зеркало из https://github.com/github/ruby.git
84 строки
2.3 KiB
Ruby
84 строки
2.3 KiB
Ruby
#--
|
|
# Copyright 2006 by Chad Fowler, Rich Kilmer, Jim Weirich and others.
|
|
# All rights reserved.
|
|
# See LICENSE.txt for permissions.
|
|
#++
|
|
|
|
# Some system might not have OpenSSL installed, therefore the core
|
|
# library file openssl might not be available. We localize testing
|
|
# for the presence of OpenSSL in this file.
|
|
|
|
module Gem
|
|
class << self
|
|
# Is SSL (used by the signing commands) available on this
|
|
# platform?
|
|
def ssl_available?
|
|
require 'rubygems/gem_openssl'
|
|
@ssl_available
|
|
end
|
|
|
|
# Set the value of the ssl_avilable flag.
|
|
attr_writer :ssl_available
|
|
|
|
# Ensure that SSL is available. Throw an exception if it is not.
|
|
def ensure_ssl_available
|
|
unless ssl_available?
|
|
fail Gem::Exception, "SSL is not installed on this system"
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
begin
|
|
require 'openssl'
|
|
|
|
# Reference a constant defined in the .rb portion of ssl (just to
|
|
# make sure that part is loaded too).
|
|
|
|
dummy = OpenSSL::Digest::SHA1
|
|
|
|
Gem.ssl_available = true
|
|
|
|
class OpenSSL::X509::Certificate # :nodoc:
|
|
# Check the validity of this certificate.
|
|
def check_validity(issuer_cert = nil, time = Time.now)
|
|
ret = if @not_before && @not_before > time
|
|
[false, :expired, "not valid before '#@not_before'"]
|
|
elsif @not_after && @not_after < time
|
|
[false, :expired, "not valid after '#@not_after'"]
|
|
elsif issuer_cert && !verify(issuer_cert.public_key)
|
|
[false, :issuer, "#{issuer_cert.subject} is not issuer"]
|
|
else
|
|
[true, :ok, 'Valid certificate']
|
|
end
|
|
|
|
# return hash
|
|
{ :is_valid => ret[0], :error => ret[1], :desc => ret[2] }
|
|
end
|
|
end
|
|
|
|
rescue LoadError, StandardError
|
|
Gem.ssl_available = false
|
|
end
|
|
|
|
module Gem::SSL
|
|
|
|
# We make our own versions of the constants here. This allows us
|
|
# to reference the constants, even though some systems might not
|
|
# have SSL installed in the Ruby core package.
|
|
#
|
|
# These constants are only used during load time. At runtime, any
|
|
# method that makes a direct reference to SSL software must be
|
|
# protected with a Gem.ensure_ssl_available call.
|
|
#
|
|
if Gem.ssl_available? then
|
|
PKEY_RSA = OpenSSL::PKey::RSA
|
|
DIGEST_SHA1 = OpenSSL::Digest::SHA1
|
|
else
|
|
PKEY_RSA = :rsa
|
|
DIGEST_SHA1 = :sha1
|
|
end
|
|
|
|
end
|
|
|