[前][次][番号順一覧][スレッド一覧]

ruby-changes:51639

From: kazu <ko1@a...>
Date: Wed, 4 Jul 2018 21:45:53 +0900 (JST)
Subject: [ruby-changes:51639] kazu:r63851 (trunk): Fallback to Digest::SHA512

kazu	2018-07-04 21:45:47 +0900 (Wed, 04 Jul 2018)

  New Revision: 63851

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=63851

  Log:
    Fallback to Digest::SHA512
    
    `Gem::Package::TarWriter#add_file_signed` expects to fallback to
    `Digest::SHA512`, and `digest.respond_to? :name` or not.
    So lib/rubygems/security.rb should use same logic for
    `Gem::Security::DIGEST_ALGORITHM` and `Gem::Security::DIGEST_NAME`.

  Modified files:
    trunk/lib/rubygems/package/tar_writer.rb
    trunk/lib/rubygems/security.rb
Index: lib/rubygems/security.rb
===================================================================
--- lib/rubygems/security.rb	(revision 63850)
+++ lib/rubygems/security.rb	(revision 63851)
@@ -344,14 +344,19 @@ module Gem::Security https://github.com/ruby/ruby/blob/trunk/lib/rubygems/security.rb#L344
       OpenSSL::Digest::SHA256
     elsif defined?(OpenSSL::Digest::SHA1) then
       OpenSSL::Digest::SHA1
+    else
+      require 'digest'
+      Digest::SHA512
     end
 
   ##
   # Used internally to select the signing digest from all computed digests
 
   DIGEST_NAME = # :nodoc:
-    if DIGEST_ALGORITHM then
+    if DIGEST_ALGORITHM.method_defined? :name then
       DIGEST_ALGORITHM.new.name
+    else
+      DIGEST_ALGORITHM.name[/::([^:]+)\z/, 1]
     end
 
   ##
Index: lib/rubygems/package/tar_writer.rb
===================================================================
--- lib/rubygems/package/tar_writer.rb	(revision 63850)
+++ lib/rubygems/package/tar_writer.rb	(revision 63851)
@@ -187,8 +187,7 @@ class Gem::Package::TarWriter https://github.com/ruby/ruby/blob/trunk/lib/rubygems/package/tar_writer.rb#L187
         if digest.respond_to? :name then
           digest.name
         else
-          /::([^:]+)$/ =~ digest.class.name
-          $1
+          digest.class.name[/::([^:]+)\z/, 1]
         end
 
       digest_name == signer.digest_name

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]