module AbrtProxy

cert_names(request) click to toggle source

# File lib/smart_proxy_abrt/abrt_lib.rb, line 77
def self.cert_names(request)
  client_cert = request.env['SSL_CLIENT_CERT']
  raise AbrtProxy::Error::Unauthorized, "Client certificate required" if client_cert.to_s.empty?

  begin
    client_cert = OpenSSL::X509::Certificate.new(client_cert)
  rescue OpenSSL::OpenSSLError => e
    raise AbrtProxy::Error::CertificateError, e.message
  end

  begin
    cn = client_cert.subject.to_a.find { |name, value| name == 'CN' }
    names = [cn[1]]
  rescue NoMethodError
    raise AbrtProxy::Error::CertificateError, "Common Name not found in the certificate"
  end

  alt_name_ext = client_cert.extensions.find { |ext| ext.oid == 'subjectAltName' }
  if alt_name_ext
    names += alt_name_ext.value.
                          split(/, ?/).
                          select { |s| s.start_with? 'URI:CN=' }.
                          map { |s| s.sub(/^URI:CN=/, '') }
  end

  return names
end

faf_request(path, content, content_type="application/json") click to toggle source

# File lib/smart_proxy_abrt/abrt_lib.rb, line 52
def self.faf_request(path, content, content_type="application/json")
  uri              = URI.parse(AbrtProxy::Plugin.settings.server_url.to_s)
  http             = Net::HTTP.new(uri.host, uri.port)
  http.use_ssl     = uri.scheme == 'https'
  http.verify_mode =
    if AbrtProxy::Plugin.settings.server_ssl_noverify
      OpenSSL::SSL::VERIFY_NONE
    else
      OpenSSL::SSL::VERIFY_PEER
    end

  if AbrtProxy::Plugin.settings.server_ssl_cert && !AbrtProxy::Plugin.settings.server_ssl_cert.to_s.empty? \
      && AbrtProxy::Plugin.settings.server_ssl_key && !AbrtProxy::Plugin.settings.server_ssl_key.to_s.empty?
    http.cert = OpenSSL::X509::Certificate.new(File.read(AbrtProxy::Plugin.settings.server_ssl_cert))
    http.key  = OpenSSL::PKey::RSA.new(File.read(AbrtProxy::Plugin.settings.server_ssl_key), nil)
  end

  headers, body = self.form_data_file content, content_type

  path = [uri.path, path].join unless uri.path.empty?
  response = http.start { |con| con.post(path, body, headers) }

  response
end

form_data_file(content, file_content_type) click to toggle source

It seems that Net::HTTP does not support multipart/form-data - this function is adapted from stackoverflow.com/a/213276 and lib/proxy/request.rb

# File lib/smart_proxy_abrt/abrt_lib.rb, line 32
def self.form_data_file(content, file_content_type)
  # Assemble the request body using the special multipart format
  thepart =  "Content-Disposition: form-data; name=\"file\"; filename=\"*buffer*\"\r\n" +
             "Content-Type: #{ file_content_type }\r\n\r\n#{ content }\r\n"

  boundary = self.suggest_separator
  while thepart.include? boundary
    boundary = self.suggest_separator
  end

  body = "--" + boundary + "\r\n" + thepart + "--" + boundary + "--\r\n"
  headers = {
    "User-Agent"     => "foreman-proxy/#{Proxy::VERSION}",
    "Content-Type"   => "multipart/form-data; boundary=#{ boundary }",
    "Content-Length" => body.length.to_s
  }

  return headers, body
end

random_hex_string(nbytes) click to toggle source

Returns hex representation of random bytes-long number

# File lib/smart_proxy_abrt/abrt_lib.rb, line 20
def self.random_hex_string(nbytes)
  OpenSSL::Random.random_bytes(nbytes).unpack('H*').join
end

suggest_separator() click to toggle source

Generate multipart boundary separator

# File lib/smart_proxy_abrt/abrt_lib.rb, line 25
def self.suggest_separator
    separator = "-"*28
    separator + self.random_hex_string(16)
end

Constants

Public Class Methods