Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/validators/certificate_validator.rb
diff options
context:
space:
mode:
authorKamil Trzcinski <ayufan@ayufan.eu>2016-02-09 21:04:39 +0300
committerJames Edwards-Jones <jedwardsjones@gitlab.com>2017-02-01 01:53:57 +0300
commit930a7030b5a0080128b2fe3e2b9506717c54a6a5 (patch)
tree52c998612b54ce45c87b6731a8b23f85a59d5b7d /app/validators/certificate_validator.rb
parent5f7257c27dace1dcb9d3eb4732caf68f061a8d68 (diff)
Implement proper verification of certificate's public_key against the private_key
Diffstat (limited to 'app/validators/certificate_validator.rb')
-rw-r--r--app/validators/certificate_validator.rb14
1 files changed, 4 insertions, 10 deletions
diff --git a/app/validators/certificate_validator.rb b/app/validators/certificate_validator.rb
index 2cba5a435b7..2a04c76d4b9 100644
--- a/app/validators/certificate_validator.rb
+++ b/app/validators/certificate_validator.rb
@@ -3,26 +3,20 @@
# Custom validator for private keys.
#
# class Project < ActiveRecord::Base
-# validates :certificate_key, certificate_key: true
+# validates :certificate_key, certificate: true
# end
#
class CertificateValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
- certificate = parse_certificate(value)
- unless certificate
+ unless valid_certificate_pem?(value)
record.errors.add(attribute, "must be a valid PEM certificate")
end
-
- if options[:intermediates]
- unless certificate
- record.errors.add(attribute, "certificate verification failed: missing intermediate certificates")
- end
- end
end
private
- def parse_certificate(value)
+ def valid_certificate_pem?(value)
+ return unless value
OpenSSL::X509::Certificate.new(value)
rescue OpenSSL::X509::CertificateError
nil
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-17 03:55:45 +0300