* lib/rubygems/ext/builder.rb: Fix incompatibilities when installing

  extensions.  Patch by Nobu.
  [ruby-trunk - Bug #7968] [ruby-trunk - Bug #7971]
* lib/rubygems/ext/ext_conf_builder.rb:  ditto.
* lib/rubygems/installer.rb:  ditto.
* test/rubygems/test_gem_ext_ext_conf_builder.rb:  Test for the above.
* test/rubygems/test_gem_installer.rb:  ditto.

* lib/rubygems/commands/sources_command.rb:  Prefer HTTPS over HTTP.
* lib/rubygems/defaults.rb:  ditto
* lib/rubygems/dependency_resolver.rb:  Ditto.
* lib/rubygems/source.rb:  ditto.
* lib/rubygems/spec_fetcher.rb:  ditto.
* lib/rubygems/specification.rb:  ditto.
* lib/rubygems/test_utilities.rb:  ditto.
* test/rubygems/test_gem.rb:  Test for the above.
* test/rubygems/test_gem_commands_sources_command.rb:  ditto.
* test/rubygems/test_gem_dependency_resolver_api_set.rb:  ditto.
* test/rubygems/test_gem_remote_fetcher.rb:  ditto.
* test/rubygems/test_gem_source.rb:  ditto.
* test/rubygems/test_gem_spec_fetcher.rb:  ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39542 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

10 files changed, 96 insertions, 21 deletions

diff --git a/lib/rubygems/commands/sources_command.rb b/lib/rubygems/commands/sources_command.rb
index 97ed7329ea..f4cc3e57ae 100644
--- a/lib/rubygems/commands/sources_command.rb
+++ b/lib/rubygems/commands/sources_command.rb
@@ -65,6 +65,19 @@ class Gem::Commands::SourcesCommand < Gem::Command
     end
 
     if source_uri = options[:add] then
+      uri = URI source_uri
+
+      if uri.scheme and uri.scheme.downcase == 'http' and
+         uri.host.downcase == 'rubygems.org' then
+        question = <<-QUESTION.chomp
+https://rubygems.org is recommended for security over #{uri}
+
+Do you want to add this insecure source?
+        QUESTION
+
+        terminate_interaction 1 unless ask_yes_no question
+      end
+
       source = Gem::Source.new source_uri
 
       begin
diff --git a/lib/rubygems/defaults.rb b/lib/rubygems/defaults.rb
index ea84e5c018..6854e9b760 100644
--- a/lib/rubygems/defaults.rb
+++ b/lib/rubygems/defaults.rb
@@ -11,7 +11,7 @@ module Gem
   # An Array of the default sources that come with RubyGems
 
   def self.default_sources
-    %w[http://rubygems.org/]
+    %w[https://rubygems.org/]
   end
 
   ##
diff --git a/lib/rubygems/dependency_resolver.rb b/lib/rubygems/dependency_resolver.rb
index b841674d43..2c651aff2e 100644
--- a/lib/rubygems/dependency_resolver.rb
+++ b/lib/rubygems/dependency_resolver.rb
@@ -69,6 +69,8 @@ module Gem
     # and dependencies.
     #
     class APISpecification
+      attr_reader :set # :nodoc:
+
       def initialize(set, api_data)
         @set = set
         @name = api_data[:name]
@@ -80,6 +82,14 @@ module Gem
 
       attr_reader :name, :version, :dependencies
 
+      def == other # :nodoc:
+        self.class === other and
+          @set          == other.set and
+          @name         == other.name and
+          @version      == other.version and
+          @dependencies == other.dependencies
+      end
+
       def full_name
         "#{@name}-#{@version}"
       end
@@ -91,6 +101,7 @@ module Gem
     class APISet
       def initialize
         @data = Hash.new { |h,k| h[k] = [] }
+        @dep_uri = URI 'https://rubygems.org/api/v1/dependencies'
       end
 
       # Return data for all versions of the gem +name+.
@@ -100,8 +111,8 @@ module Gem
           return @data[name]
         end
 
-        u = URI.parse "http://rubygems.org/api/v1/dependencies?gems=#{name}"
-        str = Net::HTTP.get(u)
+        uri = @dep_uri + "?gems=#{name}"
+        str = Gem::RemoteFetcher.fetcher.fetch_path uri
 
         Marshal.load(str).each do |ver|
           @data[ver[:name]] << ver
@@ -134,8 +145,8 @@ module Gem
 
         return if needed.empty?
 
-        u = URI.parse "http://rubygems.org/api/v1/dependencies?gems=#{needed.join ','}"
-        str = Net::HTTP.get(u)
+        uri = @dep_uri + "?gems=#{needed.sort.join ','}"
+        str = Gem::RemoteFetcher.fetcher.fetch_path uri
 
         Marshal.load(str).each do |ver|
           @data[ver[:name]] << ver
diff --git a/lib/rubygems/ext/builder.rb b/lib/rubygems/ext/builder.rb
index d7d953fec3..9b6ad304a2 100644
--- a/lib/rubygems/ext/builder.rb
+++ b/lib/rubygems/ext/builder.rb
@@ -16,13 +16,6 @@ class Gem::Ext::Builder
       raise Gem::InstallError, "Makefile not found:\n\n#{results.join "\n"}"
     end
 
-    mf = Gem.read_binary 'Makefile'
-    mf = mf.gsub(/^RUBYARCHDIR\s*=\s*\$[^$]*/, "RUBYARCHDIR = #{dest_path}")
-    mf = mf.gsub(/^RUBYLIBDIR\s*=\s*\$[^$]*/, "RUBYLIBDIR = #{dest_path}")
-    mf = mf.gsub(/\s*\S+\.time$/, "")
-
-    File.open('Makefile', 'wb') {|f| f.print mf}
-
     # try to find make program from Ruby configure arguments first
     RbConfig::CONFIG['configure_args'] =~ /with-make-prog\=(\w+)/
     make_program = $1 || ENV['MAKE'] || ENV['make']
diff --git a/lib/rubygems/ext/ext_conf_builder.rb b/lib/rubygems/ext/ext_conf_builder.rb
index 7ca322d3e5..3a439af502 100644
--- a/lib/rubygems/ext/ext_conf_builder.rb
+++ b/lib/rubygems/ext/ext_conf_builder.rb
@@ -6,16 +6,36 @@
 
 require 'rubygems/ext/builder'
 require 'rubygems/command'
+require 'fileutils'
+require 'tmpdir'
 
 class Gem::Ext::ExtConfBuilder < Gem::Ext::Builder
 
   def self.build(extension, directory, dest_path, results, args=[])
-    cmd = "#{Gem.ruby} #{File.basename extension}"
+    pwd = Dir.pwd
+    cmd = "#{Gem.ruby} -r./siteconf #{File.join pwd, File.basename(extension)}"
     cmd << " #{args.join ' '}" unless args.empty?
 
-    run cmd, results
-
-    make dest_path, results
+    Dir.mktmpdir("gem-install.") do |tmpdir|
+      Dir.chdir(tmpdir) do
+        open("siteconf.rb", "w") do |f|
+          f.puts "require 'rbconfig'"
+          f.puts "dest_path = #{dest_path.dump}"
+          %w[sitearchdir sitelibdir].each do |dir|
+            f.puts "RbConfig::MAKEFILE_CONFIG['#{dir}'] = dest_path"
+            f.puts "RbConfig::CONFIG['#{dir}'] = dest_path"
+          end
+        end
+
+        begin
+          run cmd, results
+
+          make dest_path, results
+        ensure
+          FileUtils.mv("mkmf.log", pwd) if $! and File.exist?("mkmf.log")
+        end
+      end
+    end
 
     results
   end
diff --git a/lib/rubygems/installer.rb b/lib/rubygems/installer.rb
index 3f4c6943df..4a41891b48 100644
--- a/lib/rubygems/installer.rb
+++ b/lib/rubygems/installer.rb
@@ -681,7 +681,7 @@ TEXT
           say results.join("\n") if Gem.configuration.really_verbose
         end
       rescue
-        extension_build_error(extension_dir, results.join("\n"))
+        extension_build_error(extension_dir, results.join("\n"), $@)
       end
     end
   end
@@ -689,7 +689,7 @@ TEXT
   ##
   # Logs the build +output+ in +build_dir+, then raises ExtensionBuildError.
 
-  def extension_build_error(build_dir, output)
+  def extension_build_error(build_dir, output, backtrace = nil)
     gem_make_out = File.join build_dir, 'gem_make.out'
 
     open gem_make_out, 'wb' do |io| io.puts output end
@@ -703,7 +703,7 @@ Gem files will remain installed in #{gem_dir} for inspection.
 Results logged to #{gem_make_out}
 EOF
 
-    raise ExtensionBuildError, message
+    raise ExtensionBuildError, message, backtrace
   end
 
   ##
diff --git a/lib/rubygems/source.rb b/lib/rubygems/source.rb
index 96d57870e2..8f39cb1464 100644
--- a/lib/rubygems/source.rb
+++ b/lib/rubygems/source.rb
@@ -141,4 +141,14 @@ class Gem::Source
     fetcher = Gem::RemoteFetcher.fetcher
     fetcher.download spec, @uri.to_s, dir
   end
+
+  ##
+  # Replaces the URI for this source with +uri+.  Used for upgrading this
+  # source to HTTPS
+
+  def uri= uri # :nodoc:
+    @api_uri = nil
+    @uri     = uri
+  end
+
 end
diff --git a/lib/rubygems/spec_fetcher.rb b/lib/rubygems/spec_fetcher.rb
index 3345f6537e..aeed37ba5e 100644
--- a/lib/rubygems/spec_fetcher.rb
+++ b/lib/rubygems/spec_fetcher.rb
@@ -188,6 +188,8 @@ class Gem::SpecFetcher
     list = {}
 
     Gem.sources.each_source do |source|
+      source = upgrade_http_source source
+
       begin
         names = case type
                 when :latest
@@ -225,5 +227,31 @@ class Gem::SpecFetcher
       cache[source.uri] ||= source.load_specs(type)
     end
   end
+
+  def upgrade_http_source source
+    uri = source.uri
+
+    return source unless uri.scheme.downcase == 'http'
+
+    https_uri = uri.dup
+    https_uri.scheme = 'https'
+    https_uri += '/'
+
+    Gem::RemoteFetcher.fetcher.fetch_path https_uri, nil, true
+
+    say "Upgraded #{uri} to HTTPS"
+
+    https_uri += uri.request_uri
+
+    source.uri = URI https_uri.to_s # cast to URI::HTTPS
+
+    source
+  rescue Gem::RemoteFetcher::FetchError
+    say "Upgrading #{uri} to HTTPS failed, continuing" if
+      Gem.configuration.really_verbose
+
+    source
+  end
+
 end
 
diff --git a/lib/rubygems/specification.rb b/lib/rubygems/specification.rb
index cabdf8df7f..a94e64b36d 100644
--- a/lib/rubygems/specification.rb
+++ b/lib/rubygems/specification.rb
@@ -17,7 +17,7 @@
 #     s.authors     = ["Ruby Coder"]
 #     s.email       = 'rubycoder@example.com'
 #     s.files       = ["lib/example.rb"]
-#     s.homepage    = 'http://rubygems.org/gems/example'
+#     s.homepage    = 'https://rubygems.org/gems/example'
 #   end
 #
 #   Starting in RubyGems 1.9.0, a Specification can hold arbitrary
diff --git a/lib/rubygems/test_utilities.rb b/lib/rubygems/test_utilities.rb
index dc0d93e6c2..3da0b4ebc2 100644
--- a/lib/rubygems/test_utilities.rb
+++ b/lib/rubygems/test_utilities.rb
@@ -49,7 +49,7 @@ class Gem::FakeFetcher
     @data[path]
   end
 
-  def fetch_path path, mtime = nil
+  def fetch_path path, mtime = nil, head = false
     data = find_data(path)
 
     if data.respond_to?(:call) then