From f2af1c58158c45b0f7273158e86b3c749f1138f5 Mon Sep 17 00:00:00 2001 From: shyouhei Date: Sat, 7 Jun 2008 16:15:19 +0000 Subject: merge revision(s) 13657: * lib/net/http.rb, lib/open-uri.rb: remove Net::HTTP#enable_post_connection_check. [ruby-dev:31960] * lib/net/imap.rb: hostname should be verified against server's indentity as persented in the server's certificate. [ruby-dev:31960] * ext/openssl/lib/net/telnets.rb, ext/openssl/lib/net/ftptls.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16876 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ext/openssl/lib/net/ftptls.rb | 10 ++++++++++ ext/openssl/lib/net/telnets.rb | 3 +++ 2 files changed, 13 insertions(+) (limited to 'ext') diff --git a/ext/openssl/lib/net/ftptls.rb b/ext/openssl/lib/net/ftptls.rb index 43cc136bf6..e82eff72fa 100644 --- a/ext/openssl/lib/net/ftptls.rb +++ b/ext/openssl/lib/net/ftptls.rb @@ -29,13 +29,23 @@ require 'net/ftp' module Net class FTPTLS < FTP + def connect(host, port=FTP_PORT) + @hostname = host + super + end + def login(user = "anonymous", passwd = nil, acct = nil) + store = OpenSSL::X509::Store.new + store.set_default_paths ctx = OpenSSL::SSL::SSLContext.new('SSLv23') + ctx.cert_store = store + ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER ctx.key = nil ctx.cert = nil voidcmd("AUTH TLS") @sock = OpenSSL::SSL::SSLSocket.new(@sock, ctx) @sock.connect + @sock.post_connection_check(@hostname) super(user, passwd, acct) voidcmd("PBSZ 0") end diff --git a/ext/openssl/lib/net/telnets.rb b/ext/openssl/lib/net/telnets.rb index d277a5c2a6..c869b5da1c 100644 --- a/ext/openssl/lib/net/telnets.rb +++ b/ext/openssl/lib/net/telnets.rb @@ -134,6 +134,9 @@ module Net @sock.verify_callback = @options['VerifyCallback'] @sock.verify_depth = @options['VerifyDepth'] @sock.connect + if @options['VerifyMode'] != OpenSSL::SSL::VERIFY_NONE + @sock.post_connection_check(@options['Host']) + end @ssl = true end '' -- cgit v1.2.3