Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Branch: develop
Branches Tags
zammad
/
lib
/
certificate
/
apply_ssl_certificates.rb

apply_ssl_certificates.rb 995 B
Permalink History Raw

123456789101112131415161718192021222324252627282930313233 
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. class Certificate::ApplySSLCertificates
    4. 

  4. 

  5.   class << self
    6. 

  6. 

  7.     SEMAPHORE = Thread::Mutex.new
    8. 

  8. 

  9.     # Ensure the SSLContext for the current process has all custom SSL certificates.
    10. 

  10.     def ensure_fresh_ssl_context
    11. 

  11. 

  12.       SEMAPHORE.synchronize do
    13. 

  13. 

  14.         all_certificates = SSLCertificate.all
    15. 

  15. 

  16.         # Only update the default store if there are changes with the stored SSL certificates.
    17. 

  17.         cache_key = all_certificates.cache_key_with_version
    18. 

  18.         return if @cache_key == cache_key
    19. 

  19. 

  20.         @cache_key = cache_key
    21. 

  21. 

  22.         # Build a new default store.
    23. 

  23.         store = OpenSSL::X509::Store.new
    24. 

  24.         store.set_default_paths
    25. 

  25.         store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
    26. 

  26.         all_certificates.each { |cert| store.add_cert(cert.certificate_parsed) }
    27. 

  27.         Kernel.silence_warnings do
    28. 

  28.           OpenSSL::SSL::SSLContext.const_set(:DEFAULT_CERT_STORE, store)
    29. 

  29.         end
    30. 

  30.       end
    31. 

  31.     end
    32. 

  32.   end
    33. 

  33. end
    34.