2016-02-01 07:43:26 -05:00
|
|
|
# frozen_string_literal: true
|
2021-05-12 05:41:32 -04:00
|
|
|
require_relative 'test_case'
|
2020-07-11 06:21:13 -04:00
|
|
|
require 'net/http'
|
2020-06-29 12:42:29 -04:00
|
|
|
require 'rubygems/openssl'
|
|
|
|
|
2020-12-08 02:33:39 -05:00
|
|
|
unless Gem::HAVE_OPENSSL
|
2020-06-29 12:42:29 -04:00
|
|
|
warn 'Skipping bundled certificates tests. openssl not found.'
|
|
|
|
end
|
|
|
|
|
2013-10-15 20:14:16 -04:00
|
|
|
require 'rubygems/request'
|
|
|
|
|
|
|
|
# = Testing Bundled CA
|
|
|
|
#
|
|
|
|
# The tested hosts are explained in detail here: https://github.com/rubygems/rubygems/commit/5e16a5428f973667cabfa07e94ff939e7a83ebd9
|
|
|
|
#
|
|
|
|
|
2020-06-29 12:37:55 -04:00
|
|
|
class TestBundledCA < Gem::TestCase
|
|
|
|
def bundled_certificate_store
|
|
|
|
store = OpenSSL::X509::Store.new
|
2013-10-15 20:14:16 -04:00
|
|
|
|
2020-10-15 00:25:27 -04:00
|
|
|
Gem::Request.get_cert_files.each do |ssl_cert|
|
2020-06-29 12:37:55 -04:00
|
|
|
store.add_file ssl_cert
|
2013-10-15 20:14:16 -04:00
|
|
|
end
|
2016-02-01 07:43:26 -05:00
|
|
|
|
2020-06-29 12:37:55 -04:00
|
|
|
store
|
|
|
|
end
|
2013-10-15 20:14:16 -04:00
|
|
|
|
2020-06-29 12:37:55 -04:00
|
|
|
def assert_https(host)
|
2020-05-26 23:00:04 -04:00
|
|
|
assert true
|
2020-06-29 12:37:55 -04:00
|
|
|
http = Net::HTTP.new(host, 443)
|
|
|
|
http.use_ssl = true
|
|
|
|
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
|
|
http.cert_store = bundled_certificate_store
|
|
|
|
http.get('/')
|
|
|
|
rescue Errno::ENOENT, Errno::ETIMEDOUT, SocketError
|
2021-05-10 23:27:07 -04:00
|
|
|
pend "#{host} seems offline, I can't tell whether ssl would work."
|
2020-06-29 12:37:55 -04:00
|
|
|
rescue OpenSSL::SSL::SSLError => e
|
|
|
|
# Only fail for certificate verification errors
|
|
|
|
if e.message =~ /certificate verify failed/
|
|
|
|
flunk "#{host} is not verifiable using the included certificates. Error was: #{e.message}"
|
2016-02-01 07:43:26 -05:00
|
|
|
end
|
2020-06-29 12:37:55 -04:00
|
|
|
raise
|
|
|
|
end
|
2013-10-15 20:14:16 -04:00
|
|
|
|
2020-06-29 12:37:55 -04:00
|
|
|
def test_accessing_rubygems
|
|
|
|
assert_https('rubygems.org')
|
|
|
|
end
|
2013-10-15 20:14:16 -04:00
|
|
|
|
2020-12-08 02:33:39 -05:00
|
|
|
def test_accessing_www_rubygems
|
|
|
|
assert_https('www.rubygems.org')
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_accessing_staging
|
|
|
|
assert_https('staging.rubygems.org')
|
2020-06-29 12:37:55 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_accessing_new_index
|
2020-12-08 02:33:39 -05:00
|
|
|
assert_https('index.rubygems.org')
|
2013-10-15 20:14:16 -04:00
|
|
|
end
|
2020-12-08 02:33:39 -05:00
|
|
|
end if Gem::HAVE_OPENSSL
|