From e7daebf21af1fa6002f86527b0e8d6a0f9dcd67c Mon Sep 17 00:00:00 2001
From: shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Mon, 24 Sep 2007 08:02:31 +0000
Subject: 	* lib/net/http.rb: fix typo. 	* lib/net/http.rb: an SSL
 verification (the server hostname should 	  be matched with its
 certificate's commonName) is added. 	  this verification can be skipped by 
   "Net::HTTP#enable_post_connection_check=(false)". 	  suggested by Chris
 Clark <cclark at isecpartners.com> 	* lib/net/open-uri.rb: use
 Net::HTTP#enable_post_connection_check to 	  perform SSL post connection
 check. 	* ext/openssl/lib/openssl/ssl.c 
 (OpenSSL::SSL::SSLSocket#post_connection_check): refine error message.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13502 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 lib/open-uri.rb | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

(limited to 'lib/open-uri.rb')

diff --git a/lib/open-uri.rb b/lib/open-uri.rb
index d69f7dbe41..36a0639a80 100644
--- a/lib/open-uri.rb
+++ b/lib/open-uri.rb
@@ -229,6 +229,7 @@ module OpenURI
     if target.class == URI::HTTPS
       require 'net/https'
       http.use_ssl = true
+      http.enable_post_connection_check = true
       http.verify_mode = OpenSSL::SSL::VERIFY_PEER
       store = OpenSSL::X509::Store.new
       store.set_default_paths
@@ -240,16 +241,6 @@ module OpenURI
 
     resp = nil
     http.start {
-      if target.class == URI::HTTPS
-        # xxx: information hiding violation
-        sock = http.instance_variable_get(:@socket)
-        if sock.respond_to?(:io)
-          sock = sock.io # 1.9
-        else
-          sock = sock.instance_variable_get(:@socket) # 1.8
-        end
-        sock.post_connection_check(target_host)
-      end
       req = Net::HTTP::Get.new(request_uri, header)
       if options.include? :http_basic_authentication
         user, pass = options[:http_basic_authentication]
-- 
cgit v1.2.3