Index: NEWS
===================================================================
--- NEWS (revision 43656)
+++ NEWS (working copy)
@@ -461,9 +461,9 @@ with all sufficient information, see the
XML declaration is used for XML document encoding.
* RubyGems
- * Updated to 2.0.13.
+ * Updated to 2.0.14.
- See http://rubygems.rubyforge.org/rubygems-update/History_txt.html#label-2.0.13+%2F+2013-10-24
+ See http://rubygems.rubyforge.org/rubygems-update/History_txt.html#label-2.0.14+%2F+2013-11-12
for release notes.
* Updated to 2.0.10. This fixes CVE_2013-4363:
Index: lib/rubygems/dependency_installer.rb
===================================================================
--- lib/rubygems/dependency_installer.rb (revision 43656)
+++ lib/rubygems/dependency_installer.rb (working copy)
@@ -278,6 +278,14 @@ class Gem::DependencyInstaller
if gem_name =~ /\.gem$/ and File.file? gem_name then
src = Gem::Source::SpecificFile.new(gem_name)
set.add src.spec, src
+ elsif gem_name =~ /\.gem$/ then
+ Dir[gem_name].each do |name|
+ begin
+ src = Gem::Source::SpecificFile.new name
+ set.add src.spec, src
+ rescue Gem::Package::FormatError
+ end
+ end
else
local = Gem::Source::Local.new
Index: lib/rubygems/specification.rb
===================================================================
--- lib/rubygems/specification.rb (revision 43656)
+++ lib/rubygems/specification.rb (working copy)
@@ -1027,9 +1027,6 @@ class Gem::Specification
# Removes +spec+ from the known specs.
def self.remove_spec spec
- # TODO: beat on the tests
- raise "wtf: #{spec.full_name} not in #{all_names.inspect}" unless
- _all.include? spec
_all.delete spec
end
Index: lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem
===================================================================
--- lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem (revision 0)
+++ lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem (working copy)
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
+RVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm
++9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW
+PNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM
+xChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB
+Ik5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3
+hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg
+EsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA
+FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec
+nzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z
+eM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF
+hS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2
+Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep
++OkuE6N36B9K
+-----END CERTIFICATE-----
Property changes on: lib/rubygems/ssl_certs/DigiCertHighAssuranceEVRootCA.pem
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+LF
\ No newline at end of property
Index: lib/rubygems.rb
===================================================================
--- lib/rubygems.rb (revision 43656)
+++ lib/rubygems.rb (working copy)
@@ -8,7 +8,7 @@
require 'rbconfig'
module Gem
- VERSION = '2.0.13'
+ VERSION = '2.0.14'
end
# Must be first since it unloads the prelude from 1.9.2
Index: test/rubygems/test_gem_dependency_installer.rb
===================================================================
--- test/rubygems/test_gem_dependency_installer.rb (revision 43656)
+++ test/rubygems/test_gem_dependency_installer.rb (working copy)
@@ -854,6 +854,29 @@ class TestGemDependencyInstaller < Gem::
assert_equal Gem::Source.new(@gem_repo), s.source
end
+ def test_find_spec_by_name_and_version_wildcard
+ util_gem 'a', 1
+ FileUtils.mv 'gems/a-1.gem', @tempdir
+
+ FileUtils.touch 'rdoc.gem'
+
+ inst = Gem::DependencyInstaller.new
+
+ available = inst.find_spec_by_name_and_version('*.gem')
+
+ assert_equal %w[a-1], available.all_specs.map { |spec| spec.full_name }
+ end
+
+ def test_find_spec_by_name_and_version_wildcard_bad_gem
+ FileUtils.touch 'rdoc.gem'
+
+ inst = Gem::DependencyInstaller.new
+
+ assert_raises Gem::Package::FormatError do
+ inst.find_spec_by_name_and_version '*.gem'
+ end
+ end
+
def test_find_spec_by_name_and_version_bad_gem
FileUtils.touch 'rdoc.gem'
Index: test/rubygems/test_gem_remote_fetcher.rb
===================================================================
--- test/rubygems/test_gem_remote_fetcher.rb (revision 43656)
+++ test/rubygems/test_gem_remote_fetcher.rb (working copy)
@@ -69,12 +69,6 @@ gems:
PROXY_DATA = SERVER_DATA.gsub(/0.4.11/, '0.4.2')
- # don't let 1.8 and 1.9 autotest collide
- RUBY_VERSION =~ /(\d+)\.(\d+)\.(\d+)/
- # don't let parallel runners collide
- PROXY_PORT = process_based_port + 100 + $1.to_i * 100 + $2.to_i * 10 + $3.to_i
- SERVER_PORT = process_based_port + 200 + $1.to_i * 100 + $2.to_i * 10 + $3.to_i
-
DIR = File.expand_path(File.dirname(__FILE__))
def setup
@@ -87,8 +81,8 @@ gems:
self.class.enable_yaml = true
self.class.enable_zip = false
- base_server_uri = "http://localhost:#{SERVER_PORT}"
- @proxy_uri = "http://localhost:#{PROXY_PORT}"
+ base_server_uri = "http://localhost:#{self.class.normal_server_port}"
+ @proxy_uri = "http://localhost:#{self.class.proxy_server_port}"
@server_uri = base_server_uri + "/yaml"
@server_z_uri = base_server_uri + "/yaml.Z"
@@ -925,12 +919,20 @@ gems:
attr_accessor :enable_zip, :enable_yaml
def start_servers
- @normal_server ||= start_server(SERVER_PORT, SERVER_DATA)
- @proxy_server ||= start_server(PROXY_PORT, PROXY_DATA)
+ @normal_server ||= start_server(SERVER_DATA)
+ @proxy_server ||= start_server(PROXY_DATA)
@enable_yaml = true
@enable_zip = false
end
+ def normal_server_port
+ @normal_server[:server].config[:Port]
+ end
+
+ def proxy_server_port
+ @proxy_server[:server].config[:Port]
+ end
+
DIR = File.expand_path(File.dirname(__FILE__))
DH_PARAM = OpenSSL::PKey::DH.new(128)
@@ -976,45 +978,45 @@ gems:
private
- def start_server(port, data)
- Thread.new do
+ def start_server(data)
+ null_logger = NilLog.new
+ s = WEBrick::HTTPServer.new(
+ :Port => 0,
+ :DocumentRoot => nil,
+ :Logger => null_logger,
+ :AccessLog => null_logger
+ )
+ s.mount_proc("/kill") { |req, res| s.shutdown }
+ s.mount_proc("/yaml") { |req, res|
+ if @enable_yaml
+ res.body = data
+ res['Content-Type'] = 'text/plain'
+ res['content-length'] = data.size
+ else
+ res.status = "404"
+ res.body = "NOT FOUND
"
+ res['Content-Type'] = 'text/html'
+ end
+ }
+ s.mount_proc("/yaml.Z") { |req, res|
+ if @enable_zip
+ res.body = Zlib::Deflate.deflate(data)
+ res['Content-Type'] = 'text/plain'
+ else
+ res.status = "404"
+ res.body = "NOT FOUND
"
+ res['Content-Type'] = 'text/html'
+ end
+ }
+ th = Thread.new do
begin
- null_logger = NilLog.new
- s = WEBrick::HTTPServer.new(
- :Port => port,
- :DocumentRoot => nil,
- :Logger => null_logger,
- :AccessLog => null_logger
- )
- s.mount_proc("/kill") { |req, res| s.shutdown }
- s.mount_proc("/yaml") { |req, res|
- if @enable_yaml
- res.body = data
- res['Content-Type'] = 'text/plain'
- res['content-length'] = data.size
- else
- res.status = "404"
- res.body = "NOT FOUND
"
- res['Content-Type'] = 'text/html'
- end
- }
- s.mount_proc("/yaml.Z") { |req, res|
- if @enable_zip
- res.body = Zlib::Deflate.deflate(data)
- res['Content-Type'] = 'text/plain'
- else
- res.status = "404"
- res.body = "NOT FOUND
"
- res['Content-Type'] = 'text/html'
- end
- }
s.start
rescue Exception => ex
- abort ex.message
- puts "ERROR during server thread: #{ex.message}"
+ abort "ERROR during server thread: #{ex.message}"
end
end
- sleep 0.2 # Give the servers time to startup
+ th[:server] = s
+ th
end
def cert(filename)
Index: test/rubygems/test_gem_specification.rb
===================================================================
--- test/rubygems/test_gem_specification.rb (revision 43656)
+++ test/rubygems/test_gem_specification.rb (working copy)
@@ -449,6 +449,28 @@ dependencies: []
assert_equal %w[a], Gem::Specification.outdated
end
+ def test_self_remove_spec
+ assert_includes Gem::Specification.all_names, 'a-1'
+
+ Gem::Specification.remove_spec @a1
+
+ refute_includes Gem::Specification.all_names, 'a-1'
+ end
+
+ def test_self_remove_spec_removed
+ open @a1.spec_file, 'w' do |io|
+ io.write @a1.to_ruby
+ end
+
+ Gem::Specification.reset
+
+ FileUtils.rm @a1.spec_file # bug #698
+
+ Gem::Specification.remove_spec @a1
+
+ refute_includes Gem::Specification.all_names, 'a-1'
+ end
+
DATA_PATH = File.expand_path "../data", __FILE__
def test_handles_private_null_type