* lib/rubygems/commands/query_command.rb: Only fetch remote specs when

showing details.  [ruby-trunk - Bug #8019]  RubyGems bug #487
* lib/rubygems/remote_fetcher.rb:  ditto.
* lib/rubygems/security/policy.rb:  ditto.
* test/rubygems/test_gem_commands_query_command.rb:  Test for the
  above.

* lib/rubygems/security.rb:  Make OpenSSL optional for RubyGems.
* lib/rubygems/commands/cert_command.rb:  ditto.

* lib/rubygems/config_file.rb:  Display file with YAML error, not
  ~/.gemrc

* lib/rubygems/remote_fetcher.rb:  Only create gem subdirectories when
  installing gems.
* lib/rubygems/dependency_resolver.rb:  ditto.
* lib/rubygems/test_utilities.rb:  ditto.
* test/rubygems/test_gem_commands_fetch_command.rb:  Test for the
  above.

* lib/rubygems/spec_fetcher.rb:  Only try to upgrade
  http://rubygems.org to HTTPS
* test/rubygems/test_gem_spec_fetcher.rb:  Test for the above.

* lib/rubygems.rb:  Update win_platform? check for JRuby compatibility.

* test/rubygems/test_gem_installer.rb:  Update for Ruby 1.9.2
  compatibility


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39606 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ChangeLog

@@ -1,3 +1,34 @@
+Wed Mar  6 07:40:21 2013  Eric Hodel  <drbrain@segment7.net>
+
+	* lib/rubygems/commands/query_command.rb:  Only fetch remote specs when
+	  showing details.  [ruby-trunk - Bug #8019]  RubyGems bug #487
+	* lib/rubygems/remote_fetcher.rb:  ditto.
+	* lib/rubygems/security/policy.rb:  ditto.
+	* test/rubygems/test_gem_commands_query_command.rb:  Test for the
+	  above.
+
+	* lib/rubygems/security.rb:  Make OpenSSL optional for RubyGems.
+	* lib/rubygems/commands/cert_command.rb:  ditto.
+
+	* lib/rubygems/config_file.rb:  Display file with YAML error, not
+	  ~/.gemrc
+
+	* lib/rubygems/remote_fetcher.rb:  Only create gem subdirectories when
+	  installing gems.
+	* lib/rubygems/dependency_resolver.rb:  ditto.
+	* lib/rubygems/test_utilities.rb:  ditto.
+	* test/rubygems/test_gem_commands_fetch_command.rb:  Test for the
+	  above.
+
+	* lib/rubygems/spec_fetcher.rb:  Only try to upgrade
+	  http://rubygems.org to HTTPS
+	* test/rubygems/test_gem_spec_fetcher.rb:  Test for the above.
+
+	* lib/rubygems.rb:  Update win_platform? check for JRuby compatibility.
+
+	* test/rubygems/test_gem_installer.rb:  Update for Ruby 1.9.2
+	  compatibility
+
 Wed Mar  6 01:19:28 2013  Kazuhiro NISHIYAMA  <zn@mbf.nifty.com>
 
 	* enumerator.c (enumerator_with_index, lazy_take): use INT2FIX(0)

lib/rubygems.rb

@@ -895,7 +895,8 @@ module Gem
 
   def self.win_platform?
     if @@win_platform.nil? then
-      @@win_platform = !!WIN_PATTERNS.find { |r| RUBY_PLATFORM =~ r }
+      ruby_platform = RbConfig::CONFIG['host_os']
+      @@win_platform = !!WIN_PATTERNS.find { |r| ruby_platform =~ r }
     end
 
     @@win_platform

lib/rubygems/commands/cert_command.rb

@@ -1,5 +1,6 @@
 require 'rubygems/command'
 require 'rubygems/security'
+require 'openssl'
 
 class Gem::Commands::CertCommand < Gem::Command
 

lib/rubygems/commands/query_command.rb

@@ -192,9 +192,13 @@ class Gem::Commands::QueryCommand < Gem::Command
     end
   end
 
-  def entry_details entry, spec, specs, platforms
+  def entry_details entry, detail_tuple, specs, platforms
     return unless options[:details]
 
+    name_tuple, spec = detail_tuple
+
+    spec = spec.fetch_spec name_tuple unless Gem::Specification === spec
+
     entry << "\n"
 
     spec_platforms   entry, platforms
@@ -228,19 +232,15 @@ class Gem::Commands::QueryCommand < Gem::Command
 
   def make_entry entry_tuples, platforms
     detail_tuple = entry_tuples.first
-    name_tuple, latest_spec = detail_tuple
-
-    latest_spec = latest_spec.fetch_spec name_tuple unless
-      Gem::Specification === latest_spec
 
     name_tuples, specs = entry_tuples.flatten.partition do |item|
       Gem::NameTuple === item
     end
 
-    entry = [latest_spec.name]
+    entry = [name_tuples.first.name]
 
     entry_versions entry, name_tuples, platforms
-    entry_details  entry, latest_spec, specs, platforms
+    entry_details  entry, detail_tuple, specs, platforms
 
     entry.join
   end

lib/rubygems/config_file.rb

@@ -317,14 +317,14 @@ if you believe they were disclosed to a third party.
     begin
       content = YAML.load(File.read(filename))
       unless content.kind_of? Hash
-        warn "Failed to load #{config_file_name} because it doesn't contain valid YAML hash"
+        warn "Failed to load #{filename} because it doesn't contain valid YAML hash"
         return {}
       end
       return content
     rescue ArgumentError
-      warn "Failed to load #{config_file_name}"
+      warn "Failed to load #{filename}"
     rescue Errno::EACCES
-      warn "Failed to load #{config_file_name} due to permissions problem."
+      warn "Failed to load #{filename} due to permissions problem."
     end
 
     {}

lib/rubygems/dependency_resolver.rb

@@ -406,6 +406,8 @@ module Gem
           source = Gem.sources.first
         end
 
+        Gem.ensure_gem_subdirectories path
+
         source.download full_spec, path
       end
 

lib/rubygems/remote_fetcher.rb

@@ -127,8 +127,6 @@ class Gem::RemoteFetcher
   # always replaced.
 
   def download(spec, source_uri, install_dir = Gem.dir)
-    Gem.ensure_gem_subdirectories(install_dir) rescue nil
-
     cache_dir =
       if Dir.pwd == install_dir then # see fetch_command
         install_dir
@@ -403,7 +401,8 @@ class Gem::RemoteFetcher
     connection.start unless connection.started?
 
     connection
-  rescue OpenSSL::SSL::SSLError, Errno::EHOSTDOWN => e
+  rescue defined?(OpenSSL::SSL) ? OpenSSL::SSL::SSLError : Errno::EHOSTDOWN,
+         Errno::EHOSTDOWN => e
     raise FetchError.new(e.message, uri)
   end
 
@@ -424,6 +423,12 @@ class Gem::RemoteFetcher
       add_rubygems_trusted_certs(store)
     end
     connection.cert_store = store
+  rescue LoadError => e
+    raise unless (e.respond_to?(:path) && e.path == 'openssl') ||
+                 e.message =~ / -- openssl$/
+
+    raise Gem::Exception.new(
+            'Unable to require openssl, install OpenSSL and rebuild ruby (preferred) or use non-HTTPS sources')
   end
 
   def add_rubygems_trusted_certs(store)

lib/rubygems/security.rb

@@ -5,9 +5,29 @@
 #++
 
 require 'rubygems/exceptions'
-require 'openssl'
 require 'fileutils'
 
+begin
+  require 'openssl'
+rescue LoadError => e
+  raise unless (e.respond_to?(:path) && e.path == 'openssl') ||
+               e.message =~ / -- openssl$/
+
+  module OpenSSL # :nodoc:
+    class Digest # :nodoc:
+      class SHA1 # :nodoc:
+        def name
+          'SHA1'
+        end
+      end
+    end
+    module PKey # :nodoc:
+      class RSA # :nodoc:
+      end
+    end
+  end
+end
+
 ##
 # = Signing gems
 #

lib/rubygems/security/policy.rb

@@ -20,6 +20,8 @@ class Gem::Security::Policy
   # options.
 
   def initialize name, policy = {}, opt = {}
+    require 'openssl'
+
     @name = name
 
     @opt = opt

lib/rubygems/spec_fetcher.rb

@@ -228,10 +228,14 @@ class Gem::SpecFetcher
     end
   end
 
+  ##
+  # Attempts to upgrade +source+ to HTTPS if it is for http://rubygems.org
+
   def upgrade_http_source source
     uri = source.uri
 
-    return source unless uri.scheme.downcase == 'http'
+    return source unless uri.scheme.downcase == 'http' &&
+                         uri.host.downcase == 'rubygems.org'
 
     https_uri = uri.dup
     https_uri.scheme = 'https'

lib/rubygems/test_utilities.rb

@@ -121,8 +121,6 @@ class Gem::FakeFetcher
 
     path = File.join path, name
 
-    Gem.ensure_gem_subdirectories install_dir
-
     if source_uri =~ /^http/ then
       File.open(path, "wb") do |f|
         f.write fetch_path(File.join(source_uri, "gems", name))

test/rubygems/test_gem_commands_fetch_command.rb

@@ -18,6 +18,8 @@ class TestGemCommandsFetchCommand < Gem::TestCase
     @fetcher.data["#{@gem_repo}gems/#{@a2.file_name}"] =
       File.read(@a2.cache_file)
 
+    refute_path_exists File.join(@tempdir, 'cache'), 'sanity check'
+
     @cmd.options[:args] = [@a2.name]
 
     use_ui @ui do
@@ -28,6 +30,8 @@ class TestGemCommandsFetchCommand < Gem::TestCase
 
     assert_path_exists(File.join(@tempdir, @a2.file_name),
                        "#{@a2.full_name} not fetched")
+    refute_path_exists File.join(@tempdir, 'cache'),
+                       'gem repository directories must not be created'
   end
 
   def test_execute_prerelease

test/rubygems/test_gem_commands_query_command.rb

@@ -430,5 +430,21 @@ pl \(1\)
     assert_equal expected, @ui.output
   end
 
+  def test_make_entry
+    @fetcher.data.delete \
+      "#{@gem_repo}quick/Marshal.#{Gem.marshal_version}/#{@a2.original_name}.gemspec.rz"
+
+    entry_tuples = [
+      [Gem::NameTuple.new(@a2.name, @a2.version, @a2.platform),
+       Gem.sources.first],
+    ]
+
+    platforms = { @a2.version => [@a2.platform] }
+
+    entry = @cmd.send :make_entry, entry_tuples, platforms
+
+    assert_equal 'a (2)', entry
+  end
+
 end
 

test/rubygems/test_gem_installer.rb

@@ -1060,7 +1060,9 @@ gem 'other', version
   end
 
   def test_install_extension_flat
-    skip '1.8 mkmf.rb does not create TOUCH' if RUBY_VERSION < '1.9'
+    skip '1.9.2 and earlier mkmf.rb does not create TOUCH' if
+      RUBY_VERSION < '1.9.3'
+
     @spec.require_paths = ["."]
 
     @spec.extensions << "extconf.rb"

test/rubygems/test_gem_spec_fetcher.rb

@@ -253,19 +253,36 @@ class TestGemSpecFetcher < Gem::TestCase
 
     assert_equal URI('http://example'), same_source.uri
 
-    @fetcher.data['https://example/'] = 'hello'
+    assert_empty @ui.output
+    assert_empty @ui.error
+  end
+
+  def test_upgrade_http_source_rubygems
+    Gem.configuration.verbose = :really
+
+    source       = Gem::Source.new URI 'http://rubygems.org'
+    same_source  = nil
+    https_source = nil
+
+    use_ui @ui do
+      same_source = @sf.upgrade_http_source source
+    end
+
+    assert_equal URI('http://rubygems.org'), same_source.uri
+
+    @fetcher.data['https://rubygems.org/'] = 'hello'
 
     use_ui @ui do
       https_source = @sf.upgrade_http_source source
     end
 
-    assert_equal URI('https://example'), https_source.uri
+    assert_equal URI('https://rubygems.org'), https_source.uri
 
     assert_empty @ui.error
 
     expected = <<-EXPECTED
-Upgrading http://example to HTTPS failed, continuing
-Upgraded http://example to HTTPS
+Upgrading http://rubygems.org to HTTPS failed, continuing
+Upgraded http://rubygems.org to HTTPS
     EXPECTED
 
     assert_equal expected, @ui.output