archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-08-23 21:14:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

downloader.rb: verify gems

Browse source 
* tool/downloader.rb (RubyGems.download): verify downloaded gem
  packages.  LowSecurity to allow untrusted certificates now.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49251 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2015-01-14 07:45:28 +00:00
parent 095886b572
commit a9e033b104
2 changed files with 29 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog
View file

@ -1,3 +1,8 @@
Wed Jan 14 16:45:24 2015 Nobuyoshi Nakada <nobu@ruby-lang.org>
* tool/downloader.rb (RubyGems.download): verify downloaded gem
packages. LowSecurity to allow untrusted certificates now.
Wed Jan 14 15:43:48 2015 Nobuyoshi Nakada <nobu@ruby-lang.org> Wed Jan 14 15:43:48 2015 Nobuyoshi Nakada <nobu@ruby-lang.org>
* ext/readline/readline.c (readline_s_refresh_line): initialize * ext/readline/readline.c (readline_s_refresh_line): initialize

26
tool/downloader.rb
View file

@ -38,11 +38,29 @@ class Downloader
class RubyGems < self class RubyGems < self
def self.download(name, dir = nil, ims = true, options = {}) def self.download(name, dir = nil, ims = true, options = {})
require 'rubygems'
require 'rubygems/package'
options[:ssl_ca_cert] = Dir.glob(File.expand_path("../lib/rubygems/ssl_certs/*.pem", File.dirname(__FILE__))) options[:ssl_ca_cert] = Dir.glob(File.expand_path("../lib/rubygems/ssl_certs/*.pem", File.dirname(__FILE__)))
if $rubygems_schema != 'https' if $rubygems_schema != 'https'
warn "*** using http instead of https ***" warn "*** using http instead of https ***"
end end
super("#{$rubygems_schema}://rubygems.org/downloads/#{name}", name, dir, ims, options) file = under(dir, name)
super("#{$rubygems_schema}://rubygems.org/downloads/#{name}", file, nil, ims, options) or
return false
pkg = Gem::Package.new(file)
pkg.security_policy = Gem::Security::LowSecurity
begin
pkg.verify
rescue Gem::Security::Exception => e
$stderr.puts e.message
File.unlink(file)
false
else
true
end
end
def self.verify(pkg)
end end
end end
@ -86,7 +104,7 @@ class Downloader
# download 'http://www.unicode.org/Public/UCD/latest/ucd/UnicodeData.txt', # download 'http://www.unicode.org/Public/UCD/latest/ucd/UnicodeData.txt',
# 'UnicodeData.txt', 'enc/unicode/data' # 'UnicodeData.txt', 'enc/unicode/data'
def self.download(url, name, dir = nil, ims = true, options = {}) def self.download(url, name, dir = nil, ims = true, options = {})
file = dir ? File.join(dir, File.basename(name)) : name file = under(dir, name)
if ims.nil? and File.exist?(file) if ims.nil? and File.exist?(file)
if $VERBOSE if $VERBOSE
$stdout.puts "#{name} already exists" $stdout.puts "#{name} already exists"
@ -141,6 +159,10 @@ class Downloader
rescue => e rescue => e
raise "failed to download #{name}\n#{e.message}: #{url}" raise "failed to download #{name}\n#{e.message}: #{url}"
end end
def self.under(dir, name)
dir ? File.join(dir, File.basename(name)) : name
end
end end
if $0 == __FILE__ if $0 == __FILE__