diff options
| author | Thom May <thom@may.lt> | 2015-05-06 08:51:02 +0100 |
|---|---|---|
| committer | Thom May <thom@may.lt> | 2015-05-06 08:51:02 +0100 |
| commit | f8f75768326749dad3b3e32340987974e63de4be (patch) | |
| tree | 77263b9d4c3f018301b657bbe779256ddffd5dc5 | |
| parent | 833997960029c39017c2297f0d9e8ed5bd9ed174 (diff) | |
| parent | d58d7948e68b31497b5291a0fb08985aa0ebe224 (diff) | |
| download | chef-f8f75768326749dad3b3e32340987974e63de4be.tar.gz | |
Merge pull request #3333 from chef/irving/streaming_uploader_http_fix
Apply an SSL Policy to CookbookSiteStreamingUploader, fixing SSL errors uploading to private Supermarkets
| -rw-r--r-- | lib/chef/cookbook_site_streaming_uploader.rb | 20 | ||||
| -rw-r--r-- | spec/unit/cookbook_site_streaming_uploader_spec.rb | 21 |
2 files changed, 2 insertions, 39 deletions
diff --git a/lib/chef/cookbook_site_streaming_uploader.rb b/lib/chef/cookbook_site_streaming_uploader.rb index 9e7a55c772..0302a51165 100644 --- a/lib/chef/cookbook_site_streaming_uploader.rb +++ b/lib/chef/cookbook_site_streaming_uploader.rb @@ -106,7 +106,7 @@ class Chef url = URI.parse(to_url) - Chef::Log.logger.debug("Signing: method: #{http_verb}, path: #{url.path}, file: #{content_file}, User-id: #{user_id}, Timestamp: #{timestamp}") + Chef::Log.logger.debug("Signing: method: #{http_verb}, url: #{url}, file: #{content_file}, User-id: #{user_id}, Timestamp: #{timestamp}") # We use the body for signing the request if the file parameter # wasn't a valid file or wasn't included. Extract the body (with @@ -141,13 +141,8 @@ class Chef req.content_type = 'multipart/form-data; boundary=' + boundary unless parts.empty? req.body_stream = body_stream - http = Net::HTTP.new(url.host, url.port) - if url.scheme == "https" - http.use_ssl = true - http.verify_mode = verify_mode - end + http = Chef::HTTP::BasicClient.new(url).http_client res = http.request(req) - #res = http.start {|http_proc| http_proc.request(req) } # alias status to code and to_s to body for test purposes # TODO: stop the following madness! @@ -166,17 +161,6 @@ class Chef res end - private - - def verify_mode - verify_mode = Chef::Config[:ssl_verify_mode] - if verify_mode == :verify_none - OpenSSL::SSL::VERIFY_NONE - elsif verify_mode == :verify_peer - OpenSSL::SSL::VERIFY_PEER - end - end - end class StreamPart diff --git a/spec/unit/cookbook_site_streaming_uploader_spec.rb b/spec/unit/cookbook_site_streaming_uploader_spec.rb index ef0f649163..0041a142dc 100644 --- a/spec/unit/cookbook_site_streaming_uploader_spec.rb +++ b/spec/unit/cookbook_site_streaming_uploader_spec.rb @@ -121,27 +121,6 @@ describe Chef::CookbookSiteStreamingUploader do }) end - describe "http verify mode" do - before do - @uri = "https://cookbooks.dummy.com/api/v1/cookbooks" - uri_info = URI.parse(@uri) - @http = Net::HTTP.new(uri_info.host, uri_info.port) - expect(Net::HTTP).to receive(:new).with(uri_info.host, uri_info.port).and_return(@http) - end - - it "should be VERIFY_NONE when ssl_verify_mode is :verify_none" do - Chef::Config[:ssl_verify_mode] = :verify_none - Chef::CookbookSiteStreamingUploader.make_request(:post, @uri, 'bill', @secret_filename) - expect(@http.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE) - end - - it "should be VERIFY_PEER when ssl_verify_mode is :verify_peer" do - Chef::Config[:ssl_verify_mode] = :verify_peer - Chef::CookbookSiteStreamingUploader.make_request(:post, @uri, 'bill', @secret_filename) - expect(@http.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER) - end - end - end # make_request describe "StreamPart" do |