Project

General

Profile

Backport #9104 ยป rubygems.2.0.14.ruby.2.0.0.patch

drbrain (Eric Hodel), 11/13/2013 08:39 AM

View differences:

NEWS (working copy)
XML declaration is used for XML document encoding.
* RubyGems
* Updated to 2.0.13.
* Updated to 2.0.14.
See http://rubygems.rubyforge.org/rubygems-update/History_txt.html#label-2.0.13+%2F+2013-10-24
See http://rubygems.rubyforge.org/rubygems-update/History_txt.html#label-2.0.14+%2F+2013-11-12
for release notes.
* Updated to 2.0.10. This fixes CVE_2013-4363:
lib/rubygems/dependency_installer.rb (working copy)
if gem_name =~ /\.gem$/ and File.file? gem_name then
src = Gem::Source::SpecificFile.new(gem_name)
set.add src.spec, src
elsif gem_name =~ /\.gem$/ then
Dir[gem_name].each do |name|
begin
src = Gem::Source::SpecificFile.new name
set.add src.spec, src
rescue Gem::Package::FormatError
end
end
else
local = Gem::Source::Local.new
lib/rubygems/specification.rb (working copy)
# Removes +spec+ from the known specs.
def self.remove_spec spec
# TODO: beat on the tests
raise "wtf: #{spec.full_name} not in #{all_names.inspect}" unless
_all.include? spec
_all.delete spec
end
lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem (working copy)
-----BEGIN CERTIFICATE-----
MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
+OkuE6N36B9K
-----END CERTIFICATE-----
lib/rubygems.rb (working copy)
require 'rbconfig'
module Gem
VERSION = '2.0.13'
VERSION = '2.0.14'
end
# Must be first since it unloads the prelude from 1.9.2
test/rubygems/test_gem_dependency_installer.rb (working copy)
assert_equal Gem::Source.new(@gem_repo), s.source
end
def test_find_spec_by_name_and_version_wildcard
util_gem 'a', 1
FileUtils.mv 'gems/a-1.gem', @tempdir
FileUtils.touch 'rdoc.gem'
inst = Gem::DependencyInstaller.new
available = inst.find_spec_by_name_and_version('*.gem')
assert_equal %w[a-1], available.all_specs.map { |spec| spec.full_name }
end
def test_find_spec_by_name_and_version_wildcard_bad_gem
FileUtils.touch 'rdoc.gem'
inst = Gem::DependencyInstaller.new
assert_raises Gem::Package::FormatError do
inst.find_spec_by_name_and_version '*.gem'
end
end
def test_find_spec_by_name_and_version_bad_gem
FileUtils.touch 'rdoc.gem'
test/rubygems/test_gem_remote_fetcher.rb (working copy)
PROXY_DATA = SERVER_DATA.gsub(/0.4.11/, '0.4.2')
# don't let 1.8 and 1.9 autotest collide
RUBY_VERSION =~ /(\d+)\.(\d+)\.(\d+)/
# don't let parallel runners collide
PROXY_PORT = process_based_port + 100 + $1.to_i * 100 + $2.to_i * 10 + $3.to_i
SERVER_PORT = process_based_port + 200 + $1.to_i * 100 + $2.to_i * 10 + $3.to_i
DIR = File.expand_path(File.dirname(__FILE__))
def setup
......
self.class.enable_yaml = true
self.class.enable_zip = false
base_server_uri = "http://localhost:#{SERVER_PORT}"
@proxy_uri = "http://localhost:#{PROXY_PORT}"
base_server_uri = "http://localhost:#{self.class.normal_server_port}"
@proxy_uri = "http://localhost:#{self.class.proxy_server_port}"
@server_uri = base_server_uri + "/yaml"
@server_z_uri = base_server_uri + "/yaml.Z"
......
attr_accessor :enable_zip, :enable_yaml
def start_servers
@normal_server ||= start_server(SERVER_PORT, SERVER_DATA)
@proxy_server ||= start_server(PROXY_PORT, PROXY_DATA)
@normal_server ||= start_server(SERVER_DATA)
@proxy_server ||= start_server(PROXY_DATA)
@enable_yaml = true
@enable_zip = false
end
def normal_server_port
@normal_server[:server].config[:Port]
end
def proxy_server_port
@proxy_server[:server].config[:Port]
end
DIR = File.expand_path(File.dirname(__FILE__))
DH_PARAM = OpenSSL::PKey::DH.new(128)
......
private
def start_server(port, data)
Thread.new do
def start_server(data)
null_logger = NilLog.new
s = WEBrick::HTTPServer.new(
:Port => 0,
:DocumentRoot => nil,
:Logger => null_logger,
:AccessLog => null_logger
)
s.mount_proc("/kill") { |req, res| s.shutdown }
s.mount_proc("/yaml") { |req, res|
if @enable_yaml
res.body = data
res['Content-Type'] = 'text/plain'
res['content-length'] = data.size
else
res.status = "404"
res.body = "<h1>NOT FOUND</h1>"
res['Content-Type'] = 'text/html'
end
}
s.mount_proc("/yaml.Z") { |req, res|
if @enable_zip
res.body = Zlib::Deflate.deflate(data)
res['Content-Type'] = 'text/plain'
else
res.status = "404"
res.body = "<h1>NOT FOUND</h1>"
res['Content-Type'] = 'text/html'
end
}
th = Thread.new do
begin
null_logger = NilLog.new
s = WEBrick::HTTPServer.new(
:Port => port,
:DocumentRoot => nil,
:Logger => null_logger,
:AccessLog => null_logger
)
s.mount_proc("/kill") { |req, res| s.shutdown }
s.mount_proc("/yaml") { |req, res|
if @enable_yaml
res.body = data
res['Content-Type'] = 'text/plain'
res['content-length'] = data.size
else
res.status = "404"
res.body = "<h1>NOT FOUND</h1>"
res['Content-Type'] = 'text/html'
end
}
s.mount_proc("/yaml.Z") { |req, res|
if @enable_zip
res.body = Zlib::Deflate.deflate(data)
res['Content-Type'] = 'text/plain'
else
res.status = "404"
res.body = "<h1>NOT FOUND</h1>"
res['Content-Type'] = 'text/html'
end
}
s.start
rescue Exception => ex
abort ex.message
puts "ERROR during server thread: #{ex.message}"
abort "ERROR during server thread: #{ex.message}"
end
end
sleep 0.2 # Give the servers time to startup
th[:server] = s
th
end
def cert(filename)
test/rubygems/test_gem_specification.rb (working copy)
assert_equal %w[a], Gem::Specification.outdated
end
def test_self_remove_spec
assert_includes Gem::Specification.all_names, 'a-1'
Gem::Specification.remove_spec @a1
refute_includes Gem::Specification.all_names, 'a-1'
end
def test_self_remove_spec_removed
open @a1.spec_file, 'w' do |io|
io.write @a1.to_ruby
end
Gem::Specification.reset
FileUtils.rm @a1.spec_file # bug #698
Gem::Specification.remove_spec @a1
refute_includes Gem::Specification.all_names, 'a-1'
end
DATA_PATH = File.expand_path "../data", __FILE__
def test_handles_private_null_type
    (1-1/1)