Merge pull request gitlabhq#62 from knu/use_cert_store

Add ca_file/ca_path configuration options.

Author: dzaporozhets

config.yml.example

@@ -7,6 +7,8 @@ gitlab_url: "http://localhost/"
 http_settings:
 #  user: someone
 #  password: somepass
+#  ca_file: /etc/ssl/cert.pem
+#  ca_path: /etc/pki/tls/certs
   self_signed_cert: false
 
 # Repositories path

lib/gitlab_net.rb

@@ -42,10 +42,14 @@ def host
   def get(url)
     url = URI.parse(url)
     http = Net::HTTP.new(url.host, url.port)
-    http.use_ssl = (url.scheme == 'https')
 
-    if config.http_settings['self_signed_cert'] && http.use_ssl?
-      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    if URI::HTTPS === url
+      http.use_ssl = true
+      http.cert_store = cert_store
+
+      if config.http_settings['self_signed_cert']
+        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
     end
 
     request = Net::HTTP::Get.new(url.request_uri)
@@ -55,4 +59,18 @@ def get(url)
 
     http.start {|http| http.request(request) }
   end
+
+  def cert_store
+    @cert_store ||= OpenSSL::X509::Store.new.tap { |store|
+      store.set_default_paths
+
+      if ca_file = config.http_settings['ca_file']
+        store.add_file(ca_file)
+      end
+
+      if ca_path = config.http_settings['ca_path']
+        store.add_path(ca_path)
+      end
+    }
+  end
 end