ruby/ruby-ext-openssl-extconf.rb-ignore-OpenSSL-version-check.patch

From 58ebf0f84a1dcb148f21aa589693d49d4e3be7de Mon Sep 17 00:00:00 2001
From: Jun Aruga <jaruga@redhat.com>
Date: Thu, 2 May 2024 17:23:09 +0200
Subject: [PATCH] Allow OpenSSL 3 in Ruby OpenSSL 2.x.

---
 ext/openssl/extconf.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index 0dc1a5eb43..51de0d6e39 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -110,7 +110,7 @@ def find_openssl_library
     !try_static_assert("OPENSSL_VERSION_MAJOR >= 3", "openssl/opensslv.h") }
 end
 unless version_ok
-  raise "OpenSSL >= 1.0.1, < 3.0.0 or LibreSSL >= 2.5.0 is required"
+  # raise "OpenSSL >= 1.0.1, < 3.0.0 or LibreSSL >= 2.5.0 is required"
 end
 
 # Prevent wincrypt.h from being included, which defines conflicting macro with openssl/x509.h
-- 
2.44.0
Upgrade to Ruby 3.0.7. * Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 The released Ruby 3.0.5 includes the following fix. * Fix HTTP response splitting in CGI. Resolves: RHEL-35741 The released Ruby 3.0.6 includes the following fixes. * Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 * Fix ReDoS vulnerability in Time. Resolves: RHEL-35743 The released Ruby 3.0.7 includes the following fixes. * Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35744 * Fix RCE vulnerability with .rdoc_options in RDoc. Resolves: RHEL-35746 * Fix arbitrary memory address read vulnerability with Regex search. Resolves: RHEL-35747 Replaced the patch ruby-3.0.3-ext-openssl-extconf.rb-require-OpenSSL-version-1.0.1.patch with the tiny patch ruby-ext-openssl-extconf.rb-ignore-OpenSSL-version-check.patch not using the reverse logic. Because it was hard to maintain the patch file, when the included file was updated on the upstream. Added the following patches. * Fix net-http test errors due to expired certificate. The patch ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch was copied from the part on the Fedora rawhide <https://src.fedoraproject.org/rpms/ruby/c/05a6c9c8f3bbc26d12835736791431c74d07552d>. * Fix `TestNetHTTPS#test_session_reuse_but_expire` test failure cause. The patch ruby-3.3.1-Fix-test-session-reuse-but-expire.patch was copied from the part on Fedora rawhide <https://src.fedoraproject.org/rpms/ruby/c/a34f33bc5028eb2c29fa2bb724cf6d1c22ef0376>. As a reference, the part comes from Fedora ruby-3.3 branch <https://src.fedoraproject.org/rpms/ruby/c/99d21ecc4c57a7f42f48ae4a13f2ada110428505>. 2024-04-30 13:10:59 +00:00			`From 58ebf0f84a1dcb148f21aa589693d49d4e3be7de Mon Sep 17 00:00:00 2001`
			`From: Jun Aruga <jaruga@redhat.com>`
			`Date: Thu, 2 May 2024 17:23:09 +0200`
			`Subject: [PATCH] Allow OpenSSL 3 in Ruby OpenSSL 2.x.`

			`---`
			`ext/openssl/extconf.rb \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb`
			`index 0dc1a5eb43..51de0d6e39 100644`
			`--- a/ext/openssl/extconf.rb`
			`+++ b/ext/openssl/extconf.rb`
			`@@ -110,7 +110,7 @@ def find_openssl_library`
			`!try_static_assert("OPENSSL_VERSION_MAJOR >= 3", "openssl/opensslv.h") }`
			`end`
			`unless version_ok`
			`- raise "OpenSSL >= 1.0.1, < 3.0.0 or LibreSSL >= 2.5.0 is required"`
			`+ # raise "OpenSSL >= 1.0.1, < 3.0.0 or LibreSSL >= 2.5.0 is required"`
			`end`

			`# Prevent wincrypt.h from being included, which defines conflicting macro with openssl/x509.h`
			`--`
			`2.44.0`