ruby-changes:27114
From: drbrain <ko1@a...>
Date: Sat, 9 Feb 2013 10:17:48 +0900 (JST)
Subject: [ruby-changes:27114] drbrain:r39166 (trunk): * lib/rubygems/package/old.rb: Fix behavior only on ruby 1.8.
drbrain 2013-02-09 09:24:55 +0900 (Sat, 09 Feb 2013) New Revision: 39166 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=39166 Log: * lib/rubygems/package/old.rb: Fix behavior only on ruby 1.8. * lib/rubygems/package.rb: Include checksums.yaml.gz signatures for verification. * test/rubygems/test_gem_package.rb: Test for the above. Modified files: trunk/ChangeLog trunk/lib/rubygems/package/old.rb trunk/lib/rubygems/package.rb trunk/test/rubygems/test_gem_package.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 39165) +++ ChangeLog (revision 39166) @@ -1,3 +1,11 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Sat Feb 9 09:24:38 2013 Eric Hodel <drbrain@s...> + + * lib/rubygems/package/old.rb: Fix behavior only on ruby 1.8. + + * lib/rubygems/package.rb: Include checksums.yaml.gz signatures for + verification. + * test/rubygems/test_gem_package.rb: Test for the above. + Sat Feb 9 01:23:24 2013 Tanaka Akira <akr@f...> * test/fiddle/helper.rb: specify libc and libm locations for MirOS BSD. Index: lib/rubygems/package/old.rb =================================================================== --- lib/rubygems/package/old.rb (revision 39165) +++ lib/rubygems/package/old.rb (revision 39166) @@ -23,9 +23,10 @@ class Gem::Package::Old < Gem::Package https://github.com/ruby/ruby/blob/trunk/lib/rubygems/package/old.rb#L23 require 'zlib' Gem.load_yaml - @gem = gem - @contents = nil - @spec = nil + @contents = nil + @gem = gem + @security_policy = nil + @spec = nil end ## @@ -142,7 +143,7 @@ class Gem::Package::Old < Gem::Package https://github.com/ruby/ruby/blob/trunk/lib/rubygems/package/old.rb#L143 end end - yaml_error = if RUBY_VERSION < '1.8' then + yaml_error = if RUBY_VERSION < '1.9' then YAML::ParseError elsif YAML::ENGINE.yamler == 'syck' then YAML::ParseError Index: lib/rubygems/package.rb =================================================================== --- lib/rubygems/package.rb (revision 39165) +++ lib/rubygems/package.rb (revision 39166) @@ -518,8 +518,6 @@ EOM https://github.com/ruby/ruby/blob/trunk/lib/rubygems/package.rb#L518 when /\.sig$/ then @signatures[$`] = entry.read if @security_policy next - when 'checksums.yaml.gz' then - next # already handled else digest entry end Index: test/rubygems/test_gem_package.rb =================================================================== --- test/rubygems/test_gem_package.rb (revision 39165) +++ test/rubygems/test_gem_package.rb (revision 39166) @@ -511,6 +511,24 @@ class TestGemPackage < Gem::Package::Tar https://github.com/ruby/ruby/blob/trunk/test/rubygems/test_gem_package.rb#L511 assert_empty package.instance_variable_get(:@files), '@files must empty' end + def test_verify_security_policy_low_security + @spec.cert_chain = [PUBLIC_CERT.to_pem] + @spec.signing_key = PRIVATE_KEY + + FileUtils.mkdir_p 'lib' + FileUtils.touch 'lib/code.rb' + + build = Gem::Package.new @gem + build.spec = @spec + + build.build + + package = Gem::Package.new @gem + package.security_policy = Gem::Security::LowSecurity + + assert package.verify + end + def test_verify_security_policy_checksum_missing @spec.cert_chain = [PUBLIC_CERT.to_pem] @spec.signing_key = PRIVATE_KEY -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/