Compare commits
12 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
1e0234e937 | ||
|
34f1500f81 | ||
|
950e7bee1a | ||
|
a00d1130f7 | ||
|
d4aec77a53 | ||
|
33fbcb0f34 | ||
|
2c5539f849 | ||
|
16aeabc199 | ||
|
65654781ed | ||
|
cf0d0b5ff1 | ||
|
48aaf87c4e | ||
|
d272f4a0a5 |
13
.gitignore
vendored
13
.gitignore
vendored
@ -35,3 +35,16 @@
|
|||||||
/dotnet-prebuilts-8.0.100-rc.1.23410.12-s390x.tar.gz
|
/dotnet-prebuilts-8.0.100-rc.1.23410.12-s390x.tar.gz
|
||||||
/dotnet-v8.0.0-rc.1.23419.4.tar.gz
|
/dotnet-v8.0.0-rc.1.23419.4.tar.gz
|
||||||
/dotnet-v8.0.0-rc.2.23479.6.tar.gz
|
/dotnet-v8.0.0-rc.2.23479.6.tar.gz
|
||||||
|
/dotnet-v8.0.0.tar.gz
|
||||||
|
/dotnet-v8.0.1.tar.gz
|
||||||
|
/dotnet-v8.0.2.tar.gz
|
||||||
|
/dotnet-8.0.3.tar.gz
|
||||||
|
/dotnet-8.0.3.tar.gz.sig
|
||||||
|
/dotnet-8.0.4.tar.gz
|
||||||
|
/dotnet-8.0.4.tar.gz.sig
|
||||||
|
/dotnet-8.0.5.tar.gz
|
||||||
|
/dotnet-8.0.5.tar.gz.sig
|
||||||
|
/dotnet-8.0.7.tar.gz
|
||||||
|
/dotnet-8.0.7.tar.gz.sig
|
||||||
|
/dotnet-8.0.8.tar.gz
|
||||||
|
/dotnet-8.0.8.tar.gz.sig
|
||||||
|
@ -1,38 +0,0 @@
|
|||||||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Matt Thalman <mthalman@microsoft.com>
|
|
||||||
Date: Tue, 24 Oct 2023 16:20:26 -0500
|
|
||||||
Subject: [PATCH] Use correct runtime package version
|
|
||||||
|
|
||||||
---
|
|
||||||
prereqs/git-info/AllRepoVersions.props | 2 +-
|
|
||||||
prereqs/git-info/runtime.props | 4 ++--
|
|
||||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/prereqs/git-info/AllRepoVersions.props b/prereqs/git-info/AllRepoVersions.props
|
|
||||||
index 79a789e1cd..a3f3ccf094 100644
|
|
||||||
--- a/prereqs/git-info/AllRepoVersions.props
|
|
||||||
+++ b/prereqs/git-info/AllRepoVersions.props
|
|
||||||
@@ -32,7 +32,7 @@
|
|
||||||
<roslynGitCommitHash>bdd9c5ba66b00beebdc3516acc5e29b83efd89af</roslynGitCommitHash>
|
|
||||||
<roslynOutputPackageVersion>4.8.0-3.23471.11</roslynOutputPackageVersion>
|
|
||||||
<runtimeGitCommitHash>0b25e38ad32a69cd83ae246104b32449203cc71c</runtimeGitCommitHash>
|
|
||||||
- <runtimeOutputPackageVersion>8.0.0-rc.2.23475.17</runtimeOutputPackageVersion>
|
|
||||||
+ <runtimeOutputPackageVersion>8.0.0-rc.2.23479.6</runtimeOutputPackageVersion>
|
|
||||||
<sdkGitCommitHash>67e671f384bee6937630b52b02cc78e69b27e280</sdkGitCommitHash>
|
|
||||||
<sdkOutputPackageVersion>8.0.100-rc.2.23480.5</sdkOutputPackageVersion>
|
|
||||||
<sourcebuildexternalsGitCommitHash>6dbf3aaa0fc9664df86462f5c70b99800934fccd</sourcebuildexternalsGitCommitHash>
|
|
||||||
diff --git a/prereqs/git-info/runtime.props b/prereqs/git-info/runtime.props
|
|
||||||
index 546469c3a0..20c2bf8840 100644
|
|
||||||
--- a/prereqs/git-info/runtime.props
|
|
||||||
+++ b/prereqs/git-info/runtime.props
|
|
||||||
@@ -2,8 +2,8 @@
|
|
||||||
<Project>
|
|
||||||
<PropertyGroup>
|
|
||||||
<GitCommitHash>0b25e38ad32a69cd83ae246104b32449203cc71c</GitCommitHash>
|
|
||||||
- <OfficialBuildId>20230925.17</OfficialBuildId>
|
|
||||||
- <OutputPackageVersion>8.0.0-rc.2.23475.17</OutputPackageVersion>
|
|
||||||
+ <OfficialBuildId>20230929.6</OfficialBuildId>
|
|
||||||
+ <OutputPackageVersion>8.0.0-rc.2.23479.6</OutputPackageVersion>
|
|
||||||
<PreReleaseVersionLabel>rc.2</PreReleaseVersionLabel>
|
|
||||||
<IsStable>false</IsStable>
|
|
||||||
</PropertyGroup>
|
|
175
dotnet8.0.spec
175
dotnet8.0.spec
@ -8,22 +8,21 @@
|
|||||||
|
|
||||||
%global dotnetver 8.0
|
%global dotnetver 8.0
|
||||||
|
|
||||||
%global host_version 8.0.0-rc.2.23479.6
|
%global host_version 8.0.8
|
||||||
%global runtime_version 8.0.0-rc.2.23479.6
|
%global runtime_version 8.0.8
|
||||||
%global aspnetcore_runtime_version 8.0.0-rc.2.23480.2
|
%global aspnetcore_runtime_version %{runtime_version}
|
||||||
%global sdk_version 8.0.100-rc.2.23502.1
|
%global sdk_version 8.0.108
|
||||||
%global sdk_feature_band_version %(echo %{sdk_version} | cut -d '-' -f 1 | sed -e 's|[[:digit:]][[:digit:]]$|00|')
|
%global sdk_feature_band_version %(echo %{sdk_version} | cut -d '-' -f 1 | sed -e 's|[[:digit:]][[:digit:]]$|00|')
|
||||||
%global templates_version 8.0.0-rc.2.23480.2
|
%global templates_version %{runtime_version}
|
||||||
#%%global templates_version %%(echo %%{runtime_version} | awk 'BEGIN { FS="."; OFS="." } {print $1, $2, $3+1 }')
|
#%%global templates_version %%(echo %%{runtime_version} | awk 'BEGIN { FS="."; OFS="." } {print $1, $2, $3+1 }')
|
||||||
|
|
||||||
# upstream can produce releases with a different tag than the SDK version
|
%global upstream_tag v%{runtime_version}
|
||||||
%global upstream_tag v8.0.0-rc.2.23479.6
|
|
||||||
%global upstream_tag_without_v %(echo %{upstream_tag} | sed -e 's|^v||')
|
%global upstream_tag_without_v %(echo %{upstream_tag} | sed -e 's|^v||')
|
||||||
|
|
||||||
%global host_rpm_version 8.0.0~rc.2
|
%global host_rpm_version %{host_version}
|
||||||
%global runtime_rpm_version 8.0.0~rc.2
|
%global runtime_rpm_version %{runtime_version}
|
||||||
%global aspnetcore_runtime_rpm_version 8.0.0~rc.2
|
%global aspnetcore_runtime_rpm_version %{aspnetcore_runtime_version}
|
||||||
%global sdk_rpm_version 8.0.100~rc.2
|
%global sdk_rpm_version %{sdk_version}
|
||||||
|
|
||||||
%if 0%{?fedora} || 0%{?rhel} < 8
|
%if 0%{?fedora} || 0%{?rhel} < 8
|
||||||
%global use_bundled_libunwind 0
|
%global use_bundled_libunwind 0
|
||||||
@ -48,13 +47,13 @@
|
|||||||
%global runtime_arch x64
|
%global runtime_arch x64
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%global mono_archs s390x ppc64le
|
%global mono_archs ppc64le s390x
|
||||||
|
|
||||||
%{!?runtime_id:%global runtime_id %(. /etc/os-release ; echo "${ID}.${VERSION_ID%%.*}")-%{runtime_arch}}
|
%{!?runtime_id:%global runtime_id %(. /etc/os-release ; echo "${ID}.${VERSION_ID%%.*}")-%{runtime_arch}}
|
||||||
|
|
||||||
Name: dotnet%{dotnetver}
|
Name: dotnet%{dotnetver}
|
||||||
Version: %{sdk_rpm_version}
|
Version: %{sdk_rpm_version}
|
||||||
Release: 0.1%{?dist}
|
Release: 2%{?dist}
|
||||||
Summary: .NET Runtime and SDK
|
Summary: .NET Runtime and SDK
|
||||||
License: 0BSD AND Apache-2.0 AND (Apache-2.0 WITH LLVM-exception) AND APSL-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BSD-4-Clause AND BSL-1.0 AND bzip2-1.0.6 AND CC0-1.0 AND CC-BY-3.0 AND CC-BY-4.0 AND CC-PDDC AND CNRI-Python AND EPL-1.0 AND GPL-2.0-only AND (GPL-2.0-only WITH GCC-exception-2.0) AND GPL-2.0-or-later AND GPL-3.0-only AND ICU AND ISC AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-Fedora-Public-Domain AND LicenseRef-ISO-8879 AND MIT AND MIT-Wu AND MS-PL AND MS-RL AND NCSA AND OFL-1.1 AND OpenSSL AND Unicode-DFS-2015 AND Unicode-DFS-2016 AND W3C-19980720 AND X11 AND Zlib
|
License: 0BSD AND Apache-2.0 AND (Apache-2.0 WITH LLVM-exception) AND APSL-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BSD-4-Clause AND BSL-1.0 AND bzip2-1.0.6 AND CC0-1.0 AND CC-BY-3.0 AND CC-BY-4.0 AND CC-PDDC AND CNRI-Python AND EPL-1.0 AND GPL-2.0-only AND (GPL-2.0-only WITH GCC-exception-2.0) AND GPL-2.0-or-later AND GPL-3.0-only AND ICU AND ISC AND LGPL-2.1-only AND LGPL-2.1-or-later AND LicenseRef-Fedora-Public-Domain AND LicenseRef-ISO-8879 AND MIT AND MIT-Wu AND MS-PL AND MS-RL AND NCSA AND OFL-1.1 AND OpenSSL AND Unicode-DFS-2015 AND Unicode-DFS-2016 AND W3C-19980720 AND X11 AND Zlib
|
||||||
|
|
||||||
@ -73,16 +72,12 @@ Source2: dotnet-prebuilts-%{bootstrap_sdk_version}-ppc64le.tar.gz
|
|||||||
# Generated manually, same pattern as the arm64 tarball
|
# Generated manually, same pattern as the arm64 tarball
|
||||||
Source3: dotnet-prebuilts-%{bootstrap_sdk_version}-s390x.tar.gz
|
Source3: dotnet-prebuilts-%{bootstrap_sdk_version}-s390x.tar.gz
|
||||||
%else
|
%else
|
||||||
# For non-releases, the source is generated on a Fedora box via:
|
Source0: https://github.com/dotnet/dotnet/archive/refs/tags/%{upstream_tag}.tar.gz#/dotnet-%{upstream_tag_without_v}.tar.gz
|
||||||
# ./build-dotnet-tarball %%{upstream_tag} or commit
|
Source1: https://github.com/dotnet/dotnet/archive/refs/tags/%{upstream_tag}.tar.gz#/dotnet-%{upstream_tag_without_v}.tar.gz.sig
|
||||||
%global tarball_name dotnet-sdk-source-%{upstream_tag}
|
Source2: https://dotnet.microsoft.com/download/dotnet/release-key-2023.asc
|
||||||
Source0: https://github.com/dotnet/dotnet/archive/refs/tags/%{upstream_tag}.tar.gz#/dotnet-%{upstream_tag}.tar.gz
|
|
||||||
%endif
|
%endif
|
||||||
Source5: https://github.com/dotnet/dotnet/releases/download/%{upstream_tag}/release.json
|
Source5: https://github.com/dotnet/dotnet/releases/download/%{upstream_tag}/release.json
|
||||||
|
|
||||||
#Source10: %%{tarball_name}-nm-dev.tgz
|
|
||||||
#Source11: %%{tarball_name}-nm-prod.tgz
|
|
||||||
|
|
||||||
Source20: check-debug-symbols.py
|
Source20: check-debug-symbols.py
|
||||||
Source21: dotnet.sh.in
|
Source21: dotnet.sh.in
|
||||||
|
|
||||||
@ -90,19 +85,18 @@ Source21: dotnet.sh.in
|
|||||||
Patch1: roslyn-analyzers-ppc64le-apphost.patch
|
Patch1: roslyn-analyzers-ppc64le-apphost.patch
|
||||||
# https://github.com/dotnet/source-build/discussions/3481
|
# https://github.com/dotnet/source-build/discussions/3481
|
||||||
Patch2: vstest-intent-net8.0.patch
|
Patch2: vstest-intent-net8.0.patch
|
||||||
# https://github.com/dotnet/runtime/pull/92274
|
# https://github.com/dotnet/runtime/pull/95216#issuecomment-1842799314
|
||||||
Patch3: runtime-92274-webcil-s390x.patch
|
Patch3: runtime-re-enable-implicit-rejection.patch
|
||||||
# https://github.com/dotnet/runtime/pull/92920
|
# https://github.com/dotnet/msbuild/pull/9449
|
||||||
Patch4: runtime-92920-multiple-ssl-dirs.patch
|
Patch4: msbuild-9449-exec-stop-setting-a-locale.patch
|
||||||
# https://github.com/dotnet/source-build/issues/3673
|
# We disable checking the signature of the last certificate in a chain if the certificate is supposedly self-signed.
|
||||||
Patch5: dotnet-3673-rc2-version-mismatch.patch
|
# A side effect of not checking the self-signature of such a certificate is that disabled or unsupported message
|
||||||
|
# digests used for the signature are not treated as fatal errors.
|
||||||
|
# https://issues.redhat.com/browse/RHEL-25254
|
||||||
|
Patch5: runtime-openssl-sha1.patch
|
||||||
|
|
||||||
|
|
||||||
%if 0%{?fedora} || 0%{?rhel} >= 8
|
|
||||||
ExclusiveArch: aarch64 ppc64le s390x x86_64
|
ExclusiveArch: aarch64 ppc64le s390x x86_64
|
||||||
%else
|
|
||||||
ExclusiveArch: x86_64
|
|
||||||
%endif
|
|
||||||
|
|
||||||
|
|
||||||
BuildRequires: clang
|
BuildRequires: clang
|
||||||
@ -117,6 +111,7 @@ BuildRequires: git
|
|||||||
%if 0%{?fedora} || 0%{?rhel} > 7
|
%if 0%{?fedora} || 0%{?rhel} > 7
|
||||||
BuildRequires: glibc-langpack-en
|
BuildRequires: glibc-langpack-en
|
||||||
%endif
|
%endif
|
||||||
|
BuildRequires: gnupg2
|
||||||
BuildRequires: hostname
|
BuildRequires: hostname
|
||||||
BuildRequires: krb5-devel
|
BuildRequires: krb5-devel
|
||||||
BuildRequires: libicu-devel
|
BuildRequires: libicu-devel
|
||||||
@ -270,6 +265,18 @@ It particularly focuses on creating console applications, web
|
|||||||
applications and micro-services.
|
applications and micro-services.
|
||||||
|
|
||||||
|
|
||||||
|
%package -n dotnet-runtime-dbg-%{dotnetver}
|
||||||
|
|
||||||
|
Version: %{runtime_rpm_version}
|
||||||
|
Summary: Managed debug symbols NET %{dotnetver} runtime
|
||||||
|
|
||||||
|
Requires: dotnet-runtime-%{dotnetver}%{?_isa} = %{runtime_rpm_version}-%{release}
|
||||||
|
|
||||||
|
%description -n dotnet-runtime-dbg-%{dotnetver}
|
||||||
|
This package contains the managed symbol (pdb) files useful to debug the
|
||||||
|
managed parts of the .NET runtime itself.
|
||||||
|
|
||||||
|
|
||||||
%package -n aspnetcore-runtime-%{dotnetver}
|
%package -n aspnetcore-runtime-%{dotnetver}
|
||||||
|
|
||||||
Version: %{aspnetcore_runtime_rpm_version}
|
Version: %{aspnetcore_runtime_rpm_version}
|
||||||
@ -289,6 +296,18 @@ It particularly focuses on creating console applications, web
|
|||||||
applications and micro-services.
|
applications and micro-services.
|
||||||
|
|
||||||
|
|
||||||
|
%package -n aspnetcore-runtime-dbg-%{dotnetver}
|
||||||
|
|
||||||
|
Version: %{aspnetcore_runtime_rpm_version}
|
||||||
|
Summary: Managed debug symbols for the ASP.NET Core %{dotnetver} runtime
|
||||||
|
|
||||||
|
Requires: aspnetcore-runtime-%{dotnetver}%{?_isa} = %{aspnetcore_runtime_rpm_version}-%{release}
|
||||||
|
|
||||||
|
%description -n aspnetcore-runtime-dbg-%{dotnetver}
|
||||||
|
This package contains the managed symbol (pdb) files useful to debug the
|
||||||
|
managed parts of the ASP.NET Core runtime itself.
|
||||||
|
|
||||||
|
|
||||||
%package -n dotnet-templates-%{dotnetver}
|
%package -n dotnet-templates-%{dotnetver}
|
||||||
|
|
||||||
Version: %{sdk_rpm_version}
|
Version: %{sdk_rpm_version}
|
||||||
@ -336,6 +355,18 @@ It particularly focuses on creating console applications, web
|
|||||||
applications and micro-services.
|
applications and micro-services.
|
||||||
|
|
||||||
|
|
||||||
|
%package -n dotnet-sdk-dbg-%{dotnetver}
|
||||||
|
|
||||||
|
Version: %{sdk_rpm_version}
|
||||||
|
Summary: Managed debug symbols for the .NET %{dotnetver} Software Development Kit
|
||||||
|
|
||||||
|
Requires: dotnet-sdk-%{dotnetver}%{?_isa} = %{sdk_rpm_version}-%{release}
|
||||||
|
|
||||||
|
%description -n dotnet-sdk-dbg-%{dotnetver}
|
||||||
|
This package contains the managed symbol (pdb) files useful to debug the .NET
|
||||||
|
Software Development Kit (SDK) itself.
|
||||||
|
|
||||||
|
|
||||||
%global dotnet_targeting_pack() %{expand:
|
%global dotnet_targeting_pack() %{expand:
|
||||||
%package -n %{1}
|
%package -n %{1}
|
||||||
|
|
||||||
@ -373,6 +404,8 @@ These are not meant for general use.
|
|||||||
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
|
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
|
||||||
|
|
||||||
release_json_tag=$(grep tag %{SOURCE5} | cut -d: -f2 | sed -E 's/[," ]*//g')
|
release_json_tag=$(grep tag %{SOURCE5} | cut -d: -f2 | sed -E 's/[," ]*//g')
|
||||||
if [[ ${release_json_tag} != %{upstream_tag} ]]; then
|
if [[ ${release_json_tag} != %{upstream_tag} ]]; then
|
||||||
echo "error: tag in release.json doesn't match tag in spec file"
|
echo "error: tag in release.json doesn't match tag in spec file"
|
||||||
@ -542,8 +575,9 @@ if [[ $(find %{buildroot}%{_libdir}/dotnet -name '*.pem' -print | wc -l) != 1 ]]
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Install managed symbols
|
# Install managed symbols
|
||||||
tar xf artifacts/%{runtime_arch}/Release/dotnet-runtime-symbols-%{runtime_id}-%{runtime_version}.tar.gz \
|
tar xf artifacts/%{runtime_arch}/Release/dotnet-symbols-sdk-%{sdk_version}*-%{runtime_id}.tar.gz \
|
||||||
-C %{buildroot}%{_libdir}/dotnet/shared/Microsoft.NETCore.App/%{runtime_version}/
|
-C %{buildroot}%{_libdir}/dotnet/
|
||||||
|
find %{buildroot}%{_libdir}/dotnet/packs -iname '*.pdb' -delete
|
||||||
|
|
||||||
# Fix executable permissions on files
|
# Fix executable permissions on files
|
||||||
find %{buildroot}%{_libdir}/dotnet/ -type f -name 'apphost' -exec chmod +x {} \;
|
find %{buildroot}%{_libdir}/dotnet/ -type f -name 'apphost' -exec chmod +x {} \;
|
||||||
@ -599,6 +633,14 @@ echo "Testing build results for debug symbols..."
|
|||||||
%{SOURCE20} -v %{buildroot}%{_libdir}/dotnet/
|
%{SOURCE20} -v %{buildroot}%{_libdir}/dotnet/
|
||||||
|
|
||||||
|
|
||||||
|
find %{buildroot}%{_libdir}/dotnet/shared/Microsoft.NETCore.App -type f -and -not -name '*.pdb' | sed -E 's|%{buildroot}||' > dotnet-runtime-non-dbg-files
|
||||||
|
find %{buildroot}%{_libdir}/dotnet/shared/Microsoft.NETCore.App -type f -name '*.pdb' | sed -E 's|%{buildroot}||' > dotnet-runtime-dbg-files
|
||||||
|
find %{buildroot}%{_libdir}/dotnet/shared/Microsoft.AspNetCore.App -type f -and -not -name '*.pdb' | sed -E 's|%{buildroot}||' > aspnetcore-runtime-non-dbg-files
|
||||||
|
find %{buildroot}%{_libdir}/dotnet/shared/Microsoft.AspNetCore.App -type f -name '*.pdb' | sed -E 's|%{buildroot}||' > aspnetcore-runtime-dbg-files
|
||||||
|
find %{buildroot}%{_libdir}/dotnet/sdk -type d | tail -n +2 | sed -E 's|%{buildroot}||' | sed -E 's|^|%dir |' > dotnet-sdk-non-dbg-files
|
||||||
|
find %{buildroot}%{_libdir}/dotnet/sdk -type f -and -not -name '*.pdb' | sed -E 's|%{buildroot}||' >> dotnet-sdk-non-dbg-files
|
||||||
|
find %{buildroot}%{_libdir}/dotnet/sdk -type f -name '*.pdb' | sed -E 's|%{buildroot}||' > dotnet-sdk-dbg-files
|
||||||
|
|
||||||
|
|
||||||
%check
|
%check
|
||||||
%if 0%{?fedora} > 35
|
%if 0%{?fedora} > 35
|
||||||
@ -635,36 +677,93 @@ export COMPlus_LTTng=0
|
|||||||
%dir %{_libdir}/dotnet/host/fxr
|
%dir %{_libdir}/dotnet/host/fxr
|
||||||
%{_libdir}/dotnet/host/fxr/%{host_version}
|
%{_libdir}/dotnet/host/fxr/%{host_version}
|
||||||
|
|
||||||
%files -n dotnet-runtime-%{dotnetver}
|
%files -n dotnet-runtime-%{dotnetver} -f dotnet-runtime-non-dbg-files
|
||||||
%dir %{_libdir}/dotnet/shared
|
%dir %{_libdir}/dotnet/shared
|
||||||
%dir %{_libdir}/dotnet/shared/Microsoft.NETCore.App
|
%dir %{_libdir}/dotnet/shared/Microsoft.NETCore.App
|
||||||
%{_libdir}/dotnet/shared/Microsoft.NETCore.App/%{runtime_version}
|
%dir %{_libdir}/dotnet/shared/Microsoft.NETCore.App/%{runtime_version}
|
||||||
|
|
||||||
%files -n aspnetcore-runtime-%{dotnetver}
|
%files -n dotnet-runtime-dbg-%{dotnetver} -f dotnet-runtime-dbg-files
|
||||||
|
|
||||||
|
%files -n aspnetcore-runtime-%{dotnetver} -f aspnetcore-runtime-non-dbg-files
|
||||||
%dir %{_libdir}/dotnet/shared
|
%dir %{_libdir}/dotnet/shared
|
||||||
%dir %{_libdir}/dotnet/shared/Microsoft.AspNetCore.App
|
%dir %{_libdir}/dotnet/shared/Microsoft.AspNetCore.App
|
||||||
%{_libdir}/dotnet/shared/Microsoft.AspNetCore.App/%{aspnetcore_runtime_version}
|
%dir %{_libdir}/dotnet/shared/Microsoft.AspNetCore.App/%{aspnetcore_runtime_version}
|
||||||
|
|
||||||
|
%files -n aspnetcore-runtime-dbg-%{dotnetver} -f aspnetcore-runtime-dbg-files
|
||||||
|
|
||||||
%files -n dotnet-templates-%{dotnetver}
|
%files -n dotnet-templates-%{dotnetver}
|
||||||
%dir %{_libdir}/dotnet/templates
|
%dir %{_libdir}/dotnet/templates
|
||||||
%{_libdir}/dotnet/templates/%{templates_version}
|
%{_libdir}/dotnet/templates/%{templates_version}
|
||||||
|
|
||||||
%files -n dotnet-sdk-%{dotnetver}
|
%files -n dotnet-sdk-%{dotnetver} -f dotnet-sdk-non-dbg-files
|
||||||
%dir %{_libdir}/dotnet/sdk
|
%dir %{_libdir}/dotnet/sdk
|
||||||
%{_libdir}/dotnet/sdk/%{sdk_version}
|
|
||||||
%dir %{_libdir}/dotnet/sdk-manifests
|
%dir %{_libdir}/dotnet/sdk-manifests
|
||||||
%{_libdir}/dotnet/sdk-manifests/%{sdk_feature_band_version}*
|
%{_libdir}/dotnet/sdk-manifests/%{sdk_feature_band_version}*
|
||||||
%{_libdir}/dotnet/metadata
|
%{_libdir}/dotnet/metadata
|
||||||
%dir %{_libdir}/dotnet/packs
|
%dir %{_libdir}/dotnet/packs
|
||||||
|
%dir %{_libdir}/dotnet/packs/Microsoft.AspNetCore.App.Runtime.%{runtime_id}
|
||||||
%{_libdir}/dotnet/packs/Microsoft.AspNetCore.App.Runtime.%{runtime_id}/%{aspnetcore_runtime_version}
|
%{_libdir}/dotnet/packs/Microsoft.AspNetCore.App.Runtime.%{runtime_id}/%{aspnetcore_runtime_version}
|
||||||
|
%dir %{_libdir}/dotnet/packs/Microsoft.NETCore.App.Runtime.%{runtime_id}
|
||||||
%{_libdir}/dotnet/packs/Microsoft.NETCore.App.Runtime.%{runtime_id}/%{runtime_version}
|
%{_libdir}/dotnet/packs/Microsoft.NETCore.App.Runtime.%{runtime_id}/%{runtime_version}
|
||||||
|
|
||||||
|
%files -n dotnet-sdk-dbg-%{dotnetver} -f dotnet-sdk-dbg-files
|
||||||
|
|
||||||
%files -n dotnet-sdk-%{dotnetver}-source-built-artifacts
|
%files -n dotnet-sdk-%{dotnetver}-source-built-artifacts
|
||||||
%dir %{_libdir}/dotnet
|
%dir %{_libdir}/dotnet
|
||||||
%{_libdir}/dotnet/source-built-artifacts
|
%{_libdir}/dotnet/source-built-artifacts
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Aug 14 2024 Omair Majid <omajid@redhat.com> - 8.0.108-2
|
||||||
|
- Update to .NET SDK 8.0.108 and Runtime 8.0.8
|
||||||
|
- Resolves: RHEL-52387
|
||||||
|
|
||||||
|
* Wed Jul 10 2024 Omair Majid <omajid@redhat.com> - 8.0.107-3
|
||||||
|
- Fix ownership of some missed directories
|
||||||
|
- Resolves: RHEL-47079
|
||||||
|
|
||||||
|
* Tue Jul 09 2024 Omair Majid <omajid@redhat.com> - 8.0.107-2
|
||||||
|
- Update to .NET SDK 8.0.107 and Runtime 8.0.7
|
||||||
|
- Resolves: RHEL-45323
|
||||||
|
|
||||||
|
* Wed May 15 2024 Omair Majid <omajid@redhat.com> - 8.0.105-2
|
||||||
|
- Update to .NET SDK 8.0.105 and Runtime 8.0.5
|
||||||
|
- Resolves: RHEL-35315
|
||||||
|
|
||||||
|
* Tue Apr 09 2024 Omair Majid <omajid@redhat.com> - 8.0.104-2
|
||||||
|
- Update to .NET SDK 8.0.104 and Runtime 8.0.4
|
||||||
|
- Resolves: RHEL-31208
|
||||||
|
|
||||||
|
* Sun Mar 31 2024 Tom Deseyn <tom.deseyn@gmail.com> - 8.0.103-3
|
||||||
|
- We disable checking the signature of the last certificate in a chain if the certificate is supposedly self-signed.
|
||||||
|
A side effect of not checking the self-signature of such a certificate is that disabled or unsupported message
|
||||||
|
digests used for the signature are not treated as fatal errors.
|
||||||
|
- Resolves: RHEL-28344
|
||||||
|
|
||||||
|
* Tue Mar 19 2024 Omair Majid <omajid@redhat.com> - 8.0.103-2
|
||||||
|
- Update to .NET SDK 8.0.103 and Runtime 8.0.3
|
||||||
|
- Resolves: RHEL-27553
|
||||||
|
|
||||||
|
* Tue Feb 20 2024 Tom Deseyn <tom.deseyn@gmail.com> - 8.0.102-3
|
||||||
|
- Backport MSBuild locale fix
|
||||||
|
- Resolves: RHEL-23936
|
||||||
|
|
||||||
|
* Wed Feb 14 2024 Omair Majid <omajid@redhat.com> - 8.0.102-2
|
||||||
|
- Update to .NET SDK 8.0.102 and Runtime 8.0.2
|
||||||
|
- Resolves: RHEL-23804
|
||||||
|
|
||||||
|
* Mon Jan 29 2024 Omair Majid <omajid@redhat.com> - 8.0.101-3
|
||||||
|
- Add -dbg subpackages for symbol files
|
||||||
|
- Resolves: RHEL-23070
|
||||||
|
|
||||||
|
* Mon Jan 15 2024 Omair Majid <omajid@redhat.com> - 8.0.101-2
|
||||||
|
- Update to .NET SDK 8.0.101 and Runtime 8.0.1
|
||||||
|
- Resolves: RHEL-19803
|
||||||
|
|
||||||
|
* Wed Nov 15 2023 Omair Majid <omajid@redhat.com> - 8.0.100-3
|
||||||
|
- Update to .NET SDK 8.0.100 and Runtime 8.0.0
|
||||||
|
- Resolves: RHEL-15352
|
||||||
|
|
||||||
* Mon Oct 16 2023 Omair Majid <omajid@redhat.com> - 8.0.100~rc.2-0.1
|
* Mon Oct 16 2023 Omair Majid <omajid@redhat.com> - 8.0.100~rc.2-0.1
|
||||||
- Update to .NET 8 RC 2
|
- Update to .NET 8 RC 2
|
||||||
- Resolves: RHEL-13790
|
- Resolves: RHEL-13790
|
||||||
|
104
msbuild-9449-exec-stop-setting-a-locale.patch
Normal file
104
msbuild-9449-exec-stop-setting-a-locale.patch
Normal file
@ -0,0 +1,104 @@
|
|||||||
|
From 68fa6537305beda5cb059c898349f37bda285ca7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tom Deseyn <tom.deseyn@gmail.com>
|
||||||
|
Date: Thu, 1 Feb 2024 09:23:16 +0100
|
||||||
|
Subject: [PATCH 1/1] Exec: stop setting a locale on Unix.
|
||||||
|
|
||||||
|
This backports a fix that is part of Microsoft's upcoming
|
||||||
|
8.0.2xx SDK to the 8.0.1xx SDK that we package.
|
||||||
|
|
||||||
|
This fix stops MSBuild Exec from printing warnings and/or
|
||||||
|
failing in bash envionments where the glibc en_US locale
|
||||||
|
is not available (which is common in container images).
|
||||||
|
|
||||||
|
The backport includes the changewave opt-out that allows
|
||||||
|
users to revert back to the previous behavior by setting
|
||||||
|
the MSBUILDDISABLEFEATURESFROMVERSION envvar to the
|
||||||
|
version where the feature is introduced ("17.10").
|
||||||
|
---
|
||||||
|
src/msbuild/src/Framework/ChangeWaves.cs | 3 +-
|
||||||
|
src/msbuild/src/Tasks.UnitTests/Exec_Tests.cs | 36 +++++++++++++++++++
|
||||||
|
src/msbuild/src/Tasks/Exec.cs | 7 +++-
|
||||||
|
3 files changed, 44 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/msbuild/src/Framework/ChangeWaves.cs b/src/msbuild/src/Framework/ChangeWaves.cs
|
||||||
|
index 0050723798..1f925324ac 100644
|
||||||
|
--- a/src/msbuild/src/Framework/ChangeWaves.cs
|
||||||
|
+++ b/src/msbuild/src/Framework/ChangeWaves.cs
|
||||||
|
@@ -27,7 +27,8 @@ namespace Microsoft.Build.Framework
|
||||||
|
internal static readonly Version Wave17_4 = new Version(17, 4);
|
||||||
|
internal static readonly Version Wave17_6 = new Version(17, 6);
|
||||||
|
internal static readonly Version Wave17_8 = new Version(17, 8);
|
||||||
|
- internal static readonly Version[] AllWaves = { Wave17_4, Wave17_6, Wave17_8 };
|
||||||
|
+ internal static readonly Version Wave17_10 = new Version(17, 10);
|
||||||
|
+ internal static readonly Version[] AllWaves = { Wave17_4, Wave17_6, Wave17_8, Wave17_10 };
|
||||||
|
|
||||||
|
/// <summary>
|
||||||
|
/// Special value indicating that all features behind all Change Waves should be enabled.
|
||||||
|
diff --git a/src/msbuild/src/Tasks.UnitTests/Exec_Tests.cs b/src/msbuild/src/Tasks.UnitTests/Exec_Tests.cs
|
||||||
|
index cb468a6cce..c0598e4978 100644
|
||||||
|
--- a/src/msbuild/src/Tasks.UnitTests/Exec_Tests.cs
|
||||||
|
+++ b/src/msbuild/src/Tasks.UnitTests/Exec_Tests.cs
|
||||||
|
@@ -69,6 +69,42 @@ namespace Microsoft.Build.UnitTests
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ [UnixOnlyTheory]
|
||||||
|
+ [InlineData(true)]
|
||||||
|
+ [InlineData(false)]
|
||||||
|
+ public void ExecSetsLocaleOnUnix(bool enableChangeWave)
|
||||||
|
+ {
|
||||||
|
+ using (var env = TestEnvironment.Create())
|
||||||
|
+ {
|
||||||
|
+ env.SetEnvironmentVariable("LANG", null);
|
||||||
|
+ env.SetEnvironmentVariable("LC_ALL", null);
|
||||||
|
+
|
||||||
|
+ if (enableChangeWave)
|
||||||
|
+ {
|
||||||
|
+ ChangeWaves.ResetStateForTests();
|
||||||
|
+ // Important: use the version here
|
||||||
|
+ env.SetEnvironmentVariable("MSBUILDDISABLEFEATURESFROMVERSION", ChangeWaves.Wave17_10.ToString());
|
||||||
|
+ BuildEnvironmentHelper.ResetInstance_ForUnitTestsOnly();
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ Exec exec = PrepareExec("echo LANG=$LANG; echo LC_ALL=$LC_ALL;");
|
||||||
|
+ bool result = exec.Execute();
|
||||||
|
+ Assert.True(result);
|
||||||
|
+
|
||||||
|
+ MockEngine engine = (MockEngine)exec.BuildEngine;
|
||||||
|
+ if (enableChangeWave)
|
||||||
|
+ {
|
||||||
|
+ engine.AssertLogContains("LANG=en_US.UTF-8");
|
||||||
|
+ engine.AssertLogContains("LC_ALL=en_US.UTF-8");
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ engine.AssertLogDoesntContain("LANG=en_US.UTF-8");
|
||||||
|
+ engine.AssertLogDoesntContain("LC_ALL=en_US.UTF-8");
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/// <summary>
|
||||||
|
/// Ensures that calling the Exec task does not leave any extra TEMP files
|
||||||
|
/// lying around.
|
||||||
|
diff --git a/src/msbuild/src/Tasks/Exec.cs b/src/msbuild/src/Tasks/Exec.cs
|
||||||
|
index dbf4be1fc5..9faaa68887 100644
|
||||||
|
--- a/src/msbuild/src/Tasks/Exec.cs
|
||||||
|
+++ b/src/msbuild/src/Tasks/Exec.cs
|
||||||
|
@@ -591,7 +591,12 @@ namespace Microsoft.Build.Tasks
|
||||||
|
{
|
||||||
|
commandLine.AppendSwitch("-c");
|
||||||
|
commandLine.AppendTextUnquoted(" \"");
|
||||||
|
- commandLine.AppendTextUnquoted("export LANG=en_US.UTF-8; export LC_ALL=en_US.UTF-8; . ");
|
||||||
|
+ bool setLocale = !ChangeWaves.AreFeaturesEnabled(ChangeWaves.Wave17_10);
|
||||||
|
+ if (setLocale)
|
||||||
|
+ {
|
||||||
|
+ commandLine.AppendTextUnquoted("export LANG=en_US.UTF-8; export LC_ALL=en_US.UTF-8; ");
|
||||||
|
+ }
|
||||||
|
+ commandLine.AppendTextUnquoted(". ");
|
||||||
|
commandLine.AppendFileNameIfNotNull(batchFileForCommandLine);
|
||||||
|
commandLine.AppendTextUnquoted("\"");
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.43.0
|
||||||
|
|
29
release-key-2023.asc
Normal file
29
release-key-2023.asc
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
Version: BSN Pgp v1.1.0.0
|
||||||
|
|
||||||
|
mQINBGUKsUYBEADVCJm4EhXALr1ld42kWeh/vM0XMZ2orNT6NRLDRYjpE4mm4UqA
|
||||||
|
vpjfGCwt5fLcrT4yZng8ABkB3QwTsZzmxesAMD5AZR/gdU1G96DuDGsjp6zJvTuX
|
||||||
|
zvz3PXUYfcl9n5X32acA6N9J5Xfp10xqX3oitUODBdYy/vKW/v/y87ZxgaR6a3wp
|
||||||
|
pPJBJIVKwFJx13v4BHRsGp1fepliQcXPvmNKFNI20le5+FbLq6C9hY5wcwGHGfQr
|
||||||
|
EokH79GsmqgSImqxDOIh06J5VfWA+JwV+3vf95pD8IUrRfGQ+GK7b1/bySxtM5Qa
|
||||||
|
b/IDgvl/Qq3AzEpGarMBaqGbqMz1C7jd8Y6nyKMP/V+OCjbEdYNM8GRz6kBP3Un+
|
||||||
|
Frat5Lc2o4DF+zB3PKIJS3hku5gwlJu6IU1F23vmYFtjUcpRGmyQZDoWyBbOWlB5
|
||||||
|
4SXqVu16amUsRFYmOK8BJMjdotcVbriVIv6WRmugfhIMoRJzVGxYkdbuiuMAX69V
|
||||||
|
xDoGpxX5A8S5A79y0USUVtadQfFavMTyb/gUuUe8oDsqK9gdI3ETxLYG4gYwauVX
|
||||||
|
fCGfoLOKsq5dPzEuEA7GCRrMau+rHKFaM7BigSdnHFW7xNZ4v0YnXAagoqM2G5o5
|
||||||
|
9sak0l57vxxTVk2V3iZzkoU2J2Zlyxyh72n5vjRmb7aNwmQh4Eav6a8ssQARAQAB
|
||||||
|
tBlvbm54Y29yZWRldkBtaWNyb3NvZnQuY29tiQI4BBMBCAAiBQJlCrFGAhsDBgsJ
|
||||||
|
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRD9v1PCTbSHLtfzEADIKq15XDeQxLSo
|
||||||
|
BG1aFa9n82K1YADVcu1LeddfhDmQWLnZNgyHtQlKN2n59282CXtgymzae3uc05s2
|
||||||
|
feIJaqF4M4NnCX8Ct3K7Hq1jI7ZktlquPCCy9XHq9aQY8XTxmdtRevtclKgYTwDh
|
||||||
|
w+D/KbE8vTZ6o7JoubA3MKf4k3S8qL/0rIyaC6h0EpiWoMy1TdNMMK7BT4kl6Vz4
|
||||||
|
W6KmNgOux1Pzku5ULM4WuOzmwW+NAzpOLJowfDs1ZC2RM3+g9i1/DmwWtCHngvGD
|
||||||
|
+clA0I0agXxo05toOBTfwxd2gWYczuo/Ole16fYTzqT6n0DHqOjjcc9A7EmC72fQ
|
||||||
|
J+hHAqM+4+CbEGuMpNnTMpCZs98bcK3Rqx/bDJYtbclZzm5O/V4nVbDrJZKzpgA1
|
||||||
|
KuzNMLkr62P6/t15UsStgmrlTILmE5NG0CR1mj/46+mNbsMZCel3dcvnT1Zf4rTq
|
||||||
|
QxMC7Dd/DECKQVC339G/BRfNyhOk2S1mZR/g1uS4bznL+tiwudDh/TAi5C3ZBDMh
|
||||||
|
0muwD9caXS/QFIBWtb2ai3IcpU357R/ERPKLcWYtoYJ80RuKi6XYr1WxSPBmd5Qm
|
||||||
|
wuncye+wR2dveo2jnIXZGUSgz50ZNgBxs/cYWAQ8J6KMgIBa+JY2qalzvIGbrC5x
|
||||||
|
Sr+CkhS8vrktfnRgc8yBssJnvNfqXA==
|
||||||
|
=pKgS
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
11
release.json
11
release.json
@ -1,9 +1,10 @@
|
|||||||
{
|
{
|
||||||
"release": "8.0.0-rc.2",
|
"release": "8.0.8",
|
||||||
"channel": "8.0",
|
"channel": "8.0",
|
||||||
"tag": "v8.0.0-rc.2.23479.6",
|
"tag": "v8.0.8",
|
||||||
"sdkVersion": "8.0.100-rc.2.23502.2",
|
"sdkVersion": "8.0.108",
|
||||||
"runtimeVersion": "8.0.0-rc.2.23479.6",
|
"runtimeVersion": "8.0.8",
|
||||||
|
"aspNetCoreVersion": "8.0.8",
|
||||||
"sourceRepository": "https://github.com/dotnet/dotnet",
|
"sourceRepository": "https://github.com/dotnet/dotnet",
|
||||||
"sourceVersion": "1e872358329855089d8d14cec1f06d5b075824b5"
|
"sourceVersion": "e78e8a64f20e61e1fea4f24afca66ad1dc56285f"
|
||||||
}
|
}
|
||||||
|
@ -1,260 +0,0 @@
|
|||||||
From 72f310a6c3dccbabf9edc29677b51ed78c87cc67 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Sanjam Panda <sanjam.panda@ibm.com>
|
|
||||||
Date: Tue, 19 Sep 2023 15:16:02 +0200
|
|
||||||
Subject: [PATCH 1/3] [wasm] Endian fix for Webcil
|
|
||||||
|
|
||||||
'dotnet new blazorwasm' command failed on s390x and was throwing a not implemented exception
|
|
||||||
|
|
||||||
The issue was with with the WebCil writer and reader, specific endianness conversions relating to the webcil payload were not implemented for big endian machines.
|
|
||||||
|
|
||||||
We considered fixing the generic implementation, but there were only two structures in use: WebcilHeader and WebcilSectionHeader, so it was easier to handle them explicitly.
|
|
||||||
---
|
|
||||||
.../Microsoft.NET.WebAssembly.Webcil.csproj | 1 +
|
|
||||||
.../WebcilConverter.cs | 35 +++++++++++++-----
|
|
||||||
.../WebcilReader.cs | 37 +++++++++++++++----
|
|
||||||
3 files changed, 57 insertions(+), 16 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/Microsoft.NET.WebAssembly.Webcil.csproj b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/Microsoft.NET.WebAssembly.Webcil.csproj
|
|
||||||
index c35eb57e80686..d09ae4a569a59 100644
|
|
||||||
--- a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/Microsoft.NET.WebAssembly.Webcil.csproj
|
|
||||||
+++ b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/Microsoft.NET.WebAssembly.Webcil.csproj
|
|
||||||
@@ -16,6 +16,7 @@
|
|
||||||
|
|
||||||
<ItemGroup>
|
|
||||||
<!-- we need to keep the version of System.Reflection.Metadata in sync with dotnet/msbuild and dotnet/sdk -->
|
|
||||||
+ <PackageReference Include="System.Memory" Version="$(SystemMemoryVersion)" />
|
|
||||||
<PackageReference Include="System.Reflection.Metadata" Version="$(SystemReflectionMetadataVersion)" />
|
|
||||||
<PackageReference Include="System.Collections.Immutable" Version="$(SystemCollectionsImmutableVersion)" />
|
|
||||||
</ItemGroup>
|
|
||||||
diff --git a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
index a38af7270a2da..7b882c42d579e 100644
|
|
||||||
--- a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
+++ b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
@@ -2,6 +2,7 @@
|
|
||||||
// The .NET Foundation licenses this file to you under the MIT license.
|
|
||||||
|
|
||||||
using System;
|
|
||||||
+using System.Buffers.Binary;
|
|
||||||
using System.IO;
|
|
||||||
using System.Collections.Immutable;
|
|
||||||
using System.Reflection.PortableExecutable;
|
|
||||||
@@ -181,9 +182,6 @@ private static void WriteHeader(Stream s, WebcilHeader header)
|
|
||||||
|
|
||||||
private static void WriteSectionHeaders(Stream s, ImmutableArray<WebcilSectionHeader> sectionsHeaders)
|
|
||||||
{
|
|
||||||
- // FIXME: fixup endianness
|
|
||||||
- if (!BitConverter.IsLittleEndian)
|
|
||||||
- throw new NotImplementedException();
|
|
||||||
foreach (var sectionHeader in sectionsHeaders)
|
|
||||||
{
|
|
||||||
WriteSectionHeader(s, sectionHeader);
|
|
||||||
@@ -192,16 +190,38 @@ private static void WriteSectionHeaders(Stream s, ImmutableArray<WebcilSectionHe
|
|
||||||
|
|
||||||
private static void WriteSectionHeader(Stream s, WebcilSectionHeader sectionHeader)
|
|
||||||
{
|
|
||||||
+ if (!BitConverter.IsLittleEndian)
|
|
||||||
+ {
|
|
||||||
+ sectionHeader = new WebcilSectionHeader
|
|
||||||
+ (
|
|
||||||
+ virtualSize: BinaryPrimitives.ReverseEndianness(sectionHeader.VirtualSize),
|
|
||||||
+ virtualAddress: BinaryPrimitives.ReverseEndianness(sectionHeader.VirtualAddress),
|
|
||||||
+ sizeOfRawData: BinaryPrimitives.ReverseEndianness(sectionHeader.SizeOfRawData),
|
|
||||||
+ pointerToRawData: BinaryPrimitives.ReverseEndianness(sectionHeader.PointerToRawData)
|
|
||||||
+ );
|
|
||||||
+ }
|
|
||||||
WriteStructure(s, sectionHeader);
|
|
||||||
}
|
|
||||||
|
|
||||||
+ private static void WriteStructure(Stream s, WebcilHeader webcilHeader)
|
|
||||||
+ {
|
|
||||||
+ if (!BitConverter.IsLittleEndian)
|
|
||||||
+ {
|
|
||||||
+ webcilHeader.version_major = BinaryPrimitives.ReverseEndianness(webcilHeader.version_major);
|
|
||||||
+ webcilHeader.version_minor = BinaryPrimitives.ReverseEndianness(webcilHeader.version_minor);
|
|
||||||
+ webcilHeader.coff_sections = BinaryPrimitives.ReverseEndianness(webcilHeader.coff_sections);
|
|
||||||
+ webcilHeader.pe_cli_header_rva = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_cli_header_rva);
|
|
||||||
+ webcilHeader.pe_cli_header_size = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_cli_header_size);
|
|
||||||
+ webcilHeader.pe_debug_rva = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_debug_rva);
|
|
||||||
+ webcilHeader.pe_debug_size = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_debug_size);
|
|
||||||
+ }
|
|
||||||
+ WriteStructure(s, webcilHeader);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
#if NETCOREAPP2_1_OR_GREATER
|
|
||||||
private static void WriteStructure<T>(Stream s, T structure)
|
|
||||||
where T : unmanaged
|
|
||||||
{
|
|
||||||
- // FIXME: fixup endianness
|
|
||||||
- if (!BitConverter.IsLittleEndian)
|
|
||||||
- throw new NotImplementedException();
|
|
||||||
unsafe
|
|
||||||
{
|
|
||||||
byte* p = (byte*)&structure;
|
|
||||||
@@ -212,9 +232,6 @@ private static void WriteStructure<T>(Stream s, T structure)
|
|
||||||
private static void WriteStructure<T>(Stream s, T structure)
|
|
||||||
where T : unmanaged
|
|
||||||
{
|
|
||||||
- // FIXME: fixup endianness
|
|
||||||
- if (!BitConverter.IsLittleEndian)
|
|
||||||
- throw new NotImplementedException();
|
|
||||||
int size = Marshal.SizeOf<T>();
|
|
||||||
byte[] buffer = new byte[size];
|
|
||||||
IntPtr ptr = IntPtr.Zero;
|
|
||||||
diff --git a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilReader.cs b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilReader.cs
|
|
||||||
index 4f42f82798664..ac4f9d86095a9 100644
|
|
||||||
--- a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilReader.cs
|
|
||||||
+++ b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilReader.cs
|
|
||||||
@@ -6,7 +6,7 @@
|
|
||||||
using System.IO;
|
|
||||||
using System.Reflection;
|
|
||||||
using System.Runtime.InteropServices;
|
|
||||||
-
|
|
||||||
+using System.Buffers.Binary;
|
|
||||||
using System.Reflection.Metadata;
|
|
||||||
using System.Reflection.PortableExecutable;
|
|
||||||
|
|
||||||
@@ -63,14 +63,20 @@ private unsafe bool ReadHeader()
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
- if (!BitConverter.IsLittleEndian)
|
|
||||||
- {
|
|
||||||
- throw new NotImplementedException("TODO: implement big endian support");
|
|
||||||
- }
|
|
||||||
fixed (byte* p = buffer)
|
|
||||||
{
|
|
||||||
header = *(WebcilHeader*)p;
|
|
||||||
}
|
|
||||||
+ if (!BitConverter.IsLittleEndian)
|
|
||||||
+ {
|
|
||||||
+ header.version_major = BinaryPrimitives.ReverseEndianness(header.version_major);
|
|
||||||
+ header.version_minor = BinaryPrimitives.ReverseEndianness(header.version_minor);
|
|
||||||
+ header.coff_sections = BinaryPrimitives.ReverseEndianness(header.coff_sections);
|
|
||||||
+ header.pe_cli_header_rva = BinaryPrimitives.ReverseEndianness(header.pe_cli_header_rva);
|
|
||||||
+ header.pe_cli_header_size = BinaryPrimitives.ReverseEndianness(header.pe_cli_header_size);
|
|
||||||
+ header.pe_debug_rva = BinaryPrimitives.ReverseEndianness(header.pe_debug_rva);
|
|
||||||
+ header.pe_debug_rva = BinaryPrimitives.ReverseEndianness(header.pe_debug_size);
|
|
||||||
+ }
|
|
||||||
if (header.id[0] != 'W' || header.id[1] != 'b'
|
|
||||||
|| header.id[2] != 'I' || header.id[3] != 'L'
|
|
||||||
|| header.version_major != Internal.Constants.WC_VERSION_MAJOR
|
|
||||||
@@ -346,6 +352,7 @@ private long TranslateRVA(uint rva)
|
|
||||||
|
|
||||||
private unsafe ImmutableArray<WebcilSectionHeader> ReadSections()
|
|
||||||
{
|
|
||||||
+ WebcilSectionHeader secheader;
|
|
||||||
var sections = ImmutableArray.CreateBuilder<WebcilSectionHeader>(_header.coff_sections);
|
|
||||||
var buffer = new byte[Marshal.SizeOf<WebcilSectionHeader>()];
|
|
||||||
_stream.Seek(SectionDirectoryOffset + _webcilInWasmOffset, SeekOrigin.Begin);
|
|
||||||
@@ -357,8 +364,24 @@ private unsafe ImmutableArray<WebcilSectionHeader> ReadSections()
|
|
||||||
}
|
|
||||||
fixed (byte* p = buffer)
|
|
||||||
{
|
|
||||||
- // FIXME endianness
|
|
||||||
- sections.Add(*(WebcilSectionHeader*)p);
|
|
||||||
+ secheader = (*(WebcilSectionHeader*)p);
|
|
||||||
+ }
|
|
||||||
+ if (!BitConverter.IsLittleEndian)
|
|
||||||
+ {
|
|
||||||
+ sections.Add
|
|
||||||
+ (
|
|
||||||
+ new WebcilSectionHeader
|
|
||||||
+ (
|
|
||||||
+ virtualSize: BinaryPrimitives.ReverseEndianness(secheader.VirtualSize),
|
|
||||||
+ virtualAddress: BinaryPrimitives.ReverseEndianness(secheader.VirtualAddress),
|
|
||||||
+ sizeOfRawData: BinaryPrimitives.ReverseEndianness(secheader.SizeOfRawData),
|
|
||||||
+ pointerToRawData: BinaryPrimitives.ReverseEndianness(secheader.PointerToRawData)
|
|
||||||
+ )
|
|
||||||
+ );
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ sections.Add(secheader);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return sections.MoveToImmutable();
|
|
||||||
|
|
||||||
From 0c78184347335db183a38cf6bd26e2fe69160931 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Aleksey=20Kliger=20=28=CE=BBgeek=29?= <alklig@microsoft.com>
|
|
||||||
Date: Thu, 21 Sep 2023 14:31:12 -0400
|
|
||||||
Subject: [PATCH 2/3] Fix infinite recursion
|
|
||||||
|
|
||||||
---
|
|
||||||
.../WebcilConverter.cs | 25 ++++++++-----------
|
|
||||||
1 file changed, 10 insertions(+), 15 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
index 7b882c42d579e..fc95eded5bc33 100644
|
|
||||||
--- a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
+++ b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
@@ -177,6 +177,16 @@ public unsafe void GatherInfo(PEReader peReader, out WCFileInfo wcInfo, out PEFi
|
|
||||||
|
|
||||||
private static void WriteHeader(Stream s, WebcilHeader header)
|
|
||||||
{
|
|
||||||
+ if (!BitConverter.IsLittleEndian)
|
|
||||||
+ {
|
|
||||||
+ webcilHeader.version_major = BinaryPrimitives.ReverseEndianness(webcilHeader.version_major);
|
|
||||||
+ webcilHeader.version_minor = BinaryPrimitives.ReverseEndianness(webcilHeader.version_minor);
|
|
||||||
+ webcilHeader.coff_sections = BinaryPrimitives.ReverseEndianness(webcilHeader.coff_sections);
|
|
||||||
+ webcilHeader.pe_cli_header_rva = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_cli_header_rva);
|
|
||||||
+ webcilHeader.pe_cli_header_size = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_cli_header_size);
|
|
||||||
+ webcilHeader.pe_debug_rva = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_debug_rva);
|
|
||||||
+ webcilHeader.pe_debug_size = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_debug_size);
|
|
||||||
+ }
|
|
||||||
WriteStructure(s, header);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -203,21 +213,6 @@ private static void WriteSectionHeader(Stream s, WebcilSectionHeader sectionHead
|
|
||||||
WriteStructure(s, sectionHeader);
|
|
||||||
}
|
|
||||||
|
|
||||||
- private static void WriteStructure(Stream s, WebcilHeader webcilHeader)
|
|
||||||
- {
|
|
||||||
- if (!BitConverter.IsLittleEndian)
|
|
||||||
- {
|
|
||||||
- webcilHeader.version_major = BinaryPrimitives.ReverseEndianness(webcilHeader.version_major);
|
|
||||||
- webcilHeader.version_minor = BinaryPrimitives.ReverseEndianness(webcilHeader.version_minor);
|
|
||||||
- webcilHeader.coff_sections = BinaryPrimitives.ReverseEndianness(webcilHeader.coff_sections);
|
|
||||||
- webcilHeader.pe_cli_header_rva = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_cli_header_rva);
|
|
||||||
- webcilHeader.pe_cli_header_size = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_cli_header_size);
|
|
||||||
- webcilHeader.pe_debug_rva = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_debug_rva);
|
|
||||||
- webcilHeader.pe_debug_size = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_debug_size);
|
|
||||||
- }
|
|
||||||
- WriteStructure(s, webcilHeader);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
#if NETCOREAPP2_1_OR_GREATER
|
|
||||||
private static void WriteStructure<T>(Stream s, T structure)
|
|
||||||
where T : unmanaged
|
|
||||||
|
|
||||||
From cecf4f09f0c52340c753811098f0f2d9593049aa Mon Sep 17 00:00:00 2001
|
|
||||||
From: Aleksey Kliger <alklig@microsoft.com>
|
|
||||||
Date: Thu, 21 Sep 2023 14:36:20 -0400
|
|
||||||
Subject: [PATCH 3/3] rename var
|
|
||||||
|
|
||||||
---
|
|
||||||
src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
index fc95eded5bc33..13c34bde4b8ea 100644
|
|
||||||
--- a/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
+++ b/src/runtime/src/tasks/Microsoft.NET.WebAssembly.Webcil/WebcilConverter.cs
|
|
||||||
@@ -175,7 +175,7 @@ public unsafe void GatherInfo(PEReader peReader, out WCFileInfo wcInfo, out PEFi
|
|
||||||
SectionStart: firstWCSection);
|
|
||||||
}
|
|
||||||
|
|
||||||
- private static void WriteHeader(Stream s, WebcilHeader header)
|
|
||||||
+ private static void WriteHeader(Stream s, WebcilHeader webcilHeader)
|
|
||||||
{
|
|
||||||
if (!BitConverter.IsLittleEndian)
|
|
||||||
{
|
|
||||||
@@ -187,7 +187,7 @@ private static void WriteHeader(Stream s, WebcilHeader header)
|
|
||||||
webcilHeader.pe_debug_rva = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_debug_rva);
|
|
||||||
webcilHeader.pe_debug_size = BinaryPrimitives.ReverseEndianness(webcilHeader.pe_debug_size);
|
|
||||||
}
|
|
||||||
- WriteStructure(s, header);
|
|
||||||
+ WriteStructure(s, webcilHeader);
|
|
||||||
}
|
|
||||||
|
|
||||||
private static void WriteSectionHeaders(Stream s, ImmutableArray<WebcilSectionHeader> sectionsHeaders)
|
|
@ -1,416 +0,0 @@
|
|||||||
From 9aec1e3b0b9ddc02b81bd115399f8951288b261b Mon Sep 17 00:00:00 2001
|
|
||||||
From: Tom Deseyn <tom.deseyn@gmail.com>
|
|
||||||
Date: Wed, 11 Oct 2023 18:32:20 +0200
|
|
||||||
Subject: [PATCH] Support specifying multiple directories through SSL_CERT_DIR
|
|
||||||
|
|
||||||
Co-authored-by: Jeremy Barton <jbarton@microsoft.com>
|
|
||||||
Co-authored-by: Kevin Jones <vcsjones@github.com>
|
|
||||||
---
|
|
||||||
.../OpenSslCachedSystemStoreProvider.cs | 232 +++++++++---------
|
|
||||||
.../X509Certificates/X509StoreTests.Unix.cs | 42 +++-
|
|
||||||
2 files changed, 157 insertions(+), 117 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/runtime/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslCachedSystemStoreProvider.cs b/src/runtime/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslCachedSystemStoreProvider.cs
|
|
||||||
index 4c9643c01e2..e66b3d1ad11 100644
|
|
||||||
--- a/src/runtime/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslCachedSystemStoreProvider.cs
|
|
||||||
+++ b/src/runtime/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslCachedSystemStoreProvider.cs
|
|
||||||
@@ -21,14 +21,14 @@ internal sealed class OpenSslCachedSystemStoreProvider : IStorePal
|
|
||||||
private static readonly TimeSpan s_lastWriteRecheckInterval = TimeSpan.FromSeconds(5);
|
|
||||||
private static readonly TimeSpan s_assumeInvalidInterval = TimeSpan.FromMinutes(5);
|
|
||||||
private static readonly Stopwatch s_recheckStopwatch = new Stopwatch();
|
|
||||||
- private static DirectoryInfo? s_rootStoreDirectoryInfo = SafeOpenRootDirectoryInfo();
|
|
||||||
+ private static string[]? s_rootStoreDirectories;
|
|
||||||
private static bool s_defaultRootDir;
|
|
||||||
- private static readonly FileInfo? s_rootStoreFileInfo = SafeOpenRootFileInfo();
|
|
||||||
+ private static string? s_rootStoreFile;
|
|
||||||
+ private static DateTime[]? s_directoryLastWrite;
|
|
||||||
+ private static DateTime s_fileLastWrite;
|
|
||||||
|
|
||||||
// Use non-Value-Tuple so that it's an atomic update.
|
|
||||||
private static Tuple<SafeX509StackHandle, SafeX509StackHandle>? s_nativeCollections;
|
|
||||||
- private static DateTime s_directoryCertsLastWrite;
|
|
||||||
- private static DateTime s_fileCertsLastWrite;
|
|
||||||
|
|
||||||
private readonly bool _isRoot;
|
|
||||||
|
|
||||||
@@ -93,18 +93,11 @@ public void Remove(ICertificatePal cert)
|
|
||||||
{
|
|
||||||
lock (s_recheckStopwatch)
|
|
||||||
{
|
|
||||||
- FileInfo? fileInfo = s_rootStoreFileInfo;
|
|
||||||
- DirectoryInfo? dirInfo = s_rootStoreDirectoryInfo;
|
|
||||||
-
|
|
||||||
- fileInfo?.Refresh();
|
|
||||||
- dirInfo?.Refresh();
|
|
||||||
-
|
|
||||||
if (ret == null ||
|
|
||||||
elapsed > s_assumeInvalidInterval ||
|
|
||||||
- (fileInfo != null && fileInfo.Exists && ContentWriteTime(fileInfo) != s_fileCertsLastWrite) ||
|
|
||||||
- (dirInfo != null && dirInfo.Exists && ContentWriteTime(dirInfo) != s_directoryCertsLastWrite))
|
|
||||||
+ LastWriteTimesHaveChanged())
|
|
||||||
{
|
|
||||||
- ret = LoadMachineStores(dirInfo, fileInfo);
|
|
||||||
+ ret = LoadMachineStores();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -113,9 +106,37 @@ public void Remove(ICertificatePal cert)
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
- private static Tuple<SafeX509StackHandle, SafeX509StackHandle> LoadMachineStores(
|
|
||||||
- DirectoryInfo? rootStorePath,
|
|
||||||
- FileInfo? rootStoreFile)
|
|
||||||
+ private static bool LastWriteTimesHaveChanged()
|
|
||||||
+ {
|
|
||||||
+ Debug.Assert(
|
|
||||||
+ Monitor.IsEntered(s_recheckStopwatch),
|
|
||||||
+ "LastWriteTimesHaveChanged assumes a lock(s_recheckStopwatch)");
|
|
||||||
+
|
|
||||||
+ if (s_rootStoreFile != null)
|
|
||||||
+ {
|
|
||||||
+ _ = TryStatFile(s_rootStoreFile, out DateTime lastModified);
|
|
||||||
+ if (lastModified != s_fileLastWrite)
|
|
||||||
+ {
|
|
||||||
+ return true;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (s_rootStoreDirectories != null && s_directoryLastWrite != null)
|
|
||||||
+ {
|
|
||||||
+ for (int i = 0; i < s_rootStoreDirectories.Length; i++)
|
|
||||||
+ {
|
|
||||||
+ _ = TryStatDirectory(s_rootStoreDirectories[i], out DateTime lastModified);
|
|
||||||
+ if (lastModified != s_directoryLastWrite[i])
|
|
||||||
+ {
|
|
||||||
+ return true;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ private static Tuple<SafeX509StackHandle, SafeX509StackHandle> LoadMachineStores()
|
|
||||||
{
|
|
||||||
Debug.Assert(
|
|
||||||
Monitor.IsEntered(s_recheckStopwatch),
|
|
||||||
@@ -126,61 +147,76 @@ public void Remove(ICertificatePal cert)
|
|
||||||
SafeX509StackHandle intermedStore = Interop.Crypto.NewX509Stack();
|
|
||||||
Interop.Crypto.CheckValidOpenSslHandle(intermedStore);
|
|
||||||
|
|
||||||
- DateTime newFileTime = default;
|
|
||||||
- DateTime newDirTime = default;
|
|
||||||
-
|
|
||||||
var uniqueRootCerts = new HashSet<X509Certificate2>();
|
|
||||||
var uniqueIntermediateCerts = new HashSet<X509Certificate2>();
|
|
||||||
bool firstLoad = (s_nativeCollections == null);
|
|
||||||
|
|
||||||
- if (rootStoreFile != null && rootStoreFile.Exists)
|
|
||||||
+ if (firstLoad)
|
|
||||||
{
|
|
||||||
- newFileTime = ContentWriteTime(rootStoreFile);
|
|
||||||
- ProcessFile(rootStoreFile);
|
|
||||||
+ s_rootStoreDirectories = GetRootStoreDirectories(out s_defaultRootDir);
|
|
||||||
+ s_directoryLastWrite = new DateTime[s_rootStoreDirectories.Length];
|
|
||||||
+ s_rootStoreFile = GetRootStoreFile();
|
|
||||||
+ }
|
|
||||||
+ else
|
|
||||||
+ {
|
|
||||||
+ Debug.Assert(s_rootStoreDirectories is not null);
|
|
||||||
+ Debug.Assert(s_directoryLastWrite is not null);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (s_rootStoreFile != null)
|
|
||||||
+ {
|
|
||||||
+ ProcessFile(s_rootStoreFile, out s_fileLastWrite);
|
|
||||||
}
|
|
||||||
|
|
||||||
bool hasStoreData = false;
|
|
||||||
|
|
||||||
- if (rootStorePath != null && rootStorePath.Exists)
|
|
||||||
+ for (int i = 0; i < s_rootStoreDirectories.Length; i++)
|
|
||||||
{
|
|
||||||
- newDirTime = ContentWriteTime(rootStorePath);
|
|
||||||
- hasStoreData = ProcessDir(rootStorePath);
|
|
||||||
+ hasStoreData = ProcessDir(s_rootStoreDirectories[i], out s_directoryLastWrite[i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (firstLoad && !hasStoreData && s_defaultRootDir)
|
|
||||||
{
|
|
||||||
- DirectoryInfo etcSslCerts = new DirectoryInfo("/etc/ssl/certs");
|
|
||||||
-
|
|
||||||
- if (etcSslCerts.Exists)
|
|
||||||
+ const string DefaultCertDir = "/etc/ssl/certs";
|
|
||||||
+ hasStoreData = ProcessDir(DefaultCertDir, out DateTime lastModified);
|
|
||||||
+ if (hasStoreData)
|
|
||||||
{
|
|
||||||
- DateTime tmpTime = ContentWriteTime(etcSslCerts);
|
|
||||||
- hasStoreData = ProcessDir(etcSslCerts);
|
|
||||||
-
|
|
||||||
- if (hasStoreData)
|
|
||||||
- {
|
|
||||||
- newDirTime = tmpTime;
|
|
||||||
- s_rootStoreDirectoryInfo = etcSslCerts;
|
|
||||||
- }
|
|
||||||
+ s_rootStoreDirectories = new[] { DefaultCertDir };
|
|
||||||
+ s_directoryLastWrite = new[] { lastModified };
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- bool ProcessDir(DirectoryInfo dir)
|
|
||||||
+ bool ProcessDir(string dir, out DateTime lastModified)
|
|
||||||
{
|
|
||||||
+ if (!TryStatDirectory(dir, out lastModified))
|
|
||||||
+ {
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
bool hasStoreData = false;
|
|
||||||
|
|
||||||
- foreach (FileInfo file in dir.EnumerateFiles())
|
|
||||||
+ foreach (string file in Directory.EnumerateFiles(dir))
|
|
||||||
{
|
|
||||||
- hasStoreData |= ProcessFile(file);
|
|
||||||
+ hasStoreData |= ProcessFile(file, out _, skipStat: true);
|
|
||||||
}
|
|
||||||
|
|
||||||
return hasStoreData;
|
|
||||||
}
|
|
||||||
|
|
||||||
- bool ProcessFile(FileInfo file)
|
|
||||||
+ bool ProcessFile(string file, out DateTime lastModified, bool skipStat = false)
|
|
||||||
{
|
|
||||||
bool readData = false;
|
|
||||||
|
|
||||||
- using (SafeBioHandle fileBio = Interop.Crypto.BioNewFile(file.FullName, "rb"))
|
|
||||||
+ if (skipStat)
|
|
||||||
+ {
|
|
||||||
+ lastModified = default;
|
|
||||||
+ }
|
|
||||||
+ else if (!TryStatFile(file, out lastModified))
|
|
||||||
+ {
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ using (SafeBioHandle fileBio = Interop.Crypto.BioNewFile(file, "rb"))
|
|
||||||
{
|
|
||||||
// The handle may be invalid, for example when we don't have read permission for the file.
|
|
||||||
if (fileBio.IsInvalid)
|
|
||||||
@@ -274,114 +310,78 @@ bool ProcessFile(FileInfo file)
|
|
||||||
// on every call.
|
|
||||||
|
|
||||||
Volatile.Write(ref s_nativeCollections, newCollections);
|
|
||||||
- s_directoryCertsLastWrite = newDirTime;
|
|
||||||
- s_fileCertsLastWrite = newFileTime;
|
|
||||||
s_recheckStopwatch.Restart();
|
|
||||||
return newCollections;
|
|
||||||
}
|
|
||||||
|
|
||||||
- private static FileInfo? SafeOpenRootFileInfo()
|
|
||||||
+ private static string? GetRootStoreFile()
|
|
||||||
{
|
|
||||||
string? rootFile = Interop.Crypto.GetX509RootStoreFile();
|
|
||||||
|
|
||||||
if (!string.IsNullOrEmpty(rootFile))
|
|
||||||
{
|
|
||||||
- try
|
|
||||||
- {
|
|
||||||
- return new FileInfo(rootFile);
|
|
||||||
- }
|
|
||||||
- catch (ArgumentException)
|
|
||||||
- {
|
|
||||||
- // If SSL_CERT_FILE is set to the empty string, or anything else which gives
|
|
||||||
- // "The path is not of a legal form", then the GetX509RootStoreFile value is ignored.
|
|
||||||
- }
|
|
||||||
+ return Path.GetFullPath(rootFile);
|
|
||||||
}
|
|
||||||
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
- private static DirectoryInfo? SafeOpenRootDirectoryInfo()
|
|
||||||
+ private static string[] GetRootStoreDirectories(out bool isDefault)
|
|
||||||
{
|
|
||||||
- string? rootDirectory = Interop.Crypto.GetX509RootStorePath(out s_defaultRootDir);
|
|
||||||
+ string rootDirectory = Interop.Crypto.GetX509RootStorePath(out isDefault) ?? "";
|
|
||||||
|
|
||||||
- if (!string.IsNullOrEmpty(rootDirectory))
|
|
||||||
- {
|
|
||||||
- try
|
|
||||||
- {
|
|
||||||
- return new DirectoryInfo(rootDirectory);
|
|
||||||
- }
|
|
||||||
- catch (ArgumentException)
|
|
||||||
- {
|
|
||||||
- // If SSL_CERT_DIR is set to the empty string, or anything else which gives
|
|
||||||
- // "The path is not of a legal form", then the GetX509RootStoreFile value is ignored.
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- return null;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- private static DateTime ContentWriteTime(FileInfo info)
|
|
||||||
- {
|
|
||||||
- string path = info.FullName;
|
|
||||||
- string? target = Interop.Sys.ReadLink(path);
|
|
||||||
-
|
|
||||||
- if (string.IsNullOrEmpty(target))
|
|
||||||
- {
|
|
||||||
- return info.LastWriteTimeUtc;
|
|
||||||
- }
|
|
||||||
+ string[] directories = rootDirectory.Split(Path.PathSeparator, StringSplitOptions.RemoveEmptyEntries);
|
|
||||||
|
|
||||||
- if (target[0] != '/')
|
|
||||||
+ for (int i = 0; i < directories.Length; i++)
|
|
||||||
{
|
|
||||||
- target = Path.Join(info.Directory?.FullName, target);
|
|
||||||
+ directories[i] = Path.GetFullPath(directories[i]);
|
|
||||||
}
|
|
||||||
|
|
||||||
- try
|
|
||||||
+ // Remove duplicates.
|
|
||||||
+ if (directories.Length > 1)
|
|
||||||
{
|
|
||||||
- var targetInfo = new FileInfo(target);
|
|
||||||
-
|
|
||||||
- if (targetInfo.Exists)
|
|
||||||
+ var set = new HashSet<string>(directories, StringComparer.Ordinal);
|
|
||||||
+ if (set.Count != directories.Length)
|
|
||||||
{
|
|
||||||
- return targetInfo.LastWriteTimeUtc;
|
|
||||||
+ // Preserve the original order.
|
|
||||||
+ string[] directoriesTrimmed = new string[set.Count];
|
|
||||||
+ int j = 0;
|
|
||||||
+ for (int i = 0; i < directories.Length; i++)
|
|
||||||
+ {
|
|
||||||
+ string directory = directories[i];
|
|
||||||
+ if (set.Remove(directory))
|
|
||||||
+ {
|
|
||||||
+ directoriesTrimmed[j++] = directory;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ Debug.Assert(set.Count == 0);
|
|
||||||
+ directories = directoriesTrimmed;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
- catch (ArgumentException)
|
|
||||||
- {
|
|
||||||
- // If we can't load information about the link path, just treat it as not a link.
|
|
||||||
- }
|
|
||||||
|
|
||||||
- return info.LastWriteTimeUtc;
|
|
||||||
+ return directories;
|
|
||||||
}
|
|
||||||
|
|
||||||
- private static DateTime ContentWriteTime(DirectoryInfo info)
|
|
||||||
- {
|
|
||||||
- string path = info.FullName;
|
|
||||||
- string? target = Interop.Sys.ReadLink(path);
|
|
||||||
-
|
|
||||||
- if (string.IsNullOrEmpty(target))
|
|
||||||
- {
|
|
||||||
- return info.LastWriteTimeUtc;
|
|
||||||
- }
|
|
||||||
+ private static bool TryStatFile(string path, out DateTime lastModified)
|
|
||||||
+ => TryStat(path, Interop.Sys.FileTypes.S_IFREG, out lastModified);
|
|
||||||
|
|
||||||
- if (target[0] != '/')
|
|
||||||
- {
|
|
||||||
- target = Path.Join(info.Parent?.FullName, target);
|
|
||||||
- }
|
|
||||||
+ private static bool TryStatDirectory(string path, out DateTime lastModified)
|
|
||||||
+ => TryStat(path, Interop.Sys.FileTypes.S_IFDIR, out lastModified);
|
|
||||||
|
|
||||||
- try
|
|
||||||
- {
|
|
||||||
- var targetInfo = new DirectoryInfo(target);
|
|
||||||
+ private static bool TryStat(string path, int fileType, out DateTime lastModified)
|
|
||||||
+ {
|
|
||||||
+ lastModified = default;
|
|
||||||
|
|
||||||
- if (targetInfo.Exists)
|
|
||||||
- {
|
|
||||||
- return targetInfo.LastWriteTimeUtc;
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
- catch (ArgumentException)
|
|
||||||
+ Interop.Sys.FileStatus status;
|
|
||||||
+ // Use Stat to follow links.
|
|
||||||
+ if (Interop.Sys.Stat(path, out status) < 0 ||
|
|
||||||
+ (status.Mode & Interop.Sys.FileTypes.S_IFMT) != fileType)
|
|
||||||
{
|
|
||||||
- // If we can't load information about the link path, just treat it as not a link.
|
|
||||||
+ return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
- return info.LastWriteTimeUtc;
|
|
||||||
+ lastModified = DateTime.UnixEpoch + TimeSpan.FromTicks(status.MTime * TimeSpan.TicksPerSecond + status.MTimeNsec / TimeSpan.NanosecondsPerTick);
|
|
||||||
+ return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
diff --git a/src/runtime/src/libraries/System.Security.Cryptography/tests/X509Certificates/X509StoreTests.Unix.cs b/src/runtime/src/libraries/System.Security.Cryptography/tests/X509Certificates/X509StoreTests.Unix.cs
|
|
||||||
index 0efb6c12028..f460d6b9bd6 100644
|
|
||||||
--- a/src/runtime/src/libraries/System.Security.Cryptography/tests/X509Certificates/X509StoreTests.Unix.cs
|
|
||||||
+++ b/src/runtime/src/libraries/System.Security.Cryptography/tests/X509Certificates/X509StoreTests.Unix.cs
|
|
||||||
@@ -10,7 +10,6 @@ namespace System.Security.Cryptography.X509Certificates.Tests
|
|
||||||
{
|
|
||||||
public partial class X509StoreTests
|
|
||||||
{
|
|
||||||
-
|
|
||||||
[ConditionalFact(nameof(NotRunningAsRootAndRemoteExecutorSupported))] // root can read '2.pem'
|
|
||||||
[PlatformSpecific(TestPlatforms.Linux)] // Windows/OSX doesn't use SSL_CERT_{DIR,FILE}.
|
|
||||||
private void X509Store_MachineStoreLoadSkipsInvalidFiles()
|
|
||||||
@@ -50,6 +49,47 @@ private void X509Store_MachineStoreLoadSkipsInvalidFiles()
|
|
||||||
}, new RemoteInvokeOptions { StartInfo = psi }).Dispose();
|
|
||||||
}
|
|
||||||
|
|
||||||
+ [ConditionalFact(typeof(RemoteExecutor), nameof(RemoteExecutor.IsSupported))]
|
|
||||||
+ [PlatformSpecific(TestPlatforms.Linux)] // Windows/OSX doesn't use SSL_CERT_{DIR,FILE}.
|
|
||||||
+ private void X509Store_MachineStoreLoadsMutipleSslCertDirectories()
|
|
||||||
+ {
|
|
||||||
+ // Create 3 certificates and place them in two directories that will be passed
|
|
||||||
+ // using SSL_CERT_DIR.
|
|
||||||
+ string sslCertDir1 = GetTestFilePath();
|
|
||||||
+ Directory.CreateDirectory(sslCertDir1);
|
|
||||||
+ File.WriteAllBytes(Path.Combine(sslCertDir1, "1.pem"), TestData.SelfSigned1PemBytes);
|
|
||||||
+ File.WriteAllBytes(Path.Combine(sslCertDir1, "2.pem"), TestData.SelfSigned2PemBytes);
|
|
||||||
+ string sslCertDir2 = GetTestFilePath();
|
|
||||||
+ Directory.CreateDirectory(sslCertDir2);
|
|
||||||
+ File.WriteAllBytes(Path.Combine(sslCertDir2, "3.pem"), TestData.SelfSigned3PemBytes);
|
|
||||||
+
|
|
||||||
+ // Add a non-existing directory after each valid directory to verify they are ignored.
|
|
||||||
+ string sslCertDir = string.Join(Path.PathSeparator,
|
|
||||||
+ new[] {
|
|
||||||
+ sslCertDir1,
|
|
||||||
+ sslCertDir2,
|
|
||||||
+ "", // empty string
|
|
||||||
+ sslCertDir2, // duplicate directory
|
|
||||||
+ "/invalid2", // path that does not exist
|
|
||||||
+ });
|
|
||||||
+
|
|
||||||
+ var psi = new ProcessStartInfo();
|
|
||||||
+ psi.Environment.Add("SSL_CERT_DIR", sslCertDir);
|
|
||||||
+ // Set SSL_CERT_FILE to avoid loading the default bundle file.
|
|
||||||
+ psi.Environment.Add("SSL_CERT_FILE", "/nonexisting");
|
|
||||||
+ RemoteExecutor.Invoke(() =>
|
|
||||||
+ {
|
|
||||||
+ Assert.NotNull(Environment.GetEnvironmentVariable("SSL_CERT_DIR"));
|
|
||||||
+ using (var store = new X509Store(StoreName.Root, StoreLocation.LocalMachine))
|
|
||||||
+ {
|
|
||||||
+ store.Open(OpenFlags.OpenExistingOnly);
|
|
||||||
+
|
|
||||||
+ // Check nr of certificates in store.
|
|
||||||
+ Assert.Equal(3, store.Certificates.Count);
|
|
||||||
+ }
|
|
||||||
+ }, new RemoteInvokeOptions { StartInfo = psi }).Dispose();
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
public static bool NotRunningAsRootAndRemoteExecutorSupported => !Environment.IsPrivilegedProcess && RemoteExecutor.IsSupported;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.41.0
|
|
||||||
|
|
34
runtime-openssl-sha1.patch
Normal file
34
runtime-openssl-sha1.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
From d7805229ffe6906cd0832c0482b963caf4b4fd82 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tom Deseyn <tom.deseyn@gmail.com>
|
||||||
|
Date: Wed, 28 Feb 2024 14:08:15 +0100
|
||||||
|
Subject: [PATCH] Allow certificate validation with SHA-1 signatures.
|
||||||
|
|
||||||
|
RHEL OpenSSL builds disable SHA-1 signatures. This causes certificate
|
||||||
|
validation to fail when using the X509_V_FLAG_CHECK_SS_SIGNATURE flag
|
||||||
|
with a chain where the last certificate uses a SHA-1 signature.
|
||||||
|
|
||||||
|
This removes X509_V_FLAG_CHECK_SS_SIGNATURE flag to have the default
|
||||||
|
OpenSSL behavior for certificate validation.
|
||||||
|
---
|
||||||
|
.../libs/System.Security.Cryptography.Native/pal_x509.c | 5 -----
|
||||||
|
1 file changed, 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_x509.c b/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_x509.c
|
||||||
|
index 04c6ba06cd..2cd3413dae 100644
|
||||||
|
--- a/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_x509.c
|
||||||
|
+++ b/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_x509.c
|
||||||
|
@@ -272,11 +272,6 @@ int32_t CryptoNative_X509StoreCtxInit(X509_STORE_CTX* ctx, X509_STORE* store, X5
|
||||||
|
|
||||||
|
int32_t val = X509_STORE_CTX_init(ctx, store, x509, extraStore);
|
||||||
|
|
||||||
|
- if (val != 0)
|
||||||
|
- {
|
||||||
|
- X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_CHECK_SS_SIGNATURE);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
return val;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.43.2
|
||||||
|
|
142
runtime-re-enable-implicit-rejection.patch
Normal file
142
runtime-re-enable-implicit-rejection.patch
Normal file
@ -0,0 +1,142 @@
|
|||||||
|
From 5fdc289903bd3a77d455583650b00297da0cae8f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Omair Majid <omajid@redhat.com>
|
||||||
|
Date: Fri, 2 Feb 2024 15:51:23 -0500
|
||||||
|
Subject: [PATCH] Revert "Disable implicit rejection for RSA PKCS#1 (#95216)"
|
||||||
|
|
||||||
|
This reverts commit a5fc8ff9b03ffb2fdb81dad524ad1a20a0714995.
|
||||||
|
|
||||||
|
To quote Clemens Lang:
|
||||||
|
|
||||||
|
> [Disabling implcit rejection] re-enables a Bleichenbacher timing oracle
|
||||||
|
> attack against PKCS#1v1.5 decryption. See
|
||||||
|
> https://people.redhat.com/~hkario/marvin/ for details and
|
||||||
|
> https://github.com/dotnet/runtime/pull/95157#issuecomment-1842784399 for a
|
||||||
|
> comment by the researcher who published the vulnerability and proposed the
|
||||||
|
> change in OpenSSL.
|
||||||
|
|
||||||
|
For more details, see:
|
||||||
|
https://github.com/dotnet/runtime/pull/95216#issuecomment-1842799314
|
||||||
|
---
|
||||||
|
.../RSA/EncryptDecrypt.cs | 49 ++++---------------
|
||||||
|
.../opensslshim.h | 6 ---
|
||||||
|
.../pal_evp_pkey_rsa.c | 13 -----
|
||||||
|
3 files changed, 10 insertions(+), 58 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/runtime/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs b/src/runtime/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs
|
||||||
|
index 39f3ebc82ec..5b97f468a42 100644
|
||||||
|
--- a/src/runtime/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs
|
||||||
|
+++ b/src/runtime/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RSA/EncryptDecrypt.cs
|
||||||
|
@@ -353,10 +353,19 @@ private void RsaCryptRoundtrip(RSAEncryptionPadding paddingMode, bool expectSucc
|
||||||
|
Assert.Equal(TestData.HelloBytes, output);
|
||||||
|
}
|
||||||
|
|
||||||
|
- [ConditionalFact(nameof(PlatformSupportsEmptyRSAEncryption))]
|
||||||
|
+ [ConditionalFact]
|
||||||
|
[SkipOnTargetFramework(TargetFrameworkMonikers.NetFramework)]
|
||||||
|
public void RoundtripEmptyArray()
|
||||||
|
{
|
||||||
|
+ if (OperatingSystem.IsIOS() && !OperatingSystem.IsIOSVersionAtLeast(13, 6))
|
||||||
|
+ {
|
||||||
|
+ throw new SkipTestException("iOS prior to 13.6 does not reliably support RSA encryption of empty data.");
|
||||||
|
+ }
|
||||||
|
+ if (OperatingSystem.IsTvOS() && !OperatingSystem.IsTvOSVersionAtLeast(14, 0))
|
||||||
|
+ {
|
||||||
|
+ throw new SkipTestException("tvOS prior to 14.0 does not reliably support RSA encryption of empty data.");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
using (RSA rsa = RSAFactory.Create(TestData.RSA2048Params))
|
||||||
|
{
|
||||||
|
void RoundtripEmpty(RSAEncryptionPadding paddingMode)
|
||||||
|
@@ -757,23 +746,5 @@ public static IEnumerable<object[]> OaepPaddingModes
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- public static bool PlatformSupportsEmptyRSAEncryption
|
||||||
|
- {
|
||||||
|
- get
|
||||||
|
- {
|
||||||
|
- if (OperatingSystem.IsIOS() && !OperatingSystem.IsIOSVersionAtLeast(13, 6))
|
||||||
|
- {
|
||||||
|
- return false;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if (OperatingSystem.IsTvOS() && !OperatingSystem.IsTvOSVersionAtLeast(14, 0))
|
||||||
|
- {
|
||||||
|
- return false;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- return true;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
diff --git a/src/runtime/src/native/libs/System.Security.Cryptography.Native/opensslshim.h b/src/runtime/src/native/libs/System.Security.Cryptography.Native/opensslshim.h
|
||||||
|
index 0748e305d5c..cf10d2f7949 100644
|
||||||
|
--- a/src/runtime/src/native/libs/System.Security.Cryptography.Native/opensslshim.h
|
||||||
|
+++ b/src/runtime/src/native/libs/System.Security.Cryptography.Native/opensslshim.h
|
||||||
|
@@ -296,10 +296,8 @@ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
|
||||||
|
REQUIRED_FUNCTION(ERR_peek_error) \
|
||||||
|
REQUIRED_FUNCTION(ERR_peek_error_line) \
|
||||||
|
REQUIRED_FUNCTION(ERR_peek_last_error) \
|
||||||
|
- REQUIRED_FUNCTION(ERR_pop_to_mark) \
|
||||||
|
FALLBACK_FUNCTION(ERR_put_error) \
|
||||||
|
REQUIRED_FUNCTION(ERR_reason_error_string) \
|
||||||
|
- REQUIRED_FUNCTION(ERR_set_mark) \
|
||||||
|
LIGHTUP_FUNCTION(ERR_set_debug) \
|
||||||
|
LIGHTUP_FUNCTION(ERR_set_error) \
|
||||||
|
REQUIRED_FUNCTION(EVP_aes_128_cbc) \
|
||||||
|
@@ -355,7 +353,6 @@ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len);
|
||||||
|
REQUIRED_FUNCTION(EVP_PKCS82PKEY) \
|
||||||
|
REQUIRED_FUNCTION(EVP_PKEY2PKCS8) \
|
||||||
|
REQUIRED_FUNCTION(EVP_PKEY_CTX_ctrl) \
|
||||||
|
- REQUIRED_FUNCTION(EVP_PKEY_CTX_ctrl_str) \
|
||||||
|
REQUIRED_FUNCTION(EVP_PKEY_CTX_free) \
|
||||||
|
REQUIRED_FUNCTION(EVP_PKEY_CTX_get0_pkey) \
|
||||||
|
REQUIRED_FUNCTION(EVP_PKEY_CTX_new) \
|
||||||
|
@@ -797,10 +794,8 @@ FOR_ALL_OPENSSL_FUNCTIONS
|
||||||
|
#define ERR_peek_error_line ERR_peek_error_line_ptr
|
||||||
|
#define ERR_peek_last_error ERR_peek_last_error_ptr
|
||||||
|
#define ERR_put_error ERR_put_error_ptr
|
||||||
|
-#define ERR_pop_to_mark ERR_pop_to_mark_ptr
|
||||||
|
#define ERR_reason_error_string ERR_reason_error_string_ptr
|
||||||
|
#define ERR_set_debug ERR_set_debug_ptr
|
||||||
|
-#define ERR_set_mark ERR_set_mark_ptr
|
||||||
|
#define ERR_set_error ERR_set_error_ptr
|
||||||
|
#define EVP_aes_128_cbc EVP_aes_128_cbc_ptr
|
||||||
|
#define EVP_aes_128_cfb8 EVP_aes_128_cfb8_ptr
|
||||||
|
@@ -855,7 +850,6 @@ FOR_ALL_OPENSSL_FUNCTIONS
|
||||||
|
#define EVP_PKCS82PKEY EVP_PKCS82PKEY_ptr
|
||||||
|
#define EVP_PKEY2PKCS8 EVP_PKEY2PKCS8_ptr
|
||||||
|
#define EVP_PKEY_CTX_ctrl EVP_PKEY_CTX_ctrl_ptr
|
||||||
|
-#define EVP_PKEY_CTX_ctrl_str EVP_PKEY_CTX_ctrl_str_ptr
|
||||||
|
#define EVP_PKEY_CTX_free EVP_PKEY_CTX_free_ptr
|
||||||
|
#define EVP_PKEY_CTX_get0_pkey EVP_PKEY_CTX_get0_pkey_ptr
|
||||||
|
#define EVP_PKEY_CTX_new EVP_PKEY_CTX_new_ptr
|
||||||
|
diff --git a/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c b/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c
|
||||||
|
index 043bf9f9d1e..c9ccdf33e3a 100644
|
||||||
|
--- a/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c
|
||||||
|
+++ b/src/runtime/src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey_rsa.c
|
||||||
|
@@ -67,19 +67,6 @@ static bool ConfigureEncryption(EVP_PKEY_CTX* ctx, RsaPaddingMode padding, const
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- // OpenSSL 3.2 introduced a change where PKCS#1 RSA decryption does not fail for invalid padding.
|
||||||
|
- // If the padding is invalid, the decryption operation returns random data.
|
||||||
|
- // See https://github.com/openssl/openssl/pull/13817 for background.
|
||||||
|
- // Some Linux distributions backported this change to previous versions of OpenSSL.
|
||||||
|
- // Here we do a best-effort to set a flag to revert the behavior to failing if the padding is invalid.
|
||||||
|
- ERR_set_mark();
|
||||||
|
-
|
||||||
|
- EVP_PKEY_CTX_ctrl_str(ctx, "rsa_pkcs1_implicit_rejection", "0");
|
||||||
|
-
|
||||||
|
- // Undo any changes to the error queue that may have occured while configuring implicit rejection if the
|
||||||
|
- // current version does not support implicit rejection.
|
||||||
|
- ERR_pop_to_mark();
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
--
|
||||||
|
2.43.0
|
||||||
|
|
3
sources
3
sources
@ -1 +1,2 @@
|
|||||||
SHA512 (dotnet-v8.0.0-rc.2.23479.6.tar.gz) = 604220e91cfb3b0909b5127ed6b53b0a661f6258dd87068e5eb2f589729fb7b634ce934967e821075f027e0d2e12d15595a2fff57099efba036f760c6eb79493
|
SHA512 (dotnet-8.0.8.tar.gz) = 7f41d46bb54a13bf2483422ccc3bfbe3b3ace7bb07d29b88723c8293c242bc4847b2ef044c51893f356902b90d0750055e98f33e6da8e0bc8942151d73c58c23
|
||||||
|
SHA512 (dotnet-8.0.8.tar.gz.sig) = 996a7392e739111945789d5db2599b63ec899e98c9c72de362af7115634f925d3b77a5cde6d738e849358befbee1ec12bef0d9145ac0f4a9bf85bb3ef54266c9
|
||||||
|
@ -39,3 +39,7 @@ execute:
|
|||||||
- dotnet turkey/Turkey.dll --version
|
- dotnet turkey/Turkey.dll --version
|
||||||
- git clone "https://github.com/redhat-developer/dotnet-regular-tests.git"
|
- git clone "https://github.com/redhat-developer/dotnet-regular-tests.git"
|
||||||
- dotnet turkey/Turkey.dll -l="$TMT_TEST_DATA" dotnet-regular-tests --timeout=1200
|
- dotnet turkey/Turkey.dll -l="$TMT_TEST_DATA" dotnet-regular-tests --timeout=1200
|
||||||
|
- dnf remove -yq 'dotnet*'
|
||||||
|
- set -x; if command -v dotnet ; then exit 1; fi
|
||||||
|
- set -x; if [ -d /usr/lib64/dotnet ]; then exit 1; fi
|
||||||
|
- set -x; if man dotnet; then exit 1; fi
|
||||||
|
@ -8,7 +8,7 @@ IFS=$'\n\t'
|
|||||||
|
|
||||||
print_usage() {
|
print_usage() {
|
||||||
echo " Usage:"
|
echo " Usage:"
|
||||||
echo " ./update-release sdk-version runtime-version [--bug bug-id] [--tarball tarball-name] [--larger-rpm-release]"
|
echo " ./update-release sdk-version runtime-version [--bug bug-id] [--tarball tarball-name] [--release-json release-json] [--larger-rpm-release]"
|
||||||
}
|
}
|
||||||
|
|
||||||
user_provided_tarball_name=""
|
user_provided_tarball_name=""
|
||||||
@ -28,6 +28,11 @@ while [[ "$#" -gt 0 ]]; do
|
|||||||
print_usage
|
print_usage
|
||||||
exit 0
|
exit 0
|
||||||
;;
|
;;
|
||||||
|
--release-json)
|
||||||
|
release_json="$2"
|
||||||
|
shift;
|
||||||
|
shift;
|
||||||
|
;;
|
||||||
--tarball)
|
--tarball)
|
||||||
user_provided_tarball_name="$2"
|
user_provided_tarball_name="$2"
|
||||||
shift;
|
shift;
|
||||||
@ -61,46 +66,68 @@ fi
|
|||||||
|
|
||||||
host_version="$runtime_version"
|
host_version="$runtime_version"
|
||||||
|
|
||||||
if [[ "$runtime_version" == "3.1"* ]]; then
|
if [[ "$runtime_version" == "6.0"* ]] || [[ "$runtime_version" == "7.0"* ]] ; then
|
||||||
tag=v${sdk_version}-SDK
|
|
||||||
elif [[ "$runtime_version" == "6.0"* ]] || [[ "$runtime_version" == "7.0"* ]]; then
|
|
||||||
tag=v${sdk_version}
|
tag=v${sdk_version}
|
||||||
else
|
else
|
||||||
tag=v${runtime_version}
|
tag=v${runtime_version}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -f "dotnet-${tag}-original.tar.gz" ]]; then
|
|
||||||
echo "dotnet-${tag}-original.tar.gz alredy exists, not rebuilding tarball"
|
|
||||||
else
|
|
||||||
if [[ -n "${user_provided_tarball_name}" ]]; then
|
|
||||||
mv "$user_provided_tarball_name" "dotnet-${tag}-original.tar.gz"
|
|
||||||
elif [[ -f "dotnet-${sdk_version}-SDK.tar.gz" ]]; then
|
|
||||||
mv "dotnet-${sdk_version}-SDK.tar.gz" "dotnet-${tag}-original.tar.gz"
|
|
||||||
elif [[ -f "dotnet-${sdk_version}.tar.gz" ]]; then
|
|
||||||
mv "dotnet-${sdk_version}.tar.gz" "dotnet-${tag}-original.tar.gz"
|
|
||||||
elif [[ -f "dotnet-${runtime_version}.tar.gz" ]]; then
|
|
||||||
mv "dotnet-${runtime_version}.tar.gz" "dotnet-${tag}-original.tar.gz"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ ! -f "dotnet-${tag}.tar.gz" ]]; then
|
|
||||||
./build-dotnet-tarball "${tag}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
set -x
|
set -x
|
||||||
|
|
||||||
sed -i -E "s|^%global host_version [[:digit:]]\.[[:digit:]]\.[[:digit:]]+|%global host_version ${host_version}|" "$spec_file"
|
sed -i -E "s|^%global host_version [[:digit:]]\.[[:digit:]]\.[[:digit:]]+|%global host_version ${host_version}|" "$spec_file"
|
||||||
sed -i -E "s|^%global runtime_version [[:digit:]]\.[[:digit:]]\.[[:digit:]]+|%global runtime_version ${runtime_version}|" "$spec_file"
|
sed -i -E "s|^%global runtime_version [[:digit:]]\.[[:digit:]]\.[[:digit:]]+|%global runtime_version ${runtime_version}|" "$spec_file"
|
||||||
sed -i -E "s|^%global sdk_version [[:digit:]]\.[[:digit:]]\.[[:digit:]][[:digit:]][[:digit:]]|%global sdk_version ${sdk_version}|" "$spec_file"
|
sed -i -E "s|^%global sdk_version [[:digit:]]\.[[:digit:]]\.[[:digit:]][[:digit:]][[:digit:]]|%global sdk_version ${sdk_version}|" "$spec_file"
|
||||||
|
|
||||||
|
|
||||||
|
if [[ "$runtime_version" == "6.0"* ]] || [[ "$runtime_version" == "7.0"* ]] ; then
|
||||||
|
if [[ -f "dotnet-${tag}.tar.gz" ]]; then
|
||||||
|
echo "dotnet-${tag}.tar.gz already exists, not rebuilding tarball"
|
||||||
|
else
|
||||||
|
if [[ -f "dotnet-${tag}-original.tar.gz" ]]; then
|
||||||
|
echo "dotnet-${tag}-original.tar.gz alredy exists, not rebuilding tarball"
|
||||||
|
else
|
||||||
|
if [[ -n "${user_provided_tarball_name}" ]]; then
|
||||||
|
cp -a "$user_provided_tarball_name" "dotnet-${tag}-original.tar.gz"
|
||||||
|
elif [[ -f "dotnet-${sdk_version}-SDK.tar.gz" ]]; then
|
||||||
|
cp -a "dotnet-${sdk_version}-SDK.tar.gz" "dotnet-${tag}-original.tar.gz"
|
||||||
|
elif [[ -f "dotnet-${sdk_version}.tar.gz" ]]; then
|
||||||
|
cp -a "dotnet-${sdk_version}.tar.gz" "dotnet-${tag}-original.tar.gz"
|
||||||
|
elif [[ -f "dotnet-${runtime_version}.tar.gz" ]]; then
|
||||||
|
cp -a "dotnet-${runtime_version}.tar.gz" "dotnet-${tag}-original.tar.gz"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
./build-dotnet-tarball "${tag}"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
if [[ -f "dotnet-${tag}.tar.gz" ]]; then
|
||||||
|
echo "dotnet-${tag}.tar.gz already exists, not rebuilding tarball"
|
||||||
|
elif [[ -n ${user_provided_tarball_name} ]]; then
|
||||||
|
tag_without_v=${tag#v}
|
||||||
|
cp -a "${user_provided_tarball_name}" dotnet-${tag_without_v}.tar.gz
|
||||||
|
cp -a "${user_provided_tarball_name}.sig" dotnet-${tag_without_v}.tar.gz.sig
|
||||||
|
cp -a "${release_json}" release.json
|
||||||
|
else
|
||||||
|
rm -f release.json
|
||||||
|
spectool -g "$spec_file"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
comment="Update to .NET SDK ${sdk_version} and Runtime ${runtime_version}"
|
comment="Update to .NET SDK ${sdk_version} and Runtime ${runtime_version}"
|
||||||
commit_message="$comment
|
commit_message="$comment
|
||||||
"
|
"
|
||||||
for bug_id in "${bug_ids[@]}"; do
|
for bug_id in "${bug_ids[@]}"; do
|
||||||
comment="$comment
|
if [[ "$bug_id" =~ ^[[:digit:]]+$ ]]; then
|
||||||
|
comment="$comment
|
||||||
- Resolves: RHBZ#$bug_id"
|
- Resolves: RHBZ#$bug_id"
|
||||||
commit_message="$commit_message
|
commit_message="$commit_message
|
||||||
Resolves: RHBZ#$bug_id"
|
Resolves: RHBZ#$bug_id"
|
||||||
|
else
|
||||||
|
comment="$comment
|
||||||
|
- Resolves: $bug_id"
|
||||||
|
commit_message="$commit_message
|
||||||
|
Resolves: $bug_id"
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
echo "$commit_message" > git-commit-message
|
echo "$commit_message" > git-commit-message
|
||||||
@ -113,6 +140,4 @@ sed -i -E 's|^Release: [[:digit:]]+%|Release: '"$rpm_release"'%|'
|
|||||||
# See https://stackoverflow.com/questions/18620153/find-matching-text-and-replace-next-line
|
# See https://stackoverflow.com/questions/18620153/find-matching-text-and-replace-next-line
|
||||||
sed -i -E '/^%changelog$/!b;n;s/-[[:digit:]]+$/-'"$rpm_release"'/' "$spec_file"
|
sed -i -E '/^%changelog$/!b;n;s/-[[:digit:]]+$/-'"$rpm_release"'/' "$spec_file"
|
||||||
|
|
||||||
release_json_url=$(spectool -l --sources ./dotnet8.0.spec | grep release.json | cut -d' ' -f2)
|
echo "Done updating sources. Commit message in ./git-commit-message"
|
||||||
rm "$(basename "$release_json_url")"
|
|
||||||
wget "$release_json_url"
|
|
||||||
|
Loading…
Reference in New Issue
Block a user