Skip to content

Commit

Permalink
Merge 24d28ca into 57ab75a
Browse files Browse the repository at this point in the history
  • Loading branch information
@drcapulet
drcapulet committed Jul 1, 2020
2 parents 57ab75a + 24d28ca commit 12f1831
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 6 deletions.
6 changes: 6 additions & 0 deletions CHANGES.md
View file
@@ -1,3 +1,9 @@
### Unreleased

* [#65](https://github.com/square/rails-auth/pull/65)
Fix error when passing `truststore` instead of `ca_file` to X509 middleware.
([@drcapulet])

### 2.2.1 (2020-01-08)

* [#63](https://github.com/square/rails-auth/pull/63)
Expand Down
13 changes: 7 additions & 6 deletions lib/rails/auth/x509/middleware.rb
View file
Expand Up @@ -12,20 +12,21 @@ class Middleware
# Create a new X.509 Middleware object
#
# @param [Object] app next app in the Rack middleware chain
# @param [Hash] cert_filters maps Rack environment names to cert extractors
# @param [String] ca_file path to the CA bundle to verify client certs with
# @param [OpenSSL::X509::Store] truststore (optional) provide your own truststore (for e.g. CRLs)
# @param [Hash] cert_filters maps Rack environment names to cert extractors
# @param [Logger] logger place to log verification successes & failures
# @param [Boolean] require_cert causes middleware to raise if certs are unverified
# @param [OpenSSL::X509::Store] truststore (optional) provide your own truststore (for e.g. CRLs)
#
# @return [Rails::Auth::X509::Middleware] new X509 middleware instance
def initialize(app, cert_filters: {}, ca_file: nil, truststore: nil, require_cert: false, logger: nil)
raise ArgumentError, "no ca_file given" unless ca_file
def initialize(app, ca_file: nil, cert_filters: {}, logger: nil, require_cert: false, truststore: nil)
raise ArgumentError, "no ca_file or truststore given" unless ca_file || truststore

@app = app
@cert_filters = cert_filters
@logger = logger
@truststore = truststore || OpenSSL::X509::Store.new.add_file(ca_file)
@require_cert = require_cert
@cert_filters = cert_filters
@truststore = truststore || OpenSSL::X509::Store.new.add_file(ca_file)

@cert_filters.each do |key, filter|
next unless filter.is_a?(Symbol)
Expand Down

0 comments on commit 12f1831

Please sign in to comment.