rubygems-update 3.2.26 → 3.2.30

data/test/rubygems/test_gem_request.rb

@@ -185,7 +185,7 @@ class TestGemRequest < Gem::TestCase
   end
 
   def test_fetch
-    uri = URI.parse "#{@gem_repo}/specs.#{Gem.marshal_version}"
+    uri = Gem::Uri.new(URI.parse "#{@gem_repo}/specs.#{Gem.marshal_version}")
     response = util_stub_net_http(:body => :junk, :code => 200) do
       @request = make_request(uri, Net::HTTP::Get, nil, nil)
 
@@ -197,31 +197,57 @@ class TestGemRequest < Gem::TestCase
   end
 
   def test_fetch_basic_auth
-    uri = URI.parse "https://user:pass@example.rubygems/specs.#{Gem.marshal_version}"
+    Gem.configuration.verbose = :really
+    uri = Gem::Uri.new(URI.parse "https://user:pass@example.rubygems/specs.#{Gem.marshal_version}")
     conn = util_stub_net_http(:body => :junk, :code => 200) do |c|
-      @request = make_request(uri, Net::HTTP::Get, nil, nil)
-      @request.fetch
+      use_ui @ui do
+        @request = make_request(uri, Net::HTTP::Get, nil, nil)
+        @request.fetch
+      end
       c
     end
 
     auth_header = conn.payload['Authorization']
     assert_equal "Basic #{Base64.encode64('user:pass')}".strip, auth_header
+    assert_includes @ui.output, "GET https://user:REDACTED@example.rubygems/specs.#{Gem.marshal_version}"
   end
 
   def test_fetch_basic_auth_encoded
-    uri = URI.parse "https://user:%7BDEScede%7Dpass@example.rubygems/specs.#{Gem.marshal_version}"
+    Gem.configuration.verbose = :really
+    uri = Gem::Uri.new(URI.parse "https://user:%7BDEScede%7Dpass@example.rubygems/specs.#{Gem.marshal_version}")
+
     conn = util_stub_net_http(:body => :junk, :code => 200) do |c|
-      @request = make_request(uri, Net::HTTP::Get, nil, nil)
-      @request.fetch
+      use_ui @ui do
+        @request = make_request(uri, Net::HTTP::Get, nil, nil)
+        @request.fetch
+      end
       c
     end
 
     auth_header = conn.payload['Authorization']
     assert_equal "Basic #{Base64.encode64('user:{DEScede}pass')}".strip, auth_header
+    assert_includes @ui.output, "GET https://user:REDACTED@example.rubygems/specs.#{Gem.marshal_version}"
+  end
+
+  def test_fetch_basic_oauth_encoded
+    Gem.configuration.verbose = :really
+    uri = Gem::Uri.new(URI.parse "https://%7BDEScede%7Dpass:x-oauth-basic@example.rubygems/specs.#{Gem.marshal_version}")
+
+    conn = util_stub_net_http(:body => :junk, :code => 200) do |c|
+      use_ui @ui do
+        @request = make_request(uri, Net::HTTP::Get, nil, nil)
+        @request.fetch
+      end
+      c
+    end
+
+    auth_header = conn.payload['Authorization']
+    assert_equal "Basic #{Base64.encode64('{DEScede}pass:x-oauth-basic')}".strip, auth_header
+    assert_includes @ui.output, "GET https://REDACTED:x-oauth-basic@example.rubygems/specs.#{Gem.marshal_version}"
   end
 
   def test_fetch_head
-    uri = URI.parse "#{@gem_repo}/specs.#{Gem.marshal_version}"
+    uri = Gem::Uri.new(URI.parse "#{@gem_repo}/specs.#{Gem.marshal_version}")
     response = util_stub_net_http(:body => '', :code => 200) do |conn|
       @request = make_request(uri, Net::HTTP::Get, nil, nil)
       @request.fetch
@@ -232,7 +258,7 @@ class TestGemRequest < Gem::TestCase
   end
 
   def test_fetch_unmodified
-    uri = URI.parse "#{@gem_repo}/specs.#{Gem.marshal_version}"
+    uri = Gem::Uri.new(URI.parse "#{@gem_repo}/specs.#{Gem.marshal_version}")
     t = Time.utc(2013, 1, 2, 3, 4, 5)
     conn, response = util_stub_net_http(:body => '', :code => 304) do |c|
       @request = make_request(uri, Net::HTTP::Get, t, nil)

data/test/rubygems/test_gem_resolver_installer_set.rb

@@ -64,6 +64,24 @@ class TestGemResolverInstallerSet < Gem::TestCase
     assert_equal %w[a-1], set.always_install.map {|s| s.full_name }
   end
 
+  def test_add_always_install_prerelease_github_problem
+    spec_fetcher do |fetcher|
+      fetcher.gem 'a', 1
+    end
+
+    # Github has an issue in which it will generate a misleading prerelease output in its RubyGems server API and
+    # returns a 0 version for the gem while it doesn't exist.
+    @fetcher.data["#{@gem_repo}prerelease_specs.#{Gem.marshal_version}.gz"] = util_gzip(Marshal.dump([
+      Gem::NameTuple.new('a', Gem::Version.new(0), 'ruby'),
+    ]))
+
+    set = Gem::Resolver::InstallerSet.new :both
+
+    set.add_always_install dep('a')
+
+    assert_equal %w[a-1], set.always_install.map {|s| s.full_name }
+  end
+
   def test_add_always_install_prerelease_only
     spec_fetcher do |fetcher|
       fetcher.gem 'a', '3.a'

data/test/rubygems/test_gem_security.rb

@@ -12,6 +12,7 @@ end
 
 class TestGemSecurity < Gem::TestCase
   CHILD_KEY = load_key 'child'
+  EC_KEY = load_key 'private_ec', 'Foo bar'
 
   ALTERNATE_CERT = load_cert 'child'
   CHILD_CERT     = load_cert 'child'
@@ -103,11 +104,38 @@ class TestGemSecurity < Gem::TestCase
   end
 
   def test_class_create_key
-    key = @SEC.create_key 1024
+    key = @SEC.create_key 'rsa'
 
     assert_kind_of OpenSSL::PKey::RSA, key
   end
 
+  def test_class_create_key_downcases
+    key = @SEC.create_key 'DSA'
+
+    assert_kind_of OpenSSL::PKey::DSA, key
+  end
+
+  def test_class_create_key_raises_unknown_algorithm
+    e = assert_raise Gem::Security::Exception do
+      @SEC.create_key 'NOT_RSA'
+    end
+
+    assert_equal "NOT_RSA algorithm not found. RSA, DSA, and EC algorithms are supported.",
+                 e.message
+  end
+
+  def test_class_get_public_key_rsa
+    pkey_pem = PRIVATE_KEY.public_key.to_pem
+
+    assert_equal pkey_pem, @SEC.get_public_key(PRIVATE_KEY).to_pem
+  end
+
+  def test_class_get_public_key_ec
+    pkey = @SEC.get_public_key(EC_KEY)
+
+    assert_respond_to pkey, :to_pem
+  end
+
   def test_class_email_to_name
     assert_equal '/CN=nobody/DC=example',
                  @SEC.email_to_name('nobody@example').to_s
@@ -259,7 +287,7 @@ class TestGemSecurity < Gem::TestCase
   end
 
   def test_class_write
-    key = @SEC.create_key 1024
+    key = @SEC.create_key 'rsa'
 
     path = File.join @tempdir, 'test-private_key.pem'
 
@@ -273,7 +301,7 @@ class TestGemSecurity < Gem::TestCase
   end
 
   def test_class_write_encrypted
-    key = @SEC.create_key 1024
+    key = @SEC.create_key 'rsa'
 
     path = File.join @tempdir, 'test-private_encrypted_key.pem'
 
@@ -289,7 +317,7 @@ class TestGemSecurity < Gem::TestCase
   end
 
   def test_class_write_encrypted_cipher
-    key = @SEC.create_key 1024
+    key = @SEC.create_key 'rsa'
 
     path = File.join @tempdir, 'test-private_encrypted__with_non_default_cipher_key.pem'
 

data/test/rubygems/test_gem_source_fetch_problem.rb

@@ -23,4 +23,14 @@ class TestGemSourceFetchProblem < Gem::TestCase
 
     refute_match sf.wordy, 'secret'
   end
+
+  def test_source_password_no_redacted
+    source = Gem::Source.new 'https://username:secret@gemsource.com'
+    error  = RuntimeError.new 'test'
+
+    sf = Gem::SourceFetchProblem.new source, error
+    sf.wordy
+
+    assert_match 'secret', source.uri.to_s
+  end
 end