OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 available_set.rb	3.02 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 basic_specification.rb	7.36 KB	10/20/2017 09:03:37 AM	rw-r--r--
📄 bundler_version_finder.rb	3.09 KB	10/08/2017 01:32:22 AM	rw-r--r--
📄 command.rb	13.98 KB	12/25/2017 05:54:27 AM	rw-r--r--
📄 command_manager.rb	4.77 KB	05/15/2023 11:41:43 AM	rw-r--r--
📁 commands	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 compatibility.rb	1.66 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 config_file.rb	12.51 KB	03/19/2018 08:27:04 AM	rw-r--r--
📁 core_ext	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 defaults.rb	4.46 KB	06/24/2016 04:13:11 AM	rw-r--r--
📄 dependency.rb	8.38 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 dependency_installer.rb	14.17 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 dependency_list.rb	5.55 KB	05/01/2017 11:40:46 AM	rw-r--r--
📄 deprecate.rb	1.73 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 doctor.rb	3.06 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 errors.rb	4.62 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 exceptions.rb	6.39 KB	10/08/2017 01:32:18 AM	rw-r--r--
📁 ext	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 ext.rb	461 bytes	02/01/2016 12:43:26 PM	rw-r--r--
📄 gem_runner.rb	2.18 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 gemcutter_utilities.rb	4.37 KB	05/15/2023 11:41:43 AM	rw-r--r--
📄 indexer.rb	11.06 KB	03/19/2018 08:27:04 AM	rw-r--r--
📄 install_default_message.rb	337 bytes	02/01/2016 12:43:26 PM	rw-r--r--
📄 install_message.rb	311 bytes	02/01/2016 12:43:26 PM	rw-r--r--
📄 install_update_options.rb	6.89 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 installer.rb	25.11 KB	05/15/2023 11:41:43 AM	rw-r--r--
📄 installer_test_case.rb	4.41 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 local_remote_options.rb	3.4 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 mock_gem_ui.rb	1.38 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 name_tuple.rb	2.41 KB	02/01/2016 12:43:26 PM	rw-r--r--
📁 package	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 package.rb	16.47 KB	05/15/2023 11:41:43 AM	rw-r--r--
📄 package_task.rb	3.8 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 path_support.rb	1.72 KB	03/04/2016 12:29:40 AM	rw-r--r--
📄 platform.rb	6.25 KB	05/01/2017 11:40:46 AM	rw-r--r--
📄 psych_additions.rb	300 bytes	02/01/2016 12:43:26 PM	rw-r--r--
📄 psych_tree.rb	793 bytes	02/01/2016 12:43:26 PM	rw-r--r--
📄 rdoc.rb	7.74 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 remote_fetcher.rb	11.65 KB	08/28/2017 08:31:28 AM	rw-r--r--
📁 request	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 request.rb	8.66 KB	10/08/2017 01:32:18 AM	rw-r--r--
📁 request_set	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 request_set.rb	10.77 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 requirement.rb	6.59 KB	10/08/2017 01:32:18 AM	rw-r--r--
📁 resolver	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 resolver.rb	9.53 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 safe_yaml.rb	1.15 KB	11/02/2017 04:25:37 AM	rw-r--r--
📁 security	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 security.rb	21.13 KB	03/19/2018 08:27:04 AM	rw-r--r--
📄 security_option.rb	1.06 KB	10/08/2017 01:32:22 AM	rw-r--r--
📄 server.rb	22.72 KB	03/19/2018 08:27:04 AM	rw-r--r--
📁 source	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 source.rb	5.42 KB	03/19/2018 08:27:04 AM	rw-r--r--
📄 source_list.rb	2.53 KB	03/04/2016 12:29:40 AM	rw-r--r--
📄 source_local.rb	275 bytes	10/08/2017 01:32:18 AM	rw-r--r--
📄 source_specific_file.rb	272 bytes	10/08/2017 01:32:18 AM	rw-r--r--
📄 spec_fetcher.rb	6.47 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 specification.rb	82.65 KB	05/15/2023 11:41:43 AM	rw-r--r--
📁 ssl_certs	-	11/26/2019 12:32:04 PM	rwxr-xr-x
📄 stub_specification.rb	4.86 KB	03/19/2018 08:27:04 AM	rw-r--r--
📄 syck_hack.rb	2.12 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 test_case.rb	40.33 KB	03/19/2018 08:27:04 AM	rw-r--r--
📄 test_utilities.rb	8.63 KB	03/19/2018 08:27:04 AM	rw-r--r--
📄 text.rb	1.88 KB	08/28/2017 08:31:28 AM	rw-r--r--
📄 uninstaller.rb	8.74 KB	02/01/2016 12:43:26 PM	rw-r--r--
📄 uri_formatter.rb	792 bytes	02/01/2016 12:43:26 PM	rw-r--r--
📄 user_interaction.rb	14.54 KB	05/15/2023 11:41:43 AM	rw-r--r--
📁 util	-	05/09/2024 07:14:11 AM	rwxr-xr-x
📄 util.rb	2.57 KB	03/19/2018 08:27:04 AM	rw-r--r--
📄 validator.rb	4.23 KB	03/19/2018 08:27:04 AM	rw-r--r--
📄 version.rb	11.97 KB	10/08/2017 01:32:18 AM	rw-r--r--
📄 version_option.rb	2.03 KB	10/08/2017 01:32:18 AM	rw-r--r--

Editing: remote_fetcher.rb

# frozen_string_literal: true
require 'rubygems'
require 'rubygems/request'
require 'rubygems/uri_formatter'
require 'rubygems/user_interaction'
require 'rubygems/request/connection_pools'
require 'resolv'

##
# RemoteFetcher handles the details of fetching gems and gem information from
# a remote source.

class Gem::RemoteFetcher

include Gem::UserInteraction

##
  # A FetchError exception wraps up the various possible IO and HTTP failures
  # that could happen while downloading from the internet.

class FetchError < Gem::Exception

##
    # The URI which was being accessed when the exception happened.

attr_accessor :uri

def initialize(message, uri)
      super message
      begin
        uri = URI(uri)
        uri.password = 'REDACTED' if uri.password
        @uri = uri.to_s
      rescue URI::InvalidURIError, ArgumentError
        @uri = uri
      end
    end

def to_s # :nodoc:
      "#{super} (#{uri})"
    end

end

##
  # A FetchError that indicates that the reason for not being
  # able to fetch data was that the host could not be contacted

class UnknownHostError < FetchError
  end

@fetcher = nil

##
  # Cached RemoteFetcher instance.

def self.fetcher
    @fetcher ||= self.new Gem.configuration[:http_proxy]
  end

attr_accessor :headers

##
  # Initialize a remote fetcher using the source URI and possible proxy
  # information.
  #
  # +proxy+
  # * [String]: explicit specification of proxy; overrides any environment
  #             variable setting
  # * nil: respect environment variables (HTTP_PROXY, HTTP_PROXY_USER,
  #        HTTP_PROXY_PASS)
  # * <tt>:no_proxy</tt>: ignore environment variables and _don't_ use a proxy
  #
  # +dns+: An object to use for DNS resolution of the API endpoint.
  #        By default, use Resolv::DNS.
  #
  # +headers+: A set of additional HTTP headers to be sent to the server when
  #            fetching the gem.

def initialize(proxy=nil, dns=Resolv::DNS.new, headers={})
    require 'net/http'
    require 'stringio'
    require 'time'
    require 'uri'

Socket.do_not_reverse_lookup = true

@proxy = proxy
    @pools = {}
    @pool_lock = Mutex.new
    @cert_files = Gem::Request.get_cert_files

@dns = dns
    @headers = headers
  end

##
  # Given a source at +uri+, calculate what hostname to actually
  # connect to query the data for it.

def api_endpoint(uri)
    host = uri.host

begin
      res = @dns.getresource "_rubygems._tcp.#{host}",
                             Resolv::DNS::Resource::IN::SRV
    rescue Resolv::ResolvError => e
      verbose "Getting SRV record failed: #{e}"
      uri
    else
      target = res.target.to_s.strip

if URI("http://" + target).host.end_with?(".#{host}")
        return URI.parse "#{uri.scheme}://#{target}#{uri.path}"
      end

uri
    end
  end

##
  # Given a name and requirement, downloads this gem into cache and returns the
  # filename. Returns nil if the gem cannot be located.
  #--
  # Should probably be integrated with #download below, but that will be a
  # larger, more encompassing effort. -erikh

def download_to_cache dependency
    found, _ = Gem::SpecFetcher.fetcher.spec_for_dependency dependency

return if found.empty?

spec, source = found.max_by { |(s,_)| s.version }

download spec, source.uri.to_s
  end

##
  # Moves the gem +spec+ from +source_uri+ to the cache dir unless it is
  # already there.  If the source_uri is local the gem cache dir copy is
  # always replaced.

def download(spec, source_uri, install_dir = Gem.dir)
    cache_dir =
      if Dir.pwd == install_dir then # see fetch_command
        install_dir
      elsif File.writable? install_dir then
        File.join install_dir, "cache"
      else
        File.join Gem.user_dir, "cache"
      end

gem_file_name = File.basename spec.cache_file
    local_gem_path = File.join cache_dir, gem_file_name

FileUtils.mkdir_p cache_dir rescue nil unless File.exist? cache_dir

# Always escape URI's to deal with potential spaces and such
    # It should also be considered that source_uri may already be
    # a valid URI with escaped characters. e.g. "{DESede}" is encoded
    # as "%7BDESede%7D". If this is escaped again the percentage
    # symbols will be escaped.
    unless source_uri.is_a?(URI::Generic)
      begin
        source_uri = URI.parse(source_uri)
      rescue
        source_uri = URI.parse(URI.const_defined?(:DEFAULT_PARSER) ?
                               URI::DEFAULT_PARSER.escape(source_uri.to_s) :
                               URI.escape(source_uri.to_s))
      end
    end

scheme = source_uri.scheme

# URI.parse gets confused by MS Windows paths with forward slashes.
    scheme = nil if scheme =~ /^[a-z]$/i

# REFACTOR: split this up and dispatch on scheme (eg download_http)
    # REFACTOR: be sure to clean up fake fetcher when you do this... cleaner
    case scheme
    when 'http', 'https', 's3' then
      unless File.exist? local_gem_path then
        begin
          verbose "Downloading gem #{gem_file_name}"

remote_gem_path = source_uri + "gems/#{gem_file_name}"

self.cache_update_path remote_gem_path, local_gem_path
        rescue Gem::RemoteFetcher::FetchError
          raise if spec.original_platform == spec.platform

alternate_name = "#{spec.original_name}.gem"

verbose "Failed, downloading gem #{alternate_name}"

remote_gem_path = source_uri + "gems/#{alternate_name}"

self.cache_update_path remote_gem_path, local_gem_path
        end
      end
    when 'file' then
      begin
        path = source_uri.path
        path = File.dirname(path) if File.extname(path) == '.gem'

remote_gem_path = correct_for_windows_path(File.join(path, 'gems', gem_file_name))

FileUtils.cp(remote_gem_path, local_gem_path)
      rescue Errno::EACCES
        local_gem_path = source_uri.to_s
      end

verbose "Using local gem #{local_gem_path}"
    when nil then # TODO test for local overriding cache
      source_path = if Gem.win_platform? && source_uri.scheme &&
                       !source_uri.path.include?(':') then
                      "#{source_uri.scheme}:#{source_uri.path}"
                    else
                      source_uri.path
                    end

source_path = Gem::UriFormatter.new(source_path).unescape

begin
        FileUtils.cp source_path, local_gem_path unless
          File.identical?(source_path, local_gem_path)
      rescue Errno::EACCES
        local_gem_path = source_uri.to_s
      end

verbose "Using local gem #{local_gem_path}"
    else
      raise ArgumentError, "unsupported URI scheme #{source_uri.scheme}"
    end

local_gem_path
  end

##
  # File Fetcher. Dispatched by +fetch_path+. Use it instead.

def fetch_file uri, *_
    Gem.read_binary correct_for_windows_path uri.path
  end

##
  # HTTP Fetcher. Dispatched by +fetch_path+. Use it instead.

def fetch_http uri, last_modified = nil, head = false, depth = 0
    fetch_type = head ? Net::HTTP::Head : Net::HTTP::Get
    response   = request uri, fetch_type, last_modified do |req|
      headers.each { |k,v| req.add_field(k,v) }
    end

case response
    when Net::HTTPOK, Net::HTTPNotModified then
      response.uri = uri if response.respond_to? :uri
      head ? response : response.body
    when Net::HTTPMovedPermanently, Net::HTTPFound, Net::HTTPSeeOther,
         Net::HTTPTemporaryRedirect then
      raise FetchError.new('too many redirects', uri) if depth > 10

unless location = response['Location']
        raise FetchError.new("redirecting but no redirect location was given", uri)
      end
      location = URI.parse response['Location']

if https?(uri) && !https?(location)
        raise FetchError.new("redirecting to non-https resource: #{location}", uri)
      end

fetch_http(location, last_modified, head, depth + 1)
    else
      raise FetchError.new("bad response #{response.message} #{response.code}", uri)
    end
  end

alias :fetch_https :fetch_http

##
  # Downloads +uri+ and returns it as a String.

def fetch_path(uri, mtime = nil, head = false)
    uri = URI.parse uri unless URI::Generic === uri

raise ArgumentError, "bad uri: #{uri}" unless uri

unless uri.scheme
      raise ArgumentError, "uri scheme is invalid: #{uri.scheme.inspect}"
    end

data = send "fetch_#{uri.scheme}", uri, mtime, head

if data and !head and uri.to_s =~ /\.gz$/
      begin
        data = Gem.gunzip data
      rescue Zlib::GzipFile::Error
        raise FetchError.new("server did not return a valid file", uri.to_s)
      end
    end

data
  rescue FetchError
    raise
  rescue Timeout::Error
    raise UnknownHostError.new('timed out', uri.to_s)
  rescue IOError, SocketError, SystemCallError => e
    if e.message =~ /getaddrinfo/
      raise UnknownHostError.new('no such name', uri.to_s)
    else
      raise FetchError.new("#{e.class}: #{e}", uri.to_s)
    end
  end

def fetch_s3(uri, mtime = nil, head = false)
    public_uri = sign_s3_url(uri)
    fetch_https public_uri, mtime, head
  end

##
  # Downloads +uri+ to +path+ if necessary. If no path is given, it just
  # passes the data.

def cache_update_path uri, path = nil, update = true
    mtime = path && File.stat(path).mtime rescue nil

data = fetch_path(uri, mtime)

if data == nil # indicates the server returned 304 Not Modified
      return Gem.read_binary(path)
    end

if update and path
      Gem.write_binary(path, data)
    end

data
  end

##
  # Returns the size of +uri+ in bytes.

def fetch_size(uri) # TODO: phase this out
    response = fetch_path(uri, nil, true)

response['content-length'].to_i
  end

def correct_for_windows_path(path)
    if path[0].chr == '/' && path[1].chr =~ /[a-z]/i && path[2].chr == ':'
      path[1..-1]
    else
      path
    end
  end

##
  # Performs a Net::HTTP request of type +request_class+ on +uri+ returning
  # a Net::HTTP response object.  request maintains a table of persistent
  # connections to reduce connect overhead.

def request(uri, request_class, last_modified = nil)
    proxy = proxy_for @proxy, uri
    pool  = pools_for(proxy).pool_for uri

request = Gem::Request.new uri, request_class, last_modified, pool

request.fetch do |req|
      yield req if block_given?
    end
  end

def https?(uri)
    uri.scheme.downcase == 'https'
  end

def close_all
    @pools.each_value {|pool| pool.close_all}
  end

protected

# we have our own signing code here to avoid a dependency on the aws-sdk gem
  # fortunately, a simple GET request isn't too complex to sign properly
  def sign_s3_url(uri, expiration = nil)
    require 'base64'
    require 'openssl'

unless uri.user && uri.password
      raise FetchError.new("credentials needed in s3 source, like s3://key:secret@bucket-name/", uri.to_s)
    end

expiration ||= s3_expiration
    canonical_path = "/#{uri.host}#{uri.path}"
    payload = "GET\n\n\n#{expiration}\n#{canonical_path}"
    digest = OpenSSL::HMAC.digest('sha1', uri.password, payload)
    # URI.escape is deprecated, and there isn't yet a replacement that does quite what we want
    signature = Base64.encode64(digest).gsub("\n", '').gsub(/[\+\/=]/) { |c| BASE64_URI_TRANSLATE[c] }
    URI.parse("https://#{uri.host}.s3.amazonaws.com#{uri.path}?AWSAccessKeyId=#{uri.user}&Expires=#{expiration}&Signature=#{signature}")
  end

def s3_expiration
    (Time.now + 3600).to_i # one hour from now
  end

BASE64_URI_TRANSLATE = { '+' => '%2B', '/' => '%2F', '=' => '%3D' }.freeze

private

def proxy_for proxy, uri
    Gem::Request.proxy_uri(proxy || Gem::Request.get_proxy_from_env(uri.scheme))
  end

def pools_for proxy
    @pool_lock.synchronize do
      @pools[proxy] ||= Gem::Request::ConnectionPools.new proxy, @cert_files
    end
  end
end