293 | | === API Usage === |
| 305 | === SSL Support + X509 === |
| 306 | The standard ruby xmlrpc client for some reason does not support the above setup. |
| 307 | In order to be able to use the XMLRPC over SSL with both |
| 308 | * Client Certificate authentication |
| 309 | * Basic Authentication |
| 310 | in order to proceed, you should have: |
| 311 | * ca certificate in .pem format |
| 312 | * personal certificate + RSA key in .p12 format (and its password, of course) |
| 313 | * patched version of xmlrpc/client.rb |
| 314 | * patched version of trac4r |
| 315 | * username/password (for basic authentication) |
| 316 | |
| 317 | Assuming you have the above, and your ca and user certificates are respectively: |
| 318 | {{{ |
| 319 | ~/.openssl/cacert.pem |
| 320 | ~/.openssl/certkey.p12 |
| 321 | }}} |
| 322 | ==== Instructions ==== |
| 323 | # apply the patches: |
| 324 | # to the xmlrpc library |
| 325 | # to the trac4r gem to pick up the patch features |
| 326 | # create a .yml file called {{{~/.trac/creds.yml}}} of the following structure: |
| 327 | {{{ |
| 328 | --- |
| 329 | tracurl: https://yourserver.yourdomain/yourproject |
| 330 | tracuser: yourwebuser |
| 331 | tracpass: yourwebpassword |
| 332 | certkey: /home/youruser/.ssl/certkey.p12 |
| 333 | cacert: /home/youruser/.ssl/cacert.pem |
| 334 | keypass: yourkeypassword |
| 335 | }}} |
| 336 | # use the data in the code |
| 337 | {{{ |
| 338 | #!ruby |
| 339 | require 'yaml' |
| 340 | require 'openssl' |
| 341 | require 'xmlrpc/client' |
| 342 | require 'trac4r' |
| 343 | |
| 344 | ## read the data from yaml: |
| 345 | $ymlname= "#{ENV['HOME']}/.trac/creds.yml" |
| 346 | if !File.exists?($ymlname) |
| 347 | raise "Cannot open credentials file!" |
| 348 | end |
| 349 | begin |
| 350 | $vars = YAML::load_file($ymlname) |
| 351 | rescue Exception => e |
| 352 | raise "Cannot load credentials file #{$ymlname}: #{e.message}\nTrace: #{e.stacktrace}" |
| 353 | end |
| 354 | |
| 355 | ## extract the certificate, and the key from the fles. |
| 356 | pkcs = OpenSSL::PKCS12.new(File.open($vars['certkey']),$vars['keypass']) |
| 357 | cert = pkcs.cert |
| 358 | key = pkcs.key |
| 359 | ## connect to the server |
| 360 | trac = Trac.new($vars['tracurl'], $vars['tracuser'], $vars['tracpass'], $vars['cacert'], cert, key) |
| 361 | ## from now you can refer to the connection as open (or query it) |
| 362 | ## use the API as explained above. |
| 363 | }}} |
| 364 | |
| 365 | |
| 366 | |
| 367 | |
| 368 | |
| 369 | |
| 370 | |
| 371 | === API Usage === |