From a5dfaca00a94bc3d135aae52b4458f5a355bf0ed Mon Sep 17 00:00:00 2001
From: drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Thu, 28 Feb 2013 22:25:55 +0000
Subject: * lib/rubygems/ext/builder.rb:  Fix incompatibilities when installing
   extensions.  Patch by Nobu.   [ruby-trunk - Bug #7968] [ruby-trunk - Bug
 #7971] * lib/rubygems/ext/ext_conf_builder.rb:  ditto. *
 lib/rubygems/installer.rb:  ditto. *
 test/rubygems/test_gem_ext_ext_conf_builder.rb:  Test for the above. *
 test/rubygems/test_gem_installer.rb:  ditto.

* lib/rubygems/commands/sources_command.rb:  Prefer HTTPS over HTTP.
* lib/rubygems/defaults.rb:  ditto
* lib/rubygems/dependency_resolver.rb:  Ditto.
* lib/rubygems/source.rb:  ditto.
* lib/rubygems/spec_fetcher.rb:  ditto.
* lib/rubygems/specification.rb:  ditto.
* lib/rubygems/test_utilities.rb:  ditto.
* test/rubygems/test_gem.rb:  Test for the above.
* test/rubygems/test_gem_commands_sources_command.rb:  ditto.
* test/rubygems/test_gem_dependency_resolver_api_set.rb:  ditto.
* test/rubygems/test_gem_remote_fetcher.rb:  ditto.
* test/rubygems/test_gem_source.rb:  ditto.
* test/rubygems/test_gem_spec_fetcher.rb:  ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39542 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 lib/rubygems/commands/sources_command.rb | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'lib/rubygems/commands/sources_command.rb')

diff --git a/lib/rubygems/commands/sources_command.rb b/lib/rubygems/commands/sources_command.rb
index 97ed7329ea..f4cc3e57ae 100644
--- a/lib/rubygems/commands/sources_command.rb
+++ b/lib/rubygems/commands/sources_command.rb
@@ -65,6 +65,19 @@ class Gem::Commands::SourcesCommand < Gem::Command
     end
 
     if source_uri = options[:add] then
+      uri = URI source_uri
+
+      if uri.scheme and uri.scheme.downcase == 'http' and
+         uri.host.downcase == 'rubygems.org' then
+        question = <<-QUESTION.chomp
+https://rubygems.org is recommended for security over #{uri}
+
+Do you want to add this insecure source?
+        QUESTION
+
+        terminate_interaction 1 unless ask_yes_no question
+      end
+
       source = Gem::Source.new source_uri
 
       begin
-- 
cgit v1.2.3