# frozen_string_literal: true # We forcibly require OpenSSL, because net/http/persistent will only autoload # it. On some Rubies, autoload fails but explicit require succeeds. begin require "openssl" rescue LoadError # some Ruby builds don't have OpenSSL end module Bundler module Persistent module Net module HTTP end end end end require_relative "vendor/net-http-persistent/lib/net/http/persistent" module Bundler class PersistentHTTP < Persistent::Net::HTTP::Persistent def connection_for(uri) super(uri) do |connection| result = yield connection warn_old_tls_version_rubygems_connection(uri, connection) result end end def warn_old_tls_version_rubygems_connection(uri, connection) return unless connection.http.use_ssl? return unless (uri.host || "").end_with?("rubygems.org") socket = connection.instance_variable_get(:@socket) return unless socket socket_io = socket.io return unless socket_io.respond_to?(:ssl_version) ssl_version = socket_io.ssl_version case ssl_version when /TLSv([\d\.]+)/ version = Gem::Version.new($1) if version < Gem::Version.new("1.2") Bundler.ui.warn \ "Warning: Your Ruby version is compiled against a copy of OpenSSL that is very old. " \ "Starting in January 2018, RubyGems.org will refuse connection requests from these " \ "very old versions of OpenSSL. If you will need to continue installing gems after " \ "January 2018, please follow this guide to upgrade: http://ruby.to/tls-outdated.", :wrap => true end end end end end