.dotnet7.0.metadata

@@ -1 +0,0 @@
-c2015d0972371ab8995d18246d1f5b76299f3be3 SOURCES/dotnet-v7.0.103.tar.gz

.gitignore

@@ -1 +1,26 @@
-SOURCES/dotnet-v7.0.103.tar.gz
+/dotnet-arm64-prebuilts-2022-08-17.tar.gz
+/dotnet-fd587269d0a1fa669d547f3a2e74f5d9353b6dcf-x64-bootstrap.tar.xz
+/dotnet-s390x-prebuilts-2021-10-29.tar.gz
+/dotnet-arm64-prebuilts-2022-09-17.tar.gz
+/dotnet-s390x-prebuilts-2022-08-24.tar.gz
+/dotnet-v7.0.100-rc.1.22431.12-x64-bootstrap.tar.xz
+/dotnet-v7.0.101.tar.gz
+/dotnet-v7.0.102.tar.gz
+/dotnet-v7.0.103.tar.gz
+/dotnet-v7.0.104.tar.gz
+/dotnet-v7.0.108.tar.gz
+/dotnet-v7.0.109.tar.gz
+/dotnet-v7.0.110.tar.gz
+/dotnet-v7.0.110-x64-bootstrap.tar.xz
+/dotnet-prebuilts-7.0.109-arm64.tar.gz
+/dotnet-prebuilts-7.0.109-ppc64le.tar.gz
+/dotnet-prebuilts-7.0.109-s390x.tar.gz
+/dotnet-v7.0.111.tar.gz
+/dotnet-v7.0.112.tar.gz
+/dotnet-v7.0.113.tar.gz
+/dotnet-v7.0.114.tar.gz
+/dotnet-v7.0.115.tar.gz
+/dotnet-v7.0.116.tar.gz
+/dotnet-v7.0.117.tar.gz
+/dotnet-v7.0.118.tar.gz
+/dotnet-v7.0.119.tar.gz

build-arm64-bootstrap-tarball

@@ -0,0 +1,66 @@
+#!/bin/bash
+
+set -euo pipefail
+
+set -x
+
+function parse-nuget-name-version-from-file() {
+    package=$1
+    filename=${package##*/}
+
+    version_suffix=$(echo "$filename" | grep -Eo '\.[[:digit:]]+.*\.nupkg')
+    version=$(echo "$version_suffix" | sed -Ee 's/^\.//' -e 's/\.nupkg$//')
+    name=${filename:0:(${#filename}-${#version_suffix})}
+
+    echo "$name" "$version"
+}
+
+bootstrap_dir=$(readlink -f "$1")
+
+sdk_version=${2:-$(jq -r  '.tools.dotnet' "$bootstrap_dir"/global.json)}
+
+mkdir -p "dotnet-prebuilts-${sdk_version}-arm64"
+
+pushd "dotnet-prebuilts-${sdk_version}-arm64"
+
+# Binaries can be at one of several different URLs:
+wget "https://dotnetcli.azureedge.net/dotnet/Sdk/${sdk_version}/dotnet-sdk-${sdk_version}-linux-arm64.tar.gz"
+#wget "https://dotnetbuilds.azureedge.net/public/Sdk/$version/dotnet-sdk-${sdk_version}-linux-arm64.tar.gz"
+
+for archive in "$bootstrap_dir"/packages/archive/*.tar.gz; do
+    mapfile -t linux_x64_packages < <(tar tf "$archive" | grep linux-x64)
+
+    for package in "${linux_x64_packages[@]}"; do
+        if [[ "$package" = *'.Intermediate.'* ]]; then
+            continue;
+        fi
+
+        read -r name version < <(parse-nuget-name-version-from-file "$package")
+
+        arm_name=${name/linux-x64/linux-arm64}
+
+        # https://gist.github.com/omajid/c04b6025de49d0b7b18ab4a7e789484e
+        nappo download --verbose "$arm_name" "$version"
+
+    done
+done
+
+# For arm64, we have forced a newer 7.0 SDK, which needs newer bits
+#nappo download microsoft.windowsdesktop.app.ref 6.0.9
+#nappo download microsoft.netcore.app.host.linux-arm64 6.0.9
+#nappo download microsoft.netcore.app.ref 6.0.9
+#nappo download microsoft.aspnetcore.app.ref 6.0.9
+#
+#nappo download Microsoft.AspNetCore.App.Runtime.linux-arm64 7.0.0-rc.1.22427.2
+#nappo download Microsoft.NETCore.App.Host.linux-arm64  7.0.0-rc.1.22426.10
+#nappo download Microsoft.NETCore.App.Runtime.linux-arm64 7.0.0-rc.1.22426.10
+#nappo download runtime.linux-arm64.Microsoft.NETCore.DotNetHost 7.0.0-rc.1.22426.10
+#nappo download runtime.linux-arm64.Microsoft.NETCore.DotNetHostPolicy 7.0.0-rc.1.22426.10
+#nappo download runtime.linux-arm64.Microsoft.NETCore.DotNetHostResolver 7.0.0-rc.1.22426.10
+#nappo download runtime.linux-arm64.Microsoft.NETCore.ILAsm 7.0.0-rc.1.22426.10
+#nappo download runtime.linux-arm64.Microsoft.NETCore.ILDAsm 7.0.0-rc.1.22426.10
+#nappo download Microsoft.NETCore.App.Crossgen2.linux-arm64 7.0.0-rc.1.22426.10
+
+popd
+
+tar czf "dotnet-prebuilts-${sdk_version}-arm64.tar.gz" "dotnet-prebuilts-${sdk_version}-arm64"

build-dotnet-tarball

@@ -0,0 +1,183 @@
+#!/bin/bash
+
+# Usage:
+#   build-dotnet-tarball [--bootstrap] <tag-from-installer>
+#
+# Creates a source archive from a tag (or commit) at github.com/dotnet/installer
+#
+# Clone dotnet/installer, check out the tag (if any), and build the
+# source-tarball.
+
+set -euo pipefail
+IFS=$'\n\t'
+
+function print_usage {
+    echo "Usage:"
+    echo "$0 [--bootstrap] <tag-from-installer>"
+    echo
+    echo "Creates a source archive from a tag at https://github.com/dotnet/installer"
+    echo ""
+    echo "  --bootstrap     build a source tarball usable for bootstrapping .NET"
+}
+
+function clean_dotnet_cache {
+    rm -rf ~/.aspnet ~/.dotnet/ ~/.nuget/ ~/.local/share/NuGet ~/.templateengine
+    rm -rf /tmp/NuGet /tmp/NuGetScratch /tmp/.NETCore* /tmp/.NETStandard* /tmp/.dotnet /tmp/dotnet.* /tmp/clr-debug-pipe* /tmp/Razor-Server /tmp/CoreFxPipe* /tmp/VBCSCompiler /tmp/.NETFramework*
+}
+
+function check_bootstrap_environment {
+    if rpm -qa | grep dotnet ; then
+        echo "error: dotnet is installed. Not a good idea for bootstrapping."
+        exit 1
+    fi
+    if [ -d /usr/lib/dotnet ] || [ -d /usr/lib64/dotnet ] || [ -d /usr/share/dotnet ] ; then
+        echo "error: one of /usr/lib/dotnet /usr/lib64/dotnet or /usr/share/dotnet/ exists. Not a good idea for bootstrapping."
+        exit 1
+    fi
+    if command -v dotnet ; then
+        echo "error: dotnet is in $PATH. Not a good idea for bootstrapping."
+        exit 1
+    fi
+}
+
+function runtime_id {
+
+    source /etc/os-release
+    case "${ID}" in
+        # Remove the RHEL minor version
+        rhel) rid_version=${VERSION_ID%.*} ;;
+
+        *) rid_version=${VERSION_ID} ;;
+    esac
+
+    echo "${ID}.${rid_version}-${arch}"
+}
+
+build_bootstrap=false
+
+declare -A archmap
+archmap=(
+    ["aarch64"]="arm64"
+    ["amd64"]="x64"
+    ["armv8l"]="arm"
+    ["i386"]="x86"
+    ["i686"]="x86"
+    ["ppc64le"]="ppc64le"
+    ["s390x"]="s390x"
+    ["x86_64"]="x64"
+)
+
+arch=${archmap["$(uname -m)"]}
+
+
+positional_args=()
+while [[ "$#" -gt 0 ]]; do
+    arg="${1}"
+    case "${arg}" in
+        --bootstrap)
+            check_bootstrap_environment
+            build_bootstrap=true
+            shift
+            ;;
+        -h|--help)
+            print_usage
+            exit 0
+            ;;
+        *)
+            positional_args+=("$1")
+            shift
+            ;;
+    esac
+done
+
+
+tag=${positional_args[0]:-}
+if [[ -z ${tag} ]]; then
+    echo "error: missing tag to build"
+    exit 1
+fi
+
+set -x
+
+dir_name="dotnet-${tag}"
+unmodified_tarball_name="${dir_name}-original"
+tarball_name="${dir_name}"
+tarball_suffix=.tar.gz
+
+if [[ ${build_bootstrap} == true ]]; then
+    unmodified_tarball_name="${unmodified_tarball_name}-${arch}-bootstrap"
+    tarball_name="${tarball_name}-${arch}-bootstrap"
+    tarball_suffix=.tar.xz
+fi
+
+if [ -f "${tarball_name}${tarball_suffix}" ]; then
+    echo "error: ${tarball_name}${tarball_suffix} already exists"
+    exit 1
+fi
+
+if [ ! -f "${unmodified_tarball_name}.tar.gz" ]; then
+    temp_dir=$(mktemp -d -p "$(pwd)")
+    pushd "${temp_dir}"
+    mkdir installer
+    pushd installer
+    git init
+    git remote add origin https://github.com/dotnet/installer
+    git fetch --depth 1 origin "${tag}"
+    git checkout FETCH_HEAD
+    git submodule update --init --recursive
+    clean_dotnet_cache
+    ./build.sh /p:ArcadeBuildTarball=true
+    popd
+
+    popd
+
+    mv "${temp_dir}"/installer/artifacts/packages/Debug/Shipping/dotnet-sdk-source-7*.tar.gz \
+        "${unmodified_tarball_name}.tar.gz"
+
+    rm -rf "${temp_dir}"
+fi
+
+rm -rf "${tarball_name}"
+mkdir "${tarball_name}"
+pushd "${tarball_name}"
+tar xf ../"${unmodified_tarball_name}.tar.gz"
+
+if [[ ${build_bootstrap} == true ]]; then
+    ./prep.sh --bootstrap
+else
+    find . -type f -iname '*.tar.gz' -delete
+    rm -rf .dotnet
+fi
+
+# Remove files with funny licenses and crypto implementations and
+# other not-very-useful artifacts. We MUST NOT ship any files that
+# have unapproved licenses and unexpected cryptographic
+# implementations.
+#
+# We use rm -r (no -f) to make sure the operation fails if the files
+# are not at the expected locations. If the files are not at the
+# expected location, we need to find the new location of the files and
+# delete them, or verify that upstream has already removed the files.
+
+# Binaries for gradle
+rm -r src/aspnetcore/src/SignalR/clients/java/signalr/gradle*
+
+# https://github.com/dotnet/aspnetcore/issues/34785
+find src/aspnetcore/src -type d -name samples -print0 | xargs -0 rm -r
+
+# Unnecessary crypto implementation: IDEA
+rm -r src/runtime/src/tests/JIT/Performance/CodeQuality/Bytemark/
+
+# https://github.com/NuGet/Home/issues/11094
+rm -r src/nuget-client/test/EndToEnd
+
+# https://github.com/microsoft/ApplicationInsights-dotnet/issues/2670
+rm -r src/source-build-externals/src/application-insights/LOGGING/test/Shared/CustomTelemetryChannel.cs
+
+popd
+
+if [[ ${build_bootstrap} == true ]]; then
+    tar -I 'xz -9 -T 0' -cf "${tarball_name}${tarball_suffix}" "${tarball_name}"
+else
+    tar -czf "${tarball_name}${tarball_suffix}" "${tarball_name}"
+fi

dotnet7.0.spec

@@ -1,4 +1,5 @@
-%bcond_with bootstrap
+# We dont' use %%bootstrap since that doesn't work in CentOS Koji
+%bcond_with bootstrap_dotnet
 
 # LTO triggers a compilation error for a source level issue.  Given that LTO should not
 # change the validity of any given source and the nature of the error (undefined enum), I
@@ -6,10 +7,10 @@
 # until that's done, disable LTO.  This has to happen before setting the flags below.
 %define _lto_cflags %{nil}
 
-%global host_version 7.0.3
+%global host_version 7.0.19
-%global runtime_version 7.0.3
+%global runtime_version 7.0.19
 %global aspnetcore_runtime_version %{runtime_version}
-%global sdk_version 7.0.103
+%global sdk_version 7.0.119
 %global sdk_feature_band_version %(echo %{sdk_version} | cut -d '-' -f 1 | sed -e 's|[[:digit:]][[:digit:]]$|00|')
 %global templates_version %{runtime_version}
 #%%global templates_version %%(echo %%{runtime_version} | awk 'BEGIN { FS="."; OFS="." } {print $1, $2, $3+1 }')
@@ -56,16 +57,17 @@ Summary:        .NET Runtime and SDK
 License:        MIT and ASL 2.0 and BSD and LGPLv2+ and CC-BY and CC0 and MS-PL and EPL-1.0 and GPL+ and GPLv2 and ISC and OFL and zlib
 URL:            https://github.com/dotnet/
 
-%if %{with bootstrap}
+%if %{with bootstrap_dotnet}
+%global bootstrap_sdk_version 7.0.109
 # The source is generated on a RHEL box via:
 # ./build-dotnet-tarball --bootstrap %%{upstream_tag}
 Source0:        dotnet-%{upstream_tag}-x64-bootstrap.tar.xz
 # Generated via ./build-arm64-bootstrap-tarball
-Source1:        dotnet-arm64-prebuilts-2022-10-12.tar.gz
+Source1:        dotnet-prebuilts-%{bootstrap_sdk_version}-arm64.tar.gz
 # Generated manually, same pattern as the arm64 tarball
-Source2:        dotnet-ppc64le-prebuilts-2022-10-21.tar.gz
+Source2:        dotnet-prebuilts-%{bootstrap_sdk_version}-ppc64le.tar.gz
 # Generated manually, same pattern as the arm64 tarball
-Source3:        dotnet-s390x-prebuilts-2022-10-12.tar.gz
+Source3:        dotnet-prebuilts-%{bootstrap_sdk_version}-s390x.tar.gz
 %else
 # The source is generated on a RHEL box via:
 # ./build-dotnet-tarball %%{upstream_tag}
@@ -77,7 +79,8 @@ Source11:       dotnet.sh.in
 
 # Disable apphost; there's no net6.0 apphost for ppc64le
 Patch1:         roslyn-analyzers-ppc64le-apphost.patch
-
+# https://github.com/dotnet/runtime/pull/95217#issuecomment-1842799362
+Patch2:         runtime-re-enable-implicit-rejection.patch
 
 
 %if 0%{?fedora} || 0%{?rhel} >= 8
@@ -90,7 +93,7 @@ ExclusiveArch:  x86_64
 BuildRequires:  clang
 BuildRequires:  cmake
 BuildRequires:  coreutils
-%if %{without bootstrap}
+%if %{without bootstrap_dotnet}
 BuildRequires:  dotnet-sdk-7.0
 BuildRequires:  dotnet-sdk-7.0-source-built-artifacts
 %endif
@@ -324,7 +327,7 @@ applications using the .NET SDK.
 %dotnet_targeting_pack dotnet-apphost-pack-7.0 %{runtime_rpm_version} Microsoft.NETCore.App 7.0 Microsoft.NETCore.App.Host.%{runtime_id}
 %dotnet_targeting_pack dotnet-targeting-pack-7.0 %{runtime_rpm_version} Microsoft.NETCore.App 7.0 Microsoft.NETCore.App.Ref
 %dotnet_targeting_pack aspnetcore-targeting-pack-7.0 %{aspnetcore_runtime_rpm_version} Microsoft.AspNetCore.App 7.0 Microsoft.AspNetCore.App.Ref
-%dotnet_targeting_pack netstandard-targeting-pack-2.1 %{sdk_rpm_version} NETStandard.Library 2.1 NETStandard.Library.Ref
+#%%dotnet_targeting_pack netstandard-targeting-pack-2.1 %%{sdk_rpm_version} NETStandard.Library 2.1 NETStandard.Library.Ref
 
 
 %package -n dotnet-sdk-7.0-source-built-artifacts
@@ -340,7 +343,7 @@ These are not meant for general use.
 
 
 %prep
-%if %{without bootstrap}
+%if %{without bootstrap_dotnet}
 %setup -q -n dotnet-%{upstream_tag}
 
 # Remove all prebuilts
@@ -399,6 +402,7 @@ popd
 %endif
 
 %patch1 -p1
+%patch2 -p1
 
 # Fix bad hardcoded path in build
 sed -i 's|/usr/share/dotnet|%{_libdir}/dotnet|' src/runtime/src/native/corehost/hostmisc/pal.unix.cpp
@@ -411,7 +415,7 @@ sed -i -E 's|( /p:BuildDebPackage=false)|\1 --cmakeargs -DCLR_CMAKE_USE_SYSTEM_L
 %build
 cat /etc/os-release
 
-%if %{without bootstrap}
+%if %{without bootstrap_dotnet}
 # We need to create a copy because we will mutate this
 cp -a %{_libdir}/dotnet previously-built-dotnet
 find previously-built-dotnet
@@ -466,7 +470,7 @@ export OPENSSL_ENABLE_SHA1_SIGNATURES=1
 %endif
 
 VERBOSE=1 ./build.sh \
-%if %{without bootstrap}
+%if %{without bootstrap_dotnet}
     --with-sdk previously-built-dotnet \
 %endif
 %ifarch %{mono_archs}
@@ -516,30 +520,35 @@ find %{buildroot}%{_libdir}/dotnet/ -type f -name '*.targets' -exec chmod -x {}
 find %{buildroot}%{_libdir}/dotnet/ -type f -name '*.txt' -exec chmod -x {} \;
 find %{buildroot}%{_libdir}/dotnet/ -type f -name '*.xml' -exec chmod -x {} \;
 
-install -dm 0755 %{buildroot}%{_sysconfdir}/profile.d/
+# Provided by dotnet-host from another SRPM
-install dotnet.sh %{buildroot}%{_sysconfdir}/profile.d/
+#install -dm 0755 %%{buildroot}%%{_sysconfdir}/profile.d/
+#install dotnet.sh %%{buildroot}%%{_sysconfdir}/profile.d/
 
-install -dm 0755 %{buildroot}/%{_datadir}/bash-completion/completions
+# Provided by dotnet-host from another SRPM
+#install -dm 0755 %%{buildroot}/%%{_datadir}/bash-completion/completions
 # dynamic completion needs the file to be named the same as the base command
-install src/sdk/scripts/register-completions.bash %{buildroot}/%{_datadir}/bash-completion/completions/dotnet
+#install src/sdk/scripts/register-completions.bash %%{buildroot}/%%{_datadir}/bash-completion/completions/dotnet
 
 # TODO: the zsh completion script needs to be ported to use #compdef
 #install -dm 755 %%{buildroot}/%%{_datadir}/zsh/site-functions
 #install src/cli/scripts/register-completions.zsh %%{buildroot}/%%{_datadir}/zsh/site-functions/_dotnet
 
-install -dm 0755 %{buildroot}%{_bindir}
+# Provided by dotnet-host from another SRPM
-ln -s ../../%{_libdir}/dotnet/dotnet %{buildroot}%{_bindir}/
+#install -dm 0755 %%{buildroot}%%{_bindir}
+#ln -s ../../%%{_libdir}/dotnet/dotnet %%{buildroot}%%{_bindir}/
 
-for section in 1 7; do
+# Provided by dotnet-host from another SRPM
-    install -dm 0755 %{buildroot}%{_mandir}/man${section}/
+#for section in 1 7; do
-    find -iname 'dotnet*'.${section} -type f -exec cp {} %{buildroot}%{_mandir}/man${section}/ \;
+#    install -dm 0755 %%{buildroot}%%{_mandir}/man${section}/
-done
+#    find -iname 'dotnet*'.${section} -type f -exec cp {} %%{buildroot}%%{_mandir}/man${section}/ \;
+#done
 
-install -dm 0755 %{buildroot}%{_sysconfdir}/dotnet
+# Provided by dotnet-host from another SRPM
-echo "%{_libdir}/dotnet" >> install_location
+#install -dm 0755 %%{buildroot}%%{_sysconfdir}/dotnet
-install install_location %{buildroot}%{_sysconfdir}/dotnet/
+#echo "%%{_libdir}/dotnet" >> install_location
-echo "%{_libdir}/dotnet" >> install_location_%{runtime_arch}
+#install install_location %%{buildroot}%%{_sysconfdir}/dotnet/
-install install_location_%{runtime_arch} %{buildroot}%{_sysconfdir}/dotnet/
+#echo "%%{_libdir}/dotnet" >> install_location_%%{runtime_arch}
+#install install_location_%%{runtime_arch} %%{buildroot}%%{_sysconfdir}/dotnet/
 
 install -dm 0755 %{buildroot}%{_libdir}/dotnet/source-built-artifacts
 install -m 0644 artifacts/%{runtime_arch}/Release/Private.SourceBuilt.Artifacts.*.tar.gz %{buildroot}/%{_libdir}/dotnet/source-built-artifacts/
@@ -556,7 +565,7 @@ echo "Testing build results for debug symbols..."
 
 
 
-%check
+# Self-check
 %if 0%{?fedora} > 35
 # lttng in Fedora > 35 is incompatible with .NET
 export COMPlus_LTTng=0
@@ -565,27 +574,14 @@ export COMPlus_LTTng=0
 %{buildroot}%{_libdir}/dotnet/dotnet --info
 %{buildroot}%{_libdir}/dotnet/dotnet --version
 
+# Provided by dotnet-host from another SRPM
+rm %{buildroot}%{_libdir}/dotnet/LICENSE.txt
+rm %{buildroot}%{_libdir}/dotnet/ThirdPartyNotices.txt
+rm %{buildroot}%{_libdir}/dotnet/dotnet
 
-%if 0%{?rhel} <= 8
+# Provided by netstandard-targeting-pack-2.1 from another SRPM
-%files -n dotnet
+rm -rf %{buildroot}%{_libdir}/dotnet/packs/NETStandard.Library.Ref/2.1.0
-# empty package useful for dependencies
-%endif
 
-%files -n dotnet-host
-%dir %{_libdir}/dotnet
-%{_libdir}/dotnet/dotnet
-%dir %{_libdir}/dotnet/host
-%dir %{_libdir}/dotnet/host/fxr
-%{_bindir}/dotnet
-%license %{_libdir}/dotnet/LICENSE.txt
-%license %{_libdir}/dotnet/ThirdPartyNotices.txt
-%doc %{_mandir}/man1/dotnet*.1.gz
-%doc %{_mandir}/man7/dotnet*.7.gz
-%config(noreplace) %{_sysconfdir}/profile.d/dotnet.sh
-%config(noreplace) %{_sysconfdir}/dotnet
-%dir %{_datadir}/bash-completion
-%dir %{_datadir}/bash-completion/completions
-%{_datadir}/bash-completion/completions/dotnet
 
 %files -n dotnet-hostfxr-7.0
 %dir %{_libdir}/dotnet/host/fxr
@@ -619,6 +615,66 @@ export COMPlus_LTTng=0
 
 
 %changelog
+* Tue May 14 2024 Omair Majid <omajid@redhat.com> - 7.0.119-1
+- Update to .NET SDK 7.0.119 and Runtime 7.0.19
+- Resolves: RHEL-35313
+
+* Tue Apr 09 2024 Omair Majid <omajid@redhat.com> - 7.0.118-2
+- Update to .NET SDK 7.0.118 and Runtime 7.0.18
+- Resolves: RHEL-31199
+
+* Tue Mar 19 2024 Omair Majid <omajid@redhat.com> - 7.0.117-2
+- Update to .NET SDK 7.0.117 and Runtime 7.0.17
+- Resolves: RHEL-27547
+
+* Wed Feb 14 2024 Omair Majid <omajid@redhat.com> - 7.0.116-2
+- Update to .NET SDK 7.0.116 and Runtime 7.0.16
+- Resolves: RHEL-23789
+
+* Mon Jan 15 2024 Omair Majid <omajid@redhat.com> - 7.0.115-2
+- Update to .NET SDK 7.0.115 and Runtime 7.0.15
+- Resolves: RHEL-19799
+
+* Fri Dec 22 2023 Omair Majid <omajid@redhat.com> - 7.0.114-2
+- Update to .NET SDK 7.0.114 and Runtime 7.0.14
+- Resolves: RHEL-15350
+
+* Tue Oct 24 2023 Omair Majid <omajid@redhat.com> - 7.0.113-2
+- Update to .NET SDK 7.0.113 and Runtime 7.0.13
+- Resolves: RHEL-14474
+
+* Mon Oct 16 2023 Omair Majid <omajid@redhat.com> - 7.0.112-2
+- Update to .NET SDK 7.0.112 and Runtime 7.0.12
+- Resolves: RHEL-11704
+
+* Tue Sep 12 2023 Omair Majid <omajid@redhat.com> - 7.0.111-2
+- Update to .NET SDK 7.0.111 and Runtime 7.0.11
+- Resolves: RHEL-2001
+
+* Wed Aug 23 2023 Omair Majid <omajid@redhat.com> - 7.0.110-4
+- Disable bootstrap
+- Related: RHBZ#2228570
+
+* Tue Aug 22 2023 Omair Majid <omajid@redhat.com> - 7.0.110-3
+- Enable bootstrap
+- Related: RHBZ#2228570
+
+* Wed Aug 09 2023 Omair Majid <omajid@redhat.com> - 7.0.110-2
+- Update to .NET SDK 7.0.110 and Runtime 7.0.10
+- Resolves: RHBZ#2228570
+
+* Tue Jul 11 2023 Omair Majid <omajid@redhat.com> - 7.0.109-2
+- Update to .NET SDK 7.0.109 and Runtime 7.0.9
+- Resolves: RHBZ#2219631
+
+* Wed Jul 05 2023 Omair Majid <omajid@redhat.com> - 7.0.108-2
+- Update to .NET SDK 7.0.108 and Runtime 7.0.8
+- Resolves: RHBZ#2216223
+
+* Thu Mar 02 2023 Omair Majid <omajid@redhat.com> - 7.0.104-1
+- Update to .NET SDK 7.0.104 and Runtime 7.0.4
+- Resolves: RHBZ#2175026
+
 * Thu Feb 02 2023 Omair Majid <omajid@redhat.com> - 7.0.103-1
 - Update to .NET SDK 7.0.103 and Runtime 7.0.3
 - Resolves: RHBZ#2166775

rpminspect.yaml

@@ -0,0 +1,21 @@
+---
+inspections:
+    # We ship an empty dotnet package that installs the latest SDK, but
+    # also a newer SDK when we have that
+    emptyrpm: off
+    # We patch upstream a lot, no need to reject patches
+    patches: off
+badfuncs:
+    allowed:
+        # The Mono runtime (used on s390x, for example), uses inet_addr for
+        # debugging (such as sending the control flow graph to a remote process).
+        # See runtime/src/mono/mono/mini/cfgdump.c. This isn't part of any
+        # standard networking facility; networking APIs are implemented/used in
+        # libSystem*so.
+        /usr/lib64/dotnet/shared/Microsoft.NETCore.App/*/libcoreclr.so:
+            - inet_addr
+runpath:
+    # Upstream explicitly sets $ORIGIN/netcoredeps as an RPATH
+    # See https://github.com/dotnet/core/blob/main/Documentation/self-contained-linux-apps.md
+    allowed_origin_paths:
+        - /netcoredeps

runtime-re-enable-implicit-rejection.patch

@@ -0,0 +1,142 @@
+From f55ebb4597a1a931edee16283fc43a4ff33d1029 Mon Sep 17 00:00:00 2001
+From: Omair Majid <omajid@redhat.com>
+Date: Fri, 2 Feb 2024 12:23:28 -0500
+Subject: [PATCH] Revert "Disable implicit rejection for RSA PKCS#1 (#95217)"
+
+This reverts commit a314c5b3580a9fe25c59d917ff0b7594efc6f81f.
+
+To quote Clemens Lang:
+
+> [Disabling implcit rejection] re-enables a Bleichenbacher timing oracle
+> attack against PKCS#1v1.5 decryption. See
+> https://people.redhat.com/~hkario/marvin/ for details and
+> https://github.com/dotnet/runtime/pull/95157#issuecomment-1842784399 for a
+> comment by the researcher who published the vulnerability and proposed the
+> change in OpenSSL.
+
+For more details, see:
+https://github.com/dotnet/runtime/pull/95217#issuecomment-1842799362
+---
+ .../RSA/EncryptDecrypt.cs                     | 49 ++++---------------
+ .../opensslshim.h                             |  6 ---
+ .../pal_evp_pkey_rsa.c                        | 13 -----
+ 3 files changed, 10 insertions(+), 58 deletions(-)
+
+diff --git a/src/runtime/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs b/src/runtime/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs
+index 55a044d62a6..e72d42e87d2 100644
+--- a/src/runtime/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs
++++ b/src/runtime/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs
+@@ -338,10 +338,19 @@ private void RsaCryptRoundtrip(RSAEncryptionPadding paddingMode, bool expectSucc
+             Assert.Equal(TestData.HelloBytes, output);
+         }
+ 
+-        [ConditionalFact(nameof(PlatformSupportsEmptyRSAEncryption))]
++        [ConditionalFact]
+         [SkipOnTargetFramework(TargetFrameworkMonikers.NetFramework)]
+         public void RoundtripEmptyArray()
+         {
++            if (OperatingSystem.IsIOS() && !OperatingSystem.IsIOSVersionAtLeast(13, 6))
++            {
++                throw new SkipTestException("iOS prior to 13.6 does not reliably support RSA encryption of empty data.");
++            }
++            if (OperatingSystem.IsTvOS() && !OperatingSystem.IsTvOSVersionAtLeast(14, 0))
++            {
++                throw new SkipTestException("tvOS prior to 14.0 does not reliably support RSA encryption of empty data.");
++            }
++
+             using (RSA rsa = RSAFactory.Create(TestData.RSA2048Params))
+             {
+                 void RoundtripEmpty(RSAEncryptionPadding paddingMode)
+@@ -726,23 +715,5 @@ public static IEnumerable<object[]> OaepPaddingModes
+                 }
+             }
+         }
+-
+-        public static bool PlatformSupportsEmptyRSAEncryption
+-        {
+-            get
+-            {
+-                if (OperatingSystem.IsIOS() && !OperatingSystem.IsIOSVersionAtLeast(13, 6))
+-                {
+-                    return false;
+-                }
+-
+-                if (OperatingSystem.IsTvOS() && !OperatingSystem.IsTvOSVersionAtLeast(14, 0))
+-                {
+-                    return false;
+-                }
+-
+-                return true;
+-            }
+-        }
+     }
+ }
+diff --git a/src/runtime/src/native/libs/System.Security.Cryptography.Native/opensslshim.h b/src/runtime/src/native/libs/System.Security.Cryptography.Native/opensslshim.h
+index 7d5ec84cc7d..efc0d470602 100644
+--- a/src/runtime/src/native/libs/System.Security.Cryptography.Native/opensslshim.h
++++ b/src/runtime/src/native/libs/System.Security.Cryptography.Native/opensslshim.h
+@@ -276,10 +276,8 @@ const EVP_CIPHER* EVP_chacha20_poly1305(void);
+     REQUIRED_FUNCTION(ERR_peek_error) \
+     REQUIRED_FUNCTION(ERR_peek_error_line) \
+     REQUIRED_FUNCTION(ERR_peek_last_error) \
+-    REQUIRED_FUNCTION(ERR_pop_to_mark) \
+     FALLBACK_FUNCTION(ERR_put_error) \
+     REQUIRED_FUNCTION(ERR_reason_error_string) \
+-    REQUIRED_FUNCTION(ERR_set_mark) \
+     LIGHTUP_FUNCTION(ERR_set_debug) \
+     LIGHTUP_FUNCTION(ERR_set_error) \
+     REQUIRED_FUNCTION(EVP_aes_128_cbc) \
+@@ -334,7 +332,6 @@ const EVP_CIPHER* EVP_chacha20_poly1305(void);
+     REQUIRED_FUNCTION(EVP_PKCS82PKEY) \
+     REQUIRED_FUNCTION(EVP_PKEY2PKCS8) \
+     REQUIRED_FUNCTION(EVP_PKEY_CTX_ctrl) \
+-    REQUIRED_FUNCTION(EVP_PKEY_CTX_ctrl_str) \
+     REQUIRED_FUNCTION(EVP_PKEY_CTX_free) \
+     REQUIRED_FUNCTION(EVP_PKEY_CTX_get0_pkey) \
+     REQUIRED_FUNCTION(EVP_PKEY_CTX_new) \
+@@ -761,10 +758,8 @@ FOR_ALL_OPENSSL_FUNCTIONS
+ #define ERR_peek_error_line ERR_peek_error_line_ptr
+ #define ERR_peek_last_error ERR_peek_last_error_ptr
+ #define ERR_put_error ERR_put_error_ptr
+-#define ERR_pop_to_mark ERR_pop_to_mark_ptr
+ #define ERR_reason_error_string ERR_reason_error_string_ptr
+ #define ERR_set_debug ERR_set_debug_ptr
+-#define ERR_set_mark ERR_set_mark_ptr
+ #define ERR_set_error ERR_set_error_ptr
+ #define EVP_aes_128_cbc EVP_aes_128_cbc_ptr
+ #define EVP_aes_128_cfb8 EVP_aes_128_cfb8_ptr
+@@ -818,7 +813,6 @@ FOR_ALL_OPENSSL_FUNCTIONS
+ #define EVP_PKCS82PKEY EVP_PKCS82PKEY_ptr
+ #define EVP_PKEY2PKCS8 EVP_PKEY2PKCS8_ptr
+ #define EVP_PKEY_CTX_ctrl EVP_PKEY_CTX_ctrl_ptr
+-#define EVP_PKEY_CTX_ctrl_str EVP_PKEY_CTX_ctrl_str_ptr
+ #define EVP_PKEY_CTX_free EVP_PKEY_CTX_free_ptr
+ #define EVP_PKEY_CTX_get0_pkey EVP_PKEY_CTX_get0_pkey_ptr
+ #define EVP_PKEY_CTX_new EVP_PKEY_CTX_new_ptr
+diff --git a/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c b/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c
+index 043bf9f9d1e..c9ccdf33e3a 100644
+--- a/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c
++++ b/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c
+@@ -67,19 +67,6 @@ static bool ConfigureEncryption(EVP_PKEY_CTX* ctx, RsaPaddingMode padding, const
+         {
+             return false;
+         }
+-
+-        // OpenSSL 3.2 introduced a change where PKCS#1 RSA decryption does not fail for invalid padding.
+-        // If the padding is invalid, the decryption operation returns random data.
+-        // See https://github.com/openssl/openssl/pull/13817 for background.
+-        // Some Linux distributions backported this change to previous versions of OpenSSL.
+-        // Here we do a best-effort to set a flag to revert the behavior to failing if the padding is invalid.
+-        ERR_set_mark();
+-
+-        EVP_PKEY_CTX_ctrl_str(ctx, "rsa_pkcs1_implicit_rejection", "0");
+-
+-        // Undo any changes to the error queue that may have occured while configuring implicit rejection if the
+-        // current version does not support implicit rejection.
+-        ERR_pop_to_mark();
+     }
+     else
+     {
+-- 
+2.43.0
+

sources

@@ -0,0 +1 @@
+SHA512 (dotnet-v7.0.119.tar.gz) = e8c4dc05fc61f02f4282b47ed5e059d6cd9059171e9a0ac7f383545821cf42424d0e7a4f881a5ea80857c91a64ca0922f850cd20742830eb90b8a08fc9877479

update-release

@@ -0,0 +1,143 @@
+#!/bin/bash
+
+# Usage:
+#     ./update-release sdk-version runtime-version [--bug bug-id] [--tarball tarball-name] [--larger-rpm-release]
+
+set -euo pipefail
+IFS=$'\n\t'
+
+print_usage() {
+    echo " Usage:"
+    echo "     ./update-release sdk-version runtime-version [--bug bug-id] [--tarball tarball-name] [--release-json release-json] [--larger-rpm-release]"
+}
+
+user_provided_tarball_name=""
+
+rpm_release=1
+positional_args=()
+bug_ids=()
+while [[ "$#" -gt 0 ]]; do
+    arg="$1"
+    case "${arg}" in
+        --bug)
+            bug_ids+=("$2")
+            shift;
+            shift;
+            ;;
+        -h|--help)
+            print_usage
+            exit 0
+            ;;
+        --release-json)
+            release_json="$2"
+            shift;
+            shift;
+            ;;
+        --tarball)
+            user_provided_tarball_name="$2"
+            shift;
+            shift;
+            ;;
+        --larger-rpm-release)
+            rpm_release="2"
+            shift;
+            ;;
+        *)
+            positional_args+=("$1")
+            shift
+            ;;
+    esac
+done
+
+spec_files=( ./*.spec )
+spec_file="${spec_files[0]}"
+
+sdk_version=${positional_args[0]:-}
+if [[ -z ${sdk_version} ]]; then
+    echo "error: missing sdk version"
+    exit 1
+fi
+
+runtime_version=${positional_args[1]:-}
+if [[ -z ${runtime_version} ]]; then
+    echo "error: missing runtime version"
+    exit 1
+fi
+
+host_version="$runtime_version"
+
+if [[ "$runtime_version" == "6.0"* ]] || [[ "$runtime_version" == "7.0"* ]] ; then
+    tag=v${sdk_version}
+else
+    tag=v${runtime_version}
+fi
+
+set -x
+
+sed -i -E "s|^%global host_version [[:digit:]]\.[[:digit:]]\.[[:digit:]]+|%global host_version ${host_version}|" "$spec_file"
+sed -i -E "s|^%global runtime_version [[:digit:]]\.[[:digit:]]\.[[:digit:]]+|%global runtime_version ${runtime_version}|" "$spec_file"
+sed -i -E "s|^%global sdk_version [[:digit:]]\.[[:digit:]]\.[[:digit:]][[:digit:]][[:digit:]]|%global sdk_version ${sdk_version}|" "$spec_file"
+
+
+if [[ "$runtime_version" == "6.0"* ]] || [[ "$runtime_version" == "7.0"* ]] ; then
+    if [[ -f "dotnet-${tag}.tar.gz" ]]; then
+        echo "dotnet-${tag}.tar.gz already exists, not rebuilding tarball"
+    else
+        if [[ -f "dotnet-${tag}-original.tar.gz" ]]; then
+            echo "dotnet-${tag}-original.tar.gz alredy exists, not rebuilding tarball"
+        else
+            if [[ -n "${user_provided_tarball_name}" ]]; then
+                cp -a "$user_provided_tarball_name" "dotnet-${tag}-original.tar.gz"
+            elif [[ -f "dotnet-${sdk_version}-SDK.tar.gz" ]]; then
+                cp -a "dotnet-${sdk_version}-SDK.tar.gz" "dotnet-${tag}-original.tar.gz"
+            elif [[ -f "dotnet-${sdk_version}.tar.gz" ]]; then
+                cp -a "dotnet-${sdk_version}.tar.gz" "dotnet-${tag}-original.tar.gz"
+            elif [[ -f "dotnet-${runtime_version}.tar.gz" ]]; then
+                cp -a "dotnet-${runtime_version}.tar.gz" "dotnet-${tag}-original.tar.gz"
+            fi
+        fi
+
+        ./build-dotnet-tarball "${tag}"
+    fi
+else
+    if [[ -f "dotnet-${tag}.tar.gz" ]]; then
+        echo "dotnet-${tag}.tar.gz already exists, not rebuilding tarball"
+    elif [[ -n ${user_provided_tarball_name} ]]; then
+        tag_without_v=${tag#v}
+        cp -a "${user_provided_tarball_name}" dotnet-${tag_without_v}.tar.gz
+        cp -a "${user_provided_tarball_name}.sig" dotnet-${tag_without_v}.tar.gz.sig
+        cp -a "${release_json}" release.json
+    else
+        rm -f release.json
+        spectool -g "$spec_file"
+    fi
+fi
+
+comment="Update to .NET SDK ${sdk_version} and Runtime ${runtime_version}"
+commit_message="$comment
+"
+for bug_id in "${bug_ids[@]}"; do
+    if [[ "$bug_id" =~ ^[[:digit:]]+$ ]]; then
+        comment="$comment
+- Resolves: RHBZ#$bug_id"
+        commit_message="$commit_message
+Resolves: RHBZ#$bug_id"
+    else
+        comment="$comment
+- Resolves: $bug_id"
+        commit_message="$commit_message
+Resolves: $bug_id"
+    fi
+done
+
+echo "$commit_message" > git-commit-message
+
+rpmdev-bumpspec --comment="$comment" "$spec_file"
+
+# Reset release in 'Release' tag
+sed -i -E 's|^Release:        [[:digit:]]+%|Release:        '"$rpm_release"'%|' "$spec_file"
+# Reset Release in changelog comment
+# See https://stackoverflow.com/questions/18620153/find-matching-text-and-replace-next-line
+sed -i -E '/^%changelog$/!b;n;s/-[[:digit:]]+$/-'"$rpm_release"'/' "$spec_file"
+
+echo "Done updating sources. Commit message in ./git-commit-message"