rack-proxy 0.5.6 → 0.5.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 01ead5716a3297d180ef585021e3ef8f9061be22
-  data.tar.gz: 9492773b1b285a2265b4f5767d93b381a05f4e4c
+  metadata.gz: 053b64c1db8f801c328770098e15672e2b17da53
+  data.tar.gz: 7b114c1eecafdc79dab20c75a0daf073b87496be
 SHA512:
-  metadata.gz: 62b54b36a5276cf2cb8a16793ced71283d2fb597fc3aab91fd867c6e8f29f80e2193a3f2371afed2007a7b3866db156620599db7e9eb54d3756153588651ec1a
-  data.tar.gz: a895ec06fee93eb01265e47a053066859f4bf6bea21dfbf70aacb6443b5c59d6d377afecbabbc5f13680b4b867ccef08be00112f98430fa2177fae887d1a73b6
+  metadata.gz: cd49785b803394666dea8e1bd14d0afedb2da3b2d7f72ea6b57167d2cdc83cbf66e9864ce7c3d9314e7a00157531b11bb70e41cb4dc9341332317c6baf091750
+  data.tar.gz: a30031d0598443126fcf82213dee26fd20443b4cd7f547080950d9a8f88b31dd712a245d0a9ef720e51ad54e885ba928449d08816179531b16ce0af093aae663

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    rack-proxy (0.5.5)
+    rack-proxy (0.5.8)
       rack
 
 GEM

data/Readme

@@ -22,6 +22,22 @@ class Foo < Rack::Proxy
 
 end
 
+Example: disable SSL session verification when proxying a server with e.g. self-signed SSL certs
+
+class TrustingProxy < Rack::Proxy
+
+  def rewrite_env(env)
+    env["rack.ssl_verify_none"] = true
+
+    env
+  end
+
+end
+
+The same can be achieved for *all* requests going through the `Rack::Proxy` instance by using
+
+    Rack::Proxy.new(ssl_verify_none: true)
+
 See tests for more examples.
 
 WARNING: Doesn't work with fakeweb/webmock. Both libraries monkey-patch net/http code.

data/lib/rack/http_streaming_response.rb

@@ -5,6 +5,7 @@ module Rack
   # Wraps the hacked net/http in a Rack way.
   class HttpStreamingResponse
     attr_accessor :use_ssl
+    attr_accessor :verify_mode
 
     def initialize(request, host, port = nil)
       @request, @host, @port = request, host, port
@@ -61,6 +62,7 @@ module Rack
       @session ||= begin
         http = Net::HTTP.new @host, @port
         http.use_ssl = self.use_ssl
+        http.verify_mode = self.verify_mode
         http.start
       end
     end

data/lib/rack/proxy.rb

@@ -5,11 +5,12 @@ module Rack
 
   # Subclass and bring your own #rewrite_request and #rewrite_response
   class Proxy
-    VERSION = "0.5.6"
+    VERSION = "0.5.8"
 
     # @option opts [String, URI::HTTP] :backend Backend host to proxy requests to
     def initialize(opts={})
       @streaming = opts.fetch(:streaming, true)
+      @ssl_verify_none = opts.fetch(:ssl_verify_none, false)
       @backend = URI(opts[:backend]) if opts[:backend]
     end
 
@@ -57,14 +58,17 @@ module Rack
 
       backend = @backend || source_request
       use_ssl = backend.scheme == "https"
+      ssl_verify_none = (env.delete('rack.ssl_verify_none') || @ssl_verify_none) == true
 
       # Create the response
       if @streaming
         # streaming response (the actual network communication is deferred, a.k.a. streamed)
         target_response = HttpStreamingResponse.new(target_request, backend.host, backend.port)
         target_response.use_ssl = use_ssl
+        target_response.verify_mode = OpenSSL::SSL::VERIFY_NONE if use_ssl && ssl_verify_none
       else
         target_response = Net::HTTP.start(backend.host, backend.port, :use_ssl => use_ssl) do |http|
+          http.verify_mode = OpenSSL::SSL::VERIFY_NONE if use_ssl && ssl_verify_none
           http.request(target_request)
         end
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-proxy
 version: !ruby/object:Gem::Version
-  version: 0.5.6
+  version: 0.5.8
 platform: ruby
 authors:
 - Jacek Becela
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-10-09 00:00:00.000000000 Z
+date: 2013-10-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack