In Files
- drb/ssl.rb
Parent
Class/Module Index
![[+]](../../images/find.png "show/hide quicksearch")
- ACL
- ACL::ACLEntry
- ACL::ACLList
- DRb
- DRb::DRbArray
- DRb::DRbBadScheme
- DRb::DRbBadURI
- DRb::DRbConn
- DRb::DRbConnError
- DRb::DRbError
- DRb::DRbIdConv
- DRb::DRbIdConv
- DRb::DRbMessage
- DRb::DRbObject
- DRb::DRbObject
- DRb::DRbObservable
- DRb::DRbProtocol
- DRb::DRbRemoteError
- DRb::DRbSSLSocket
- DRb::DRbSSLSocket::SSLConfig
- DRb::DRbServer
- DRb::DRbServer::InvokeMethod18Mixin
- DRb::DRbServerNotFound
- DRb::DRbTCPSocket
- DRb::DRbUNIXSocket
- DRb::DRbUndumped
- DRb::DRbUndumped
- DRb::DRbUnknown
- DRb::DRbUnknownError
- DRb::ExtServ
- DRb::ExtServManager
- DRb::GW
- DRb::GWIdConv
- DRb::TimerIdConv
- DRb::TimerIdConv::TimerHolder2
- DRb::TimerIdConv::TimerHolder2::InvalidIndexError
- Foo
- Object
- Object::DRbIdConv
- Object::DRbObject
- Object::DRbUndumped
DRb::DRbSSLSocket::SSLConfig
Constants
Public Class Methods
Public Instance Methods
[](key)
click to toggle source
# File drb/ssl.rb, line 34
def [](key);
@config[key] || DEFAULT[key]
end
accept(tcp)
click to toggle source
# File drb/ssl.rb, line 45
def accept(tcp)
ssl = OpenSSL::SSL::SSLSocket.new(tcp, @ssl_ctx)
ssl.sync = true
ssl.accept
ssl
end
connect(tcp)
click to toggle source
# File drb/ssl.rb, line 38
def connect(tcp)
ssl = ::OpenSSL::SSL::SSLSocket.new(tcp, @ssl_ctx)
ssl.sync = true
ssl.connect
ssl
end
setup_certificate()
click to toggle source
# File drb/ssl.rb, line 52
def setup_certificate
if @cert && @pkey
return
end
rsa = OpenSSL::PKey::RSA.new(512){|p, n|
next unless self[:verbose]
case p
when 0; $stderr.putc "." # BN_generate_prime
when 1; $stderr.putc "+" # BN_generate_prime
when 2; $stderr.putc "*" # searching good prime,
# n = #of try,
# but also data from BN_generate_prime
when 3; $stderr.putc "\n" # found good prime, n==0 - p, n==1 - q,
# but also data from BN_generate_prime
else; $stderr.putc "*" # BN_generate_prime
end
}
cert = OpenSSL::X509::Certificate.new
cert.version = 3
cert.serial = 0
name = OpenSSL::X509::Name.new(self[:SSLCertName])
cert.subject = name
cert.issuer = name
cert.not_before = Time.now
cert.not_after = Time.now + (365*24*60*60)
cert.public_key = rsa.public_key
ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
cert.extensions = [
ef.create_extension("basicConstraints","CA:FALSE"),
ef.create_extension("subjectKeyIdentifier", "hash") ]
ef.issuer_certificate = cert
cert.add_extension(ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always"))
if comment = self[:SSLCertComment]
cert.add_extension(ef.create_extension("nsComment", comment))
end
cert.sign(rsa, OpenSSL::Digest::SHA1.new)
@cert = cert
@pkey = rsa
end
setup_ssl_context()
click to toggle source
# File drb/ssl.rb, line 97
def setup_ssl_context
ctx = ::OpenSSL::SSL::SSLContext.new
ctx.cert = @cert
ctx.key = @pkey
ctx.client_ca = self[:SSLClientCA]
ctx.ca_path = self[:SSLCACertificatePath]
ctx.ca_file = self[:SSLCACertificateFile]
ctx.verify_mode = self[:SSLVerifyMode]
ctx.verify_depth = self[:SSLVerifyDepth]
ctx.verify_callback = self[:SSLVerifyCallback]
ctx.cert_store = self[:SSLCertificateStore]
@ssl_ctx = ctx
end