RUBY-725 Support providing a SSL keyfile passphrase

estolfo · estolfo · commit 33d5e6bedd4a · 2015-03-24T22:44:15.000+01:00
diff --git a/lib/mongo/socket/ssl.rb b/lib/mongo/socket/ssl.rb
@@ -87,7 +87,12 @@ def create_context(options)
           context.cert = OpenSSL::X509::Certificate.new(File.open(options[:ssl_cert]))
         end
         if options[:ssl_key]
-          context.key = OpenSSL::PKey::RSA.new(File.open(options[:ssl_key]))
+          if options[:ssl_key_pass_phrase]
+            context.key = OpenSSL::PKey::RSA.new(File.open(options[:ssl_key]),
+                                                           options[:ssl_key_pass_phrase])
+          else
+            context.key = OpenSSL::PKey::RSA.new(File.open(options[:ssl_key]))
+          end
         end
         if options[:ssl_verify] || options[:ssl_ca_cert]
           context.ca_file = options[:ssl_ca_cert]
diff --git a/spec/mongo/server/connection_spec.rb b/spec/mongo/server/connection_spec.rb
@@ -271,12 +271,16 @@
 
     context 'when ssl options are provided' do
 
+      let(:ssl_options) do
+        { :ssl => true, :ssl_key => 'file', :ssl_key_pass_phrase => 'iamaphrase' }
+      end
+
       let(:connection) do
-        described_class.new(server, :ssl => true)
+        described_class.new(server, ssl_options)
       end
 
       it 'sets the ssl options' do
-        expect(connection.send(:ssl_options)).to eq(:ssl => true)
+        expect(connection.send(:ssl_options)).to eq(ssl_options)
       end
     end
 
