user/ruby2.7: new aport

This commit is contained in:
build@apk-groulx 2023-01-11 13:26:42 +00:00
parent e588846d6f
commit 14df99d325
4 changed files with 510 additions and 0 deletions

362
user/ruby2.7/APKBUILD Normal file
View file

@ -0,0 +1,362 @@
# Contributor: Carlo Landmeter <clandmeter@alpinelinux.org>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Contributor: Nulo <git@nulo.in>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
# 2.7.6-r0:
# - CVE-2022-28739
# 2.7.5-r0:
# - CVE-2021-41817
# - CVE-2021-41816
# - CVE-2021-41819
# 2.7.4-r0:
# - CVE-2021-31799
# - CVE-2021-31810
# - CVE-2021-32066
# 2.7.3-r0:
# - CVE-2021-28965
# - CVE-2021-28966
# 2.7.2-r0:
# - CVE-2020-25613
# 2.6.6-r0:
# - CVE-2020-10663
# - CVE-2020-10933
# 2.6.5-r0:
# - CVE-2019-16255
# - CVE-2019-16254
# - CVE-2019-15845
# - CVE-2019-16201
# 2.5.2-r0:
# - CVE-2018-16395
# - CVE-2018-16396
# 2.5.1-r0:
# - CVE-2017-17742
# - CVE-2018-6914
# - CVE-2018-8777
# - CVE-2018-8778
# - CVE-2018-8779
# - CVE-2018-8780
# 2.4.2-r0:
# - CVE-2017-0898
# - CVE-2017-10784
# - CVE-2017-14033
# - CVE-2017-14064
# - CVE-2017-0899
# - CVE-2017-0900
# - CVE-2017-0901
# - CVE-2017-0902
# 2.4.3-r0:
# - CVE-2017-17405
#
pkgname=ruby2.7
_pkgname=ruby
pkgver=2.7.6
_abiver="${pkgver%.*}.0"
pkgrel=0
pkgdesc="An object-oriented language for quick and easy programming"
url="https://www.ruby-lang.org/"
arch="all"
license="Ruby AND BSD-2-Clause AND MIT"
depends="ca-certificates !ruby"
depends_dev="$pkgname=$pkgver-r$pkgrel gmp-dev libucontext-dev"
makedepends="$depends_dev zlib-dev openssl-dev gdbm-dev readline-dev
libffi-dev coreutils yaml-dev linux-headers autoconf"
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev
$pkgname-bigdecimal
$pkgname-etc
$pkgname-fiddle
$pkgname-gdbm
$pkgname-io-console:io_console
$pkgname-irb::noarch
$pkgname-json
$pkgname-minitest::noarch
$pkgname-net-telnet:net_telnet:noarch
$pkgname-power_assert::noarch
$pkgname-rake::noarch
$pkgname-rdoc::noarch
$pkgname-sdbm
$pkgname-test-unit:test_unit:noarch
$pkgname-webrick::noarch
$pkgname-xmlrpc::noarch
$pkgname-libs
$pkgname-full::noarch
"
source="https://cache.ruby-lang.org/pub/ruby/${pkgver%.*}/ruby-$pkgver.tar.gz
rubygems-avoid-platform-specific-gems.patch
test_insns-lower-recursion-depth.patch
fix-get_main_stack.patch
"
builddir="$srcdir/$_pkgname-$pkgver"
_gemdir="/usr/lib/ruby/gems/$_abiver"
_rubydir="/usr/lib/ruby/$_abiver"
_chost="${CHOST/-alpine-/-}"
case "$CARCH" in
x86) _arch="i386";;
*) _arch="$CARCH";;
esac
_bundled_gems=
for _i in $subpackages; do
case "$_i" in
*-dev | *-doc | *-libs | *-full:*) continue;;
*) _bundled_gems="$_bundled_gems ${_i%%:*}";;
esac
done
prepare() {
default_prepare
autoconf
# v2.7.1 - Of all the bootstraptest only test_fiber fails on s390x:
# test_fiber.rb bootstraptest.tmp.rb:8: [BUG] vm_call_cfunc: cfp consistency error (0x000003ffb63fefb0, 0x000003ffb42f5f58)
case "$CARCH" in
s390x)
rm bootstraptest/test_fiber.rb ;;
esac
}
build() {
# -fomit-frame-pointer makes ruby segfault, see gentoo bug #150413
# In many places aliasing rules are broken; play it safe
# as it's risky with newer compilers to leave it as it is.
export CFLAGS="${CFLAGS/-Os/-O2} -fno-omit-frame-pointer -fno-strict-aliasing"
export CPPFLAGS="${CPPFLAGS/-Os/-O2} -fno-omit-frame-pointer -fno-strict-aliasing"
# Needed for coroutine stuff
export LIBS="-lucontext"
# ruby saves path to install. we want use $PATH
export INSTALL=install
# the configure script does not detect isnan/isinf as macros
export ac_cv_func_isnan=yes
export ac_cv_func_isinf=yes
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--sysconfdir=/etc \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--with-sitedir=/usr/local/lib/site_ruby \
--with-search-path="/usr/lib/site_ruby/\$(ruby_ver)/$_arch-linux" \
--enable-pthread \
--disable-rpath \
--enable-shared \
--with-mantype=man
make
}
check() {
make test
}
package() {
make DESTDIR="$pkgdir" install
install -m 644 -D COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
# Remove bundled gem bundler; it's provided by a separate aport/package
# ruby-bundler.
subpkgdir=".trash" _mvgem bundler && rm -Rf .trash
rm usr/bin/bundle usr/bin/bundler
rm usr/share/man/man1/bundle* usr/share/man/man5/gemfile.5*
# Remove bundled CA certificates; they are provided by ca-certificates.
rm "$pkgdir"/$_rubydir/rubygems/ssl_certs/*/*.pem
rmdir "$pkgdir"/$_rubydir/rubygems/ssl_certs/* || true
rm -Rf "$pkgdir"/$_gemdir/cache/*
if [ -d "$pkgdir"/usr/local ]; then
local f=$(cd "$pkgdir" ; find usr/local -type f)
if [ -n "$f" ]; then
error "Found files in /usr/local:"
echo "$f"
return 1
fi
rm -r "$pkgdir"/usr/local
fi
}
bigdecimal() {
pkgdesc="Ruby arbitrary-precision floating point decimal arithmetic"
license="Ruby"
depends="$pkgname-libs"
_mvgem bigdecimal
}
etc() {
pkgdesc="Provides access to information typically stored in UNIX /etc directory"
license="BSD-2-Clause"
depends=""
_mvgem etc
}
fiddle() {
pkgdesc="A libffi wrapper for Ruby"
license="BSD-2-Clause"
depends=""
_mvgem fiddle
}
gdbm() {
pkgdesc="Ruby extension for GNU dbm"
license="BSD-2-Clause"
depends=""
_mvgem gdbm
}
io_console() {
pkgdesc="Ruby simple console IO library"
license="BSD-2-Clause"
depends=""
_mvgem io-console
_mv $_rubydir/io \
$_rubydir/$_chost/io/console.so
}
irb() {
pkgdesc="The Interactive Ruby"
replaces="$pkgname"
depends="$pkgname $pkgname-io-console"
cd "$pkgdir"
_mvgem irb
_mv usr/bin/irb
}
json() {
pkgdesc="JSON implementation as a Ruby extension in C"
license="Ruby"
depends=""
_mvgem json
}
minitest() {
pkgdesc="Ruby suite of testing facilities"
license="MIT"
depends="$pkgname"
_mvgem minitest
}
net_telnet() {
pkgdesc="Telnet client functionality for Ruby"
depends="$pkgname-libs"
_mvgem net-telnet
}
power_assert() {
pkgdesc="Power Assert for Ruby"
depends="$pkgname-libs"
_mvgem power_assert
}
rake() {
pkgdesc="Ruby based make-like utility"
license="MIT"
depends="$pkgname"
_mvgem rake
_mv usr/bin/rake
}
rdoc() {
pkgdesc="Ruby documentation tool"
license="Ruby"
depends="$pkgname $pkgname-json $pkgname-io-console"
_mvgem rdoc
_mv usr/bin/ri \
usr/bin/rdoc
}
sdbm() {
pkgdesc="A simple file-based key-value store with String keys and values for Ruby"
license="BSD-2-Clause"
depends=""
_mvgem sdbm
}
test_unit() {
pkgdesc="An xUnit family unit testing framework for Ruby"
license="Ruby PSFL"
depends="$pkgname $pkgname-power_assert"
_mvgem test-unit
}
webrick() {
pkgdesc="HTTP server toolkit for Ruby"
license="BSD-2-Clause"
depends="$pkgname $pkgname-etc"
_mvgem webrick
}
xmlrpc() {
pkgdesc="XMLRPC library for Ruby"
license="Ruby"
depends="$pkgname-libs"
_mvgem xmlrpc
}
libs() {
pkgdesc="Libraries necessary to run Ruby"
depends=""
mkdir -p "$subpkgdir"/usr
mv "$pkgdir"/usr/lib "$subpkgdir"/usr/
}
full() {
pkgdesc="Ruby with all bundled gems"
# bundler is bundled since Ruby 2.6, so include it in ruby-full despite
# that it's provided by a seprate aport/package.
depends="ruby $_bundled_gems ruby-bundler"
mkdir -p "$subpkgdir"
}
_mv() {
local i; for i in "$@"; do
mkdir -p "$subpkgdir"/${i%/*}
mv "$pkgdir"/$i "$subpkgdir"/${i%/*}/
done
}
_mvgem() {
cd "$pkgdir"
local path; for path in ./$_rubydir/$1.rb \
./$_rubydir/$1 \
./$_rubydir/$_chost/$1 \
./$_rubydir/$_chost/$1.so \
./$_gemdir/gems/$1-* \
./$_gemdir/specifications/$1-* \
./$_gemdir/specifications/default/$1-* ; do
[ ! -e "$pkgdir/$path" ] || _mv "$path"
done
}
sha512sums="
94810bb204cec55b5bbec8d51a5f5cc696613d1812b152399441a5cc7e4eddd2b376bc85e16d8da0b12f1938d19bf0d056b49a028809c036fb5a446a65bffbee ruby-2.7.6.tar.gz
a142199140fa711a64717429e9069fd2082319abaf4b129f561db374b3bc16e2a90cc4c849b5d28334505d1c71fed242aef3c44d983da3513d239dcb778673a5 rubygems-avoid-platform-specific-gems.patch
43c1fc80f0dcb4f24d891478889808583da90dc9e0df74c3b1cf41253c13a0d416d2b7ae17e7d53ac1238340a845b088f0fe20324a79905cc6b950b3dcfa4ac6 test_insns-lower-recursion-depth.patch
3ffc034c01110ee5531265333ca5ee8d61d08131843fe3004c5b34c88c9c1b32cb4ed89574f393177c8bd526e9c15da61ab344f93adf07b9148c561ee19e2eb5 fix-get_main_stack.patch
"

View file

@ -0,0 +1,70 @@
diff --git a/thread_pthread.c b/thread_pthread.c
index 951885ffa0..cf90321d1d 100644
--- a/thread_pthread.c
+++ b/thread_pthread.c
@@ -656,9 +656,6 @@ hpux_attr_getstackaddr(const pthread_attr_t *attr, void **addr)
# define MAINSTACKADDR_AVAILABLE 0
# endif
#endif
-#if MAINSTACKADDR_AVAILABLE && !defined(get_main_stack)
-# define get_main_stack(addr, size) get_stack(addr, size)
-#endif
#ifdef STACKADDR_AVAILABLE
/*
@@ -740,6 +737,55 @@ get_stack(void **addr, size_t *size)
return 0;
#undef CHECK_ERR
}
+
+#if defined(__linux__) && !defined(__GLIBC__) && defined(HAVE_GETRLIMIT)
+
+#ifndef PAGE_SIZE
+#include <unistd.h>
+#define PAGE_SIZE sysconf(_SC_PAGE_SIZE)
+#endif
+
+static int
+get_main_stack(void **addr, size_t *size)
+{
+ size_t start, end, limit, prevend = 0;
+ struct rlimit r;
+ FILE *f;
+ char buf[PATH_MAX+80], s[8];
+ int n;
+ STACK_GROW_DIR_DETECTION;
+
+ f = fopen("/proc/self/maps", "re");
+ if (!f)
+ return -1;
+ n = 0;
+ while (fgets(buf, sizeof buf, f)) {
+ n = sscanf(buf, "%zx-%zx %*s %*s %*s %*s %7s", &start, &end, s);
+ if (n >= 2) {
+ if (n == 3 && strcmp(s, "[stack]") == 0)
+ break;
+ prevend = end;
+ }
+ n = 0;
+ }
+ fclose(f);
+ if (n == 0)
+ return -1;
+
+ limit = 100 << 20; /* 100MB stack limit */
+ if (getrlimit(RLIMIT_STACK, &r)==0 && r.rlim_cur < limit)
+ limit = r.rlim_cur & -PAGE_SIZE;
+ if (limit > end) limit = end;
+ if (prevend < end - limit) prevend = end - limit;
+ if (start > prevend) start = prevend;
+ *addr = IS_STACK_DIR_UPPER() ? (void *)start : (void *)end;
+ *size = end - start;
+ return 0;
+}
+#else
+# define get_main_stack(addr, size) get_stack(addr, size)
+#endif
+
#endif
static struct {

View file

@ -0,0 +1,31 @@
From: Jakub Jirutka <jakub@jirutka.cz>
Date: Fri, 19 May 2017 19:56:00 +0200
Subject: [PATCH] Rubygems: don't install platform-specific gems
Gems with native extensions typically contain just source code that is
built during installation on user's system. However, Rubygems allows to
publish even platform-specific gems with prebuilt binaries for specific
platform. The problem is that Rubygems uses only short platform
identification like x86_64-linux; it does not identify used libc.
And sadly platform-specific gems for linux are built against glibc, so
they may not work on musl libc.
This patch is a workaround for the aforesaid problem. It removes local
platform from Rubygems' supported platforms to force it always pick
a platform-agnostic (source) gem. Users can override it using
`--platform` option.
--- a/lib/rubygems.rb
+++ b/lib/rubygems.rb
@@ -759,7 +759,10 @@
def self.platforms
@platforms ||= []
if @platforms.empty?
- @platforms = [Gem::Platform::RUBY, Gem::Platform.local]
+ # XXX: Patched to avoid installing platform-specific gems with binaries
+ # linked against glibc.
+ @platforms = [Gem::Platform::RUBY]
+ #@platforms = [Gem::Platform::RUBY, Gem::Platform.local]
end
@platforms
end

View file

@ -0,0 +1,47 @@
The patched test is a recursion function. We have lower stack size,
so we hit SystemStackError sooner than on other platforms.
#361 test_insns.rb:389:in `block in <top (required)>':
# recursive once
def once n
return %r/#{
if n == 0
true
else
once(n-1) # here
end
}/ox
end
x = once(128); x = once(7); x = once(16);
x =~ "true" && $~
#=> "" (expected "true") once
Stderr output is not empty
bootstraptest.tmp.rb:3:in `once': stack level too deep (SystemStackError)
from bootstraptest.tmp.rb:7:in `block in once'
from bootstraptest.tmp.rb:3:in `once'
from bootstraptest.tmp.rb:7:in `block in once'
from bootstraptest.tmp.rb:3:in `once'
from bootstraptest.tmp.rb:7:in `block in once'
from bootstraptest.tmp.rb:3:in `once'
from bootstraptest.tmp.rb:7:in `block in once'
from bootstraptest.tmp.rb:3:in `once'
... 125 levels...
from bootstraptest.tmp.rb:3:in `once'
from bootstraptest.tmp.rb:7:in `block in once'
from bootstraptest.tmp.rb:3:in `once'
from bootstraptest.tmp.rb:11:in `<main>'
Test_insns.rb FAIL 1/187
FAIL 1/1197 tests failed
Make: *** [uncommon.mk:666: yes-btest-ruby] Error 1
--- a/bootstraptest/test_insns.rb
+++ b/bootstraptest/test_insns.rb
@@ -276,7 +276,7 @@
end
}/ox
end
- x = once(128); x = once(7); x = once(16);
+ x = once(32); x = once(7); x = once(16);
x =~ "true" && $~
},
[ 'once', <<-'},', ], # {