diff options
Diffstat (limited to 'lib/rubygems/security/policy.rb')
-rw-r--r-- | lib/rubygems/security/policy.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/rubygems/security/policy.rb b/lib/rubygems/security/policy.rb index 98e41b812c..7238b2e477 100644 --- a/lib/rubygems/security/policy.rb +++ b/lib/rubygems/security/policy.rb @@ -213,6 +213,9 @@ class Gem::Security::Policy if @only_signed then raise Gem::Security::Exception, "unsigned gems are not allowed by the #{name} policy" + elsif digests.empty? then + # lack of signatures is irrelevant if there is nothing to check + # against else alert_warning "#{full_name} is not signed" end @@ -246,6 +249,8 @@ class Gem::Security::Policy if @only_trusted then check_trust chain, digester, trust_dir + elsif signatures.empty? and digests.empty? then + # trust is irrelevant if there's no signatures to verify else alert_warning "#{subject signer} is not trusted for #{full_name}" end |