE2vmCUU5QKBgCSP10OXKaLANF6xb4uSwyk9NZOd1s5FSqeLcFus -+Bv1Lw7a94BSR2ZYG6eSFL+pStqNn+uWT5rbVkaPhOTj8gOrS0V5lpgDOODwOHM/Y -+IXmo+YwOBmjEz2H2/C0EtIl9iuE7MGtvz/aGVDIGznxltqr7hmUWQLrIsymCDYiU -+KNYBAoGAeZd1hDEK3dmzNAzNUWaIVWg2yq+B1RF7k1yzk7XcAc13vGEyZc2gILji -+y+0IMS60/uKVZ7zYBvxuaDJImi1woEzAVSM2LUo2vHgFClrhHCF+tGKVEa1hbhhO -+ScifJC8f/HoKI+Ddn0hrFF0ndBJ7g4mB9sm7RBHfm+1steGCV3Q= - -----END RSA PRIVATE KEY----- -diff --git a/test/rubygems/ssl_cert.pem b/test/rubygems/ssl_cert.pem -index 998ccc5892..b99938e15b 100644 ---- a/test/rubygems/ssl_cert.pem -+++ b/test/rubygems/ssl_cert.pem -@@ -1,19 +1,80 @@ -+Certificate: -+ Data: -+ Version: 3 (0x2) -+ Serial Number: 1 (0x1) -+ Signature Algorithm: sha256WithRSAEncryption -+ Issuer: C=JP, ST=Tokyo, O=RubyGemsTest, CN=CA -+ Validity -+ Not Before: Jan 1 00:00:00 2009 GMT -+ Not After : Dec 31 23:59:59 2049 GMT -+ Subject: C=JP, ST=Tokyo, O=RubyGemsTest, CN=localhost -+ Subject Public Key Info: -+ Public Key Algorithm: rsaEncryption -+ RSA Public-Key: (2048 bit) -+ Modulus: -+ 00:c1:9b:13:e1:65:2a:87:a9:3c:84:2e:c3:21:e1: -+ 63:a2:8c:7c:6e:63:9a:ac:3e:45:f5:fa:37:08:aa: -+ c0:a7:6b:ff:42:27:1a:66:13:b9:ad:ca:d0:35:62: -+ 52:00:56:56:71:cd:dc:74:04:fe:2a:a6:7d:00:61: -+ e2:b8:9a:0f:d1:2c:56:b7:50:c4:23:f1:52:68:f3: -+ fd:cf:6c:6b:86:93:91:f0:d8:7a:67:d8:55:fc:0d: -+ d1:30:f8:aa:a4:79:f2:17:ca:11:b3:8c:e5:01:34: -+ ad:21:bc:a8:4d:ea:18:bc:13:9c:0a:94:bf:fb:46: -+ cf:29:d2:52:03:e4:97:4e:92:ae:b7:9d:b0:d9:19: -+ 49:5f:7a:5b:20:80:87:05:db:f4:73:df:04:69:12: -+ e8:14:1e:d2:c8:dd:d0:d3:81:72:04:f5:34:d7:9c: -+ 61:b5:b6:d3:4b:61:ee:a9:04:36:60:79:c8:77:74: -+ 24:70:89:a8:16:f8:6e:21:51:e9:30:61:fb:21:f6: -+ b3:6b:c1:b1:09:fa:26:ed:9f:3d:d2:2a:b6:34:d9: -+ b8:e8:46:d7:08:c3:3c:5d:0e:96:7a:e5:a1:ff:0a: -+ e2:36:bc:b4:06:3e:32:5a:9e:a5:4b:38:9e:0a:cc: -+ 08:3a:9f:07:4e:74:d0:16:4b:0f:51:e4:d5:24:f3: -+ 76:5d -+ Exponent: 65537 (0x10001) -+ X509v3 extensions: -+ X509v3 Basic Constraints: -+ CA:FALSE -+ Netscape Comment: -+ OpenSSL Generated Certificate -+ X509v3 Subject Key Identifier: -+ 1E:0A:57:4F:0E:BC:B5:26:26:B9:01:80:E8:9A:25:98:4A:C0:D6:05 -+ X509v3 Authority Key Identifier: -+ keyid:D6:DB:87:AD:D3:45:FC:D4:8D:6B:2B:97:F4:CF:95:08:B6:FA:62:A4 -+ -+ Signature Algorithm: sha256WithRSAEncryption -+ 85:13:fa:00:1d:65:c4:f3:82:12:94:67:e3:34:a1:ac:0c:7b: -+ f1:2c:e7:20:db:ea:b8:d1:54:52:3e:34:00:bf:d3:1f:04:be: -+ df:c3:7d:96:20:b6:e5:cf:d3:67:b4:27:95:57:41:e9:51:9e: -+ 90:88:a9:0e:97:4f:37:42:35:21:b5:e3:6e:82:c9:4c:66:1c: -+ 61:df:84:28:00:6a:93:d4:dd:25:96:18:55:89:cc:3d:70:a5: -+ 50:a4:e0:b9:db:c1:8e:aa:b1:aa:cc:89:dc:c1:1d:2d:c8:49: -+ ad:5b:96:eb:62:57:2e:0e:c0:5d:de:0a:86:27:b9:3c:92:bd: -+ 2d:db:0a:3c:ed:ef:1a:cf:0e:33:c9:61:a2:44:c1:ad:53:e6: -+ ca:28:ee:4c:19:6f:dd:75:a2:cc:d8:9a:36:e7:8c:64:35:da: -+ 1b:cb:9b:31:53:ca:a0:7b:d8:ac:ff:ee:a3:e8:9b:32:8f:5d: -+ 0d:ce:0c:eb:b5:ed:82:d6:70:0e:c3:ca:9e:8b:e4:c1:fc:c0: -+ 1e:ed:81:7e:5a:0a:a7:34:26:f7:0e:28:a0:7b:ba:21:42:14: -+ 84:48:12:df:e8:9e:21:91:fc:c8:c0:f5:f8:6a:9f:c7:27:d4: -+ 73:c5:9d:1a:5c:c8:62:24:71:d5:ae:4c:f2:c4:ad:14:c3:6d: -+ db:d6:56:bb - -----BEGIN CERTIFICATE----- --MIIC/zCCAeegAwIBAgIBATANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQGDAJKUDES --MBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxDjAMBgNVBAMMBVN1YkNB --MB4XDTA0MDEzMTAzMTMxNloXDTMzMDEyMzAzMTMxNlowQzELMAkGA1UEBgwCSlAx --EjAQBgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMRIwEAYDVQQDDAlsb2Nh --bGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANFJTxWqup3nV9dsJAku --p+WaXnPNIzcpAA3qMGZDJTJsfa8Du7ZxTP0XJK5mETttBrn711cJxAuP3KjqnW9S --vtZ9lY2sXJ6Zj62sN5LwG3VVe25dI28yR1EsbHjJ5Zjf9tmggMC6am52dxuHbt5/ --vHo4ngJuKE/U+eeGRivMn6gFAgMBAAGjgYUwgYIwDAYDVR0TAQH/BAIwADAxBglg --hkgBhvhCAQ0EJBYiUnVieS9PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd --BgNVHQ4EFgQUpZIyygD9JxFYHHOTEuWOLbCKfckwCwYDVR0PBAQDAgWgMBMGA1Ud --JQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4IBAQBwAIj5SaBHaA5X31IP --CFCJiep96awfp7RANO0cuUj+ZpGoFn9d6FXY0g+Eg5wAkCNIzZU5NHN9xsdOpnUo --zIBbyTfQEPrge1CMWMvL6uGaoEXytq84VTitF/xBTky4KtTn6+es4/e7jrrzeUXQ --RC46gkHObmDT91RkOEGjHLyld2328jo3DIN/VTHIryDeVHDWjY5dENwpwdkhhm60 --DR9IrNBbXWEe9emtguNXeN0iu1ux0lG1Hc6pWGQxMlRKNvGh0yZB9u5EVe38tOV0 --jQaoNyL7qzcQoXD3Dmbi1p0iRmg/+HngISsz8K7k7MBNVsSclztwgCzTZOBiVtkM --rRlQ -+MIIDfzCCAmegAwIBAgIBATANBgkqhkiG9w0BAQsFADBBMQswCQYDVQQGEwJKUDEO -+MAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDELMAkGA1UEAwwC -+Q0EwHhcNMDkwMTAxMDAwMDAwWhcNNDkxMjMxMjM1OTU5WjBIMQswCQYDVQQGEwJK -+UDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAoMDFJ1YnlHZW1zVGVzdDESMBAGA1UE -+AwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZsT -+4WUqh6k8hC7DIeFjoox8bmOarD5F9fo3CKrAp2v/QicaZhO5rcrQNWJSAFZWcc3c -+dAT+KqZ9AGHiuJoP0SxWt1DEI/FSaPP9z2xrhpOR8Nh6Z9hV/A3RMPiqpHnyF8oR -+s4zlATStIbyoTeoYvBOcCpS/+0bPKdJSA+SXTpKut52w2RlJX3pbIICHBdv0c98E -+aRLoFB7SyN3Q04FyBPU015xhtbbTS2HuqQQ2YHnId3QkcImoFvhuIVHpMGH7Ifaz -+a8GxCfom7Z890iq2NNm46EbXCMM8XQ6WeuWh/wriNry0Bj4yWp6lSzieCswIOp8H -+TnTQFksPUeTVJPN2XQIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQf -+Fh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUHgpXTw68 -+tSYmuQGA6JolmErA1gUwHwYDVR0jBBgwFoAU1tuHrdNF/NSNayuX9M+VCLb6YqQw -+DQYJKoZIhvcNAQELBQADggEBAIUT+gAdZcTzghKUZ+M0oawMe/Es5yDb6rjRVFI+ -+NAC/0x8Evt/DfZYgtuXP02e0J5VXQelRnpCIqQ6XTzdCNSG1426CyUxmHGHfhCgA -+apPU3SWWGFWJzD1wpVCk4LnbwY6qsarMidzBHS3ISa1blutiVy4OwF3eCoYnuTyS -+vS3bCjzt7xrPDjPJYaJEwa1T5soo7kwZb911oszYmjbnjGQ12hvLmzFTyqB72Kz/ -+7qPomzKPXQ3ODOu17YLWcA7Dyp6L5MH8wB7tgX5aCqc0JvcOKKB7uiFCFIRIEt/o -+niGR/MjA9fhqn8cn1HPFnRpcyGIkcdWuTPLErRTDbdvWVrs= - -----END CERTIFICATE----- -diff --git a/test/rubygems/ssl_key.pem b/test/rubygems/ssl_key.pem -index 9ba2218a03..4883043b77 100644 ---- a/test/rubygems/ssl_key.pem -+++ b/test/rubygems/ssl_key.pem -@@ -1,15 +1,27 @@ - -----BEGIN RSA PRIVATE KEY----- --MIICXQIBAAKBgQDRSU8Vqrqd51fXbCQJLqflml5zzSM3KQAN6jBmQyUybH2vA7u2 --cUz9FySuZhE7bQa5+9dXCcQLj9yo6p1vUr7WfZWNrFyemY+trDeS8Bt1VXtuXSNv --MkdRLGx4yeWY3/bZoIDAumpudncbh27ef7x6OJ4CbihP1PnnhkYrzJ+oBQIDAQAB --AoGBAIf4CstW2ltQO7+XYGoex7Hh8s9lTSW/G2vu5Hbr1LTHy3fzAvdq8MvVR12O --rk9fa+lU9vhzPc0NMB0GIDZ9GcHuhW5hD1Wg9OSCbTOkZDoH3CAFqonjh4Qfwv5W --IPAFn9KHukdqGXkwEMdErsUaPTy9A1V/aROVEaAY+HJgq/eZAkEA/BP1QMV04WEZ --Oynzz7/lLizJGGxp2AOvEVtqMoycA/Qk+zdKP8ufE0wbmCE3Qd6GoynavsHb6aGK --gQobb8zDZwJBANSK6MrXlrZTtEaeZuyOB4mAmRzGzOUVkUyULUjEx2GDT93ujAma --qm/2d3E+wXAkNSeRpjUmlQXy/2oSqnGvYbMCQQDRM+cYyEcGPUVpWpnj0shrF/QU --9vSot/X1G775EMTyaw6+BtbyNxVgOIu2J+rqGbn3c+b85XqTXOPL0A2RLYkFAkAm --syhSDtE9X55aoWsCNZY/vi+i4rvaFoQ/WleogVQAeGVpdo7/DK9t9YWoFBIqth0L --mGSYFu9ZhvZkvQNV8eYrAkBJ+rOIaLDsmbrgkeDruH+B/9yrm4McDtQ/rgnOGYnH --LjLpLLOrgUxqpzLWe++EwSLwK2//dHO+SPsQJ4xsyQJy -+MIIEpAIBAAKCAQEAwZsT4WUqh6k8hC7DIeFjoox8bmOarD5F9fo3CKrAp2v/Qica -+ZhO5rcrQNWJSAFZWcc3cdAT+KqZ9AGHiuJoP0SxWt1DEI/FSaPP9z2xrhpOR8Nh6 -+Z9hV/A3RMPiqpHnyF8oRs4zlATStIbyoTeoYvBOcCpS/+0bPKdJSA+SXTpKut52w -+2RlJX3pbIICHBdv0c98EaRLoFB7SyN3Q04FyBPU015xhtbbTS2HuqQQ2YHnId3Qk -+cImoFvhuIVHpMGH7Ifaza8GxCfom7Z890iq2NNm46EbXCMM8XQ6WeuWh/wriNry0 -+Bj4yWp6lSzieCswIOp8HTnTQFksPUeTVJPN2XQIDAQABAoIBAG0KWZ0VrGlxsKrF -+55L6bXJMa3yEzsV54U9TmJFiElV5Ju/sNBsPuwEd/DxE3uhfuBoqlqIleb0tvbNs -+bhQIeSYXMdPXQlD4BrEj0mxzpO/Lx2N9mRtJpcvrQEmzk/BE2kv5vBSDIyuVrnkU -+1zniwgGTjcwL0UDFtcHZOeYFZg6S5Co7vbwBItIAcZKdZUXTHj7gt5j1uGD9a0FL -+fOFYiysrr9Nh8lVJgTv5W/gdYxE4vmyG6nfIUIPSyZwTgzItk4RZU3ygGTA1bP3D -+O0U3bW4avXKtJTdLUpy7MHT5edErZ0UX7LKYByfvinGMH9FpsBcp2XAcBKZmZwrG -+e00XR+UCgYEA+g3Gj2GUwGz/LUmPUb2fT7vqbuoOJpNQUxsx1csbX6NetH7eJU4y -+P/iZKSmAeVbf+RdfySf4/Z1brrwtKz700FMY7CYhfXiHH3vL+TCZgLq/wuU/hJYQ -+YHV5P1/71YQg3ArCP4ukkoJH4Zm8ACN5MUx8YbRrwvdVYycf9nwVGWcCgYEAxjWr -+b8kTCPhzbZIJiDWq5fDlnt5PwU+bXGDQMK5LnagxfcQg7LLlJm5c7+fxBX1Q0n6U -+dtAdswaTiL5VotV9zQhF/Kmehjl7GAMxpcSfMYpwxSQEY5jDswTVCRej4B4GLDQD -+7jO6Ih+o6fvxhxh6yP9kO5IMn/ATGqnxipwsI5sCgYB+pIt0As/7xThYD3FuzMLq -+9xl8oz4Xe3SrIpLS3NM4VN2aPMb1zezVSWsI1eQjkERPO+9fScdpa1EL5nJZ/MCw -+4eU1dPpxOaH16BUeV+bms657XvAUjowszlJiLpK1SP37c9d9p5PqP+F3+QymZVD0 -+DvDP6zjIvcuZNC+T/rQQ8QKBgQCUzZwMCye4N1Xo75cqZCgOAqFQeNPla89WNfR2 -+Z5OrI6csJP8W1GNGS9qH3VhL572ymYb5/9ocGhbOtR3zZlXQhKKOQgUZ/bNU3qj6 -+KzfcaHOq/RQydXCOSFVrQw0rZz75Fn/Q55KYpa4ZI6U65/zeQyXLtyS1OfYNsYH9 -+rqtQewKBgQDCXBOUc/wSzc77EFC6A3j4nETS1D4WLpz/sKljTDRES7zsIGqgur7N -+P0Lbijz3HiW8RCS4Kt0VPXApsXEa6D8aYordzk2rp3Uk1pdWhcMoOr4FaXyRYgl7 -++XYlxe0kzAFY7ZR6M0p9cXjh9XZ1Is15xJQg3q0/ru/J3QS0BTSrFg== - -----END RSA PRIVATE KEY----- -diff --git a/test/rubygems/test_gem_security_policy.rb b/test/rubygems/test_gem_security_policy.rb -index 4108551dca..170e296a10 100644 ---- a/test/rubygems/test_gem_security_policy.rb -+++ b/test/rubygems/test_gem_security_policy.rb -@@ -293,7 +293,7 @@ def test_check_trust_no_trust_child - - def test_subject - assert_equal 'email:nobody@example', @no.subject(PUBLIC_CERT) -- assert_equal '/C=JP/O=JIN.GR.JP/OU=RRR/CN=CA', @no.subject(CA_CERT) -+ assert_equal '/C=JP/ST=Tokyo/O=RubyGemsTest/CN=CA', @no.subject(CA_CERT) - end - - def test_verify --- -2.26.2 - diff --git a/ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch b/ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch index e108270..9bebebd 100644 --- a/ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch +++ b/ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch @@ -11,24 +11,15 @@ diff --git a/lib/rdoc/generator/template/json_index/js/navigation.js b/lib/rdoc/ index e4126812..43c5118a 100644 --- a/lib/rdoc/generator/template/json_index/js/navigation.js +++ b/lib/rdoc/generator/template/json_index/js/navigation.js -@@ -59,9 +59,8 @@ Navigation = new function() { +@@ -41,9 +41,8 @@ Navigation = new function() { } break; case 13: //Event.KEY_RETURN: -- if (this.$current) +- if (this.current) - e.preventDefault(); -- this.select(this.$current); -+ if (this.$current) e.preventDefault(); -+ this.select(this.$current); +- this.select(this.current); ++ if (this.current) e.preventDefault(); ++ this.select(this.current); break; } - if (e.ctrlKey && e.shiftKey) this.select(this.$current); -@@ -80,7 +79,7 @@ Navigation = new function() { - var go = function() { - if (!_this.moveTimeout) return; - _this[isDown ? 'moveDown' : 'moveUp'](); -- _this.moveTimout = setTimeout(go, 100); -+ _this.moveTimeout = setTimeout(go, 100); - } - this.moveTimeout = setTimeout(go, 200); - } + if (e.ctrlKey && e.shiftKey) this.select(this.current); diff --git a/ruby.spec b/ruby.spec index c0b8dcc..1c193ae 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %global major_version 2 %global minor_version 5 -%global teeny_version 5 +%global teeny_version 8 %global major_minor_version %{major_version}.%{minor_version} %global ruby_version %{major_minor_version}.%{teeny_version} @@ -21,7 +21,7 @@ %endif -%global release 106 +%global release 107 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} # The RubyGems library has to stay out of Ruby directory tree, since the @@ -45,8 +45,8 @@ %global openssl_version 2.1.2 %global power_assert_version 1.1.1 %global psych_version 3.0.2 -%global rake_version 12.3.0 -%global rdoc_version 6.0.1 +%global rake_version 12.3.3 +%global rdoc_version 6.0.1.1 %global test_unit_version 3.2.7 %global xmlrpc_version 0.3.0 @@ -180,9 +180,6 @@ Patch45: ruby-2.6.0-use-larger-keys-for-SSL-webrick-tests.patch # Use larger keys for drb test failures. # https://github.com/ruby/ruby/commit/fb0009cfdc203247f808f4dcd72c7baf272172ce Patch46: ruby-2.6.0-use-larger-keys-for-SSL-drb-tests.patch -# Regenerate certificates with larger keys for rubygems tests. -# https://github.com/ruby/ruby/commit/2b97b8e09028be1d03ed03980f2ad34db6349b9f -Patch47: ruby-2.5.6-rubygems-regenerate-certificates-for-tests.patch Requires: %{name}-libs%{?_isa} = %{version}-%{release} Suggests: rubypick @@ -580,7 +577,6 @@ rm -rf ext/fiddle/libffi* %patch44 -p1 %patch45 -p1 %patch46 -p1 -%patch47 -p1 # Provide an example of usage of the tapset: cp -a %{SOURCE3} . @@ -1135,6 +1131,9 @@ MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" %{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec %changelog +* Mon Oct 26 2020 Jun Aruga - 2.5.8-107 +- Update to Ruby 2.5.8. + * Wed Oct 14 2020 Jun Aruga - 2.5.5-106 - Fix checksec 2.0+ compatibility. - Fix FTBFS due to glibc 2.31.9000 implementing lchmod(2). diff --git a/sources b/sources index e2dbc39..7893c82 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (ruby-2.5.5.tar.xz) = 06b1d58536ebfacb7b56c1e6ed4b8ab816fadc4f48c845a452554cd262e7908199a30e5793f3cbaec2db56a8803aa5c6089abf7bf06c8fc47867e97870b7dfec +SHA512 (ruby-2.5.8.tar.xz) = 2886be764a454425c5beef2777c64a70ee0d048b07896b327633d904f5077fea4299526689f9e2ac4dcd2fc4811cf9a6c8ce75367ed35d29dfe1a54222872e0d From 320f5c7666b25adcb362321f724f23b8fdc8a3f9 Mon Sep 17 00:00:00 2001 From: Jun Aruga Date: Wed, 5 May 2021 13:30:43 +0200 Subject: [PATCH 19/19] Fix FTBFS due to an incompatible load. The FTBFS has started to happen with rpm-4.16.90-0.git15395.2.fc35. root.log ``` DEBUG util.py:444: error: line 116: Unknown tag: /chroot_tmpdir/srpm_unpacked/SOURCES/macros.ruby ``` As the `%{?load:...}` is undocumented, it is gone. https://github.com/rpm-software-management/rpm/issues/1669 --- ruby.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/ruby.spec b/ruby.spec index 1c193ae..955a099 100644 --- a/ruby.spec +++ b/ruby.spec @@ -21,7 +21,7 @@ %endif -%global release 107 +%global release 108 %{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} # The RubyGems library has to stay out of Ruby directory tree, since the @@ -106,8 +106,8 @@ Source14: test_systemtap.rb # The load directive is supported since RPM 4.12, i.e. F21+. The build process # fails on older Fedoras. -%{?load:%{SOURCE4}} -%{?load:%{SOURCE5}} +%{load:%{SOURCE4}} +%{load:%{SOURCE5}} # Fix ruby_version abuse. # https://bugs.ruby-lang.org/issues/11002 @@ -1131,6 +1131,9 @@ MSPECOPTS="$MSPECOPTS -P 'File.lchmod raises a NotImplementedError when called'" %{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec %changelog +* Wed Jul 07 2021 Jun Aruga - 2.5.8-108 +- Fix FTBFS due to incompatible load directive. + * Mon Oct 26 2020 Jun Aruga - 2.5.8-107 - Update to Ruby 2.5.8.