aws-sdk 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -382,6 +382,8 @@ module AWS
382
382
  http_request = new_request
383
383
  http_request.host = endpoint
384
384
  http_request.use_ssl = config.use_ssl?
385
+ http_request.ssl_verify_peer = config.ssl_verify_peer?
386
+ http_request.ssl_ca_file = config.ssl_ca_file
385
387
  send("configure_#{name}_request", http_request, opts, &block)
386
388
  http_request.headers["user-agent"] = user_agent_string
387
389
  http_request.add_authorization!(signer)
@@ -92,6 +92,18 @@ module AWS
92
92
  # values. This is primarily used for writing tests.
93
93
  # @option options [Boolean] :use_ssl (true) When true, all requests are
94
94
  # sent over SSL.
95
+ # @option options [Boolean] :ssl_verify_peer (true) True if the HTTPS
96
+ # client should validate the server certificate. *Note:* This
97
+ # option should only be used for diagnostic purposes; leaving
98
+ # this option set to +false+ exposes your application to
99
+ # man-in-the-middle attacks and can pose a serious security
100
+ # risk.
101
+ # @option options [String] :ssl_ca_file The path to a CA cert
102
+ # bundle in PEM format. If +:ssl_verify_peer+ is true (the
103
+ # default) this bundle will be used to validate the server
104
+ # certificate in each HTTPS request. The AWS SDK for Ruby ships
105
+ # with a CA cert bundle, which is the default value for this
106
+ # option.
95
107
  # @option options [String] :user_agent_prefix (nil) A string prefix to
96
108
  # append to all requets against AWS services. This should be set
97
109
  # for clients and applications built ontop of the aws-sdk gem.
@@ -83,6 +83,9 @@ module AWS
83
83
  :stub_requests => false,
84
84
  :use_ssl => true,
85
85
  :user_agent_prefix => nil,
86
+ :ssl_verify_peer => true,
87
+ :ssl_ca_file => File.expand_path(File.dirname(__FILE__)+
88
+ "/../../ca-bundle.crt")
86
89
  }
87
90
 
88
91
  {
@@ -235,6 +238,27 @@ module AWS
235
238
  @options[:s3_multipart_max_parts]
236
239
  end
237
240
 
241
+ # @return [Boolean] True if the HTTPS client should validate the
242
+ # server certificate.
243
+ #
244
+ # @note This option should only be used for diagnostic purposes;
245
+ # leaving this option set to +false+ exposes your application to
246
+ # man-in-the-middle attacks and can pose a serious security
247
+ # risk.
248
+ def ssl_verify_peer?
249
+ @options[:ssl_verify_peer]
250
+ end
251
+
252
+ # @return [String] The path to a CA cert bundle in PEM format.
253
+ #
254
+ # If {#ssl_verify_peer?} is true (the default) this bundle will be
255
+ # used to validate the server certificate in each HTTPS request.
256
+ # The AWS SDK for Ruby ships with a CA cert bundle, which is the
257
+ # default value for this option.
258
+ def ssl_ca_file
259
+ @options[:ssl_ca_file]
260
+ end
261
+
238
262
  # @private
239
263
  def inspect
240
264
  "<#{self.class}>"
@@ -27,9 +27,18 @@ module AWS
27
27
 
28
28
  def handle(request, response)
29
29
 
30
- url = request.use_ssl? ?
31
- "https://#{request.host}:443#{request.uri}" :
32
- "http://#{request.host}#{request.uri}"
30
+ opts = {
31
+ :body => request.body,
32
+ :parser => NoOpParser
33
+ }
34
+
35
+ if request.use_ssl?
36
+ url = "https://#{request.host}:443#{request.uri}"
37
+ opts[:ssl_ca_file] = request.ssl_ca_file if
38
+ request.ssl_verify_peer?
39
+ else
40
+ url = "http://#{request.host}#{request.uri}"
41
+ end
33
42
 
34
43
  # get, post, put, delete, head
35
44
  method = request.http_method.downcase
@@ -43,11 +52,10 @@ module AWS
43
52
  headers[key] = value.to_s
44
53
  end
45
54
 
55
+ opts[:headers] = headers
56
+
46
57
  begin
47
- http_response = self.class.send(method, url,
48
- :headers => headers,
49
- :body => request.body,
50
- :parser => NoOpParser)
58
+ http_response = self.class.send(method, url, opts)
51
59
  rescue Timeout::Error => e
52
60
  response.timeout = true
53
61
  else
@@ -61,6 +61,32 @@ module AWS
61
61
  @use_ssl
62
62
  end
63
63
 
64
+ # @param [Boolean] verify_peer If the client should verify the
65
+ # peer certificate or not.
66
+ def ssl_verify_peer=(verify_peer)
67
+ @ssl_verify_peer = verify_peer
68
+ end
69
+
70
+ # @return [Boolean] If the client should verify the peer
71
+ # certificate or not.
72
+ def ssl_verify_peer?
73
+ @ssl_verify_peer
74
+ end
75
+
76
+ # @param [String] ca_file Path to a bundle of CA certs in PEM
77
+ # format; the HTTP handler should use this to verify all HTTPS
78
+ # requests if {#ssl_verify_peer?} is true.
79
+ def ssl_ca_file=(ca_file)
80
+ @ssl_ca_file = ca_file
81
+ end
82
+
83
+ # @return [String] Path to a bundle of CA certs in PEM format;
84
+ # the HTTP handler should use this to verify all HTTPS
85
+ # requests if {#ssl_verify_peer?} is true.
86
+ def ssl_ca_file
87
+ @ssl_ca_file
88
+ end
89
+
64
90
  # Adds a request param.
65
91
  #
66
92
  # @overload add_param(param_name, param_value = nil)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,12 +9,12 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2011-07-14 00:00:00.000000000 -07:00
12
+ date: 2011-07-15 00:00:00.000000000 -07:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: uuidtools
17
- requirement: &2158409860 !ruby/object:Gem::Requirement
17
+ requirement: &2158760920 !ruby/object:Gem::Requirement
18
18
  none: false
19
19
  requirements:
20
20
  - - ~>
@@ -22,10 +22,10 @@ dependencies:
22
22
  version: '2.1'
23
23
  type: :runtime
24
24
  prerelease: false
25
- version_requirements: *2158409860
25
+ version_requirements: *2158760920
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: httparty
28
- requirement: &2158408340 !ruby/object:Gem::Requirement
28
+ requirement: &2158760460 !ruby/object:Gem::Requirement
29
29
  none: false
30
30
  requirements:
31
31
  - - ~>
@@ -33,10 +33,10 @@ dependencies:
33
33
  version: '0.7'
34
34
  type: :runtime
35
35
  prerelease: false
36
- version_requirements: *2158408340
36
+ version_requirements: *2158760460
37
37
  - !ruby/object:Gem::Dependency
38
38
  name: nokogiri
39
- requirement: &2158406240 !ruby/object:Gem::Requirement
39
+ requirement: &2158759980 !ruby/object:Gem::Requirement
40
40
  none: false
41
41
  requirements:
42
42
  - - ~>
@@ -44,10 +44,10 @@ dependencies:
44
44
  version: 1.4.4
45
45
  type: :runtime
46
46
  prerelease: false
47
- version_requirements: *2158406240
47
+ version_requirements: *2158759980
48
48
  - !ruby/object:Gem::Dependency
49
49
  name: json
50
- requirement: &2158404140 !ruby/object:Gem::Requirement
50
+ requirement: &2158759520 !ruby/object:Gem::Requirement
51
51
  none: false
52
52
  requirements:
53
53
  - - ~>
@@ -55,13 +55,14 @@ dependencies:
55
55
  version: '1.4'
56
56
  type: :runtime
57
57
  prerelease: false
58
- version_requirements: *2158404140
58
+ version_requirements: *2158759520
59
59
  description: AWS SDK for Ruby
60
60
  email:
61
61
  executables: []
62
62
  extensions: []
63
63
  extra_rdoc_files: []
64
64
  files:
65
+ - ca-bundle.crt
65
66
  - rails/init.rb
66
67
  - lib/aws/api_config.rb
67
68
  - lib/aws/api_config_transform.rb
@@ -282,7 +283,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
282
283
  version: '0'
283
284
  segments:
284
285
  - 0
285
- hash: 1693721329692997155
286
+ hash: -3178253575301581896
286
287
  required_rubygems_version: !ruby/object:Gem::Requirement
287
288
  none: false
288
289
  requirements: