* lib/rubygems: Update to RubyGems 2.1.0. Fixes CVE-2013-4287.

See http://rubygems.rubyforge.org/rubygems-update/CVE-2013-4287_txt.html for CVE information. See http://rubygems.rubyforge.org/rubygems-update/History_txt.html#label-2.1.0+%2F+2013-09-09 for release notes. * test/rubygems: Tests for the above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42898 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-09-10 00:52:14 +0000
committer: drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-09-10 00:52:14 +0000
commit: f06f90323133e2f1440cd5090a622b56994c4e65 (patch)
tree: 9eb52cdb3b8e0a8bab0c7e10b5c8cdce14762898 /lib/rubygems/dependency_resolver
parent: 888e5cbbe7398aa814f5a0208a0fd30cfe337f3b (diff)
download: ruby-f06f90323133e2f1440cd5090a622b56994c4e65.tar.gz
5 files changed, 32 insertions, 8 deletions
diff --git a/lib/rubygems/dependency_resolver/api_specification.rb b/lib/rubygems/dependency_resolver/api_specification.rb
index 5ad07396cf..ae688780dd 100644
--- a/lib/rubygems/dependency_resolver/api_specification.rb
+++ b/lib/rubygems/dependency_resolver/api_specification.rb
@@ -8,6 +8,7 @@ class Gem::DependencyResolver::APISpecification
 
   attr_reader :dependencies
   attr_reader :name
+  attr_reader :platform
   attr_reader :set # :nodoc:
   attr_reader :version
 
@@ -15,6 +16,7 @@ class Gem::DependencyResolver::APISpecification
     @set = set
     @name = api_data[:name]
     @version = Gem::Version.new api_data[:number]
+    @platform = api_data[:platform]
     @dependencies = api_data[:dependencies].map do |name, ver|
       Gem::Dependency.new name, ver.split(/\s*,\s*/)
     end
@@ -25,6 +27,7 @@ class Gem::DependencyResolver::APISpecification
       @set          == other.set and
       @name         == other.name and
       @version      == other.version and
+      @platform     == other.platform and
       @dependencies == other.dependencies
   end
 
diff --git a/lib/rubygems/dependency_resolver/index_set.rb b/lib/rubygems/dependency_resolver/index_set.rb
index fcf919d81b..d6a05e580f 100644
--- a/lib/rubygems/dependency_resolver/index_set.rb
+++ b/lib/rubygems/dependency_resolver/index_set.rb
@@ -43,9 +43,14 @@ class Gem::DependencyResolver::IndexSet
   # Called from IndexSpecification to get a true Specification
   # object.
 
-  def load_spec name, ver, source
-    key = "#{name}-#{ver}"
-    @specs[key] ||= source.fetch_spec(Gem::NameTuple.new(name, ver))
+  def load_spec name, ver, platform, source
+    key = "#{name}-#{ver}-#{platform}"
+
+    @specs.fetch key do
+      tuple = Gem::NameTuple.new name, ver, platform
+
+      @specs[key] = source.fetch_spec tuple
+    end
   end
 
   ##
diff --git a/lib/rubygems/dependency_resolver/index_specification.rb b/lib/rubygems/dependency_resolver/index_specification.rb
index 371018ba44..d8ac69d402 100644
--- a/lib/rubygems/dependency_resolver/index_specification.rb
+++ b/lib/rubygems/dependency_resolver/index_specification.rb
@@ -8,6 +8,8 @@ class Gem::DependencyResolver::IndexSpecification
 
   attr_reader :name
 
+  attr_reader :platform
+
   attr_reader :source
 
   attr_reader :version
@@ -39,14 +41,19 @@ class Gem::DependencyResolver::IndexSpecification
       q.breakable
       q.text full_name
 
+      unless Gem::Platform::RUBY == @platform then
+        q.breakable
+        q.text @platform
+      end
+
       q.breakable
-      q.text ' source '
+      q.text 'source '
       q.pp @source
     end
   end
 
   def spec
-    @spec ||= @set.load_spec(@name, @version, @source)
+    @spec ||= @set.load_spec(@name, @version, @platform, @source)
   end
 
 end
diff --git a/lib/rubygems/dependency_resolver/installed_specification.rb b/lib/rubygems/dependency_resolver/installed_specification.rb
index af167572bf..ca20ace61e 100644
--- a/lib/rubygems/dependency_resolver/installed_specification.rb
+++ b/lib/rubygems/dependency_resolver/installed_specification.rb
@@ -26,6 +26,10 @@ class Gem::DependencyResolver::InstalledSpecification
     @spec.name
   end
 
+  def platform
+    @spec.platform
+  end
+
   def source
     @source ||= Gem::Source::Installed.new
   end
diff --git a/lib/rubygems/dependency_resolver/installer_set.rb b/lib/rubygems/dependency_resolver/installer_set.rb
index 7de052df77..c39f77a005 100644
--- a/lib/rubygems/dependency_resolver/installer_set.rb
+++ b/lib/rubygems/dependency_resolver/installer_set.rb
@@ -115,9 +115,14 @@ class Gem::DependencyResolver::InstallerSet
   # Called from IndexSpecification to get a true Specification
   # object.
 
-  def load_spec name, ver, source
-    key = "#{name}-#{ver}"
-    @specs[key] ||= source.fetch_spec Gem::NameTuple.new name, ver
+  def load_spec name, ver, platform, source
+    key = "#{name}-#{ver}-#{platform}"
+
+    @specs.fetch key do
+      tuple = Gem::NameTuple.new name, ver, platform
+
+      @specs[key] = source.fetch_spec tuple
+    end
   end
 
   ##
author	drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-09-10 00:52:14 +0000
committer	drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-09-10 00:52:14 +0000
commit	f06f90323133e2f1440cd5090a622b56994c4e65 (patch)
tree	9eb52cdb3b8e0a8bab0c7e10b5c8cdce14762898 /lib/rubygems/dependency_resolver
parent	888e5cbbe7398aa814f5a0208a0fd30cfe337f3b (diff)
download	ruby-f06f90323133e2f1440cd5090a622b56994c4e65.tar.gz