user/ruby3.0: new aport

2023-03-31 12:51:37 -04:00 · 2023-03-31 12:51:37 -04:00 · d186e0b8bf
commit d186e0b8bf
parent 3e983b026c
5 changed files with 382 additions and 0 deletions
--- a/user/ruby3.0/APKBUILD
+++ b/user/ruby3.0/APKBUILD
@ -0,0 +1,228 @@
+# Contributor: Carlo Landmeter <clandmeter@alpinelinux.org>
+# Contributor: Jakub Jirutka <jakub@jirutka.cz>
+# Contributor: Nulo <git@nulo.in>
+# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
+#
+# secfixes:
+#   3.0.5-r0:
+#     - CVE-2021-33621
+#   3.0.4-r0:
+#     - CVE-2022-28738
+#     - CVE-2022-28739
+#   3.0.3-r0:
+#     - CVE-2021-41817
+#     - CVE-2021-41816
+#     - CVE-2021-41819
+#   2.7.4-r0:
+#     - CVE-2021-31799
+#     - CVE-2021-31810
+#     - CVE-2021-32066
+#   2.7.3-r0:
+#     - CVE-2021-28965
+#     - CVE-2021-28966
+#   2.7.2-r0:
+#     - CVE-2020-25613
+#   2.6.6-r0:
+#     - CVE-2020-10663
+#     - CVE-2020-10933
+#   2.6.5-r0:
+#     - CVE-2019-16255
+#     - CVE-2019-16254
+#     - CVE-2019-15845
+#     - CVE-2019-16201
+#   2.5.2-r0:
+#     - CVE-2018-16395
+#     - CVE-2018-16396
+#   2.5.1-r0:
+#     - CVE-2017-17742
+#     - CVE-2018-6914
+#     - CVE-2018-8777
+#     - CVE-2018-8778
+#     - CVE-2018-8779
+#     - CVE-2018-8780
+#   2.4.2-r0:
+#     - CVE-2017-0898
+#     - CVE-2017-10784
+#     - CVE-2017-14033
+#     - CVE-2017-14064
+#     - CVE-2017-0899
+#     - CVE-2017-0900
+#     - CVE-2017-0901
+#     - CVE-2017-0902
+#   2.4.3-r0:
+#     - CVE-2017-17405
+#
+pkgname=ruby3.0
+_pkgname=ruby
+# When upgrading, upgrade also each ruby-<name> aport listed in file
+# gems/bundled_gems. If some aport is missing or not in the main repo,
+# create/move it.
+pkgver=3.0.5
+_abiver="${pkgver%.*}.0"
+pkgrel=0
+pkgdesc="An object-oriented language for quick and easy programming"
+url="https://www.ruby-lang.org/"
+arch="all"
+license="Ruby AND BSD-2-Clause AND MIT"
+depends="ca-certificates"
+depends_dev="
+	$pkgname=$pkgver-r$pkgrel
+	$pkgname-rdoc=$pkgver-r$pkgrel
+	gmp-dev
+	libucontext-dev
+	"
+makedepends="$depends_dev zlib-dev openssl1.1-compat-dev gdbm-dev readline-dev
+	libffi-dev coreutils yaml-dev linux-headers autoconf"
+install="$pkgname.post-upgrade"
+subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev
+	$pkgname-rdoc::noarch
+	$pkgname-libs
+	$pkgname-full::noarch
+	"
+source="https://cache.ruby-lang.org/pub/ruby/${pkgver%.*}/ruby-$pkgver.tar.gz
+	test_insns-lower-recursion-depth.patch
+	fix-get_main_stack.patch
+	dont-install-bundled-gems.patch
+	"
+replaces="ruby-gems"
+builddir="$srcdir/$_pkgname-$pkgver"
+
+# For backward compatibility (pre 3.x).
+for _i in bigdecimal etc fiddle gdbm io-console irb json; do
+	provides="$provides ruby3.0-$_i=$pkgver-r$pkgrel"
+done
+
+_gemdir="/usr/lib/ruby/gems/$_abiver"
+_rubydir="/usr/lib/ruby/$_abiver"
+_chost="${CHOST/-alpine-/-}"
+_depends_full=''  # see prepare()
+
+case "$CARCH" in
+	x86) _arch="i386";;
+	*) _arch="$CARCH";;
+esac
+
+prepare() {
+	default_prepare
+	autoconf
+
+	# v2.7.1 - Of all the bootstraptest only test_fiber fails on s390x:
+	# test_fiber.rb bootstraptest.tmp.rb:8: [BUG] vm_call_cfunc: cfp consistency error (0x000003ffb63fefb0, 0x000003ffb42f5f58)
+	case "$CARCH" in
+		s390x) rm bootstraptest/test_fiber.rb;;
+	esac
+
+	local name ver; while read -r name ver _; do
+		case "$name=$ver" in
+			[a-z]*=[0-9]*.[0-9]*)
+				if ! apk add -qs "ruby-$name>=$ver" >/dev/null 2>&1; then
+					warning "bump package ruby-$name to version $ver"
+				fi
+				_depends_full="$_depends_full ruby-$name>=$ver"
+		esac
+	done < "$builddir"/gems/bundled_gems
+}
+
+build() {
+	# -fomit-frame-pointer makes ruby segfault, see gentoo bug #150413
+	# In many places aliasing rules are broken; play it safe
+	# as it's risky with newer compilers to leave it as it is.
+	export CFLAGS="$CFLAGS -fno-omit-frame-pointer -fno-strict-aliasing"
+	export CPPFLAGS="$CPPFLAGS -fno-omit-frame-pointer -fno-strict-aliasing"
+
+	# Needed for coroutine stuff
+	export LIBS="-lucontext"
+
+	# ruby saves path to install. we want use $PATH
+	export INSTALL=install
+
+	# the configure script does not detect isnan/isinf as macros
+	export ac_cv_func_isnan=yes
+	export ac_cv_func_isinf=yes
+
+	./configure \
+		--build=$CBUILD \
+		--host=$CHOST \
+		--prefix=/usr \
+		--sysconfdir=/etc \
+		--mandir=/usr/share/man \
+		--infodir=/usr/share/info \
+		--with-sitedir=/usr/local/lib/site_ruby \
+		--with-search-path="/usr/lib/site_ruby/\$(ruby_ver)/$_arch-linux" \
+		--enable-pthread \
+		--disable-rpath \
+		--enable-shared \
+		--with-mantype=man
+	make
+}
+
+check() {
+	make test
+}
+
+package() {
+	make DESTDIR="$pkgdir" SUDO="" install
+
+	install -m 644 -D COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
+
+	cd "$pkgdir"
+
+	# Remove bundled gem bundler; it's provided by a separate aport/package
+	# ruby-bundler.
+	rm -rf ./$_rubydir/bundler
+	rm ./$_rubydir/bundler.rb
+	rm -rf ./$_gemdir/gems/bundler-*
+	rm ./$_gemdir/specifications/default/bundler-*.gemspec
+	rm usr/bin/bundle usr/bin/bundler
+
+	# Remove bundled CA certificates; they are provided by ca-certificates.
+	rm ./$_rubydir/rubygems/ssl_certs/*/*.pem
+	rmdir ./$_rubydir/rubygems/ssl_certs/* || true
+
+	rm -Rf ./$_gemdir/cache/*
+
+	if [ -d usr/local ]; then
+		local f=$(find usr/local -type f)
+		if [ -n "$f" ]; then
+			error "Found files in /usr/local:"
+			echo "$f"
+			return 1
+		fi
+		rm -r usr/local
+	fi
+}
+
+rdoc() {
+	pkgdesc="Ruby documentation tool"
+	license="Ruby"
+	depends="$pkgname"
+
+	amove $_rubydir/rdoc
+	amove $_gemdir/gems/rdoc-*
+	amove $_gemdir/specifications/default/rdoc-*
+	amove usr/bin/ri
+	amove usr/bin/rdoc
+}
+
+libs() {
+	pkgdesc="Libraries necessary to run Ruby"
+	depends=""
+
+	amove usr/lib
+}
+
+full() {
+	pkgdesc="Ruby with all bundled gems"
+	# bundler is bundled since Ruby 2.6, so include it in ruby-full despite
+	# that it's provided by a seprate aport/package.
+	depends="ruby ruby-rdoc ruby-bundler $_depends_full"
+
+	mkdir -p "$subpkgdir"
+}
+
+sha512sums="
+ea45fcd2ca53b87f18fd8696d00a1e340d2495443216aaf87d3f643cb5bd8bb614a1faacd82d07e7f2b72172397c728316a82d7c34a7b4566191268ea517ccf7  ruby-3.0.5.tar.gz
+2ee66e841f841ad6e7c8877ec20b548d23b50d6a888a0d2d16f9062892c5d1c64efb59385f6723bae6cd1591824278787eefc0180768619c653243756d1300ab  test_insns-lower-recursion-depth.patch
+8e0a75899a3855f85441dabb6571569f13cf3472c2ccb2ec5c8e0e5cc9026af3c9951ebed4a754d9723dfd1c8ece32862802f20e18b7e5de4875125d92ef146b  fix-get_main_stack.patch
+10bda0462feaec73a7522ef622ffc18815b1d4302e771013ab78ef88d1d9f76277b1d24401eff054e031ca0fbc1ac80486d58282378cbdaf695786b212e6524d  dont-install-bundled-gems.patch
+"
--- a/user/ruby3.0/dont-install-bundled-gems.patch
+++ b/user/ruby3.0/dont-install-bundled-gems.patch
@ -0,0 +1,20 @@
+Don't install bundled gems - we package them separately.
+
+--- a/tool/rbinstall.rb
+++ b/tool/rbinstall.rb
+@@ -947,6 +947,7 @@
+   end
+ end
+ 
+=begin XXX-Patched
+ install?(:ext, :comm, :gem, :'bundled-gems') do
+   gem_dir = Gem.default_dir
+   install_dir = with_destdir(gem_dir)
+@@ -1026,6 +1027,7 @@
+     puts "skip installing bundled gems because of lacking zlib"
+   end
+ end
+=end
+ 
+ parse_args()
+ 
--- a/user/ruby3.0/fix-get_main_stack.patch
+++ b/user/ruby3.0/fix-get_main_stack.patch
@ -0,0 +1,70 @@
+diff --git a/thread_pthread.c b/thread_pthread.c
+index 951885ffa0..cf90321d1d 100644
+--- a/thread_pthread.c
+++ b/thread_pthread.c
+@@ -681,9 +689,6 @@ hpux_attr_getstackaddr(const pthread_attr_t *attr, void **addr)
+ #   define MAINSTACKADDR_AVAILABLE 0
+ # endif
+ #endif
+-#if MAINSTACKADDR_AVAILABLE && !defined(get_main_stack)
+-# define get_main_stack(addr, size) get_stack(addr, size)
+-#endif
+ 
+ #ifdef STACKADDR_AVAILABLE
+ /*
+@@ -765,6 +762,55 @@ get_stack(void **addr, size_t *size)
+     return 0;
+ #undef CHECK_ERR
+ }
+
+#if defined(__linux__) && !defined(__GLIBC__) && defined(HAVE_GETRLIMIT)
+
+#ifndef PAGE_SIZE
+#include <unistd.h>
+#define PAGE_SIZE sysconf(_SC_PAGE_SIZE)
+#endif
+
+static int
+get_main_stack(void **addr, size_t *size)
+{
+    size_t start, end, limit, prevend = 0;
+    struct rlimit r;
+    FILE *f;
+    char buf[PATH_MAX+80], s[8];
+    int n;
+    STACK_GROW_DIR_DETECTION;
+
+    f = fopen("/proc/self/maps", "re");
+    if (!f)
+        return -1;
+    n = 0;
+    while (fgets(buf, sizeof buf, f)) {
+        n = sscanf(buf, "%zx-%zx %*s %*s %*s %*s %7s", &start, &end, s);
+        if (n >= 2) {
+            if (n == 3 && strcmp(s, "[stack]") == 0)
+                break;
+            prevend = end;
+        }
+        n = 0;
+    }
+    fclose(f);
+    if (n == 0)
+        return -1;
+
+    limit = 100 << 20; /* 100MB stack limit */
+    if (getrlimit(RLIMIT_STACK, &r)==0 && r.rlim_cur < limit)
+        limit = r.rlim_cur & -PAGE_SIZE;
+    if (limit > end) limit = end;
+    if (prevend < end - limit) prevend = end - limit;
+    if (start > prevend) start = prevend;
+    *addr = IS_STACK_DIR_UPPER() ? (void *)start : (void *)end;
+    *size = end - start;
+    return 0;
+}
+#else
+# define get_main_stack(addr, size) get_stack(addr, size)
+#endif
+
+ #endif
+ 
+ static struct {
--- a/user/ruby3.0/ruby3.0.post-upgrade
+++ b/user/ruby3.0/ruby3.0.post-upgrade
@ -0,0 +1,17 @@
+#!/bin/sh
+
+ver_new="$1"
+ver_old="$2"
+
+if [ "$(apk version -t "$ver_old" "2.5.0-r0")" = "<" ]; then
+	cat >&2 <<-EOF
+	*
+	* In Ruby 2.5 more parts of the stdlib has been splitted into standalone
+	* gems, yet still installed with Ruby by default. We have moved some of
+	* them into separate subpackages. If you don't know which subpackages you
+	* need, you may install meta-package "ruby-full".
+	* 
+	EOF
+fi
+
+exit 0
--- a/user/ruby3.0/test_insns-lower-recursion-depth.patch
+++ b/user/ruby3.0/test_insns-lower-recursion-depth.patch
@ -0,0 +1,47 @@
+The patched test is a recursion function. We have lower stack size,
+so we hit SystemStackError sooner than on other platforms.
+
+  #361 test_insns.rb:389:in `block in <top (required)>':
+     # recursive once
+     def once n
+       return %r/#{
+         if n == 0
+           true
+         else
+           once(n-1)             # here
+         end
+       }/ox
+     end
+     x = once(128); x = once(7); x = once(16);
+     x =~ "true" && $~
+    #=> "" (expected "true")  once
+  Stderr output is not empty
+     bootstraptest.tmp.rb:3:in `once': stack level too deep (SystemStackError)
+             from bootstraptest.tmp.rb:7:in `block in once'
+             from bootstraptest.tmp.rb:3:in `once'
+             from bootstraptest.tmp.rb:7:in `block in once'
+             from bootstraptest.tmp.rb:3:in `once'
+             from bootstraptest.tmp.rb:7:in `block in once'
+             from bootstraptest.tmp.rb:3:in `once'
+             from bootstraptest.tmp.rb:7:in `block in once'
+             from bootstraptest.tmp.rb:3:in `once'
+              ... 125 levels...
+             from bootstraptest.tmp.rb:3:in `once'
+             from bootstraptest.tmp.rb:7:in `block in once'
+             from bootstraptest.tmp.rb:3:in `once'
+             from bootstraptest.tmp.rb:11:in `<main>'
+  Test_insns.rb           FAIL 1/187
+  FAIL 1/1197 tests failed
+  Make: *** [uncommon.mk:666: yes-btest-ruby] Error 1
+
+--- a/bootstraptest/test_insns.rb
+++ b/bootstraptest/test_insns.rb
+@@ -273,7 +273,7 @@
+         end
+       }/ox
+     end
+-    x = once(128); x = once(7); x = once(16);
+    x = once(32); x = once(7); x = once(16);
+     x =~ "true" && $~
+   },
+   [ 'once', <<-'},', ],         # {