cf-uaac 4.18.0 → 4.19.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b470c3d2590a9e00f4481b0d5ac9c611b38f6f14b3d506c3a2c3c4b6eeede7c3
-  data.tar.gz: f0838fe08f2a05f001a12d70c093b32f5c209986e271ab3fd0ed71ff12f58699
+  metadata.gz: 6f5bcc95b18627430a6f5b9ccadd06ee3b92efddea46ea9ddca029e3eb526670
+  data.tar.gz: 75969649441d6fcbc1cb157d9190f7fae1a85e8f0b647b7bc45b5ae072754b37
 SHA512:
-  metadata.gz: 40db2b6725b381ad1b516ed64ccf567130e2a9760da0b9555973f7c4b6f0cd8a42fca39203048358117bd067e459492ff03d9978fc6fae994fc8b938730e4ba5
-  data.tar.gz: a7c3573b9409e08c22f9629de314c7b4b3f2e89c2359ebce22291bd21cdf7fe85fb471c2042c9ffe29d08fa89515a7affd652029da227bb30a96ed525d8e51cd
+  metadata.gz: 97c8133e46de3e2f540da53cb703850a0b0e371cafde2212bd4232afbab8515d1ab5fd4ec1f9bc51a241439055c7e7e7f4de751bce201e04bb6d77cf9cc1b1ba
+  data.tar.gz: 127661abd511141faef173f43c65753f0d84849cf2a423e868dc738ea1433b02a0cbd3e81d6cb998fffd34b8cdc33cb0caf3bb85ea59b37dca337c18556ddb92

data/lib/uaa/cli/curl.rb

@@ -27,9 +27,10 @@ module CF::UAA
     define_option :data, "-d", "--data <data>", "data included in request body"
     define_option :header, "-H", "--header <header>", "header to be included in the request"
     define_option :insecure, "-k", "--insecure", "makes request without verifying SSL certificates"
+    define_option :cacert, "-C", "--cacert <ca_file>", "CA certificate to verify peer against"
     define_option :bodyonly, "-b", "--bodyonly", "show body only in response"
 
-    desc "curl [path]", "CURL to a UAA endpoint", :request, :data, :header, :insecure , :bodyonly do |path|
+    desc "curl [path]", "CURL to a UAA endpoint", :request, :data, :header, :insecure , :bodyonly, :cacert do |path|
       return say_command_help(["curl"]) unless path
 
       uri = parse_uri(path)
@@ -65,6 +66,9 @@ module CF::UAA
         http.use_ssl = true
         if options[:insecure]
           http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+        elsif options[:cacert]
+          http.ca_file = File.expand_path(options[:cacert])
+          http.verify_mode = OpenSSL::SSL::VERIFY_PEER
         end
       end
       request_class = Net::HTTP.const_get("#{options[:request][0]}#{options[:request][1..-1].downcase}")

data/spec/curl_spec.rb

@@ -37,6 +37,7 @@ module CF::UAA
       Cli.output.string.should include "-d | --data <data>"
       Cli.output.string.should include "-k | --insecure"
       Cli.output.string.should include "-b | --bodyonly"
+      Cli.output.string.should include "-C | --cacert"
     end
 
     it "hits the URL on the UAA target" do
@@ -108,5 +109,19 @@ module CF::UAA
       Cli.output.string.should_not include "ECONNRESET"
       Cli.output.string.should include "200 OK"
     end
+
+    it "makes insecure requests without the -k flag" do
+      Cli.run("curl https://example.com/")
+
+      Cli.output.string.should_not include "ECONNRESET"
+      Cli.output.string.should include "200 OK"
+    end
+
+    it "makes requests using invalid custom ca cert file with the -C flag" do
+      Cli.run("curl https://example.com/ -C ca.pem")
+
+      Cli.output.string.should_not include "200 OK"
+      Cli.output.string.should include "SSLError"
+    end
   end
 end

data/version.txt

@@ -1 +1 @@
-4.18.0
+4.19.0

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: cf-uaac
 version: !ruby/object:Gem::Version
-  version: 4.18.0
+  version: 4.19.0
 platform: ruby
 authors:
 - Dave Syer
@@ -12,7 +12,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-11-21 00:00:00.000000000 Z
+date: 2023-12-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: cf-uaa-lib