bundler 1.6.8 → 1.6.9

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of bundler might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f0c1d7e4a7f9e502e6dcafce69c6c507d6f42ca4
4
- data.tar.gz: 6359c1680cc84214811442c8783389eb6ae2fedb
3
+ metadata.gz: 416e8ee36efa63219a479a3f0b05a2e9c3cbff1c
4
+ data.tar.gz: bcdb1aba2bddb5787e77a692f2f3c1ad80960029
5
5
  SHA512:
6
- metadata.gz: c58d1bcfd2070ea4df2a4442289773c20675f15735d8b6b965dad3316fad4ac407df061164838788d09e811bcdd1d9ddf43426c8519cc03a06f6534e1d811c37
7
- data.tar.gz: b746b4b93f28bfdfe0f497dbb990648228d29778d3e32ecfdcdc2c307472e5f7d6795826a47ac21354feb0deda31dd57b837af3c15701e8e99577ffb4f801472
6
+ metadata.gz: 2b128dcdbe2c790eb2304554b23a17abee78f6cb23d3abcda0acf65e2dd1cecc6d1d3aadc3c8bb16cddc3e1bca7c76fef15e52bd4b9b3251493d0b4f910d4bad
7
+ data.tar.gz: afcf5192a0252af39937b528f008d59e133631fb6eb31ebe42c1aee7dfac673e7a6aa305b914d000968bd1b8cc1f227d5feb5b85f201ead3be145ebdceee6134
@@ -1,8 +1,14 @@
1
+ ## 1.6.9 (2014-11-11)
2
+
3
+ Features:
4
+
5
+ - alternate certificates that work with all OpenSSLs (@luislavena, @indirect)
6
+
1
7
  ## 1.6.8 (2014-11-10)
2
8
 
3
9
  Features:
4
10
 
5
- - vendor new certificates to validate HTTPS with rubygems.org
11
+ - vendor new certificates to validate HTTPS with rubygems.org (@indirect)
6
12
 
7
13
  ## 1.6.7 (2014-10-19)
8
14
 
data/Rakefile CHANGED
@@ -129,7 +129,7 @@ begin
129
129
  end
130
130
 
131
131
  task "clone_rubygems_#{rg}" do
132
- unless File.directory?("tmp/rubygems")
132
+ unless File.directory?(RUBYGEMS_REPO)
133
133
  system("git clone https://github.com/rubygems/rubygems.git tmp/rubygems")
134
134
  end
135
135
  hash = nil
@@ -0,0 +1,25 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
3
+ MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
4
+ IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
5
+ MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
6
+ FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
7
+ bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
8
+ dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
9
+ H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
10
+ uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
11
+ mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
12
+ a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
13
+ E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
14
+ WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
15
+ VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
16
+ Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
17
+ cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
18
+ IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
19
+ AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
20
+ YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
21
+ 6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
22
+ Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
23
+ c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
24
+ mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
25
+ -----END CERTIFICATE-----
@@ -1,4 +1,6 @@
1
1
  require 'fileutils'
2
+ require 'net/https'
3
+ require 'openssl'
2
4
 
3
5
  module Bundler
4
6
  module SSLCerts
@@ -9,9 +11,11 @@ module Bundler
9
11
  new(rubygems_path).update!
10
12
  end
11
13
 
12
- def initialize(rubygems_path)
13
- rubygems_certs = File.join(rubygems_path, 'lib/rubygems/ssl_certs')
14
- @rubygems_certs = certificates_in(rubygems_certs)
14
+ def initialize(rubygems_path = nil)
15
+ if rubygems_path
16
+ rubygems_cert_path = File.join(rubygems_path, 'lib/rubygems/ssl_certs')
17
+ @rubygems_certs = certificates_in(rubygems_cert_path)
18
+ end
15
19
 
16
20
  @bundler_cert_path = File.expand_path("..", __FILE__)
17
21
  @bundler_certs = certificates_in(bundler_cert_path)
@@ -32,12 +36,30 @@ module Bundler
32
36
  FileUtils.cp rubygems_certs, bundler_cert_path
33
37
  end
34
38
 
39
+ def connect_to(host)
40
+ http = Net::HTTP.new(host, 443)
41
+ http.use_ssl = true
42
+ http.verify_mode = OpenSSL::SSL::VERIFY_PEER
43
+ http.cert_store = store
44
+ http.head('/')
45
+ end
46
+
35
47
  private
36
48
 
37
49
  def certificates_in(path)
38
50
  Dir[File.join(path, "*.pem")].sort
39
51
  end
40
52
 
53
+ def store
54
+ @store ||= begin
55
+ store = OpenSSL::X509::Store.new
56
+ bundler_certs.each do |cert|
57
+ store.add_file cert
58
+ end
59
+ store
60
+ end
61
+ end
62
+
41
63
  end
42
64
  end
43
65
  end
@@ -2,5 +2,5 @@ module Bundler
2
2
  # We're doing this because we might write tests that deal
3
3
  # with other versions of bundler and we are unsure how to
4
4
  # handle this better.
5
- VERSION = "1.6.8" unless defined?(::Bundler::VERSION)
5
+ VERSION = "1.6.9" unless defined?(::Bundler::VERSION)
6
6
  end
@@ -1,10 +1,23 @@
1
1
  require 'spec_helper'
2
2
  require 'bundler/ssl_certs/certificate_manager'
3
3
 
4
- describe "SSL Certificates", :if => (ENV['RGV'] == "master") do
4
+ describe "SSL Certificates", :rubygems_master do
5
5
  it "are up to date with Rubygems" do
6
6
  rubygems = File.expand_path("../../../tmp/rubygems", __FILE__)
7
7
  manager = Bundler::SSLCerts::CertificateManager.new(rubygems)
8
8
  expect(manager).to be_up_to_date
9
9
  end
10
+
11
+ hosts = %w(
12
+ d2chzxaqi4y7f8.cloudfront.net
13
+ rubygems.org
14
+ s3.amazonaws.com
15
+ staging.rubygems.org
16
+ )
17
+
18
+ hosts.each do |host|
19
+ it "can securely connect to #{host}", :realworld do
20
+ Bundler::SSLCerts::CertificateManager.new.connect_to(host)
21
+ end
22
+ end
10
23
  end
@@ -76,6 +76,12 @@ RSpec.configure do |config|
76
76
  config.filter_run_excluding :rubygems => "2.2"
77
77
  end
78
78
 
79
+ if ENV['RGV'] == "master"
80
+ config.filter_run :rubygems_master => true
81
+ else
82
+ config.filter_run_excluding :rubygems_master => true
83
+ end
84
+
79
85
  config.filter_run :focused => true unless ENV['CI']
80
86
  config.run_all_when_everything_filtered = true
81
87
  config.alias_example_to :fit, :focused => true
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bundler
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.8
4
+ version: 1.6.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - André Arko
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2014-11-11 00:00:00.000000000 Z
14
+ date: 2014-11-12 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: mustache
@@ -182,9 +182,8 @@ files:
182
182
  - lib/bundler/source/rubygems.rb
183
183
  - lib/bundler/spec_set.rb
184
184
  - lib/bundler/ssl_certs/.document
185
+ - lib/bundler/ssl_certs/AddTrustExternalCARoot-2048.pem
185
186
  - lib/bundler/ssl_certs/AddTrustExternalCARoot.pem
186
- - lib/bundler/ssl_certs/COMODORSACertificationAuthority.pem
187
- - lib/bundler/ssl_certs/COMODORSADomainValidationSecureServer.pem
188
187
  - lib/bundler/ssl_certs/Class3PublicPrimaryCertificationAuthority.pem
189
188
  - lib/bundler/ssl_certs/DigiCertHighAssuranceEVRootCA.pem
190
189
  - lib/bundler/ssl_certs/EntrustnetSecureServerCertificationAuthority.pem
@@ -1,35 +0,0 @@
1
- -----BEGIN CERTIFICATE-----
2
- MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
3
- hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
4
- A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
5
- BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
6
- MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
7
- EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
8
- Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
9
- bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
10
- ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
11
- bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
12
- Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
13
- ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
14
- UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
15
- c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
16
- MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
17
- 30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
18
- HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
19
- BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
20
- bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
21
- AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
22
- T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
23
- ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
24
- mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
25
- e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
26
- P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
27
- dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
28
- 2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
29
- V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
30
- HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
31
- j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
32
- 0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
33
- lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
34
- +AZxAeKCINT+b72x
35
- -----END CERTIFICATE-----
@@ -1,31 +0,0 @@
1
- -----BEGIN CERTIFICATE-----
2
- MIIFUzCCBDugAwIBAgIRAPLaUGqN5nvAm5oy7tfh3dEwDQYJKoZIhvcNAQELBQAw
3
- gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
4
- BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
5
- VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
6
- Q0EwHhcNMTQxMDE2MDAwMDAwWhcNMTUxMDE2MjM1OTU5WjBcMSEwHwYDVQQLExhE
7
- b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxHjAcBgNVBAsTFUVzc2VudGlhbFNTTCBX
8
- aWxkY2FyZDEXMBUGA1UEAxQOKi5ydWJ5Z2Vtcy5vcmcwggEiMA0GCSqGSIb3DQEB
9
- AQUAA4IBDwAwggEKAoIBAQCmL7NyiM3y61Up2cjNJq5ETt7+qKtoiBKVJpYQ8cB/
10
- jk4tQuZwKF59dq1gAyU6SFf/iUFRYnvfEa/V+FpuyBL7b/jEzI809hVtkSQM+6vR
11
- 9Vz9rey4wcBpgEX7vSRimtH7RUCitNF3OZkHc59Ny07q9FgW+rRlvWnL970QlgiT
12
- 0o0m3SoJRzqu8zn2ZLtbDARzF3a767Ms6fPm/88cqakNQ9d26aW0yB6Ndgxn7crM
13
- e6LhlrSZo6Ta1WJs+l5umKDhMdJBGMumxkFlnlqZdZxNGBErOlPSFfQGHYfrWzsR
14
- EFf+jPe0+OEHB80JU3yQiNs+nBUxzdHDkKAkcO9p4bKzAgMBAAGjggHZMIIB1TAf
15
- BgNVHSMEGDAWgBSQr2o6lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQUJiRNFFXU
16
- 9am4rs9kxMj9FY98/N4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
17
- VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYLKwYBBAGy
18
- MQECAgcwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9D
19
- UFMwCAYGZ4EMAQIBMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuY29tb2Rv
20
- Y2EuY29tL0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
21
- cmwwgYUGCCsGAQUFBwEBBHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5jb21v
22
- ZG9jYS5jb20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNB
23
- LmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMCcGA1Ud
24
- EQQgMB6CDioucnVieWdlbXMub3JnggxydWJ5Z2Vtcy5vcmcwDQYJKoZIhvcNAQEL
25
- BQADggEBAFFnezsXS+fBqJDiFdwbPkT9Hdn+cc2OqrJTP5GaPH3hnGc1tn5v5QVB
26
- +s0Uuoil/RiLRs4PzRlZiVZN86iY6GLxd8fkoeNMfdaH0i7i0lXJDz/qIdboPfxc
27
- 2T0oTBJufxvLCeNOFgl5aKus5HD/mnKoD1hGEOBJjulUwn09n8PMFnXmAnDVZ3Tv
28
- 6PltYiH4OadktplNR8oBB55Kn0ffYgIfofL9Mr2iCJlTvxMEpIRAe6NIs2r8InEJ
29
- CnoNbAXUBuqOjgiiYNLvDrv3usj15Yv8xRMn9pyxA14i6HSyf5LwrLWPWhhV3YJ7
30
- R+n4EAYack3mCZb2TZ8FwoS05OKhbw8=
31
- -----END CERTIFICATE-----