diff options
author | hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-10-12 06:24:59 +0000 |
---|---|---|
committer | hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-10-12 06:24:59 +0000 |
commit | 2e5fffa7cf8ca1047c26ea8b3d98d2f1d8f11dcf (patch) | |
tree | 3b73cddc0f5eaa23cdb9d097d531015ca02bdbf9 | |
parent | 2db9a0db991bff28ea55fa04a291ff5db02a7b72 (diff) |
* tool/downloader.rb: Removed verification of gem certification.
Because signed gem is not working on rubygems ecosystem.
* tool/gem-unpack.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56399 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | tool/downloader.rb | 15 | ||||
-rwxr-xr-x | tool/gem-unpack.rb | 3 |
3 files changed, 6 insertions, 18 deletions
@@ -1,3 +1,9 @@ +Wed Oct 12 15:24:53 2016 SHIBATA Hiroshi <hsbt@ruby-lang.org> + + * tool/downloader.rb: Removed verification of gem certification. + Because signed gem is not working on rubygems ecosystem. + * tool/gem-unpack.rb: ditto. + Tue Oct 11 22:08:24 2016 Nobuyoshi Nakada <nobu@ruby-lang.org> * io.c (prep_io): fix typo of struct member name. diff --git a/tool/downloader.rb b/tool/downloader.rb index aa5490f96f..6c34f73ca2 100644 --- a/tool/downloader.rb +++ b/tool/downloader.rb @@ -59,27 +59,12 @@ class Downloader class RubyGems < self def self.download(name, dir = nil, since = true, options = {}) require 'rubygems' - require 'rubygems/package' verify = options.delete(:verify) {Gem::VERSION >= "2.4."} options[:ssl_ca_cert] = Dir.glob(File.expand_path("../lib/rubygems/ssl_certs/**/*.pem", File.dirname(__FILE__))) file = under(dir, name) super("https://rubygems.org/downloads/#{name}", file, nil, since, options) or return false return true unless verify - policy = Gem::Security::LowSecurity - (policy = policy.dup).ui = Gem::SilentUI.new if policy.respond_to?(:'ui=') - pkg = Gem::Package.new(file) - pkg.security_policy = policy - begin - $stdout.puts "verifying #{name}" - pkg.verify - rescue Gem::Security::Exception => e - $stderr.puts "#{name}: #{e.message}" - File.unlink(file) - false - else - true - end end end diff --git a/tool/gem-unpack.rb b/tool/gem-unpack.rb index f069d144ec..0ddcea0704 100755 --- a/tool/gem-unpack.rb +++ b/tool/gem-unpack.rb @@ -5,10 +5,7 @@ require 'rubygems/package' # unpack bundled gem files. def Gem.unpack(file, dir = nil) - policy = Gem::Security::LowSecurity - (policy = policy.dup).ui = Gem::SilentUI.new pkg = Gem::Package.new(file) - pkg.security_policy = policy spec = pkg.spec target = spec.full_name target = File.join(dir, target) if dir |