ruby-changes:51639
From: kazu <ko1@a...>
Date: Wed, 4 Jul 2018 21:45:53 +0900 (JST)
Subject: [ruby-changes:51639] kazu:r63851 (trunk): Fallback to Digest::SHA512
kazu 2018-07-04 21:45:47 +0900 (Wed, 04 Jul 2018) New Revision: 63851 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=63851 Log: Fallback to Digest::SHA512 `Gem::Package::TarWriter#add_file_signed` expects to fallback to `Digest::SHA512`, and `digest.respond_to? :name` or not. So lib/rubygems/security.rb should use same logic for `Gem::Security::DIGEST_ALGORITHM` and `Gem::Security::DIGEST_NAME`. Modified files: trunk/lib/rubygems/package/tar_writer.rb trunk/lib/rubygems/security.rb Index: lib/rubygems/security.rb =================================================================== --- lib/rubygems/security.rb (revision 63850) +++ lib/rubygems/security.rb (revision 63851) @@ -344,14 +344,19 @@ module Gem::Security https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security.rb#L344 OpenSSL::Digest::SHA256 elsif defined?(OpenSSL::Digest::SHA1) then OpenSSL::Digest::SHA1 + else + require 'digest' + Digest::SHA512 end ## # Used internally to select the signing digest from all computed digests DIGEST_NAME = # :nodoc: - if DIGEST_ALGORITHM then + if DIGEST_ALGORITHM.method_defined? :name then DIGEST_ALGORITHM.new.name + else + DIGEST_ALGORITHM.name[/::([^:]+)\z/, 1] end ## Index: lib/rubygems/package/tar_writer.rb =================================================================== --- lib/rubygems/package/tar_writer.rb (revision 63850) +++ lib/rubygems/package/tar_writer.rb (revision 63851) @@ -187,8 +187,7 @@ class Gem::Package::TarWriter https://github.com/ruby/ruby/blob/trunk/lib/rubygems/package/tar_writer.rb#L187 if digest.respond_to? :name then digest.name else - /::([^:]+)$/ =~ digest.class.name - $1 + digest.class.name[/::([^:]+)\z/, 1] end digest_name == signer.digest_name -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/