diff options
author | Samuel Giddins <segiddins@segiddins.me> | 2016-12-01 00:00:36 -0600 |
---|---|---|
committer | Samuel Giddins <segiddins@segiddins.me> | 2016-12-01 00:01:12 -0600 |
commit | 032203d8f005243be5dd5bfd99abd485b68b567f (patch) | |
tree | 15fe1893a1904e1fac97be1b223ab760444a3089 | |
parent | 1f10c7f07fdbe5b664272d54657b5687bc881810 (diff) | |
download | bundler-032203d8f005243be5dd5bfd99abd485b68b567f.tar.gz |
[CompactIndex] Disable when openssl is in fips mode
-rw-r--r-- | lib/bundler/fetcher/compact_index.rb | 16 | ||||
-rw-r--r-- | spec/bundler/fetcher/compact_index_spec.rb | 16 |
2 files changed, 30 insertions, 2 deletions
diff --git a/lib/bundler/fetcher/compact_index.rb b/lib/bundler/fetcher/compact_index.rb index 5d703a3a78..5cd8a3e8f1 100644 --- a/lib/bundler/fetcher/compact_index.rb +++ b/lib/bundler/fetcher/compact_index.rb @@ -3,10 +3,10 @@ require "bundler/fetcher/base" require "bundler/worker" module Bundler + autoload :CompactIndexClient, "bundler/compact_index_client" + class Fetcher class CompactIndex < Base - require "bundler/compact_index_client" - def self.compact_index_request(method_name) method = instance_method(method_name) undef_method(method_name) @@ -61,6 +61,7 @@ module Bundler compact_index_request :fetch_spec def available? + return nil unless md5_available? user_home = Bundler.user_home return nil unless user_home.directory? && user_home.writable? # Read info file checksums out of /versions, so we can know if gems are up to date @@ -119,6 +120,17 @@ module Bundler Net::HTTPNotModified.new(nil, nil, nil) end end + + def md5_available? + begin + require "openssl" + return false if OpenSSL::OPENSSL_FIPS + rescue LoadError + nil + end + + true + end end end end diff --git a/spec/bundler/fetcher/compact_index_spec.rb b/spec/bundler/fetcher/compact_index_spec.rb index e3f36666cc..503810723c 100644 --- a/spec/bundler/fetcher/compact_index_spec.rb +++ b/spec/bundler/fetcher/compact_index_spec.rb @@ -25,6 +25,22 @@ describe Bundler::Fetcher::CompactIndex do compact_index.specs_for_names(["lskdjf"]) end + describe "#available?" do + context "when OpenSSL is in FIPS mode" do + before { stub_const("OpenSSL::OPENSSL_FIPS", true) } + + it "returns false" do + expect(compact_index).to_not be_available + end + + it "never requires digest/md5" do + expect(Kernel).to receive(:require).with("digest/md5").never + + compact_index.available? + end + end + end + context "logging" do before { allow(compact_index).to receive(:log_specs).and_call_original } |