aboutsummaryrefslogtreecommitdiffstats
path: root/lib/rubygems/package.rb
diff options
context:
space:
mode:
authornaruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2013-09-14 08:59:02 +0000
committernaruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2013-09-14 08:59:02 +0000
commit269503b544247b5b3e30dbe60a0bab4f2ca00e4e (patch)
treea6d0a3a9b34017c4c84d997152a3aaf3086e1ce1 /lib/rubygems/package.rb
parent2614d9ba2fb5ad171200cccc88f42fa659b527c6 (diff)
downloadruby-269503b544247b5b3e30dbe60a0bab4f2ca00e4e.tar.gz
Revert r42938 "* lib/rubygems: Update to RubyGems 2.1.3"
It breaks build. http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20130913T200302Z.diff.html.gz git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42941 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/rubygems/package.rb')
-rw-r--r--lib/rubygems/package.rb81
1 files changed, 55 insertions, 26 deletions
diff --git a/lib/rubygems/package.rb b/lib/rubygems/package.rb
index 957446257d..ba379c24cb 100644
--- a/lib/rubygems/package.rb
+++ b/lib/rubygems/package.rb
@@ -37,7 +37,7 @@
# the_gem.spec # get the spec out of the gem
# the_gem.verify # check the gem is OK (contains valid gem specification, contains a not corrupt contents archive)
#
-# #files are the files in the .gem tar file, not the ruby files in the gem
+# #files are the files in the .gem tar file, not the Ruby files in the gem
# #extract_files and #contents automatically call #verify
require 'rubygems/security'
@@ -280,11 +280,16 @@ EOM
algorithms = if @checksums then
@checksums.keys
else
- [Gem::Security::DIGEST_NAME]
+ [Gem::Security::DIGEST_NAME].compact
end
algorithms.each do |algorithm|
- digester = OpenSSL::Digest.new algorithm
+ digester =
+ if defined?(OpenSSL::Digest) then
+ OpenSSL::Digest.new algorithm
+ else
+ Digest.const_get(algorithm).new
+ end
digester << entry.read(16384) until entry.eof?
@@ -298,8 +303,11 @@ EOM
##
# Extracts the files in this package into +destination_dir+
+ #
+ # If +pattern+ is specified, only entries matching that glob will be
+ # extracted.
- def extract_files destination_dir
+ def extract_files destination_dir, pattern = "*"
verify unless @spec
FileUtils.mkdir_p destination_dir
@@ -310,7 +318,7 @@ EOM
reader.each do |entry|
next unless entry.full_name == 'data.tar.gz'
- extract_tar_gz entry, destination_dir
+ extract_tar_gz entry, destination_dir, pattern
return # ignore further entries
end
@@ -324,11 +332,20 @@ EOM
# If an entry in the archive contains a relative path above
# +destination_dir+ or an absolute path is encountered an exception is
# raised.
+ #
+ # If +pattern+ is specified, only entries matching that glob will be
+ # extracted.
- def extract_tar_gz io, destination_dir # :nodoc:
+ def extract_tar_gz io, destination_dir, pattern = "*" # :nodoc:
open_tar_gz io do |tar|
tar.each do |entry|
- destination = install_location entry.full_name, destination_dir
+ # Some entries start with "./" which fnmatch does not like, see github
+ # issue #644
+ full_name = entry.full_name.sub %r%\A\./%, ''
+
+ next unless File.fnmatch pattern, full_name
+
+ destination = install_location full_name, destination_dir
FileUtils.rm_rf destination
@@ -428,12 +445,13 @@ EOM
# certificate and key are not present only checksum generation is set up.
def setup_signer
+ passphrase = ENV['GEM_PRIVATE_KEY_PASSPHRASE']
if @spec.signing_key then
- @signer = Gem::Security::Signer.new @spec.signing_key, @spec.cert_chain
+ @signer = Gem::Security::Signer.new @spec.signing_key, @spec.cert_chain, passphrase
@spec.signing_key = nil
@spec.cert_chain = @signer.cert_chain.map { |cert| cert.to_s }
else
- @signer = Gem::Security::Signer.new nil, nil
+ @signer = Gem::Security::Signer.new nil, nil, passphrase
@spec.cert_chain = @signer.cert_chain.map { |cert| cert.to_pem } if
@signer.cert_chain
end
@@ -510,27 +528,38 @@ EOM
end
##
+ # Verifies +entry+ in a .gem file.
+
+ def verify_entry entry
+ file_name = entry.full_name
+ @files << file_name
+
+ case file_name
+ when /\.sig$/ then
+ @signatures[$`] = entry.read if @security_policy
+ return
+ else
+ digest entry
+ end
+
+ case file_name
+ when /^metadata(.gz)?$/ then
+ load_spec entry
+ when 'data.tar.gz' then
+ verify_gz entry
+ end
+ rescue => e
+ message = "package is corrupt, exception while verifying: " +
+ "#{e.message} (#{e.class})"
+ raise Gem::Package::FormatError.new message, @gem
+ end
+
+ ##
# Verifies the files of the +gem+
def verify_files gem
gem.each do |entry|
- file_name = entry.full_name
- @files << file_name
-
- case file_name
- when /\.sig$/ then
- @signatures[$`] = entry.read if @security_policy
- next
- else
- digest entry
- end
-
- case file_name
- when /^metadata(.gz)?$/ then
- load_spec entry
- when 'data.tar.gz' then
- verify_gz entry
- end
+ verify_entry entry
end
unless @spec then