420 lines
12 KiB
Ruby
420 lines
12 KiB
Ruby
# frozen_string_literal: true
|
|
require 'rubygems'
|
|
require 'rubygems/request'
|
|
require 'rubygems/uri_formatter'
|
|
require 'rubygems/user_interaction'
|
|
require 'rubygems/request/connection_pools'
|
|
require 'resolv'
|
|
|
|
##
|
|
# RemoteFetcher handles the details of fetching gems and gem information from
|
|
# a remote source.
|
|
|
|
class Gem::RemoteFetcher
|
|
|
|
include Gem::UserInteraction
|
|
|
|
##
|
|
# A FetchError exception wraps up the various possible IO and HTTP failures
|
|
# that could happen while downloading from the internet.
|
|
|
|
class FetchError < Gem::Exception
|
|
|
|
##
|
|
# The URI which was being accessed when the exception happened.
|
|
|
|
attr_accessor :uri
|
|
|
|
def initialize(message, uri)
|
|
super message
|
|
begin
|
|
uri = URI(uri)
|
|
uri.password = 'REDACTED' if uri.password
|
|
@uri = uri.to_s
|
|
rescue URI::InvalidURIError, ArgumentError
|
|
@uri = uri
|
|
end
|
|
end
|
|
|
|
def to_s # :nodoc:
|
|
"#{super} (#{uri})"
|
|
end
|
|
|
|
end
|
|
|
|
##
|
|
# A FetchError that indicates that the reason for not being
|
|
# able to fetch data was that the host could not be contacted
|
|
|
|
class UnknownHostError < FetchError
|
|
end
|
|
|
|
@fetcher = nil
|
|
|
|
##
|
|
# Cached RemoteFetcher instance.
|
|
|
|
def self.fetcher
|
|
@fetcher ||= self.new Gem.configuration[:http_proxy]
|
|
end
|
|
|
|
attr_accessor :headers
|
|
|
|
##
|
|
# Initialize a remote fetcher using the source URI and possible proxy
|
|
# information.
|
|
#
|
|
# +proxy+
|
|
# * [String]: explicit specification of proxy; overrides any environment
|
|
# variable setting
|
|
# * nil: respect environment variables (HTTP_PROXY, HTTP_PROXY_USER,
|
|
# HTTP_PROXY_PASS)
|
|
# * <tt>:no_proxy</tt>: ignore environment variables and _don't_ use a proxy
|
|
#
|
|
# +dns+: An object to use for DNS resolution of the API endpoint.
|
|
# By default, use Resolv::DNS.
|
|
#
|
|
# +headers+: A set of additional HTTP headers to be sent to the server when
|
|
# fetching the gem.
|
|
|
|
def initialize(proxy=nil, dns=Resolv::DNS.new, headers={})
|
|
require 'net/http'
|
|
require 'stringio'
|
|
require 'time'
|
|
require 'uri'
|
|
|
|
Socket.do_not_reverse_lookup = true
|
|
|
|
@proxy = proxy
|
|
@pools = {}
|
|
@pool_lock = Mutex.new
|
|
@cert_files = Gem::Request.get_cert_files
|
|
|
|
@dns = dns
|
|
@headers = headers
|
|
end
|
|
|
|
##
|
|
# Given a source at +uri+, calculate what hostname to actually
|
|
# connect to query the data for it.
|
|
|
|
def api_endpoint(uri)
|
|
host = uri.host
|
|
|
|
begin
|
|
res = @dns.getresource "_rubygems._tcp.#{host}",
|
|
Resolv::DNS::Resource::IN::SRV
|
|
rescue Resolv::ResolvError => e
|
|
verbose "Getting SRV record failed: #{e}"
|
|
uri
|
|
else
|
|
target = res.target.to_s.strip
|
|
|
|
if /\.#{Regexp.quote(host)}\z/ =~ target
|
|
return URI.parse "#{uri.scheme}://#{target}#{uri.path}"
|
|
end
|
|
|
|
uri
|
|
end
|
|
end
|
|
|
|
##
|
|
# Given a name and requirement, downloads this gem into cache and returns the
|
|
# filename. Returns nil if the gem cannot be located.
|
|
#--
|
|
# Should probably be integrated with #download below, but that will be a
|
|
# larger, more encompassing effort. -erikh
|
|
|
|
def download_to_cache dependency
|
|
found, _ = Gem::SpecFetcher.fetcher.spec_for_dependency dependency
|
|
|
|
return if found.empty?
|
|
|
|
spec, source = found.max_by { |(s,_)| s.version }
|
|
|
|
download spec, source.uri.to_s
|
|
end
|
|
|
|
##
|
|
# Moves the gem +spec+ from +source_uri+ to the cache dir unless it is
|
|
# already there. If the source_uri is local the gem cache dir copy is
|
|
# always replaced.
|
|
|
|
def download(spec, source_uri, install_dir = Gem.dir)
|
|
cache_dir =
|
|
if Dir.pwd == install_dir then # see fetch_command
|
|
install_dir
|
|
elsif File.writable? install_dir then
|
|
File.join install_dir, "cache"
|
|
else
|
|
File.join Gem.user_dir, "cache"
|
|
end
|
|
|
|
gem_file_name = File.basename spec.cache_file
|
|
local_gem_path = File.join cache_dir, gem_file_name
|
|
|
|
FileUtils.mkdir_p cache_dir rescue nil unless File.exist? cache_dir
|
|
|
|
# Always escape URI's to deal with potential spaces and such
|
|
# It should also be considered that source_uri may already be
|
|
# a valid URI with escaped characters. e.g. "{DESede}" is encoded
|
|
# as "%7BDESede%7D". If this is escaped again the percentage
|
|
# symbols will be escaped.
|
|
unless source_uri.is_a?(URI::Generic)
|
|
begin
|
|
source_uri = URI.parse(source_uri)
|
|
rescue
|
|
source_uri = URI.parse(URI.const_defined?(:DEFAULT_PARSER) ?
|
|
URI::DEFAULT_PARSER.escape(source_uri.to_s) :
|
|
URI.escape(source_uri.to_s))
|
|
end
|
|
end
|
|
|
|
scheme = source_uri.scheme
|
|
|
|
# URI.parse gets confused by MS Windows paths with forward slashes.
|
|
scheme = nil if scheme =~ /^[a-z]$/i
|
|
|
|
# REFACTOR: split this up and dispatch on scheme (eg download_http)
|
|
# REFACTOR: be sure to clean up fake fetcher when you do this... cleaner
|
|
case scheme
|
|
when 'http', 'https', 's3' then
|
|
unless File.exist? local_gem_path then
|
|
begin
|
|
verbose "Downloading gem #{gem_file_name}"
|
|
|
|
remote_gem_path = source_uri + "gems/#{gem_file_name}"
|
|
|
|
self.cache_update_path remote_gem_path, local_gem_path
|
|
rescue Gem::RemoteFetcher::FetchError
|
|
raise if spec.original_platform == spec.platform
|
|
|
|
alternate_name = "#{spec.original_name}.gem"
|
|
|
|
verbose "Failed, downloading gem #{alternate_name}"
|
|
|
|
remote_gem_path = source_uri + "gems/#{alternate_name}"
|
|
|
|
self.cache_update_path remote_gem_path, local_gem_path
|
|
end
|
|
end
|
|
when 'file' then
|
|
begin
|
|
path = source_uri.path
|
|
path = File.dirname(path) if File.extname(path) == '.gem'
|
|
|
|
remote_gem_path = correct_for_windows_path(File.join(path, 'gems', gem_file_name))
|
|
|
|
FileUtils.cp(remote_gem_path, local_gem_path)
|
|
rescue Errno::EACCES
|
|
local_gem_path = source_uri.to_s
|
|
end
|
|
|
|
verbose "Using local gem #{local_gem_path}"
|
|
when nil then # TODO test for local overriding cache
|
|
source_path = if Gem.win_platform? && source_uri.scheme &&
|
|
!source_uri.path.include?(':') then
|
|
"#{source_uri.scheme}:#{source_uri.path}"
|
|
else
|
|
source_uri.path
|
|
end
|
|
|
|
source_path = Gem::UriFormatter.new(source_path).unescape
|
|
|
|
begin
|
|
FileUtils.cp source_path, local_gem_path unless
|
|
File.identical?(source_path, local_gem_path)
|
|
rescue Errno::EACCES
|
|
local_gem_path = source_uri.to_s
|
|
end
|
|
|
|
verbose "Using local gem #{local_gem_path}"
|
|
else
|
|
raise ArgumentError, "unsupported URI scheme #{source_uri.scheme}"
|
|
end
|
|
|
|
local_gem_path
|
|
end
|
|
|
|
##
|
|
# File Fetcher. Dispatched by +fetch_path+. Use it instead.
|
|
|
|
def fetch_file uri, *_
|
|
Gem.read_binary correct_for_windows_path uri.path
|
|
end
|
|
|
|
##
|
|
# HTTP Fetcher. Dispatched by +fetch_path+. Use it instead.
|
|
|
|
def fetch_http uri, last_modified = nil, head = false, depth = 0
|
|
fetch_type = head ? Net::HTTP::Head : Net::HTTP::Get
|
|
response = request uri, fetch_type, last_modified do |req|
|
|
headers.each { |k,v| req.add_field(k,v) }
|
|
end
|
|
|
|
case response
|
|
when Net::HTTPOK, Net::HTTPNotModified then
|
|
response.uri = uri if response.respond_to? :uri
|
|
head ? response : response.body
|
|
when Net::HTTPMovedPermanently, Net::HTTPFound, Net::HTTPSeeOther,
|
|
Net::HTTPTemporaryRedirect then
|
|
raise FetchError.new('too many redirects', uri) if depth > 10
|
|
|
|
unless location = response['Location']
|
|
raise FetchError.new("redirecting but no redirect location was given", uri)
|
|
end
|
|
location = URI.parse response['Location']
|
|
|
|
if https?(uri) && !https?(location)
|
|
raise FetchError.new("redirecting to non-https resource: #{location}", uri)
|
|
end
|
|
|
|
fetch_http(location, last_modified, head, depth + 1)
|
|
else
|
|
raise FetchError.new("bad response #{response.message} #{response.code}", uri)
|
|
end
|
|
end
|
|
|
|
alias :fetch_https :fetch_http
|
|
|
|
##
|
|
# Downloads +uri+ and returns it as a String.
|
|
|
|
def fetch_path(uri, mtime = nil, head = false)
|
|
uri = URI.parse uri unless URI::Generic === uri
|
|
|
|
raise ArgumentError, "bad uri: #{uri}" unless uri
|
|
|
|
unless uri.scheme
|
|
raise ArgumentError, "uri scheme is invalid: #{uri.scheme.inspect}"
|
|
end
|
|
|
|
data = send "fetch_#{uri.scheme}", uri, mtime, head
|
|
|
|
if data and !head and uri.to_s =~ /\.gz$/
|
|
begin
|
|
data = Gem.gunzip data
|
|
rescue Zlib::GzipFile::Error
|
|
raise FetchError.new("server did not return a valid file", uri.to_s)
|
|
end
|
|
end
|
|
|
|
data
|
|
rescue FetchError
|
|
raise
|
|
rescue Timeout::Error
|
|
raise UnknownHostError.new('timed out', uri.to_s)
|
|
rescue IOError, SocketError, SystemCallError => e
|
|
if e.message =~ /getaddrinfo/
|
|
raise UnknownHostError.new('no such name', uri.to_s)
|
|
else
|
|
raise FetchError.new("#{e.class}: #{e}", uri.to_s)
|
|
end
|
|
end
|
|
|
|
def fetch_s3(uri, mtime = nil, head = false)
|
|
public_uri = sign_s3_url(uri)
|
|
fetch_https public_uri, mtime, head
|
|
end
|
|
|
|
##
|
|
# Downloads +uri+ to +path+ if necessary. If no path is given, it just
|
|
# passes the data.
|
|
|
|
def cache_update_path uri, path = nil, update = true
|
|
mtime = path && File.stat(path).mtime rescue nil
|
|
|
|
data = fetch_path(uri, mtime)
|
|
|
|
if data == nil # indicates the server returned 304 Not Modified
|
|
return Gem.read_binary(path)
|
|
end
|
|
|
|
if update and path
|
|
Gem.write_binary(path, data)
|
|
end
|
|
|
|
data
|
|
end
|
|
|
|
##
|
|
# Returns the size of +uri+ in bytes.
|
|
|
|
def fetch_size(uri) # TODO: phase this out
|
|
response = fetch_path(uri, nil, true)
|
|
|
|
response['content-length'].to_i
|
|
end
|
|
|
|
def correct_for_windows_path(path)
|
|
if path[0].chr == '/' && path[1].chr =~ /[a-z]/i && path[2].chr == ':'
|
|
path[1..-1]
|
|
else
|
|
path
|
|
end
|
|
end
|
|
|
|
##
|
|
# Performs a Net::HTTP request of type +request_class+ on +uri+ returning
|
|
# a Net::HTTP response object. request maintains a table of persistent
|
|
# connections to reduce connect overhead.
|
|
|
|
def request(uri, request_class, last_modified = nil)
|
|
proxy = proxy_for @proxy, uri
|
|
pool = pools_for(proxy).pool_for uri
|
|
|
|
request = Gem::Request.new uri, request_class, last_modified, pool
|
|
|
|
request.fetch do |req|
|
|
yield req if block_given?
|
|
end
|
|
end
|
|
|
|
def https?(uri)
|
|
uri.scheme.downcase == 'https'
|
|
end
|
|
|
|
def close_all
|
|
@pools.each_value {|pool| pool.close_all}
|
|
end
|
|
|
|
protected
|
|
|
|
# we have our own signing code here to avoid a dependency on the aws-sdk gem
|
|
# fortunately, a simple GET request isn't too complex to sign properly
|
|
def sign_s3_url(uri, expiration = nil)
|
|
require 'base64'
|
|
require 'openssl'
|
|
|
|
unless uri.user && uri.password
|
|
raise FetchError.new("credentials needed in s3 source, like s3://key:secret@bucket-name/", uri.to_s)
|
|
end
|
|
|
|
expiration ||= s3_expiration
|
|
canonical_path = "/#{uri.host}#{uri.path}"
|
|
payload = "GET\n\n\n#{expiration}\n#{canonical_path}"
|
|
digest = OpenSSL::HMAC.digest('sha1', uri.password, payload)
|
|
# URI.escape is deprecated, and there isn't yet a replacement that does quite what we want
|
|
signature = Base64.encode64(digest).gsub("\n", '').gsub(/[\+\/=]/) { |c| BASE64_URI_TRANSLATE[c] }
|
|
URI.parse("https://#{uri.host}.s3.amazonaws.com#{uri.path}?AWSAccessKeyId=#{uri.user}&Expires=#{expiration}&Signature=#{signature}")
|
|
end
|
|
|
|
def s3_expiration
|
|
(Time.now + 3600).to_i # one hour from now
|
|
end
|
|
|
|
BASE64_URI_TRANSLATE = { '+' => '%2B', '/' => '%2F', '=' => '%3D' }.freeze
|
|
|
|
private
|
|
|
|
def proxy_for proxy, uri
|
|
Gem::Request.proxy_uri(proxy || Gem::Request.get_proxy_from_env(uri.scheme))
|
|
end
|
|
|
|
def pools_for proxy
|
|
@pool_lock.synchronize do
|
|
@pools[proxy] ||= Gem::Request::ConnectionPools.new proxy, @cert_files
|
|
end
|
|
end
|
|
end
|