1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
ruby--ruby/test/rubygems/test_bundled_ca.rb

61 lines
1.5 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
require_relative 'test_case'
require 'net/http'
require 'rubygems/openssl'
unless Gem::HAVE_OPENSSL
warn 'Skipping bundled certificates tests. openssl not found.'
end
require 'rubygems/request'
# = Testing Bundled CA
#
# The tested hosts are explained in detail here: https://github.com/rubygems/rubygems/commit/5e16a5428f973667cabfa07e94ff939e7a83ebd9
#
class TestBundledCA < Gem::TestCase
def bundled_certificate_store
store = OpenSSL::X509::Store.new
2020-10-15 00:25:27 -04:00
Gem::Request.get_cert_files.each do |ssl_cert|
store.add_file ssl_cert
end
store
end
def assert_https(host)
assert true
http = Net::HTTP.new(host, 443)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.cert_store = bundled_certificate_store
http.get('/')
rescue Errno::ENOENT, Errno::ETIMEDOUT, SocketError
pend "#{host} seems offline, I can't tell whether ssl would work."
rescue OpenSSL::SSL::SSLError => e
# Only fail for certificate verification errors
if e.message =~ /certificate verify failed/
flunk "#{host} is not verifiable using the included certificates. Error was: #{e.message}"
end
raise
end
def test_accessing_rubygems
assert_https('rubygems.org')
end
def test_accessing_www_rubygems
assert_https('www.rubygems.org')
end
def test_accessing_staging
assert_https('staging.rubygems.org')
end
def test_accessing_new_index
assert_https('index.rubygems.org')
end
end if Gem::HAVE_OPENSSL