Permalink
Browse files

Use cacert.pem for HTTPS connections

If not exist, do not verify cert at all
  • Loading branch information...
voxik authored and luislavena committed Dec 9, 2010
1 parent afa451d commit 0d02ff8c78bf773e28bc6c4f97d8cb4185bd9c33
Showing with 24 additions and 1 deletion.
  1. +6 −0 config/ruby_installer.rb
  2. +6 −1 rake/contrib/uri_ext.rb
  3. +12 −0 recipes/certificate.rake
View
@@ -9,6 +9,12 @@ module RubyInstaller
SEVEN_ZIP = File.expand_path(File.join(ROOT, 'sandbox', 'extract_utils', '7za.exe'))
BSD_TAR = File.expand_path(File.join(ROOT, 'sandbox', 'extract_utils', 'basic-bsdtar.exe'))
+ # SSL Certificates
+ Certificate = OpenStruct.new(
+ :url => 'http://curl.haxx.se/ca',
+ :file => 'cacert.pem'
+ )
+
# MinGW files
MinGW = OpenStruct.new(
:release => 'current',
View
@@ -285,8 +285,13 @@ def connect
http = Net::HTTP.new(host, port)
end
if self.instance_of? URI::HTTPS
+ cacert = "downloads/#{RubyInstaller::Certificate.file}"
http.use_ssl = true
- http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+ if File.exist?(cacert)
+ http.ca_file = cacert
+ else
+ http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+ end
end
yield http
end
View
@@ -0,0 +1,12 @@
+namespace :certificate do
+ cert = RubyInstaller::Certificate
+
+ source = "#{cert.url}/#{cert.file}"
+ target = "downloads/#{cert.file}"
+
+ download target => source
+ task :download => target
+end
+
+task :certificate => ['certificate:download']
+task :downloads => [:certificate]

0 comments on commit 0d02ff8

Please sign in to comment.