diff options
author | The Bundler Bot <bot@bundler.io> | 2017-08-16 11:14:09 +0000 |
---|---|---|
committer | The Bundler Bot <bot@bundler.io> | 2017-08-16 11:14:09 +0000 |
commit | 246ab43690f517130772bd7d6219539ee60c9703 (patch) | |
tree | 65e8fdea87701492646c8110518f9d60861bc9ea | |
parent | 707d0b43e6cdf9a801ef6c47a231b7119faa4fe2 (diff) | |
parent | 4a55f61c549dce560fecc905168de5b83e4fb7a4 (diff) | |
download | bundler-246ab43690f517130772bd7d6219539ee60c9703.tar.gz |
Auto merge of #5880 - stan3:ssl_cert_from_gem_config, r=indirect
Use ssl client cert and ca cert settings from gem configuration as fallbacks
### What was the end-user problem that led to this PR?
The problem was having to configure ssl client cert and ca cert in bundler and gem.
### What is your fix for the problem, implemented in this PR?
My fix makes bundler check the gem configuration for these settings.
### Why did you choose this fix out of the possible options?
I chose this fix because it makes sense for the user to only configure these once.
Couldn't find existing coverage for this in the tests so haven't added any...
Also assume a changelog entry is needed but can't see a unreleased changes section so not sure how this is handled.
-rw-r--r-- | lib/bundler/fetcher.rb | 18 | ||||
-rw-r--r-- | spec/bundler/fetcher_spec.rb | 41 |
2 files changed, 53 insertions, 6 deletions
diff --git a/lib/bundler/fetcher.rb b/lib/bundler/fetcher.rb index 01a0679f7c..5a9617c60a 100644 --- a/lib/bundler/fetcher.rb +++ b/lib/bundler/fetcher.rb @@ -249,8 +249,11 @@ module Bundler con.cert_store = bundler_cert_store end - if Bundler.settings[:ssl_client_cert] - pem = File.read(Bundler.settings[:ssl_client_cert]) + ssl_client_cert = Bundler.settings[:ssl_client_cert] || + (Bundler.rubygems.configuration.ssl_client_cert if + Bundler.rubygems.configuration.respond_to?(:ssl_client_cert)) + if ssl_client_cert + pem = File.read(ssl_client_cert) con.cert = OpenSSL::X509::Certificate.new(pem) con.key = OpenSSL::PKey::RSA.new(pem) end @@ -279,11 +282,14 @@ module Bundler def bundler_cert_store store = OpenSSL::X509::Store.new - if Bundler.settings[:ssl_ca_cert] - if File.directory? Bundler.settings[:ssl_ca_cert] - store.add_path Bundler.settings[:ssl_ca_cert] + ssl_ca_cert = Bundler.settings[:ssl_ca_cert] || + (Bundler.rubygems.configuration.ssl_ca_cert if + Bundler.rubygems.configuration.respond_to?(:ssl_ca_cert)) + if ssl_ca_cert + if File.directory? ssl_ca_cert + store.add_path ssl_ca_cert else - store.add_file Bundler.settings[:ssl_ca_cert] + store.add_file ssl_ca_cert end else store.set_default_paths diff --git a/spec/bundler/fetcher_spec.rb b/spec/bundler/fetcher_spec.rb index 2746da3bd8..f9e52e09c0 100644 --- a/spec/bundler/fetcher_spec.rb +++ b/spec/bundler/fetcher_spec.rb @@ -85,6 +85,47 @@ RSpec.describe Bundler::Fetcher do end end end + + context "when no ssl configuration is set" do + it "no cert" do + expect(fetcher.send(:connection).cert).to be_nil + expect(fetcher.send(:connection).key).to be_nil + end + end + + context "when bunder ssl ssl configuration is set" do + before do + allow(Bundler.settings).to receive(:[]).and_return(nil) + allow(Bundler.settings).to receive(:[]).with(:ssl_client_cert).and_return("/cert") + expect(File).to receive(:read).with("/cert").and_return("") + expect(OpenSSL::X509::Certificate).to receive(:new).and_return("cert") + expect(OpenSSL::PKey::RSA).to receive(:new).and_return("key") + end + it "use bundler configuration" do + expect(fetcher.send(:connection).cert).to eq("cert") + expect(fetcher.send(:connection).key).to eq("key") + end + end + + context "when gem ssl configuration is set" do + before do + allow(Bundler.rubygems.configuration).to receive_messages( + :http_proxy => nil, + :ssl_client_cert => "cert", + :ssl_ca_cert => "ca" + ) + expect(File).to receive(:read).and_return("") + expect(OpenSSL::X509::Certificate).to receive(:new).and_return("cert") + expect(OpenSSL::PKey::RSA).to receive(:new).and_return("key") + store = double("ca store") + expect(store).to receive(:add_file) + expect(OpenSSL::X509::Store).to receive(:new).and_return(store) + end + it "use gem configuration" do + expect(fetcher.send(:connection).cert).to eq("cert") + expect(fetcher.send(:connection).key).to eq("key") + end + end end describe "#user_agent" do |