diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-07 23:41:49 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-04-07 23:41:49 +0900 |
| commit | 4963d417b426e6855700362acf34c056287564b2 (patch) | |
| tree | 3dd75f1ab2341a11850990ba5206a5cfc48cbc28 | |
| parent | 26af1b31356587aa2af7f1270e10687870be7496 (diff) | |
| download | poe-4963d417b426e6855700362acf34c056287564b2.tar.gz | |
patches: Ruby 1.6.5 から Ruby 2.3.0 の全てのバージョンがビルドできるようになった(1.8.2 以前では tk は動かない)
20 files changed, 746 insertions, 276 deletions
@@ -33,17 +33,43 @@ rescue retry end +def download(url, target) + FileUtils.mkdir_p($datadir + "/cache") + out = $datadir + "/cache/" + File.basename(url) + system("curl -z #{Shellwords.escape(out)} -o #{Shellwords.escape(out)} -L #{Shellwords.escape(url)}") or + raise("failed download: #{url}") + FileUtils.copy(out, target) +end + load_config RUBY_PATCHES = { - ruby: { - /^(1.8.[01])/ => ["tcltklib-Tcl_GetStringResult"], - /^(1.8.[0-2])/ => ["r8532-X509_STORE_CTX-flags"], - /^(1.8.[0-6])/ => ["r16422-New-OpenSSL"], - /^(1.8|1.9.1)/ => ["r26781-OpenSSL10"], - /^(1.8|1.9|2.0|2.1|2.2)/ => ["r31346-r31528-SSLv2", "r51722-SSLv3"], - /^(1.8.7|1.9|2.[012])/ => ["r41808-EC2M"], - } + ruby: [ + # core + [/^(1.6.[5-8])/, "eval-64bit-fix-165", "disable-tcltklib-165"], + + # ext/tcltklib (old) + [/^1.8.[01]/, "disable-tcltklib-180"], + + # ext/openssl + [/^1.8.2/, "r8532-X509_STORE_CTX-flags"], + [/^1.8.0/, "r16422-New-OpenSSL-180"], + [/^1.8.1/, "r16422-New-OpenSSL-181"], + [/^(1.8.[2-6]|1.9.0)/, "r16422-New-OpenSSL-182"], + [/^1.9.0/, "r16478-pkcs5-typo"], + # OpenSSL 1.0 support + [/^1.8.0/, "r26781-OpenSSL10-180"], + [/^(1.8.[1-7]|1.9.[01])/, "r26781-OpenSSL10-181"], + # apply SSLv2, then apply SSLv3 + [/^1.8.0/, "r31346-r31528-SSLv2-180", "r51722-SSLv3-180"], + [/^1.8.1/, "r31346-r31528-SSLv2-181", "r51722-SSLv3-181"], + [/^1.8.2/, "r31346-r31528-SSLv2-182", "r51722-SSLv3-181"], + [/^(1.8.[3-7]|1.9.[01])/, "r31346-r31528-SSLv2-183", "r51722-SSLv3-181"], + [/^1.9.[23]/, "r31346-r31528-SSLv2-192", "r51722-SSLv3-192"], + [/^2.[012]/, "r51722-SSLv3-200"], + # EC2M + [/^(1.8.7|1.9|2.[012])/, "r41808-EC2M"], + ] } namespace :compiler do @@ -71,19 +97,23 @@ namespace :compiler do Dir.mktmpdir { |tmpdir| FileUtils.chdir(tmpdir) { - system("curl -o archive.tar.gz #{Shellwords.escape(url)}") or raise("failed to download") + download(url, "archive.tar.gz") system("tar xf archive.tar.gz") or raise("failed to extract") FileUtils.chdir(archive_dir) { - RUBY_PATCHES[:ruby].each { |regexp, patch_names| + RUBY_PATCHES[:ruby].each { |regexp, *patch_names| next if regexp !~ version patch_names.each { |name| puts "applying patch #{name}..." - system("patch -N -p1 <#{File.expand_path("../patches/ruby/#{name}.patch", __FILE__)}") or - puts("patching failed: #{name}, ignoring") + patch_file = File.expand_path("../patches/ruby/#{name}.patch", __FILE__) + retriable { + system("patch --dry-run -R -N -p1 <#{patch_file}") or + system("patch -N -p1 <#{patch_file}") or + raise("patch failed: #{name}") + } } } retriable { - system("./configure --prefix=#{prefix} --enable-shared --disable-install-doc") or raise("failed to configure") + system("./configure --prefix=#{prefix} --enable-shared --disable-install-doc --without-tk --without-tcllib --without-tklib") or raise("failed to configure") system("make -j6") or raise("failed to make") system("make install DESTDIR=#{destdir}") or raise("failed to install") } diff --git a/config.json b/config.json index aa5a45c..af7ad18 100644 --- a/config.json +++ b/config.json @@ -3,232 +3,160 @@ "runner": "/work/poe/sandbox/runner", "compilers": { "ruby": { - "ruby-snapshot": { - "version": "ruby 2.4.0dev (2016-04-02 trunk 54474) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", - "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, "ruby-2.3.0": { "version": "ruby 2.3.0p0 (2015-12-25 revision 53290) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-2.2.4": { "version": "ruby 2.2.4p230 (2015-12-16 revision 53155) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", - "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-2.2.3": { - "version": "ruby 2.2.3p173 (2015-08-18 revision 51636) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", - "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-2.2.2": { - "version": "ruby 2.2.2p95 (2015-04-13 revision 50295) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", - "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-2.2.1": { - "version": "ruby 2.2.1p85 (2015-02-26 revision 49769) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", - "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-2.2.0": { - "version": "ruby 2.2.0p0 (2014-12-25 revision 49005) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", - "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-2.1.9": { - "version_command": "/opt/bin/ruby -v", - "version": "ruby 2.1.9p490 (2016-03-30 revision 54437) [x86_64-linux]", - "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-2.1.8": { - "version_command": "/opt/bin/ruby -v", - "version": "ruby 2.1.8p440 (2015-12-16 revision 53160) [x86_64-linux]", - "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-2.1.7": { - "version_command": "/opt/bin/ruby -v", - "version": "ruby 2.1.7p400 (2015-08-18 revision 51632) [x86_64-linux]", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-2.1.6": { - "version": "ruby 2.1.6p336 (2015-04-13 revision 50298) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", - "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-2.1.10": { "version": "ruby 2.1.10p492 (2016-04-01 revision 54464) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-2.0.0-p648": { "version": "ruby 2.0.0p648 (2015-12-16 revision 53162) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, - "ruby-1.9.3-p551": { - "version": "ruby 1.9.3p551 (2014-11-13 revision 48407) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "ruby-2.0.0-p0": { + "version": "ruby 2.0.0p0 (2013-02-24 revision 39474) [x86_64-linux]", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.9.3-p0": { "version": "ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.9.2-p0": { "version": "ruby 1.9.2p0 (2010-08-18 revision 29036) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.9.1-p0": { "version": "ruby 1.9.1p0 (2009-01-30 revision 21907) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, - "ruby-1.8.7-p358": { - "version": "ruby 1.8.7 (2012-02-08 patchlevel 358) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "ruby-1.9.0-0": { + "version": "ruby 1.9.0 (2007-12-25 revision 14709) [x86_64-linux]", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.8.7": { "version": "ruby 1.8.7 (2008-05-31 patchlevel 0) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", - "{}" - ] - }, - "ruby-1.8.6-p420": { - "version": "ruby 1.8.6 (2010-09-02 patchlevel 420) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", - "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.8.6": { "version": "ruby 1.8.6 (2007-03-13 patchlevel 0) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.8.5": { "version": "ruby 1.8.5 (2006-08-25) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.8.4": { "version": "ruby 1.8.4 (2005-12-24) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.8.3": { "version": "ruby 1.8.3 (2005-09-21) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.8.2": { "version": "ruby 1.8.2 (2004-12-25) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.8.1": { "version": "ruby 1.8.1 (2003-12-25) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] }, "ruby-1.8.0": { "version": "ruby 1.8.0 (2003-08-04) [x86_64-linux]", - "version_command": "/opt/bin/ruby -v", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/ruby", + "/usr/bin/ruby", "{}" ] - } - }, - "php": { - "php-7.0.3": { - "version": "PHP 7.0.3 (cli) (built: Mar 1 2016 00:37:44) ( NTS )\nCopyright (c) 1997-2016 The PHP Group\nZend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies", - "version_command": "/opt/bin/php -v", + }, + "ruby-1.6.8": { + "version": "ruby 1.6.8 (2002-12-24) [x86_64-linux]", + "version_command": "/usr/bin/ruby -v", "commandline": [ - "/opt/bin/php", + "/usr/bin/ruby", + "{}" + ] + }, + "ruby-1.6.5": { + "version": "ruby 1.6.5 (2001-09-19) [x86_64-linux]", + "version_command": "/usr/bin/ruby -v", + "commandline": [ + "/usr/bin/ruby", "{}" ] } + }, + "php": { } } } diff --git a/patches/ruby/disable-tcltklib-165.patch b/patches/ruby/disable-tcltklib-165.patch new file mode 100644 index 0000000..2ee997d --- /dev/null +++ b/patches/ruby/disable-tcltklib-165.patch @@ -0,0 +1,11 @@ +diff --git a/ext/tcltklib/extconf.rb b/ext/tcltklib/extconf.rb +index f732c16..fab2029 100644 +--- a/ext/tcltklib/extconf.rb ++++ b/ext/tcltklib/extconf.rb +@@ -68,5 +68,5 @@ if have_header("tcl.h") && have_header("tk.h") && + find_tk(tklib, stubs) + $CPPFLAGS += ' -DUSE_TCL_STUBS -DUSE_TK_STUBS' if stubs + $CPPFLAGS += ' -D_WIN32' if /cygwin/ =~ RUBY_PLATFORM +- create_makefile("tcltklib") ++ create_makefile("tcltklib") if false + end diff --git a/patches/ruby/disable-tcltklib-180.patch b/patches/ruby/disable-tcltklib-180.patch new file mode 100644 index 0000000..35b5c50 --- /dev/null +++ b/patches/ruby/disable-tcltklib-180.patch @@ -0,0 +1,11 @@ ++++ a/ext/tcltklib/extconf.rb 2016-04-07 22:16:29.834363113 +0900 +--- b/ext/tcltklib/extconf.rb 2016-04-07 22:16:46.291204334 +0900 +@@ -2,6 +2,8 @@ + + require 'mkmf' + ++exit ++ + if RUBY_PLATFORM !~ /mswin32|mingw|cygwin|bccwin32/ + have_library("nsl", "t_open") + have_library("socket", "socket") diff --git a/patches/ruby/eval-64bit-fix-165.patch b/patches/ruby/eval-64bit-fix-165.patch new file mode 100644 index 0000000..6910b56 --- /dev/null +++ b/patches/ruby/eval-64bit-fix-165.patch @@ -0,0 +1,22 @@ +diff --git a/eval.c b/eval.c +This fixes variable length argument SEGV on 64bit platform, but I'm not sure +--- a/eval.c ++++ b/eval.c +@@ -4425,7 +4425,7 @@ rb_call0(klass, recv, id, argc, argv, body, nosuper) + rb_raise(rb_eArgError, "wrong # of arguments(%d for %d)", + argc, i); + } +- if (node->nd_rest == -1) { ++ if ((int)node->nd_rest == -1) { + int opt = i; + NODE *optnode = node->nd_opt; + +@@ -4457,7 +4457,7 @@ rb_call0(klass, recv, id, argc, argv, body, nosuper) + } + rb_eval(recv, opt); + } +- if (node->nd_rest >= 0) { ++ if ((int)node->nd_rest >= 0) { + VALUE v; + + if (argc > 0) diff --git a/patches/ruby/r16422-New-OpenSSL-180.patch b/patches/ruby/r16422-New-OpenSSL-180.patch new file mode 100644 index 0000000..170950d --- /dev/null +++ b/patches/ruby/r16422-New-OpenSSL-180.patch @@ -0,0 +1,156 @@ +diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c +index f77731e..724f36b 100644 +--- a/ext/openssl/openssl_missing.c ++++ b/ext/openssl/openssl_missing.c +@@ -14,25 +14,15 @@ + #include <openssl/hmac.h> + + #if !defined(HAVE_HMAC_CTX_COPY) +-int ++void + HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in) + { +- if (!out || !in) { +- /* HMACerr(HMAC_CTX_COPY,HMAC_R_INPUT_NOT_INITIALIZED); */ +- return 0; +- } ++ if (!out || !in) return; + memcpy(out, in, sizeof(HMAC_CTX)); + +- if (!EVP_MD_CTX_copy(&out->md_ctx, &in->md_ctx)) { +- return 0; +- } +- if (!EVP_MD_CTX_copy(&out->i_ctx, &in->i_ctx)) { +- return 0; +- } +- if (!EVP_MD_CTX_copy(&out->o_ctx, &in->o_ctx)) { +- return 0; +- } +- return 1; ++ EVP_MD_CTX_copy(&out->md_ctx, &in->md_ctx); ++ EVP_MD_CTX_copy(&out->i_ctx, &in->i_ctx); ++ EVP_MD_CTX_copy(&out->o_ctx, &in->o_ctx); + } + #endif /* HAVE_HMAC_CTX_COPY */ + #endif /* NO_HMAC */ +diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h +for Ruby 1.8.0 +--- a/ext/openssl/openssl_missing.h ++++ b/ext/openssl/openssl_missing.h +@@ -56,12 +56,33 @@ + (char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri) + #endif + +-int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in); +-void *X509_STORE_get_ex_data(X509_STORE *str, int idx); +-int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data); ++#if !defined(HAVE_EVP_MD_CTX_INIT) ++void HMAC_CTX_init(HMAC_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_HMAC_CTX_COPY) ++void HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in); ++#endif ++ ++#if !defined(HAVE_HMAC_CTX_CLEANUP) ++void HMAC_CTX_cleanup(HMAC_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_EVP_MD_CTX_CREATE) + EVP_MD_CTX *EVP_MD_CTX_create(void); ++#endif ++ ++#if !defined(HAVE_EVP_MD_CTX_INIT) ++void EVP_MD_CTX_init(EVP_MD_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_EVP_MD_CTX_CLEANUP) + int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_EVP_MD_CTX_DESTROY) + void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); ++#endif + + #if !defined(EVP_CIPHER_name) + # define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) +@@ -71,10 +92,6 @@ + # define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_type(e)) + #endif + +-void EVP_MD_CTX_init(EVP_MD_CTX *ctx); +-void HMAC_CTX_init(HMAC_CTX *ctx); +-void HMAC_CTX_cleanup(HMAC_CTX *ctx); +- + #if !defined(PKCS7_is_detached) + # define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7)) + #endif +@@ -83,14 +100,42 @@ + # define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) + #endif + ++#if !defined(HAVE_X509_STORE_SET_EX_DATA) ++void *X509_STORE_get_ex_data(X509_STORE *str, int idx); ++int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data); ++#endif ++ ++#if !defined(HAVE_X509_CRL_SET_VERSION) + int X509_CRL_set_version(X509_CRL *x, long version); ++#endif ++ ++#if !defined(HAVE_X509_CRL_SET_ISSUER_NAME) + int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); ++#endif ++ ++#if !defined(HAVE_X509_CRL_SORT) + int X509_CRL_sort(X509_CRL *c); ++#endif ++ ++#if !defined(HAVE_X509_CRL_ADD0_REVOKED) + int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); ++#endif ++ ++#if !defined(HAVE_BN_MOD_SQR) + int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_BN_MOD_ADD) + int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_BN_MOD_SUB) + int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE) + char *CONF_get1_default_config_file(void); ++#endif + + #if !defined(HAVE_PEM_DEF_CALLBACK) + int PEM_def_callback(char *buf, int num, int w, void *key); +diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c +index ba85f52..ef77d6c 100644 +--- a/ext/openssl/ossl_hmac.c ++++ b/ext/openssl/ossl_hmac.c +@@ -87,9 +87,7 @@ ossl_hmac_copy(VALUE self, VALUE other) + GetHMAC(self, ctx1); + SafeGetHMAC(other, ctx2); + +- if (!HMAC_CTX_copy(ctx1, ctx2)) { +- ossl_raise(eHMACError, NULL); +- } ++ HMAC_CTX_copy(ctx1, ctx2); + return self; + } + +@@ -115,9 +113,7 @@ hmac_final(HMAC_CTX *ctx, char **buf, int *buf_len) + { + HMAC_CTX final; + +- if (!HMAC_CTX_copy(&final, ctx)) { +- ossl_raise(eHMACError, NULL); +- } ++ HMAC_CTX_copy(&final, ctx); + if (!(*buf = OPENSSL_malloc(HMAC_size(&final)))) { + HMAC_CTX_cleanup(&final); + OSSL_Debug("Allocating %d mem", HMAC_size(&final)); diff --git a/patches/ruby/r16422-New-OpenSSL.patch b/patches/ruby/r16422-New-OpenSSL-181.patch index 969ce83..a5606ad 100644 --- a/patches/ruby/r16422-New-OpenSSL.patch +++ b/patches/ruby/r16422-New-OpenSSL-181.patch @@ -121,100 +121,6 @@ for Ruby 1.8.1 or older #if defined(__cplusplus) } -diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h -index e8c75ca..3450b81 100644 ---- a/ext/openssl/openssl_missing.h -+++ b/ext/openssl/openssl_missing.h -@@ -56,14 +56,33 @@ extern "C" { - (char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri) - #endif - -+#if !defined(HAVE_EVP_MD_CTX_INIT) - void HMAC_CTX_init(HMAC_CTX *ctx); --int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in); -+#endif -+ -+#if !defined(HAVE_HMAC_CTX_COPY) -+void HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in); -+#endif -+ -+#if !defined(HAVE_HMAC_CTX_CLEANUP) - void HMAC_CTX_cleanup(HMAC_CTX *ctx); -+#endif - -+#if !defined(HAVE_EVP_MD_CTX_CREATE) - EVP_MD_CTX *EVP_MD_CTX_create(void); -+#endif -+ -+#if !defined(HAVE_EVP_MD_CTX_INIT) - void EVP_MD_CTX_init(EVP_MD_CTX *ctx); -+#endif -+ -+#if !defined(HAVE_EVP_MD_CTX_CLEANUP) - int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); -+#endif -+ -+#if !defined(HAVE_EVP_MD_CTX_DESTROY) - void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); -+#endif - - #if !defined(HAVE_EVP_CIPHER_CTX_COPY) - int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in); -@@ -107,19 +126,54 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in); - #define OPENSSL_cleanse(p, l) memset(p, 0, l) - #endif - -+#if !defined(HAVE_X509_STORE_SET_EX_DATA) - void *X509_STORE_get_ex_data(X509_STORE *str, int idx); - int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data); -+#endif -+ -+#if !defined(HAVE_X509_CRL_SET_VERSION) - int X509_CRL_set_version(X509_CRL *x, long version); -+#endif -+ -+#if !defined(HAVE_X509_CRL_SET_ISSUER_NAME) - int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); -+#endif -+ -+#if !defined(HAVE_X509_CRL_SORT) - int X509_CRL_sort(X509_CRL *c); -+#endif -+ -+#if !defined(HAVE_X509_CRL_ADD0_REVOKED) - int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); -+#endif -+ -+#if !defined(HAVE_BN_MOD_SQR) - int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); -+#endif -+ -+#if !defined(HAVE_BN_MOD_ADD) - int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); -+#endif -+ -+#if !defined(HAVE_BN_MOD_SUB) - int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); -+#endif -+ -+#if !defined(HAVE_BN_RAND_RANGE) - int BN_rand_range(BIGNUM *r, BIGNUM *range); -+#endif -+ -+#if !defined(HAVE_BN_PSEUDO_RAND_RANGE) - int BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range); -+#endif -+ -+#if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE) - char *CONF_get1_default_config_file(void); -+#endif -+ -+#if !defined(HAVE_PEM_DEF_CALLBACK) - int PEM_def_callback(char *buf, int num, int w, void *key); -+#endif - - #if defined(__cplusplus) - } diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c index ba85f52..ef77d6c 100644 --- a/ext/openssl/ossl_hmac.c diff --git a/patches/ruby/r16422-New-OpenSSL-182.patch b/patches/ruby/r16422-New-OpenSSL-182.patch new file mode 100644 index 0000000..1c94c42 --- /dev/null +++ b/patches/ruby/r16422-New-OpenSSL-182.patch @@ -0,0 +1,147 @@ +diff --git a/ext/openssl/openssl_missing.c b/ext/openssl/openssl_missing.c +index f77731e..724f36b 100644 +--- a/ext/openssl/openssl_missing.c ++++ b/ext/openssl/openssl_missing.c +@@ -22,17 +22,15 @@ + #include "openssl_missing.h" + + #if !defined(HAVE_HMAC_CTX_COPY) +-int ++void + HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in) + { +- if (!out || !in) return 0; ++ if (!out || !in) return; + memcpy(out, in, sizeof(HMAC_CTX)); + +- if (!EVP_MD_CTX_copy(&out->md_ctx, &in->md_ctx) +- || !EVP_MD_CTX_copy(&out->i_ctx, &in->i_ctx) +- || !EVP_MD_CTX_copy(&out->o_ctx, &in->o_ctx)) +- return 0; +- return 1; ++ EVP_MD_CTX_copy(&out->md_ctx, &in->md_ctx); ++ EVP_MD_CTX_copy(&out->i_ctx, &in->i_ctx); ++ EVP_MD_CTX_copy(&out->o_ctx, &in->o_ctx); + } + #endif /* HAVE_HMAC_CTX_COPY */ + #endif /* NO_HMAC */ +diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h +index e8c75ca..3450b81 100644 +--- a/ext/openssl/openssl_missing.h ++++ b/ext/openssl/openssl_missing.h +@@ -56,14 +56,33 @@ extern "C" { + (char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri) + #endif + ++#if !defined(HAVE_EVP_MD_CTX_INIT) + void HMAC_CTX_init(HMAC_CTX *ctx); +-int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in); ++#endif ++ ++#if !defined(HAVE_HMAC_CTX_COPY) ++void HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in); ++#endif ++ ++#if !defined(HAVE_HMAC_CTX_CLEANUP) + void HMAC_CTX_cleanup(HMAC_CTX *ctx); ++#endif + ++#if !defined(HAVE_EVP_MD_CTX_CREATE) + EVP_MD_CTX *EVP_MD_CTX_create(void); ++#endif ++ ++#if !defined(HAVE_EVP_MD_CTX_INIT) + void EVP_MD_CTX_init(EVP_MD_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_EVP_MD_CTX_CLEANUP) + int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_EVP_MD_CTX_DESTROY) + void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); ++#endif + + #if !defined(HAVE_EVP_CIPHER_CTX_COPY) + int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in); +@@ -107,19 +126,54 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in); + #define OPENSSL_cleanse(p, l) memset(p, 0, l) + #endif + ++#if !defined(HAVE_X509_STORE_SET_EX_DATA) + void *X509_STORE_get_ex_data(X509_STORE *str, int idx); + int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data); ++#endif ++ ++#if !defined(HAVE_X509_CRL_SET_VERSION) + int X509_CRL_set_version(X509_CRL *x, long version); ++#endif ++ ++#if !defined(HAVE_X509_CRL_SET_ISSUER_NAME) + int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); ++#endif ++ ++#if !defined(HAVE_X509_CRL_SORT) + int X509_CRL_sort(X509_CRL *c); ++#endif ++ ++#if !defined(HAVE_X509_CRL_ADD0_REVOKED) + int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); ++#endif ++ ++#if !defined(HAVE_BN_MOD_SQR) + int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_BN_MOD_ADD) + int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_BN_MOD_SUB) + int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); ++#endif ++ ++#if !defined(HAVE_BN_RAND_RANGE) + int BN_rand_range(BIGNUM *r, BIGNUM *range); ++#endif ++ ++#if !defined(HAVE_BN_PSEUDO_RAND_RANGE) + int BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range); ++#endif ++ ++#if !defined(HAVE_CONF_GET1_DEFAULT_CONFIG_FILE) + char *CONF_get1_default_config_file(void); ++#endif ++ ++#if !defined(HAVE_PEM_DEF_CALLBACK) + int PEM_def_callback(char *buf, int num, int w, void *key); ++#endif + + #if defined(__cplusplus) + } +diff --git a/ext/openssl/ossl_hmac.c b/ext/openssl/ossl_hmac.c +index ba85f52..ef77d6c 100644 +--- a/ext/openssl/ossl_hmac.c ++++ b/ext/openssl/ossl_hmac.c +@@ -87,9 +87,7 @@ ossl_hmac_copy(VALUE self, VALUE other) + GetHMAC(self, ctx1); + SafeGetHMAC(other, ctx2); + +- if (!HMAC_CTX_copy(ctx1, ctx2)) { +- ossl_raise(eHMACError, NULL); +- } ++ HMAC_CTX_copy(ctx1, ctx2); + return self; + } + +@@ -115,9 +113,7 @@ hmac_final(HMAC_CTX *ctx, char **buf, int *buf_len) + { + HMAC_CTX final; + +- if (!HMAC_CTX_copy(&final, ctx)) { +- ossl_raise(eHMACError, NULL); +- } ++ HMAC_CTX_copy(&final, ctx); + if (!(*buf = OPENSSL_malloc(HMAC_size(&final)))) { + HMAC_CTX_cleanup(&final); + OSSL_Debug("Allocating %d mem", HMAC_size(&final)); diff --git a/patches/ruby/r16478-pkcs5-typo.patch b/patches/ruby/r16478-pkcs5-typo.patch new file mode 100644 index 0000000..8a4b929 --- /dev/null +++ b/patches/ruby/r16478-pkcs5-typo.patch @@ -0,0 +1,13 @@ +diff --git a/ext/openssl/ossl_pkcs5.c b/ext/openssl/ossl_pkcs5.c +index ca02a18..007889f 100644 +--- a/ext/openssl/ossl_pkcs5.c ++++ b/ext/openssl/ossl_pkcs5.c +@@ -27,7 +27,7 @@ ossl_pkcs5_pbkdf2_hmac(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE key + { + #ifdef HAVE_PKCS5_PBKDF2_HMAC + VALUE str; +- const EVP_MD md; ++ const EVP_MD *md; + int len = NUM2INT(keylen); + + StringValue(pass); diff --git a/patches/ruby/r26781-OpenSSL10-180.patch b/patches/ruby/r26781-OpenSSL10-180.patch new file mode 100644 index 0000000..b78589c --- /dev/null +++ b/patches/ruby/r26781-OpenSSL10-180.patch @@ -0,0 +1,71 @@ +diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c +index d4a2dc1..85ba654 100644 +--- a/ext/openssl/ossl.c ++++ b/ext/openssl/ossl.c +@@ -92,7 +92,7 @@ ossl_x509_ary2sk(VALUE ary) + + #define OSSL_IMPL_SK2ARY(name, type) \ + VALUE \ +-ossl_##name##_sk2ary(STACK *sk) \ ++ossl_##name##_sk2ary(STACK_OF(type) *sk) \ + { \ + type *t; \ + int i, num; \ +@@ -102,7 +102,7 @@ ossl_##name##_sk2ary(STACK *sk) \ + OSSL_Debug("empty sk!"); \ + return Qnil; \ + } \ +- num = sk_num(sk); \ ++ num = sk_##type##_num(sk); \ + if (num < 0) { \ + OSSL_Debug("items in sk < -1???"); \ + return rb_ary_new(); \ +@@ -110,7 +110,7 @@ ossl_##name##_sk2ary(STACK *sk) \ + ary = rb_ary_new2(num); \ + \ + for (i=0; i<num; i++) { \ +- t = (type *)sk_value(sk, i); \ ++ t = sk_##type##_value(sk, i); \ + rb_ary_push(ary, ossl_##name##_new(t)); \ + } \ + return ary; \ +diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h +index 9ac1525..4bb18d5 100644 +--- a/ext/openssl/ossl.h ++++ b/ext/openssl/ossl.h +@@ -104,6 +104,13 @@ extern VALUE eOSSLError; + } while (0) + + /* ++ * Compatibility ++ */ ++#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++#define STACK _STACK ++#endif ++ ++/* + * String to HEXString conversion + */ + int string2hex(const unsigned char *, int, char **, int *); +diff --git a/ext/openssl/ossl_x509crl.c b/ext/openssl/ossl_x509crl.c +index 1be9640..818fdba 100644 +--- a/ext/openssl/ossl_x509crl.c ++++ b/ext/openssl/ossl_x509crl.c +@@ -264,7 +264,7 @@ ossl_x509crl_get_revoked(VALUE self) + VALUE ary, revoked; + + GetX509CRL(self, crl); +- num = sk_X509_CRL_num(X509_CRL_get_REVOKED(crl)); ++ num = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl)); + if (num < 0) { + OSSL_Debug("num < 0???"); + return rb_ary_new(); +@@ -272,7 +272,7 @@ ossl_x509crl_get_revoked(VALUE self) + ary = rb_ary_new2(num); + for(i=0; i<num; i++) { + /* NO DUP - don't free! */ +- rev = (X509_REVOKED *)sk_X509_CRL_value(X509_CRL_get_REVOKED(crl), i); ++ rev = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i); + revoked = ossl_x509revoked_new(rev); + rb_ary_push(ary, revoked); + } diff --git a/patches/ruby/r26781-OpenSSL10.patch b/patches/ruby/r26781-OpenSSL10-181.patch index 9484c37..9484c37 100644 --- a/patches/ruby/r26781-OpenSSL10.patch +++ b/patches/ruby/r26781-OpenSSL10-181.patch diff --git a/patches/ruby/r31346-r31528-SSLv2-180.patch b/patches/ruby/r31346-r31528-SSLv2-180.patch new file mode 100644 index 0000000..62f3fc1 --- /dev/null +++ b/patches/ruby/r31346-r31528-SSLv2-180.patch @@ -0,0 +1,31 @@ +diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +index b1f2d88..1bd5a07 100644 +--- a/ext/openssl/extconf.rb ++++ b/ext/openssl/extconf.rb +@@ -100,6 +100,9 @@ + have_func("BN_rand_range") + have_func("BN_pseudo_rand_range") + have_func("CONF_get1_default_config_file") ++have_func("SSLv2_method") ++have_func("SSLv2_server_method") ++have_func("SSLv2_client_method") + if try_cpp("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1,2);}\n") + $defs.push("-DHAVE_VA_ARGS_MACRO") + end +diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c +index d8951fb..d750e95 100644 +--- a/ext/openssl/ossl_ssl.c ++++ b/ext/openssl/ossl_ssl.c +@@ -107,9 +107,12 @@ struct { + OSSL_SSL_METHOD_ENTRY(TLSv1), + OSSL_SSL_METHOD_ENTRY(TLSv1_server), + OSSL_SSL_METHOD_ENTRY(TLSv1_client), ++#if defined(HAVE_SSLV2_METHOD) && defined(HAVE_SSLV2_SERVER_METHOD) && \ ++ defined(HAVE_SSLV2_CLIENT_METHOD) + OSSL_SSL_METHOD_ENTRY(SSLv2), + OSSL_SSL_METHOD_ENTRY(SSLv2_server), + OSSL_SSL_METHOD_ENTRY(SSLv2_client), ++#endif + OSSL_SSL_METHOD_ENTRY(SSLv3), + OSSL_SSL_METHOD_ENTRY(SSLv3_server), + OSSL_SSL_METHOD_ENTRY(SSLv3_client), diff --git a/patches/ruby/r31346-r31528-SSLv2-181.patch b/patches/ruby/r31346-r31528-SSLv2-181.patch new file mode 100644 index 0000000..a038ebb --- /dev/null +++ b/patches/ruby/r31346-r31528-SSLv2-181.patch @@ -0,0 +1,31 @@ +diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +index b1f2d88..1bd5a07 100644 +--- a/ext/openssl/extconf.rb ++++ b/ext/openssl/extconf.rb +@@ -100,6 +100,9 @@ + have_func("BN_pseudo_rand_range") + have_func("CONF_get1_default_config_file") + have_func("X509V3_set_nconf") ++have_func("SSLv2_method") ++have_func("SSLv2_server_method") ++have_func("SSLv2_client_method") + if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n") + $defs.push("-DHAVE_VA_ARGS_MACRO") + end +diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c +index d8951fb..d750e95 100644 +--- a/ext/openssl/ossl_ssl.c ++++ b/ext/openssl/ossl_ssl.c +@@ -107,9 +107,12 @@ struct { + OSSL_SSL_METHOD_ENTRY(TLSv1), + OSSL_SSL_METHOD_ENTRY(TLSv1_server), + OSSL_SSL_METHOD_ENTRY(TLSv1_client), ++#if defined(HAVE_SSLV2_METHOD) && defined(HAVE_SSLV2_SERVER_METHOD) && \ ++ defined(HAVE_SSLV2_CLIENT_METHOD) + OSSL_SSL_METHOD_ENTRY(SSLv2), + OSSL_SSL_METHOD_ENTRY(SSLv2_server), + OSSL_SSL_METHOD_ENTRY(SSLv2_client), ++#endif + OSSL_SSL_METHOD_ENTRY(SSLv3), + OSSL_SSL_METHOD_ENTRY(SSLv3_server), + OSSL_SSL_METHOD_ENTRY(SSLv3_client), diff --git a/patches/ruby/r31346-r31528-SSLv2-182.patch b/patches/ruby/r31346-r31528-SSLv2-182.patch new file mode 100644 index 0000000..09386e6 --- /dev/null +++ b/patches/ruby/r31346-r31528-SSLv2-182.patch @@ -0,0 +1,31 @@ +diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +index b1f2d88..1bd5a07 100644 +--- a/ext/openssl/extconf.rb ++++ b/ext/openssl/extconf.rb +@@ -100,6 +100,9 @@ + have_func("X509_CRL_sort") + have_func("X509_STORE_get_ex_data") + have_func("X509_STORE_set_ex_data") ++have_func("SSLv2_method") ++have_func("SSLv2_server_method") ++have_func("SSLv2_client_method") + if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n") + $defs.push("-DHAVE_VA_ARGS_MACRO") + end +diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c +index d8951fb..d750e95 100644 +--- a/ext/openssl/ossl_ssl.c ++++ b/ext/openssl/ossl_ssl.c +@@ -107,9 +107,12 @@ struct { + OSSL_SSL_METHOD_ENTRY(TLSv1), + OSSL_SSL_METHOD_ENTRY(TLSv1_server), + OSSL_SSL_METHOD_ENTRY(TLSv1_client), ++#if defined(HAVE_SSLV2_METHOD) && defined(HAVE_SSLV2_SERVER_METHOD) && \ ++ defined(HAVE_SSLV2_CLIENT_METHOD) + OSSL_SSL_METHOD_ENTRY(SSLv2), + OSSL_SSL_METHOD_ENTRY(SSLv2_server), + OSSL_SSL_METHOD_ENTRY(SSLv2_client), ++#endif + OSSL_SSL_METHOD_ENTRY(SSLv3), + OSSL_SSL_METHOD_ENTRY(SSLv3_server), + OSSL_SSL_METHOD_ENTRY(SSLv3_client), diff --git a/patches/ruby/r31346-r31528-SSLv2-183.patch b/patches/ruby/r31346-r31528-SSLv2-183.patch new file mode 100644 index 0000000..cb8e01f --- /dev/null +++ b/patches/ruby/r31346-r31528-SSLv2-183.patch @@ -0,0 +1,31 @@ +diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +index b1f2d88..1bd5a07 100644 +--- a/ext/openssl/extconf.rb ++++ b/ext/openssl/extconf.rb +@@ -100,6 +100,9 @@ + have_func("OBJ_NAME_do_all_sorted") + have_func("SSL_SESSION_get_id") + have_func("OPENSSL_cleanse") ++have_func("SSLv2_method") ++have_func("SSLv2_server_method") ++have_func("SSLv2_client_method") + if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n") + $defs.push("-DHAVE_VA_ARGS_MACRO") + end +diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c +index d8951fb..d750e95 100644 +--- a/ext/openssl/ossl_ssl.c ++++ b/ext/openssl/ossl_ssl.c +@@ -107,9 +107,12 @@ struct { + OSSL_SSL_METHOD_ENTRY(TLSv1), + OSSL_SSL_METHOD_ENTRY(TLSv1_server), + OSSL_SSL_METHOD_ENTRY(TLSv1_client), ++#if defined(HAVE_SSLV2_METHOD) && defined(HAVE_SSLV2_SERVER_METHOD) && \ ++ defined(HAVE_SSLV2_CLIENT_METHOD) + OSSL_SSL_METHOD_ENTRY(SSLv2), + OSSL_SSL_METHOD_ENTRY(SSLv2_server), + OSSL_SSL_METHOD_ENTRY(SSLv2_client), ++#endif + OSSL_SSL_METHOD_ENTRY(SSLv3), + OSSL_SSL_METHOD_ENTRY(SSLv3_server), + OSSL_SSL_METHOD_ENTRY(SSLv3_client), diff --git a/patches/ruby/r31346-r31528-SSLv2.patch b/patches/ruby/r31346-r31528-SSLv2-192.patch index 6185bca..71348ed 100644 --- a/patches/ruby/r31346-r31528-SSLv2.patch +++ b/patches/ruby/r31346-r31528-SSLv2-192.patch @@ -3,20 +3,6 @@ index b1f2d88..1bd5a07 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -100,6 +100,9 @@ - have_func("OBJ_NAME_do_all_sorted") - have_func("SSL_SESSION_get_id") - have_func("OPENSSL_cleanse") -+have_func("SSLv2_method") -+have_func("SSLv2_server_method") -+have_func("SSLv2_client_method") - if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n") - $defs.push("-DHAVE_VA_ARGS_MACRO") - end -diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb -index b1f2d88..1bd5a07 100644 ---- a/ext/openssl/extconf.rb -+++ b/ext/openssl/extconf.rb -@@ -100,6 +100,9 @@ have_func("SSL_SESSION_get_id") have_func("SSL_SESSION_cmp") have_func("OPENSSL_cleanse") @@ -35,7 +21,7 @@ index d8951fb..d750e95 100644 OSSL_SSL_METHOD_ENTRY(TLSv1_server), OSSL_SSL_METHOD_ENTRY(TLSv1_client), +#if defined(HAVE_SSLV2_METHOD) && defined(HAVE_SSLV2_SERVER_METHOD) && \ -+ defined(HAVE_SSLV2_CLIENT_METHOD) ++ defined(HAVE_SSLV2_CLIENT_METHOD) OSSL_SSL_METHOD_ENTRY(SSLv2), OSSL_SSL_METHOD_ENTRY(SSLv2_server), OSSL_SSL_METHOD_ENTRY(SSLv2_client), diff --git a/patches/ruby/r51722-SSLv3-180.patch b/patches/ruby/r51722-SSLv3-180.patch new file mode 100644 index 0000000..59f148f --- /dev/null +++ b/patches/ruby/r51722-SSLv3-180.patch @@ -0,0 +1,31 @@ +diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +for Ruby 1.8.0 to 1.9.1 +--- a/ext/openssl/extconf.rb ++++ b/ext/openssl/extconf.rb +@@ -104,6 +104,9 @@ + have_func("SSLv2_method") + have_func("SSLv2_server_method") + have_func("SSLv2_client_method") ++have_func("SSLv3_method") ++have_func("SSLv3_server_method") ++have_func("SSLv3_client_method") + if try_cpp("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1,2);}\n") + $defs.push("-DHAVE_VA_ARGS_MACRO") + end +diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c +index f7cb7f0..47111f6 100644 +--- a/ext/openssl/ossl_ssl.c ++++ b/ext/openssl/ossl_ssl.c +@@ -109,9 +109,12 @@ static const struct { + OSSL_SSL_METHOD_ENTRY(SSLv2_server), + OSSL_SSL_METHOD_ENTRY(SSLv2_client), + #endif ++#if defined(HAVE_SSLV3_METHOD) && defined(HAVE_SSLV3_SERVER_METHOD) && \ ++ defined(HAVE_SSLV3_CLIENT_METHOD) + OSSL_SSL_METHOD_ENTRY(SSLv3), + OSSL_SSL_METHOD_ENTRY(SSLv3_server), + OSSL_SSL_METHOD_ENTRY(SSLv3_client), ++#endif + OSSL_SSL_METHOD_ENTRY(SSLv23), + OSSL_SSL_METHOD_ENTRY(SSLv23_server), + OSSL_SSL_METHOD_ENTRY(SSLv23_client), diff --git a/patches/ruby/r51722-SSLv3-181.patch b/patches/ruby/r51722-SSLv3-181.patch new file mode 100644 index 0000000..268740c --- /dev/null +++ b/patches/ruby/r51722-SSLv3-181.patch @@ -0,0 +1,31 @@ +diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +for Ruby 1.8.0 to 1.9.1 +--- a/ext/openssl/extconf.rb ++++ b/ext/openssl/extconf.rb +@@ -104,6 +104,9 @@ + have_func("SSLv2_method") + have_func("SSLv2_server_method") + have_func("SSLv2_client_method") ++have_func("SSLv3_method") ++have_func("SSLv3_server_method") ++have_func("SSLv3_client_method") + if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n") + $defs.push("-DHAVE_VA_ARGS_MACRO") + end +diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c +index f7cb7f0..47111f6 100644 +--- a/ext/openssl/ossl_ssl.c ++++ b/ext/openssl/ossl_ssl.c +@@ -109,9 +109,12 @@ static const struct { + OSSL_SSL_METHOD_ENTRY(SSLv2_server), + OSSL_SSL_METHOD_ENTRY(SSLv2_client), + #endif ++#if defined(HAVE_SSLV3_METHOD) && defined(HAVE_SSLV3_SERVER_METHOD) && \ ++ defined(HAVE_SSLV3_CLIENT_METHOD) + OSSL_SSL_METHOD_ENTRY(SSLv3), + OSSL_SSL_METHOD_ENTRY(SSLv3_server), + OSSL_SSL_METHOD_ENTRY(SSLv3_client), ++#endif + OSSL_SSL_METHOD_ENTRY(SSLv23), + OSSL_SSL_METHOD_ENTRY(SSLv23_server), + OSSL_SSL_METHOD_ENTRY(SSLv23_client), diff --git a/patches/ruby/r51722-SSLv3.patch b/patches/ruby/r51722-SSLv3-192.patch index c5d70be..e96ea2f 100644 --- a/patches/ruby/r51722-SSLv3.patch +++ b/patches/ruby/r51722-SSLv3-192.patch @@ -1,19 +1,5 @@ diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb -index 8c04cb5..132d803 100644 ---- a/ext/openssl/extconf.rb -+++ b/ext/openssl/extconf.rb -@@ -104,6 +104,9 @@ - have_func("SSLv2_method") - have_func("SSLv2_server_method") - have_func("SSLv2_client_method") -+have_func("SSLv3_method") -+have_func("SSLv3_server_method") -+have_func("SSLv3_client_method") - if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n") - $defs.push("-DHAVE_VA_ARGS_MACRO") - end -diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb -index 8c04cb5..132d803 100644 +for Ruby 1.9.2 / 1.9.3 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -104,6 +104,9 @@ @@ -26,20 +12,6 @@ index 8c04cb5..132d803 100644 unless have_func("SSL_set_tlsext_host_name", ['openssl/ssl.h']) have_macro("SSL_set_tlsext_host_name", ['openssl/ssl.h']) && $defs.push("-DHAVE_SSL_SET_TLSEXT_HOST_NAME") end -diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb -index 8c04cb5..132d803 100644 ---- a/ext/openssl/extconf.rb -+++ b/ext/openssl/extconf.rb -@@ -104,6 +104,9 @@ - have_func("SSLv2_method") - have_func("SSLv2_server_method") - have_func("SSLv2_client_method") -+have_func("SSLv3_method") -+have_func("SSLv3_server_method") -+have_func("SSLv3_client_method") - have_func("TLSv1_1_method") - have_func("TLSv1_1_server_method") - have_func("TLSv1_1_client_method") diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c index f7cb7f0..47111f6 100644 --- a/ext/openssl/ossl_ssl.c diff --git a/patches/ruby/r51722-SSLv3-200.patch b/patches/ruby/r51722-SSLv3-200.patch new file mode 100644 index 0000000..53a9cd7 --- /dev/null +++ b/patches/ruby/r51722-SSLv3-200.patch @@ -0,0 +1,31 @@ +diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb +for Ruby 2.0.0 / 2.1 / 2.2 +--- a/ext/openssl/extconf.rb ++++ b/ext/openssl/extconf.rb +@@ -104,6 +104,9 @@ + have_func("SSLv2_method") + have_func("SSLv2_server_method") + have_func("SSLv2_client_method") ++have_func("SSLv3_method") ++have_func("SSLv3_server_method") ++have_func("SSLv3_client_method") + have_func("TLSv1_1_method") + have_func("TLSv1_1_server_method") + have_func("TLSv1_1_client_method") +diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c +index f7cb7f0..47111f6 100644 +--- a/ext/openssl/ossl_ssl.c ++++ b/ext/openssl/ossl_ssl.c +@@ -109,9 +109,12 @@ static const struct { + OSSL_SSL_METHOD_ENTRY(SSLv2_server), + OSSL_SSL_METHOD_ENTRY(SSLv2_client), + #endif ++#if defined(HAVE_SSLV3_METHOD) && defined(HAVE_SSLV3_SERVER_METHOD) && \ ++ defined(HAVE_SSLV3_CLIENT_METHOD) + OSSL_SSL_METHOD_ENTRY(SSLv3), + OSSL_SSL_METHOD_ENTRY(SSLv3_server), + OSSL_SSL_METHOD_ENTRY(SSLv3_client), ++#endif + OSSL_SSL_METHOD_ENTRY(SSLv23), + OSSL_SSL_METHOD_ENTRY(SSLv23_server), + OSSL_SSL_METHOD_ENTRY(SSLv23_client), |