class Aerospike::Socket::SSL
Constants
- DEFAULT_TLS_PARAMS
- SUPPORTED_TLS_PARAMS
Public Class Methods
build_ssl_context(tls_options)
click to toggle source
# File lib/aerospike/socket/ssl.rb, line 44 def build_ssl_context(tls_options) tls_options[:context] || create_context(tls_options) end
connect(host, port, timeout, tls_name, tls_options)
click to toggle source
# File lib/aerospike/socket/ssl.rb, line 33 def connect(host, port, timeout, tls_name, tls_options) Aerospike.logger.debug("Connecting to #{host}:#{tls_name}:#{port} using TLS options #{tls_options}") tcp_sock = TCP.connect(host, port, timeout) ctx = build_ssl_context(tls_options) new(tcp_sock, ctx).tap do |ssl_sock| ssl_sock.hostname = tls_name ssl_sock.connect ssl_sock.post_connection_check(tls_name) end end
create_context(tls_options)
click to toggle source
# File lib/aerospike/socket/ssl.rb, line 48 def create_context(tls_options) OpenSSL::SSL::SSLContext.new.tap do |ctx| if tls_options[:cert_file] && tls_options[:pkey_file] cert = OpenSSL::X509::Certificate.new(File.read(tls_options[:cert_file])) pkey = OpenSSL::PKey.read(File.read(tls_options[:pkey_file]), tls_options[:pkey_pass]) if ctx.respond_to?(:add_certificate) ctx.add_certificate(cert, pkey) else ctx.cert = cert ctx.key = pkey end end params = DEFAULT_TLS_PARAMS.merge(filter_params(tls_options)) ctx.set_params(params) unless params.empty? end end
filter_params(params)
click to toggle source
# File lib/aerospike/socket/ssl.rb, line 66 def filter_params(params) params.select { |key| SUPPORTED_TLS_PARAMS.include?(key) } end