diff options
author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-09-24 08:02:31 +0000 |
---|---|---|
committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-09-24 08:02:31 +0000 |
commit | e7daebf21af1fa6002f86527b0e8d6a0f9dcd67c (patch) | |
tree | 7b6937ecdd70c5214dec81fb2841a913841b373f /lib/open-uri.rb | |
parent | b788dc0af08d2485e326a1ba79048d97d8bc1081 (diff) |
* lib/net/http.rb: fix typo.
* lib/net/http.rb: an SSL verification (the server hostname should
be matched with its certificate's commonName) is added.
this verification can be skipped by
"Net::HTTP#enable_post_connection_check=(false)".
suggested by Chris Clark <cclark at isecpartners.com>
* lib/net/open-uri.rb: use Net::HTTP#enable_post_connection_check to
perform SSL post connection check.
* ext/openssl/lib/openssl/ssl.c
(OpenSSL::SSL::SSLSocket#post_connection_check): refine error message.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13502 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/open-uri.rb')
-rw-r--r-- | lib/open-uri.rb | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/lib/open-uri.rb b/lib/open-uri.rb index d69f7dbe41..36a0639a80 100644 --- a/lib/open-uri.rb +++ b/lib/open-uri.rb @@ -229,6 +229,7 @@ module OpenURI if target.class == URI::HTTPS require 'net/https' http.use_ssl = true + http.enable_post_connection_check = true http.verify_mode = OpenSSL::SSL::VERIFY_PEER store = OpenSSL::X509::Store.new store.set_default_paths @@ -240,16 +241,6 @@ module OpenURI resp = nil http.start { - if target.class == URI::HTTPS - # xxx: information hiding violation - sock = http.instance_variable_get(:@socket) - if sock.respond_to?(:io) - sock = sock.io # 1.9 - else - sock = sock.instance_variable_get(:@socket) # 1.8 - end - sock.post_connection_check(target_host) - end req = Net::HTTP::Get.new(request_uri, header) if options.include? :http_basic_authentication user, pass = options[:http_basic_authentication] |