This PR should only contain white space changes.
I noticed some inconsistency in the use of tabs verses spaces for the indentation. Some editors display them slightly differently causing the indentation to appear oddly.
I replaced each tab with 8 spaces because that seemed to line up similar to the way github was displaying the code.
Feel free to ignore if this is incorrect or too petty of a request
The default callback for writing a password to GPGME takes a file
descriptor and needs to write the given password to it. By creating a
new `IO` object directly on the file descriptor, the object will take
ownership of it. This is a problem because the file descriptor passed to
this callback will be explicitly closed by GPGME, and eventually, the
`IO` allocated in `self.pass_function` will be garbage collected,
closing the file descriptor again.
Usually, closing a file descriptor that has already been closed results
in a silent `EBADFD`, but a serious race condition can happen if the
Kernel allocates the same file descriptor (e.g. through another `open`
call in another part of your Ruby program): when GC triggers, the
FD will be closed unexpectedly.
To prevent this, simply set `IO#autoclose = false` on the `IO` object:
the garbage collector will no longer close the file descriptor on
cleanup, so the descriptor will only be closed once (in the explicit
close call performed by us).
The first RVM entry is considered the default one.
This change has no impact on current build matrix, however if at some
point following would be added:
matrix:
include:
- ...
Then it runs such additional job with default (first mentioned) Ruby
version unless that job definition specifies Ruby version explicitly.
Therefore, it's generally good when Rubies are listed from latest to
oldest.
Gem specification attribute #has_rdoc is deprecated and ignored.
According to deprecation warning, it may be removed "on or after
2018-12-01" with no replacement.
This attribute used to describe whether RDoc can be generated for given
gem or not. According to RubyGems v1.3.3 release notes, "RDoc is now
generated regardless of Gem::Specification#has_rdoc?".
See:
- https://blog.rubygems.org/2009/05/04/1.3.3-released.html
* test: Use dummy pinentry program
We can't simply use loopback pinentry in our CI, because the gpg2
command installed on travis is too old to support it. Instead, import
the dummy pinentry hack from the GPGME test suite.
* travis: Print information about installed gpg commands
* test: Skip tests that use passphrase callback
* test: Skip checks on expired keys for now
This disables more tests when building gpgme. This adds a significant
amount of installation time and it also currently prevents this gem from
being installed on MacOS.
On MacOS, it fails with a message like the following:
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
With this change, installing the gpgme gem succeeds.
The motivation behind this PR is to use the latest versions of gpgme,
libassuan, and libgpg-error. This change will be useful to those
running ruby within Docker, where gpgme 1.9 has very poor performance
due to inefficiently attempting to close as many file descriptors as
RLIMIT_NOFILE on every spawn. This has been resolved in gpgme 1.12 by
checking directory entries in /proc/self/fd to determine how many file
descriptors to attempt to close.
When using `gpg -dv <filename>` to decrypt a file, it displays "original
file name" that shows the name of the original file before encrypting.
But when encrypting from GPGME::Data stream, the file name was lost. And
gpg displays "-&20" or similar string as the original file name.
This commit adds the ability to set the `file_name` property of
GPGME::Data object, this property will be displayed as "original file
name" when decrypting with `gpg -dv` command.
Downloading files from FTP without checksum validation is insecure and open a potential security hole in the system. Instead, we will download library sources via HTTPS and then validate file signatures locally. This will make sure files are not modified in flight, and also will make sure that if somebody managed to replace files on the server – we will fail fast and stop compiling the potentially malicious code.
Colin Seymour
timothyjb
Carlos Cebrecos
Andrey "Zed" Zaikin
Dan Sketcher
Vicent Martí
Tim Kretschmer
Fup Duck
Sebastian Skałacki
Allan Tokuda
Daiki Ueno
Dirkjan Bussink
Casey Tucker
Nicolas Leger
iwat
Ryan Clemente
Dmytro Shteflyuk
Gordon McNaughton