In Files
- drb/ssl.rb
Parent
Class/Module Index
![[+]](../../images/find.png "show/hide quicksearch")
- ACL
- ACL::ACLEntry
- ACL::ACLList
- DRb
- DRb::DRbArray
- DRb::DRbBadScheme
- DRb::DRbBadURI
- DRb::DRbConn
- DRb::DRbConnError
- DRb::DRbError
- DRb::DRbIdConv
- DRb::DRbIdConv
- DRb::DRbMessage
- DRb::DRbObject
- DRb::DRbObject
- DRb::DRbObservable
- DRb::DRbProtocol
- DRb::DRbRemoteError
- DRb::DRbSSLSocket
- DRb::DRbSSLSocket::SSLConfig
- DRb::DRbServer
- DRb::DRbServer::InvokeMethod18Mixin
- DRb::DRbServerNotFound
- DRb::DRbTCPSocket
- DRb::DRbUNIXSocket
- DRb::DRbUndumped
- DRb::DRbUndumped
- DRb::DRbUnknown
- DRb::DRbUnknownError
- DRb::ExtServ
- DRb::ExtServManager
- DRb::GW
- DRb::GWIdConv
- DRb::TimerIdConv
- DRb::TimerIdConv::TimerHolder2
- DRb::TimerIdConv::TimerHolder2::InvalidIndexError
- Foo
- Object
- Object::DRbIdConv
- Object::DRbObject
- Object::DRbUndumped
DRb::DRbSSLSocket::SSLConfig
Constants
Public Class Methods
Public Instance Methods
[](key)
click to toggle source
# File drb/ssl.rb, line 34
def [](key);
@config[key] || DEFAULT[key]
end
accept(tcp)
click to toggle source
# File drb/ssl.rb, line 45
def accept(tcp)
ssl = OpenSSL::SSL::SSLSocket.new(tcp, @ssl_ctx)
ssl.sync = true
ssl.accept
ssl
end
connect(tcp)
click to toggle source
# File drb/ssl.rb, line 38
def connect(tcp)
ssl = ::OpenSSL::SSL::SSLSocket.new(tcp, @ssl_ctx)
ssl.sync = true
ssl.connect
ssl
end
setup_certificate()
click to toggle source
# File drb/ssl.rb, line 52
def setup_certificate
if @cert && @pkey
return
end
rsa = OpenSSL::PKey::RSA.new(512){|p, n|
next unless self[:verbose]
case p
when 0; $stderr.putc "." # BN_generate_prime
when 1; $stderr.putc "+" # BN_generate_prime
when 2; $stderr.putc "*" # searching good prime,
# n = #of try,
# but also data from BN_generate_prime
when 3; $stderr.putc "\n" # found good prime, n==0 - p, n==1 - q,
# but also data from BN_generate_prime
else; $stderr.putc "*" # BN_generate_prime
end
}
cert = OpenSSL::X509::Certificate.new
cert.version = 3
cert.serial = 0
name = OpenSSL::X509::Name.new(self[:SSLCertName])
cert.subject = name
cert.issuer = name
cert.not_before = Time.now
cert.not_after = Time.now + (365*24*60*60)
cert.public_key = rsa.public_key
ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
cert.extensions = [
ef.create_extension("basicConstraints","CA:FALSE"),
ef.create_extension("subjectKeyIdentifier", "hash") ]
ef.issuer_certificate = cert
cert.add_extension(ef.create_extension("authorityKeyIdentifier",
"keyid:always,issuer:always"))
if comment = self[:SSLCertComment]
cert.add_extension(ef.create_extension("nsComment", comment))
end
cert.sign(rsa, OpenSSL::Digest::SHA1.new)
@cert = cert
@pkey = rsa
end
setup_ssl_context()
click to toggle source
# File drb/ssl.rb, line 97
def setup_ssl_context
ctx = ::OpenSSL::SSL::SSLContext.new
ctx.cert = @cert
ctx.key = @pkey
ctx.client_ca = self[:SSLClientCA]
ctx.ca_path = self[:SSLCACertificatePath]
ctx.ca_file = self[:SSLCACertificateFile]
ctx.verify_mode = self[:SSLVerifyMode]
ctx.verify_depth = self[:SSLVerifyDepth]
ctx.verify_callback = self[:SSLVerifyCallback]
ctx.cert_store = self[:SSLCertificateStore]
@ssl_ctx = ctx
end
Commenting is here to help enhance the documentation. For example, code samples, or clarification of the documentation.
If you have questions about Ruby or the documentation, please post to one of the Ruby mailing lists. You will get better, faster, help that way.
If you wish to post a correction of the docs, please do so, but also file bug report so that it can be corrected for the next release. Thank you.
If you want to help improve the Ruby documentation, please see Improve the docs, or visit Documenting-ruby.org.