Test previously was skipped if OpenSSL version matched.
However since upstream has a fix that allows the test to be executed
successfully, it replaces the previous one.
Instead of replacing Patch70, I have opted for adding a new one,
as it's a different fix. Mainly it'll hopefully allow for easier
cherry-picks between streams where this might be also needed.
Fixes:
```
1) Failure:
TestNetHTTPS#test_session_reuse_but_expire [/builddir/build/BUILD/ruby-3.0.7/test/net/http/test_https.rb:196]:
<false> expected but was
<true>.
```
Related: RHEL-86130
Fix test failures in ASN1 decoding, where time format is passed without
seconds. That is invalid with current OpenSSL.
Fixes failures:
```
2) Error:
OpenSSL::TestASN1#test_generalizedtime:
OpenSSL::ASN1::ASN1Error: generalizedtime is too short
/builddir/build/BUILD/ruby-3.0.7/test/openssl/test_asn1.rb:701:in `decode'
/builddir/build/BUILD/ruby-3.0.7/test/openssl/test_asn1.rb:701:in `decode_test'
/builddir/build/BUILD/ruby-3.0.7/test/openssl/test_asn1.rb:436:in `test_generalizedtime'
3) Error:
OpenSSL::TestASN1#test_utctime:
OpenSSL::ASN1::ASN1Error: utctime is too short
/builddir/build/BUILD/ruby-3.0.7/test/openssl/test_asn1.rb:701:in `decode'
/builddir/build/BUILD/ruby-3.0.7/test/openssl/test_asn1.rb:701:in `decode_test'
/builddir/build/BUILD/ruby-3.0.7/test/openssl/test_asn1.rb:409:in `test_utctime'
```
See: https://github.com/ruby/openssl/pull/728
Source: 2e826d5715
Related: RHEL-86130
Recently systemtap package in RHEL 9 decided to split
the `dtrace` binary and the build-time required header since:
56e7eb32b2
So to acquire the header AND the dtrace binary that we require, we need to
BuildRequire `systemtap-sdt-devel` in addition to `%{_bindir}/dtrace`
since they are provided by separate packages.
Fixes:
```
./miniruby -I./lib -I. -I.ext/common ./tool/runruby.rb --extout=.ext -- --disable-gems /builddir/build/SOURCES/test_systemtap.rb
ERROR: SystemTap (DTrace) headers were not detected in resulting library.
make: *** [uncommon.mk:1214: runruby] Error 1
```
See also the commit upstream in Fedora for further reference:
d03ac3403a
Related: RHEL-86130
IRB, when used from within ruby code using simple `require 'irb'; binding.irb`,
a lot of warning messages about already initialized constants, similar to:
"/usr/share/ruby/irb/ruby-lex.rb:123: warning: already initialized constant RubyLex::ERROR_TOKENS"
"/usr/share/gems/gems/irb-1.3.5/lib/irb/ruby-lex.rb:123: warning: previous definition of ERROR_TOKENS was here"
are printed.
The warnings can be observed when invoking irb by calling `binding.irb` from
Ruby code.
$ echo "" | ruby -e binding.irb
Actual results:
~~~
/usr/share/ruby/irb/ruby-lex.rb:123: warning: already initialized constant RubyLex::ERROR_TOKENS
/usr/share/gems/gems/irb-1.3.5/lib/irb/ruby-lex.rb:123: warning: previous definition of ERROR_TOKENS was here
/usr/share/ruby/irb/color.rb:8: warning: already initialized constant IRB::Color::CLEAR
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:8: warning: previous definition of CLEAR was here
/usr/share/ruby/irb/color.rb:9: warning: already initialized constant IRB::Color::BOLD
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:9: warning: previous definition of BOLD was here
/usr/share/ruby/irb/color.rb:10: warning: already initialized constant IRB::Color::UNDERLINE
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:10: warning: previous definition of UNDERLINE was here
/usr/share/ruby/irb/color.rb:11: warning: already initialized constant IRB::Color::REVERSE
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:11: warning: previous definition of REVERSE was here
/usr/share/ruby/irb/color.rb:12: warning: already initialized constant IRB::Color::RED
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:12: warning: previous definition of RED was here
/usr/share/ruby/irb/color.rb:13: warning: already initialized constant IRB::Color::GREEN
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:13: warning: previous definition of GREEN was here
/usr/share/ruby/irb/color.rb:14: warning: already initialized constant IRB::Color::YELLOW
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:14: warning: previous definition of YELLOW was here
/usr/share/ruby/irb/color.rb:15: warning: already initialized constant IRB::Color::BLUE
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:15: warning: previous definition of BLUE was here
/usr/share/ruby/irb/color.rb:16: warning: already initialized constant IRB::Color::MAGENTA
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:16: warning: previous definition of MAGENTA was here
/usr/share/ruby/irb/color.rb:17: warning: already initialized constant IRB::Color::CYAN
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:17: warning: previous definition of CYAN was here
/usr/share/ruby/irb/color.rb:19: warning: already initialized constant IRB::Color::TOKEN_KEYWORDS
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:19: warning: previous definition of TOKEN_KEYWORDS was here
/usr/share/ruby/irb/color.rb:26: warning: already initialized constant IRB::Color::ALL
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:26: warning: previous definition of ALL was here
/usr/share/ruby/irb/color.rb:32: warning: already initialized constant IRB::Color::TOKEN_SEQ_EXPRS
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:32: warning: previous definition of TOKEN_SEQ_EXPRS was here
/usr/share/ruby/irb/color.rb:75: warning: already initialized constant IRB::Color::ERROR_TOKENS
/usr/share/gems/gems/irb-1.3.5/lib/irb/color.rb:75: warning: previous definition of ERROR_TOKENS was here
Switch to inspect mode.
~~~
Expected results:
No warning
Patching the requires inside rubygem-irb to use `require_relative`
instead resolves the situation.
Patch composed from:
https://github.com/ruby/irb/pull/335848d339f2ehttps://github.com/ruby/irb/pull/336d5060f7668https://github.com/ruby/irb/pull/33899d3aa979d
Resolves: RHEL-83044
The following falcon source:
<https://github.com/socketry/falcon/blob/v0.42.3/lib/falcon/command/serve.rb#L153-L155>
contains the following snippet:
~~~
if GC.respond_to?(:compact)
GC.compact
end
~~~
The `if` guard for this feature is recommended from documentation since Ruby >= 3.2:
<https://docs.ruby-lang.org/en/3.2/GC.html#method-c-compact>:
```
To test whether GC compaction is supported, use the idiom:
~~~
GC.respond_to?(:compact)
~~~
```
Gems make use of this idiom in various situations. However on Ruby 3.0
without this patch the `GC.respond_to?` method will return true for
`GC.compact` and compaction related methods even though an attempt to call
them will raise "NotImplementedError" exception.
We observe this behavior due to the methods being implemented and the
NotImplementedError is not returned because methods are not implemented,
but because it is a runtime behavior from inside the called methods.
The applied patchset undefines the methods in C code to ensure even the
`GC.respond_to?` will return false and accomodate libraries that call
`GC.compact` like falcon does:
<https://github.com/socketry/falcon/blob/v0.42.3/lib/falcon/command/serve.rb#L153-L155>
The methods are undefined on build time on affected platforms that do
not support compaction. Currently this is only affecting ppc64le.
The important portion of the patch undefines the `GC.compact` and other
methods, so we can expect the following on ppc64le architecture:
Before:
~~~
$ ruby -e 'p GC.respond_to? :compact'
true
~~~
After:
~~~
$ ruby -e 'p GC.respond_to? :compact'
false
~~~
As long as Ruby gems guard the call to `GC.compact` correctly, there
should no longer be a situation where GC reports compaction methods
as implemented even though it will throw an exception when trying to use the methods.
Most importantly, this is only an issue with ppc64le. The other
architectures such as x86_64, aarch64, s390x should continue to be able
to compact. This is guarded on compile-time.
However the patches touch the source for pre-generated files.
Mainly meaning the file `gc.rb` that is the source for the
`gc.rbinc` and `miniprelude.c` need to be re-generated.
The files use Ruby to generate the C counterparts. To prevent cyclic dependency,
they are re-generated and patches are created against the old version.
The approach to regenerate the files for 3.0 is the same as for 3.1
with the exception of also having to first patch with the file
`ruby-3.1.0-Use-mmap-for-allocating-heap-pages-in-the-GC.patch`,
since the subsequent patches are made on top of that patch.
The mmap patch changes parts of gc.c, that the required patch
also changes, so it had to be backported on top of that patch.
The sequence of actions is as follows:
~~~
tar -Jxvf ./ruby-3.0.7.tar.xz
git clone https://github.com/ruby/ruby.git
cd ruby && git checkout v3_0_7
patch -p1 < ../ruby-3.1.0-Use-mmap-for-allocating-heap-pages-in-the-GC.patch
patch -p1 < ../ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch
./autogen.sh && ./configure
make gc.rbinc miniprelude.c
cd ..
diff -u {ruby-3.0.7,ruby}/gc.rbinc > ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch
diff -u {ruby-3.0.7,ruby}/miniprelude.c >> ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch
~~~
Firstly we unpact the upstream tar archive, which creates `ruby-3.0.7`
directory.
Then we clone the upstream git repository and check out the Ruby version
tag that is source for the tar archive which creates `ruby` repository.
The `ruby-3.0.7` directory contains the pre-generated files we will use as
the original for the patch.
In the `ruby` repository we apply the patches mentioned in the code
snippet.
Then, generate configure script with autogen.sh, and we create the
gc.rbinc and miniprelude.c files that are generated.
Then create the patch for the generated files. `diff` is used as the
generated files are not tracked via git in upstream, and the diff is
executed against the expanded upstream tar archive that does not ship a
git repository with it. While it would be possible to `git add` the
files before patching them, this ensures that the files are applicable
without a problem on top of the archive.
This commit is partially backported from Ruby 3.1's Fedora counterparts:
b7b5473796ca94aff023649a6e3083
instead of re-doing the entire patchset from 3.2 branch back to 3.0.
There is less disruption in GC related code when comparing 3.0 to 3.1
than there is 3.1 to 3.2. Therefore the upstream sources for the patches
were first applied in the Ruby upstream git repository on top of tag v3_1_2.
Namely, the following is the patch source:
https://github.com/ruby/ruby/pull/59340de1495f350c36ba5319
available in Fedora as part of:
649a6e3083
The version of Ruby that is the version when the mentioned Fedora commits
were introduced. And then cherry picked on top of patch
"ruby-3.1.0-Use-mmap-for-allocating-heap-pages-in-the-GC.patch"
applied in v3_0_7 tag that is present here in downstream as the
difference brought by the patch is significant enough to disrupt
patch application. Git allows easier resolution of the patches here.
In short,
1. Take the upstream compaction patches, cherry-pick them on top of v3_1_2 so that
the changes are present in the git tree, as they have not been backported
to 3.1 upstream.
2. Apply the "ruby-3.1.0-Use-mmap-for-allocating-heap-pages-in-the-GC.patch" on top of v3_0_7.
3. Cherry pick the 3.1 patches to v3_0_7 and resolve differences.
There might have been a few sections where git marked changes from both
patches as a conflict to resolve.
I preferred the approach where, despite the checks introduced
from the 3.1 branch patches should be enough to guard against bad
behavior around compaction, the "mmap" patch's checks are retained for safety.
One of the reasons are that the checks are also present outside the
compact methods in other parts of `gc.c` code.
References for the specific Fedora patches:
b7b5473796649a6e3083
<b7b5473796>
<649a6e3083>
Uptream bug: <https://bugs.ruby-lang.org/issues/18779>
Upstream PR: <https://github.com/ruby/ruby/pull/5934>
ca94aff023
<ca94aff023>
Related upstream issue: <https://bugs.ruby-lang.org/issues/18829>
<https://github.com/ruby/ruby/pull/6019>
<2c19086323>
Resolves: RHEL-83136
Tests not included in the patch, this Ruby version does not include
rexml unit tests in the released tarball.
Before patch application, enter the correct directory in the specfile.
Instead of adjusting the path in the patch for each ruby version we can
enter the correct directory first in the specfile and make use of
%rexml_version macro which further helps in making minimal changes
for different ruby versions.
Resolves: RHEL-68525
TestBundledCA is commented out since some of the build
infra can see DNS but then cannot connect.
Ideally not even DNS can be resolved for the rubygems.org.
The tests always get omitted in builds
as long as the infra does not allow connecting outside,
which is what we expect as correct behavior from mock.
Related: RHEL-35740
* Upgrade to Ruby 3.0.7.
Resolves: RHEL-35740
The released Ruby 3.0.5 includes the following fix.
* Fix HTTP response splitting in CGI.
Resolves: RHEL-35741
The released Ruby 3.0.6 includes the following fixes.
* Fix ReDoS vulnerability in URI.
Resolves: RHEL-35742
* Fix ReDoS vulnerability in Time.
Resolves: RHEL-35743
The released Ruby 3.0.7 includes the following fixes.
* Fix buffer overread vulnerability in StringIO.
Resolves: RHEL-35744
* Fix RCE vulnerability with .rdoc_options in RDoc.
Resolves: RHEL-35746
* Fix arbitrary memory address read vulnerability with Regex search.
Resolves: RHEL-35747
Replaced the patch ruby-3.0.3-ext-openssl-extconf.rb-require-OpenSSL-version-1.0.1.patch
with the tiny patch ruby-ext-openssl-extconf.rb-ignore-OpenSSL-version-check.patch
not using the reverse logic. Because it was hard to maintain the patch file,
when the included file was updated on the upstream.
Added the following patches.
* Fix net-http test errors due to expired certificate.
The patch ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch was copied
from the part on the Fedora rawhide
<05a6c9c8f3>.
* Fix `TestNetHTTPS#test_session_reuse_but_expire` test failure cause.
The patch ruby-3.3.1-Fix-test-session-reuse-but-expire.patch was copied from
the part on Fedora rawhide
<a34f33bc50>.
As a reference, the part comes from Fedora ruby-3.3 branch
<99d21ecc4c>.
This commit fixes the following failures in OpenSSL FIPS using the
`OPENSSL_FORCE_FIPS_MODE=1` in CentOS stream 9 non-FIPS OS environment.
```
$ cat /etc/redhat-release
CentOS Stream release 9
$ rpm -q openssl
openssl-3.0.7-24.el9.x86_64
$ pwd
/builddir/build/BUILD/ruby-3.1.2
$ make runruby 'TESTRUN_SCRIPT= \
-I/builddir/build/BUILD/ruby-3.1.2/tool/lib --enable-gems \
/builddir/build/SOURCES/test_openssl_fips.rb /builddir/build/BUILD/ruby-3.1.2 --verbose'
...
1) Failure:
OpenSSL::TestFIPS#test_fips_mode_get_with_fips_mode_set [/builddir/build/BUILD/ruby-3.1.2/test/openssl/test_fips.rb:38]:
assert_separately failed with error message
pid 2043890 exit 1
| /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError)
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `new'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `new'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:34:in `<class:SSLContext>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:20:in `<module:SSL>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:19:in `<module:OpenSSL>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:18:in `<top (required)>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl.rb:21:in `require_relative'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl.rb:21:in `<top (required)>'
| from -:in `require'
2) Failure:
OpenSSL::TestFIPS#test_fips_mode_get_is_true_on_fips_mode_enabled [/builddir/build/BUILD/ruby-3.1.2/test/openssl/test_fips.rb:12]:
assert_separately failed with error message
pid 2043891 exit 1
| /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError)
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `new'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `new'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:34:in `<class:SSLContext>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:20:in `<module:SSL>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:19:in `<module:OpenSSL>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:18:in `<top (required)>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl.rb:21:in `require_relative'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl.rb:21:in `<top (required)>'
| from -:in `require'
Finished tests in 0.154373s, 77.7337 tests/s, 369.2351 assertions/s.
12 tests, 57 assertions, 2 failures, 0 errors, 1 skips
ruby -v: ruby 3.1.2p20 (2022-04-12 revision 4491bb740a) [x86_64-linux]
make: *** [uncommon.mk:1249: runruby] Error 2
```
Note that we obverved the issue in RHEL 9.4 Beta non-FIPS OS environment too.
The error happened by applying the patch
ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-read-in-openssl-3.patch
rewriting the `ossl_pkey_read_generic` properly.
The error didn't happen without the patch.
```
$ cat /etc/redhat-release
Red Hat Enterprise Linux release 9.4 Beta (Plow)
$ OPENSSL_FORCE_FIPS_MODE=1 bundle exec ruby -I./lib -e "require 'openssl'"
/builddir/work/ruby/openssl/lib/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError)
from /builddir/work/ruby/openssl/lib/openssl/pkey.rb:132:in `new'
from /builddir/work/ruby/openssl/lib/openssl/pkey.rb:132:in `new'
from /builddir/work/ruby/openssl/lib/openssl/ssl.rb:34:in `<class:SSLContext>'
from /builddir/work/ruby/openssl/lib/openssl/ssl.rb:20:in `<module:SSL>'
from /builddir/work/ruby/openssl/lib/openssl/ssl.rb:19:in `<module:OpenSSL>'
from /builddir/work/ruby/openssl/lib/openssl/ssl.rb:18:in `<top (required)>'
from /builddir/work/ruby/openssl/lib/openssl.rb:21:in `require_relative'
from /builddir/work/ruby/openssl/lib/openssl.rb:21:in `<top (required)>'
from -e:1:in `require'
from -e:1:in `<main>'
```
Related: RHEL-12724
This commit is to fix the following test failure on CentOS Stream Zuul CI
mock-build.
```
DEBUG: 1)
DEBUG: File.utime allows Time instances in the far future to set mtime and atime (but some filesystems limit it up to 2446-05-10 or 2038-01-19) FAILED
DEBUG: Expected [559444, 2446, 2038].include? 2486
DEBUG: to be truthy but was false
DEBUG: /builddir/build/BUILD/ruby-3.0.4/spec/ruby/core/file/utime_spec.rb:84:in `block (4 levels) in <top (required)>'
DEBUG: /builddir/build/BUILD/ruby-3.0.4/spec/ruby/core/file/utime_spec.rb:3:in `<top (required)>'
DEBUG: Finished in 77.102196 seconds
DEBUG: 3769 files, 30810 examples, 179414 expectations, 1 failure, 0 errors, 0 tagged
```
Related: rhbz#2173531
This commit was cherry-picked from Fedora rawhide
<f8ef5964d0>.
This fixes the test failures related to the Singapore time zone like below.
```
2) Failure:
TestTimeTZ#test_asia_singapore [/builddir/build/BUILD/ruby-3.0.4/test/ruby/test_time_tz.rb:143]:
TZ=Asia/Singapore Time.local(1981, 12, 31, 23, 59, 59).
<"1981-12-31 23:59:59 +0730"> expected but was
<"1982-01-01 00:29:59 +0800">.
```
Related: rhbz#2173531
This commit was cherry-picked from Fedora rawhide
<ad7f78b5c8>.
This fixes the test failures related to the Amsterdam time zone like below.
```
1)
Time.local timezone changes correctly adjusts the timezone change to 'CEST' on 'Europe/Amsterdam' FAILED
Expected [0, 0, 0, 16, 5, 1940, 4, 137, true, "WEST"] == [0, 40, 1, 16, 5, 1940, 4, 137, true, "CEST"]
to be truthy but was false
/builddir/build/BUILD/ruby-3.0.4/spec/ruby/core/time/shared/local.rb:13:in `block (5 levels) in <top (required)>'
/builddir/build/BUILD/ruby-3.0.4/spec/ruby/core/time/shared/local.rb:12:in `block (4 levels) in <top (required)>'
/builddir/build/BUILD/ruby-3.0.4/spec/ruby/core/time/local_spec.rb:5:in `<top (required)>'
```
Related: rhbz#2173531
This commit was cherry-picked from Fedora rawhide
<79d75fdcdd>.
This fixes the following test failure.
```
1) Failure:
TestGemSourceGit#test_checkout_submodules [/builddir/build/BUILD/ruby-3.0.4/test/rubygems/test_gem_source_git.rb:72]:
fatal: transport 'file' not allowed
fatal: clone of '/builddir/build/BUILD/ruby-3.0.4/tmp/test_rubygems_20230627-4031323-yppcjj/git/b' into submodule path '/builddir/build/BUILD/ruby-3.0.4/tmp/test_rubygems_20230627-4031323-yppcjj/git/a/b' failed
```
Resolves: rhbz#2173531
Backport OpenSSL test suite fixes from the C9S branch stream-ruby-3.1-rhel-9.1.0
Patches were backported from commit: 20188a8a3f .
Changes:
Firstly, replace SHA1 with SHA256 and higher in tests.
SHA1 is disabled by default on C9S and RHEL 9.
Secondly, apply ossl_ocsp-use-null patch.
C9S/RHEL9 have SHA1 disabled by default, so using the OCSP with
default arguments on a default C9S/RHEL9 installation will result in an
OpenSSL error. This patch, when OCSP does not receive a digest explicitly, will
let OpenSSL decide which digest to use instead of using a default, thus
preventing usage of disabled digests.
See <https://github.com/ruby/openssl/pull/507>.
OPENSSL_ENABLE_SHA1_SIGNATURES=1 enables SHA1 for
OpenSSL in order to enable tests using SHA1 certificates, at least running
the tests is preferable to not running them at all.
Resolves: rbhz#2107696
This is based on origina PR with official patches which landed in
[ruby/openssl](https://github.com/ruby/openssl) repository and should
reflect the state of OpenSSL 3 support in Ruby 3.1.
Resolves: rhbz#1952925
In Ruby 3.0.3, a new logic with the hard-coded "libc.so.6" to detect glibc
works on PPC, both Power 8 and 9.
See <https://bugs.ruby-lang.org/issues/12666#note-13>.
Note the logic also fixes the following error on a Power 9 environment where
the path is `/lib64/glibc-hwcaps/power9/libc-2.28.so`.
```
/builddir/build/BUILD/ruby-2.6.9/.ext/common/fiddle/import.rb:299:in `import_function': cannot find the function: strcpy() (Fiddle::DLError)
from /builddir/build/BUILD/ruby-2.6.9/.ext/common/fiddle/import.rb:172:in `extern'
from /builddir/build/BUILD/ruby-2.6.9/test/fiddle/test_import.rb:17:in `<module:LIBC>'
from /builddir/build/BUILD/ruby-2.6.9/test/fiddle/test_import.rb:10:in `<module:Fiddle>'
from /builddir/build/BUILD/ruby-2.6.9/test/fiddle/test_import.rb:9:in `<top (required)>'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:958:in `require'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:958:in `block in non_options'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:952:in `each'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:952:in `non_options'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:64:in `process_args'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:130:in `process_args'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:1136:in `process_args'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:1141:in `run'
from /builddir/build/BUILD/ruby-2.6.9/test/lib/test/unit.rb:1148:in `run'
from ./test/runner.rb:33:in `<main>'
```
Related: rhbz#2049693
- Fix command injection vulnerability in RDoc.
- Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
- Fix StartTLS stripping vulnerability in Net::IMAP
- Fix dependencies of gems with explicit source installed from a
different source.
Resolves: CVE-2021-31810
Resolves: CVE-2021-32066
Resolves: CVE-2021-31799
Resolves: CVE-2020-36327
