[pkgsrc/trunk]: pkgsrc/lang/ruby18-base Apply patch from Ruby's repository, r...

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/989661c9dd9b
branches:  trunk
changeset: 554787:989661c9dd9b
user:      taca <taca%pkgsrc.org@localhost>
date:      Fri Feb 20 12:32:26 2009 +0000

description:
Apply patch from Ruby's repository, revision 22440.

It fixes OCPS(Online Certificate Status Protocol) verify method wasn't always
return false when verify was failed in OpenSSL's correspondence library.
(It might be possible security risk for using OCPS.

Fix small PLIST improvement, too.

Bump PKGREVISION.

diffstat:

 lang/ruby18-base/Makefile         |   4 ++--
 lang/ruby18-base/PLIST.common_end |   4 ++--
 lang/ruby18-base/distinfo         |   3 ++-
 lang/ruby18-base/patches/patch-dj |  34 ++++++++++++++++++++++++++++++++++
 4 files changed, 40 insertions(+), 5 deletions(-)

diffs (82 lines):

diff -r f9aa0659744b -r 989661c9dd9b lang/ruby18-base/Makefile
--- a/lang/ruby18-base/Makefile Fri Feb 20 12:29:34 2009 +0000
+++ b/lang/ruby18-base/Makefile Fri Feb 20 12:32:26 2009 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.48 2008/09/15 03:30:22 taca Exp $
+# $NetBSD: Makefile,v 1.49 2009/02/20 12:32:26 taca Exp $
 #
 
 DISTNAME=      ${RUBY_DISTNAME}
 PKGNAME=       ${RUBY_PKGPREFIX}-base-${RUBY_VERSION_SUFFIX}
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    lang ruby
 MASTER_SITES=  ${MASTER_SITE_RUBY}
 #PKGREVISION=
diff -r f9aa0659744b -r 989661c9dd9b lang/ruby18-base/PLIST.common_end
--- a/lang/ruby18-base/PLIST.common_end Fri Feb 20 12:29:34 2009 +0000
+++ b/lang/ruby18-base/PLIST.common_end Fri Feb 20 12:32:26 2009 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST.common_end,v 1.7 2008/06/19 14:35:37 taca Exp $
+@comment $NetBSD: PLIST.common_end,v 1.8 2009/02/20 12:32:26 taca Exp $
 @dirrm ${RUBY_LIB}/bigdecimal
 @dirrm ${RUBY_LIB}/cgi/session
 @dirrm ${RUBY_LIB}/cgi
@@ -100,4 +100,4 @@
 @dirrm ${RUBY_EG}
 @dirrm ${RUBY_SITERIDIR}
 @dirrm ${RUBY_BASERIDIR}
-@dirrm ${RUBY_RIDIR}
+@unexec ${RMDIR} %D/${RUBY_RIDIR} 2>/dev/null || ${TRUE}
diff -r f9aa0659744b -r 989661c9dd9b lang/ruby18-base/distinfo
--- a/lang/ruby18-base/distinfo Fri Feb 20 12:29:34 2009 +0000
+++ b/lang/ruby18-base/distinfo Fri Feb 20 12:32:26 2009 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.34 2008/09/14 05:17:18 taca Exp $
+$NetBSD: distinfo,v 1.35 2009/02/20 12:32:26 taca Exp $
 
 SHA1 (ruby-1.8.7-p72.tar.bz2) = 462e990a724580e4dfeeac5a271b93f6cfcbf5c7
 RMD160 (ruby-1.8.7-p72.tar.bz2) = 07bf0d6987ba111aed988093c569fb66ba54891b
@@ -8,3 +8,4 @@
 SHA1 (patch-ac) = eb4dd068729ba2a2c7d4d659f6bcdb1410227f3b
 SHA1 (patch-dg) = 6c92da2111af7dd09d9cc28d1d82612ead14283e
 SHA1 (patch-dh) = ac637345ee171892b551f34d0deb65f238060c7c
+SHA1 (patch-dj) = a325fcec8d90b8d550d0e4e858d60dd91b4d23c6
diff -r f9aa0659744b -r 989661c9dd9b lang/ruby18-base/patches/patch-dj
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/ruby18-base/patches/patch-dj Fri Feb 20 12:32:26 2009 +0000
@@ -0,0 +1,34 @@
+$NetBSD: patch-dj,v 1.2 2009/02/20 12:32:26 taca Exp $
+
+Online Certificate Status Protocol's verify method fix from Ruby's
+repository: revision 22440.
+
+--- ext/openssl/ossl_ocsp.c.orig       2007-06-09 00:02:04.000000000 +0900
++++ ext/openssl/ossl_ocsp.c
+@@ -589,22 +589,22 @@ ossl_ocspbres_sign(int argc, VALUE *argv
+ static VALUE
+ ossl_ocspbres_verify(int argc, VALUE *argv, VALUE self)
+ {
+-    VALUE certs, store, flags;
++    VALUE certs, store, flags, result;
+     OCSP_BASICRESP *bs;
+     STACK_OF(X509) *x509s;
+     X509_STORE *x509st;
+-    int flg, result;
++    int flg;
+ 
+     rb_scan_args(argc, argv, "21", &certs, &store, &flags);
+     x509st = GetX509StorePtr(store);
+     flg = NIL_P(flags) ? 0 : INT2NUM(flags);
+     x509s = ossl_x509_ary2sk(certs);
+     GetOCSPBasicRes(self, bs);
+-    result = OCSP_basic_verify(bs, x509s, x509st, flg);
++    result = OCSP_basic_verify(bs, x509s, x509st, flg) > 0 ? Qtrue : Qfalse;
+     sk_X509_pop_free(x509s, X509_free);
+     if(!result) rb_warn("%s", ERR_error_string(ERR_peek_error(), NULL));
+ 
+-    return result ? Qtrue : Qfalse;
++    return result;
+ }
+ 
+ /*