summaryrefslogtreecommitdiff
path: root/tool
diff options
context:
space:
mode:
authornobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-18 07:04:55 (GMT)
committernobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-18 07:04:55 (GMT)
commit37beb43b55212c6954d6d49730458245316d1dc2 (patch)
tree628dad4a22544f37d8cbccd475f4cce5a9ccd258 /tool
parentb493d156de6506c52222296bf0c26256d0f0479e (diff)
downloader.rb: disable verify if rubygems is old
* tool/downloader.rb (Downloader::RubyGems.download): verify gems only if RubyGems is 2.4 or later. old RubyGems fails to verify almost all of bundled gems. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55055 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'tool')
-rw-r--r--tool/downloader.rb20
1 files changed, 14 insertions, 6 deletions
diff --git a/tool/downloader.rb b/tool/downloader.rb
index 401a50f..74ff309 100644
--- a/tool/downloader.rb
+++ b/tool/downloader.rb
@@ -57,27 +57,27 @@ class Downloader
def self.download(name, dir = nil, since = true, options = {})
require 'rubygems'
require 'rubygems/package'
+ verify = options.delete(:verify) {Gem::VERSION >= "2.4."}
options[:ssl_ca_cert] = Dir.glob(File.expand_path("../lib/rubygems/ssl_certs/**/*.pem", File.dirname(__FILE__)))
file = under(dir, name)
super("https://rubygems.org/downloads/#{name}", file, nil, since, options) or
return false
+ return true unless verify
policy = Gem::Security::LowSecurity
(policy = policy.dup).ui = Gem::SilentUI.new if policy.respond_to?(:'ui=')
pkg = Gem::Package.new(file)
pkg.security_policy = policy
begin
+ $stdout.puts "verifying #{name}"
pkg.verify
rescue Gem::Security::Exception => e
- $stderr.puts e.message
+ $stderr.puts "#{name}: #{e.message}"
File.unlink(file)
false
else
true
end
end
-
- def self.verify(pkg)
- end
end
Gems = RubyGems
@@ -134,6 +134,7 @@ class Downloader
# download 'http://www.unicode.org/Public/UCD/latest/ucd/UnicodeData.txt',
# 'UnicodeData.txt', 'enc/unicode/data'
def self.download(url, name, dir = nil, since = true, options = {})
+ options.delete(:verify)
file = under(dir, name)
if since.nil? and File.exist?(file)
if $VERBOSE
@@ -194,6 +195,10 @@ class Downloader
raise "failed to download #{name}\n#{e.message}: #{url}"
end
+ def self.verify(file)
+ true
+ end
+
def self.under(dir, name)
dir ? File.join(dir, File.basename(name)) : name
end
@@ -203,6 +208,7 @@ Downloader.https = https.freeze
if $0 == __FILE__
since = true
+ options = {}
until ARGV.empty?
case ARGV[0]
when '-d'
@@ -217,6 +223,8 @@ if $0 == __FILE__
since = nil
when '-a'
since = false
+ when '-V'
+ options[:verify] = true
when /\A-/
abort "#{$0}: unknown option #{ARGV[0]}"
else
@@ -233,10 +241,10 @@ if $0 == __FILE__
ARGV.shift
ARGV.each do |name|
name = "#{prefix}/#{File.basename(name)}" if prefix
- dl.download(name, destdir, since)
+ dl.download(name, destdir, since, options)
end
else
abort "usage: #{$0} url name" unless ARGV.size == 2
- Downloader.download(ARGV[0], ARGV[1], destdir, since)
+ Downloader.download(ARGV[0], ARGV[1], destdir, since, options)
end
end