[ruby] Fix build against OpenSSL with enabled ECC curves.

Vít Ondruch vondruch at fedoraproject.org
Tue May 21 11:36:43 UTC 2013 

commit 1ae6ae5b623869a42127e48f845a6721292bbddd
Author: Vít Ondruch <vondruch at redhat.com>
Date:   Tue May 21 11:30:34 2013 +0200

    Fix build against OpenSSL with enabled ECC curves.

 ...d-against-OpenSSL-with-enabled-ECC-curves.patch |   85 ++++++++++++++++++++
 ruby.spec                                          |    7 ++
 2 files changed, 92 insertions(+), 0 deletions(-)
---
diff --git a/ruby-2.0.0-p195-Fix-build-against-OpenSSL-with-enabled-ECC-curves.patch b/ruby-2.0.0-p195-Fix-build-against-OpenSSL-with-enabled-ECC-curves.patch
new file mode 100644
index 0000000..461b787
--- /dev/null
+++ b/ruby-2.0.0-p195-Fix-build-against-OpenSSL-with-enabled-ECC-curves.patch
@@ -0,0 +1,85 @@
+From 5617aafa2d44d0a4bc811830e225463abd01b2b2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?V=C3=ADt=20Ondruch?= <vondruch at redhat.com>
+Date: Tue, 21 May 2013 10:01:33 +0200
+Subject: [PATCH] Fix build against OpenSSL with enabled ECC curves.
+
+---
+ ext/openssl/ossl_pkey_ec.c   |  4 ++++
+ test/openssl/test_pkey_ec.rb | 26 +++++++++++++-------------
+ 2 files changed, 17 insertions(+), 13 deletions(-)
+
+diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c
+index 8e6d88f..29e28ca 100644
+--- a/ext/openssl/ossl_pkey_ec.c
++++ b/ext/openssl/ossl_pkey_ec.c
+@@ -762,8 +762,10 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
+                 method = EC_GFp_mont_method();
+             } else if (id == s_GFp_nist) {
+                 method = EC_GFp_nist_method();
++#if !defined(OPENSSL_NO_EC2M)
+             } else if (id == s_GF2m_simple) {
+                 method = EC_GF2m_simple_method();
++#endif
+             }
+ 
+             if (method) {
+@@ -817,8 +819,10 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
+ 
+             if (id == s_GFp) {
+                 new_curve = EC_GROUP_new_curve_GFp;
++#if !defined(OPENSSL_NO_EC2M)
+             } else if (id == s_GF2m) {
+                 new_curve = EC_GROUP_new_curve_GF2m;
++#endif
+             } else {
+                 ossl_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m");
+             }
+diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb
+index f151335..56f3ff7 100644
+--- a/test/openssl/test_pkey_ec.rb
++++ b/test/openssl/test_pkey_ec.rb
+@@ -7,28 +7,28 @@ class OpenSSL::TestEC < Test::Unit::TestCase
+     @data1 = 'foo'
+     @data2 = 'bar' * 1000 # data too long for DSA sig
+ 
+-    @group1 = OpenSSL::PKey::EC::Group.new('secp112r1')
+-    @group2 = OpenSSL::PKey::EC::Group.new('sect163k1')
+-    @group3 = OpenSSL::PKey::EC::Group.new('prime256v1')
++    @groups = []
++    @keys = []
+ 
+-    @key1 = OpenSSL::PKey::EC.new
+-    @key1.group = @group1
+-    @key1.generate_key
++    OpenSSL::PKey::EC.builtin_curves.each do |curve, comment|
++      group = OpenSSL::PKey::EC::Group.new(curve)
+ 
+-    @key2 = OpenSSL::PKey::EC.new(@group2.curve_name)
+-    @key2.generate_key
++      key = OpenSSL::PKey::EC.new(group)
++      key.generate_key
+ 
+-    @key3 = OpenSSL::PKey::EC.new(@group3)
+-    @key3.generate_key
+-
+-    @groups = [@group1, @group2, @group3]
+-    @keys = [@key1, @key2, @key3]
++      @groups << group
++      @keys << key
++    end
+   end
+ 
+   def compare_keys(k1, k2)
+     assert_equal(k1.to_pem, k2.to_pem)
+   end
+ 
++  def test_builtin_curves
++    assert(!OpenSSL::PKey::EC.builtin_curves.empty?)
++  end
++
+   def test_curve_names
+     @groups.each_with_index do |group, idx|
+       key = @keys[idx]
+-- 
+1.8.2.1
+
diff --git a/ruby.spec b/ruby.spec
index 2a72381..a0dd183 100644
--- a/ruby.spec
+++ b/ruby.spec
@@ -135,6 +135,11 @@ Patch13: rubygems-2.0.0-Do-not-modify-global-Specification.dirs-during-insta.pat
 # This prevents issues, when ruby configuration specifies --with-ruby-version=''.
 # https://github.com/rubygems/rubygems/pull/455
 Patch14: rubygems-2.0.0-Fixes-for-empty-ruby-version.patch
+# Although this does not directly affects Fedora ATM, it might be issue when
+# rebuilding package on different platform (RHEL7). Please keep the patch until
+# it is resolved in upstream.
+# https://bugs.ruby-lang.org/issues/8384
+Patch15: ruby-2.0.0-p195-Fix-build-against-OpenSSL-with-enabled-ECC-curves.patch
 
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Requires: ruby(rubygems) >= %{rubygems_version}
@@ -398,6 +403,7 @@ Tcl/Tk interface for the object-oriented scripting language Ruby.
 %patch12 -p1
 %patch13 -p1
 %patch14 -p1
+%patch15 -p1
 
 # Provide an example of usage of the tapset:
 cp -a %{SOURCE3} .
@@ -844,6 +850,7 @@ make check TESTS="-v $DISABLE_TESTS"
 * Fri May 17 2013 Vít Ondruch <vondruch at redhat.com> - 2.0.0.195-8
 - Update to Ruby 2.0.0-p195 (rhbz#917374).
 - Fix object taint bypassing in DL and Fiddle (CVE-2013-2065).
+- Fix build against OpenSSL with enabled ECC curves.
 
 * Fri Apr 19 2013 Vít Ondruch <vondruch at redhat.com> - 2.0.0.0-7
 - Macro definition moved into macros.ruby and macros.rubygems files.

More information about the scm-commits mailing list