Dne 08. 11. 23 v 18:31 Jun Aruga (he / him) napsal(a):
Hello folks in Ruby SIG.I just want to share that right now rpms/ruby started to fail in Fedora rawhide after the dependent openssl version was upgraded from openssl 1:3.1.1-4.fc40 to 1:3.1.4-1.fc40. https://koschei.fedoraproject.org/package/ruby?collection=f40 ``` 1) Failure: OpenSSL::TestFIPS#test_fips_mode_get_is_true_on_fips_mode_enabled [/builddir/build/BUILD/ruby-3.2.2/test/openssl/test_fips.rb:12]: assert_separately failed with error message pid 93922 exit 1 | /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError) | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `new' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `new' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:37:in `<class:SSLContext>' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:23:in `<module:SSL>' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:22:in `<module:OpenSSL>' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:21:in `<top (required)>' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl.rb:21:in `require_relative' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl.rb:21:in `<top (required)>' | from -:in `require' 2) Failure: OpenSSL::TestFIPS#test_fips_mode_get_with_fips_mode_set [/builddir/build/BUILD/ruby-3.2.2/test/openssl/test_fips.rb:38]: assert_separately failed with error message pid 93924 exit 1 | /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError) | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `new' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/pkey.rb:132:in `new' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:37:in `<class:SSLContext>' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:23:in `<module:SSL>' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:22:in `<module:OpenSSL>' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl/ssl.rb:21:in `<top (required)>' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl.rb:21:in `require_relative' | from /builddir/build/BUILD/ruby-3.2.2/redhat-linux-build/.ext/common/openssl.rb:21:in `<top (required)>' | from -:in `require' ``` It seems that we need to apply the following patch that I applied to CentOS 9 stream and RHEL 9 into Fedora too. I will work on it to pass the tests on the current rawhide. https://gitlab.com/redhat/centos-stream/rpms/ruby/-/commit/59242d8ce8261a9759dfb2bd8db673e55061a28b
Thx!
As a note, we can remove this patch after upgrading Ruby to 3.3.0.
BTW could you also please check the patch was backported into upstream Ruby 3.2 or older? That way we could eventually drop it from everywhere. Thx.
Vít
Jun
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ ruby-sig mailing list -- ruby-sig@lists.fedoraproject.org To unsubscribe send an email to ruby-sig-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/ruby-sig@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
