X-Git-Url: https://git.donarmstrong.com/?p=dsa-puppet.git;a=blobdiff_plain;f=3rdparty%2Fmodules%2Faviator%2Ffeature%2Ffaraday%2Fadapter%2Fem_http_ssl_patch.rb;fp=3rdparty%2Fmodules%2Faviator%2Ffeature%2Ffaraday%2Fadapter%2Fem_http_ssl_patch.rb;h=0000000000000000000000000000000000000000;hp=8bbfcbce3fb3f706f9921b70f83e65dc05b83cbf;hb=706621d7a3318aef2d3a0b3665d08a98fdd9a458;hpb=6eb028a997c0756fdd3d27a16297180db269631b diff --git a/3rdparty/modules/aviator/feature/faraday/adapter/em_http_ssl_patch.rb b/3rdparty/modules/aviator/feature/faraday/adapter/em_http_ssl_patch.rb deleted file mode 100644 index 8bbfcbce..00000000 --- a/3rdparty/modules/aviator/feature/faraday/adapter/em_http_ssl_patch.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'openssl' -require 'em-http' - -module EmHttpSslPatch - def ssl_verify_peer(cert_string) - cert = nil - begin - cert = OpenSSL::X509::Certificate.new(cert_string) - rescue OpenSSL::X509::CertificateError - return false - end - - @last_seen_cert = cert - - if certificate_store.verify(@last_seen_cert) - begin - certificate_store.add_cert(@last_seen_cert) - rescue OpenSSL::X509::StoreError => e - raise e unless e.message == 'cert already in hash table' - end - true - else - raise OpenSSL::SSL::SSLError.new(%(unable to verify the server certificate for "#{host}")) - end - end - - def ssl_handshake_completed - return true unless verify_peer? - - unless OpenSSL::SSL.verify_certificate_identity(@last_seen_cert, host) - raise OpenSSL::SSL::SSLError.new(%(host "#{host}" does not match the server certificate)) - else - true - end - end - - def verify_peer? - parent.connopts.tls[:verify_peer] - end - - def host - parent.connopts.host - end - - def certificate_store - @certificate_store ||= begin - store = OpenSSL::X509::Store.new - store.set_default_paths - ca_file = parent.connopts.tls[:cert_chain_file] - store.add_file(ca_file) if ca_file - store - end - end -end - -EventMachine::HttpStubConnection.send(:include, EmHttpSslPatch)