* lib/net/http.rb, lib/open-uri.rb: remove

  Net::HTTP#enable_post_connection_check.  [ruby-dev:31960]

* lib/net/imap.rb: hostname should be verified against server's
  indentity as persented in the server's certificate. [ruby-dev:31960]

* ext/openssl/lib/net/telnets.rb, ext/openssl/lib/net/ftptls.rb: ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@13657 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2 files changed, 2 insertions, 10 deletions

diff --git a/lib/net/http.rb b/lib/net/http.rb
index e5c17af685..7dd1f24d4c 100644
--- a/lib/net/http.rb
+++ b/lib/net/http.rb
@@ -470,7 +470,6 @@ module Net   #:nodoc:
       @debug_output = nil
       @use_ssl = false
       @ssl_context = nil
-      @enable_post_connection_check = true
     end
 
     def inspect
@@ -527,9 +526,6 @@ module Net   #:nodoc:
       false   # redefined in net/https
     end
 
-    # specify enabling SSL server certificate and hostname checking.
-    attr_accessor :enable_post_connection_check
-
     # Opens TCP connection and HTTP session.
     # 
     # When this method is called with block, gives a HTTP object
@@ -589,12 +585,7 @@ module Net   #:nodoc:
         end
         s.connect
         if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
-          begin
-            s.post_connection_check(@address)
-          rescue OpenSSL::SSL::SSLError => ex
-            raise ex if @enable_post_connection_check
-            warn ex.message
-          end
+          s.post_connection_check(@address)
         end
       end
       on_connect
diff --git a/lib/net/imap.rb b/lib/net/imap.rb
index 6436940df6..f8c0d3be4c 100644
--- a/lib/net/imap.rb
+++ b/lib/net/imap.rb
@@ -900,6 +900,7 @@ module Net
         end
         @sock = SSLSocket.new(@sock, context)
         @sock.connect   # start ssl session.
+        @sock.post_connection_check(@host) if verify
       else
         @usessl = false
       end