diff options
| author | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2013-09-14 08:59:02 +0000 |
|---|---|---|
| committer | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2013-09-14 08:59:02 +0000 |
| commit | 269503b544247b5b3e30dbe60a0bab4f2ca00e4e (patch) | |
| tree | a6d0a3a9b34017c4c84d997152a3aaf3086e1ce1 /lib/rubygems/security.rb | |
| parent | 2614d9ba2fb5ad171200cccc88f42fa659b527c6 (diff) | |
Revert r42938 "* lib/rubygems: Update to RubyGems 2.1.3"
It breaks build.
http://u64.rubyci.org/~chkbuild/ruby-trunk/log/20130913T200302Z.diff.html.gz
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@42941 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/rubygems/security.rb')
| -rw-r--r-- | lib/rubygems/security.rb | 55 |
1 files changed, 32 insertions, 23 deletions
diff --git a/lib/rubygems/security.rb b/lib/rubygems/security.rb index bed47ab9f3..bfd6fd225b 100644 --- a/lib/rubygems/security.rb +++ b/lib/rubygems/security.rb @@ -12,20 +12,6 @@ begin rescue LoadError => e raise unless (e.respond_to?(:path) && e.path == 'openssl') || e.message =~ / -- openssl$/ - - module OpenSSL # :nodoc: - class Digest # :nodoc: - class SHA1 # :nodoc: - def name - 'SHA1' - end - end - end - module PKey # :nodoc: - class RSA # :nodoc: - end - end - end end ## @@ -352,17 +338,26 @@ module Gem::Security ## # Digest algorithm used to sign gems - DIGEST_ALGORITHM = OpenSSL::Digest::SHA1 + DIGEST_ALGORITHM = + if defined?(OpenSSL::Digest) then + OpenSSL::Digest::SHA1 + end ## # Used internally to select the signing digest from all computed digests - DIGEST_NAME = DIGEST_ALGORITHM.new.name # :nodoc: + DIGEST_NAME = # :nodoc: + if DIGEST_ALGORITHM then + DIGEST_ALGORITHM.new.name + end ## # Algorithm for creating the key pair used to sign gems - KEY_ALGORITHM = OpenSSL::PKey::RSA + KEY_ALGORITHM = + if defined?(OpenSSL::PKey) then + OpenSSL::PKey::RSA + end ## # Length of keys created by KEY_ALGORITHM @@ -370,6 +365,12 @@ module Gem::Security KEY_LENGTH = 2048 ## + # Cipher used to encrypt the key pair used to sign gems. + # Must be in the list returned by OpenSSL::Cipher.ciphers + + KEY_CIPHER = OpenSSL::Cipher.new('AES-256-CBC') if defined?(OpenSSL::Cipher) + + ## # One year in seconds ONE_YEAR = 86400 * 365 @@ -563,13 +564,18 @@ module Gem::Security ## # Writes +pemmable+, which must respond to +to_pem+ to +path+ with the given - # +permissions+. + # +permissions+. If passed +cipher+ and +passphrase+ those arguments will be + # passed to +to_pem+. - def self.write pemmable, path, permissions = 0600 + def self.write pemmable, path, permissions = 0600, passphrase = nil, cipher = KEY_CIPHER path = File.expand_path path open path, 'wb', permissions do |io| - io.write pemmable.to_pem + if passphrase and cipher + io.write pemmable.to_pem cipher, passphrase + else + io.write pemmable.to_pem + end end path @@ -579,8 +585,11 @@ module Gem::Security end -require 'rubygems/security/policy' -require 'rubygems/security/policies' +if defined?(OpenSSL::SSL) then + require 'rubygems/security/policy' + require 'rubygems/security/policies' + require 'rubygems/security/trust_dir' +end + require 'rubygems/security/signer' -require 'rubygems/security/trust_dir' |