pcp-client 0.5.2 → 0.5.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 39843870440d8a0b5c982dd74c45e26964e20b8ed36f67da279237bf5cf65888
4
- data.tar.gz: 8cedec2b6ea1a00825e85506508d5bdfcf9a2587fa9b8ce183fda54bd328eee7
3
+ metadata.gz: c8712776d17a4fffc25f012a1471bb56de3af9db2edbfe9c770cae53fc6de82c
4
+ data.tar.gz: 7e53fc42f88e35bf7d2d2051188d9672d39ac82ed568d3fab0ddacc666666a00
5
5
  SHA512:
6
- metadata.gz: 2b3848de010761d878558d11a0ff055fe986c603d42cf757062dca1c2bdc9fbe573098d424d15cd5087216944bf097d196aba3fa51eafed180df35a63f53e335
7
- data.tar.gz: d24367a53c159cc98ea731a735a78bd1c380679888963c0a6b65ef8106bf5d012823c5ee106ae53889cce5a7b092f227bc2e9f8bc0144b0d637c77d5e4c8a827
6
+ metadata.gz: ccc042e29255ca1d5c3d4951d35126bbb7383c87c966c62c23beaee21e15fcc507784a900c09b7cf6b77e4833f2116f636eca468e263379dd5c73dca5c71a92c
7
+ data.tar.gz: cfa9f803edb4339b4ab5d9fbc77c64c2c13fe669920391f5f63b0876dcf073d0f8105a7be4079a72a683e7f79c96e63da8ab9f7e0a8ab9188bd4a22e72da3892
@@ -1,4 +1,4 @@
1
1
  class PCPClient
2
- VERSION = '0.5.2'.freeze
2
+ VERSION = '0.5.3'.freeze
3
3
  end
4
4
 
data/lib/pcp/client.rb CHANGED
@@ -4,52 +4,6 @@ require 'pcp/message'
4
4
  require 'logger'
5
5
  require 'openssl'
6
6
 
7
- # So EventMachine when you specify :verify_peer => true in the TLS
8
- # options decides what that means is it should just fire off a
9
- # #ssl_verify_peer(cert) on the Connection object; which is expected
10
- # to be user-supplied. In this case the user is
11
- # Faye::Websocket::Client::Connection, so we monkey-patch it to have a
12
- # #ssl_verify_peer method.
13
-
14
- module Faye
15
- class WebSocket
16
- class Client
17
- module Connection
18
- def ssl_verify_peer(cert)
19
- # The :@socket_tls instance variable of
20
- # Faye::Websocket::Client is passed to tls_start, so we can
21
- # get parameters from there.
22
- start_tls_options = parent.instance_variable_get(:@socket_tls)
23
- logger = start_tls_options[:xxx_logger]
24
- logger.debug { [:ssl_verify_peer] }
25
-
26
- peer_cert = OpenSSL::X509::Certificate.new cert
27
-
28
- hostname = start_tls_options[:xxx_hostname]
29
- if !OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
30
- logger.error { [:ssl_verify_peer, :fail,
31
- "Certificate presented does not match '#{hostname}'"] }
32
- return false
33
- end
34
-
35
- ssl_ca_cert = start_tls_options[:xxx_ssl_ca_cert]
36
- cert_store = OpenSSL::X509::Store.new
37
- cert_store.add_file ssl_ca_cert
38
-
39
- if !cert_store.verify(peer_cert)
40
- logger.error { [:ssl_verify_peer, :ca_verify_failed,
41
- "Peer certificate not verified by ca"] }
42
- return false
43
- end
44
-
45
- logger.debug { [:ssl_verify_peer, :success] }
46
- return true
47
- end
48
- end
49
- end
50
- end
51
- end
52
-
53
7
  module PCP
54
8
  # Manages a client connection to a pcp broker
55
9
  class Client
@@ -107,13 +61,9 @@ module PCP
107
61
  :ssl_version => ["TLSv1", "TLSv1_1", "TLSv1_2"],
108
62
  :private_key_file => @ssl_key,
109
63
  :cert_chain_file => @ssl_cert,
64
+ :root_cert_file => @ssl_ca_cert,
110
65
  :verify_peer => true,
111
66
  :fail_if_no_peer_cert => true,
112
- # side-channeled properties we want around during ssl
113
- # verification are prefixed with xxx_.
114
- :xxx_logger => @logger,
115
- :xxx_ssl_ca_cert => @ssl_ca_cert,
116
- :xxx_hostname => URI.parse(@server).host,
117
67
  }
118
68
 
119
69
  @connection = Faye::WebSocket::Client.new(@server, nil, {:tls => start_tls_options,
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pcp-client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.2
4
+ version: 0.5.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Puppet Labs
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-08-03 00:00:00.000000000 Z
11
+ date: 2021-06-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: eventmachine
@@ -28,16 +28,16 @@ dependencies:
28
28
  name: faye-websocket
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '='
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 0.10.9
33
+ version: 0.11.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '='
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 0.10.9
40
+ version: 0.11.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: rschema
43
43
  requirement: !ruby/object:Gem::Requirement