commit: 23e1b816a316b23daa8f8635faf3bd08fa7f2a85 Author: orbea <orbea <AT> riseup <DOT> net> AuthorDate: Fri Oct 7 17:24:58 2022 +0000 Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com> CommitDate: Fri Oct 7 21:11:15 2022 +0000 URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=23e1b816
dev-lang/ruby: Fix 3.0.4 for libressl 3.6.x Signed-off-by: orbea <orbea <AT> riseup.net> Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com> dev-lang/ruby/files/ruby-3.0-libressl.patch | 39 +++++++++++++++++++++++++++++ dev-lang/ruby/ruby-3.0.4.ebuild | 2 +- 2 files changed, 40 insertions(+), 1 deletion(-) diff --git a/dev-lang/ruby/files/ruby-3.0-libressl.patch b/dev-lang/ruby/files/ruby-3.0-libressl.patch new file mode 100644 index 0000000..8464eca --- /dev/null +++ b/dev-lang/ruby/files/ruby-3.0-libressl.patch @@ -0,0 +1,39 @@ +From OpenBSD: + +https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang/ruby/3.0/patches/patch-ext_openssl_ossl_ocsp_c + +Fix build with opaque OCSP_BASICRESP in LibreSSL 3.5. +The bug this works around should be fixed since LibreSSL 2.4.2 +as far as I can tell. + +Index: ext/openssl/ossl_ocsp.c +--- a/ext/openssl/ossl_ocsp.c.orig ++++ b/ext/openssl/ossl_ocsp.c +@@ -1093,7 +1093,7 @@ ossl_ocspbres_verify(int argc, VALUE *argv, VALUE self + * exists in LibreSSL 2.1.10, 2.2.9, 2.3.6, 2.4.1. + */ + if (!(flg & (OCSP_NOCHAIN | OCSP_NOVERIFY)) && +- sk_X509_num(x509s) && sk_X509_num(bs->certs)) { ++ sk_X509_num(x509s) && sk_X509_num(OCSP_resp_get0_certs(bs))) { + int i; + + bs = ASN1_item_dup(ASN1_ITEM_rptr(OCSP_BASICRESP), bs); +From OpenBSD: + +https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang/ruby/3.0/patches/patch-ext_openssl_extconf_rb + +Make sure the TS_VERIFY_CTS_set_certs() macro gets picked up correctly. +It is a function in OpenSSL 1.1 and a macro in LibreSSL and OpenSSL 3. + +Index: ext/openssl/extconf.rb +--- a/ext/openssl/extconf.rb.orig ++++ b/ext/openssl/extconf.rb +@@ -176,7 +176,7 @@ have_func("SSL_SESSION_get_protocol_version") + have_func("TS_STATUS_INFO_get0_status") + have_func("TS_STATUS_INFO_get0_text") + have_func("TS_STATUS_INFO_get0_failure_info") +-have_func("TS_VERIFY_CTS_set_certs") ++have_func("TS_VERIFY_CTS_set_certs(NULL, NULL)", "openssl/ts.h") + have_func("TS_VERIFY_CTX_set_store") + have_func("TS_VERIFY_CTX_add_flags") + have_func("TS_RESP_CTX_set_time_cb") diff --git a/dev-lang/ruby/ruby-3.0.4.ebuild b/dev-lang/ruby/ruby-3.0.4.ebuild index 9f5a035..557379d 100644 --- a/dev-lang/ruby/ruby-3.0.4.ebuild +++ b/dev-lang/ruby/ruby-3.0.4.ebuild @@ -65,7 +65,7 @@ PDEPEND=" xemacs? ( app-xemacs/ruby-modes )" src_prepare() { - eapply "${FILESDIR}"/${PN}-2.7-libressl.patch + eapply "${FILESDIR}"/${PN}-3.0-libressl.patch eapply "${FILESDIR}"/"${SLOT}"/010*.patch if use elibc_musl ; then
