* ext/openssl/lib/net/protocols.rb (SSLIO#ssl_connect): warning

  for skipping server verification.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4482 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2 files changed, 11 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 2051ae112c..723a30e058 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Tue Sep  2 20:37:15 2003  GOTOU Yuuzou  <gotoyuzo@notwork.org>
+
+	* ext/openssl/lib/net/protocols.rb (SSLIO#ssl_connect): warning
+	  for skipping server verification.
+
 Tue Sep  2 14:09:20 2003  Yukihiro Matsumoto  <matz@ruby-lang.org>
 
 	* ext/socket/extconf.rb: check s6_addr8 in in6_addr (Tru64 UNIX).
@@ -312,8 +317,8 @@ Tue Aug 19 07:47:09 2003  GOTOU Yuuzou  <gotoyuzo@notwork.org>
 
 	* lib/webrick/utils.rb (Utils::create_lisnteners): new method.
 
-	* lib/webrick/server.rb (GenericServer#start): should not
-	  through unknown errors. and refine comments.
+	* lib/webrick/server.rb (GenericServer#start): should rescue
+	  unknown errors. and refine comments.
 
 	* ext/openssl/lib/openssl/ssl.rb (SSLServer#accept): should close
 	  socket if SSLSocket raises error.
diff --git a/ext/openssl/lib/net/protocols.rb b/ext/openssl/lib/net/protocols.rb
index 25e940c54b..36c5077cb2 100644
--- a/ext/openssl/lib/net/protocols.rb
+++ b/ext/openssl/lib/net/protocols.rb
@@ -40,6 +40,10 @@ module Net
     end
 
     def ssl_connect()
+      unless @ssl_context.verify_mode
+        warn "warning: peer certificate won't be verified in this SSL session."
+        @ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
       @socket = OpenSSL::SSL::SSLSocket.new(@socket, @ssl_context)
       @socket.sync = true
       @socket.sync_close = true