aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authornobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-18 07:04:55 +0000
committernobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-18 07:04:55 +0000
commit2bf535441d3a65942c2d14761463f39e5f0169ee (patch)
tree628dad4a22544f37d8cbccd475f4cce5a9ccd258
parent86f685407cabd1a4c13cc868dae9ff766dd99497 (diff)
downloadruby-2bf535441d3a65942c2d14761463f39e5f0169ee.tar.gz
downloader.rb: disable verify if rubygems is old
* tool/downloader.rb (Downloader::RubyGems.download): verify gems only if RubyGems is 2.4 or later. old RubyGems fails to verify almost all of bundled gems. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55055 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog6
-rw-r--r--tool/downloader.rb20
2 files changed, 20 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index ff4be9648f..e6e89fc487 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Wed May 18 16:04:54 2016 Nobuyoshi Nakada <nobu@ruby-lang.org>
+
+ * tool/downloader.rb (Downloader::RubyGems.download): verify gems
+ only if RubyGems is 2.4 or later. old RubyGems fails to verify
+ almost all of bundled gems.
+
Wed May 18 14:52:38 2016 Nobuyoshi Nakada <nobu@ruby-lang.org>
* string.c (rb_str_modify_expand): check integer overflow.
diff --git a/tool/downloader.rb b/tool/downloader.rb
index 401a50f0c7..74ff309637 100644
--- a/tool/downloader.rb
+++ b/tool/downloader.rb
@@ -57,27 +57,27 @@ class Downloader
def self.download(name, dir = nil, since = true, options = {})
require 'rubygems'
require 'rubygems/package'
+ verify = options.delete(:verify) {Gem::VERSION >= "2.4."}
options[:ssl_ca_cert] = Dir.glob(File.expand_path("../lib/rubygems/ssl_certs/**/*.pem", File.dirname(__FILE__)))
file = under(dir, name)
super("https://rubygems.org/downloads/#{name}", file, nil, since, options) or
return false
+ return true unless verify
policy = Gem::Security::LowSecurity
(policy = policy.dup).ui = Gem::SilentUI.new if policy.respond_to?(:'ui=')
pkg = Gem::Package.new(file)
pkg.security_policy = policy
begin
+ $stdout.puts "verifying #{name}"
pkg.verify
rescue Gem::Security::Exception => e
- $stderr.puts e.message
+ $stderr.puts "#{name}: #{e.message}"
File.unlink(file)
false
else
true
end
end
-
- def self.verify(pkg)
- end
end
Gems = RubyGems
@@ -134,6 +134,7 @@ class Downloader
# download 'http://www.unicode.org/Public/UCD/latest/ucd/UnicodeData.txt',
# 'UnicodeData.txt', 'enc/unicode/data'
def self.download(url, name, dir = nil, since = true, options = {})
+ options.delete(:verify)
file = under(dir, name)
if since.nil? and File.exist?(file)
if $VERBOSE
@@ -194,6 +195,10 @@ class Downloader
raise "failed to download #{name}\n#{e.message}: #{url}"
end
+ def self.verify(file)
+ true
+ end
+
def self.under(dir, name)
dir ? File.join(dir, File.basename(name)) : name
end
@@ -203,6 +208,7 @@ Downloader.https = https.freeze
if $0 == __FILE__
since = true
+ options = {}
until ARGV.empty?
case ARGV[0]
when '-d'
@@ -217,6 +223,8 @@ if $0 == __FILE__
since = nil
when '-a'
since = false
+ when '-V'
+ options[:verify] = true
when /\A-/
abort "#{$0}: unknown option #{ARGV[0]}"
else
@@ -233,10 +241,10 @@ if $0 == __FILE__
ARGV.shift
ARGV.each do |name|
name = "#{prefix}/#{File.basename(name)}" if prefix
- dl.download(name, destdir, since)
+ dl.download(name, destdir, since, options)
end
else
abort "usage: #{$0} url name" unless ARGV.size == 2
- Downloader.download(ARGV[0], ARGV[1], destdir, since)
+ Downloader.download(ARGV[0], ARGV[1], destdir, since, options)
end
end