rubygems-update 3.4.22 → 3.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (540) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +105 -2
  3. data/Manifest.txt +46 -221
  4. data/README.md +1 -3
  5. data/bundler/CHANGELOG.md +63 -0
  6. data/bundler/bundler.gemspec +4 -2
  7. data/bundler/exe/bundle +1 -10
  8. data/bundler/lib/bundler/build_metadata.rb +3 -3
  9. data/bundler/lib/bundler/capistrano.rb +1 -1
  10. data/bundler/lib/bundler/checksum.rb +254 -0
  11. data/bundler/lib/bundler/ci_detector.rb +75 -0
  12. data/bundler/lib/bundler/cli/add.rb +3 -3
  13. data/bundler/lib/bundler/cli/binstubs.rb +4 -4
  14. data/bundler/lib/bundler/cli/cache.rb +1 -1
  15. data/bundler/lib/bundler/cli/check.rb +1 -1
  16. data/bundler/lib/bundler/cli/common.rb +9 -1
  17. data/bundler/lib/bundler/cli/config.rb +8 -7
  18. data/bundler/lib/bundler/cli/console.rb +3 -2
  19. data/bundler/lib/bundler/cli/doctor.rb +2 -2
  20. data/bundler/lib/bundler/cli/exec.rb +1 -1
  21. data/bundler/lib/bundler/cli/gem.rb +28 -23
  22. data/bundler/lib/bundler/cli/info.rb +2 -13
  23. data/bundler/lib/bundler/cli/install.rb +5 -4
  24. data/bundler/lib/bundler/cli/issue.rb +1 -1
  25. data/bundler/lib/bundler/cli/lock.rb +4 -4
  26. data/bundler/lib/bundler/cli/open.rb +1 -1
  27. data/bundler/lib/bundler/cli/outdated.rb +6 -6
  28. data/bundler/lib/bundler/cli/plugin.rb +7 -14
  29. data/bundler/lib/bundler/cli/pristine.rb +38 -30
  30. data/bundler/lib/bundler/cli/show.rb +2 -2
  31. data/bundler/lib/bundler/cli/update.rb +5 -5
  32. data/bundler/lib/bundler/cli.rb +215 -263
  33. data/bundler/lib/bundler/compact_index_client/cache.rb +29 -9
  34. data/bundler/lib/bundler/compact_index_client/cache_file.rb +153 -0
  35. data/bundler/lib/bundler/compact_index_client/gem_parser.rb +7 -3
  36. data/bundler/lib/bundler/compact_index_client/updater.rb +79 -81
  37. data/bundler/lib/bundler/compact_index_client.rb +14 -7
  38. data/bundler/lib/bundler/constants.rb +1 -1
  39. data/bundler/lib/bundler/current_ruby.rb +5 -21
  40. data/bundler/lib/bundler/definition.rb +42 -15
  41. data/bundler/lib/bundler/dependency.rb +16 -12
  42. data/bundler/lib/bundler/digest.rb +2 -2
  43. data/bundler/lib/bundler/dsl.rb +46 -30
  44. data/bundler/lib/bundler/endpoint_specification.rb +5 -1
  45. data/bundler/lib/bundler/env.rb +1 -3
  46. data/bundler/lib/bundler/errors.rb +43 -0
  47. data/bundler/lib/bundler/fetcher/base.rb +3 -1
  48. data/bundler/lib/bundler/fetcher/compact_index.rb +4 -4
  49. data/bundler/lib/bundler/fetcher/downloader.rb +13 -11
  50. data/bundler/lib/bundler/fetcher/gem_remote_fetcher.rb +16 -0
  51. data/bundler/lib/bundler/fetcher/index.rb +1 -1
  52. data/bundler/lib/bundler/fetcher.rb +28 -25
  53. data/bundler/lib/bundler/friendly_errors.rb +5 -5
  54. data/bundler/lib/bundler/gem_helper.rb +1 -1
  55. data/bundler/lib/bundler/gem_helpers.rb +5 -2
  56. data/bundler/lib/bundler/graph.rb +9 -9
  57. data/bundler/lib/bundler/index.rb +1 -2
  58. data/bundler/lib/bundler/injector.rb +1 -1
  59. data/bundler/lib/bundler/inline.rb +3 -3
  60. data/bundler/lib/bundler/installer/gem_installer.rb +5 -5
  61. data/bundler/lib/bundler/installer/parallel_installer.rb +16 -8
  62. data/bundler/lib/bundler/installer/standalone.rb +2 -3
  63. data/bundler/lib/bundler/installer.rb +9 -9
  64. data/bundler/lib/bundler/lazy_specification.rb +24 -17
  65. data/bundler/lib/bundler/lockfile_generator.rb +9 -0
  66. data/bundler/lib/bundler/lockfile_parser.rb +81 -10
  67. data/bundler/lib/bundler/man/bundle-add.1 +3 -26
  68. data/bundler/lib/bundler/man/bundle-binstubs.1 +4 -16
  69. data/bundler/lib/bundler/man/bundle-cache.1 +3 -24
  70. data/bundler/lib/bundler/man/bundle-check.1 +3 -12
  71. data/bundler/lib/bundler/man/bundle-clean.1 +3 -10
  72. data/bundler/lib/bundler/man/bundle-config.1 +20 -211
  73. data/bundler/lib/bundler/man/bundle-config.1.ronn +6 -0
  74. data/bundler/lib/bundler/man/bundle-console.1 +4 -22
  75. data/bundler/lib/bundler/man/bundle-doctor.1 +4 -18
  76. data/bundler/lib/bundler/man/bundle-exec.1 +12 -73
  77. data/bundler/lib/bundler/man/bundle-gem.1 +13 -49
  78. data/bundler/lib/bundler/man/bundle-help.1 +3 -7
  79. data/bundler/lib/bundler/man/bundle-info.1 +3 -9
  80. data/bundler/lib/bundler/man/bundle-init.1 +3 -12
  81. data/bundler/lib/bundler/man/bundle-inject.1 +6 -19
  82. data/bundler/lib/bundler/man/bundle-install.1 +27 -125
  83. data/bundler/lib/bundler/man/bundle-install.1.ronn +1 -0
  84. data/bundler/lib/bundler/man/bundle-list.1 +4 -19
  85. data/bundler/lib/bundler/man/bundle-lock.1 +5 -29
  86. data/bundler/lib/bundler/man/bundle-open.1 +7 -27
  87. data/bundler/lib/bundler/man/bundle-outdated.1 +3 -55
  88. data/bundler/lib/bundler/man/bundle-outdated.1.ronn +1 -0
  89. data/bundler/lib/bundler/man/bundle-platform.1 +5 -27
  90. data/bundler/lib/bundler/man/bundle-plugin.1 +3 -29
  91. data/bundler/lib/bundler/man/bundle-pristine.1 +5 -16
  92. data/bundler/lib/bundler/man/bundle-remove.1 +4 -14
  93. data/bundler/lib/bundler/man/bundle-show.1 +3 -10
  94. data/bundler/lib/bundler/man/bundle-update.1 +18 -137
  95. data/bundler/lib/bundler/man/bundle-version.1 +3 -16
  96. data/bundler/lib/bundler/man/bundle-viz.1 +4 -16
  97. data/bundler/lib/bundler/man/bundle.1 +5 -44
  98. data/bundler/lib/bundler/man/gemfile.5 +24 -301
  99. data/bundler/lib/bundler/man/gemfile.5.ronn +4 -0
  100. data/bundler/lib/bundler/match_metadata.rb +4 -0
  101. data/bundler/lib/bundler/match_platform.rb +1 -1
  102. data/bundler/lib/bundler/plugin/api/source.rb +3 -2
  103. data/bundler/lib/bundler/plugin/installer.rb +1 -1
  104. data/bundler/lib/bundler/plugin.rb +3 -3
  105. data/bundler/lib/bundler/resolver/base.rb +1 -1
  106. data/bundler/lib/bundler/resolver/incompatibility.rb +1 -1
  107. data/bundler/lib/bundler/resolver/spec_group.rb +1 -4
  108. data/bundler/lib/bundler/resolver.rb +16 -16
  109. data/bundler/lib/bundler/ruby_dsl.rb +20 -12
  110. data/bundler/lib/bundler/ruby_version.rb +1 -1
  111. data/bundler/lib/bundler/rubygems_ext.rb +24 -50
  112. data/bundler/lib/bundler/rubygems_gem_installer.rb +6 -56
  113. data/bundler/lib/bundler/rubygems_integration.rb +25 -94
  114. data/bundler/lib/bundler/runtime.rb +2 -2
  115. data/bundler/lib/bundler/self_manager.rb +23 -7
  116. data/bundler/lib/bundler/settings.rb +27 -7
  117. data/bundler/lib/bundler/setup.rb +4 -1
  118. data/bundler/lib/bundler/shared_helpers.rb +35 -13
  119. data/bundler/lib/bundler/source/git/git_proxy.rb +15 -15
  120. data/bundler/lib/bundler/source/git.rb +4 -3
  121. data/bundler/lib/bundler/source/metadata.rb +15 -15
  122. data/bundler/lib/bundler/source/path.rb +7 -6
  123. data/bundler/lib/bundler/source/rubygems.rb +21 -14
  124. data/bundler/lib/bundler/source.rb +2 -0
  125. data/bundler/lib/bundler/spec_set.rb +38 -10
  126. data/bundler/lib/bundler/stub_specification.rb +1 -0
  127. data/bundler/lib/bundler/templates/Executable.bundler +1 -1
  128. data/bundler/lib/bundler/templates/newgem/README.md.tt +3 -3
  129. data/bundler/lib/bundler/templates/newgem/Rakefile.tt +2 -6
  130. data/bundler/lib/bundler/templates/newgem/ext/newgem/Cargo.toml.tt +1 -1
  131. data/bundler/lib/bundler/templates/newgem/standard.yml.tt +1 -1
  132. data/bundler/lib/bundler/ui/shell.rb +1 -1
  133. data/bundler/lib/bundler/vendor/connection_pool/.document +1 -0
  134. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb +1 -1
  135. data/bundler/lib/bundler/vendor/connection_pool/lib/connection_pool.rb +53 -6
  136. data/bundler/lib/bundler/vendor/fileutils/.document +1 -0
  137. data/bundler/lib/bundler/vendor/fileutils/lib/fileutils.rb +8 -20
  138. data/bundler/lib/bundler/vendor/net-http-persistent/.document +1 -0
  139. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb +3 -3
  140. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb +2 -2
  141. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb +1 -1
  142. data/bundler/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb +34 -34
  143. data/bundler/lib/bundler/vendor/pub_grub/.document +1 -0
  144. data/bundler/lib/bundler/vendor/thor/.document +1 -0
  145. data/bundler/lib/bundler/vendor/tsort/.document +1 -0
  146. data/bundler/lib/bundler/vendor/tsort/lib/tsort.rb +3 -0
  147. data/bundler/lib/bundler/vendor/uri/.document +1 -0
  148. data/bundler/lib/bundler/vendor/uri/lib/uri/common.rb +256 -132
  149. data/bundler/lib/bundler/vendor/uri/lib/uri/generic.rb +1 -0
  150. data/bundler/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb +95 -31
  151. data/bundler/lib/bundler/vendor/uri/lib/uri/version.rb +1 -1
  152. data/bundler/lib/bundler/vendored_net_http.rb +8 -0
  153. data/bundler/lib/bundler/vendored_persistent.rb +0 -4
  154. data/bundler/lib/bundler/vendored_timeout.rb +8 -0
  155. data/bundler/lib/bundler/version.rb +1 -1
  156. data/bundler/lib/bundler/vlad.rb +1 -1
  157. data/bundler/lib/bundler/yaml_serializer.rb +3 -3
  158. data/bundler/lib/bundler.rb +41 -32
  159. data/lib/rubygems/available_set.rb +4 -4
  160. data/lib/rubygems/basic_specification.rb +35 -37
  161. data/lib/rubygems/bundler_version_finder.rb +4 -4
  162. data/lib/rubygems/ci_detector.rb +75 -0
  163. data/lib/rubygems/command.rb +13 -15
  164. data/lib/rubygems/command_manager.rb +5 -4
  165. data/lib/rubygems/commands/build_command.rb +2 -2
  166. data/lib/rubygems/commands/cert_command.rb +1 -2
  167. data/lib/rubygems/commands/check_command.rb +4 -4
  168. data/lib/rubygems/commands/cleanup_command.rb +12 -14
  169. data/lib/rubygems/commands/contents_command.rb +4 -4
  170. data/lib/rubygems/commands/dependency_command.rb +4 -5
  171. data/lib/rubygems/commands/environment_command.rb +1 -3
  172. data/lib/rubygems/commands/exec_command.rb +1 -1
  173. data/lib/rubygems/commands/fetch_command.rb +2 -2
  174. data/lib/rubygems/commands/generate_index_command.rb +39 -74
  175. data/lib/rubygems/commands/help_command.rb +3 -3
  176. data/lib/rubygems/commands/info_command.rb +2 -2
  177. data/lib/rubygems/commands/install_command.rb +8 -16
  178. data/lib/rubygems/commands/list_command.rb +2 -2
  179. data/lib/rubygems/commands/lock_command.rb +1 -1
  180. data/lib/rubygems/commands/open_command.rb +1 -1
  181. data/lib/rubygems/commands/owner_command.rb +1 -1
  182. data/lib/rubygems/commands/pristine_command.rb +13 -15
  183. data/lib/rubygems/commands/push_command.rb +2 -2
  184. data/lib/rubygems/commands/query_command.rb +4 -5
  185. data/lib/rubygems/commands/rdoc_command.rb +2 -2
  186. data/lib/rubygems/commands/search_command.rb +2 -2
  187. data/lib/rubygems/commands/setup_command.rb +31 -34
  188. data/lib/rubygems/commands/sources_command.rb +12 -12
  189. data/lib/rubygems/commands/specification_command.rb +10 -10
  190. data/lib/rubygems/commands/stale_command.rb +1 -1
  191. data/lib/rubygems/commands/uninstall_command.rb +9 -10
  192. data/lib/rubygems/commands/unpack_command.rb +4 -4
  193. data/lib/rubygems/commands/update_command.rb +10 -12
  194. data/lib/rubygems/commands/which_command.rb +1 -1
  195. data/lib/rubygems/commands/yank_command.rb +1 -1
  196. data/lib/rubygems/compatibility.rb +5 -6
  197. data/lib/rubygems/config_file.rb +4 -4
  198. data/lib/rubygems/core_ext/kernel_gem.rb +0 -2
  199. data/lib/rubygems/core_ext/kernel_require.rb +19 -48
  200. data/lib/rubygems/core_ext/kernel_warn.rb +1 -1
  201. data/lib/rubygems/core_ext/tcpsocket_init.rb +1 -1
  202. data/lib/rubygems/defaults.rb +15 -3
  203. data/lib/rubygems/dependency.rb +12 -14
  204. data/lib/rubygems/dependency_installer.rb +29 -30
  205. data/lib/rubygems/dependency_list.rb +1 -1
  206. data/lib/rubygems/deprecate.rb +16 -15
  207. data/lib/rubygems/doctor.rb +5 -5
  208. data/lib/rubygems/errors.rb +2 -6
  209. data/lib/rubygems/exceptions.rb +2 -1
  210. data/lib/rubygems/ext/builder.rb +15 -10
  211. data/lib/rubygems/ext/cargo_builder.rb +5 -5
  212. data/lib/rubygems/ext/ext_conf_builder.rb +1 -3
  213. data/lib/rubygems/gem_runner.rb +4 -4
  214. data/lib/rubygems/gemcutter_utilities/webauthn_listener/response.rb +3 -3
  215. data/lib/rubygems/gemcutter_utilities/webauthn_poller.rb +3 -3
  216. data/lib/rubygems/gemcutter_utilities.rb +18 -19
  217. data/lib/rubygems/install_update_options.rb +18 -19
  218. data/lib/rubygems/installer.rb +59 -33
  219. data/lib/rubygems/installer_uninstaller_utils.rb +0 -2
  220. data/lib/rubygems/local_remote_options.rb +7 -10
  221. data/lib/rubygems/name_tuple.rb +7 -9
  222. data/lib/rubygems/net/http.rb +3 -0
  223. data/lib/rubygems/net-http/.document +1 -0
  224. data/lib/rubygems/net-http/LICENSE.txt +22 -0
  225. data/lib/rubygems/net-http/lib/net/http/backward.rb +40 -0
  226. data/lib/rubygems/net-http/lib/net/http/exceptions.rb +34 -0
  227. data/lib/rubygems/net-http/lib/net/http/generic_request.rb +414 -0
  228. data/lib/rubygems/net-http/lib/net/http/header.rb +981 -0
  229. data/lib/rubygems/net-http/lib/net/http/proxy_delta.rb +17 -0
  230. data/lib/rubygems/net-http/lib/net/http/request.rb +88 -0
  231. data/lib/rubygems/net-http/lib/net/http/requests.rb +425 -0
  232. data/lib/rubygems/net-http/lib/net/http/response.rb +738 -0
  233. data/lib/rubygems/net-http/lib/net/http/responses.rb +1174 -0
  234. data/lib/rubygems/net-http/lib/net/http/status.rb +84 -0
  235. data/lib/rubygems/net-http/lib/net/http.rb +2496 -0
  236. data/lib/rubygems/net-http/lib/net/https.rb +23 -0
  237. data/lib/rubygems/net-protocol/.document +1 -0
  238. data/lib/rubygems/net-protocol/LICENSE.txt +22 -0
  239. data/lib/rubygems/net-protocol/lib/net/protocol.rb +544 -0
  240. data/lib/rubygems/optparse/lib/optparse.rb +39 -17
  241. data/lib/rubygems/package/old.rb +2 -2
  242. data/lib/rubygems/package/tar_header.rb +45 -39
  243. data/lib/rubygems/package/tar_reader/entry.rb +5 -4
  244. data/lib/rubygems/package/tar_reader.rb +5 -3
  245. data/lib/rubygems/package/tar_writer.rb +19 -17
  246. data/lib/rubygems/package.rb +27 -26
  247. data/lib/rubygems/package_task.rb +2 -2
  248. data/lib/rubygems/path_support.rb +9 -10
  249. data/lib/rubygems/platform.rb +60 -45
  250. data/lib/rubygems/query_utils.rb +7 -9
  251. data/lib/rubygems/remote_fetcher.rb +15 -15
  252. data/lib/rubygems/request/connection_pools.rb +3 -3
  253. data/lib/rubygems/request.rb +20 -17
  254. data/lib/rubygems/request_set/gem_dependency_api.rb +119 -122
  255. data/lib/rubygems/request_set/lockfile/parser.rb +9 -9
  256. data/lib/rubygems/request_set/lockfile/tokenizer.rb +20 -12
  257. data/lib/rubygems/request_set/lockfile.rb +6 -11
  258. data/lib/rubygems/request_set.rb +5 -5
  259. data/lib/rubygems/requirement.rb +7 -7
  260. data/lib/rubygems/resolv/.document +1 -0
  261. data/lib/rubygems/resolv/LICENSE.txt +22 -0
  262. data/lib/rubygems/resolv/lib/resolv.rb +3387 -0
  263. data/lib/rubygems/resolver/activation_request.rb +1 -3
  264. data/lib/rubygems/resolver/api_set/gem_parser.rb +7 -3
  265. data/lib/rubygems/resolver/best_set.rb +1 -1
  266. data/lib/rubygems/resolver/composed_set.rb +1 -1
  267. data/lib/rubygems/resolver/conflict.rb +4 -12
  268. data/lib/rubygems/resolver/index_set.rb +4 -4
  269. data/lib/rubygems/resolver/index_specification.rb +2 -2
  270. data/lib/rubygems/resolver/installer_set.rb +5 -6
  271. data/lib/rubygems/resolver/lock_set.rb +1 -1
  272. data/lib/rubygems/resolver/molinillo/.document +1 -0
  273. data/lib/rubygems/resolver.rb +3 -10
  274. data/lib/rubygems/s3_uri_signer.rb +6 -6
  275. data/lib/rubygems/safe_marshal/elements.rb +138 -0
  276. data/lib/rubygems/safe_marshal/reader.rb +306 -0
  277. data/lib/rubygems/safe_marshal/visitors/stream_printer.rb +31 -0
  278. data/lib/rubygems/safe_marshal/visitors/to_ruby.rb +385 -0
  279. data/lib/rubygems/safe_marshal/visitors/visitor.rb +74 -0
  280. data/lib/rubygems/safe_marshal.rb +74 -0
  281. data/lib/rubygems/safe_yaml.rb +5 -28
  282. data/lib/rubygems/security/policies.rb +36 -38
  283. data/lib/rubygems/security/policy.rb +7 -11
  284. data/lib/rubygems/security/signer.rb +1 -1
  285. data/lib/rubygems/security/trust_dir.rb +3 -3
  286. data/lib/rubygems/security.rb +8 -22
  287. data/lib/rubygems/source/git.rb +1 -3
  288. data/lib/rubygems/source/installed.rb +0 -2
  289. data/lib/rubygems/source/local.rb +5 -8
  290. data/lib/rubygems/source/lock.rb +1 -3
  291. data/lib/rubygems/source/specific_file.rb +0 -1
  292. data/lib/rubygems/source/vendor.rb +0 -2
  293. data/lib/rubygems/source.rb +12 -12
  294. data/lib/rubygems/source_list.rb +4 -4
  295. data/lib/rubygems/spec_fetcher.rb +29 -29
  296. data/lib/rubygems/specification.rb +125 -138
  297. data/lib/rubygems/specification_policy.rb +55 -25
  298. data/lib/rubygems/stub_specification.rb +4 -5
  299. data/lib/rubygems/text.rb +1 -2
  300. data/lib/rubygems/timeout/.document +1 -0
  301. data/lib/rubygems/timeout/LICENSE.txt +22 -0
  302. data/lib/rubygems/timeout/lib/timeout.rb +199 -0
  303. data/lib/rubygems/timeout.rb +3 -0
  304. data/lib/rubygems/tsort/lib/tsort.rb +3 -0
  305. data/lib/rubygems/uninstaller.rb +7 -9
  306. data/lib/rubygems/update_suggestion.rb +5 -18
  307. data/lib/rubygems/uri_formatter.rb +1 -1
  308. data/lib/rubygems/user_interaction.rb +15 -21
  309. data/lib/rubygems/util/licenses.rb +65 -35
  310. data/lib/rubygems/util/list.rb +3 -1
  311. data/lib/rubygems/util.rb +2 -4
  312. data/lib/rubygems/validator.rb +5 -3
  313. data/lib/rubygems/version.rb +34 -28
  314. data/lib/rubygems/version_option.rb +2 -5
  315. data/lib/rubygems/yaml_serializer.rb +3 -3
  316. data/lib/rubygems.rb +37 -37
  317. data/rubygems-update.gemspec +4 -4
  318. data/setup.rb +2 -2
  319. metadata +50 -225
  320. data/lib/rubygems/indexer.rb +0 -428
  321. data/lib/rubygems/mock_gem_ui.rb +0 -86
  322. data/test/rubygems/alternate_cert.pem +0 -19
  323. data/test/rubygems/alternate_cert_32.pem +0 -19
  324. data/test/rubygems/alternate_key.pem +0 -27
  325. data/test/rubygems/bad_rake.rb +0 -3
  326. data/test/rubygems/bundler_test_gem.rb +0 -424
  327. data/test/rubygems/ca_cert.pem +0 -77
  328. data/test/rubygems/child_cert.pem +0 -19
  329. data/test/rubygems/child_cert_32.pem +0 -19
  330. data/test/rubygems/child_key.pem +0 -27
  331. data/test/rubygems/client.pem +0 -107
  332. data/test/rubygems/data/excon-0.7.7.gemspec.rz +0 -0
  333. data/test/rubygems/data/gem-private_key.pem +0 -27
  334. data/test/rubygems/data/gem-public_cert.pem +0 -20
  335. data/test/rubygems/data/null-required-ruby-version.gemspec.rz +0 -0
  336. data/test/rubygems/data/null-required-rubygems-version.gemspec.rz +0 -0
  337. data/test/rubygems/data/pry-0.4.7.gemspec.rz +0 -0
  338. data/test/rubygems/encrypted_private_key.pem +0 -30
  339. data/test/rubygems/expired_cert.pem +0 -19
  340. data/test/rubygems/fake_certlib/openssl.rb +0 -9
  341. data/test/rubygems/foo/discover.rb +0 -1
  342. data/test/rubygems/future_cert.pem +0 -19
  343. data/test/rubygems/future_cert_32.pem +0 -19
  344. data/test/rubygems/good_rake.rb +0 -3
  345. data/test/rubygems/grandchild_cert.pem +0 -19
  346. data/test/rubygems/grandchild_cert_32.pem +0 -19
  347. data/test/rubygems/grandchild_key.pem +0 -27
  348. data/test/rubygems/helper.rb +0 -1649
  349. data/test/rubygems/installer_test_case.rb +0 -248
  350. data/test/rubygems/invalid_client.pem +0 -49
  351. data/test/rubygems/invalid_issuer_cert.pem +0 -20
  352. data/test/rubygems/invalid_issuer_cert_32.pem +0 -20
  353. data/test/rubygems/invalid_key.pem +0 -27
  354. data/test/rubygems/invalid_signer_cert.pem +0 -19
  355. data/test/rubygems/invalid_signer_cert_32.pem +0 -19
  356. data/test/rubygems/invalidchild_cert.pem +0 -19
  357. data/test/rubygems/invalidchild_cert_32.pem +0 -19
  358. data/test/rubygems/invalidchild_key.pem +0 -27
  359. data/test/rubygems/multifactor_auth_utilities.rb +0 -111
  360. data/test/rubygems/package/tar_test_case.rb +0 -175
  361. data/test/rubygems/packages/Bluebie-legs-0.6.2.gem +0 -0
  362. data/test/rubygems/packages/ascii_binder-0.1.10.1.gem +0 -0
  363. data/test/rubygems/packages/ill-formatted-platform-1.0.0.10.gem +0 -0
  364. data/test/rubygems/plugin/exception/rubygems_plugin.rb +0 -4
  365. data/test/rubygems/plugin/load/rubygems_plugin.rb +0 -5
  366. data/test/rubygems/plugin/standarderror/rubygems_plugin.rb +0 -4
  367. data/test/rubygems/private3072_key.pem +0 -40
  368. data/test/rubygems/private_ec_key.pem +0 -9
  369. data/test/rubygems/private_key.pem +0 -27
  370. data/test/rubygems/public3072_cert.pem +0 -25
  371. data/test/rubygems/public_cert.pem +0 -20
  372. data/test/rubygems/public_cert_32.pem +0 -19
  373. data/test/rubygems/public_key.pem +0 -9
  374. data/test/rubygems/rubygems/commands/crash_command.rb +0 -5
  375. data/test/rubygems/rubygems_plugin.rb +0 -24
  376. data/test/rubygems/sff/discover.rb +0 -1
  377. data/test/rubygems/simple_gem.rb +0 -68
  378. data/test/rubygems/specifications/bar-0.0.2.gemspec +0 -9
  379. data/test/rubygems/specifications/foo-0.0.1-x86-mswin32.gemspec +0 -0
  380. data/test/rubygems/specifications/rubyforge-0.0.1.gemspec +0 -14
  381. data/test/rubygems/ssl_cert.pem +0 -80
  382. data/test/rubygems/ssl_key.pem +0 -27
  383. data/test/rubygems/test_bundled_ca.rb +0 -61
  384. data/test/rubygems/test_config.rb +0 -28
  385. data/test/rubygems/test_deprecate.rb +0 -158
  386. data/test/rubygems/test_exit.rb +0 -17
  387. data/test/rubygems/test_gem.rb +0 -1799
  388. data/test/rubygems/test_gem_available_set.rb +0 -130
  389. data/test/rubygems/test_gem_bundler_version_finder.rb +0 -127
  390. data/test/rubygems/test_gem_command.rb +0 -403
  391. data/test/rubygems/test_gem_command_manager.rb +0 -400
  392. data/test/rubygems/test_gem_commands_build_command.rb +0 -739
  393. data/test/rubygems/test_gem_commands_cert_command.rb +0 -866
  394. data/test/rubygems/test_gem_commands_check_command.rb +0 -68
  395. data/test/rubygems/test_gem_commands_cleanup_command.rb +0 -292
  396. data/test/rubygems/test_gem_commands_contents_command.rb +0 -271
  397. data/test/rubygems/test_gem_commands_dependency_command.rb +0 -228
  398. data/test/rubygems/test_gem_commands_environment_command.rb +0 -169
  399. data/test/rubygems/test_gem_commands_exec_command.rb +0 -857
  400. data/test/rubygems/test_gem_commands_fetch_command.rb +0 -258
  401. data/test/rubygems/test_gem_commands_generate_index_command.rb +0 -81
  402. data/test/rubygems/test_gem_commands_help_command.rb +0 -94
  403. data/test/rubygems/test_gem_commands_info_command.rb +0 -70
  404. data/test/rubygems/test_gem_commands_install_command.rb +0 -1573
  405. data/test/rubygems/test_gem_commands_list_command.rb +0 -33
  406. data/test/rubygems/test_gem_commands_lock_command.rb +0 -67
  407. data/test/rubygems/test_gem_commands_mirror.rb +0 -20
  408. data/test/rubygems/test_gem_commands_open_command.rb +0 -101
  409. data/test/rubygems/test_gem_commands_outdated_command.rb +0 -50
  410. data/test/rubygems/test_gem_commands_owner_command.rb +0 -503
  411. data/test/rubygems/test_gem_commands_pristine_command.rb +0 -708
  412. data/test/rubygems/test_gem_commands_push_command.rb +0 -603
  413. data/test/rubygems/test_gem_commands_query_command.rb +0 -858
  414. data/test/rubygems/test_gem_commands_search_command.rb +0 -16
  415. data/test/rubygems/test_gem_commands_server_command.rb +0 -20
  416. data/test/rubygems/test_gem_commands_setup_command.rb +0 -474
  417. data/test/rubygems/test_gem_commands_signin_command.rb +0 -259
  418. data/test/rubygems/test_gem_commands_signout_command.rb +0 -30
  419. data/test/rubygems/test_gem_commands_sources_command.rb +0 -534
  420. data/test/rubygems/test_gem_commands_specification_command.rb +0 -277
  421. data/test/rubygems/test_gem_commands_stale_command.rb +0 -43
  422. data/test/rubygems/test_gem_commands_uninstall_command.rb +0 -542
  423. data/test/rubygems/test_gem_commands_unpack_command.rb +0 -224
  424. data/test/rubygems/test_gem_commands_update_command.rb +0 -836
  425. data/test/rubygems/test_gem_commands_which_command.rb +0 -85
  426. data/test/rubygems/test_gem_commands_yank_command.rb +0 -299
  427. data/test/rubygems/test_gem_config_file.rb +0 -551
  428. data/test/rubygems/test_gem_dependency.rb +0 -398
  429. data/test/rubygems/test_gem_dependency_installer.rb +0 -1190
  430. data/test/rubygems/test_gem_dependency_list.rb +0 -265
  431. data/test/rubygems/test_gem_dependency_resolution_error.rb +0 -27
  432. data/test/rubygems/test_gem_doctor.rb +0 -195
  433. data/test/rubygems/test_gem_ext_builder.rb +0 -337
  434. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/.gitignore +0 -1
  435. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/custom_name.gemspec +0 -10
  436. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.lock +0 -249
  437. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/Cargo.toml +0 -10
  438. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/ext/custom_name_lib/src/lib.rs +0 -27
  439. data/test/rubygems/test_gem_ext_cargo_builder/custom_name/lib/custom_name.rb +0 -3
  440. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/.gitignore +0 -1
  441. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.lock +0 -249
  442. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/Cargo.toml +0 -10
  443. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/rust_ruby_example.gemspec +0 -10
  444. data/test/rubygems/test_gem_ext_cargo_builder/rust_ruby_example/src/lib.rs +0 -51
  445. data/test/rubygems/test_gem_ext_cargo_builder.rb +0 -167
  446. data/test/rubygems/test_gem_ext_cargo_builder_link_flag_converter.rb +0 -34
  447. data/test/rubygems/test_gem_ext_cargo_builder_unit.rb +0 -60
  448. data/test/rubygems/test_gem_ext_cmake_builder.rb +0 -84
  449. data/test/rubygems/test_gem_ext_configure_builder.rb +0 -80
  450. data/test/rubygems/test_gem_ext_ext_conf_builder.rb +0 -229
  451. data/test/rubygems/test_gem_ext_rake_builder.rb +0 -113
  452. data/test/rubygems/test_gem_gem_runner.rb +0 -119
  453. data/test/rubygems/test_gem_gemcutter_utilities.rb +0 -361
  454. data/test/rubygems/test_gem_impossible_dependencies_error.rb +0 -60
  455. data/test/rubygems/test_gem_indexer.rb +0 -381
  456. data/test/rubygems/test_gem_install_update_options.rb +0 -208
  457. data/test/rubygems/test_gem_installer.rb +0 -2512
  458. data/test/rubygems/test_gem_local_remote_options.rb +0 -133
  459. data/test/rubygems/test_gem_name_tuple.rb +0 -43
  460. data/test/rubygems/test_gem_package.rb +0 -1306
  461. data/test/rubygems/test_gem_package_old.rb +0 -91
  462. data/test/rubygems/test_gem_package_tar_header.rb +0 -226
  463. data/test/rubygems/test_gem_package_tar_reader.rb +0 -150
  464. data/test/rubygems/test_gem_package_tar_reader_entry.rb +0 -350
  465. data/test/rubygems/test_gem_package_tar_writer.rb +0 -331
  466. data/test/rubygems/test_gem_package_task.rb +0 -118
  467. data/test/rubygems/test_gem_path_support.rb +0 -139
  468. data/test/rubygems/test_gem_platform.rb +0 -497
  469. data/test/rubygems/test_gem_rdoc.rb +0 -137
  470. data/test/rubygems/test_gem_remote_fetcher.rb +0 -1227
  471. data/test/rubygems/test_gem_request.rb +0 -547
  472. data/test/rubygems/test_gem_request_connection_pools.rb +0 -152
  473. data/test/rubygems/test_gem_request_set.rb +0 -672
  474. data/test/rubygems/test_gem_request_set_gem_dependency_api.rb +0 -853
  475. data/test/rubygems/test_gem_request_set_lockfile.rb +0 -469
  476. data/test/rubygems/test_gem_request_set_lockfile_parser.rb +0 -544
  477. data/test/rubygems/test_gem_request_set_lockfile_tokenizer.rb +0 -307
  478. data/test/rubygems/test_gem_requirement.rb +0 -505
  479. data/test/rubygems/test_gem_resolver.rb +0 -859
  480. data/test/rubygems/test_gem_resolver_activation_request.rb +0 -43
  481. data/test/rubygems/test_gem_resolver_api_set.rb +0 -210
  482. data/test/rubygems/test_gem_resolver_api_specification.rb +0 -167
  483. data/test/rubygems/test_gem_resolver_best_set.rb +0 -159
  484. data/test/rubygems/test_gem_resolver_composed_set.rb +0 -44
  485. data/test/rubygems/test_gem_resolver_conflict.rb +0 -82
  486. data/test/rubygems/test_gem_resolver_dependency_request.rb +0 -83
  487. data/test/rubygems/test_gem_resolver_git_set.rb +0 -188
  488. data/test/rubygems/test_gem_resolver_git_specification.rb +0 -114
  489. data/test/rubygems/test_gem_resolver_index_set.rb +0 -88
  490. data/test/rubygems/test_gem_resolver_index_specification.rb +0 -93
  491. data/test/rubygems/test_gem_resolver_installed_specification.rb +0 -47
  492. data/test/rubygems/test_gem_resolver_installer_set.rb +0 -320
  493. data/test/rubygems/test_gem_resolver_local_specification.rb +0 -44
  494. data/test/rubygems/test_gem_resolver_lock_set.rb +0 -62
  495. data/test/rubygems/test_gem_resolver_lock_specification.rb +0 -98
  496. data/test/rubygems/test_gem_resolver_requirement_list.rb +0 -19
  497. data/test/rubygems/test_gem_resolver_specification.rb +0 -63
  498. data/test/rubygems/test_gem_resolver_vendor_set.rb +0 -82
  499. data/test/rubygems/test_gem_resolver_vendor_specification.rb +0 -82
  500. data/test/rubygems/test_gem_security.rb +0 -341
  501. data/test/rubygems/test_gem_security_policy.rb +0 -535
  502. data/test/rubygems/test_gem_security_signer.rb +0 -218
  503. data/test/rubygems/test_gem_security_trust_dir.rb +0 -99
  504. data/test/rubygems/test_gem_silent_ui.rb +0 -123
  505. data/test/rubygems/test_gem_source.rb +0 -254
  506. data/test/rubygems/test_gem_source_fetch_problem.rb +0 -37
  507. data/test/rubygems/test_gem_source_git.rb +0 -310
  508. data/test/rubygems/test_gem_source_installed.rb +0 -35
  509. data/test/rubygems/test_gem_source_list.rb +0 -119
  510. data/test/rubygems/test_gem_source_local.rb +0 -107
  511. data/test/rubygems/test_gem_source_lock.rb +0 -113
  512. data/test/rubygems/test_gem_source_specific_file.rb +0 -76
  513. data/test/rubygems/test_gem_source_subpath_problem.rb +0 -50
  514. data/test/rubygems/test_gem_source_vendor.rb +0 -30
  515. data/test/rubygems/test_gem_spec_fetcher.rb +0 -338
  516. data/test/rubygems/test_gem_specification.rb +0 -3856
  517. data/test/rubygems/test_gem_stream_ui.rb +0 -255
  518. data/test/rubygems/test_gem_stub_specification.rb +0 -278
  519. data/test/rubygems/test_gem_text.rb +0 -103
  520. data/test/rubygems/test_gem_uninstaller.rb +0 -675
  521. data/test/rubygems/test_gem_unsatisfiable_dependency_error.rb +0 -31
  522. data/test/rubygems/test_gem_update_suggestion.rb +0 -209
  523. data/test/rubygems/test_gem_uri.rb +0 -41
  524. data/test/rubygems/test_gem_uri_formatter.rb +0 -27
  525. data/test/rubygems/test_gem_util.rb +0 -91
  526. data/test/rubygems/test_gem_validator.rb +0 -42
  527. data/test/rubygems/test_gem_version.rb +0 -305
  528. data/test/rubygems/test_gem_version_option.rb +0 -165
  529. data/test/rubygems/test_kernel.rb +0 -124
  530. data/test/rubygems/test_project_sanity.rb +0 -49
  531. data/test/rubygems/test_remote_fetch_error.rb +0 -20
  532. data/test/rubygems/test_require.rb +0 -732
  533. data/test/rubygems/test_rubygems.rb +0 -76
  534. data/test/rubygems/test_webauthn_listener.rb +0 -143
  535. data/test/rubygems/test_webauthn_listener_response.rb +0 -93
  536. data/test/rubygems/test_webauthn_poller.rb +0 -124
  537. data/test/rubygems/utilities.rb +0 -436
  538. data/test/rubygems/wrong_key_cert.pem +0 -19
  539. data/test/rubygems/wrong_key_cert_32.pem +0 -19
  540. data/test/test_changelog_generator.rb +0 -17
@@ -1,535 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require_relative "helper"
4
-
5
- unless Gem::HAVE_OPENSSL
6
- warn "Skipping Gem::Security::Policy tests. openssl not found."
7
- end
8
-
9
- class TestGemSecurityPolicy < Gem::TestCase
10
- ALTERNATE_KEY = load_key "alternate"
11
- INVALID_KEY = load_key "invalid"
12
- CHILD_KEY = load_key "child"
13
- GRANDCHILD_KEY = load_key "grandchild"
14
- INVALIDCHILD_KEY = load_key "invalidchild"
15
-
16
- ALTERNATE_CERT = load_cert "alternate"
17
- CA_CERT = load_cert "ca"
18
- CHILD_CERT = load_cert "child"
19
- EXPIRED_CERT = load_cert "expired"
20
- FUTURE_CERT = load_cert "future"
21
- GRANDCHILD_CERT = load_cert "grandchild"
22
- INVALIDCHILD_CERT = load_cert "invalidchild"
23
- INVALID_ISSUER_CERT = load_cert "invalid_issuer"
24
- INVALID_SIGNER_CERT = load_cert "invalid_signer"
25
- WRONG_KEY_CERT = load_cert "wrong_key"
26
-
27
- def setup
28
- super
29
-
30
- @spec = quick_gem "a" do |s|
31
- s.description = "π"
32
- s.files = %w[lib/code.rb]
33
- end
34
-
35
- @digest = OpenSSL::Digest.new Gem::Security::DIGEST_NAME
36
- @trust_dir = Gem::Security.trust_dir.dir # HACK: use the object
37
-
38
- @no = Gem::Security::NoSecurity
39
- @almost_no = Gem::Security::AlmostNoSecurity
40
- @low = Gem::Security::LowSecurity
41
- @medium = Gem::Security::MediumSecurity
42
- @high = Gem::Security::HighSecurity
43
-
44
- @chain = Gem::Security::Policy.new(
45
- "Chain",
46
- :verify_data => true,
47
- :verify_signer => true,
48
- :verify_chain => true,
49
- :verify_root => false,
50
- :only_trusted => false,
51
- :only_signed => false
52
- )
53
-
54
- @root = Gem::Security::Policy.new(
55
- "Root",
56
- :verify_data => true,
57
- :verify_signer => true,
58
- :verify_chain => true,
59
- :verify_root => true,
60
- :only_trusted => false,
61
- :only_signed => false
62
- )
63
- end
64
-
65
- def test_check_data
66
- data = digest "hello"
67
-
68
- signature = sign data
69
-
70
- assert @almost_no.check_data(PUBLIC_KEY, @digest, signature, data)
71
- end
72
-
73
- def test_check_data_invalid
74
- data = digest "hello"
75
-
76
- signature = sign data
77
-
78
- invalid = digest "hello!"
79
-
80
- e = assert_raise Gem::Security::Exception do
81
- @almost_no.check_data PUBLIC_KEY, @digest, signature, invalid
82
- end
83
-
84
- assert_equal "invalid signature", e.message
85
- end
86
-
87
- def test_check_chain
88
- chain = [PUBLIC_CERT, CHILD_CERT, GRANDCHILD_CERT]
89
-
90
- assert @chain.check_chain chain, Time.now
91
- end
92
-
93
- def test_check_chain_empty_chain
94
- e = assert_raise Gem::Security::Exception do
95
- @chain.check_chain [], Time.now
96
- end
97
-
98
- assert_equal "empty signing chain", e.message
99
- end
100
-
101
- def test_check_chain_invalid
102
- chain = [PUBLIC_CERT, CHILD_CERT, INVALIDCHILD_CERT]
103
-
104
- e = assert_raise Gem::Security::Exception do
105
- @chain.check_chain chain, Time.now
106
- end
107
-
108
- assert_equal "invalid signing chain: " +
109
- "certificate #{INVALIDCHILD_CERT.subject} " +
110
- "was not issued by #{CHILD_CERT.subject}", e.message
111
- end
112
-
113
- def test_check_chain_no_chain
114
- e = assert_raise Gem::Security::Exception do
115
- @chain.check_chain nil, Time.now
116
- end
117
-
118
- assert_equal "missing signing chain", e.message
119
- end
120
-
121
- def test_check_cert
122
- assert @low.check_cert(PUBLIC_CERT, nil, Time.now)
123
- end
124
-
125
- def test_check_cert_expired
126
- e = assert_raise Gem::Security::Exception do
127
- @low.check_cert EXPIRED_CERT, nil, Time.now
128
- end
129
-
130
- assert_equal "certificate #{EXPIRED_CERT.subject} " +
131
- "not valid after #{EXPIRED_CERT.not_after}",
132
- e.message
133
- end
134
-
135
- def test_check_cert_future
136
- e = assert_raise Gem::Security::Exception do
137
- @low.check_cert FUTURE_CERT, nil, Time.now
138
- end
139
-
140
- assert_equal "certificate #{FUTURE_CERT.subject} " +
141
- "not valid before #{FUTURE_CERT.not_before}",
142
- e.message
143
- end
144
-
145
- def test_check_cert_invalid_issuer
146
- e = assert_raise Gem::Security::Exception do
147
- @low.check_cert INVALID_ISSUER_CERT, PUBLIC_CERT, Time.now
148
- end
149
-
150
- assert_equal "certificate #{INVALID_ISSUER_CERT.subject} " +
151
- "was not issued by #{PUBLIC_CERT.subject}",
152
- e.message
153
- end
154
-
155
- def test_check_cert_issuer
156
- assert @low.check_cert(CHILD_CERT, PUBLIC_CERT, Time.now)
157
- end
158
-
159
- def test_check_cert_no_signer
160
- e = assert_raise Gem::Security::Exception do
161
- @high.check_cert(nil, nil, Time.now)
162
- end
163
-
164
- assert_equal "missing signing certificate", e.message
165
- end
166
-
167
- def test_check_key
168
- assert @almost_no.check_key(PUBLIC_CERT, PRIVATE_KEY)
169
- end
170
-
171
- def test_check_key_no_signer
172
- assert @almost_no.check_key(nil, nil)
173
-
174
- e = assert_raise Gem::Security::Exception do
175
- @high.check_key(nil, nil)
176
- end
177
-
178
- assert_equal "missing key or signature", e.message
179
- end
180
-
181
- def test_check_key_wrong_key
182
- e = assert_raise Gem::Security::Exception do
183
- @almost_no.check_key(PUBLIC_CERT, ALTERNATE_KEY)
184
- end
185
-
186
- assert_equal "certificate #{PUBLIC_CERT.subject} " +
187
- "does not match the signing key", e.message
188
- end
189
-
190
- def test_check_root
191
- chain = [PUBLIC_CERT, CHILD_CERT, INVALIDCHILD_CERT]
192
-
193
- assert @chain.check_root chain, Time.now
194
- end
195
-
196
- def test_check_root_empty_chain
197
- e = assert_raise Gem::Security::Exception do
198
- @chain.check_root [], Time.now
199
- end
200
-
201
- assert_equal "missing root certificate", e.message
202
- end
203
-
204
- def test_check_root_invalid_signer
205
- chain = [INVALID_SIGNER_CERT]
206
-
207
- e = assert_raise Gem::Security::Exception do
208
- @chain.check_root chain, Time.now
209
- end
210
-
211
- assert_equal "certificate #{INVALID_SIGNER_CERT.subject} " +
212
- "was not issued by #{INVALID_SIGNER_CERT.issuer}",
213
- e.message
214
- end
215
-
216
- def test_check_root_not_self_signed
217
- chain = [INVALID_ISSUER_CERT]
218
-
219
- e = assert_raise Gem::Security::Exception do
220
- @chain.check_root chain, Time.now
221
- end
222
-
223
- assert_equal "root certificate #{INVALID_ISSUER_CERT.subject} " +
224
- "is not self-signed (issuer #{INVALID_ISSUER_CERT.issuer})",
225
- e.message
226
- end
227
-
228
- def test_check_root_no_chain
229
- e = assert_raise Gem::Security::Exception do
230
- @chain.check_root nil, Time.now
231
- end
232
-
233
- assert_equal "missing signing chain", e.message
234
- end
235
-
236
- def test_check_trust
237
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
238
-
239
- assert @high.check_trust [PUBLIC_CERT], @digest, @trust_dir
240
- end
241
-
242
- def test_check_trust_child
243
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
244
-
245
- assert @high.check_trust [PUBLIC_CERT, CHILD_CERT], @digest, @trust_dir
246
- end
247
-
248
- def test_check_trust_empty_chain
249
- e = assert_raise Gem::Security::Exception do
250
- @chain.check_trust [], @digest, @trust_dir
251
- end
252
-
253
- assert_equal "missing root certificate", e.message
254
- end
255
-
256
- def test_check_trust_mismatch
257
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
258
-
259
- e = assert_raise Gem::Security::Exception do
260
- @high.check_trust [WRONG_KEY_CERT], @digest, @trust_dir
261
- end
262
-
263
- assert_equal "trusted root certificate #{PUBLIC_CERT.subject} checksum " +
264
- "does not match signing root certificate checksum", e.message
265
- end
266
-
267
- def test_check_trust_no_chain
268
- e = assert_raise Gem::Security::Exception do
269
- @chain.check_trust nil, @digest, @trust_dir
270
- end
271
-
272
- assert_equal "missing signing chain", e.message
273
- end
274
-
275
- def test_check_trust_no_trust
276
- e = assert_raise Gem::Security::Exception do
277
- @high.check_trust [PUBLIC_CERT], @digest, @trust_dir
278
- end
279
-
280
- assert_equal "root cert #{PUBLIC_CERT.subject} is not trusted", e.message
281
- end
282
-
283
- def test_check_trust_no_trust_child
284
- e = assert_raise Gem::Security::Exception do
285
- @high.check_trust [PUBLIC_CERT, CHILD_CERT], @digest, @trust_dir
286
- end
287
-
288
- assert_equal "root cert #{PUBLIC_CERT.subject} is not trusted " +
289
- "(root of signing cert #{CHILD_CERT.subject})", e.message
290
- end
291
-
292
- def test_subject
293
- assert_equal "email:nobody@example", @no.subject(PUBLIC_CERT)
294
- assert_equal "/C=JP/ST=Tokyo/O=RubyGemsTest/CN=CA", @no.subject(CA_CERT)
295
- end
296
-
297
- def test_verify
298
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
299
-
300
- assert @almost_no.verify [PUBLIC_CERT], nil, *dummy_signatures
301
- end
302
-
303
- def test_verify_chain_signatures
304
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
305
-
306
- assert @high.verify [PUBLIC_CERT], nil, *dummy_signatures
307
- end
308
-
309
- def test_verify_chain_key
310
- @almost_no.verify [PUBLIC_CERT], PRIVATE_KEY, *dummy_signatures
311
- end
312
-
313
- def test_verify_no_digests
314
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
315
-
316
- _, signatures = dummy_signatures
317
-
318
- e = assert_raise Gem::Security::Exception do
319
- @almost_no.verify [PUBLIC_CERT], nil, {}, signatures
320
- end
321
-
322
- assert_equal "no digests provided (probable bug)", e.message
323
- end
324
-
325
- def test_verify_no_digests_no_security
326
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
327
-
328
- _, signatures = dummy_signatures
329
-
330
- e = assert_raise Gem::Security::Exception do
331
- @no.verify [PUBLIC_CERT], nil, {}, signatures
332
- end
333
-
334
- assert_equal "missing digest for 0", e.message
335
- end
336
-
337
- def test_verify_no_signatures
338
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
339
-
340
- digests, = dummy_signatures
341
-
342
- use_ui @ui do
343
- @no.verify [PUBLIC_CERT], nil, digests, {}, "some_gem"
344
- end
345
-
346
- assert_match "WARNING: some_gem is not signed\n", @ui.error
347
-
348
- assert_raise Gem::Security::Exception do
349
- @high.verify [PUBLIC_CERT], nil, digests, {}
350
- end
351
- end
352
-
353
- def test_verify_no_signatures_no_digests
354
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
355
-
356
- use_ui @ui do
357
- @no.verify [PUBLIC_CERT], nil, {}, {}, "some_gem"
358
- end
359
-
360
- assert_empty @ui.output
361
- assert_empty @ui.error
362
- end
363
-
364
- def test_verify_not_enough_signatures
365
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
366
-
367
- digests, signatures = dummy_signatures
368
-
369
- data = digest "goodbye"
370
-
371
- signatures[1] = PRIVATE_KEY.sign @digest.new, data.digest
372
-
373
- e = assert_raise Gem::Security::Exception do
374
- @almost_no.verify [PUBLIC_CERT], nil, digests, signatures
375
- end
376
-
377
- assert_equal "missing digest for 1", e.message
378
- end
379
-
380
- def test_verify_no_trust
381
- digests, signatures = dummy_signatures
382
-
383
- use_ui @ui do
384
- @low.verify [PUBLIC_CERT], nil, digests, signatures, "some_gem"
385
- end
386
-
387
- assert_equal "WARNING: email:nobody@example is not trusted for some_gem\n",
388
- @ui.error
389
-
390
- assert_raise Gem::Security::Exception do
391
- @medium.verify [PUBLIC_CERT], nil, digests, signatures
392
- end
393
- end
394
-
395
- def test_verify_wrong_digest_type
396
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
397
-
398
- data = OpenSSL::Digest.new("SHA512")
399
- data << "hello"
400
-
401
- digests = { "SHA512" => { 0 => data } }
402
- signature = PRIVATE_KEY.sign "sha512", data.digest
403
- signatures = { 0 => signature }
404
-
405
- e = assert_raise Gem::Security::Exception do
406
- @almost_no.verify [PUBLIC_CERT], nil, digests, signatures
407
- end
408
-
409
- assert_equal "no digests provided (probable bug)", e.message
410
- end
411
-
412
- def test_verify_signatures_chain
413
- @spec.cert_chain = [PUBLIC_CERT, CHILD_CERT]
414
-
415
- assert @chain.verify_signatures @spec, *dummy_signatures(CHILD_KEY)
416
- end
417
-
418
- def test_verify_signatures_data
419
- @spec.cert_chain = [PUBLIC_CERT]
420
-
421
- @almost_no.verify_signatures @spec, *dummy_signatures
422
- end
423
-
424
- def test_verify_signatures_root
425
- @spec.cert_chain = [PUBLIC_CERT, CHILD_CERT]
426
-
427
- assert @root.verify_signatures @spec, *dummy_signatures(CHILD_KEY)
428
- end
429
-
430
- def test_verify_signatures_signer
431
- @spec.cert_chain = [PUBLIC_CERT]
432
-
433
- assert @low.verify_signatures @spec, *dummy_signatures
434
- end
435
-
436
- def test_verify_signatures_trust
437
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
438
-
439
- @spec.cert_chain = [PUBLIC_CERT]
440
-
441
- assert @high.verify_signatures @spec, *dummy_signatures
442
- end
443
-
444
- def test_verify_signatures
445
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
446
-
447
- @spec.cert_chain = [PUBLIC_CERT.to_s]
448
-
449
- metadata_gz = Gem::Util.gzip @spec.to_yaml
450
-
451
- package = Gem::Package.new "nonexistent.gem"
452
- package.checksums[Gem::Security::DIGEST_NAME] = {}
453
-
454
- s = StringIO.new metadata_gz
455
- def s.full_name() "metadata.gz" end
456
-
457
- digests = package.digest s
458
- metadata_gz_digest = digests[Gem::Security::DIGEST_NAME]["metadata.gz"]
459
-
460
- signatures = {}
461
- signatures["metadata.gz"] =
462
- PRIVATE_KEY.sign @digest.new, metadata_gz_digest.digest
463
-
464
- assert @high.verify_signatures @spec, digests, signatures
465
- end
466
-
467
- def test_verify_signatures_missing
468
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
469
-
470
- @spec.cert_chain = [PUBLIC_CERT.to_s]
471
-
472
- metadata_gz = Gem::Util.gzip @spec.to_yaml
473
-
474
- package = Gem::Package.new "nonexistent.gem"
475
- package.checksums[Gem::Security::DIGEST_NAME] = {}
476
-
477
- s = StringIO.new metadata_gz
478
- def s.full_name() "metadata.gz" end
479
-
480
- digests = package.digest s
481
- digests[Gem::Security::DIGEST_NAME]["data.tar.gz"] = @digest.hexdigest "hello"
482
-
483
- metadata_gz_digest = digests[Gem::Security::DIGEST_NAME]["metadata.gz"]
484
-
485
- signatures = {}
486
- signatures["metadata.gz"] =
487
- PRIVATE_KEY.sign @digest.new, metadata_gz_digest.digest
488
-
489
- e = assert_raise Gem::Security::Exception do
490
- @high.verify_signatures @spec, digests, signatures
491
- end
492
-
493
- assert_equal "missing signature for data.tar.gz", e.message
494
- end
495
-
496
- def test_verify_signatures_none
497
- Gem::Security.trust_dir.trust_cert PUBLIC_CERT
498
-
499
- @spec.cert_chain = [PUBLIC_CERT.to_s]
500
-
501
- metadata_gz = Gem::Util.gzip @spec.to_yaml
502
-
503
- package = Gem::Package.new "nonexistent.gem"
504
- package.checksums[Gem::Security::DIGEST_NAME] = {}
505
-
506
- s = StringIO.new metadata_gz
507
- def s.full_name() "metadata.gz" end
508
-
509
- digests = package.digest s
510
- digests[Gem::Security::DIGEST_NAME]["data.tar.gz"] = @digest.hexdigest "hello"
511
-
512
- assert_raise Gem::Security::Exception do
513
- @high.verify_signatures @spec, digests, {}
514
- end
515
- end
516
-
517
- def digest(data)
518
- digester = @digest.new
519
- digester << data
520
- digester
521
- end
522
-
523
- def sign(data, key = PRIVATE_KEY)
524
- key.sign @digest.new, data.digest
525
- end
526
-
527
- def dummy_signatures(key = PRIVATE_KEY)
528
- data = digest "hello"
529
-
530
- digests = { Gem::Security::DIGEST_NAME => { 0 => data } }
531
- signatures = { 0 => sign(data, key) }
532
-
533
- [digests, signatures]
534
- end
535
- end if Gem::HAVE_OPENSSL