Merge pull request #2898 from kkimurak/ruby-patching_backport16.7.x

Backport to 16.7.x : Add patch for Ruby to fix issue on running on legacy kernel
sameersbn · Feb 12, 2024 · 2c619ca · 2c619ca
2 parents da4e3bc + bee0503
commit 2c619ca
Show file tree

Hide file tree

Showing 6 changed files with 50 additions and 1 deletion.
diff --git a/assets/build/install.sh b/assets/build/install.sh
@@ -47,6 +47,10 @@ mkdir /tmp/ruby && cd /tmp/ruby
 curl --remote-name -Ss "${RUBY_SRC_URL}"
 printf '%s ruby-%s.tar.gz' "${RUBY_SOURCE_SHA256SUM}" "${RUBY_VERSION}" | sha256sum -c -
 tar xzf ruby-"${RUBY_VERSION}".tar.gz && cd ruby-"${RUBY_VERSION}"
+find "${GITLAB_BUILD_DIR}/patches/ruby" -name "*.patch" | while read -r patch_file; do
+  echo "Applying patch ${patch_file}"
+  patch -p1 -i "${patch_file}"
+done
 ./configure --disable-install-rdoc --enable-shared
 make -j"$(nproc)"
 make install
@@ -84,7 +88,7 @@ exec_as_git git config --global --add safe.directory /home/git/gitlab
 echo "Cloning gitlab-foss v.${GITLAB_VERSION}..."
 exec_as_git git clone -q -b v${GITLAB_VERSION} --depth 1 ${GITLAB_CLONE_URL} ${GITLAB_INSTALL_DIR}
 
-find "${GITLAB_BUILD_DIR}/patches/" -name "*.patch" | while read -r patch_file; do
+find "${GITLAB_BUILD_DIR}/patches/gitlabhq" -name "*.patch" | while read -r patch_file; do
   printf "Applying patch %s for gitlab-foss...\n" "${patch_file}"
   exec_as_git git -C ${GITLAB_INSTALL_DIR} apply --ignore-whitespace < "${patch_file}"
 done

diff --git a/...g-for-gitaly-on-a-fresh-install.patch.bak → ...g-for-gitaly-on-a-fresh-install.patch.bak b/...g-for-gitaly-on-a-fresh-install.patch.bak → ...g-for-gitaly-on-a-fresh-install.patch.bak
diff --git a/...or-csr-policy-allow-lfs_v16.3.0.patch.bak → ...or-csr-policy-allow-lfs_v16.3.0.patch.bak b/...or-csr-policy-allow-lfs_v16.3.0.patch.bak → ...or-csr-policy-allow-lfs_v16.3.0.patch.bak
diff --git a/...-to-avoid-removing-node_modules_dir.patch → ...-to-avoid-removing-node_modules_dir.patch b/...-to-avoid-removing-node_modules_dir.patch → ...-to-avoid-removing-node_modules_dir.patch
diff --git a/...-fix-raketask-gitlab-assets-compile.patch → ...-fix-raketask-gitlab-assets-compile.patch b/...-fix-raketask-gitlab-assets-compile.patch → ...-fix-raketask-gitlab-assets-compile.patch
diff --git a/assets/build/patches/ruby/0001-avoid-seeding_until-ruby3.3.0.patch b/assets/build/patches/ruby/0001-avoid-seeding_until-ruby3.3.0.patch
@@ -0,0 +1,45 @@
+From 64e503eb62aff0952b655e9a86217e355f786146 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=E5=8D=9C=E9=83=A8=E6=98=8C=E5=B9=B3?=
+ <[email protected]>
+Date: Thu, 13 Apr 2023 15:36:24 +0900
+Subject: [PATCH] avoid seeding
+
+OpenSSL's man page previously stated that "the application is
+responsible for seeding the PRNG by calling RAND_add" (see [1]).
+So we had this code.  However things changed.  They no longer
+say so, instead "manual (re-)seeding of the default OpenSSL
+random generator is not necessary" now (see [2]).  It seems all
+OpenSSL versions that we support now already behaves like this.
+Let's follow that.
+
+[1]: https://www.openssl.org/docs/man1.0.2/man3/RAND_add.html
+[2]: https://www.openssl.org/docs/manmaster/man3/RAND_add.html
+---
+ lib/securerandom.rb | 11 -----------
+ 1 file changed, 11 deletions(-)
+
+diff --git a/lib/securerandom.rb b/lib/securerandom.rb
+index 07ae048634..c5be6ce734 100644
+--- a/lib/securerandom.rb
++++ b/lib/securerandom.rb
+@@ -47,17 +47,6 @@ def bytes(n)
+     private
+
+     def gen_random_openssl(n)
+-      @pid = 0 unless defined?(@pid)
+-      pid = $$
+-      unless @pid == pid
+-        now = Process.clock_gettime(Process::CLOCK_REALTIME, :nanosecond)
+-        OpenSSL::Random.random_add([now, @pid, pid].join(""), 0.0)
+-        seed = Random.urandom(16)
+-        if (seed)
+-          OpenSSL::Random.random_add(seed, 16)
+-        end
+-        @pid = pid
+-      end
+       return OpenSSL::Random.random_bytes(n)
+     end
+
+-- 
+2.43.0.windows.1
+