rubygems-update 3.4.22 → 3.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (528) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +99 -2
  3. data/Manifest.txt +34 -221
  4. data/README.md +1 -3
  5. data/bundler/CHANGELOG.md +53 -0
  6. data/bundler/bundler.gemspec +4 -2
  7. data/bundler/exe/bundle +1 -10
  8. data/bundler/lib/bundler/build_metadata.rb +3 -3
  9. data/bundler/lib/bundler/capistrano.rb +1 -1
  10. data/bundler/lib/bundler/checksum.rb +245 -0
  11. data/bundler/lib/bundler/ci_detector.rb +75 -0
  12. data/bundler/lib/bundler/cli/add.rb +3 -3
  13. data/bundler/lib/bundler/cli/binstubs.rb +4 -4
  14. data/bundler/lib/bundler/cli/cache.rb +1 -1
  15. data/bundler/lib/bundler/cli/check.rb +1 -1
  16. data/bundler/lib/bundler/cli/common.rb +9 -1
  17. data/bundler/lib/bundler/cli/config.rb +8 -7
  18. data/bundler/lib/bundler/cli/console.rb +3 -2
  19. data/bundler/lib/bundler/cli/doctor.rb +2 -2
  20. data/bundler/lib/bundler/cli/exec.rb +1 -1
  21. data/bundler/lib/bundler/cli/gem.rb +28 -23
  22. data/bundler/lib/bundler/cli/info.rb +2 -13
  23. data/bundler/lib/bundler/cli/install.rb +5 -4
  24. data/bundler/lib/bundler/cli/issue.rb +1 -1
  25. data/bundler/lib/bundler/cli/lock.rb +4 -4
  26. data/bundler/lib/bundler/cli/open.rb +1 -1
  27. data/bundler/lib/bundler/cli/outdated.rb +6 -6
  28. data/bundler/lib/bundler/cli/plugin.rb +7 -14
  29. data/bundler/lib/bundler/cli/pristine.rb +38 -30
  30. data/bundler/lib/bundler/cli/show.rb +2 -2
  31. data/bundler/lib/bundler/cli/update.rb +5 -5
  32. data/bundler/lib/bundler/cli.rb +215 -263
  33. data/bundler/lib/bundler/compact_index_client/cache.rb +29 -9
  34. data/bundler/lib/bundler/compact_index_client/cache_file.rb +153 -0
  35. data/bundler/lib/bundler/compact_index_client/gem_parser.rb +7 -3
  36. data/bundler/lib/bundler/compact_index_client/updater.rb +79 -81
  37. data/bundler/lib/bundler/compact_index_client.rb +14 -7
  38. data/bundler/lib/bundler/constants.rb +1 -1
  39. data/bundler/lib/bundler/current_ruby.rb +5 -21
  40. data/bundler/lib/bundler/definition.rb +42 -15
  41. data/bundler/lib/bundler/dependency.rb +16 -12
  42. data/bundler/lib/bundler/digest.rb +2 -2
  43. data/bundler/lib/bundler/dsl.rb +43 -25
  44. data/bundler/lib/bundler/endpoint_specification.rb +5 -1
  45. data/bundler/lib/bundler/env.rb +1 -3
  46. data/bundler/lib/bundler/errors.rb +43 -0
  47. data/bundler/lib/bundler/fetcher/base.rb +3 -1
  48. data/bundler/lib/bundler/fetcher/compact_index.rb +4 -4
  49. data/bundler/lib/bundler/fetcher/downloader.rb +13 -11
  50. data/bundler/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
  51. data/bundler/lib/bundler/fetcher/index.rb +1 -1
  52. data/bundler/lib/bundler/fetcher.rb +28 -25
  53. data/bundler/lib/bundler/friendly_errors.rb +5 -5
  54. data/bundler/lib/bundler/gem_helper.rb +1 -1
  55. data/bundler/lib/bundler/gem_helpers.rb +5 -2
  56. data/bundler/lib/bundler/graph.rb +9 -9
  57. data/bundler/lib/bundler/index.rb +1 -2
  58. data/bundler/lib/bundler/injector.rb +1 -1
  59. data/bundler/lib/bundler/inline.rb +3 -3
  60. data/bundler/lib/bundler/installer/gem_installer.rb +5 -5
  61. data/bundler/lib/bundler/installer/parallel_installer.rb +16 -8
  62. data/bundler/lib/bundler/installer/standalone.rb +2 -3
  63. data/bundler/lib/bundler/installer.rb +9 -9
  64. data/bundler/lib/bundler/lazy_specification.rb +24 -17
  65. data/bundler/lib/bundler/lockfile_generator.rb +9 -0
  66. data/bundler/lib/bundler/lockfile_parser.rb +81 -10
  67. data/bundler/lib/bundler/man/bundle-add.1 +3 -26
  68. data/bundler/lib/bundler/man/bundle-binstubs.1 +4 -16
  69. data/bundler/lib/bundler/man/bundle-cache.1 +3 -24
  70. data/bundler/lib/bundler/man/bundle-check.1 +3 -12
  71. data/bundler/lib/bundler/man/bundle-clean.1 +3 -10
  72. data/bundler/lib/bundler/man/bundle-config.1 +20 -211
  73. data/bundler/lib/bundler/man/bundle-config.1.ronn +6 -0
  74. data/bundler/lib/bundler/man/bundle-console.1 +4 -22
  75. data/bundler/lib/bundler/man/bundle-doctor.1 +4 -18
  76. data/bundler/lib/bundler/man/bundle-exec.1 +12 -73
  77. data/bundler/lib/bundler/man/bundle-gem.1 +13 -49
  78. data/bundler/lib/bundler/man/bundle-help.1 +3 -7
  79. data/bundler/lib/bundler/man/bundle-info.1 +3 -9
  80. data/bundler/lib/bundler/man/bundle-init.1 +3 -12
  81. data/bundler/lib/bundler/man/bundle-inject.1 +6 -19
  82. data/bundler/lib/bundler/man/bundle-install.1 +27 -125
  83. data/bundler/lib/bundler/man/bundle-install.1.ronn +1 -0
  84. data/bundler/lib/bundler/man/bundle-list.1 +4 -19
  85. data/bundler/lib/bundler/man/bundle-lock.1 +5 -29
  86. data/bundler/lib/bundler/man/bundle-open.1 +7 -27
  87. data/bundler/lib/bundler/man/bundle-outdated.1 +3 -55
  88. data/bundler/lib/bundler/man/bundle-outdated.1.ronn +1 -0
  89. data/bundler/lib/bundler/man/bundle-platform.1 +5 -27
  90. data/bundler/lib/bundler/man/bundle-plugin.1 +3 -29
  91. data/bundler/lib/bundler/man/bundle-pristine.1 +5 -16
  92. data/bundler/lib/bundler/man/bundle-remove.1 +4 -14
  93. data/bundler/lib/bundler/man/bundle-show.1 +3 -10
  94. data/bundler/lib/bundler/man/bundle-update.1 +18 -137
  95. data/bundler/lib/bundler/man/bundle-version.1 +3 -16
  96. data/bundler/lib/bundler/man/bundle-viz.1 +4 -16
  97. data/bundler/lib/bundler/man/bundle.1 +5 -44
  98. data/bundler/lib/bundler/man/gemfile.5 +24 -301
  99. data/bundler/lib/bundler/man/gemfile.5.ronn +4 -0
  100. data/bundler/lib/bundler/match_metadata.rb +4 -0
  101. data/bundler/lib/bundler/match_platform.rb +1 -1
  102. data/bundler/lib/bundler/plugin/api/source.rb +3 -2
  103. data/bundler/lib/bundler/plugin/installer.rb +1 -1
  104. data/bundler/lib/bundler/plugin.rb +3 -3
  105. data/bundler/lib/bundler/resolver/base.rb +1 -1
  106. data/bundler/lib/bundler/resolver/incompatibility.rb +1 -1
  107. data/bundler/lib/bundler/resolver/spec_group.rb +1 -4
  108. data/bundler/lib/bundler/resolver.rb +16 -16
  109. data/bundler/lib/bundler/ruby_dsl.rb +20 -12
  110. data/bundler/lib/bundler/ruby_version.rb +1 -1
  111. data/bundler/lib/bundler/rubygems_ext.rb +24 -50
  112. data/bundler/lib/bundler/rubygems_gem_installer.rb +6 -56
  113. data/bundler/lib/bundler/rubygems_integration.rb +25 -94
  114. data/bundler/lib/bundler/runtime.rb +2 -2
  115. data/bundler/lib/bundler/self_manager.rb +23 -7
  116. data/bundler/lib/bundler/settings.rb +27 -7
  117. data/bundler/lib/bundler/setup.rb +4 -1
  118. data/bundler/lib/bundler/shared_helpers.rb +35 -13
  119. data/bundler/lib/bundler/source/git/git_proxy.rb +15 -15
  120. data/bundler/lib/bundler/source/git.rb +4 -3
  121. data/bundler/lib/bundler/source/metadata.rb +15 -15
  122. data/bundler/lib/bundler/source/path.rb +7 -6
  123. data/bundler/lib/bundler/source/rubygems.rb +21 -14
  124. data/bundler/lib/bundler/source.rb +2 -0
  125. data/bundler/lib/bundler/spec_set.rb +38 -10
  126. data/bundler/lib/bundler/stub_specification.rb +1 -0
  127. data/bundler/lib/bundler/templates/Executable.bundler +1 -1
  128. data/bundler/lib/bundler/templates/newgem/README.md.tt +3 -3
  129. data/bundler/lib/bundler/templates/newgem/Rakefile.tt +2 -6
  130. data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +1 -1
  131. data/bundler/lib/bundler/templates/newgem/standard.yml.tt +1 -1
  132. data/bundler/lib/bundler/ui/shell.rb +1 -1
  133. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +1 -1
  134. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +53 -6
  135. data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +8 -20
  136. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +3 -3
  137. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +2 -2
  138. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +1 -1
  139. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +35 -35
  140. data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +3 -0
  141. data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +256 -132
  142. data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +1 -0
  143. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +95 -31
  144. data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
  145. data/bundler/lib/bundler/vendored_net_http.rb +8 -0
  146. data/bundler/lib/bundler/vendored_persistent.rb +0 -4
  147. data/bundler/lib/bundler/vendored_timeout.rb +8 -0
  148. data/bundler/lib/bundler/version.rb +1 -1
  149. data/bundler/lib/bundler/vlad.rb +1 -1
  150. data/bundler/lib/bundler/yaml_serializer.rb +3 -3
  151. data/bundler/lib/bundler.rb +38 -27
  152. data/lib/rubygems/available_set.rb +4 -4
  153. data/lib/rubygems/basic_specification.rb +35 -37
  154. data/lib/rubygems/bundler_version_finder.rb +4 -4
  155. data/lib/rubygems/ci_detector.rb +75 -0
  156. data/lib/rubygems/command.rb +13 -15
  157. data/lib/rubygems/command_manager.rb +5 -4
  158. data/lib/rubygems/commands/build_command.rb +2 -2
  159. data/lib/rubygems/commands/cert_command.rb +1 -2
  160. data/lib/rubygems/commands/check_command.rb +4 -4
  161. data/lib/rubygems/commands/cleanup_command.rb +12 -14
  162. data/lib/rubygems/commands/contents_command.rb +4 -4
  163. data/lib/rubygems/commands/dependency_command.rb +4 -5
  164. data/lib/rubygems/commands/environment_command.rb +1 -3
  165. data/lib/rubygems/commands/exec_command.rb +1 -1
  166. data/lib/rubygems/commands/fetch_command.rb +2 -2
  167. data/lib/rubygems/commands/generate_index_command.rb +39 -74
  168. data/lib/rubygems/commands/help_command.rb +3 -3
  169. data/lib/rubygems/commands/info_command.rb +2 -2
  170. data/lib/rubygems/commands/install_command.rb +8 -16
  171. data/lib/rubygems/commands/list_command.rb +2 -2
  172. data/lib/rubygems/commands/lock_command.rb +1 -1
  173. data/lib/rubygems/commands/open_command.rb +1 -1
  174. data/lib/rubygems/commands/owner_command.rb +1 -1
  175. data/lib/rubygems/commands/pristine_command.rb +13 -15
  176. data/lib/rubygems/commands/push_command.rb +2 -2
  177. data/lib/rubygems/commands/query_command.rb +4 -5
  178. data/lib/rubygems/commands/rdoc_command.rb +2 -2
  179. data/lib/rubygems/commands/search_command.rb +2 -2
  180. data/lib/rubygems/commands/setup_command.rb +31 -34
  181. data/lib/rubygems/commands/sources_command.rb +12 -12
  182. data/lib/rubygems/commands/specification_command.rb +10 -10
  183. data/lib/rubygems/commands/stale_command.rb +1 -1
  184. data/lib/rubygems/commands/uninstall_command.rb +9 -10
  185. data/lib/rubygems/commands/unpack_command.rb +4 -4
  186. data/lib/rubygems/commands/update_command.rb +10 -12
  187. data/lib/rubygems/commands/which_command.rb +1 -1
  188. data/lib/rubygems/commands/yank_command.rb +1 -1
  189. data/lib/rubygems/compatibility.rb +5 -6
  190. data/lib/rubygems/config_file.rb +4 -4
  191. data/lib/rubygems/core_ext/kernel_gem.rb +0 -2
  192. data/lib/rubygems/core_ext/kernel_require.rb +19 -48
  193. data/lib/rubygems/core_ext/kernel_warn.rb +1 -1
  194. data/lib/rubygems/core_ext/tcpsocket_init.rb +1 -1
  195. data/lib/rubygems/defaults.rb +15 -3
  196. data/lib/rubygems/dependency.rb +12 -14
  197. data/lib/rubygems/dependency_installer.rb +29 -30
  198. data/lib/rubygems/dependency_list.rb +1 -1
  199. data/lib/rubygems/deprecate.rb +16 -15
  200. data/lib/rubygems/doctor.rb +5 -5
  201. data/lib/rubygems/errors.rb +2 -6
  202. data/lib/rubygems/exceptions.rb +2 -1
  203. data/lib/rubygems/ext/builder.rb +15 -10
  204. data/lib/rubygems/ext/cargo_builder.rb +5 -5
  205. data/lib/rubygems/ext/ext_conf_builder.rb +1 -3
  206. data/lib/rubygems/gem_runner.rb +4 -4
  207. data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +3 -3
  208. data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +3 -3
  209. data/lib/rubygems/gemcutter_utilities.rb +18 -19
  210. data/lib/rubygems/install_update_options.rb +18 -19
  211. data/lib/rubygems/installer.rb +59 -33
  212. data/lib/rubygems/installer_uninstaller_utils.rb +0 -2
  213. data/lib/rubygems/local_remote_options.rb +7 -10
  214. data/lib/rubygems/name_tuple.rb +7 -9
  215. data/lib/rubygems/net/http.rb +3 -0
  216. data/lib/rubygems/net-http/LICENSE.txt +22 -0
  217. data/lib/rubygems/net-http/lib/net/http/backward.rb +40 -0
  218. data/lib/rubygems/net-http/lib/net/http/exceptions.rb +34 -0
  219. data/lib/rubygems/net-http/lib/net/http/generic_request.rb +414 -0
  220. data/lib/rubygems/net-http/lib/net/http/header.rb +981 -0
  221. data/lib/rubygems/net-http/lib/net/http/proxy_delta.rb +17 -0
  222. data/lib/rubygems/net-http/lib/net/http/request.rb +88 -0
  223. data/lib/rubygems/net-http/lib/net/http/requests.rb +425 -0
  224. data/lib/rubygems/net-http/lib/net/http/response.rb +738 -0
  225. data/lib/rubygems/net-http/lib/net/http/responses.rb +1174 -0
  226. data/lib/rubygems/net-http/lib/net/http/status.rb +84 -0
  227. data/lib/rubygems/net-http/lib/net/http.rb +2496 -0
  228. data/lib/rubygems/net-http/lib/net/https.rb +23 -0
  229. data/lib/rubygems/net-protocol/LICENSE.txt +22 -0
  230. data/lib/rubygems/net-protocol/lib/net/protocol.rb +544 -0
  231. data/lib/rubygems/optparse/lib/optparse.rb +39 -17
  232. data/lib/rubygems/package/old.rb +2 -2
  233. data/lib/rubygems/package/tar_header.rb +45 -39
  234. data/lib/rubygems/package/tar_reader/entry.rb +5 -4
  235. data/lib/rubygems/package/tar_reader.rb +5 -3
  236. data/lib/rubygems/package/tar_writer.rb +19 -17
  237. data/lib/rubygems/package.rb +27 -26
  238. data/lib/rubygems/package_task.rb +2 -2
  239. data/lib/rubygems/path_support.rb +9 -10
  240. data/lib/rubygems/platform.rb +60 -45
  241. data/lib/rubygems/query_utils.rb +7 -9
  242. data/lib/rubygems/remote_fetcher.rb +15 -15
  243. data/lib/rubygems/request/connection_pools.rb +3 -3
  244. data/lib/rubygems/request.rb +20 -17
  245. data/lib/rubygems/request_set/gem_dependency_api.rb +119 -122
  246. data/lib/rubygems/request_set/lockfile/parser.rb +9 -9
  247. data/lib/rubygems/request_set/lockfile/tokenizer.rb +20 -12
  248. data/lib/rubygems/request_set/lockfile.rb +6 -11
  249. data/lib/rubygems/request_set.rb +5 -5
  250. data/lib/rubygems/requirement.rb +7 -7
  251. data/lib/rubygems/resolv/LICENSE.txt +22 -0
  252. data/lib/rubygems/resolv/lib/resolv.rb +3387 -0
  253. data/lib/rubygems/resolver/activation_request.rb +1 -3
  254. data/lib/rubygems/resolver/api_set/gem_parser.rb +7 -3
  255. data/lib/rubygems/resolver/best_set.rb +1 -1
  256. data/lib/rubygems/resolver/composed_set.rb +1 -1
  257. data/lib/rubygems/resolver/conflict.rb +4 -12
  258. data/lib/rubygems/resolver/index_set.rb +4 -4
  259. data/lib/rubygems/resolver/index_specification.rb +2 -2
  260. data/lib/rubygems/resolver/installer_set.rb +5 -6
  261. data/lib/rubygems/resolver/lock_set.rb +1 -1
  262. data/lib/rubygems/resolver.rb +3 -10
  263. data/lib/rubygems/s3_uri_signer.rb +6 -6
  264. data/lib/rubygems/safe_marshal/elements.rb +138 -0
  265. data/lib/rubygems/safe_marshal/reader.rb +306 -0
  266. data/lib/rubygems/safe_marshal/visitors/stream_printer.rb +31 -0
  267. data/lib/rubygems/safe_marshal/visitors/to_ruby.rb +385 -0
  268. data/lib/rubygems/safe_marshal/visitors/visitor.rb +74 -0
  269. data/lib/rubygems/safe_marshal.rb +74 -0
  270. data/lib/rubygems/safe_yaml.rb +5 -28
  271. data/lib/rubygems/security/policies.rb +36 -38
  272. data/lib/rubygems/security/policy.rb +7 -11
  273. data/lib/rubygems/security/signer.rb +1 -1
  274. data/lib/rubygems/security/trust_dir.rb +3 -3
  275. data/lib/rubygems/security.rb +8 -22
  276. data/lib/rubygems/source/git.rb +1 -3
  277. data/lib/rubygems/source/installed.rb +0 -2
  278. data/lib/rubygems/source/local.rb +5 -8
  279. data/lib/rubygems/source/lock.rb +1 -3
  280. data/lib/rubygems/source/specific_file.rb +0 -1
  281. data/lib/rubygems/source/vendor.rb +0 -2
  282. data/lib/rubygems/source.rb +12 -12
  283. data/lib/rubygems/source_list.rb +4 -4
  284. data/lib/rubygems/spec_fetcher.rb +29 -29
  285. data/lib/rubygems/specification.rb +125 -138
  286. data/lib/rubygems/specification_policy.rb +55 -25
  287. data/lib/rubygems/stub_specification.rb +4 -5
  288. data/lib/rubygems/text.rb +1 -2
  289. data/lib/rubygems/timeout/LICENSE.txt +22 -0
  290. data/lib/rubygems/timeout/lib/timeout.rb +199 -0
  291. data/lib/rubygems/timeout.rb +3 -0
  292. data/lib/rubygems/tsort/lib/tsort.rb +3 -0
  293. data/lib/rubygems/uninstaller.rb +7 -9
  294. data/lib/rubygems/update_suggestion.rb +5 -18
  295. data/lib/rubygems/uri_formatter.rb +1 -1
  296. data/lib/rubygems/user_interaction.rb +15 -21
  297. data/lib/rubygems/util/licenses.rb +65 -35
  298. data/lib/rubygems/util/list.rb +3 -1
  299. data/lib/rubygems/util.rb +2 -4
  300. data/lib/rubygems/validator.rb +5 -3
  301. data/lib/rubygems/version.rb +34 -28
  302. data/lib/rubygems/version_option.rb +2 -5
  303. data/lib/rubygems/yaml_serializer.rb +3 -3
  304. data/lib/rubygems.rb +37 -37
  305. data/rubygems-update.gemspec +4 -4
  306. data/setup.rb +2 -2
  307. metadata +38 -225
  308. data/lib/rubygems/indexer.rb +0 -428
  309. data/lib/rubygems/mock_gem_ui.rb +0 -86
  310. data/test/rubygems/alternate_cert.pem +0 -19
  311. data/test/rubygems/alternate_cert_32.pem +0 -19
  312. data/test/rubygems/alternate_key.pem +0 -27
  313. data/test/rubygems/bad_rake.rb +0 -3
  314. data/test/rubygems/bundler_test_gem.rb +0 -424
  315. data/test/rubygems/ca_cert.pem +0 -77
  316. data/test/rubygems/child_cert.pem +0 -19
  317. data/test/rubygems/child_cert_32.pem +0 -19
  318. data/test/rubygems/child_key.pem +0 -27
  319. data/test/rubygems/client.pem +0 -107
  320. data/test/rubygems/data/excon-0.7.7.gemspec.rz +0 -0
  321. data/test/rubygems/data/gem-private_key.pem +0 -27
  322. data/test/rubygems/data/gem-public_cert.pem +0 -20
  323. data/test/rubygems/data/null-required-ruby-version.gemspec.rz +0 -0
  324. data/test/rubygems/data/null-required-rubygems-version.gemspec.rz +0 -0
  325. data/test/rubygems/data/pry-0.4.7.gemspec.rz +0 -0
  326. data/test/rubygems/encrypted_private_key.pem +0 -30
  327. data/test/rubygems/expired_cert.pem +0 -19
  328. data/test/rubygems/fake_certlib/openssl.rb +0 -9
  329. data/test/rubygems/foo/discover.rb +0 -1
  330. data/test/rubygems/future_cert.pem +0 -19
  331. data/test/rubygems/future_cert_32.pem +0 -19
  332. data/test/rubygems/good_rake.rb +0 -3
  333. data/test/rubygems/grandchild_cert.pem +0 -19
  334. data/test/rubygems/grandchild_cert_32.pem +0 -19
  335. data/test/rubygems/grandchild_key.pem +0 -27
  336. data/test/rubygems/helper.rb +0 -1649
  337. data/test/rubygems/installer_test_case.rb +0 -248
  338. data/test/rubygems/invalid_client.pem +0 -49
  339. data/test/rubygems/invalid_issuer_cert.pem +0 -20
  340. data/test/rubygems/invalid_issuer_cert_32.pem +0 -20
  341. data/test/rubygems/invalid_key.pem +0 -27
  342. data/test/rubygems/invalid_signer_cert.pem +0 -19
  343. data/test/rubygems/invalid_signer_cert_32.pem +0 -19
  344. data/test/rubygems/invalidchild_cert.pem +0 -19
  345. data/test/rubygems/invalidchild_cert_32.pem +0 -19
  346. data/test/rubygems/invalidchild_key.pem +0 -27
  347. data/test/rubygems/multifactor_auth_utilities.rb +0 -111
  348. data/test/rubygems/package/tar_test_case.rb +0 -175
  349. data/test/rubygems/packages/Bluebie-legs-0.6.2.gem +0 -0
  350. data/test/rubygems/packages/ascii_binder-0.1.10.1.gem +0 -0
  351. data/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem +0 -0
  352. data/test/rubygems/plugin/exception/rubygems_plugin.rb +0 -4
  353. data/test/rubygems/plugin/load/rubygems_plugin.rb +0 -5
  354. data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +0 -4
  355. data/test/rubygems/private3072_key.pem +0 -40
  356. data/test/rubygems/private_ec_key.pem +0 -9
  357. data/test/rubygems/private_key.pem +0 -27
  358. data/test/rubygems/public3072_cert.pem +0 -25
  359. data/test/rubygems/public_cert.pem +0 -20
  360. data/test/rubygems/public_cert_32.pem +0 -19
  361. data/test/rubygems/public_key.pem +0 -9
  362. data/test/rubygems/rubygems/commands/crash_command.rb +0 -5
  363. data/test/rubygems/rubygems_plugin.rb +0 -24
  364. data/test/rubygems/sff/discover.rb +0 -1
  365. data/test/rubygems/simple_gem.rb +0 -68
  366. data/test/rubygems/specifications/bar-0.0.2.gemspec +0 -9
  367. data/test/rubygems/specifications/foo-0.0.1-x86-mswin32.gemspec +0 -0
  368. data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +0 -14
  369. data/test/rubygems/ssl_cert.pem +0 -80
  370. data/test/rubygems/ssl_key.pem +0 -27
  371. data/test/rubygems/test_bundled_ca.rb +0 -61
  372. data/test/rubygems/test_config.rb +0 -28
  373. data/test/rubygems/test_deprecate.rb +0 -158
  374. data/test/rubygems/test_exit.rb +0 -17
  375. data/test/rubygems/test_gem.rb +0 -1799
  376. data/test/rubygems/test_gem_available_set.rb +0 -130
  377. data/test/rubygems/test_gem_bundler_version_finder.rb +0 -127
  378. data/test/rubygems/test_gem_command.rb +0 -403
  379. data/test/rubygems/test_gem_command_manager.rb +0 -400
  380. data/test/rubygems/test_gem_commands_build_command.rb +0 -739
  381. data/test/rubygems/test_gem_commands_cert_command.rb +0 -866
  382. data/test/rubygems/test_gem_commands_check_command.rb +0 -68
  383. data/test/rubygems/test_gem_commands_cleanup_command.rb +0 -292
  384. data/test/rubygems/test_gem_commands_contents_command.rb +0 -271
  385. data/test/rubygems/test_gem_commands_dependency_command.rb +0 -228
  386. data/test/rubygems/test_gem_commands_environment_command.rb +0 -169
  387. data/test/rubygems/test_gem_commands_exec_command.rb +0 -857
  388. data/test/rubygems/test_gem_commands_fetch_command.rb +0 -258
  389. data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -81
  390. data/test/rubygems/test_gem_commands_help_command.rb +0 -94
  391. data/test/rubygems/test_gem_commands_info_command.rb +0 -70
  392. data/test/rubygems/test_gem_commands_install_command.rb +0 -1573
  393. data/test/rubygems/test_gem_commands_list_command.rb +0 -33
  394. data/test/rubygems/test_gem_commands_lock_command.rb +0 -67
  395. data/test/rubygems/test_gem_commands_mirror.rb +0 -20
  396. data/test/rubygems/test_gem_commands_open_command.rb +0 -101
  397. data/test/rubygems/test_gem_commands_outdated_command.rb +0 -50
  398. data/test/rubygems/test_gem_commands_owner_command.rb +0 -503
  399. data/test/rubygems/test_gem_commands_pristine_command.rb +0 -708
  400. data/test/rubygems/test_gem_commands_push_command.rb +0 -603
  401. data/test/rubygems/test_gem_commands_query_command.rb +0 -858
  402. data/test/rubygems/test_gem_commands_search_command.rb +0 -16
  403. data/test/rubygems/test_gem_commands_server_command.rb +0 -20
  404. data/test/rubygems/test_gem_commands_setup_command.rb +0 -474
  405. data/test/rubygems/test_gem_commands_signin_command.rb +0 -259
  406. data/test/rubygems/test_gem_commands_signout_command.rb +0 -30
  407. data/test/rubygems/test_gem_commands_sources_command.rb +0 -534
  408. data/test/rubygems/test_gem_commands_specification_command.rb +0 -277
  409. data/test/rubygems/test_gem_commands_stale_command.rb +0 -43
  410. data/test/rubygems/test_gem_commands_uninstall_command.rb +0 -542
  411. data/test/rubygems/test_gem_commands_unpack_command.rb +0 -224
  412. data/test/rubygems/test_gem_commands_update_command.rb +0 -836
  413. data/test/rubygems/test_gem_commands_which_command.rb +0 -85
  414. data/test/rubygems/test_gem_commands_yank_command.rb +0 -299
  415. data/test/rubygems/test_gem_config_file.rb +0 -551
  416. data/test/rubygems/test_gem_dependency.rb +0 -398
  417. data/test/rubygems/test_gem_dependency_installer.rb +0 -1190
  418. data/test/rubygems/test_gem_dependency_list.rb +0 -265
  419. data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -27
  420. data/test/rubygems/test_gem_doctor.rb +0 -195
  421. data/test/rubygems/test_gem_ext_builder.rb +0 -337
  422. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/.gitignore +0 -1
  423. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/custom_name.gemspec +0 -10
  424. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock +0 -249
  425. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.toml +0 -10
  426. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/src/lib.rs +0 -27
  427. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/lib/custom_name.rb +0 -3
  428. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/.gitignore +0 -1
  429. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock +0 -249
  430. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.toml +0 -10
  431. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/rust_ruby_example.gemspec +0 -10
  432. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/src/lib.rs +0 -51
  433. data/test/rubygems/test_gem_ext_cargo_builder.rb +0 -167
  434. data/test/rubygems/test_gem_ext_cargo_builder_link_flag_converter.rb +0 -34
  435. data/test/rubygems/test_gem_ext_cargo_builder_unit.rb +0 -60
  436. data/test/rubygems/test_gem_ext_cmake_builder.rb +0 -84
  437. data/test/rubygems/test_gem_ext_configure_builder.rb +0 -80
  438. data/test/rubygems/test_gem_ext_ext_conf_builder.rb +0 -229
  439. data/test/rubygems/test_gem_ext_rake_builder.rb +0 -113
  440. data/test/rubygems/test_gem_gem_runner.rb +0 -119
  441. data/test/rubygems/test_gem_gemcutter_utilities.rb +0 -361
  442. data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -60
  443. data/test/rubygems/test_gem_indexer.rb +0 -381
  444. data/test/rubygems/test_gem_install_update_options.rb +0 -208
  445. data/test/rubygems/test_gem_installer.rb +0 -2512
  446. data/test/rubygems/test_gem_local_remote_options.rb +0 -133
  447. data/test/rubygems/test_gem_name_tuple.rb +0 -43
  448. data/test/rubygems/test_gem_package.rb +0 -1306
  449. data/test/rubygems/test_gem_package_old.rb +0 -91
  450. data/test/rubygems/test_gem_package_tar_header.rb +0 -226
  451. data/test/rubygems/test_gem_package_tar_reader.rb +0 -150
  452. data/test/rubygems/test_gem_package_tar_reader_entry.rb +0 -350
  453. data/test/rubygems/test_gem_package_tar_writer.rb +0 -331
  454. data/test/rubygems/test_gem_package_task.rb +0 -118
  455. data/test/rubygems/test_gem_path_support.rb +0 -139
  456. data/test/rubygems/test_gem_platform.rb +0 -497
  457. data/test/rubygems/test_gem_rdoc.rb +0 -137
  458. data/test/rubygems/test_gem_remote_fetcher.rb +0 -1227
  459. data/test/rubygems/test_gem_request.rb +0 -547
  460. data/test/rubygems/test_gem_request_connection_pools.rb +0 -152
  461. data/test/rubygems/test_gem_request_set.rb +0 -672
  462. data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +0 -853
  463. data/test/rubygems/test_gem_request_set_lockfile.rb +0 -469
  464. data/test/rubygems/test_gem_request_set_lockfile_parser.rb +0 -544
  465. data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +0 -307
  466. data/test/rubygems/test_gem_requirement.rb +0 -505
  467. data/test/rubygems/test_gem_resolver.rb +0 -859
  468. data/test/rubygems/test_gem_resolver_activation_request.rb +0 -43
  469. data/test/rubygems/test_gem_resolver_api_set.rb +0 -210
  470. data/test/rubygems/test_gem_resolver_api_specification.rb +0 -167
  471. data/test/rubygems/test_gem_resolver_best_set.rb +0 -159
  472. data/test/rubygems/test_gem_resolver_composed_set.rb +0 -44
  473. data/test/rubygems/test_gem_resolver_conflict.rb +0 -82
  474. data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -83
  475. data/test/rubygems/test_gem_resolver_git_set.rb +0 -188
  476. data/test/rubygems/test_gem_resolver_git_specification.rb +0 -114
  477. data/test/rubygems/test_gem_resolver_index_set.rb +0 -88
  478. data/test/rubygems/test_gem_resolver_index_specification.rb +0 -93
  479. data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -47
  480. data/test/rubygems/test_gem_resolver_installer_set.rb +0 -320
  481. data/test/rubygems/test_gem_resolver_local_specification.rb +0 -44
  482. data/test/rubygems/test_gem_resolver_lock_set.rb +0 -62
  483. data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -98
  484. data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -19
  485. data/test/rubygems/test_gem_resolver_specification.rb +0 -63
  486. data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -82
  487. data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -82
  488. data/test/rubygems/test_gem_security.rb +0 -341
  489. data/test/rubygems/test_gem_security_policy.rb +0 -535
  490. data/test/rubygems/test_gem_security_signer.rb +0 -218
  491. data/test/rubygems/test_gem_security_trust_dir.rb +0 -99
  492. data/test/rubygems/test_gem_silent_ui.rb +0 -123
  493. data/test/rubygems/test_gem_source.rb +0 -254
  494. data/test/rubygems/test_gem_source_fetch_problem.rb +0 -37
  495. data/test/rubygems/test_gem_source_git.rb +0 -310
  496. data/test/rubygems/test_gem_source_installed.rb +0 -35
  497. data/test/rubygems/test_gem_source_list.rb +0 -119
  498. data/test/rubygems/test_gem_source_local.rb +0 -107
  499. data/test/rubygems/test_gem_source_lock.rb +0 -113
  500. data/test/rubygems/test_gem_source_specific_file.rb +0 -76
  501. data/test/rubygems/test_gem_source_subpath_problem.rb +0 -50
  502. data/test/rubygems/test_gem_source_vendor.rb +0 -30
  503. data/test/rubygems/test_gem_spec_fetcher.rb +0 -338
  504. data/test/rubygems/test_gem_specification.rb +0 -3856
  505. data/test/rubygems/test_gem_stream_ui.rb +0 -255
  506. data/test/rubygems/test_gem_stub_specification.rb +0 -278
  507. data/test/rubygems/test_gem_text.rb +0 -103
  508. data/test/rubygems/test_gem_uninstaller.rb +0 -675
  509. data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -31
  510. data/test/rubygems/test_gem_update_suggestion.rb +0 -209
  511. data/test/rubygems/test_gem_uri.rb +0 -41
  512. data/test/rubygems/test_gem_uri_formatter.rb +0 -27
  513. data/test/rubygems/test_gem_util.rb +0 -91
  514. data/test/rubygems/test_gem_validator.rb +0 -42
  515. data/test/rubygems/test_gem_version.rb +0 -305
  516. data/test/rubygems/test_gem_version_option.rb +0 -165
  517. data/test/rubygems/test_kernel.rb +0 -124
  518. data/test/rubygems/test_project_sanity.rb +0 -49
  519. data/test/rubygems/test_remote_fetch_error.rb +0 -20
  520. data/test/rubygems/test_require.rb +0 -732
  521. data/test/rubygems/test_rubygems.rb +0 -76
  522. data/test/rubygems/test_webauthn_listener.rb +0 -143
  523. data/test/rubygems/test_webauthn_listener_response.rb +0 -93
  524. data/test/rubygems/test_webauthn_poller.rb +0 -124
  525. data/test/rubygems/utilities.rb +0 -436
  526. data/test/rubygems/wrong_key_cert.pem +0 -19
  527. data/test/rubygems/wrong_key_cert_32.pem +0 -19
  528. data/test/test_changelog_generator.rb +0 -17
@@ -1,535 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require_relative "helper"
4
-
5
- unless Gem::HAVE_OPENSSL
6
- warn "Skipping Gem::Security::Policy tests. openssl not found."
7
- end
8
-
9
- class TestGemSecurityPolicy < Gem::TestCase
10
- ALTERNATE_KEY = load_key "alternate"
11
- INVALID_KEY = load_key "invalid"
12
- CHILD_KEY = load_key "child"
13
- GRANDCHILD_KEY = load_key "grandchild"
14
- INVALIDCHILD_KEY = load_key "invalidchild"
15
-
16
- ALTERNATE_CERT = load_cert "alternate"
17
- CA_CERT = load_cert "ca"
18
- CHILD_CERT = load_cert "child"
19
- EXPIRED_CERT = load_cert "expired"
20
- FUTURE_CERT = load_cert "future"
21
- GRANDCHILD_CERT = load_cert "grandchild"
22
- INVALIDCHILD_CERT = load_cert "invalidchild"
23
- INVALID_ISSUER_CERT = load_cert "invalid_issuer"
24
- INVALID_SIGNER_CERT = load_cert "invalid_signer"
25
- WRONG_KEY_CERT = load_cert "wrong_key"
26
-
27
- def setup
28
- super
29
-
30
- @spec = quick_gem "a" do |s|
31
- s.description = "π"
32
- s.files = %w[lib/code.rb]
33
- end
34
-
35
- @digest = OpenSSL::Digest.new Gem::Security::DIGEST_NAME
36
- @trust_dir = Gem::Security.trust_dir.dir # HACK: use the object
37
-
38
- @no = Gem::Security::NoSecurity
39
- @almost_no = Gem::Security::AlmostNoSecurity
40
- @low = Gem::Security::LowSecurity
41
- @medium = Gem::Security::MediumSecurity
42
- @high = Gem::Security::HighSecurity
43
-
44
- @chain = Gem::Security::Policy.new(
45
- "Chain",
46
- :verify_data => true,
47
- :verify_signer => true,
48
- :verify_chain => true,
49
- :verify_root => false,
50
- :only_trusted => false,
51
- :only_signed => false
52
- )
53
-
54
- @root = Gem::Security::Policy.new(
55
- "Root",
56
- :verify_data => true,
57
- :verify_signer => true,
58
- :verify_chain => true,
59
- :verify_root => true,
60
- :only_trusted => false,
61
- :only_signed => false
62
- )
63
- end
64
-
65
- def test_check_data
66
- data = digest "hello"
67
-
68
- signature = sign data
69
-
70
- assert @almost_no.check_data(PUBLIC_KEY, @digest, signature, data)
71
- end
72
-
73
- def test_check_data_invalid
74
- data = digest "hello"
75
-
76
- signature = sign data
77
-
78
- invalid = digest "hello!"
79
-
80
- e = assert_raise Gem::Security::Exception do
81
- @almost_no.check_data PUBLIC_KEY, @digest, signature, invalid
82
- end
83
-
84
- assert_equal "invalid signature", e.message
85
- end
86
-
87
- def test_check_chain
88
- chain = [PUBLIC_CERT, CHILD_CERT, GRANDCHILD_CERT]
89
-
90
- assert @chain.check_chain chain, Time.now
91
- end
92
-
93
- def test_check_chain_empty_chain
94
- e = assert_raise Gem::Security::Exception do
95
- @chain.check_chain [], Time.now
96
- end
97
-
98
- assert_equal "empty signing chain", e.message
99
- end
100
-
101
- def test_check_chain_invalid
102
- chain = [PUBLIC_CERT, CHILD_CERT, INVALIDCHILD_CERT]
103
-
104
- e = assert_raise Gem::Security::Exception do
105
- @chain.check_chain chain, Time.now
106
- end
107
-
108
- assert_equal "invalid signing chain: " +
109
- "certificate #{INVALIDCHILD_CERT.subject} " +
110
- "was not issued by #{CHILD_CERT.subject}", e.message
111
- end
112
-
113
- def test_check_chain_no_chain
114
- e = assert_raise Gem::Security::Exception do
115
- @chain.check_chain nil, Time.now
116
- end
117
-
118
- assert_equal "missing signing chain", e.message
119
- end
120
-
121
- def test_check_cert
122
- assert @low.check_cert(PUBLIC_CERT, nil, Time.now)
123
- end
124
-
125
- def test_check_cert_expired
126
- e = assert_raise Gem::Security::Exception do
127
- @low.check_cert EXPIRED_CERT, nil, Time.now
128
- end
129
-
130
- assert_equal "certificate #{EXPIRED_CERT.subject} " +
131
- "not valid after #{EXPIRED_CERT.not_after}",
132
- e.message
133
- end
134
-
135
- def test_check_cert_future
136
- e = assert_raise Gem::Security::Exception do
137
- @low.check_cert FUTURE_CERT, nil, Time.now
138
- end
139
-
140
- assert_equal "certificate #{FUTURE_CERT.subject} " +
141
- "not valid before #{FUTURE_CERT.not_before}",
142
- e.message
143
- end
144
-
145
- def test_check_cert_invalid_issuer
146
- e = assert_raise Gem::Security::Exception do
147
- @low.check_cert INVALID_ISSUER_CERT, PUBLIC_CERT, Time.now
148
- end
149
-
150
- assert_equal "certificate #{INVALID_ISSUER_CERT.subject} " +
151
- "was not issued by #{PUBLIC_CERT.subject}",
152
- e.message
153
- end
154
-
155
- def test_check_cert_issuer
156
- assert @low.check_cert(CHILD_CERT, PUBLIC_CERT, Time.now)
157
- end
158
-
159
- def test_check_cert_no_signer
160
- e = assert_raise Gem::Security::Exception do
161
- @high.check_cert(nil, nil, Time.now)
162
- end
163
-
164
- assert_equal "missing signing certificate", e.message
165
- end
166
-
167
- def test_check_key
168
- assert @almost_no.check_key(PUBLIC_CERT, PRIVATE_KEY)
169
- end
170
-
171
- def test_check_key_no_signer
172
- assert @almost_no.check_key(nil, nil)
173
-
174
- e = assert_raise Gem::Security::Exception do
175
- @high.check_key(nil, nil)
176
- end
177
-
178
- assert_equal "missing key or signature", e.message
179
- end
180
-
181
- def test_check_key_wrong_key
182
- e = assert_raise Gem::Security::Exception do
183
- @almost_no.check_key(PUBLIC_CERT, ALTERNATE_KEY)
184
- end
185
-
186
- assert_equal "certificate #{PUBLIC_CERT.subject} " +
187
- "does not match the signing key", e.message
188
- end
189
-
190
- def test_check_root
191
- chain = [PUBLIC_CERT, CHILD_CERT, INVALIDCHILD_CERT]
192
-
193
- assert @chain.check_root chain, Time.now
194
- end
195
-
196
- def test_check_root_empty_chain
197
- e = assert_raise Gem::Security::Exception do
198
- @chain.check_root [], Time.now
199
- end
200
-
201
- assert_equal "missing root certificate", e.message
202
- end
203
-
204
- def test_check_root_invalid_signer
205
- chain = [INVALID_SIGNER_CERT]
206
-
207
- e = assert_raise Gem::Security::Exception do
208
- @chain.check_root chain, Time.now
209
- end
210
-
211
- assert_equal "certificate #{INVALID_SIGNER_CERT.subject} " +
212
- "was not issued by #{INVALID_SIGNER_CERT.issuer}",
213
- e.message
214
- end
215
-
216
- def test_check_root_not_self_signed
217
- chain = [INVALID_ISSUER_CERT]
218
-
219
- e = assert_raise Gem::Security::Exception do
220
- @chain.check_root chain, Time.now
221
- end
222
-
223
- assert_equal "root certificate #{INVALID_ISSUER_CERT.subject} " +
224
- "is not self-signed (issuer #{INVALID_ISSUER_CERT.issuer})",
225
- e.message
226
- end
227
-
228
- def test_check_root_no_chain
229
- e = assert_raise Gem::Security::Exception do
230
- @chain.check_root nil, Time.now
231
- end
232
-
233
- assert_equal "missing signing chain", e.message
234
- end
235
-
236
- def test_check_trust
237
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
238
-
239
- assert @high.check_trust [PUBLIC_CERT], @digest, @trust_dir
240
- end
241
-
242
- def test_check_trust_child
243
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
244
-
245
- assert @high.check_trust [PUBLIC_CERT, CHILD_CERT], @digest, @trust_dir
246
- end
247
-
248
- def test_check_trust_empty_chain
249
- e = assert_raise Gem::Security::Exception do
250
- @chain.check_trust [], @digest, @trust_dir
251
- end
252
-
253
- assert_equal "missing root certificate", e.message
254
- end
255
-
256
- def test_check_trust_mismatch
257
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
258
-
259
- e = assert_raise Gem::Security::Exception do
260
- @high.check_trust [WRONG_KEY_CERT], @digest, @trust_dir
261
- end
262
-
263
- assert_equal "trusted root certificate #{PUBLIC_CERT.subject} checksum " +
264
- "does not match signing root certificate checksum", e.message
265
- end
266
-
267
- def test_check_trust_no_chain
268
- e = assert_raise Gem::Security::Exception do
269
- @chain.check_trust nil, @digest, @trust_dir
270
- end
271
-
272
- assert_equal "missing signing chain", e.message
273
- end
274
-
275
- def test_check_trust_no_trust
276
- e = assert_raise Gem::Security::Exception do
277
- @high.check_trust [PUBLIC_CERT], @digest, @trust_dir
278
- end
279
-
280
- assert_equal "root cert #{PUBLIC_CERT.subject} is not trusted", e.message
281
- end
282
-
283
- def test_check_trust_no_trust_child
284
- e = assert_raise Gem::Security::Exception do
285
- @high.check_trust [PUBLIC_CERT, CHILD_CERT], @digest, @trust_dir
286
- end
287
-
288
- assert_equal "root cert #{PUBLIC_CERT.subject} is not trusted " +
289
- "(root of signing cert #{CHILD_CERT.subject})", e.message
290
- end
291
-
292
- def test_subject
293
- assert_equal "email:nobody@example", @no.subject(PUBLIC_CERT)
294
- assert_equal "/C=JP/ST=Tokyo/O=RubyGemsTest/CN=CA", @no.subject(CA_CERT)
295
- end
296
-
297
- def test_verify
298
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
299
-
300
- assert @almost_no.verify [PUBLIC_CERT], nil, *dummy_signatures
301
- end
302
-
303
- def test_verify_chain_signatures
304
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
305
-
306
- assert @high.verify [PUBLIC_CERT], nil, *dummy_signatures
307
- end
308
-
309
- def test_verify_chain_key
310
- @almost_no.verify [PUBLIC_CERT], PRIVATE_KEY, *dummy_signatures
311
- end
312
-
313
- def test_verify_no_digests
314
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
315
-
316
- _, signatures = dummy_signatures
317
-
318
- e = assert_raise Gem::Security::Exception do
319
- @almost_no.verify [PUBLIC_CERT], nil, {}, signatures
320
- end
321
-
322
- assert_equal "no digests provided (probable bug)", e.message
323
- end
324
-
325
- def test_verify_no_digests_no_security
326
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
327
-
328
- _, signatures = dummy_signatures
329
-
330
- e = assert_raise Gem::Security::Exception do
331
- @no.verify [PUBLIC_CERT], nil, {}, signatures
332
- end
333
-
334
- assert_equal "missing digest for 0", e.message
335
- end
336
-
337
- def test_verify_no_signatures
338
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
339
-
340
- digests, = dummy_signatures
341
-
342
- use_ui @ui do
343
- @no.verify [PUBLIC_CERT], nil, digests, {}, "some_gem"
344
- end
345
-
346
- assert_match "WARNING: some_gem is not signed\n", @ui.error
347
-
348
- assert_raise Gem::Security::Exception do
349
- @high.verify [PUBLIC_CERT], nil, digests, {}
350
- end
351
- end
352
-
353
- def test_verify_no_signatures_no_digests
354
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
355
-
356
- use_ui @ui do
357
- @no.verify [PUBLIC_CERT], nil, {}, {}, "some_gem"
358
- end
359
-
360
- assert_empty @ui.output
361
- assert_empty @ui.error
362
- end
363
-
364
- def test_verify_not_enough_signatures
365
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
366
-
367
- digests, signatures = dummy_signatures
368
-
369
- data = digest "goodbye"
370
-
371
- signatures[1] = PRIVATE_KEY.sign @digest.new, data.digest
372
-
373
- e = assert_raise Gem::Security::Exception do
374
- @almost_no.verify [PUBLIC_CERT], nil, digests, signatures
375
- end
376
-
377
- assert_equal "missing digest for 1", e.message
378
- end
379
-
380
- def test_verify_no_trust
381
- digests, signatures = dummy_signatures
382
-
383
- use_ui @ui do
384
- @low.verify [PUBLIC_CERT], nil, digests, signatures, "some_gem"
385
- end
386
-
387
- assert_equal "WARNING: email:nobody@example is not trusted for some_gem\n",
388
- @ui.error
389
-
390
- assert_raise Gem::Security::Exception do
391
- @medium.verify [PUBLIC_CERT], nil, digests, signatures
392
- end
393
- end
394
-
395
- def test_verify_wrong_digest_type
396
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
397
-
398
- data = OpenSSL::Digest.new("SHA512")
399
- data << "hello"
400
-
401
- digests = { "SHA512" => { 0 => data } }
402
- signature = PRIVATE_KEY.sign "sha512", data.digest
403
- signatures = { 0 => signature }
404
-
405
- e = assert_raise Gem::Security::Exception do
406
- @almost_no.verify [PUBLIC_CERT], nil, digests, signatures
407
- end
408
-
409
- assert_equal "no digests provided (probable bug)", e.message
410
- end
411
-
412
- def test_verify_signatures_chain
413
- @spec.cert_chain = [PUBLIC_CERT, CHILD_CERT]
414
-
415
- assert @chain.verify_signatures @spec, *dummy_signatures(CHILD_KEY)
416
- end
417
-
418
- def test_verify_signatures_data
419
- @spec.cert_chain = [PUBLIC_CERT]
420
-
421
- @almost_no.verify_signatures @spec, *dummy_signatures
422
- end
423
-
424
- def test_verify_signatures_root
425
- @spec.cert_chain = [PUBLIC_CERT, CHILD_CERT]
426
-
427
- assert @root.verify_signatures @spec, *dummy_signatures(CHILD_KEY)
428
- end
429
-
430
- def test_verify_signatures_signer
431
- @spec.cert_chain = [PUBLIC_CERT]
432
-
433
- assert @low.verify_signatures @spec, *dummy_signatures
434
- end
435
-
436
- def test_verify_signatures_trust
437
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
438
-
439
- @spec.cert_chain = [PUBLIC_CERT]
440
-
441
- assert @high.verify_signatures @spec, *dummy_signatures
442
- end
443
-
444
- def test_verify_signatures
445
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
446
-
447
- @spec.cert_chain = [PUBLIC_CERT.to_s]
448
-
449
- metadata_gz = Gem::Util.gzip @spec.to_yaml
450
-
451
- package = Gem::Package.new "nonexistent.gem"
452
- package.checksums[Gem::Security::DIGEST_NAME] = {}
453
-
454
- s = StringIO.new metadata_gz
455
- def s.full_name() "metadata.gz" end
456
-
457
- digests = package.digest s
458
- metadata_gz_digest = digests[Gem::Security::DIGEST_NAME]["metadata.gz"]
459
-
460
- signatures = {}
461
- signatures["metadata.gz"] =
462
- PRIVATE_KEY.sign @digest.new, metadata_gz_digest.digest
463
-
464
- assert @high.verify_signatures @spec, digests, signatures
465
- end
466
-
467
- def test_verify_signatures_missing
468
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
469
-
470
- @spec.cert_chain = [PUBLIC_CERT.to_s]
471
-
472
- metadata_gz = Gem::Util.gzip @spec.to_yaml
473
-
474
- package = Gem::Package.new "nonexistent.gem"
475
- package.checksums[Gem::Security::DIGEST_NAME] = {}
476
-
477
- s = StringIO.new metadata_gz
478
- def s.full_name() "metadata.gz" end
479
-
480
- digests = package.digest s
481
- digests[Gem::Security::DIGEST_NAME]["data.tar.gz"] = @digest.hexdigest "hello"
482
-
483
- metadata_gz_digest = digests[Gem::Security::DIGEST_NAME]["metadata.gz"]
484
-
485
- signatures = {}
486
- signatures["metadata.gz"] =
487
- PRIVATE_KEY.sign @digest.new, metadata_gz_digest.digest
488
-
489
- e = assert_raise Gem::Security::Exception do
490
- @high.verify_signatures @spec, digests, signatures
491
- end
492
-
493
- assert_equal "missing signature for data.tar.gz", e.message
494
- end
495
-
496
- def test_verify_signatures_none
497
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
498
-
499
- @spec.cert_chain = [PUBLIC_CERT.to_s]
500
-
501
- metadata_gz = Gem::Util.gzip @spec.to_yaml
502
-
503
- package = Gem::Package.new "nonexistent.gem"
504
- package.checksums[Gem::Security::DIGEST_NAME] = {}
505
-
506
- s = StringIO.new metadata_gz
507
- def s.full_name() "metadata.gz" end
508
-
509
- digests = package.digest s
510
- digests[Gem::Security::DIGEST_NAME]["data.tar.gz"] = @digest.hexdigest "hello"
511
-
512
- assert_raise Gem::Security::Exception do
513
- @high.verify_signatures @spec, digests, {}
514
- end
515
- end
516
-
517
- def digest(data)
518
- digester = @digest.new
519
- digester << data
520
- digester
521
- end
522
-
523
- def sign(data, key = PRIVATE_KEY)
524
- key.sign @digest.new, data.digest
525
- end
526
-
527
- def dummy_signatures(key = PRIVATE_KEY)
528
- data = digest "hello"
529
-
530
- digests = { Gem::Security::DIGEST_NAME => { 0 => data } }
531
- signatures = { 0 => sign(data, key) }
532
-
533
- [digests, signatures]
534
- end
535
- end if Gem::HAVE_OPENSSL