Fix test broken by disabled SSLv3 in OpenSSL.

ruby-2.3.0-Don-t-force-SSLv3-in-test-as-it-is-insecure-and-may-.patch

@@ -0,0 +1,25 @@
+From b9fa5fc9a14e6c889c9a0fa9c9386b2018f2314c Mon Sep 17 00:00:00 2001
+From: Jeremy Evans <code@jeremyevans.net>
+Date: Fri, 17 Jul 2015 11:25:09 -0600
+Subject: [PATCH 4/8] Don't force SSLv3 in test, as it is insecure and may not
+ be supported
+
+LibreSSL disables SSLv3 by default, and there's no reason this code
+should require SSLv3.
+
+diff --git test/openssl/test_ssl_session.rb test/openssl/test_ssl_session.rb
+index 0c384c7..d4713d9 100644
+--- test/openssl/test_ssl_session.rb
++++ test/openssl/test_ssl_session.rb
+@@ -355,7 +355,7 @@ __EOS__
+       3.times do
+         sock = TCPSocket.new("127.0.0.1", port)
+         begin
+-          ssl = OpenSSL::SSL::SSLSocket.new(sock, OpenSSL::SSL::SSLContext.new("SSLv3"))
++          ssl = OpenSSL::SSL::SSLSocket.new(sock, OpenSSL::SSL::SSLContext.new)
+           ssl.sync_close = true
+           ssl.session = last_client_session if last_client_session
+           ssl.connect
+-- 
+2.4.5
+

ruby-2.3.0-Use-OP_NO_TICKET-when-testing-SSL-session-cache-call.patch

@@ -0,0 +1,23 @@
+From fb08c34eee2c883a01ab0dda2a2e34a290516a2a Mon Sep 17 00:00:00 2001
+From: Jeremy Evans <code@jeremyevans.net>
+Date: Fri, 17 Jul 2015 11:31:45 -0600
+Subject: [PATCH 5/8] Use OP_NO_TICKET when testing SSL session cache callbacks
+
+This fixes the test when using LibreSSL and possibly some
+configurations of OpenSSL.
+
+diff --git test/openssl/test_ssl_session.rb test/openssl/test_ssl_session.rb
+index d4713d9..58fa20b 100644
+--- test/openssl/test_ssl_session.rb
++++ test/openssl/test_ssl_session.rb
+@@ -316,6 +316,7 @@ __EOS__
+ 
+     ctx_proc = Proc.new { |ctx, ssl|
+       ctx.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_SERVER
++      ctx.options = OpenSSL::SSL::OP_NO_TICKET
+       last_server_session = nil
+ 
+       # get_cb is called whenever a client proposed to resume a session but
+-- 
+2.4.5
+

ruby-2.3.0-fix-test-ctx-client-session-cb.patch

@@ -0,0 +1,13 @@
+Index: test/openssl/test_ssl_session.rb
+===================================================================
+--- test/openssl/test_ssl_session.rb	(revision 49098)
++++ test/openssl/test_ssl_session.rb	(revision 49099)
+@@ -278,7 +278,7 @@
+ 
+   def test_ctx_client_session_cb
+     called = {}
+-    ctx = OpenSSL::SSL::SSLContext.new("SSLv3")
++    ctx = OpenSSL::SSL::SSLContext.new
+     ctx.session_cache_mode = OpenSSL::SSL::SSLContext::SESSION_CACHE_CLIENT
+ 
+     ctx.session_new_cb = lambda { |ary|

ruby.spec

@@ -117,6 +117,11 @@ Patch7: ruby-2.2.1-use-statfs.patch
 # https://github.com/rubygems/rubygems/issues/1289
 # https://github.com/ruby/ruby/commit/6398515adfc86813686605019a3e22d49cd95517
 Patch8: ruby-2.3.0-test_gem_remote_fetcher.rb-get-rid-of-errors.patch
+# Don't use SSLv3 for tests.
+# https://bugs.ruby-lang.org/issues/10046
+Patch9: ruby-2.3.0-fix-test-ctx-client-session-cb.patch
+Patch10: ruby-2.3.0-Don-t-force-SSLv3-in-test-as-it-is-insecure-and-may-.patch
+Patch11: ruby-2.3.0-Use-OP_NO_TICKET-when-testing-SSL-session-cache-call.patch
 
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Requires: ruby(rubygems) >= %{rubygems_version}
@@ -419,6 +424,9 @@ rm -rf ext/fiddle/libffi*
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
+%patch9
+%patch10
+%patch11
 
 # Provide an example of usage of the tapset:
 cp -a %{SOURCE3} .
@@ -602,11 +610,6 @@ DISABLE_TESTS=""
 # the test suite).
 touch abrt.rb
 
-# Test is broken due to SSLv3 disabled in Fedora.
-# https://bugs.ruby-lang.org/issues/10046
-sed -i '/def test_ctx_client_session_cb$/,/^  end$/ s/^/#/' test/openssl/test_ssl_session.rb
-sed -i '/def test_ctx_server_session_cb$/,/^  end$/ s/^/#/' test/openssl/test_ssl_session.rb
-
 make check TESTS="-v $DISABLE_TESTS"
 
 %post libs -p /sbin/ldconfig