module EmHttpSslPatch
EventMachine patch to make SSL work.
Public Instance Methods
certificate_store()
click to toggle source
# File lib/faraday/adapter/em_http_ssl_patch.rb, line 51 def certificate_store @certificate_store ||= begin store = OpenSSL::X509::Store.new store.set_default_paths ca_file = parent.connopts.tls[:cert_chain_file] store.add_file(ca_file) if ca_file store end end
host()
click to toggle source
# File lib/faraday/adapter/em_http_ssl_patch.rb, line 47 def host parent.uri.host end
ssl_handshake_completed()
click to toggle source
# File lib/faraday/adapter/em_http_ssl_patch.rb, line 28 def ssl_handshake_completed return true unless verify_peer? unless verified_cert_identity? raise OpenSSL::SSL::SSLError, %(host "#{host}" does not match the server certificate) end true end
ssl_verify_peer(cert_string)
click to toggle source
# File lib/faraday/adapter/em_http_ssl_patch.rb, line 8 def ssl_verify_peer(cert_string) begin @last_seen_cert = OpenSSL::X509::Certificate.new(cert_string) rescue OpenSSL::X509::CertificateError return false end unless certificate_store.verify(@last_seen_cert) raise OpenSSL::SSL::SSLError, %(unable to verify the server certificate for "#{host}") end begin certificate_store.add_cert(@last_seen_cert) rescue OpenSSL::X509::StoreError => e raise e unless e.message == 'cert already in hash table' end true end
verified_cert_identity?()
click to toggle source
# File lib/faraday/adapter/em_http_ssl_patch.rb, line 43 def verified_cert_identity? OpenSSL::SSL.verify_certificate_identity(@last_seen_cert, host) end
verify_peer?()
click to toggle source
# File lib/faraday/adapter/em_http_ssl_patch.rb, line 39 def verify_peer? parent.connopts.tls[:verify_peer] end