Sha256: c04e2ff25b938c2978daf8f14ddc6f32218dde31149e6d11f927dbbac646b34b
Contents?: true
Size: 1.83 KB
Versions: 1
Compression:
Stored size: 1.83 KB
Contents
require 'fileutils'
module HammerCLI
class CACertManager
attr_reader :ca_path
def initialize(ca_path)
@ca_path = ca_path
end
def store_ca_cert(raw_cert, cert_file)
ensure_ca_path_exist
File.write(cert_file, raw_cert)
hash = cert_hash(raw_cert)
create_link(hash, cert_file)
cert_file
end
def cert_hash(raw_cert)
cert = OpenSSL::X509::Certificate.new(raw_cert)
subject = OpenSSL::X509::Name.new(cert.subject)
subject.hash
end
def create_link(hash, cert_file)
ensure_ca_path_exist
cert_link = File.join(ca_path, "#{hash.to_s(16)}.%s")
count = 0
# increase hash index if file or link to different target already exist
while plain_file?(cert_link % count) || link_to_different_target?(cert_link % count, cert_file) do
count += 1
end
File.symlink(cert_file, cert_link % count) unless File.symlink?(cert_link % count)
end
def cert_file_name(uri)
File.join(ca_path, "#{uri.host}.pem")
end
protected
def ensure_ca_path_exist
FileUtils.mkpath(ca_path) unless File.directory?(ca_path)
end
def plain_file?(path)
File.exist?(path) && !File.symlink?(path)
end
def link_to_different_target?(path, target)
File.symlink?(path) && File.expand_path(File.readlink(path)) != File.expand_path(target)
end
end
class CACertDownloader
def download(uri)
noverify_ssl_connection = OpenSSL::SSL::SSLSocket.new(TCPSocket.new(uri.host, uri.port), noverify_ssl_context)
noverify_ssl_connection.connect
noverify_ssl_connection.peer_cert_chain.last
end
private
def noverify_ssl_context
noverify_ssl_context = OpenSSL::SSL::SSLContext.new
noverify_ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
noverify_ssl_context
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| hammer_cli-0.10.1 | lib/hammer_cli/ca_cert_manager.rb |