+# frozen_string_literal: true
+
require 'open-uri'
require 'net/ftp'
require 'tempfile'
# Only send basic auth if URL contains userinfo
# Some webservers (e.g. Amazon S3) return code 400 if empty basic auth is sent
if parsed_value.userinfo.nil?
- key = parsed_value.read
+ key = if parsed_value.scheme == 'https' && resource[:weak_ssl] == true
+ open(parsed_value, ssl_verify_mode: OpenSSL::SSL::VERIFY_NONE).read
+ else
+ parsed_value.read
+ end
else
user_pass = parsed_value.userinfo.split(':')
parsed_value.userinfo = ''
end
end
unless found_match
- raise(_('The id in your manifest %{_resource} and the fingerprint from content/source don\'t match. Check for an error in the id and content/source is legitimate.') % { _resource: resource[:name] }) # rubocop:disable Metrics/LineLength
+ raise(_('The id in your manifest %{_resource} and the fingerprint from content/source don\'t match. Check for an error in the id and content/source is legitimate.') % { _resource: resource[:name] }) # rubocop:disable Layout/LineLength
end
else
warning('/usr/bin/gpg cannot be found for verification of the id.')