Merge rubygems master branch from github.com/rubygems/rubygems.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65294 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 15 insertions, 4 deletions

diff --git a/lib/rubygems/package.rb b/lib/rubygems/package.rb
index ec9541d19b..a71c41afc7 100644
--- a/lib/rubygems/package.rb
+++ b/lib/rubygems/package.rb
@@ -119,7 +119,7 @@ class Gem::Package
   # Permission for other files
   attr_accessor :data_mode
 
-  def self.build spec, skip_validation=false, strict_validation=false
+  def self.build spec, skip_validation = false, strict_validation = false
     gem_file = spec.file_name
 
     package = new gem_file
@@ -263,7 +263,11 @@ class Gem::Package
     @spec.mark_version
     @spec.validate true, strict_validation unless skip_validation
 
-    setup_signer
+    setup_signer(
+      signer_options: {
+        expiration_length_days: Gem.configuration.cert_expiration_length_days
+      }
+    )
 
     @gem.with_write_io do |gem_io|
       Gem::Package::TarWriter.new gem_io do |gem|
@@ -521,10 +525,17 @@ EOM
   # Prepares the gem for signing and checksum generation.  If a signing
   # certificate and key are not present only checksum generation is set up.
 
-  def setup_signer
+  def setup_signer(signer_options: {})
     passphrase = ENV['GEM_PRIVATE_KEY_PASSPHRASE']
     if @spec.signing_key then
-      @signer = Gem::Security::Signer.new @spec.signing_key, @spec.cert_chain, passphrase
+      @signer =
+        Gem::Security::Signer.new(
+          @spec.signing_key,
+          @spec.cert_chain,
+          passphrase,
+          signer_options
+        )
+
       @spec.signing_key = nil
       @spec.cert_chain = @signer.cert_chain.map { |cert| cert.to_s }
     else