1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

* lib/open-uri.rb (OpenURI.open_http): accept multiple certs path in

Browse Source 
ssl_ca_certs.

* tool/downloader.rb: use certs of rubygems for downloading gems.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48941 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
usa 2014-12-23 15:06:40 +00:00
parent e87f45d8a8
commit 7e9175e3d9
3 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -1,3 +1,10 @@
Wed Dec 24 00:04:45 2014 NAKAMURA Usaku <usa@ruby-lang.org>
* lib/open-uri.rb (OpenURI.open_http): accept multiple certs path in
ssl_ca_certs.
* tool/downloader.rb: use certs of rubygems for downloading gems.
Tue Dec 23 22:39:11 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> Tue Dec 23 22:39:11 2014 Nobuyoshi Nakada <nobu@ruby-lang.org>
* ext/fiddle/extlibs: libffi-3.2.1 and patch for mswin. * ext/fiddle/extlibs: libffi-3.2.1 and patch for mswin.

11
lib/open-uri.rb
View File

@ -295,10 +295,13 @@ module OpenURI
http.verify_mode = options[:ssl_verify_mode] || OpenSSL::SSL::VERIFY_PEER http.verify_mode = options[:ssl_verify_mode] || OpenSSL::SSL::VERIFY_PEER
store = OpenSSL::X509::Store.new store = OpenSSL::X509::Store.new
if options[:ssl_ca_cert] if options[:ssl_ca_cert]
if File.directory? options[:ssl_ca_cert] certs = options[:ssl_ca_cert].is_a?(Array) ? options[:ssl_ca_cert] : [options[:ssl_ca_cert]]
store.add_path options[:ssl_ca_cert] certs.each do |cert|
if File.directory? cert
store.add_path cert
else else
store.add_file options[:ssl_ca_cert] store.add_file cert
end
end end
else else
store.set_default_paths store.set_default_paths
@ -680,7 +683,7 @@ module OpenURI
# #
# [:ssl_ca_cert] # [:ssl_ca_cert]
# Synopsis: # Synopsis:
# :ssl_ca_cert=>filename # :ssl_ca_cert=>filename or an Array of filenames
# #
# :ssl_ca_cert is used to specify CA certificate for SSL. # :ssl_ca_cert is used to specify CA certificate for SSL.
# If it is given, default certificates are not used. # If it is given, default certificates are not used.

6
tool/downloader.rb
View File

@ -9,7 +9,7 @@ class Downloader
class RubyGems < self class RubyGems < self
def self.download(name, *rest) def self.download(name, *rest)
super("https://rubygems.org/downloads/#{name}", name, *rest) super("https://rubygems.org/downloads/#{name}", name, *rest, ssl_ca_cert: Dir.glob(File.expand_path("../lib/rubygems/ssl_certs/*.pem", File.dirname(__FILE__))))
end end
end end
@ -52,7 +52,7 @@ class Downloader
# Example usage: # Example usage:
# download 'http://www.unicode.org/Public/UCD/latest/ucd/UnicodeData.txt', # download 'http://www.unicode.org/Public/UCD/latest/ucd/UnicodeData.txt',
# 'UnicodeData.txt', 'enc/unicode/data' # 'UnicodeData.txt', 'enc/unicode/data'
def self.download(url, name, dir = nil, ims = true) def self.download(url, name, dir = nil, ims = true, options = {})
file = dir ? File.join(dir, File.basename(name)) : name file = dir ? File.join(dir, File.basename(name)) : name
if ims.nil? and File.exist?(file) if ims.nil? and File.exist?(file)
if $VERBOSE if $VERBOSE
@ -67,7 +67,7 @@ class Downloader
$stdout.flush $stdout.flush
end end
begin begin
data = url.read(http_options(file, ims.nil? ? true : ims)) data = url.read(options.merge(http_options(file, ims.nil? ? true : ims)))
rescue OpenURI::HTTPError => http_error rescue OpenURI::HTTPError => http_error
if http_error.message =~ /^304 / # 304 Not Modified if http_error.message =~ /^304 / # 304 Not Modified
if $VERBOSE if $VERBOSE