diff options
author | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-12-20 16:21:22 +0000 |
---|---|---|
committer | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-12-20 16:21:22 +0000 |
commit | c6920177f3e561f779f54534e511f0c9f0de6edd (patch) | |
tree | 3e7fe138ecb67bb2e2a9e520b373d420b315e147 /lib/net/http.rb | |
parent | d86caf318820ebcebf981b822a65d5a4cfab6364 (diff) | |
download | ruby-c6920177f3e561f779f54534e511f0c9f0de6edd.tar.gz |
* lib/net/http.rb (Net::HTTP#connect): use
OpenSSL::SSL::SSLContext.build instead of SSLContext.new (default
verify mode is now OpenSSL::SSL::VERIFY_PEER).
* lib/net/https.rb: SSL parameters are defined by attr_accessor.
* test/net/http/test_https.rb: add test for HTTPS features.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14371 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/net/http.rb')
-rw-r--r-- | lib/net/http.rb | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/net/http.rb b/lib/net/http.rb index 4a16e118dd..9e2aeee2c4 100644 --- a/lib/net/http.rb +++ b/lib/net/http.rb @@ -575,10 +575,13 @@ module Net #:nodoc: s = timeout(@open_timeout) { TCPSocket.open(conn_address(), conn_port()) } D "opened" if use_ssl? - unless @ssl_context.verify_mode - warn "warning: peer certificate won't be verified in this SSL session" - @ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE + ssl_parameters = Hash.new + SSL_ATTRIBUTES.each do |name| + if value = instance_variable_get("@#{name}") + ssl_parameters[name] = value + end end + @ssl_context = OpenSSL::SSL::SSLContext.build(ssl_parameters) s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context) s.sync_close = true end |