| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Regenerate test CA certificates with appropriate extensions
Test certificates in test/rubygems lack the basic constraints extension.
Here is the patch against rubygems' util/create_certs.rb.
ruby util/create_certs.rb &&
cp test/rubygems/*.pem /path/to/ruby/test/rubygems/ &&
ruby util/create_encrypted_key.rb &&
cp test/rubygems/encrypted_private_key.pem /path/to/ruby/test/rubygems/
------------------------ >8 ------------------------
diff --git a/util/create_certs.rb b/util/create_certs.rb
index 4f6f9ea..313a724 100644
--- a/util/create_certs.rb
+++ b/util/create_certs.rb
@@ -4,37 +4,41 @@ require 'time'
class CertificateBuilder
- attr_reader :today
+ attr_reader :start
def initialize key_size = 2048
- today = Time.now.utc
- @today = Time.utc today.year, today.month, today.day
+ @start = Time.utc 2012, 01, 01, 00, 00, 00
@end_of_time = Time.utc 9999, 12, 31, 23, 59, 59
@end_of_time_32 = Time.utc 2038, 01, 19, 03, 14, 07
+ @key_size = key_size
@serial = 0
end
- def create_certificates(key, subject, issuer_key = key, issuer = subject,
- not_before: @today, not_after: :end_of_time)
+ def create_certificates(key, subject, issuer_key = key, issuer_cert = nil,
+ not_before: @start, not_after: :end_of_time,
+ is_ca: false)
certificates = []
not_before, not_before_32 = validity_for not_before
not_after, not_after_32 = validity_for not_after
+ issuer_cert, issuer_cert_32 = issuer_cert
certificates <<
- create_certificate(key, subject, issuer_key, issuer,
- not_before, not_after)
+ create_certificate(key, subject, issuer_key, issuer_cert,
+ not_before, not_after, is_ca)
certificates <<
- create_certificate(key, subject, issuer_key, issuer,
- not_before_32, not_after_32)
+ create_certificate(key, subject, issuer_key, issuer_cert_32,
+ not_before_32, not_after_32, is_ca)
certificates
end
- def create_certificate key, subject, issuer_key, issuer, not_before, not_after
- puts "creating cert - subject: #{subject}, issuer: #{issuer}"
+ def create_certificate(key, subject, issuer_key, issuer_cert,
+ not_before, not_after, is_ca)
cert = OpenSSL::X509::Certificate.new
+ issuer_cert ||= cert # if not specified, create self signing cert
+
cert.version = 2
cert.serial = 0
@@ -45,32 +49,41 @@ class CertificateBuilder
cert.public_key = key.public_key
- cert.subject =
- OpenSSL::X509::Name.new [%W[CN #{subject}], %w[DC example]]
- cert.issuer =
- OpenSSL::X509::Name.new [%W[CN #{issuer}], %w[DC example]]
+ cert.subject = OpenSSL::X509::Name.new [%W[CN #{subject}], %w[DC example]]
+ cert.issuer = issuer_cert.subject
- ef = OpenSSL::X509::ExtensionFactory.new nil, cert
+ ef = OpenSSL::X509::ExtensionFactory.new issuer_cert, cert
cert.extensions = [
- ef.create_extension('subjectAltName', "email:#{subject}@example")
+ ef.create_extension('subjectAltName', "email:#{subject}@example"),
+ ef.create_extension('subjectKeyIdentifier', 'hash')
]
+ if cert != issuer_cert # not self-signed cert
+ cert.add_extension ef.create_extension('authorityKeyIdentifier', 'keyid:always')
+ end
+
+ if is_ca
+ cert.add_extension ef.create_extension('basicConstraints', 'CA:TRUE', true)
+ cert.add_extension ef.create_extension('keyUsage', 'keyCertSign', true)
+ end
+
cert.sign issuer_key, OpenSSL::Digest::SHA1.new
+ puts "created cert - subject: #{cert.subject}, issuer: #{cert.issuer}"
cert
end
def create_key
puts "creating key"
- OpenSSL::PKey::RSA.new 2048
+ OpenSSL::PKey::RSA.new @key_size
end
def create_keys names
keys = {}
names.each do |name|
- keys[name] = create_key
+ keys[name] = OpenSSL::PKey::RSA.new File.read(File.join "test/rubygems/#{name}_key.pem")
end
keys
@@ -108,37 +121,39 @@ keys = cb.create_keys [
keys[:public] = keys[:private].public_key
-certs = {
- alternate:
- cb.create_certificates(keys[:alternate], 'alternate'),
- child:
- cb.create_certificates(keys[:child], 'child',
- keys[:private], 'nobody'),
- expired:
- cb.create_certificates(keys[:private], 'nobody',
- not_before: Time.at(0),
- not_after: Time.at(0)),
- future:
- cb.create_certificates(keys[:private], 'nobody',
- not_before: :end_of_time,
- not_after: :end_of_time),
- grandchild:
- cb.create_certificates(keys[:grandchild], 'grandchild',
- keys[:child], 'child'),
- invalid_issuer:
- cb.create_certificates(keys[:invalid], 'invalid',
- keys[:invalid], 'nobody'),
- invalid_signer:
- cb.create_certificates(keys[:invalid], 'invalid',
- keys[:private], 'invalid'),
- invalidchild:
- cb.create_certificates(keys[:invalidchild], 'invalidchild',
- keys[:invalid], 'child'),
- public:
- cb.create_certificates(keys[:private], 'nobody'),
- wrong_key:
- cb.create_certificates(keys[:alternate], 'nobody'),
-}
+certs = {}
+certs[:public] =
+ cb.create_certificates(keys[:private], 'nobody',
+ is_ca: true)
+certs[:child] =
+ cb.create_certificates(keys[:child], 'child',
+ keys[:private], certs[:public],
+ is_ca: true)
+certs[:alternate] =
+ cb.create_certificates(keys[:alternate], 'alternate')
+certs[:expired] =
+ cb.create_certificates(keys[:private], 'nobody',
+ not_before: Time.at(0),
+ not_after: Time.at(0))
+certs[:future] =
+ cb.create_certificates(keys[:private], 'nobody',
+ not_before: :end_of_time,
+ not_after: :end_of_time)
+certs[:invalid_issuer] =
+ cb.create_certificates(keys[:invalid], 'invalid',
+ keys[:invalid], certs[:public],
+ is_ca: true)
+certs[:grandchild] =
+ cb.create_certificates(keys[:grandchild], 'grandchild',
+ keys[:child], certs[:child])
+certs[:invalid_signer] =
+ cb.create_certificates(keys[:invalid], 'invalid',
+ keys[:private], certs[:invalid])
+certs[:invalidchild] =
+ cb.create_certificates(keys[:invalidchild], 'invalidchild',
+ keys[:invalid], certs[:child])
+certs[:wrong_key] =
+ cb.create_certificates(keys[:alternate], 'nobody')
base_dir = 'test/rubygems'
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use EVP_PKEY_get0_* instead of pkey->pkey.*
Use EVP_PKEY_base_id(pkey) instead of EVP_PKEY_type(pkey->type)
Because of this, we can no longer set the parameters/keys directly, and
the newly added functions as alternative require setting all relevant
values at the same time. So this patch contains incompatibility: the
following code no longer works (if using 1.1.0):
dh = OpenSSL::PKey::DH.new(...)
dh.priv_key = OpenSSL::BN.new(...)
...and we have to write like:
dh = OpenSSL::PKey::DH.new(...)
priv = OpenSSL::BN.new(...)
pub = <calculate (dh.g ** priv) % dh.p>
dh.set_key(pub, priv)
|
| |
|
|
|
|
|
| |
Please see entries of 2.6.3 on
https://github.com/rubygems/rubygems/blob/master/History.txt
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54500 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
| |
https://github.com/travis-ci/travis-ci/issues/5798
https://github.com/rubygems/rubygems/pull/1566
* test/rubygems/test_gem.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
Please see entries of 2.6.2 on
https://github.com/rubygems/rubygems/blob/master/History.txt
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54308 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
| |
Please see entries of 2.6.0 and 2.6.1 on
https://github.com/rubygems/rubygems/blob/master/History.txt
[fix GH-1270] Patch by @segiddins
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53992 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
| |
Merged https://github.com/rubygems/rubygems/commit/72b3701
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53781 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
| |
* test/rubygems/test_gem_remote_fetcher.rb (stop_servers):
terminate timeout watcher thread to fix thread leak. re-apply
r53439.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53777 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53708 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
| |
It supports to enable frozen string literal and add `--norc` option for
disable to `.gemrc` configuration.
See 2.5.2 release notes for other fixes and enhancements.
https://github.com/rubygems/rubygems/blob/a8aa3bac723f045c52471c7b9328310a048561e0/History.txt#L3
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53707 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
| |
* test/rubygems/test_require.rb (test_dash_i_beats_gems): create
temporary library directory under the temporary directory
created by Gem::TestCase#setup, not to leave garbages in the
default temporary directory.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53665 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* lib/webrick/utils.rb (WEBrick::Utils::TimeoutHandler#watcher):
make watcher thread restartable.
* lib/webrick/utils.rb (WEBrick::Utils::TimeoutHandler#terminate):
new method to terminate watcher thread.
* test/lib/leakchecker.rb (LeakChecker#find_threads): revert
r46941.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53439 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
| |
When you change this to true, you may need to add more tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
| |
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53032 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
this version includes #1396, #1397, #1398, #1399
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52880 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
this version includes #1114, #1314, #1322, #1375, #1383, #1387
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52666 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
this version includes #1367 , #1373 , #1375
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52546 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
| |
this version contains pull requests number of #1343, #1356, #1357, #1363
at https://github.com/rubygems/rubygems/pulls
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52372 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
|
| |
(test_handle_options_port): change port from http to discard.
Solaris does not include "http 80/tcp" in its default
/etc/inet/services. AFAIK, discard (9/tcp) is older than http
and it is expected that all OS can resolve the service name.
[Bug #10004] [ruby-core:63518]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52329 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
| |
depending on the content of /etc/inet/services, and skipping the
assertion by using RUBY_PLATFORM is generally a bad idea.
In addition, no ChangeLog is given with the commit.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52328 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52312 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
| |
some CI uses ENV['MAKE'] to specify gmake
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52309 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52286 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51804 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
| |
this version contains new feature that warn invalid SPDX license
identifiers. https://github.com/rubygems/rubygems/pull/1249
and #1032, #1023, #1332, #1328, #1306, #1321, #1324
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51801 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
|
| |
* test/rubygems/test_gem_commands_pristine_command.rb (setup):
clear post_install hook to fix failures when running parallel to
test_gem_commands_install_command.rb with -j option.
* test/rubygems/test_gem_commands_uninstall_command.rb (setup):
ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51567 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
| |
OpenSSL::PKey::DH.new(2048) takes forever, and we pre-generate
test keys for other SSL-using tests anyways.
* test/rubygems/test_gem_remote_fetcher.rb: pre-generate test key
[ruby-core:70151] [Bug #11397]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51414 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
change for OpenSSL key length. see detail to
https://github.com/rubygems/rubygems/pull/1290
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51384 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
* time: Object#timeout has been deprecated a long time ago, use
Timeout.timeout.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51225 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
| |
* test/rubygems/test_gem_commands_install_command.rb: previously
load rubygems/request_set which will be required in
rubygems/commands/install_command.rb to get rid of loading
multiple times.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51156 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51102 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
| |
* test/rubygems/test_require.rb (test_dash_i_beats_gems): skip
because the target feature just does not work. requiring a gem
inserts its paths and its dependents' paths at the beginning of
$LOAD_PATH, regardless -I options.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51101 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
* test/rubygems/test_gem_server.rb (process_based_port): use
dynamically chosen port numberss to get rid of conflicts.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51100 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
platform does not permit the filename of its test file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51099 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
| |
* test/rubygems/test_gem_resolver_git_specification.rb: require
rubygems/installer.rb before Gem::TestCase#setup runs, otherwise
as Gem::TestCase#teardown restores $LOADED_FEATURES to the state
at that time, the requiring the file in GitSpecification#install
method causes a lot of constant redefinitions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51098 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
this version contains many enhancements see http://git.io/vtNwF
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51092 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
| |
* test/rubygems/test_gem_remote_fetcher.rb (start_ssl_server):
temporary measure for "dh key too small" error of OpenSSL
1.0.2c+.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50972 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
| |
CVE-2015-3900.
* lib/rubygems/remote_fetcher.rb: ditto.
* test/rubygems/test_gem_remote_fetcher.rb: added testcase for CVE-2015-3900
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50829 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
|
| |
the patch is from davydovanton <antondavydov.o at gmail.com>.
[fix GH-892]
* lib/rubygems/indexer.rb: ditto.
* test/rubygems/test_gem_indexer.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50459 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
| |
cross-compile environment.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50267 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
|
| |
[fix GH-867][Feature #11057]
* test/ruby/test_extlibs.rb: removed json gem from existence extentions.
* gems/bundled_gems: added json gem into bundled gem.
* lib/rdoc/rubygems_hook.rb: ignored no json environment.
* lib/rubygems/test_case.rb, test/rubygems/*: ditto.
* lib/rdoc/test_case.rb, test/rdoc/*: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50231 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
rake is not available until installation now, so skip rake
dependent tests unless it can load.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50190 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lib/rubygems/test_case.rb (setup, teardown): fix
environment variable change leaks.
* test/cgi/update_env.rb: ditto.
* test/rake/test_rake_application_options.rb (setup, teardown):
ditto.
* test/rake/test_rake_file_utils.rb (setup, teardown): ditto.
* test/rubygems/test_gem_request.rb (setup): add https_proxy.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49950 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
| |
File::Stat#mode is OS dependent. In AIX, 0200000 is set.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49919 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
Fixed #1159, #1171, #1173 on rubygems/rubygems
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49774 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
Fixed #1156, #1142, #1115, #1142, #1139 on rubygems/rubygems
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49511 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
| |
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49195 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
|
| |
* test/rubygems: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48729 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
|
|
| |
master (2f6e42e).
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48468 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
|
| |
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48371 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
