aboutsummaryrefslogtreecommitdiffstats
path: root/lib/rubygems/package/old.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/rubygems/package/old.rb')
-rw-r--r--lib/rubygems/package/old.rb20
1 files changed, 20 insertions, 0 deletions
diff --git a/lib/rubygems/package/old.rb b/lib/rubygems/package/old.rb
index 552a5f3591..6bf9ea0fe3 100644
--- a/lib/rubygems/package/old.rb
+++ b/lib/rubygems/package/old.rb
@@ -32,6 +32,8 @@ class Gem::Package::Old < Gem::Package
# A list of file names contained in this gem
def contents
+ verify
+
return @contents if @contents
open @gem, 'rb' do |io|
@@ -46,6 +48,8 @@ class Gem::Package::Old < Gem::Package
# Extracts the files in this package into +destination_dir+
def extract_files destination_dir
+ verify
+
errstr = "Error reading files from gem"
open @gem, 'rb' do |io|
@@ -125,6 +129,8 @@ class Gem::Package::Old < Gem::Package
# The specification for this gem
def spec
+ verify
+
return @spec if @spec
yaml = ''
@@ -143,5 +149,19 @@ class Gem::Package::Old < Gem::Package
raise Gem::Exception, "Failed to parse gem specification out of gem file"
end
+ ##
+ # Raises an exception if a security policy that verifies data is active.
+ # Old format gems cannot be verified as signed.
+
+ def verify
+ return true unless @security_policy
+
+ raise Gem::Security::Exception,
+ 'old format gems do not contain signatures and cannot be verified' if
+ @security_policy.verify_data
+
+ true
+ end
+
end
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-26 07:12:03 +0000