diff --git a/rack-protection-2.0.3.gem b/rack-protection-2.0.3.gem deleted file mode 100644 index f32d38c3b4371452613c702b38cd046cdb43b619..0000000000000000000000000000000000000000 Binary files a/rack-protection-2.0.3.gem and /dev/null differ diff --git a/rack-protection-2.0.8.1-spec.tar.gz b/rack-protection-2.0.8.1-spec.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..d3ba95eeafc023388ba4ddca45acf5880a825be5 Binary files /dev/null and b/rack-protection-2.0.8.1-spec.tar.gz differ diff --git a/rack-protection-2.0.8.1.gem b/rack-protection-2.0.8.1.gem new file mode 100644 index 0000000000000000000000000000000000000000..2e6a53b42d012cc86b0c531c421d640d768c1417 Binary files /dev/null and b/rack-protection-2.0.8.1.gem differ diff --git a/rubygem-rack-protection-2.0.8.1-Fix-failing-tests.patch b/rubygem-rack-protection-2.0.8.1-Fix-failing-tests.patch new file mode 100644 index 0000000000000000000000000000000000000000..ddb2e0a2e580a4091a0f5ce815d7d20d325df75a --- /dev/null +++ b/rubygem-rack-protection-2.0.8.1-Fix-failing-tests.patch @@ -0,0 +1,34 @@ +From 750aa3b0de06dad41539bdb402123b5416a3475d Mon Sep 17 00:00:00 2001 +From: Jordan Owens +Date: Tue, 10 Mar 2020 10:24:05 -0400 +Subject: [PATCH] Fix failing tests + +Rack added support for Multi-part ranges and apparently changed the +format of cookie expires timestamp format to match specs. +--- + .../spec/lib/rack/protection/cookie_tossing_spec.rb | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb b/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb +index af46ffc2b..f973bd476 100644 +--- a/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb ++++ b/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb +@@ -28,12 +28,12 @@ + get '/some/path', {}, 'HTTP_COOKIE' => 'rack.%73ession=EVIL_SESSION_TOKEN; rack.session=EVIL_SESSION_TOKEN; rack.session=SESSION_TOKEN' + + expected_header = <<-END.chomp +-rack.%2573ession=; domain=example.org; path=/; expires=Thu, 01 Jan 1970 00:00:00 -0000 +-rack.%2573ession=; domain=example.org; path=/some; expires=Thu, 01 Jan 1970 00:00:00 -0000 +-rack.%2573ession=; domain=example.org; path=/some/path; expires=Thu, 01 Jan 1970 00:00:00 -0000 +-rack.session=; domain=example.org; path=/; expires=Thu, 01 Jan 1970 00:00:00 -0000 +-rack.session=; domain=example.org; path=/some; expires=Thu, 01 Jan 1970 00:00:00 -0000 +-rack.session=; domain=example.org; path=/some/path; expires=Thu, 01 Jan 1970 00:00:00 -0000 ++rack.%2573ession=; domain=example.org; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT ++rack.%2573ession=; domain=example.org; path=/some; expires=Thu, 01 Jan 1970 00:00:00 GMT ++rack.%2573ession=; domain=example.org; path=/some/path; expires=Thu, 01 Jan 1970 00:00:00 GMT ++rack.session=; domain=example.org; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT ++rack.session=; domain=example.org; path=/some; expires=Thu, 01 Jan 1970 00:00:00 GMT ++rack.session=; domain=example.org; path=/some/path; expires=Thu, 01 Jan 1970 00:00:00 GMT + END + expect(last_response.headers['Set-Cookie']).to eq(expected_header) + end diff --git a/rubygem-rack-protection.spec b/rubygem-rack-protection.spec index 4f4fb61abec4c63ad746a5d0854775066242fc74..9219c1c63d86c59c24962b219b349488e55d3f96 100644 --- a/rubygem-rack-protection.spec +++ b/rubygem-rack-protection.spec @@ -1,15 +1,20 @@ %global gem_name rack-protection -%{?_with_bootstrap: %global bootstrap 1} +%bcond_with bootstrap Summary: Ruby gem that protects against typical web attacks Name: rubygem-%{gem_name} -Version: 2.0.3 -Release: 2 +Version: 2.0.8.1 +Release: 1 License: MIT URL: http://github.com/sinatra/sinatra/tree/master/rack-protection Source0: https://rubygems.org/gems/%{gem_name}-%{version}.gem -Source1: https://github.com/sinatra/sinatra/archive/v%{version}.tar.gz +# git clone https://github.com/sinatra/sinatra.git && cd sinatra/rack-protection +# git archive -v -o rack-protection-2.0.8.1-spec.tar.gz v2.0.8.1 spec/ +Source1: %{gem_name}-%{version}-spec.tar.gz +# Fix test failure due to Rack 2.2.2 incompatibility. +# https://github.com/sinatra/sinatra/pull/1605 +Patch0: rubygem-rack-protection-2.0.8.1-Fix-failing-tests.patch BuildRequires: ruby(release) rubygems-devel ruby -%if ! 0%{?bootstrap} +%if %{without bootstrap} BuildRequires: rubygem(rack) rubygem(rspec) rubygem(rack-test) %endif BuildArch: noarch @@ -24,25 +29,30 @@ Requires: %{name} = %{version}-%{release} This package contains documentation for %{name}. %prep -%setup -q -c -T -%gem_install -n %{SOURCE0} +%setup -q -n %{gem_name}-%{version} -b 1 + +pushd %{_builddir} +%patch0 -p2 +popd %build -%if ! 0%{?bootstrap} +gem build ../%{gem_name}-%{version}.gemspec +%gem_install + +%install +mkdir -p %{buildroot}%{gem_dir} +cp -a .%{gem_dir}/* \ + %{buildroot}%{gem_dir}/ +%if %{without bootstrap} %check pushd .%{gem_instdir} -tar xzvf %{SOURCE1} -sed -i 's/-0000/GMT/g' sinatra-2.0.3/rack-protection/spec/lib/rack/protection/cookie_tossing_spec.rb -ln -s sinatra-%{version}/%{gem_name}/spec spec +ln -s %{_builddir}/spec spec + rspec -r 'spec_helper' spec popd %endif -%install -%{__mkdir_p} %{buildroot}%{gem_dir} -cp -rv .%{gem_dir}/* %{buildroot}%{gem_dir} - %files %dir %{gem_instdir} %license %{gem_instdir}/License @@ -58,6 +68,9 @@ cp -rv .%{gem_dir}/* %{buildroot}%{gem_dir} %{gem_instdir}/Rakefile %changelog +* Thu Feb 24 2022 liyanan - 2.0.8.1-1 +- update to 2.0.8.1 + * Wed Feb 10 2021 jeff200902 - 2.0.3-2 - fix check failed diff --git a/v2.0.3.tar.gz b/v2.0.3.tar.gz deleted file mode 100644 index b6cdc3edb7fec7883af600e380d9ba7f0b87170b..0000000000000000000000000000000000000000 Binary files a/v2.0.3.tar.gz and /dev/null differ