From 37beb43b55212c6954d6d49730458245316d1dc2 Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 18 May 2016 07:04:55 +0000
Subject: downloader.rb: disable verify if rubygems is old

* tool/downloader.rb (Downloader::RubyGems.download): verify gems
  only if RubyGems is 2.4 or later.  old RubyGems fails to verify
  almost all of bundled gems.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55055 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog          |  6 ++++++
 tool/downloader.rb | 20 ++++++++++++++------
 2 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index ff4be9648f..e6e89fc487 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Wed May 18 16:04:54 2016  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* tool/downloader.rb (Downloader::RubyGems.download): verify gems
+	  only if RubyGems is 2.4 or later.  old RubyGems fails to verify
+	  almost all of bundled gems.
+
 Wed May 18 14:52:38 2016  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* string.c (rb_str_modify_expand): check integer overflow.
diff --git a/tool/downloader.rb b/tool/downloader.rb
index 401a50f0c7..74ff309637 100644
--- a/tool/downloader.rb
+++ b/tool/downloader.rb
@@ -57,27 +57,27 @@ class Downloader
     def self.download(name, dir = nil, since = true, options = {})
       require 'rubygems'
       require 'rubygems/package'
+      verify = options.delete(:verify) {Gem::VERSION >= "2.4."}
       options[:ssl_ca_cert] = Dir.glob(File.expand_path("../lib/rubygems/ssl_certs/**/*.pem", File.dirname(__FILE__)))
       file = under(dir, name)
       super("https://rubygems.org/downloads/#{name}", file, nil, since, options) or
         return false
+      return true unless verify
       policy = Gem::Security::LowSecurity
       (policy = policy.dup).ui = Gem::SilentUI.new if policy.respond_to?(:'ui=')
       pkg = Gem::Package.new(file)
       pkg.security_policy = policy
       begin
+        $stdout.puts "verifying #{name}"
         pkg.verify
       rescue Gem::Security::Exception => e
-        $stderr.puts e.message
+        $stderr.puts "#{name}: #{e.message}"
         File.unlink(file)
         false
       else
         true
       end
     end
-
-    def self.verify(pkg)
-    end
   end
 
   Gems = RubyGems
@@ -134,6 +134,7 @@ class Downloader
   #   download 'http://www.unicode.org/Public/UCD/latest/ucd/UnicodeData.txt',
   #            'UnicodeData.txt', 'enc/unicode/data'
   def self.download(url, name, dir = nil, since = true, options = {})
+    options.delete(:verify)
     file = under(dir, name)
     if since.nil? and File.exist?(file)
       if $VERBOSE
@@ -194,6 +195,10 @@ class Downloader
     raise "failed to download #{name}\n#{e.message}: #{url}"
   end
 
+  def self.verify(file)
+    true
+  end
+
   def self.under(dir, name)
     dir ? File.join(dir, File.basename(name)) : name
   end
@@ -203,6 +208,7 @@ Downloader.https = https.freeze
 
 if $0 == __FILE__
   since = true
+  options = {}
   until ARGV.empty?
     case ARGV[0]
     when '-d'
@@ -217,6 +223,8 @@ if $0 == __FILE__
       since = nil
     when '-a'
       since = false
+    when '-V'
+      options[:verify] = true
     when /\A-/
       abort "#{$0}: unknown option #{ARGV[0]}"
     else
@@ -233,10 +241,10 @@ if $0 == __FILE__
     ARGV.shift
     ARGV.each do |name|
       name = "#{prefix}/#{File.basename(name)}" if prefix
-      dl.download(name, destdir, since)
+      dl.download(name, destdir, since, options)
     end
   else
     abort "usage: #{$0} url name" unless ARGV.size == 2
-    Downloader.download(ARGV[0], ARGV[1], destdir, since)
+    Downloader.download(ARGV[0], ARGV[1], destdir, since, options)
   end
 end
-- 
cgit v1.2.3