* lib/rubygems/package/old.rb: Fix behavior only on ruby 1.8.
* lib/rubygems/package.rb: Include checksums.yaml.gz signatures for verification. * test/rubygems/test_gem_package.rb: Test for the above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39166 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
35a5e37649
commit
7f046c653c
@ -1,3 +1,11 @@
|
|||||||
|
Sat Feb 9 09:24:38 2013 Eric Hodel <drbrain@segment7.net>
|
||||||
|
|
||||||
|
* lib/rubygems/package/old.rb: Fix behavior only on ruby 1.8.
|
||||||
|
|
||||||
|
* lib/rubygems/package.rb: Include checksums.yaml.gz signatures for
|
||||||
|
verification.
|
||||||
|
* test/rubygems/test_gem_package.rb: Test for the above.
|
||||||
|
|
||||||
Sat Feb 9 01:23:24 2013 Tanaka Akira <akr@fsij.org>
|
Sat Feb 9 01:23:24 2013 Tanaka Akira <akr@fsij.org>
|
||||||
|
|
||||||
* test/fiddle/helper.rb: specify libc and libm locations for MirOS BSD.
|
* test/fiddle/helper.rb: specify libc and libm locations for MirOS BSD.
|
||||||
|
@ -518,8 +518,6 @@ EOM
|
|||||||
when /\.sig$/ then
|
when /\.sig$/ then
|
||||||
@signatures[$`] = entry.read if @security_policy
|
@signatures[$`] = entry.read if @security_policy
|
||||||
next
|
next
|
||||||
when 'checksums.yaml.gz' then
|
|
||||||
next # already handled
|
|
||||||
else
|
else
|
||||||
digest entry
|
digest entry
|
||||||
end
|
end
|
||||||
|
@ -23,8 +23,9 @@ class Gem::Package::Old < Gem::Package
|
|||||||
require 'zlib'
|
require 'zlib'
|
||||||
Gem.load_yaml
|
Gem.load_yaml
|
||||||
|
|
||||||
@gem = gem
|
|
||||||
@contents = nil
|
@contents = nil
|
||||||
|
@gem = gem
|
||||||
|
@security_policy = nil
|
||||||
@spec = nil
|
@spec = nil
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -142,7 +143,7 @@ class Gem::Package::Old < Gem::Package
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
yaml_error = if RUBY_VERSION < '1.8' then
|
yaml_error = if RUBY_VERSION < '1.9' then
|
||||||
YAML::ParseError
|
YAML::ParseError
|
||||||
elsif YAML::ENGINE.yamler == 'syck' then
|
elsif YAML::ENGINE.yamler == 'syck' then
|
||||||
YAML::ParseError
|
YAML::ParseError
|
||||||
|
@ -511,6 +511,24 @@ class TestGemPackage < Gem::Package::TarTestCase
|
|||||||
assert_empty package.instance_variable_get(:@files), '@files must empty'
|
assert_empty package.instance_variable_get(:@files), '@files must empty'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def test_verify_security_policy_low_security
|
||||||
|
@spec.cert_chain = [PUBLIC_CERT.to_pem]
|
||||||
|
@spec.signing_key = PRIVATE_KEY
|
||||||
|
|
||||||
|
FileUtils.mkdir_p 'lib'
|
||||||
|
FileUtils.touch 'lib/code.rb'
|
||||||
|
|
||||||
|
build = Gem::Package.new @gem
|
||||||
|
build.spec = @spec
|
||||||
|
|
||||||
|
build.build
|
||||||
|
|
||||||
|
package = Gem::Package.new @gem
|
||||||
|
package.security_policy = Gem::Security::LowSecurity
|
||||||
|
|
||||||
|
assert package.verify
|
||||||
|
end
|
||||||
|
|
||||||
def test_verify_security_policy_checksum_missing
|
def test_verify_security_policy_checksum_missing
|
||||||
@spec.cert_chain = [PUBLIC_CERT.to_pem]
|
@spec.cert_chain = [PUBLIC_CERT.to_pem]
|
||||||
@spec.signing_key = PRIVATE_KEY
|
@spec.signing_key = PRIVATE_KEY
|
||||||
|
Loading…
x
Reference in New Issue
Block a user