Update to Ruby 2.5.3.
Resolves: rhbz#1643092
This commit is contained in:
parent
1ead6ac8f8
commit
d488a44d58
@ -11,7 +11,7 @@ diff --git a/lib/mkmf.rb b/lib/mkmf.rb
|
|||||||
index 682eb46..e6b1445 100644
|
index 682eb46..e6b1445 100644
|
||||||
--- a/lib/mkmf.rb
|
--- a/lib/mkmf.rb
|
||||||
+++ b/lib/mkmf.rb
|
+++ b/lib/mkmf.rb
|
||||||
@@ -1899,7 +1899,7 @@ def configuration(srcdir)
|
@@ -1900,7 +1900,7 @@ def configuration(srcdir)
|
||||||
SHELL = /bin/sh
|
SHELL = /bin/sh
|
||||||
|
|
||||||
# V=0 quiet, V=1 verbose. other values don't work.
|
# V=0 quiet, V=1 verbose. other values don't work.
|
||||||
|
@ -1,112 +0,0 @@
|
|||||||
From 71057ca5963108bac1e2c31bd0e8e205ba74cc19 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kazuki Yamaguchi <k@rhe.jp>
|
|
||||||
Date: Fri, 11 May 2018 13:43:32 +0900
|
|
||||||
Subject: [PATCH 1/2] test/test_pkey_rsa: fix test failure with OpenSSL 1.1.1
|
|
||||||
|
|
||||||
OpenSSL 1.1.1 raised the minimum size for RSA keys to 512 bits.
|
|
||||||
---
|
|
||||||
test/openssl/test_pkey_rsa.rb | 9 ++++++++-
|
|
||||||
1 file changed, 8 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
|
|
||||||
index c1205563..b4393e68 100644
|
|
||||||
--- a/test/openssl/test_pkey_rsa.rb
|
|
||||||
+++ b/test/openssl/test_pkey_rsa.rb
|
|
||||||
@@ -60,6 +60,13 @@ def test_new_with_exponent
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
+ def test_generate
|
|
||||||
+ key = OpenSSL::PKey::RSA.generate(512, 17)
|
|
||||||
+ assert_equal 512, key.n.num_bits
|
|
||||||
+ assert_equal 17, key.e
|
|
||||||
+ assert_not_nil key.d
|
|
||||||
+ end
|
|
||||||
+
|
|
||||||
def test_new_break
|
|
||||||
assert_nil(OpenSSL::PKey::RSA.new(1024) { break })
|
|
||||||
assert_raise(RuntimeError) do
|
|
||||||
@@ -289,7 +296,7 @@ def test_pem_passwd
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_dup
|
|
||||||
- key = OpenSSL::PKey::RSA.generate(256, 17)
|
|
||||||
+ key = Fixtures.pkey("rsa1024")
|
|
||||||
key2 = key.dup
|
|
||||||
assert_equal key.params, key2.params
|
|
||||||
key2.set_key(key2.n, 3, key2.d)
|
|
||||||
|
|
||||||
From a5e26bc1345fe325bdc619f9b1768b7ad3c94214 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kazuki Yamaguchi <k@rhe.jp>
|
|
||||||
Date: Fri, 11 May 2018 14:12:39 +0900
|
|
||||||
Subject: [PATCH 2/2] test/test_ssl_session: set client protocol version
|
|
||||||
explicitly
|
|
||||||
|
|
||||||
Clients that implement TLS 1.3's Middlebox Compatibility Mode will
|
|
||||||
always provide a non-empty session ID in the ClientHello. This means
|
|
||||||
the "get" callback for the server-side session caching may be called
|
|
||||||
for the initial connection.
|
|
||||||
---
|
|
||||||
test/openssl/test_ssl_session.rb | 14 +++++++++-----
|
|
||||||
1 file changed, 9 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/test/openssl/test_ssl_session.rb b/test/openssl/test_ssl_session.rb
|
|
||||||
index af8c65b1..6db0c2d1 100644
|
|
||||||
--- a/test/openssl/test_ssl_session.rb
|
|
||||||
+++ b/test/openssl/test_ssl_session.rb
|
|
||||||
@@ -198,7 +198,9 @@ def test_server_session_cache
|
|
||||||
first_session = nil
|
|
||||||
10.times do |i|
|
|
||||||
connections = i
|
|
||||||
- server_connect_with_session(port, nil, first_session) { |ssl|
|
|
||||||
+ cctx = OpenSSL::SSL::SSLContext.new
|
|
||||||
+ cctx.ssl_version = :TLSv1_2
|
|
||||||
+ server_connect_with_session(port, cctx, first_session) { |ssl|
|
|
||||||
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
|
||||||
first_session ||= ssl.session
|
|
||||||
|
|
||||||
@@ -257,6 +259,8 @@ def test_ctx_server_session_cb
|
|
||||||
|
|
||||||
connections = nil
|
|
||||||
called = {}
|
|
||||||
+ cctx = OpenSSL::SSL::SSLContext.new
|
|
||||||
+ cctx.ssl_version = :TLSv1_2
|
|
||||||
sctx = nil
|
|
||||||
ctx_proc = Proc.new { |ctx|
|
|
||||||
sctx = ctx
|
|
||||||
@@ -292,7 +296,7 @@ def test_ctx_server_session_cb
|
|
||||||
}
|
|
||||||
start_server(ctx_proc: ctx_proc) do |port|
|
|
||||||
connections = 0
|
|
||||||
- sess0 = server_connect_with_session(port, nil, nil) { |ssl|
|
|
||||||
+ sess0 = server_connect_with_session(port, cctx, nil) { |ssl|
|
|
||||||
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
|
||||||
assert_equal false, ssl.session_reused?
|
|
||||||
ssl.session
|
|
||||||
@@ -307,7 +311,7 @@ def test_ctx_server_session_cb
|
|
||||||
|
|
||||||
# Internal cache hit
|
|
||||||
connections = 1
|
|
||||||
- server_connect_with_session(port, nil, sess0.dup) { |ssl|
|
|
||||||
+ server_connect_with_session(port, cctx, sess0.dup) { |ssl|
|
|
||||||
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
|
||||||
assert_equal true, ssl.session_reused?
|
|
||||||
ssl.session
|
|
||||||
@@ -328,7 +332,7 @@ def test_ctx_server_session_cb
|
|
||||||
|
|
||||||
# External cache hit
|
|
||||||
connections = 2
|
|
||||||
- sess2 = server_connect_with_session(port, nil, sess0.dup) { |ssl|
|
|
||||||
+ sess2 = server_connect_with_session(port, cctx, sess0.dup) { |ssl|
|
|
||||||
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
|
||||||
if !ssl.session_reused? && openssl?(1, 1, 0) && !openssl?(1, 1, 0, 7)
|
|
||||||
# OpenSSL >= 1.1.0, < 1.1.0g
|
|
||||||
@@ -355,7 +359,7 @@ def test_ctx_server_session_cb
|
|
||||||
|
|
||||||
# Cache miss
|
|
||||||
connections = 3
|
|
||||||
- sess3 = server_connect_with_session(port, nil, sess0.dup) { |ssl|
|
|
||||||
+ sess3 = server_connect_with_session(port, cctx, sess0.dup) { |ssl|
|
|
||||||
ssl.puts("abc"); assert_equal "abc\n", ssl.gets
|
|
||||||
assert_equal false, ssl.session_reused?
|
|
||||||
ssl.session
|
|
@ -1,115 +0,0 @@
|
|||||||
From 584b5929f9b769c4d0b03e322a9fddf2b2dd3454 Mon Sep 17 00:00:00 2001
|
|
||||||
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
|
|
||||||
Date: Sun, 1 Apr 2018 13:02:11 +0000
|
|
||||||
Subject: [PATCH] test_time_tz.rb: Kiritimati tzdata fix
|
|
||||||
|
|
||||||
* test/ruby/test_time_tz.rb (gen_zdump_test): fix the expected
|
|
||||||
data at the Kiritimati's skip of New Year's Eve 1994.
|
|
||||||
[Bug #14655]
|
|
||||||
|
|
||||||
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63055 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
||||||
---
|
|
||||||
test/ruby/test_time_tz.rb | 9 +++++++++
|
|
||||||
1 file changed, 9 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb
|
|
||||||
index dfe139033ed3..ac5f81892878 100644
|
|
||||||
--- a/test/ruby/test_time_tz.rb
|
|
||||||
+++ b/test/ruby/test_time_tz.rb
|
|
||||||
@@ -364,9 +364,18 @@ def self.gen_zdump_test(data)
|
|
||||||
Europe/London Sun Aug 10 01:00:00 1947 UTC = Sun Aug 10 02:00:00 1947 BST isdst=1 gmtoff=3600
|
|
||||||
Europe/London Sun Nov 2 01:59:59 1947 UTC = Sun Nov 2 02:59:59 1947 BST isdst=1 gmtoff=3600
|
|
||||||
Europe/London Sun Nov 2 02:00:00 1947 UTC = Sun Nov 2 02:00:00 1947 GMT isdst=0 gmtoff=0
|
|
||||||
+End
|
|
||||||
+ if CORRECT_KIRITIMATI_SKIP_1994
|
|
||||||
+ gen_zdump_test <<'End'
|
|
||||||
+Pacific/Kiritimati Sat Dec 31 09:59:59 1994 UTC = Fri Dec 30 23:59:59 1994 LINT isdst=0 gmtoff=-36000
|
|
||||||
+Pacific/Kiritimati Sat Dec 31 10:00:00 1994 UTC = Sun Jan 1 00:00:00 1995 LINT isdst=0 gmtoff=50400
|
|
||||||
+End
|
|
||||||
+ else
|
|
||||||
+ gen_zdump_test <<'End'
|
|
||||||
Pacific/Kiritimati Sun Jan 1 09:59:59 1995 UTC = Sat Dec 31 23:59:59 1994 LINT isdst=0 gmtoff=-36000
|
|
||||||
Pacific/Kiritimati Sun Jan 1 10:00:00 1995 UTC = Mon Jan 2 00:00:00 1995 LINT isdst=0 gmtoff=50400
|
|
||||||
End
|
|
||||||
+ end
|
|
||||||
gen_zdump_test <<'End' if has_right_tz
|
|
||||||
right/America/Los_Angeles Fri Jun 30 23:59:60 1972 UTC = Fri Jun 30 16:59:60 1972 PDT isdst=1 gmtoff=-25200
|
|
||||||
right/America/Los_Angeles Wed Dec 31 23:59:60 2008 UTC = Wed Dec 31 15:59:60 2008 PST isdst=0 gmtoff=-28800
|
|
||||||
--
|
|
||||||
|
|
||||||
From 2965c2d4df78e6f5acf8759f84c88ce14a4e70f1 Mon Sep 17 00:00:00 2001
|
|
||||||
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
|
|
||||||
Date: Sun, 1 Apr 2018 02:00:36 +0000
|
|
||||||
Subject: [PATCH] test_time_tz.rb: Kiritimati tzdata fix
|
|
||||||
|
|
||||||
* test/ruby/test_time_tz.rb (TestTimeTZ#test_pacific_kiritimati):
|
|
||||||
fix the expected data at the skip of New Year's Eve 1994.
|
|
||||||
[Bug #14655]
|
|
||||||
|
|
||||||
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63054 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
||||||
---
|
|
||||||
test/ruby/test_time_tz.rb | 17 ++++++++++++++---
|
|
||||||
1 file changed, 14 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb
|
|
||||||
index 39b830d28a3d..dfe139033ed3 100644
|
|
||||||
--- a/test/ruby/test_time_tz.rb
|
|
||||||
+++ b/test/ruby/test_time_tz.rb
|
|
||||||
@@ -89,6 +89,9 @@ def group_by(e, &block)
|
|
||||||
Time.local(1951, 5, 6, 1, 0, 0).dst? # DST with fixed tzdata
|
|
||||||
end
|
|
||||||
}
|
|
||||||
+ CORRECT_KIRITIMATI_SKIP_1994 = with_tz("Pacific/Kiritimati") {
|
|
||||||
+ Time.local(1994, 12, 31, 0, 0, 0).year == 1995
|
|
||||||
+ }
|
|
||||||
|
|
||||||
def time_to_s(t)
|
|
||||||
t.to_s
|
|
||||||
@@ -178,9 +181,17 @@ def test_europe_lisbon
|
|
||||||
|
|
||||||
def test_pacific_kiritimati
|
|
||||||
with_tz(tz="Pacific/Kiritimati") {
|
|
||||||
- assert_time_constructor(tz, "1994-12-31 23:59:59 -1000", :local, [1994,12,31,23,59,59])
|
|
||||||
- assert_time_constructor(tz, "1995-01-02 00:00:00 +1400", :local, [1995,1,1,0,0,0])
|
|
||||||
- assert_time_constructor(tz, "1995-01-02 23:59:59 +1400", :local, [1995,1,1,23,59,59])
|
|
||||||
+ assert_time_constructor(tz, "1994-12-30 00:00:00 -1000", :local, [1994,12,30,0,0,0])
|
|
||||||
+ assert_time_constructor(tz, "1994-12-30 23:59:59 -1000", :local, [1994,12,30,23,59,59])
|
|
||||||
+ if CORRECT_KIRITIMATI_SKIP_1994
|
|
||||||
+ assert_time_constructor(tz, "1995-01-01 00:00:00 +1400", :local, [1994,12,31,0,0,0])
|
|
||||||
+ assert_time_constructor(tz, "1995-01-01 23:59:59 +1400", :local, [1994,12,31,23,59,59])
|
|
||||||
+ assert_time_constructor(tz, "1995-01-01 00:00:00 +1400", :local, [1995,1,1,0,0,0])
|
|
||||||
+ else
|
|
||||||
+ assert_time_constructor(tz, "1994-12-31 23:59:59 -1000", :local, [1994,12,31,23,59,59])
|
|
||||||
+ assert_time_constructor(tz, "1995-01-02 00:00:00 +1400", :local, [1995,1,1,0,0,0])
|
|
||||||
+ assert_time_constructor(tz, "1995-01-02 23:59:59 +1400", :local, [1995,1,1,23,59,59])
|
|
||||||
+ end
|
|
||||||
assert_time_constructor(tz, "1995-01-02 00:00:00 +1400", :local, [1995,1,2,0,0,0])
|
|
||||||
}
|
|
||||||
end
|
|
||||||
--
|
|
||||||
|
|
||||||
From a0e6607a8172f9eaf9a15f03065736deb2035771 Mon Sep 17 00:00:00 2001
|
|
||||||
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
|
|
||||||
Date: Sun, 1 Apr 2018 13:16:14 +0000
|
|
||||||
Subject: [PATCH] test_time_tz.rb: Lisbon tzdata fix
|
|
||||||
|
|
||||||
* test/ruby/test_time_tz.rb (gen_variational_zdump_test): Update
|
|
||||||
Lisbon zdump data, which fixed the 1912-01-01 transition for
|
|
||||||
Portugual and its colonies. [Bug #14655]
|
|
||||||
|
|
||||||
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63056 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
||||||
---
|
|
||||||
test/ruby/test_time_tz.rb | 1 +
|
|
||||||
1 file changed, 1 insertion(+)
|
|
||||||
|
|
||||||
diff --git a/test/ruby/test_time_tz.rb b/test/ruby/test_time_tz.rb
|
|
||||||
index ac5f81892878..b32caff9c539 100644
|
|
||||||
--- a/test/ruby/test_time_tz.rb
|
|
||||||
+++ b/test/ruby/test_time_tz.rb
|
|
||||||
@@ -434,5 +434,6 @@ def self.gen_variational_zdump_test(hint, data)
|
|
||||||
gen_variational_zdump_test "lisbon", <<'End' if has_lisbon_tz
|
|
||||||
Europe/Lisbon Mon Jan 1 00:36:31 1912 UTC = Sun Dec 31 23:59:59 1911 LMT isdst=0 gmtoff=-2192
|
|
||||||
Europe/Lisbon Mon Jan 1 00:36:44 1912 UT = Sun Dec 31 23:59:59 1911 LMT isdst=0 gmtoff=-2205
|
|
||||||
+Europe/Lisbon Sun Dec 31 23:59:59 1911 UT = Sun Dec 31 23:23:14 1911 LMT isdst=0 gmtoff=-2205
|
|
||||||
End
|
|
||||||
end
|
|
@ -1,78 +0,0 @@
|
|||||||
--- a/test/openssl/test_ssl.rb
|
|
||||||
+++ b/test/openssl/test_ssl.rb
|
|
||||||
@@ -67,6 +67,8 @@
|
|
||||||
assert_equal @svr_cert.subject, ssl.peer_cert.subject
|
|
||||||
assert_equal [@svr_cert.subject, @ca_cert.subject],
|
|
||||||
ssl.peer_cert_chain.map(&:subject)
|
|
||||||
+
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
end
|
|
||||||
end
|
|
||||||
@@ -892,7 +894,9 @@
|
|
||||||
}
|
|
||||||
start_server(ctx_proc: ctx_proc, ignore_listener_error: true) do |port|
|
|
||||||
begin
|
|
||||||
- server_connect(port) { }
|
|
||||||
+ server_connect(port) { |ssl|
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
+ }
|
|
||||||
rescue OpenSSL::SSL::SSLError, Errno::ECONNRESET
|
|
||||||
else
|
|
||||||
supported << ver
|
|
||||||
@@ -950,6 +954,7 @@
|
|
||||||
if ver == cver
|
|
||||||
server_connect(port, ctx1) { |ssl|
|
|
||||||
assert_equal vmap[cver][:name], ssl.ssl_version
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
else
|
|
||||||
assert_handshake_error { server_connect(port, ctx1) { } }
|
|
||||||
@@ -963,6 +968,7 @@
|
|
||||||
if ver == cver
|
|
||||||
server_connect(port, ctx2) { |ssl|
|
|
||||||
assert_equal vmap[cver][:name], ssl.ssl_version
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
else
|
|
||||||
assert_handshake_error { server_connect(port, ctx2) { } }
|
|
||||||
@@ -975,6 +981,7 @@
|
|
||||||
ctx3.min_version = ctx3.max_version = nil
|
|
||||||
server_connect(port, ctx3) { |ssl|
|
|
||||||
assert_equal vmap[ver][:name], ssl.ssl_version
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
}
|
|
||||||
end
|
|
||||||
@@ -993,6 +1000,7 @@
|
|
||||||
ctx1.min_version = cver
|
|
||||||
server_connect(port, ctx1) { |ssl|
|
|
||||||
assert_equal vmap[supported.last][:name], ssl.ssl_version
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
|
|
||||||
# Client sets max_version
|
|
||||||
@@ -1001,6 +1009,7 @@
|
|
||||||
if cver >= sver
|
|
||||||
server_connect(port, ctx2) { |ssl|
|
|
||||||
assert_equal vmap[cver][:name], ssl.ssl_version
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
else
|
|
||||||
assert_handshake_error { server_connect(port, ctx2) { } }
|
|
||||||
@@ -1019,6 +1028,7 @@
|
|
||||||
if cver <= sver
|
|
||||||
server_connect(port, ctx1) { |ssl|
|
|
||||||
assert_equal vmap[sver][:name], ssl.ssl_version
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
else
|
|
||||||
assert_handshake_error { server_connect(port, ctx1) { } }
|
|
||||||
@@ -1033,6 +1043,7 @@
|
|
||||||
else
|
|
||||||
assert_equal vmap[cver][:name], ssl.ssl_version
|
|
||||||
end
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
end
|
|
||||||
}
|
|
@ -1,203 +0,0 @@
|
|||||||
From 6fcc6c0efc42d1c6325cf4bb0ca16e2a448cdbed Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kazuki Yamaguchi <k@rhe.jp>
|
|
||||||
Date: Mon, 6 Aug 2018 20:51:42 +0900
|
|
||||||
Subject: [PATCH] test/test_ssl: fix test failure with TLS 1.3
|
|
||||||
|
|
||||||
SSL_connect() on the client side may return before SSL_accept() on
|
|
||||||
server side returns. This will fix test failures with OpenSSL's current
|
|
||||||
master.
|
|
||||||
---
|
|
||||||
test/openssl/test_ssl.rb | 45 ++++++++++++++++++++++++++--------------
|
|
||||||
test/openssl/test_ssl_session.rb | 1 +
|
|
||||||
2 files changed, 31 insertions(+), 15 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb
|
|
||||||
index 7bb32adf..408c7d82 100644
|
|
||||||
--- a/test/openssl/test_ssl.rb
|
|
||||||
+++ b/test/openssl/test_ssl.rb
|
|
||||||
@@ -47,6 +47,8 @@ def test_ssl_with_server_cert
|
|
||||||
assert_equal 2, ssl.peer_cert_chain.size
|
|
||||||
assert_equal @svr_cert.to_der, ssl.peer_cert_chain[0].to_der
|
|
||||||
assert_equal @ca_cert.to_der, ssl.peer_cert_chain[1].to_der
|
|
||||||
+
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
ensure
|
|
||||||
ssl&.close
|
|
||||||
sock&.close
|
|
||||||
@@ -157,6 +159,7 @@ def test_sync_close
|
|
||||||
sock = TCPSocket.new("127.0.0.1", port)
|
|
||||||
ssl = OpenSSL::SSL::SSLSocket.new(sock)
|
|
||||||
ssl.connect
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
ssl.close
|
|
||||||
assert_not_predicate sock, :closed?
|
|
||||||
ensure
|
|
||||||
@@ -168,6 +171,7 @@ def test_sync_close
|
|
||||||
ssl = OpenSSL::SSL::SSLSocket.new(sock)
|
|
||||||
ssl.sync_close = true # !!
|
|
||||||
ssl.connect
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
ssl.close
|
|
||||||
assert_predicate sock, :closed?
|
|
||||||
ensure
|
|
||||||
@@ -259,7 +263,10 @@ def test_client_ca
|
|
||||||
client_ca_from_server = sslconn.client_ca
|
|
||||||
[@cli_cert, @cli_key]
|
|
||||||
end
|
|
||||||
- server_connect(port, ctx) { |ssl| assert_equal([@ca], client_ca_from_server) }
|
|
||||||
+ server_connect(port, ctx) { |ssl|
|
|
||||||
+ assert_equal([@ca], client_ca_from_server)
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
@@ -356,21 +363,16 @@ def test_verify_result
|
|
||||||
}
|
|
||||||
|
|
||||||
start_server { |port|
|
|
||||||
- sock = TCPSocket.new("127.0.0.1", port)
|
|
||||||
ctx = OpenSSL::SSL::SSLContext.new
|
|
||||||
ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
||||||
ctx.verify_callback = Proc.new do |preverify_ok, store_ctx|
|
|
||||||
store_ctx.error = OpenSSL::X509::V_OK
|
|
||||||
true
|
|
||||||
end
|
|
||||||
- ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
|
||||||
- ssl.sync_close = true
|
|
||||||
- begin
|
|
||||||
- ssl.connect
|
|
||||||
+ server_connect(port, ctx) { |ssl|
|
|
||||||
assert_equal(OpenSSL::X509::V_OK, ssl.verify_result)
|
|
||||||
- ensure
|
|
||||||
- ssl.close
|
|
||||||
- end
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
|
|
||||||
start_server(ignore_listener_error: true) { |port|
|
|
||||||
@@ -455,6 +457,8 @@ def test_post_connection_check
|
|
||||||
|
|
||||||
start_server { |port|
|
|
||||||
server_connect(port) { |ssl|
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
+
|
|
||||||
assert_raise(sslerr){ssl.post_connection_check("localhost.localdomain")}
|
|
||||||
assert_raise(sslerr){ssl.post_connection_check("127.0.0.1")}
|
|
||||||
assert(ssl.post_connection_check("localhost"))
|
|
||||||
@@ -476,6 +482,8 @@ def test_post_connection_check
|
|
||||||
@svr_cert = issue_cert(@svr, @svr_key, 4, exts, @ca_cert, @ca_key)
|
|
||||||
start_server { |port|
|
|
||||||
server_connect(port) { |ssl|
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
+
|
|
||||||
assert(ssl.post_connection_check("localhost.localdomain"))
|
|
||||||
assert(ssl.post_connection_check("127.0.0.1"))
|
|
||||||
assert_raise(sslerr){ssl.post_connection_check("localhost")}
|
|
||||||
@@ -496,6 +502,8 @@ def test_post_connection_check
|
|
||||||
@svr_cert = issue_cert(@svr, @svr_key, 5, exts, @ca_cert, @ca_key)
|
|
||||||
start_server { |port|
|
|
||||||
server_connect(port) { |ssl|
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
+
|
|
||||||
assert(ssl.post_connection_check("localhost.localdomain"))
|
|
||||||
assert_raise(sslerr){ssl.post_connection_check("127.0.0.1")}
|
|
||||||
assert_raise(sslerr){ssl.post_connection_check("localhost")}
|
|
||||||
@@ -722,6 +730,8 @@ def test_tlsext_hostname
|
|
||||||
ssl.connect
|
|
||||||
assert_equal @cli_cert.serial, ssl.peer_cert.serial
|
|
||||||
assert_predicate fooctx, :frozen?
|
|
||||||
+
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
ensure
|
|
||||||
ssl&.close
|
|
||||||
sock.close
|
|
||||||
@@ -733,6 +743,8 @@ def test_tlsext_hostname
|
|
||||||
ssl.hostname = "bar.example.com"
|
|
||||||
ssl.connect
|
|
||||||
assert_equal @svr_cert.serial, ssl.peer_cert.serial
|
|
||||||
+
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
ensure
|
|
||||||
ssl&.close
|
|
||||||
sock.close
|
|
||||||
@@ -805,7 +817,8 @@ def test_verify_hostname_on_connect
|
|
||||||
ssl = OpenSSL::SSL::SSLSocket.new(sock, ctx)
|
|
||||||
ssl.hostname = name
|
|
||||||
if expected_ok
|
|
||||||
- assert_nothing_raised { ssl.connect }
|
|
||||||
+ ssl.connect
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
else
|
|
||||||
assert_handshake_error { ssl.connect }
|
|
||||||
end
|
|
||||||
@@ -1086,6 +1099,7 @@ def test_renegotiation_cb
|
|
||||||
start_server_version(:SSLv23, ctx_proc) { |port|
|
|
||||||
server_connect(port) { |ssl|
|
|
||||||
assert_equal(1, num_handshakes)
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
}
|
|
||||||
end
|
|
||||||
@@ -1104,6 +1118,7 @@ def test_alpn_protocol_selection_ary
|
|
||||||
ctx.alpn_protocols = advertised
|
|
||||||
server_connect(port, ctx) { |ssl|
|
|
||||||
assert_equal(advertised.first, ssl.alpn_protocol)
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
}
|
|
||||||
end
|
|
||||||
@@ -1226,14 +1241,11 @@ def test_npn_selected_protocol_too_long
|
|
||||||
end
|
|
||||||
|
|
||||||
def test_close_after_socket_close
|
|
||||||
- server_proc = proc { |ctx, ssl|
|
|
||||||
- # Do nothing
|
|
||||||
- }
|
|
||||||
- start_server(server_proc: server_proc) { |port|
|
|
||||||
+ start_server { |port|
|
|
||||||
sock = TCPSocket.new("127.0.0.1", port)
|
|
||||||
ssl = OpenSSL::SSL::SSLSocket.new(sock)
|
|
||||||
- ssl.sync_close = true
|
|
||||||
ssl.connect
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
sock.close
|
|
||||||
assert_nothing_raised do
|
|
||||||
ssl.close
|
|
||||||
@@ -1298,6 +1310,7 @@ def test_get_ephemeral_key
|
|
||||||
ctx.ciphers = "DEFAULT:!kRSA:!kEDH"
|
|
||||||
server_connect(port, ctx) { |ssl|
|
|
||||||
assert_instance_of OpenSSL::PKey::EC, ssl.tmp_key
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
end
|
|
||||||
end
|
|
||||||
@@ -1440,6 +1453,7 @@ def test_ecdh_curves
|
|
||||||
assert_equal "secp384r1", ssl.tmp_key.group.curve_name
|
|
||||||
end
|
|
||||||
end
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
|
|
||||||
if openssl?(1, 0, 2) || libressl?(2, 5, 1)
|
|
||||||
@@ -1455,6 +1469,7 @@ def test_ecdh_curves
|
|
||||||
|
|
||||||
server_connect(port, ctx) { |ssl|
|
|
||||||
assert_equal "secp521r1", ssl.tmp_key.group.curve_name
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
}
|
|
||||||
end
|
|
||||||
end
|
|
||||||
diff --git a/test/openssl/test_ssl_session.rb b/test/openssl/test_ssl_session.rb
|
|
||||||
index 6db0c2d1..78b160ed 100644
|
|
||||||
--- a/test/openssl/test_ssl_session.rb
|
|
||||||
+++ b/test/openssl/test_ssl_session.rb
|
|
||||||
@@ -113,6 +113,7 @@ def test_resumption
|
|
||||||
non_resumable = nil
|
|
||||||
start_server { |port|
|
|
||||||
server_connect_with_session(port, nil, nil) { |ssl|
|
|
||||||
+ ssl.puts "abc"; assert_equal "abc\n", ssl.gets
|
|
||||||
non_resumable = ssl.session
|
|
||||||
}
|
|
||||||
}
|
|
27
ruby.spec
27
ruby.spec
@ -1,6 +1,6 @@
|
|||||||
%global major_version 2
|
%global major_version 2
|
||||||
%global minor_version 5
|
%global minor_version 5
|
||||||
%global teeny_version 1
|
%global teeny_version 3
|
||||||
%global major_minor_version %{major_version}.%{minor_version}
|
%global major_minor_version %{major_version}.%{minor_version}
|
||||||
|
|
||||||
%global ruby_version %{major_minor_version}.%{teeny_version}
|
%global ruby_version %{major_minor_version}.%{teeny_version}
|
||||||
@ -21,7 +21,7 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
|
||||||
%global release 100
|
%global release 101
|
||||||
%{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
%{!?release_string:%global release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
|
||||||
|
|
||||||
# The RubyGems library has to stay out of Ruby directory three, since the
|
# The RubyGems library has to stay out of Ruby directory three, since the
|
||||||
@ -42,7 +42,7 @@
|
|||||||
%global json_version 2.1.0
|
%global json_version 2.1.0
|
||||||
%global minitest_version 5.10.3
|
%global minitest_version 5.10.3
|
||||||
%global net_telnet_version 0.1.1
|
%global net_telnet_version 0.1.1
|
||||||
%global openssl_version 2.1.0
|
%global openssl_version 2.1.2
|
||||||
%global power_assert_version 1.1.1
|
%global power_assert_version 1.1.1
|
||||||
%global psych_version 3.0.2
|
%global psych_version 3.0.2
|
||||||
%global rake_version 12.3.0
|
%global rake_version 12.3.0
|
||||||
@ -82,7 +82,7 @@ Group: Development/Languages
|
|||||||
# UCD: some of enc/trans/**/*.src
|
# UCD: some of enc/trans/**/*.src
|
||||||
License: (Ruby or BSD) and Public Domain and MIT and CC0 and zlib and UCD
|
License: (Ruby or BSD) and Public Domain and MIT and CC0 and zlib and UCD
|
||||||
URL: http://ruby-lang.org/
|
URL: http://ruby-lang.org/
|
||||||
Source0: ftp://ftp.ruby-lang.org/pub/%{name}/%{major_minor_version}/%{ruby_archive}.tar.xz
|
Source0: https://cache.ruby-lang.org/pub/%{name}/%{major_minor_version}/%{ruby_archive}.tar.xz
|
||||||
Source1: operating_system.rb
|
Source1: operating_system.rb
|
||||||
# TODO: Try to push SystemTap support upstream.
|
# TODO: Try to push SystemTap support upstream.
|
||||||
Source2: libruby.stp
|
Source2: libruby.stp
|
||||||
@ -136,9 +136,6 @@ Patch9: ruby-2.3.1-Rely-on-ldd-to-detect-glibc.patch
|
|||||||
# Add Gem.operating_system_defaults to allow packagers to override defaults.
|
# Add Gem.operating_system_defaults to allow packagers to override defaults.
|
||||||
# https://github.com/rubygems/rubygems/pull/2116
|
# https://github.com/rubygems/rubygems/pull/2116
|
||||||
Patch10: ruby-2.5.0-Add-Gem.operating_system_defaults.patch
|
Patch10: ruby-2.5.0-Add-Gem.operating_system_defaults.patch
|
||||||
# TestTimeTZ test failures Kiritimati and Lisbon
|
|
||||||
# https://bugs.ruby-lang.org/issues/14655
|
|
||||||
Patch11: ruby-2.5.1-TestTimeTZ-test-failures-Kiritimati-and-Lisbon.patch
|
|
||||||
# Don't force libraries used to build Ruby to its dependencies.
|
# Don't force libraries used to build Ruby to its dependencies.
|
||||||
# https://bugs.ruby-lang.org/issues/14422
|
# https://bugs.ruby-lang.org/issues/14422
|
||||||
Patch15: ruby-2.6.0-library-options-to-MAINLIBS.patch
|
Patch15: ruby-2.6.0-library-options-to-MAINLIBS.patch
|
||||||
@ -152,16 +149,8 @@ Patch20: ruby-2.6.0-rdoc-6.0.1-fix-template-typo.patch
|
|||||||
Patch24: ruby-2.6.0-configure-fstack-protector-strong.patch
|
Patch24: ruby-2.6.0-configure-fstack-protector-strong.patch
|
||||||
|
|
||||||
# Fix some OpenSSL 1.1.1 test failures.
|
# Fix some OpenSSL 1.1.1 test failures.
|
||||||
# https://github.com/ruby/openssl/pull/202
|
|
||||||
Patch17: ruby-2.5.1-Test-fixes-for-OpenSSL-1.1.1.patch
|
|
||||||
# https://github.com/ruby/openssl/pull/209
|
|
||||||
Patch18: ruby-2.6.0-fix-test-failure-with-TLS-1.3.patch
|
|
||||||
# https://github.com/ruby/ruby/commit/1dfc377ae3b174b043d3f0ed36de57b0296b34d0
|
# https://github.com/ruby/ruby/commit/1dfc377ae3b174b043d3f0ed36de57b0296b34d0
|
||||||
Patch19: ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch
|
Patch19: ruby-2.6.0-net-http-net-ftp-fix-session-resumption-with-TLS-1.3.patch
|
||||||
# Additional test fixes taken from:
|
|
||||||
# https://github.com/ruby/openssl/issues/207#issuecomment-413454568
|
|
||||||
# https://github.com/ruby/openssl/commit/158201f9b66607f380513708e3ab65f1e27694e6
|
|
||||||
Patch21: ruby-2.6.0-fix-test-failure-with-TLS-1.3-maint.patch
|
|
||||||
# Add support for .include directive used by OpenSSL config files.
|
# Add support for .include directive used by OpenSSL config files.
|
||||||
# https://github.com/ruby/openssl/pull/216
|
# https://github.com/ruby/openssl/pull/216
|
||||||
Patch22: ruby-2.6.0-config-support-include-directive.patch
|
Patch22: ruby-2.6.0-config-support-include-directive.patch
|
||||||
@ -550,14 +539,10 @@ rm -rf ext/fiddle/libffi*
|
|||||||
%patch7 -p1
|
%patch7 -p1
|
||||||
%patch9 -p1
|
%patch9 -p1
|
||||||
%patch10 -p1
|
%patch10 -p1
|
||||||
%patch11 -p1
|
|
||||||
%patch15 -p1
|
%patch15 -p1
|
||||||
%patch16 -p1
|
%patch16 -p1
|
||||||
%patch17 -p1
|
|
||||||
%patch18 -p1
|
|
||||||
%patch19 -p1
|
%patch19 -p1
|
||||||
%patch20 -p1
|
%patch20 -p1
|
||||||
%patch21 -p1
|
|
||||||
%patch22 -p1
|
%patch22 -p1
|
||||||
%patch23 -p1
|
%patch23 -p1
|
||||||
%patch24 -p1
|
%patch24 -p1
|
||||||
@ -1111,6 +1096,10 @@ OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file OPENSSL_CONF='' \
|
|||||||
%{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec
|
%{gem_dir}/specifications/xmlrpc-%{xmlrpc_version}.gemspec
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Oct 19 2018 Jun Aruga <jaruga@redhat.com> - 2.5.3-101
|
||||||
|
- Update to Ruby 2.5.3.
|
||||||
|
Resolves: rhbz#1643092
|
||||||
|
|
||||||
* Mon Sep 03 2018 Vít Ondruch <vondruch@redhat.com> - 2.5.1-100
|
* Mon Sep 03 2018 Vít Ondruch <vondruch@redhat.com> - 2.5.1-100
|
||||||
- Properly harden package using -fstack-protector-strong.
|
- Properly harden package using -fstack-protector-strong.
|
||||||
* ruby-2.6.0-configure-fstack-protector-strong.patch
|
* ruby-2.6.0-configure-fstack-protector-strong.patch
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (ruby-2.5.1.tar.xz) = 31bacf58469953282cd5d8b51862dcf4b84dedb927c1871bc3fca32fc157fe49187631575a70838705fe246f4555647577a7ecc26894445a7d64de5503dc11b4
|
SHA512 (ruby-2.5.3.tar.xz) = 6dcae0e8d0bacdb2cbde636e2030596308b5af53f2eb85d3adccb67b02e6f8f9751e8117d12f8484829fdd9d995f6e327f701d9b433bcf94f1f59d13a1fd7518
|
||||||
|
Loading…
Reference in New Issue
Block a user