rubygems-update 2.7.11 → 3.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (359) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +67 -0
  3. data/.travis.yml +24 -18
  4. data/CODE_OF_CONDUCT.md +10 -8
  5. data/CONTRIBUTING.md +148 -0
  6. data/History.txt +458 -8
  7. data/MAINTAINERS.txt +1 -0
  8. data/Manifest.txt +16 -9
  9. data/POLICIES.md +92 -0
  10. data/README.md +53 -26
  11. data/Rakefile +77 -211
  12. data/{UPGRADING.rdoc → UPGRADING.md} +31 -32
  13. data/appveyor.yml +20 -45
  14. data/bin/gem +1 -2
  15. data/bin/update_rubygems +2 -3
  16. data/bundler/CHANGELOG.md +65 -0
  17. data/bundler/bundler.gemspec +7 -1
  18. data/bundler/lib/bundler/build_metadata.rb +1 -1
  19. data/bundler/lib/bundler/cli/add.rb +15 -5
  20. data/bundler/lib/bundler/cli/binstubs.rb +8 -2
  21. data/bundler/lib/bundler/cli/doctor.rb +47 -1
  22. data/bundler/lib/bundler/cli/install.rb +8 -5
  23. data/bundler/lib/bundler/cli/list.rb +41 -5
  24. data/bundler/lib/bundler/cli/outdated.rb +7 -1
  25. data/bundler/lib/bundler/cli/pristine.rb +4 -0
  26. data/bundler/lib/bundler/cli/remove.rb +18 -0
  27. data/bundler/lib/bundler/cli.rb +63 -21
  28. data/bundler/lib/bundler/definition.rb +15 -16
  29. data/bundler/lib/bundler/dependency.rb +2 -2
  30. data/bundler/lib/bundler/dsl.rb +19 -3
  31. data/bundler/lib/bundler/feature_flag.rb +7 -0
  32. data/bundler/lib/bundler/gem_version_promoter.rb +4 -2
  33. data/bundler/lib/bundler/injector.rb +168 -9
  34. data/bundler/lib/bundler/installer/parallel_installer.rb +5 -0
  35. data/bundler/lib/bundler/installer.rb +29 -6
  36. data/bundler/lib/bundler/plugin/events.rb +61 -0
  37. data/bundler/lib/bundler/plugin.rb +10 -3
  38. data/bundler/lib/bundler/resolver.rb +2 -2
  39. data/bundler/lib/bundler/rubygems_gem_installer.rb +7 -0
  40. data/bundler/lib/bundler/runtime.rb +8 -2
  41. data/bundler/lib/bundler/settings/validator.rb +23 -0
  42. data/bundler/lib/bundler/settings.rb +24 -3
  43. data/bundler/lib/bundler/shared_helpers.rb +19 -3
  44. data/bundler/lib/bundler/source/metadata.rb +2 -3
  45. data/bundler/lib/bundler/source.rb +9 -9
  46. data/bundler/lib/bundler/templates/newgem/lib/newgem.rb.tt +1 -0
  47. data/bundler/lib/bundler/version.rb +1 -1
  48. data/bundler/lib/bundler.rb +26 -8
  49. data/bundler/man/bundle-add.ronn +13 -2
  50. data/bundler/man/bundle-config.ronn +21 -0
  51. data/bundler/man/bundle-install.ronn +1 -1
  52. data/bundler/man/bundle-list.ronn +19 -1
  53. data/bundler/man/bundle-outdated.ronn +4 -0
  54. data/bundler/man/bundle-remove.ronn +23 -0
  55. data/bundler/man/bundle-update.ronn +1 -1
  56. data/bundler/man/bundle.ronn +3 -0
  57. data/lib/rubygems/available_set.rb +1 -1
  58. data/lib/rubygems/basic_specification.rb +12 -12
  59. data/lib/rubygems/bundler_version_finder.rb +3 -3
  60. data/lib/rubygems/command.rb +22 -15
  61. data/lib/rubygems/command_manager.rb +22 -5
  62. data/lib/rubygems/commands/build_command.rb +41 -7
  63. data/lib/rubygems/commands/cert_command.rb +45 -24
  64. data/lib/rubygems/commands/check_command.rb +1 -1
  65. data/lib/rubygems/commands/cleanup_command.rb +14 -7
  66. data/lib/rubygems/commands/contents_command.rb +14 -15
  67. data/lib/rubygems/commands/dependency_command.rb +17 -17
  68. data/lib/rubygems/commands/environment_command.rb +20 -1
  69. data/lib/rubygems/commands/fetch_command.rb +2 -3
  70. data/lib/rubygems/commands/generate_index_command.rb +2 -3
  71. data/lib/rubygems/commands/help_command.rb +12 -13
  72. data/lib/rubygems/commands/info_command.rb +33 -0
  73. data/lib/rubygems/commands/install_command.rb +21 -17
  74. data/lib/rubygems/commands/list_command.rb +0 -1
  75. data/lib/rubygems/commands/lock_command.rb +3 -4
  76. data/lib/rubygems/commands/open_command.rb +16 -10
  77. data/lib/rubygems/commands/owner_command.rb +21 -7
  78. data/lib/rubygems/commands/pristine_command.rb +23 -16
  79. data/lib/rubygems/commands/push_command.rb +19 -8
  80. data/lib/rubygems/commands/query_command.rb +24 -24
  81. data/lib/rubygems/commands/rdoc_command.rb +3 -4
  82. data/lib/rubygems/commands/search_command.rb +0 -1
  83. data/lib/rubygems/commands/server_command.rb +1 -2
  84. data/lib/rubygems/commands/setup_command.rb +86 -48
  85. data/lib/rubygems/commands/signin_command.rb +2 -1
  86. data/lib/rubygems/commands/signout_command.rb +2 -2
  87. data/lib/rubygems/commands/sources_command.rb +11 -12
  88. data/lib/rubygems/commands/specification_command.rb +7 -7
  89. data/lib/rubygems/commands/uninstall_command.rb +50 -18
  90. data/lib/rubygems/commands/unpack_command.rb +16 -7
  91. data/lib/rubygems/commands/update_command.rb +28 -23
  92. data/lib/rubygems/commands/which_command.rb +5 -8
  93. data/lib/rubygems/commands/yank_command.rb +1 -2
  94. data/lib/rubygems/compatibility.rb +1 -21
  95. data/lib/rubygems/config_file.rb +36 -36
  96. data/lib/rubygems/core_ext/kernel_require.rb +6 -6
  97. data/lib/rubygems/core_ext/kernel_warn.rb +45 -0
  98. data/lib/rubygems/defaults.rb +31 -19
  99. data/lib/rubygems/dependency.rb +15 -15
  100. data/lib/rubygems/dependency_installer.rb +30 -33
  101. data/lib/rubygems/dependency_list.rb +9 -10
  102. data/lib/rubygems/deprecate.rb +2 -3
  103. data/lib/rubygems/doctor.rb +5 -6
  104. data/lib/rubygems/errors.rb +3 -3
  105. data/lib/rubygems/exceptions.rb +11 -8
  106. data/lib/rubygems/ext/build_error.rb +0 -1
  107. data/lib/rubygems/ext/builder.rb +50 -23
  108. data/lib/rubygems/ext/cmake_builder.rb +2 -2
  109. data/lib/rubygems/ext/configure_builder.rb +2 -3
  110. data/lib/rubygems/ext/ext_conf_builder.rb +8 -7
  111. data/lib/rubygems/ext/rake_builder.rb +16 -18
  112. data/lib/rubygems/ext.rb +0 -1
  113. data/lib/rubygems/gem_runner.rb +2 -2
  114. data/lib/rubygems/gemcutter_utilities.rb +46 -12
  115. data/lib/rubygems/indexer.rb +19 -12
  116. data/lib/rubygems/install_default_message.rb +0 -1
  117. data/lib/rubygems/install_message.rb +0 -1
  118. data/lib/rubygems/install_update_options.rb +3 -29
  119. data/lib/rubygems/installer.rb +97 -55
  120. data/lib/rubygems/installer_test_case.rb +2 -16
  121. data/lib/rubygems/local_remote_options.rb +5 -4
  122. data/lib/rubygems/mock_gem_ui.rb +3 -4
  123. data/lib/rubygems/name_tuple.rb +4 -4
  124. data/lib/rubygems/package/digest_io.rb +3 -4
  125. data/lib/rubygems/package/file_source.rb +3 -4
  126. data/lib/rubygems/package/io_source.rb +1 -2
  127. data/lib/rubygems/package/old.rb +8 -16
  128. data/lib/rubygems/package/source.rb +0 -1
  129. data/lib/rubygems/package/tar_header.rb +13 -4
  130. data/lib/rubygems/package/tar_reader/entry.rb +20 -4
  131. data/lib/rubygems/package/tar_reader.rb +2 -4
  132. data/lib/rubygems/package/tar_test_case.rb +2 -8
  133. data/lib/rubygems/package/tar_writer.rb +13 -15
  134. data/lib/rubygems/package.rb +90 -63
  135. data/lib/rubygems/package_task.rb +0 -1
  136. data/lib/rubygems/path_support.rb +16 -6
  137. data/lib/rubygems/platform.rb +4 -5
  138. data/lib/rubygems/psych_tree.rb +1 -1
  139. data/lib/rubygems/rdoc.rb +2 -313
  140. data/lib/rubygems/remote_fetcher.rb +29 -82
  141. data/lib/rubygems/request/connection_pools.rb +24 -13
  142. data/lib/rubygems/request/http_pool.rb +3 -4
  143. data/lib/rubygems/request/https_pool.rb +1 -3
  144. data/lib/rubygems/request.rb +17 -16
  145. data/lib/rubygems/request_set/gem_dependency_api.rb +46 -49
  146. data/lib/rubygems/request_set/lockfile/parser.rb +18 -29
  147. data/lib/rubygems/request_set/lockfile/tokenizer.rb +9 -9
  148. data/lib/rubygems/request_set/lockfile.rb +12 -12
  149. data/lib/rubygems/request_set.rb +52 -25
  150. data/lib/rubygems/requirement.rb +32 -21
  151. data/lib/rubygems/resolver/activation_request.rb +6 -6
  152. data/lib/rubygems/resolver/api_set.rb +5 -6
  153. data/lib/rubygems/resolver/api_specification.rb +2 -3
  154. data/lib/rubygems/resolver/best_set.rb +5 -6
  155. data/lib/rubygems/resolver/composed_set.rb +5 -6
  156. data/lib/rubygems/resolver/conflict.rb +5 -5
  157. data/lib/rubygems/resolver/current_set.rb +1 -2
  158. data/lib/rubygems/resolver/dependency_request.rb +4 -4
  159. data/lib/rubygems/resolver/git_set.rb +5 -6
  160. data/lib/rubygems/resolver/git_specification.rb +4 -5
  161. data/lib/rubygems/resolver/index_set.rb +5 -6
  162. data/lib/rubygems/resolver/index_specification.rb +3 -4
  163. data/lib/rubygems/resolver/installed_specification.rb +3 -4
  164. data/lib/rubygems/resolver/installer_set.rb +12 -12
  165. data/lib/rubygems/resolver/local_specification.rb +1 -2
  166. data/lib/rubygems/resolver/lock_set.rb +5 -6
  167. data/lib/rubygems/resolver/lock_specification.rb +7 -8
  168. data/lib/rubygems/resolver/requirement_list.rb +1 -1
  169. data/lib/rubygems/resolver/set.rb +2 -2
  170. data/lib/rubygems/resolver/source_set.rb +4 -5
  171. data/lib/rubygems/resolver/spec_specification.rb +1 -2
  172. data/lib/rubygems/resolver/specification.rb +10 -7
  173. data/lib/rubygems/resolver/stats.rb +1 -1
  174. data/lib/rubygems/resolver/vendor_set.rb +4 -5
  175. data/lib/rubygems/resolver/vendor_specification.rb +2 -3
  176. data/lib/rubygems/resolver.rb +14 -16
  177. data/lib/rubygems/s3_uri_signer.rb +183 -0
  178. data/lib/rubygems/safe_yaml.rb +18 -10
  179. data/lib/rubygems/security/policies.rb +1 -2
  180. data/lib/rubygems/security/policy.rb +25 -25
  181. data/lib/rubygems/security/signer.rb +72 -24
  182. data/lib/rubygems/security/trust_dir.rb +10 -10
  183. data/lib/rubygems/security.rb +21 -22
  184. data/lib/rubygems/security_option.rb +0 -1
  185. data/lib/rubygems/server.rb +21 -21
  186. data/lib/rubygems/source/git.rb +9 -10
  187. data/lib/rubygems/source/installed.rb +3 -4
  188. data/lib/rubygems/source/local.rb +7 -7
  189. data/lib/rubygems/source/lock.rb +4 -4
  190. data/lib/rubygems/source/specific_file.rb +5 -5
  191. data/lib/rubygems/source/vendor.rb +2 -3
  192. data/lib/rubygems/source.rb +16 -25
  193. data/lib/rubygems/source_list.rb +2 -2
  194. data/lib/rubygems/source_local.rb +0 -1
  195. data/lib/rubygems/spec_fetcher.rb +5 -6
  196. data/lib/rubygems/specification.rb +219 -558
  197. data/lib/rubygems/specification_policy.rb +407 -0
  198. data/lib/rubygems/stub_specification.rb +12 -17
  199. data/lib/rubygems/test_case.rb +161 -75
  200. data/lib/rubygems/test_utilities.rb +20 -35
  201. data/lib/rubygems/text.rb +6 -6
  202. data/lib/rubygems/uninstaller.rb +38 -27
  203. data/lib/rubygems/uri_formatter.rb +1 -2
  204. data/lib/rubygems/user_interaction.rb +37 -89
  205. data/lib/rubygems/util/licenses.rb +27 -1
  206. data/lib/rubygems/util/list.rb +1 -1
  207. data/lib/rubygems/util.rb +32 -14
  208. data/lib/rubygems/validator.rb +4 -5
  209. data/lib/rubygems/version.rb +15 -15
  210. data/lib/rubygems/version_option.rb +2 -3
  211. data/lib/rubygems.rb +71 -102
  212. data/rubygems-update.gemspec +43 -0
  213. data/setup.rb +2 -8
  214. data/test/rubygems/ca_cert.pem +74 -65
  215. data/test/rubygems/client.pem +103 -45
  216. data/test/rubygems/rubygems_plugin.rb +0 -1
  217. data/test/rubygems/simple_gem.rb +1 -1
  218. data/test/rubygems/ssl_cert.pem +78 -17
  219. data/test/rubygems/ssl_key.pem +25 -13
  220. data/test/rubygems/test_bundled_ca.rb +1 -1
  221. data/test/rubygems/test_config.rb +7 -2
  222. data/test/rubygems/test_gem.rb +205 -132
  223. data/test/rubygems/test_gem_bundler_version_finder.rb +4 -0
  224. data/test/rubygems/test_gem_command.rb +0 -1
  225. data/test/rubygems/test_gem_command_manager.rb +18 -3
  226. data/test/rubygems/test_gem_commands_build_command.rb +220 -15
  227. data/test/rubygems/test_gem_commands_cert_command.rb +69 -8
  228. data/test/rubygems/test_gem_commands_check_command.rb +1 -1
  229. data/test/rubygems/test_gem_commands_cleanup_command.rb +27 -1
  230. data/test/rubygems/test_gem_commands_contents_command.rb +1 -2
  231. data/test/rubygems/test_gem_commands_dependency_command.rb +33 -34
  232. data/test/rubygems/test_gem_commands_environment_command.rb +1 -0
  233. data/test/rubygems/test_gem_commands_fetch_command.rb +0 -1
  234. data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -1
  235. data/test/rubygems/test_gem_commands_help_command.rb +7 -4
  236. data/test/rubygems/test_gem_commands_info_command.rb +44 -0
  237. data/test/rubygems/test_gem_commands_install_command.rb +79 -12
  238. data/test/rubygems/test_gem_commands_lock_command.rb +0 -1
  239. data/test/rubygems/test_gem_commands_open_command.rb +29 -0
  240. data/test/rubygems/test_gem_commands_outdated_command.rb +0 -1
  241. data/test/rubygems/test_gem_commands_owner_command.rb +93 -57
  242. data/test/rubygems/test_gem_commands_pristine_command.rb +65 -30
  243. data/test/rubygems/test_gem_commands_push_command.rb +54 -0
  244. data/test/rubygems/test_gem_commands_query_command.rb +102 -100
  245. data/test/rubygems/test_gem_commands_search_command.rb +0 -1
  246. data/test/rubygems/test_gem_commands_server_command.rb +0 -1
  247. data/test/rubygems/test_gem_commands_setup_command.rb +50 -15
  248. data/test/rubygems/test_gem_commands_signin_command.rb +1 -1
  249. data/test/rubygems/test_gem_commands_sources_command.rb +0 -1
  250. data/test/rubygems/test_gem_commands_specification_command.rb +2 -3
  251. data/test/rubygems/test_gem_commands_stale_command.rb +3 -2
  252. data/test/rubygems/test_gem_commands_uninstall_command.rb +161 -8
  253. data/test/rubygems/test_gem_commands_unpack_command.rb +17 -1
  254. data/test/rubygems/test_gem_commands_update_command.rb +19 -2
  255. data/test/rubygems/test_gem_commands_which_command.rb +0 -1
  256. data/test/rubygems/test_gem_commands_yank_command.rb +0 -1
  257. data/test/rubygems/test_gem_config_file.rb +4 -2
  258. data/test/rubygems/test_gem_dependency.rb +0 -1
  259. data/test/rubygems/test_gem_dependency_installer.rb +8 -5
  260. data/test/rubygems/test_gem_dependency_list.rb +6 -7
  261. data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -1
  262. data/test/rubygems/test_gem_doctor.rb +1 -2
  263. data/test/rubygems/test_gem_ext_builder.rb +10 -23
  264. data/test/rubygems/test_gem_ext_cmake_builder.rb +5 -4
  265. data/test/rubygems/test_gem_ext_configure_builder.rb +3 -3
  266. data/test/rubygems/test_gem_ext_ext_conf_builder.rb +8 -9
  267. data/test/rubygems/test_gem_ext_rake_builder.rb +20 -5
  268. data/test/rubygems/test_gem_gem_runner.rb +0 -1
  269. data/test/rubygems/test_gem_gemcutter_utilities.rb +32 -6
  270. data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -1
  271. data/test/rubygems/test_gem_indexer.rb +16 -10
  272. data/test/rubygems/test_gem_install_update_options.rb +1 -20
  273. data/test/rubygems/test_gem_installer.rb +154 -119
  274. data/test/rubygems/test_gem_local_remote_options.rb +3 -3
  275. data/test/rubygems/test_gem_name_tuple.rb +0 -1
  276. data/test/rubygems/test_gem_package.rb +77 -31
  277. data/test/rubygems/test_gem_package_old.rb +0 -1
  278. data/test/rubygems/test_gem_package_tar_header.rb +42 -2
  279. data/test/rubygems/test_gem_package_tar_reader.rb +0 -1
  280. data/test/rubygems/test_gem_package_tar_reader_entry.rb +11 -0
  281. data/test/rubygems/test_gem_package_tar_writer.rb +43 -7
  282. data/test/rubygems/test_gem_package_task.rb +2 -2
  283. data/test/rubygems/test_gem_path_support.rb +28 -11
  284. data/test/rubygems/test_gem_platform.rb +4 -5
  285. data/test/rubygems/test_gem_rdoc.rb +1 -136
  286. data/test/rubygems/test_gem_remote_fetcher.rb +241 -141
  287. data/test/rubygems/test_gem_request.rb +9 -9
  288. data/test/rubygems/test_gem_request_connection_pools.rb +24 -3
  289. data/test/rubygems/test_gem_request_set.rb +5 -5
  290. data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +82 -64
  291. data/test/rubygems/test_gem_request_set_lockfile.rb +1 -2
  292. data/test/rubygems/test_gem_request_set_lockfile_parser.rb +4 -9
  293. data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +1 -1
  294. data/test/rubygems/test_gem_requirement.rb +24 -4
  295. data/test/rubygems/test_gem_resolver.rb +13 -17
  296. data/test/rubygems/test_gem_resolver_activation_request.rb +0 -1
  297. data/test/rubygems/test_gem_resolver_api_set.rb +0 -1
  298. data/test/rubygems/test_gem_resolver_api_specification.rb +0 -1
  299. data/test/rubygems/test_gem_resolver_best_set.rb +0 -1
  300. data/test/rubygems/test_gem_resolver_composed_set.rb +0 -1
  301. data/test/rubygems/test_gem_resolver_conflict.rb +0 -1
  302. data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -1
  303. data/test/rubygems/test_gem_resolver_git_set.rb +0 -1
  304. data/test/rubygems/test_gem_resolver_git_specification.rb +0 -1
  305. data/test/rubygems/test_gem_resolver_index_set.rb +0 -1
  306. data/test/rubygems/test_gem_resolver_index_specification.rb +0 -1
  307. data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -1
  308. data/test/rubygems/test_gem_resolver_installer_set.rb +2 -3
  309. data/test/rubygems/test_gem_resolver_local_specification.rb +0 -1
  310. data/test/rubygems/test_gem_resolver_lock_set.rb +0 -1
  311. data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -1
  312. data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -1
  313. data/test/rubygems/test_gem_resolver_specification.rb +1 -2
  314. data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -1
  315. data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -1
  316. data/test/rubygems/test_gem_security.rb +1 -3
  317. data/test/rubygems/test_gem_security_policy.rb +5 -6
  318. data/test/rubygems/test_gem_security_signer.rb +4 -3
  319. data/test/rubygems/test_gem_security_trust_dir.rb +1 -2
  320. data/test/rubygems/test_gem_server.rb +4 -4
  321. data/test/rubygems/test_gem_source.rb +0 -13
  322. data/test/rubygems/test_gem_source_fetch_problem.rb +0 -1
  323. data/test/rubygems/test_gem_source_git.rb +0 -1
  324. data/test/rubygems/test_gem_source_installed.rb +0 -1
  325. data/test/rubygems/test_gem_source_lock.rb +0 -1
  326. data/test/rubygems/test_gem_source_vendor.rb +0 -1
  327. data/test/rubygems/test_gem_spec_fetcher.rb +0 -1
  328. data/test/rubygems/test_gem_specification.rb +366 -198
  329. data/test/rubygems/test_gem_stream_ui.rb +15 -32
  330. data/test/rubygems/test_gem_stub_specification.rb +0 -2
  331. data/test/rubygems/test_gem_text.rb +4 -0
  332. data/test/rubygems/test_gem_uninstaller.rb +42 -3
  333. data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -1
  334. data/test/rubygems/test_gem_uri_formatter.rb +0 -1
  335. data/test/rubygems/test_gem_util.rb +31 -11
  336. data/test/rubygems/test_gem_validator.rb +0 -1
  337. data/test/rubygems/test_gem_version.rb +11 -11
  338. data/test/rubygems/test_gem_version_option.rb +0 -1
  339. data/test/rubygems/test_remote_fetch_error.rb +0 -1
  340. data/test/rubygems/test_require.rb +67 -52
  341. data/util/CL2notes +1 -2
  342. data/util/ci +20 -12
  343. data/util/cops/deprecations.rb +52 -0
  344. data/util/create_certs.rb +6 -7
  345. data/util/create_certs.sh +27 -0
  346. data/util/create_encrypted_key.rb +4 -5
  347. data/util/patch_with_prs.rb +1 -1
  348. data/util/rubocop +8 -0
  349. data/util/update_bundled_ca_certificates.rb +12 -13
  350. data/util/update_changelog.rb +1 -1
  351. metadata +61 -51
  352. data/.autotest +0 -71
  353. data/.document +0 -5
  354. data/CONTRIBUTING.rdoc +0 -130
  355. data/CVE-2013-4287.txt +0 -35
  356. data/CVE-2013-4363.txt +0 -45
  357. data/CVE-2015-3900.txt +0 -40
  358. data/POLICIES.rdoc +0 -74
  359. data/test/rubygems/fix_openssl_warnings.rb +0 -13
@@ -9,7 +9,7 @@ rescue LoadError => e
9
9
  e.message =~ / -- openssl$/
10
10
  end
11
11
 
12
- unless defined?(OpenSSL::SSL) then
12
+ unless defined?(OpenSSL::SSL)
13
13
  warn 'Skipping Gem::Request tests. openssl not found.'
14
14
  end
15
15
 
@@ -35,7 +35,7 @@ class TestGemRemoteFetcher < Gem::TestCase
35
35
 
36
36
  include Gem::DefaultUserInteraction
37
37
 
38
- SERVER_DATA = <<-EOY
38
+ SERVER_DATA = <<-EOY.freeze
39
39
  --- !ruby/object:Gem::Cache
40
40
  gems:
41
41
  rake-0.4.11: !ruby/object:Gem::Specification
@@ -51,7 +51,6 @@ gems:
51
51
  author: Jim Weirich
52
52
  email: jim@weirichhouse.org
53
53
  homepage: http://rake.rubyforge.org
54
- rubyforge_project: rake
55
54
  description: Rake is a Make-like program implemented in Ruby. Tasks and dependencies are specified in standard Ruby syntax.
56
55
  autorequire:
57
56
  default_executable: rake
@@ -122,7 +121,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
122
121
  @a1.loaded_from = File.join(@gemhome, 'specifications', @a1.full_name)
123
122
 
124
123
  Gem::RemoteFetcher.fetcher = nil
125
-
124
+ @stub_ui = Gem::MockGemUi.new
126
125
  @fetcher = Gem::RemoteFetcher.fetcher
127
126
  end
128
127
 
@@ -179,112 +178,12 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
179
178
  end
180
179
 
181
180
  def test_no_proxy
182
- use_ui @ui do
181
+ use_ui @stub_ui do
183
182
  assert_data_from_server @fetcher.fetch_path(@server_uri)
184
183
  assert_equal SERVER_DATA.size, @fetcher.fetch_size(@server_uri)
185
184
  end
186
185
  end
187
186
 
188
- def test_api_endpoint
189
- uri = URI.parse "http://example.com/foo"
190
- target = MiniTest::Mock.new
191
- target.expect :target, "gems.example.com"
192
-
193
- dns = MiniTest::Mock.new
194
- dns.expect :getresource, target, [String, Object]
195
-
196
- fetch = Gem::RemoteFetcher.new nil, dns
197
- assert_equal URI.parse("http://gems.example.com/foo"), fetch.api_endpoint(uri)
198
-
199
- target.verify
200
- dns.verify
201
- end
202
-
203
- def test_api_endpoint_ignores_trans_domain_values
204
- uri = URI.parse "http://gems.example.com/foo"
205
- target = MiniTest::Mock.new
206
- target.expect :target, "blah.com"
207
-
208
- dns = MiniTest::Mock.new
209
- dns.expect :getresource, target, [String, Object]
210
-
211
- fetch = Gem::RemoteFetcher.new nil, dns
212
- assert_equal URI.parse("http://gems.example.com/foo"), fetch.api_endpoint(uri)
213
-
214
- target.verify
215
- dns.verify
216
- end
217
-
218
- def test_api_endpoint_ignores_trans_domain_values_that_starts_with_original
219
- uri = URI.parse "http://example.com/foo"
220
- target = MiniTest::Mock.new
221
- target.expect :target, "example.combadguy.com"
222
-
223
- dns = MiniTest::Mock.new
224
- dns.expect :getresource, target, [String, Object]
225
-
226
- fetch = Gem::RemoteFetcher.new nil, dns
227
- assert_equal URI.parse("http://example.com/foo"), fetch.api_endpoint(uri)
228
-
229
- target.verify
230
- dns.verify
231
- end
232
-
233
- def test_api_endpoint_ignores_trans_domain_values_that_end_with_original
234
- uri = URI.parse "http://example.com/foo"
235
- target = MiniTest::Mock.new
236
- target.expect :target, "badexample.com"
237
-
238
- dns = MiniTest::Mock.new
239
- dns.expect :getresource, target, [String, Object]
240
-
241
- fetch = Gem::RemoteFetcher.new nil, dns
242
- assert_equal URI.parse("http://example.com/foo"), fetch.api_endpoint(uri)
243
-
244
- target.verify
245
- dns.verify
246
- end
247
-
248
- def test_api_endpoint_ignores_trans_domain_values_that_end_with_original_in_path
249
- uri = URI.parse "http://example.com/foo"
250
- target = MiniTest::Mock.new
251
- target.expect :target, "evil.com/a.example.com"
252
-
253
- dns = MiniTest::Mock.new
254
- dns.expect :getresource, target, [String, Object]
255
-
256
- fetch = Gem::RemoteFetcher.new nil, dns
257
- assert_equal URI.parse("http://example.com/foo"), fetch.api_endpoint(uri)
258
-
259
- target.verify
260
- dns.verify
261
- end
262
-
263
- def test_api_endpoint_timeout_warning
264
- uri = URI.parse "http://gems.example.com/foo"
265
-
266
- dns = MiniTest::Mock.new
267
- def dns.getresource arg, *rest
268
- raise Resolv::ResolvError.new('timeout!')
269
- end
270
-
271
- fetch = Gem::RemoteFetcher.new nil, dns
272
- begin
273
- old_verbose, Gem.configuration.verbose = Gem.configuration.verbose, 1
274
- endpoint = use_ui @ui do
275
- fetch.api_endpoint(uri)
276
- end
277
- ensure
278
- Gem.configuration.verbose = old_verbose
279
- end
280
-
281
- assert_equal uri, endpoint
282
-
283
- assert_equal "Getting SRV record failed: timeout!\n", @ui.output
284
-
285
- dns.verify
286
- end
287
-
288
187
  def test_cache_update_path
289
188
  uri = URI 'http://example/file'
290
189
  path = File.join @tempdir, 'file'
@@ -311,20 +210,20 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
311
210
  refute_path_exists path
312
211
  end
313
212
 
314
- def util_fuck_with_fetcher data, blow = false
213
+ def util_fuck_with_fetcher(data, blow = false)
315
214
  fetcher = Gem::RemoteFetcher.fetcher
316
215
  fetcher.instance_variable_set :@test_data, data
317
216
 
318
- unless blow then
319
- def fetcher.fetch_path arg, *rest
217
+ unless blow
218
+ def fetcher.fetch_path(arg, *rest)
320
219
  @test_arg = arg
321
220
  @test_data
322
221
  end
323
222
  else
324
- def fetcher.fetch_path arg, *rest
223
+ def fetcher.fetch_path(arg, *rest)
325
224
  # OMG I'm such an ass
326
225
  class << self; remove_method :fetch_path; end
327
- def self.fetch_path arg, *rest
226
+ def self.fetch_path(arg, *rest)
328
227
  @test_arg = arg
329
228
  @test_data
330
229
  end
@@ -524,7 +423,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
524
423
  util_setup_spec_fetcher @a1, @a2
525
424
  @fetcher.instance_variable_set :@a1, @a1
526
425
  @fetcher.instance_variable_set :@a2, @a2
527
- def @fetcher.fetch_path uri, mtime = nil, head = false
426
+ def @fetcher.fetch_path(uri, mtime = nil, head = false)
528
427
  case uri.request_uri
529
428
  when /#{@a1.spec_name}/ then
530
429
  Gem.deflate Marshal.dump @a1
@@ -617,6 +516,24 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
617
516
  assert_equal url, e.uri
618
517
  end
619
518
 
519
+ def test_fetch_path_openssl_ssl_sslerror
520
+ fetcher = Gem::RemoteFetcher.new nil
521
+ @fetcher = fetcher
522
+
523
+ def fetcher.fetch_http(uri, mtime = nil, head = nil)
524
+ raise OpenSSL::SSL::SSLError
525
+ end
526
+
527
+ url = 'http://example.com/uri'
528
+
529
+ e = assert_raises Gem::RemoteFetcher::FetchError do
530
+ fetcher.fetch_path url
531
+ end
532
+
533
+ assert_equal "OpenSSL::SSL::SSLError: OpenSSL::SSL::SSLError (#{url})", e.message
534
+ assert_equal url, e.uri
535
+ end
536
+
620
537
  def test_fetch_path_unmodified
621
538
  fetcher = Gem::RemoteFetcher.new nil
622
539
  @fetcher = fetcher
@@ -629,7 +546,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
629
546
  end
630
547
 
631
548
  def test_implicit_no_proxy
632
- use_ui @ui do
549
+ use_ui @stub_ui do
633
550
  ENV['http_proxy'] = 'http://fakeurl:12345'
634
551
  fetcher = Gem::RemoteFetcher.new :no_proxy
635
552
  @fetcher = fetcher
@@ -638,7 +555,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
638
555
  end
639
556
 
640
557
  def test_implicit_proxy
641
- use_ui @ui do
558
+ use_ui @stub_ui do
642
559
  ENV['http_proxy'] = @proxy_uri
643
560
  fetcher = Gem::RemoteFetcher.new nil
644
561
  @fetcher = fetcher
@@ -647,7 +564,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
647
564
  end
648
565
 
649
566
  def test_implicit_upper_case_proxy
650
- use_ui @ui do
567
+ use_ui @stub_ui do
651
568
  ENV['HTTP_PROXY'] = @proxy_uri
652
569
  fetcher = Gem::RemoteFetcher.new nil
653
570
  @fetcher = fetcher
@@ -656,7 +573,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
656
573
  end
657
574
 
658
575
  def test_implicit_proxy_no_env
659
- use_ui @ui do
576
+ use_ui @stub_ui do
660
577
  fetcher = Gem::RemoteFetcher.new nil
661
578
  @fetcher = fetcher
662
579
  assert_data_from_server fetcher.fetch_path(@server_uri)
@@ -670,7 +587,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
670
587
 
671
588
  def fetcher.request(uri, request_class, last_modified = nil)
672
589
  url = 'http://gems.example.com/redirect'
673
- unless defined? @requested then
590
+ unless defined? @requested
674
591
  @requested = true
675
592
  res = Net::HTTPMovedPermanently.new nil, 301, nil
676
593
  res.add_field 'Location', url
@@ -731,11 +648,11 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
731
648
  assert_equal "murphy", fetcher.fetch_path(@server_uri)
732
649
  end
733
650
 
734
- def test_fetch_s3
651
+ def assert_fetch_s3(url, signature, token=nil, region='us-east-1', instance_profile_json=nil)
735
652
  fetcher = Gem::RemoteFetcher.new nil
736
653
  @fetcher = fetcher
737
- url = 's3://testuser:testpass@my-bucket/gems/specs.4.8.gz'
738
654
  $fetched_uri = nil
655
+ $instance_profile = instance_profile_json
739
656
 
740
657
  def fetcher.request(uri, request_class, last_modified = nil)
741
658
  $fetched_uri = uri
@@ -744,31 +661,206 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
744
661
  res
745
662
  end
746
663
 
747
- def fetcher.s3_expiration
748
- 1395098371
664
+ def fetcher.s3_uri_signer(uri)
665
+ require 'json'
666
+ s3_uri_signer = Gem::S3URISigner.new(uri)
667
+ def s3_uri_signer.ec2_metadata_credentials_json
668
+ JSON.parse($instance_profile)
669
+ end
670
+ # Running sign operation to make sure uri.query is not mutated
671
+ s3_uri_signer.sign
672
+ raise "URI query is not empty: #{uri.query}" unless uri.query.nil?
673
+ s3_uri_signer
749
674
  end
750
675
 
751
676
  data = fetcher.fetch_s3 URI.parse(url)
752
677
 
753
- assert_equal 'https://my-bucket.s3.amazonaws.com/gems/specs.4.8.gz?AWSAccessKeyId=testuser&Expires=1395098371&Signature=eUTr7NkpZEet%2BJySE%2BfH6qukroI%3D', $fetched_uri.to_s
678
+ assert_equal "https://my-bucket.s3.#{region}.amazonaws.com/gems/specs.4.8.gz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=testuser%2F20190624%2F#{region}%2Fs3%2Faws4_request&X-Amz-Date=20190624T050641Z&X-Amz-Expires=86400#{token ? "&X-Amz-Security-Token=" + token : ""}&X-Amz-SignedHeaders=host&X-Amz-Signature=#{signature}", $fetched_uri.to_s
754
679
  assert_equal 'success', data
755
680
  ensure
756
681
  $fetched_uri = nil
757
682
  end
758
683
 
759
- def test_fetch_s3_no_creds
684
+ def test_fetch_s3_config_creds
685
+ Gem.configuration[:s3_source] = {
686
+ 'my-bucket' => {:id => 'testuser', :secret => 'testpass'}
687
+ }
688
+ url = 's3://my-bucket/gems/specs.4.8.gz'
689
+ Time.stub :now, Time.at(1561353581) do
690
+ assert_fetch_s3 url, '20f974027db2f3cd6193565327a7c73457a138efb1a63ea248d185ce6827d41b'
691
+ end
692
+ ensure
693
+ Gem.configuration[:s3_source] = nil
694
+ end
695
+
696
+ def test_fetch_s3_config_creds_with_region
697
+ Gem.configuration[:s3_source] = {
698
+ 'my-bucket' => {:id => 'testuser', :secret => 'testpass', :region => 'us-west-2'}
699
+ }
700
+ url = 's3://my-bucket/gems/specs.4.8.gz'
701
+ Time.stub :now, Time.at(1561353581) do
702
+ assert_fetch_s3 url, '4afc3010757f1fd143e769f1d1dabd406476a4fc7c120e9884fd02acbb8f26c9', nil, 'us-west-2'
703
+ end
704
+ ensure
705
+ Gem.configuration[:s3_source] = nil
706
+ end
707
+
708
+ def test_fetch_s3_config_creds_with_token
709
+ Gem.configuration[:s3_source] = {
710
+ 'my-bucket' => {:id => 'testuser', :secret => 'testpass', :security_token => 'testtoken'}
711
+ }
712
+ url = 's3://my-bucket/gems/specs.4.8.gz'
713
+ Time.stub :now, Time.at(1561353581) do
714
+ assert_fetch_s3 url, '935160a427ef97e7630f799232b8f208c4a4e49aad07d0540572a2ad5fe9f93c', 'testtoken'
715
+ end
716
+ ensure
717
+ Gem.configuration[:s3_source] = nil
718
+ end
719
+
720
+ def test_fetch_s3_env_creds
721
+ ENV['AWS_ACCESS_KEY_ID'] = 'testuser'
722
+ ENV['AWS_SECRET_ACCESS_KEY'] = 'testpass'
723
+ ENV['AWS_SESSION_TOKEN'] = nil
724
+ Gem.configuration[:s3_source] = {
725
+ 'my-bucket' => {:provider => 'env'}
726
+ }
727
+ url = 's3://my-bucket/gems/specs.4.8.gz'
728
+ Time.stub :now, Time.at(1561353581) do
729
+ assert_fetch_s3 url, '20f974027db2f3cd6193565327a7c73457a138efb1a63ea248d185ce6827d41b'
730
+ end
731
+ ensure
732
+ ENV.each_key {|key| ENV.delete(key) if key.start_with?('AWS')}
733
+ Gem.configuration[:s3_source] = nil
734
+ end
735
+
736
+ def test_fetch_s3_env_creds_with_region
737
+ ENV['AWS_ACCESS_KEY_ID'] = 'testuser'
738
+ ENV['AWS_SECRET_ACCESS_KEY'] = 'testpass'
739
+ ENV['AWS_SESSION_TOKEN'] = nil
740
+ Gem.configuration[:s3_source] = {
741
+ 'my-bucket' => {:provider => 'env', :region => 'us-west-2'}
742
+ }
743
+ url = 's3://my-bucket/gems/specs.4.8.gz'
744
+ Time.stub :now, Time.at(1561353581) do
745
+ assert_fetch_s3 url, '4afc3010757f1fd143e769f1d1dabd406476a4fc7c120e9884fd02acbb8f26c9', nil, 'us-west-2'
746
+ end
747
+ ensure
748
+ ENV.each_key {|key| ENV.delete(key) if key.start_with?('AWS')}
749
+ Gem.configuration[:s3_source] = nil
750
+ end
751
+
752
+ def test_fetch_s3_env_creds_with_token
753
+ ENV['AWS_ACCESS_KEY_ID'] = 'testuser'
754
+ ENV['AWS_SECRET_ACCESS_KEY'] = 'testpass'
755
+ ENV['AWS_SESSION_TOKEN'] = 'testtoken'
756
+ Gem.configuration[:s3_source] = {
757
+ 'my-bucket' => {:provider => 'env'}
758
+ }
759
+ url = 's3://my-bucket/gems/specs.4.8.gz'
760
+ Time.stub :now, Time.at(1561353581) do
761
+ assert_fetch_s3 url, '935160a427ef97e7630f799232b8f208c4a4e49aad07d0540572a2ad5fe9f93c', 'testtoken'
762
+ end
763
+ ensure
764
+ ENV.each_key {|key| ENV.delete(key) if key.start_with?('AWS')}
765
+ Gem.configuration[:s3_source] = nil
766
+ end
767
+
768
+ def test_fetch_s3_url_creds
769
+ url = 's3://testuser:testpass@my-bucket/gems/specs.4.8.gz'
770
+ Time.stub :now, Time.at(1561353581) do
771
+ assert_fetch_s3 url, '20f974027db2f3cd6193565327a7c73457a138efb1a63ea248d185ce6827d41b'
772
+ end
773
+ end
774
+
775
+ def test_fetch_s3_instance_profile_creds
776
+ Gem.configuration[:s3_source] = {
777
+ 'my-bucket' => {:provider => 'instance_profile'}
778
+ }
779
+
780
+ url = 's3://my-bucket/gems/specs.4.8.gz'
781
+ Time.stub :now, Time.at(1561353581) do
782
+ assert_fetch_s3 url, '20f974027db2f3cd6193565327a7c73457a138efb1a63ea248d185ce6827d41b', nil, 'us-east-1',
783
+ '{"AccessKeyId": "testuser", "SecretAccessKey": "testpass"}'
784
+ end
785
+ ensure
786
+ Gem.configuration[:s3_source] = nil
787
+ end
788
+
789
+ def test_fetch_s3_instance_profile_creds_with_region
790
+ Gem.configuration[:s3_source] = {
791
+ 'my-bucket' => {:provider => 'instance_profile', :region => 'us-west-2'}
792
+ }
793
+
794
+ url = 's3://my-bucket/gems/specs.4.8.gz'
795
+ Time.stub :now, Time.at(1561353581) do
796
+ assert_fetch_s3 url, '4afc3010757f1fd143e769f1d1dabd406476a4fc7c120e9884fd02acbb8f26c9', nil, 'us-west-2',
797
+ '{"AccessKeyId": "testuser", "SecretAccessKey": "testpass"}'
798
+ end
799
+ ensure
800
+ Gem.configuration[:s3_source] = nil
801
+ end
802
+
803
+ def test_fetch_s3_instance_profile_creds_with_token
804
+ Gem.configuration[:s3_source] = {
805
+ 'my-bucket' => {:provider => 'instance_profile'}
806
+ }
807
+
808
+ url = 's3://my-bucket/gems/specs.4.8.gz'
809
+ Time.stub :now, Time.at(1561353581) do
810
+ assert_fetch_s3 url, '935160a427ef97e7630f799232b8f208c4a4e49aad07d0540572a2ad5fe9f93c', 'testtoken', 'us-east-1',
811
+ '{"AccessKeyId": "testuser", "SecretAccessKey": "testpass", "Token": "testtoken"}'
812
+ end
813
+ ensure
814
+ Gem.configuration[:s3_source] = nil
815
+ end
816
+
817
+ def refute_fetch_s3(url, expected_message)
760
818
  fetcher = Gem::RemoteFetcher.new nil
761
819
  @fetcher = fetcher
762
- url = 's3://my-bucket/gems/specs.4.8.gz'
820
+
763
821
  e = assert_raises Gem::RemoteFetcher::FetchError do
764
822
  fetcher.fetch_s3 URI.parse(url)
765
823
  end
766
824
 
767
- assert_match "credentials needed", e.message
825
+ assert_match expected_message, e.message
826
+ end
827
+
828
+ def test_fetch_s3_no_source_key
829
+ url = 's3://my-bucket/gems/specs.4.8.gz'
830
+ refute_fetch_s3 url, 'no s3_source key exists in .gemrc'
831
+ end
832
+
833
+ def test_fetch_s3_no_host
834
+ Gem.configuration[:s3_source] = {
835
+ 'my-bucket' => {:id => 'testuser', :secret => 'testpass'}
836
+ }
837
+
838
+ url = 's3://other-bucket/gems/specs.4.8.gz'
839
+ refute_fetch_s3 url, 'no key for host other-bucket in s3_source in .gemrc'
840
+ ensure
841
+ Gem.configuration[:s3_source] = nil
842
+ end
843
+
844
+ def test_fetch_s3_no_id
845
+ Gem.configuration[:s3_source] = { 'my-bucket' => {:secret => 'testpass'} }
846
+
847
+ url = 's3://my-bucket/gems/specs.4.8.gz'
848
+ refute_fetch_s3 url, 's3_source for my-bucket missing id or secret'
849
+ ensure
850
+ Gem.configuration[:s3_source] = nil
851
+ end
852
+
853
+ def test_fetch_s3_no_secret
854
+ Gem.configuration[:s3_source] = { 'my-bucket' => {:id => 'testuser'} }
855
+
856
+ url = 's3://my-bucket/gems/specs.4.8.gz'
857
+ refute_fetch_s3 url, 's3_source for my-bucket missing id or secret'
858
+ ensure
859
+ Gem.configuration[:s3_source] = nil
768
860
  end
769
861
 
770
862
  def test_observe_no_proxy_env_single_host
771
- use_ui @ui do
863
+ use_ui @stub_ui do
772
864
  ENV["http_proxy"] = @proxy_uri
773
865
  ENV["no_proxy"] = URI::parse(@server_uri).host
774
866
  fetcher = Gem::RemoteFetcher.new nil
@@ -778,7 +870,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
778
870
  end
779
871
 
780
872
  def test_observe_no_proxy_env_list
781
- use_ui @ui do
873
+ use_ui @stub_ui do
782
874
  ENV["http_proxy"] = @proxy_uri
783
875
  ENV["no_proxy"] = "fakeurl.com, #{URI::parse(@server_uri).host}"
784
876
  fetcher = Gem::RemoteFetcher.new nil
@@ -800,7 +892,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
800
892
  end
801
893
 
802
894
  def test_yaml_error_on_size
803
- use_ui @ui do
895
+ use_ui @stub_ui do
804
896
  self.class.enable_yaml = false
805
897
  fetcher = Gem::RemoteFetcher.new nil
806
898
  @fetcher = fetcher
@@ -846,9 +938,9 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
846
938
  with_configured_fetcher(
847
939
  ":ssl_ca_cert: #{temp_ca_cert}\n" +
848
940
  ":ssl_client_cert: #{temp_client_cert}\n") do |fetcher|
849
- assert_raises Gem::RemoteFetcher::FetchError do
850
- fetcher.fetch_path("https://localhost:#{ssl_server.config[:Port]}/yaml")
851
- end
941
+ assert_raises Gem::RemoteFetcher::FetchError do
942
+ fetcher.fetch_path("https://localhost:#{ssl_server.config[:Port]}/yaml")
943
+ end
852
944
  end
853
945
  end
854
946
 
@@ -870,11 +962,27 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
870
962
 
871
963
  def test_do_not_follow_insecure_redirect
872
964
  ssl_server = self.class.start_ssl_server
873
- temp_ca_cert = File.join(DIR, 'ca_cert.pem'),
965
+ temp_ca_cert = File.join(DIR, 'ca_cert.pem')
966
+ expected_error_message =
967
+ "redirecting to non-https resource: #{@server_uri} (https://localhost:#{ssl_server.config[:Port]}/insecure_redirect?to=#{@server_uri})"
968
+
874
969
  with_configured_fetcher(":ssl_ca_cert: #{temp_ca_cert}") do |fetcher|
875
- assert_raises Gem::RemoteFetcher::FetchError do
970
+ err = assert_raises Gem::RemoteFetcher::FetchError do
876
971
  fetcher.fetch_path("https://localhost:#{ssl_server.config[:Port]}/insecure_redirect?to=#{@server_uri}")
877
972
  end
973
+
974
+ assert_equal(err.message, expected_error_message)
975
+ end
976
+ end
977
+
978
+ def test_nil_ca_cert
979
+ ssl_server = self.class.start_ssl_server
980
+ temp_ca_cert = nil
981
+
982
+ with_configured_fetcher(":ssl_ca_cert: #{temp_ca_cert}") do |fetcher|
983
+ assert_raises Gem::RemoteFetcher::FetchError do
984
+ fetcher.fetch_path("https://localhost:#{ssl_server.config[:Port]}")
985
+ end
878
986
  end
879
987
  end
880
988
 
@@ -1016,7 +1124,7 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
1016
1124
  :DocumentRoot => nil,
1017
1125
  :Logger => null_logger,
1018
1126
  :AccessLog => null_logger
1019
- )
1127
+ )
1020
1128
  s.mount_proc("/kill") { |req, res| s.shutdown }
1021
1129
  s.mount_proc("/yaml") { |req, res|
1022
1130
  if req["X-Captain"]
@@ -1063,12 +1171,4 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
1063
1171
  end
1064
1172
  end
1065
1173
 
1066
- def test_correct_for_windows_path
1067
- path = "/C:/WINDOWS/Temp/gems"
1068
- assert_equal "C:/WINDOWS/Temp/gems", @fetcher.correct_for_windows_path(path)
1069
-
1070
- path = "/home/skillet"
1071
- assert_equal "/home/skillet", @fetcher.correct_for_windows_path(path)
1072
- end
1073
-
1074
1174
  end if defined?(OpenSSL::SSL)
@@ -4,7 +4,7 @@ require 'rubygems/request'
4
4
  require 'ostruct'
5
5
  require 'base64'
6
6
 
7
- unless defined?(OpenSSL::SSL) then
7
+ unless defined?(OpenSSL::SSL)
8
8
  warn 'Skipping Gem::Request tests. openssl not found.'
9
9
  end
10
10
 
@@ -17,7 +17,7 @@ class TestGemRequest < Gem::TestCase
17
17
  PUBLIC_CERT_FILE = cert_path 'public'
18
18
  SSL_CERT = load_cert 'ssl'
19
19
 
20
- def make_request uri, request_class, last_modified, proxy
20
+ def make_request(uri, request_class, last_modified, proxy)
21
21
  Gem::Request.create_with_proxy uri, request_class, last_modified, proxy
22
22
  end
23
23
 
@@ -250,7 +250,7 @@ class TestGemRequest < Gem::TestCase
250
250
  def test_user_agent_engine
251
251
  util_save_version
252
252
 
253
- Object.send :remove_const, :RUBY_ENGINE if defined?(RUBY_ENGINE)
253
+ Object.send :remove_const, :RUBY_ENGINE
254
254
  Object.send :const_set, :RUBY_ENGINE, 'vroom'
255
255
 
256
256
  ua = make_request(@uri, nil, nil, nil).user_agent
@@ -263,7 +263,7 @@ class TestGemRequest < Gem::TestCase
263
263
  def test_user_agent_engine_ruby
264
264
  util_save_version
265
265
 
266
- Object.send :remove_const, :RUBY_ENGINE if defined?(RUBY_ENGINE)
266
+ Object.send :remove_const, :RUBY_ENGINE
267
267
  Object.send :const_set, :RUBY_ENGINE, 'ruby'
268
268
 
269
269
  ua = make_request(@uri, nil, nil, nil).user_agent
@@ -442,12 +442,12 @@ ERROR: Certificate is an invalid CA certificate
442
442
  message =
443
443
  Gem::Request.verify_certificate_message error_number, EXPIRED_CERT
444
444
 
445
- assert_equal "You must add #{EXPIRED_CERT.issuer} to your local trusted store",
445
+ assert_equal "Cannot verify certificate issued by #{EXPIRED_CERT.issuer}",
446
446
  message
447
447
  end
448
448
 
449
449
  def util_restore_version
450
- Object.send :remove_const, :RUBY_ENGINE if defined?(RUBY_ENGINE)
450
+ Object.send :remove_const, :RUBY_ENGINE
451
451
  Object.send :const_set, :RUBY_ENGINE, @orig_RUBY_ENGINE if
452
452
  defined?(@orig_RUBY_ENGINE)
453
453
 
@@ -460,12 +460,12 @@ ERROR: Certificate is an invalid CA certificate
460
460
  end
461
461
 
462
462
  def util_save_version
463
- @orig_RUBY_ENGINE = RUBY_ENGINE if defined? RUBY_ENGINE
463
+ @orig_RUBY_ENGINE = RUBY_ENGINE
464
464
  @orig_RUBY_PATCHLEVEL = RUBY_PATCHLEVEL
465
465
  @orig_RUBY_REVISION = RUBY_REVISION if defined? RUBY_REVISION
466
466
  end
467
467
 
468
- def util_stub_net_http hash
468
+ def util_stub_net_http(hash)
469
469
  old_client = Gem::Request::ConnectionPools.client
470
470
  conn = Conn.new OpenStruct.new(hash)
471
471
  Gem::Request::ConnectionPools.client = conn
@@ -477,7 +477,7 @@ ERROR: Certificate is an invalid CA certificate
477
477
  class Conn
478
478
  attr_accessor :payload
479
479
 
480
- def new *args; self; end
480
+ def new(*args); self; end
481
481
  def use_ssl=(bool); end
482
482
  def verify_callback=(setting); end
483
483
  def verify_mode=(setting); end
@@ -5,7 +5,7 @@ require 'timeout'
5
5
 
6
6
  class TestGemRequestConnectionPool < Gem::TestCase
7
7
  class FakeHttp
8
- def initialize *args
8
+ def initialize(*args)
9
9
  end
10
10
 
11
11
  def start
@@ -25,6 +25,28 @@ class TestGemRequestConnectionPool < Gem::TestCase
25
25
  super
26
26
  end
27
27
 
28
+ def test_to_proxy_substring
29
+ pools = Gem::Request::ConnectionPools.new nil, []
30
+
31
+ env_no_proxy = %w[
32
+ ems.example
33
+ ]
34
+
35
+ no_proxy = pools.send :no_proxy?, 'rubygems.example', env_no_proxy
36
+
37
+ refute no_proxy, 'mismatch'
38
+ end
39
+
40
+ def test_to_proxy_empty_string
41
+ pools = Gem::Request::ConnectionPools.new nil, []
42
+
43
+ env_no_proxy = [""]
44
+
45
+ no_proxy = pools.send :no_proxy?, 'ems.example', env_no_proxy
46
+
47
+ refute no_proxy, 'mismatch'
48
+ end
49
+
28
50
  def test_checkout_same_connection
29
51
  uri = URI.parse('http://example/some_endpoint')
30
52
 
@@ -86,8 +108,7 @@ class TestGemRequestConnectionPool < Gem::TestCase
86
108
 
87
109
  net_http_args = pools.send :net_http_args, URI('http://[::1]'), nil
88
110
 
89
- expected_host = RUBY_VERSION >= "1.9.3" ? "::1" : "[::1]"
90
- assert_equal [expected_host, 80], net_http_args
111
+ assert_equal ["::1", 80], net_http_args
91
112
  end
92
113
 
93
114
  def test_net_http_args_proxy