diff options
| author | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-12-20 16:21:22 +0000 |
|---|---|---|
| committer | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-12-20 16:21:22 +0000 |
| commit | c6920177f3e561f779f54534e511f0c9f0de6edd () | |
| tree | 3e7fe138ecb67bb2e2a9e520b373d420b315e147 | |
| parent | d86caf318820ebcebf981b822a65d5a4cfab6364 (diff) | |
* lib/net/http.rb (Net::HTTP#connect): use
OpenSSL::SSL::SSLContext.build instead of SSLContext.new (default verify mode is now OpenSSL::SSL::VERIFY_PEER). * lib/net/https.rb: SSL parameters are defined by attr_accessor. * test/net/http/test_https.rb: add test for HTTPS features. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14371 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 10 | ||||
| -rw-r--r-- | lib/net/http.rb | 9 | ||||
| -rw-r--r-- | lib/net/https.rb | 55 | ||||
| -rw-r--r-- | test/net/http/test_https.rb | 97 | ||||
| -rw-r--r-- | test/net/http/utils.rb | 19 |
5 files changed, 139 insertions, 51 deletions
@@ -1,3 +1,13 @@ Fri Dec 21 01:11:37 2007 GOTOU Yuuzou <[email protected]> * io.c (select_internal): should return original value. @@ -575,10 +575,13 @@ module Net #:nodoc: s = timeout(@open_timeout) { TCPSocket.open(conn_address(), conn_port()) } D "opened" if use_ssl? - unless @ssl_context.verify_mode - warn "warning: peer certificate won't be verified in this SSL session" - @ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE end s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context) s.sync_close = true end @@ -102,70 +102,35 @@ require 'net/http' require 'openssl' module Net - class HTTP remove_method :use_ssl? def use_ssl? @use_ssl end - alias use_ssl use_ssl? # for backward compatibility - # Turn on/off SSL. # This flag must be set before starting session. # If you change use_ssl value after session started, # a Net::HTTP object raises IOError. def use_ssl=(flag) flag = (flag ? true : false) - raise IOError, "use_ssl value changed, but session already started" \ - if started? and @use_ssl != flag - if flag and not @ssl_context - @ssl_context = OpenSSL::SSL::SSLContext.new end @use_ssl = flag end - def self.ssl_context_accessor(name) - module_eval(<<-End, __FILE__, __LINE__ + 1) - def #{name} - return nil unless @ssl_context - @ssl_context.#{name} - end - - def #{name}=(val) - @ssl_context ||= OpenSSL::SSL::SSLContext.new - @ssl_context.#{name} = val - end - End - end - - ssl_context_accessor :key - ssl_context_accessor :cert - ssl_context_accessor :ca_file - ssl_context_accessor :ca_path - ssl_context_accessor :verify_mode - ssl_context_accessor :verify_callback - ssl_context_accessor :verify_depth - ssl_context_accessor :cert_store - - def ssl_timeout - return nil unless @ssl_context - @ssl_context.timeout - end - - def ssl_timeout=(sec) - raise ArgumentError, 'Net::HTTP#ssl_timeout= called but use_ssl=false' \ - unless use_ssl? - @ssl_context ||= OpenSSL::SSL::SSLContext.new - @ssl_context.timeout = sec - end - - alias timeout= ssl_timeout= # for backward compatibility def peer_cert - return nil if not use_ssl? or not @socket @socket.io.peer_cert end end - end @@ -0,0 +1,97 @@ @@ -1,4 +1,9 @@ require 'webrick' require 'webrick/httpservlet/abstract' module TestNetHTTPUtils @@ -35,14 +40,22 @@ module TestNetHTTPUtils end def spawn_server - @server = WEBrick::HTTPServer.new( :BindAddress => config('host'), :Port => config('port'), :Logger => WEBrick::Log.new(NullWriter.new), :AccessLog => [], :ShutdownSocketWithoutClose => true, - :ServerType => Thread - ) @server.mount('/', Servlet) @server.start n_try_max = 5 |