* [gentoo-commits] repo/proj/libressl:master commit in: dev-lang/ruby/files/, dev-lang/ruby/
@ 2022-10-07 21:11 Quentin Retornaz
0 siblings, 0 replies; only message in thread
From: Quentin Retornaz @ 2022-10-07 21:11 UTC (permalink / raw
To: gentoo-commits
commit: 23e1b816a316b23daa8f8635faf3bd08fa7f2a85
Author: orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Fri Oct 7 17:24:58 2022 +0000
Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
CommitDate: Fri Oct 7 21:11:15 2022 +0000
URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=23e1b816
dev-lang/ruby: Fix 3.0.4 for libressl 3.6.x
Signed-off-by: orbea <orbea <AT> riseup.net>
Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com>
dev-lang/ruby/files/ruby-3.0-libressl.patch | 39 +++++++++++++++++++++++++++++
dev-lang/ruby/ruby-3.0.4.ebuild | 2 +-
2 files changed, 40 insertions(+), 1 deletion(-)
diff --git a/dev-lang/ruby/files/ruby-3.0-libressl.patch b/dev-lang/ruby/files/ruby-3.0-libressl.patch
new file mode 100644
index 0000000..8464eca
--- /dev/null
+++ b/dev-lang/ruby/files/ruby-3.0-libressl.patch
@@ -0,0 +1,39 @@
+From OpenBSD:
+
+https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang/ruby/3.0/patches/patch-ext_openssl_ossl_ocsp_c
+
+Fix build with opaque OCSP_BASICRESP in LibreSSL 3.5.
+The bug this works around should be fixed since LibreSSL 2.4.2
+as far as I can tell.
+
+Index: ext/openssl/ossl_ocsp.c
+--- a/ext/openssl/ossl_ocsp.c.orig
++++ b/ext/openssl/ossl_ocsp.c
+@@ -1093,7 +1093,7 @@ ossl_ocspbres_verify(int argc, VALUE *argv, VALUE self
+ * exists in LibreSSL 2.1.10, 2.2.9, 2.3.6, 2.4.1.
+ */
+ if (!(flg & (OCSP_NOCHAIN | OCSP_NOVERIFY)) &&
+- sk_X509_num(x509s) && sk_X509_num(bs->certs)) {
++ sk_X509_num(x509s) && sk_X509_num(OCSP_resp_get0_certs(bs))) {
+ int i;
+
+ bs = ASN1_item_dup(ASN1_ITEM_rptr(OCSP_BASICRESP), bs);
+From OpenBSD:
+
+https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang/ruby/3.0/patches/patch-ext_openssl_extconf_rb
+
+Make sure the TS_VERIFY_CTS_set_certs() macro gets picked up correctly.
+It is a function in OpenSSL 1.1 and a macro in LibreSSL and OpenSSL 3.
+
+Index: ext/openssl/extconf.rb
+--- a/ext/openssl/extconf.rb.orig
++++ b/ext/openssl/extconf.rb
+@@ -176,7 +176,7 @@ have_func("SSL_SESSION_get_protocol_version")
+ have_func("TS_STATUS_INFO_get0_status")
+ have_func("TS_STATUS_INFO_get0_text")
+ have_func("TS_STATUS_INFO_get0_failure_info")
+-have_func("TS_VERIFY_CTS_set_certs")
++have_func("TS_VERIFY_CTS_set_certs(NULL, NULL)", "openssl/ts.h")
+ have_func("TS_VERIFY_CTX_set_store")
+ have_func("TS_VERIFY_CTX_add_flags")
+ have_func("TS_RESP_CTX_set_time_cb")
diff --git a/dev-lang/ruby/ruby-3.0.4.ebuild b/dev-lang/ruby/ruby-3.0.4.ebuild
index 9f5a035..557379d 100644
--- a/dev-lang/ruby/ruby-3.0.4.ebuild
+++ b/dev-lang/ruby/ruby-3.0.4.ebuild
@@ -65,7 +65,7 @@ PDEPEND="
xemacs? ( app-xemacs/ruby-modes )"
src_prepare() {
- eapply "${FILESDIR}"/${PN}-2.7-libressl.patch
+ eapply "${FILESDIR}"/${PN}-3.0-libressl.patch
eapply "${FILESDIR}"/"${SLOT}"/010*.patch
if use elibc_musl ; then
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2022-10-07 21:12 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-10-07 21:11 [gentoo-commits] repo/proj/libressl:master commit in: dev-lang/ruby/files/, dev-lang/ruby/ Quentin Retornaz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox