Commit aec81968 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge pull request #62 from knu/use_cert_store

Add ca_file/ca_path configuration options.
parents 5519420e 932238eb
......@@ -7,6 +7,8 @@ gitlab_url: "http://localhost/"
http_settings:
# user: someone
# password: somepass
# ca_file: /etc/ssl/cert.pem
# ca_path: /etc/pki/tls/certs
self_signed_cert: false
# Repositories path
......
......@@ -42,10 +42,14 @@ class GitlabNet
def get(url)
url = URI.parse(url)
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = (url.scheme == 'https')
if config.http_settings['self_signed_cert'] && http.use_ssl?
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
if URI::HTTPS === url
http.use_ssl = true
http.cert_store = cert_store
if config.http_settings['self_signed_cert']
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
end
end
request = Net::HTTP::Get.new(url.request_uri)
......@@ -55,4 +59,18 @@ class GitlabNet
http.start {|http| http.request(request) }
end
def cert_store
@cert_store ||= OpenSSL::X509::Store.new.tap { |store|
store.set_default_paths
if ca_file = config.http_settings['ca_file']
store.add_file(ca_file)
end
if ca_path = config.http_settings['ca_path']
store.add_path(ca_path)
end
}
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment