Remove warning for old TLS version connection

RubyGems.org already has refused connection requests using older than TLS 1.2.
2022-11-09 12:17:21 -05:00 · 2022-09-15 09:59:05 +09:00 · 2022-09-15 09:59:05 +09:00 · bf72afa766
commit bf72afa766
parent 6b2b9e0019
2 changed files with 1 additions and 110 deletions
--- a/lib/bundler/vendored_persistent.rb
+++ b/lib/bundler/vendored_persistent.rb
@ -11,37 +11,5 @@ end
 require_relative "vendor/net-http-persistent/lib/net/http/persistent"

 module Bundler
-  class PersistentHTTP < Persistent::Net::HTTP::Persistent
-    def connection_for(uri)
-      super(uri) do |connection|
-        result = yield connection
-        warn_old_tls_version_rubygems_connection(uri, connection)
-        result
-      end
-    end
-
-    def warn_old_tls_version_rubygems_connection(uri, connection)
-      return unless connection.http.use_ssl?
-      return unless (uri.host || "").end_with?("rubygems.org")
-
-      socket = connection.instance_variable_get(:@socket)
-      return unless socket
-      socket_io = socket.io
-      return unless socket_io.respond_to?(:ssl_version)
-      ssl_version = socket_io.ssl_version
-
-      case ssl_version
-      when /TLSv([\d\.]+)/
-        version = Gem::Version.new($1)
-        if version < Gem::Version.new("1.2")
-          Bundler.ui.warn \
-            "Warning: Your Ruby version is compiled against a copy of OpenSSL that is very old. " \
-            "Starting in January 2018, RubyGems.org will refuse connection requests from these " \
-            "very old versions of OpenSSL. If you will need to continue installing gems after " \
-            "January 2018, please follow this guide to upgrade: http://ruby.to/tls-outdated.",
-            :wrap => true
-        end
-      end
-    end
-  end
+  PersistentHTTP = Persistent::Net::HTTP::Persistent
 end
--- a/spec/bundler/bundler/vendored_persistent_spec.rb
+++ b/spec/bundler/bundler/vendored_persistent_spec.rb
@ -1,77 +0,0 @@
-# frozen_string_literal: true
-
-require "bundler/vendored_persistent"
-
-RSpec.describe Bundler::PersistentHTTP do
-  describe "#warn_old_tls_version_rubygems_connection" do
-    let(:uri) { "https://index.rubygems.org" }
-    let(:connection) { instance_double(Bundler::Persistent::Net::HTTP::Persistent::Connection) }
-    let(:tls_version) { "TLSv1.2" }
-    let(:socket) { double("Socket") }
-    let(:socket_io) { double("SocketIO") }
-
-    before do
-      allow(connection).to receive_message_chain(:http, :use_ssl?).and_return(!tls_version.nil?)
-      allow(socket).to receive(:io).and_return(socket_io) if socket
-      connection.instance_variable_set(:@socket, socket)
-
-      if tls_version
-        allow(socket_io).to receive(:ssl_version).and_return(tls_version)
-      end
-    end
-
-    shared_examples_for "does not warn" do
-      it "does not warn" do
-        allow(Bundler.ui).to receive(:warn).never
-        subject.warn_old_tls_version_rubygems_connection(Bundler::URI(uri), connection)
-      end
-    end
-
-    shared_examples_for "does warn" do |*expected|
-      it "warns" do
-        expect(Bundler.ui).to receive(:warn).with(*expected)
-        subject.warn_old_tls_version_rubygems_connection(Bundler::URI(uri), connection)
-      end
-    end
-
-    context "an HTTPS uri with TLSv1.2" do
-      include_examples "does not warn"
-    end
-
-    context "without SSL" do
-      let(:tls_version) { nil }
-
-      include_examples "does not warn"
-    end
-
-    context "without a socket" do
-      let(:socket) { nil }
-
-      include_examples "does not warn"
-    end
-
-    context "with a different TLD" do
-      let(:uri) { "https://foo.bar" }
-      include_examples "does not warn"
-
-      context "and an outdated TLS version" do
-        let(:tls_version) { "TLSv1" }
-        include_examples "does not warn"
-      end
-    end
-
-    context "with a nonsense TLS version" do
-      let(:tls_version) { "BlahBlah2.0Blah" }
-      include_examples "does not warn"
-    end
-
-    context "with an outdated TLS version" do
-      let(:tls_version) { "TLSv1" }
-      include_examples "does warn",
-        "Warning: Your Ruby version is compiled against a copy of OpenSSL that is very old. " \
-        "Starting in January 2018, RubyGems.org will refuse connection requests from these very old versions of OpenSSL. " \
-        "If you will need to continue installing gems after January 2018, please follow this guide to upgrade: http://ruby.to/tls-outdated.",
-        :wrap => true
-    end
-  end
-end