　晋太元中，武陵人捕鱼为业。缘溪行，忘路之远近。忽逢桃花林，夹岸数百步，中无杂树，芳草鲜美，落英缤纷。渔人甚异之，复前行，欲穷其林。　　林尽水源，便得一山，山有小口，仿佛若有光。便舍船，从口入。初极狭，才通人。复行数十步，豁然开朗。土地平旷，屋舍俨然，有良田、美池、桑竹之属。阡陌交通，鸡犬相闻。其中往来种作，男女衣着，悉如外人。黄发垂髫，并怡然自乐。　　见渔人，乃大惊，问所从来。具答之。便要还家，设酒杀鸡作食。村中闻有此人，咸来问讯。自云先世避秦时乱，率妻子邑人来此绝境，不复出焉，遂与外人间隔。问今是何世，乃不知有汉，无论魏晋。此人一一为具言所闻，皆叹惋。余人各复延至其家，皆出酒食。停数日，辞去。此中人语云：“不足为外人道也。”(间隔一作：隔绝) 　　既出，得其船，便扶向路，处处志之。及郡下，诣太守，说如此。太守即遣人随其往，寻向所志，遂迷，不复得路。　　南阳刘子骥，高尚士也，闻之，欣然规往。未果，寻病终。后遂无问津者。 sh-3ll

HOME

sh-3ll 1.0

DIR:/opt/alt/ruby32/share/rubygems/rubygems/security/

Current File : //opt/alt/ruby32/share/rubygems/rubygems/security/trust_dir.rb

# frozen_string_literal: true

##
# The TrustDir manages the trusted certificates for gem signature
# verification.

class Gem::Security::TrustDir
  ##
  # Default permissions for the trust directory and its contents

  DEFAULT_PERMISSIONS = {
    :trust_dir => 0700,
    :trusted_cert => 0600,
  }.freeze

  ##
  # The directory where trusted certificates will be stored.

  attr_reader :dir

  ##
  # Creates a new TrustDir using +dir+ where the directory and file
  # permissions will be checked according to +permissions+

  def initialize(dir, permissions = DEFAULT_PERMISSIONS)
    @dir = dir
    @permissions = permissions

    @digester = Gem::Security.create_digest
  end

  ##
  # Returns the path to the trusted +certificate+

  def cert_path(certificate)
    name_path certificate.subject
  end

  ##
  # Enumerates trusted certificates.

  def each_certificate
    return enum_for __method__ unless block_given?

    glob = File.join @dir, "*.pem"

    Dir[glob].each do |certificate_file|
      begin
        certificate = load_certificate certificate_file

        yield certificate, certificate_file
      rescue OpenSSL::X509::CertificateError
        next # HACK warn
      end
    end
  end

  ##
  # Returns the issuer certificate of the given +certificate+ if it exists in
  # the trust directory.

  def issuer_of(certificate)
    path = name_path certificate.issuer

    return unless File.exist? path

    load_certificate path
  end

  ##
  # Returns the path to the trusted certificate with the given ASN.1 +name+

  def name_path(name)
    digest = @digester.hexdigest name.to_s

    File.join @dir, "cert-#{digest}.pem"
  end

  ##
  # Loads the given +certificate_file+

  def load_certificate(certificate_file)
    pem = File.read certificate_file

    OpenSSL::X509::Certificate.new pem
  end

  ##
  # Add a certificate to trusted certificate list.

  def trust_cert(certificate)
    verify

    destination = cert_path certificate

    File.open destination, "wb", 0600 do |io|
      io.write certificate.to_pem
      io.chmod(@permissions[:trusted_cert])
    end
  end

  ##
  # Make sure the trust directory exists.  If it does exist, make sure it's
  # actually a directory.  If not, then create it with the appropriate
  # permissions.

  def verify
    require "fileutils"
    if File.exist? @dir
      raise Gem::Security::Exception,
        "trust directory #{@dir} is not a directory" unless
          File.directory? @dir

      FileUtils.chmod 0700, @dir
    else
      FileUtils.mkdir_p @dir, :mode => @permissions[:trust_dir]
    end
  end
end