RubyGems - rubygems-update - Versions diffs - 1.8.30 → 2.0.0.preview2 - Mend

rubygems-update 1.8.30 → 2.0.0.preview2

Potentially problematic release.

This version of rubygems-update might be problematic. Click here for more details.

Files changed (241) hide show

checksums.yaml +6 -6
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +3 -0
data/.autotest +6 -3
data/History.txt +137 -63
data/LICENSE.txt +1 -5
data/Manifest.txt +69 -32
data/README.rdoc +11 -9
data/Rakefile +24 -38
data/bin/gem +0 -9
data/bin/update_rubygems +1 -0
data/lib/rubygems.rb +193 -405
data/lib/rubygems/available_set.rb +95 -0
data/lib/rubygems/command.rb +88 -45
data/lib/rubygems/command_manager.rb +67 -40
data/lib/rubygems/commands/build_command.rb +5 -23
data/lib/rubygems/commands/cert_command.rb +199 -57
data/lib/rubygems/commands/check_command.rb +14 -39
data/lib/rubygems/commands/cleanup_command.rb +9 -1
data/lib/rubygems/commands/contents_command.rb +30 -12
data/lib/rubygems/commands/dependency_command.rb +3 -8
data/lib/rubygems/commands/environment_command.rb +13 -8
data/lib/rubygems/commands/fetch_command.rb +3 -16
data/lib/rubygems/commands/generate_index_command.rb +7 -47
data/lib/rubygems/commands/help_command.rb +1 -1
data/lib/rubygems/commands/install_command.rb +69 -36
data/lib/rubygems/commands/list_command.rb +6 -4
data/lib/rubygems/commands/lock_command.rb +1 -1
data/lib/rubygems/commands/mirror_command.rb +17 -0
data/lib/rubygems/commands/outdated_command.rb +6 -3
data/lib/rubygems/commands/owner_command.rb +13 -5
data/lib/rubygems/commands/pristine_command.rb +19 -4
data/lib/rubygems/commands/push_command.rb +12 -1
data/lib/rubygems/commands/query_command.rb +43 -27
data/lib/rubygems/commands/rdoc_command.rb +23 -28
data/lib/rubygems/commands/search_command.rb +4 -18
data/lib/rubygems/commands/server_command.rb +1 -1
data/lib/rubygems/commands/setup_command.rb +124 -38
data/lib/rubygems/commands/sources_command.rb +16 -16
data/lib/rubygems/commands/specification_command.rb +11 -13
data/lib/rubygems/commands/uninstall_command.rb +24 -7
data/lib/rubygems/commands/unpack_command.rb +7 -3
data/lib/rubygems/commands/update_command.rb +22 -36
data/lib/rubygems/commands/yank_command.rb +98 -0
data/lib/rubygems/compatibility.rb +51 -0
data/lib/rubygems/config_file.rb +82 -54
data/lib/rubygems/core_ext/kernel_gem.rb +53 -0
data/lib/rubygems/core_ext/kernel_require.rb +119 -0
data/lib/rubygems/defaults.rb +10 -21
data/lib/rubygems/dependency.rb +61 -10
data/lib/rubygems/dependency_installer.rb +157 -69
data/lib/rubygems/dependency_list.rb +11 -19
data/lib/rubygems/dependency_resolver.rb +562 -0
data/lib/rubygems/deprecate.rb +40 -40
data/lib/rubygems/errors.rb +77 -24
data/lib/rubygems/exceptions.rb +25 -7
data/lib/rubygems/ext/builder.rb +20 -23
data/lib/rubygems/ext/configure_builder.rb +2 -2
data/lib/rubygems/ext/ext_conf_builder.rb +5 -45
data/lib/rubygems/ext/rake_builder.rb +2 -2
data/lib/rubygems/gem_runner.rb +3 -16
data/lib/rubygems/gemcutter_utilities.rb +22 -7
data/lib/rubygems/indexer.rb +6 -159
data/lib/rubygems/install_message.rb +12 -0
data/lib/rubygems/install_update_options.rb +56 -18
data/lib/rubygems/installer.rb +244 -134
data/lib/rubygems/installer_test_case.rb +71 -19
data/lib/rubygems/mock_gem_ui.rb +17 -0
data/lib/rubygems/name_tuple.rb +110 -0
data/lib/rubygems/package.rb +514 -43
data/lib/rubygems/package/digest_io.rb +64 -0
data/lib/rubygems/package/old.rb +147 -0
data/lib/rubygems/package/tar_header.rb +18 -55
data/lib/rubygems/package/tar_reader.rb +20 -3
data/lib/rubygems/package/tar_writer.rb +63 -7
data/lib/rubygems/package_task.rb +3 -4
data/lib/rubygems/path_support.rb +14 -7
data/lib/rubygems/platform.rb +19 -26
data/lib/rubygems/rdoc.rb +316 -0
data/lib/rubygems/remote_fetcher.rb +117 -54
data/lib/rubygems/request_set.rb +182 -0
data/lib/rubygems/requirement.rb +63 -26
data/lib/rubygems/security.rb +295 -555
data/lib/rubygems/security/policies.rb +115 -0
data/lib/rubygems/security/policy.rb +227 -0
data/lib/rubygems/security/signer.rb +136 -0
data/lib/rubygems/security/trust_dir.rb +104 -0
data/lib/rubygems/server.rb +45 -55
data/lib/rubygems/source.rb +144 -0
data/lib/rubygems/source_list.rb +87 -0
data/lib/rubygems/source_local.rb +92 -0
data/lib/rubygems/source_specific_file.rb +28 -0
data/lib/rubygems/spec_fetcher.rb +116 -184
data/lib/rubygems/specification.rb +731 -335
data/lib/rubygems/ssl_certs/AddTrustExternalCARoot.pem +88 -30
data/lib/rubygems/ssl_certs/Entrust_net-Secure-Server-Certification-Authority.pem +90 -0
data/lib/rubygems/ssl_certs/VerisignClass3PublicPrimaryCertificationAuthority-G2.pem +57 -0
data/lib/rubygems/syck_hack.rb +2 -0
data/lib/rubygems/test_case.rb +199 -109
data/lib/rubygems/test_utilities.rb +25 -5
data/lib/rubygems/uninstaller.rb +62 -20
data/lib/rubygems/user_interaction.rb +10 -0
data/lib/rubygems/validator.rb +33 -40
data/lib/rubygems/version.rb +19 -8
data/setup.rb +8 -1
data/test/rubygems/alternate_cert.pem +9 -0
data/test/rubygems/alternate_cert_32.pem +9 -0
data/test/rubygems/alternate_key.pem +9 -0
data/test/rubygems/bad_rake.rb +1 -0
data/test/rubygems/child_cert.pem +9 -0
data/test/rubygems/child_cert_32.pem +9 -0
data/test/rubygems/child_key.pem +9 -0
data/test/rubygems/data/null-type.gemspec.rz +0 -0
data/test/rubygems/expired_cert.pem +9 -0
data/test/rubygems/future_cert.pem +9 -0
data/test/rubygems/future_cert_32.pem +9 -0
data/test/rubygems/good_rake.rb +1 -0
data/test/rubygems/grandchild_cert.pem +9 -0
data/test/rubygems/grandchild_cert_32.pem +9 -0
data/test/rubygems/grandchild_key.pem +9 -0
data/test/rubygems/invalid_issuer_cert.pem +9 -0
data/test/rubygems/invalid_issuer_cert_32.pem +9 -0
data/test/rubygems/invalid_key.pem +9 -0
data/test/rubygems/invalid_signer_cert.pem +9 -0
data/test/rubygems/invalid_signer_cert_32.pem +9 -0
data/test/rubygems/invalidchild_cert.pem +9 -0
data/test/rubygems/invalidchild_cert_32.pem +9 -0
data/test/rubygems/invalidchild_key.pem +9 -0
data/test/rubygems/plugin/exception/rubygems_plugin.rb +1 -1
data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +1 -1
data/test/rubygems/private_key.pem +7 -25
data/test/rubygems/public_cert.pem +8 -18
data/test/rubygems/public_cert_32.pem +10 -0
data/test/rubygems/public_key.pem +4 -0
data/test/rubygems/rubygems/commands/crash_command.rb +1 -1
data/test/rubygems/test_config.rb +4 -6
data/test/rubygems/test_deprecate.rb +76 -0
data/test/rubygems/test_gem.rb +318 -83
data/test/rubygems/test_gem_available_set.rb +106 -0
data/test/rubygems/test_gem_command.rb +10 -0
data/test/rubygems/test_gem_command_manager.rb +55 -9
data/test/rubygems/test_gem_commands_build_command.rb +11 -19
data/test/rubygems/test_gem_commands_cert_command.rb +441 -42
data/test/rubygems/test_gem_commands_cleanup_command.rb +29 -1
data/test/rubygems/test_gem_commands_contents_command.rb +23 -0
data/test/rubygems/test_gem_commands_dependency_command.rb +5 -0
data/test/rubygems/test_gem_commands_fetch_command.rb +19 -20
data/test/rubygems/test_gem_commands_generate_index_command.rb +2 -83
data/test/rubygems/test_gem_commands_help_command.rb +2 -1
data/test/rubygems/test_gem_commands_install_command.rb +647 -48
data/test/rubygems/test_gem_commands_mirror.rb +32 -0
data/test/rubygems/test_gem_commands_owner_command.rb +4 -8
data/test/rubygems/test_gem_commands_pristine_command.rb +99 -4
data/test/rubygems/test_gem_commands_push_command.rb +62 -8
data/test/rubygems/test_gem_commands_query_command.rb +51 -0
data/test/rubygems/test_gem_commands_search_command.rb +25 -0
data/test/rubygems/test_gem_commands_setup_command.rb +45 -0
data/test/rubygems/test_gem_commands_sources_command.rb +21 -6
data/test/rubygems/test_gem_commands_specification_command.rb +33 -1
data/test/rubygems/test_gem_commands_uninstall_command.rb +91 -31
data/test/rubygems/test_gem_commands_unpack_command.rb +3 -3
data/test/rubygems/test_gem_commands_update_command.rb +56 -38
data/test/rubygems/test_gem_commands_which_command.rb +4 -4
data/test/rubygems/test_gem_commands_yank_command.rb +97 -0
data/test/rubygems/test_gem_config_file.rb +66 -21
data/test/rubygems/test_gem_dependency.rb +46 -0
data/test/rubygems/test_gem_dependency_installer.rb +228 -18
data/test/rubygems/test_gem_dependency_list.rb +0 -9
data/test/rubygems/test_gem_dependency_resolver.rb +327 -0
data/test/rubygems/test_gem_ext_configure_builder.rb +4 -4
data/test/rubygems/test_gem_ext_ext_conf_builder.rb +21 -49
data/test/rubygems/test_gem_ext_rake_builder.rb +13 -13
data/test/rubygems/test_gem_gem_runner.rb +27 -5
data/test/rubygems/test_gem_gemcutter_utilities.rb +19 -0
data/test/rubygems/test_gem_indexer.rb +14 -227
data/test/rubygems/test_gem_install_update_options.rb +83 -3
data/test/rubygems/test_gem_installer.rb +211 -236
data/test/rubygems/test_gem_local_remote_options.rb +8 -2
data/test/rubygems/test_gem_name_tuple.rb +15 -0
data/test/rubygems/test_gem_package.rb +547 -0
data/test/rubygems/test_gem_package_old.rb +37 -0
data/test/rubygems/test_gem_package_tar_reader.rb +32 -0
data/test/rubygems/test_gem_package_tar_writer.rb +84 -1
data/test/rubygems/test_gem_path_support.rb +4 -30
data/test/rubygems/test_gem_platform.rb +3 -6
data/test/rubygems/test_gem_rdoc.rb +245 -0
data/test/rubygems/test_gem_remote_fetcher.rb +51 -5
data/test/rubygems/test_gem_request_set.rb +70 -0
data/test/rubygems/test_gem_requirement.rb +53 -24
data/test/rubygems/test_gem_security.rb +189 -43
data/test/rubygems/test_gem_security_policy.rb +376 -0
data/test/rubygems/test_gem_security_signer.rb +184 -0
data/test/rubygems/test_gem_security_trust_dir.rb +94 -0
data/test/rubygems/test_gem_server.rb +31 -36
data/test/rubygems/test_gem_silent_ui.rb +2 -2
data/test/rubygems/test_gem_source.rb +188 -0
data/test/rubygems/test_gem_source_list.rb +87 -0
data/test/rubygems/test_gem_source_local.rb +83 -0
data/test/rubygems/test_gem_source_specific_file.rb +33 -0
data/test/rubygems/test_gem_spec_fetcher.rb +91 -255
data/test/rubygems/test_gem_specification.rb +293 -39
data/test/rubygems/test_gem_uninstaller.rb +136 -13
data/test/rubygems/test_gem_validator.rb +14 -41
data/test/rubygems/test_gem_version.rb +15 -21
data/test/rubygems/test_require.rb +193 -0
data/test/rubygems/wrong_key_cert.pem +9 -0
data/test/rubygems/wrong_key_cert_32.pem +9 -0
metadata +171 -83
metadata.gz.sig +1 -0
data/CVE-2013-4287.txt +0 -36
data/CVE-2013-4363.txt +0 -45
data/ci_build.sh +0 -27
data/cruise_config.rb +0 -32
data/lib/rbconfig/datadir.rb +0 -13
data/lib/rubygems/builder.rb +0 -99
data/lib/rubygems/custom_require.rb +0 -69
data/lib/rubygems/doc_manager.rb +0 -243
data/lib/rubygems/format.rb +0 -82
data/lib/rubygems/gem_openssl.rb +0 -90
data/lib/rubygems/gem_path_searcher.rb +0 -172
data/lib/rubygems/old_format.rb +0 -153
data/lib/rubygems/package/f_sync_dir.rb +0 -23
data/lib/rubygems/package/tar_input.rb +0 -234
data/lib/rubygems/package/tar_output.rb +0 -146
data/lib/rubygems/require_paths_builder.rb +0 -18
data/lib/rubygems/source_index.rb +0 -406
data/lib/rubygems/ssl_certs/AddTrustExternalCARoot-2048.pem +0 -25
data/lib/rubygems/ssl_certs/Class3PublicPrimaryCertificationAuthority.pem +0 -14
data/lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem +0 -23
data/lib/rubygems/ssl_certs/EntrustnetSecureServerCertificationAuthority.pem +0 -28
data/lib/rubygems/ssl_certs/GeoTrustGlobalCA.pem +0 -20
data/test/rubygems/test_bundled_ca.rb +0 -59
data/test/rubygems/test_gem_builder.rb +0 -44
data/test/rubygems/test_gem_doc_manager.rb +0 -32
data/test/rubygems/test_gem_ext_builder.rb +0 -58
data/test/rubygems/test_gem_format.rb +0 -88
data/test/rubygems/test_gem_gem_path_searcher.rb +0 -94
data/test/rubygems/test_gem_package_tar_input.rb +0 -129
data/test/rubygems/test_gem_package_tar_output.rb +0 -101
data/test/rubygems/test_gem_source_index.rb +0 -250
data/util/update_bundled_ca_certificates.rb +0 -103

data/lib/rubygems/commands/build_command.rb CHANGED

@@ -1,5 +1,5 @@
 require 'rubygems/command'
-require 'rubygems/builder'
+require 'rubygems/package'
 class Gem::Commands::BuildCommand < Gem::Command
@@ -22,11 +22,11 @@ class Gem::Commands::BuildCommand < Gem::Command
   def execute
     gemspec = get_one_gem_name
-    if File.exist? gemspec
-      spec = load_gemspec gemspec
+    if File.exist? gemspec then
+      spec = Gem::Specification.load gemspec
       if spec then
-        Gem::Builder.new(spec).build options[:force]
+        Gem::Package.build spec, options[:force]
       else
         alert_error "Error loading gemspec. Aborting."
         terminate_interaction 1
@@ -37,23 +37,5 @@ class Gem::Commands::BuildCommand < Gem::Command
     end
   end
-  def load_gemspec filename
-    if yaml?(filename)
-      open(filename) do |f|
-        begin
-          Gem::Specification.from_yaml(f)
-        rescue Gem::EndOfYAMLException
-          nil
-        end
-      end
-    else
-      Gem::Specification.load(filename) # can return nil
-    end
-  end
-  def yaml?(filename)
-    line = open(filename) { |f| line = f.gets }
-    result = line =~ %r{!ruby/object:Gem::Specification}
-    result
-  end
 end

data/lib/rubygems/commands/cert_command.rb CHANGED

@@ -4,82 +4,224 @@ require 'rubygems/security'
 class Gem::Commands::CertCommand < Gem::Command
   def initialize
-    super 'cert', 'Manage RubyGems certificates and signing settings'
-    add_option('-a', '--add CERT',
-               'Add a trusted certificate.') do |value, options|
-      cert = OpenSSL::X509::Certificate.new(File.read(value))
-      Gem::Security.add_trusted_cert(cert)
-      say "Added '#{cert.subject.to_s}'"
-    end
-    add_option('-l', '--list',
-               'List trusted certificates.') do |value, options|
-      glob_str = File::join(Gem::Security::OPT[:trust_dir], '*.pem')
-      Dir::glob(glob_str) do |path|
-        begin
-          cert = OpenSSL::X509::Certificate.new(File.read(path))
-          # this could probably be formatted more gracefully
-          say cert.subject.to_s
-        rescue OpenSSL::X509::CertificateError
-          next
-        end
+    super 'cert', 'Manage RubyGems certificates and signing settings',
+          :add => [], :remove => [], :list => [], :build => [], :sign => []
+    OptionParser.accept OpenSSL::X509::Certificate do |certificate|
+      begin
+        OpenSSL::X509::Certificate.new File.read certificate
+      rescue Errno::ENOENT
+        raise OptionParser::InvalidArgument, "#{certificate}: does not exist"
+      rescue OpenSSL::X509::CertificateError
+        raise OptionParser::InvalidArgument,
+          "#{certificate}: invalid X509 certificate"
       end
     end
-    add_option('-r', '--remove STRING',
-               'Remove trusted certificates containing',
-               'STRING.') do |value, options|
-      trust_dir = Gem::Security::OPT[:trust_dir]
-      glob_str = File::join(trust_dir, '*.pem')
-      Dir::glob(glob_str) do |path|
-        begin
-          cert = OpenSSL::X509::Certificate.new(File.read(path))
-          if cert.subject.to_s.downcase.index(value)
-            say "Removed '#{cert.subject.to_s}'"
-            File.unlink(path)
-          end
-        rescue OpenSSL::X509::CertificateError
-          next
-        end
+    OptionParser.accept OpenSSL::PKey::RSA do |key_file|
+      begin
+        key = OpenSSL::PKey::RSA.new File.read key_file
+      rescue Errno::ENOENT
+        raise OptionParser::InvalidArgument, "#{key_file}: does not exist"
+      rescue OpenSSL::PKey::RSAError
+        raise OptionParser::InvalidArgument, "#{key_file}: invalid RSA key"
       end
+      raise OptionParser::InvalidArgument,
+            "#{key_file}: private key not found" unless key.private?
+      key
+    end
+    add_option('-a', '--add CERT', OpenSSL::X509::Certificate,
+               'Add a trusted certificate.') do |cert, options|
+      options[:add] << cert
+    end
+    add_option('-l', '--list [FILTER]',
+               'List trusted certificates where the',
+               'subject contains FILTER') do |filter, options|
+      filter ||= ''
+      options[:list] << filter
+    end
+    add_option('-r', '--remove FILTER',
+               'Remove trusted certificates where the',
+               'subject contains FILTER') do |filter, options|
+      options[:remove] << filter
     end
     add_option('-b', '--build EMAIL_ADDR',
                'Build private key and self-signed',
-               'certificate for EMAIL_ADDR.') do |value, options|
-      vals = Gem::Security.build_self_signed_cert(value)
-      FileUtils.chmod 0600, vals[:key_path]
-      say "Public Cert: #{vals[:cert_path]}"
-      say "Private Key: #{vals[:key_path]}"
-      say "Don't forget to move the key file to somewhere private..."
+               'certificate for EMAIL_ADDR') do |email_address, options|
+      options[:build] << email_address
     end
-    add_option('-C', '--certificate CERT',
-               'Certificate for --sign command.') do |value, options|
-      cert = OpenSSL::X509::Certificate.new(File.read(value))
+    add_option('-C', '--certificate CERT', OpenSSL::X509::Certificate,
+               'Signing certificate for --sign') do |cert, options|
       options[:issuer_cert] = cert
     end
-    add_option('-K', '--private-key KEY',
-               'Private key for --sign command.') do |value, options|
-      key = OpenSSL::PKey::RSA.new(File.read(value))
-      options[:issuer_key] = key
+    add_option('-K', '--private-key KEY', OpenSSL::PKey::RSA,
+               'Key for --sign or --build') do |key, options|
+      options[:key] = key
     end
-    add_option('-s', '--sign NEWCERT',
-               'Sign a certificate with my key and',
-               'certificate.') do |value, options|
-      cert = OpenSSL::X509::Certificate.new(File.read(value))
-      my_cert = options[:issuer_cert]
-      my_key = options[:issuer_key]
-      cert = Gem::Security.sign_cert(cert, my_key, my_cert)
-      File.open(value, 'wb') { |file| file.write(cert.to_pem) }
+    add_option('-s', '--sign CERT',
+               'Signs CERT with the key from -K',
+               'and the certificate from -C') do |cert_file, options|
+      raise OptionParser::InvalidArgument, "#{cert_file}: does not exist" unless
+        File.file? cert_file
+      options[:sign] << cert_file
     end
   end
   def execute
+    options[:add].each do |certificate|
+      Gem::Security.trust_dir.trust_cert certificate
+      say "Added '#{certificate.subject}'"
+    end
+    options[:remove].each do |filter|
+      certificates_matching filter do |certificate, path|
+        FileUtils.rm path
+        say "Removed '#{certificate.subject}'"
+      end
+    end
+    options[:list].each do |filter|
+      certificates_matching filter do |certificate, _|
+        # this could probably be formatted more gracefully
+        say certificate.subject.to_s
+      end
+    end
+    options[:build].each do |name|
+      build name
+    end
+    unless options[:sign].empty? then
+      load_default_cert unless options[:issuer_cert]
+      load_default_key  unless options[:key]
+    end
+    options[:sign].each do |cert_file|
+      sign cert_file
+    end
+  end
+  def build name
+    key = options[:key] || Gem::Security.create_key
+    cert = Gem::Security.create_cert_email name, key
+    key_path  = Gem::Security.write key, "gem-private_key.pem"
+    cert_path = Gem::Security.write cert, "gem-public_cert.pem"
+    say "Certificate: #{cert_path}"
+    say "Private Key: #{key_path}"
+    say "Don't forget to move the key file to somewhere private!"
+  end
+  def certificates_matching filter
+    return enum_for __method__, filter unless block_given?
+    Gem::Security.trusted_certificates.select do |certificate, _|
+      subject = certificate.subject.to_s
+      subject.downcase.index filter
+    end.sort_by do |certificate, _|
+      certificate.subject.to_a.map { |name, data,| [name, data] }
+    end.each do |certificate, path|
+      yield certificate, path
+    end
+  end
+  def description # :nodoc:
+    <<-EOF
+The cert command manages signing keys and certificates for creating signed
+gems.  Your signing certificate and private key are typically stored in
+~/.gem/gem-public_cert.pem and ~/.gem/gem-private_key.pem respectively.
+To build a certificate for signing gems:
+  gem cert --build you@example
+If you already have an RSA key, or are creating a new certificate for an
+existing key:
+  gem cert --build you@example --private-key /path/to/key.pem
+If you wish to trust a certificate you can add it to the trust list with:
+  gem cert --add /path/to/cert.pem
+You can list trusted certificates with:
+  gem cert --list
+or:
+  gem cert --list cert_subject_substring
+If you wish to remove a previously trusted certificate:
+  gem cert --remove cert_subject_substring
+To sign another gem author's certificate:
+  gem cert --sign /path/to/other_cert.pem
+For further reading on signing gems see `ri Gem::Security`.
+    EOF
+  end
+  def load_default_cert
+    cert_file = File.join Gem.user_home, 'gem-public_cert.pem'
+    cert = File.read cert_file
+    options[:issuer_cert] = OpenSSL::X509::Certificate.new cert
+  rescue Errno::ENOENT
+    alert_error \
+      "--certificate not specified and ~/.gem/gem-public_cert.pem does not exist"
+    terminate_interaction 1
+  rescue OpenSSL::X509::CertificateError
+    alert_error \
+      "--certificate not specified and ~/.gem/gem-public_cert.pem is not valid"
+    terminate_interaction 1
+  end
+  def load_default_key
+    key_file = File.join Gem.user_home, 'gem-private_key.pem'
+    key = File.read key_file
+    options[:key] = OpenSSL::PKey::RSA.new key
+  rescue Errno::ENOENT
+    alert_error \
+      "--private-key not specified and ~/.gem/gem-private_key.pem does not exist"
+    terminate_interaction 1
+  rescue OpenSSL::PKey::RSAError
+    alert_error \
+      "--private-key not specified and ~/.gem/gem-private_key.pem is not valid"
+    terminate_interaction 1
+  end
+  def sign cert_file
+    cert = File.read cert_file
+    cert = OpenSSL::X509::Certificate.new cert
+    permissions = File.stat(cert_file).mode & 0777
+    issuer_cert = options[:issuer_cert]
+    issuer_key = options[:key]
+    cert = Gem::Security.sign cert, issuer_key, issuer_cert
+    Gem::Security.write cert, cert_file, permissions
   end
 end

data/lib/rubygems/commands/check_command.rb CHANGED

@@ -8,13 +8,7 @@ class Gem::Commands::CheckCommand < Gem::Command
   def initialize
     super 'check', 'Check installed gems',
-          :verify => false, :alien => false
-    add_option(      '--verify FILE',
-               'Verify gem file against its internal',
-               'checksum') do |value, options|
-      options[:verify] = value
-    end
+          :alien => true
     add_option('-a', '--alien', "Report 'unmanaged' or rogue files in the",
                "gem repository") do |value, options|
@@ -25,40 +19,21 @@ class Gem::Commands::CheckCommand < Gem::Command
   end
   def execute
-    if options[:alien]
-      say "Performing the 'alien' operation"
-      say
-      gems = get_all_gem_names rescue []
-      Gem::Validator.new.alien(gems).sort.each do |key, val|
-        unless val.empty? then
-          say "#{key} has #{val.size} problems"
-          val.each do |error_entry|
-            say "  #{error_entry.path}:"
-            say "    #{error_entry.problem}"
-          end
-        else
-          say "#{key} is error-free" if Gem.configuration.verbose
+    say "Checking gems..."
+    say
+    gems = get_all_gem_names rescue []
+    Gem::Validator.new.alien(gems).sort.each do |key, val|
+      unless val.empty? then
+        say "#{key} has #{val.size} problems"
+        val.each do |error_entry|
+          say "  #{error_entry.path}:"
+          say "    #{error_entry.problem}"
         end
-        say
-      end
-    end
-    if options[:verify]
-      gem_name = options[:verify]
-      unless gem_name
-        alert_error "Must specify a .gem file with --verify NAME"
-        return
-      end
-      unless File.exist?(gem_name)
-        alert_error "Unknown file: #{gem_name}."
-        return
-      end
-      say "Verifying gem: '#{gem_name}'"
-      begin
-        Gem::Validator.new.verify_gem_file(gem_name)
-      rescue Exception
-        alert_error "#{gem_name} is invalid."
+      else
+        say "#{key} is error-free" if Gem.configuration.verbose
       end
+      say
     end
   end

data/lib/rubygems/commands/cleanup_command.rb CHANGED

@@ -26,6 +26,9 @@ class Gem::Commands::CleanupCommand < Gem::Command
     <<-EOF
 The cleanup command removes old gems from GEM_HOME.  If an older version is
 installed elsewhere in GEM_PATH the cleanup command won't touch it.
+Older gems that are required to satisify the dependencies of gems
+are not removed.
     EOF
   end
@@ -56,14 +59,19 @@ installed elsewhere in GEM_PATH the cleanup command won't touch it.
       primary_gems[spec.name].version != spec.version
     }
+    full = Gem::DependencyList.from_specs
     deplist = Gem::DependencyList.new
     gems_to_cleanup.uniq.each do |spec| deplist.add spec end
     deps = deplist.strongly_connected_components.flatten.reverse
+    original_home = Gem.dir
     original_path = Gem.path
     deps.each do |spec|
+      next unless full.ok_to_remove?(spec.full_name)
       if options[:dryrun] then
         say "Dry Run Mode: Would uninstall #{spec.full_name}"
       else
@@ -90,7 +98,7 @@ installed elsewhere in GEM_PATH the cleanup command won't touch it.
       end
       # Restore path Gem::Uninstaller may have change
-      Gem.use_paths(*original_path)
+      Gem.use_paths(original_home, *original_path)
     end
     say "Clean Up Complete"

data/lib/rubygems/commands/contents_command.rb CHANGED

@@ -1,3 +1,4 @@
+require 'English'
 require 'rubygems/command'
 require 'rubygems/version_option'
@@ -74,25 +75,42 @@ class Gem::Commands::ContentsCommand < Gem::Command
         if Gem.configuration.verbose then
           say "\nDirectories searched:"
-          spec_dirs.each { |dir| say dir }
+          spec_dirs.sort.each { |dir| say dir }
         end
         terminate_interaction 1 if gem_names.length == 1
       end
-      gem_path = spec.full_gem_path
-      extra    = "/{#{spec.require_paths.join ','}}" if options[:lib_only]
-      glob     = "#{gem_path}#{extra}/**/*"
-      files    = Dir[glob]
-      gem_path = File.join gem_path, '' # add trailing / if missing
-      files.sort.each do |file|
-        next if File.directory? file
+      if spec.default_gem?
+        files = spec.files.sort.map do |file|
+          case file
+          when /\A#{spec.bindir}\//
+            [Gem::ConfigMap[:bindir], $POSTMATCH]
+          when /\.so\z/
+            [Gem::ConfigMap[:archdir], file]
+          else
+            [Gem::ConfigMap[:rubylibdir], file]
+          end
+        end
+      else
+        gem_path  = spec.full_gem_path
+        extra     = "/{#{spec.require_paths.join ','}}" if options[:lib_only]
+        glob      = "#{gem_path}#{extra}/**/*"
+        prefix_re = /#{Regexp.escape(gem_path)}\//
+        files     = Dir[glob].map do |file|
+          [gem_path, file.sub(prefix_re, "")]
+        end
+      end
-        file = file.sub gem_path, '' unless options[:prefix]
+      files.sort.each do |prefix, basename|
+        absolute_path = File.join(prefix, basename)
+        next if File.directory? absolute_path
-        say file
+        if options[:prefix]
+          say absolute_path
+        else
+          say basename
+        end
       end
     end
   end