# File lib/drb/ssl.rb, line 27
27:       def initialize(config)
28:         @config  = config
29:         @cert    = config[:SSLCertificate]
30:         @pkey    = config[:SSLPrivateKey]
31:         @ssl_ctx = nil
32:       end

    # File lib/drb/ssl.rb, line 34
34:       def [](key); 
35:         @config[key] || DEFAULT[key]
36:       end

    # File lib/drb/ssl.rb, line 45
45:       def accept(tcp)
46:         ssl = OpenSSL::SSL::SSLSocket.new(tcp, @ssl_ctx)
47:         ssl.sync = true
48:         ssl.accept
49:         ssl
50:       end

    # File lib/drb/ssl.rb, line 38
38:       def connect(tcp)
39:         ssl = ::OpenSSL::SSL::SSLSocket.new(tcp, @ssl_ctx)
40:         ssl.sync = true
41:         ssl.connect
42:         ssl
43:       end

    # File lib/drb/ssl.rb, line 52
52:       def setup_certificate
53:         if @cert && @pkey
54:           return
55:         end
56: 
57:         rsa = OpenSSL::PKey::RSA.new(512){|p, n|
58:           next unless self[:verbose]
59:           case p
60:           when 0; $stderr.putc "."  # BN_generate_prime
61:           when 1; $stderr.putc "+"  # BN_generate_prime
62:           when 2; $stderr.putc "*"  # searching good prime,
63:                                     # n = #of try,
64:                                     # but also data from BN_generate_prime
65:           when 3; $stderr.putc "\n" # found good prime, n==0 - p, n==1 - q,
66:                                     # but also data from BN_generate_prime
67:           else;   $stderr.putc "*"  # BN_generate_prime
68:           end
69:         }
70: 
71:         cert = OpenSSL::X509::Certificate.new
72:         cert.version = 3
73:         cert.serial = 0
74:         name = OpenSSL::X509::Name.new(self[:SSLCertName])
75:         cert.subject = name
76:         cert.issuer = name
77:         cert.not_before = Time.now
78:         cert.not_after = Time.now + (365*24*60*60)
79:         cert.public_key = rsa.public_key
80:         
81:         ef = OpenSSL::X509::ExtensionFactory.new(nil,cert)
82:         cert.extensions = [
83:           ef.create_extension("basicConstraints","CA:FALSE"),
84:           ef.create_extension("subjectKeyIdentifier", "hash") ]
85:         ef.issuer_certificate = cert
86:         cert.add_extension(ef.create_extension("authorityKeyIdentifier",
87:                                                "keyid:always,issuer:always"))
88:         if comment = self[:SSLCertComment]
89:           cert.add_extension(ef.create_extension("nsComment", comment))
90:         end
91:         cert.sign(rsa, OpenSSL::Digest::SHA1.new)
92:         
93:         @cert = cert
94:         @pkey = rsa
95:       end

     # File lib/drb/ssl.rb, line 97
 97:       def setup_ssl_context
 98:         ctx = ::OpenSSL::SSL::SSLContext.new
 99:         ctx.cert            = @cert
100:         ctx.key             = @pkey
101:         ctx.client_ca       = self[:SSLClientCA]
102:         ctx.ca_path         = self[:SSLCACertificatePath]
103:         ctx.ca_file         = self[:SSLCACertificateFile]
104:         ctx.verify_mode     = self[:SSLVerifyMode]
105:         ctx.verify_depth    = self[:SSLVerifyDepth]
106:         ctx.verify_callback = self[:SSLVerifyCallback]
107:         ctx.cert_store      = self[:SSLCertificateStore]
108:         @ssl_ctx = ctx
109:       end