Add support for setting X.509 certificates locations

nbudin · Nov 21, 2011 · 4946f05 · 4946f05
1 parent d4cfb5f
commit 4946f05
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 8 deletions.
diff --git a/lib/heroku_external_db.rb b/lib/heroku_external_db.rb
@@ -84,12 +84,16 @@ def db_configuration(opts)
 
       [
         :sslca,
-        # :sslcert,
-        # :sslkey,
+
+        # Needed when using X.509
+        :sslcert,
+        :sslkey,
       ].each do |k|
-        filepath = File.join(ca_path, opts[k])
-        raise "File #{filepath.inspect} does not exist!" unless File.exists?(filepath)
-        config[k] = filepath
+        if value = opts[k]
+          filepath = File.join(ca_path, value)
+          raise "File #{filepath.inspect} does not exist!" unless File.exists?(filepath)
+          config[k] = filepath
+        end
       end
 
       return config
@@ -103,9 +107,9 @@ def db_config
 
         if ENV["#{env_prefix}_DATABASE_CA"]
           config.merge!(db_configuration({
-            :sslca => ENV["#{env_prefix}_DATABASE_CA"]
-            # :sslcert => ENV["#{env_prefix}_DATABASE_CERT"]
-            # :sslkey => ENV["#{env_prefix}_DATABASE_KEY"]
+            :sslca => ENV["#{env_prefix}_DATABASE_CA"],
+            :sslcert => ENV["#{env_prefix}_DATABASE_CERT"],
+            :sslkey => ENV["#{env_prefix}_DATABASE_KEY"],
           }))
         end
 

diff --git a/spec/heroku_external_db_spec.rb b/spec/heroku_external_db_spec.rb
@@ -88,6 +88,31 @@ def setup_ca_cert(extdb)
         @config = @extdb.db_configuration(:sslca => @cert_filename)
         @config[:sslca].should == @cert_path
       end
+
+      context 'when using X.509' do
+        it "should have the correct pathname to the client cert" do
+          @config = @extdb.db_configuration(:sslcert => @cert_filename)
+          @config[:sslcert].should == @cert_path
+        end
+
+        it "should have the correct pathname to the client key" do
+          @config = @extdb.db_configuration(:sslkey => @cert_filename)
+          @config[:sslkey].should == @cert_path
+        end
+
+        it 'should support setting all 3 X.509 certs' do
+          @config = @extdb.db_configuration({
+            :sslca => @cert_filename,
+            :sslcert => @cert_filename,
+            :sslkey => @cert_filename,
+          })
+
+          # TODO check for distinct values
+          @config[:sslca].should == @cert_path
+          @config[:sslcert].should == @cert_path
+          @config[:sslkey].should == @cert_path
+        end
+      end
 
       it "should throw an error if the file doesn't exist" do
         File.delete(@cert_path)