Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

made MiniSSL validate key/cert file existence

Previously, MiniSSL accepted invalid paths for the key/cert file
and timed out on the first request. Now, MiniSSL raises an ArgumentError
if one of these files does not exist.

Fix for puma/puma#168
  • Loading branch information...
commit 30ea3d05061cf50ff0993652222a1f8204c8d375 1 parent 23257c8
@rubiii rubiii authored
Showing with 36 additions and 1 deletion.
  1. +14 −1 lib/puma/minissl.rb
  2. +22 −0 test/test_minissl.rb
View
15 lib/puma/minissl.rb
@@ -79,7 +79,20 @@ def peeraddr
end
class Context
- attr_accessor :key, :cert, :verify_mode
+ attr_accessor :verify_mode
+
+ attr_reader :key
+ attr_reader :cert
+
+ def key=(key)
+ raise ArgumentError, "No such key file '#{key}'" unless File.exist? key
+ @key = key
+ end
+
+ def cert=(cert)
+ raise ArgumentError, "No such cert file '#{cert}'" unless File.exist? cert
+ @cert = cert
+ end
end
VERIFY_NONE = 0
View
22 test/test_minissl.rb
@@ -0,0 +1,22 @@
+require 'test/unit'
+
+require 'puma'
+require 'puma/minissl'
+
+class TestMiniSSL < Test::Unit::TestCase
+
+ def test_raises_with_invalid_key_file
+ ctx = Puma::MiniSSL::Context.new
+
+ exception = assert_raise(ArgumentError) { ctx.key = "/no/such/key" }
+ assert_equal("No such key file '/no/such/key'", exception.message)
+ end unless defined? JRUBY_VERSION
+
+ def test_raises_with_invalid_cert_file
+ ctx = Puma::MiniSSL::Context.new
+
+ exception = assert_raise(ArgumentError) { ctx.cert = "/no/such/cert" }
+ assert_equal("No such cert file '/no/such/cert'", exception.message)
+ end unless defined? JRUBY_VERSION
+
+end
Please sign in to comment.
Something went wrong with that request. Please try again.