diff options
author | Yuta Iwama <ganmacs@gmail.com> | 2020-01-23 17:23:17 +0900 |
---|---|---|
committer | NARUSE, Yui <nurse@users.noreply.github.com> | 2020-01-23 17:23:17 +0900 |
commit | be6931f7f7d2eed46226f0cc452de64cdeec0dab (patch) | |
tree | 5580616d9863888093e276494313f07d534bf19e /test | |
parent | 890200e85e5237d9656a6b72e792effbcaa5460a (diff) |
Add #verify_hostname= and #verify_hostname to skip hostname verification (#2858)
According to https://github.com/ruby/openssl/pull/60,
> Currently an user who wants to do the hostname verification needs to
call SSLSocket#post_connection_check explicitly after the TLS connection
is established.
if an user who wants to skip the hostname verification,
SSLSocket#post_connection_check doesn't need to be called
https://bugs.ruby-lang.org/issues/16555
Diffstat (limited to 'test')
-rw-r--r-- | test/net/http/test_https.rb | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/test/net/http/test_https.rb b/test/net/http/test_https.rb index 17fabb62d5..204bfb7ad3 100644 --- a/test/net/http/test_https.rb +++ b/test/net/http/test_https.rb @@ -204,6 +204,29 @@ class TestNetHTTPS < Test::Unit::TestCase skip $! end + def test_skip_hostname_verfiction + TestNetHTTPUtils.clean_http_proxy_env do + http = Net::HTTP.new('invalid_servername', config('port')) + http.ipaddr = config('host') + http.use_ssl = true + http.cert_store = TEST_STORE + http.verify_hostname = false + assert_nothing_raised { http.start } + end + end + + def test_fail_if_verify_hostname_is_true + TestNetHTTPUtils.clean_http_proxy_env do + http = Net::HTTP.new('invalid_servername', config('port')) + http.ipaddr = config('host') + http.use_ssl = true + http.cert_store = TEST_STORE + http.verify_hostname = true + @log_tester = lambda { |_| } + assert_raise(OpenSSL::SSL::SSLError) { http.start } + end + end + def test_certificate_verify_failure http = Net::HTTP.new("localhost", config("port")) http.use_ssl = true |