test_bundled_ca.rb [plain text]
require 'rubygems/test_case'
require 'net/https'
class TestBundledCA < Gem::TestCase
THIS_FILE = File.expand_path __FILE__
def bundled_certificate_store
store = OpenSSL::X509::Store.new
ssl_cert_glob =
File.expand_path '../../../lib/rubygems/ssl_certs/*.pem', THIS_FILE
Dir[ssl_cert_glob].each do |ssl_cert|
store.add_file ssl_cert
end
store
end
def assert_https(host)
if self.respond_to? :_assertions self._assertions += 1
else self.assertions += 1
end
http = Net::HTTP.new(host, 443)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
http.cert_store = bundled_certificate_store
http.get('/')
rescue Errno::ENOENT
skip "#{host} seems offline, I can't tell whether ssl would work."
rescue OpenSSL::SSL::SSLError => e
if e.message =~ /certificate verify failed/
flunk "#{host} is not verifiable using the included certificates. Error was: #{e.message}"
end
raise
end
def test_accessing_rubygems
assert_https('rubygems.org')
end
def test_accessing_cloudfront
assert_https('d2chzxaqi4y7f8.cloudfront.net')
end
def test_accessing_s3
assert_https('s3.amazonaws.com')
end
end if ENV['TRAVIS']