From c2cf65f8e1b5e9987eed3ebf21da36816219c7fb Mon Sep 17 00:00:00 2001 From: Hendy Tanata Date: Mon, 20 Aug 2012 21:08:25 +0800 Subject: [PATCH 1/2] Add ssl_version option to choose SSL version to use. --- bin/httparty | 0 lib/httparty.rb | 11 +++++++++++ lib/httparty/request.rb | 4 ++++ spec/httparty/request_spec.rb | 5 +++++ spec/httparty_spec.rb | 7 +++++++ 5 files changed, 27 insertions(+) mode change 100644 => 100755 bin/httparty diff --git a/bin/httparty b/bin/httparty old mode 100644 new mode 100755 diff --git a/lib/httparty.rb b/lib/httparty.rb index 6f9ec57..1476f31 100644 --- a/lib/httparty.rb +++ b/lib/httparty.rb @@ -296,6 +296,17 @@ module HTTParty default_options[:query_string_normalizer] = normalizer end + # Allows setting of SSL version to use. + # You can get a list of valid versions from OpenSSL::SSL::SSLContext::METHODS. + # + # class Foo + # include HTTParty + # ssl_version :SSLv3 + # end + def ssl_version(version) + default_options[:ssl_version] = version + end + # Allows setting an OpenSSL certificate authority file # # class Foo diff --git a/lib/httparty/request.rb b/lib/httparty/request.rb index db556a0..6ec2080 100644 --- a/lib/httparty/request.rb +++ b/lib/httparty/request.rb @@ -113,6 +113,10 @@ module HTTParty http.ca_path = options[:ssl_ca_path] http.verify_mode = OpenSSL::SSL::VERIFY_PEER end + + if options[:ssl_version] + http.ssl_version = options[:ssl_version] + end end end diff --git a/spec/httparty/request_spec.rb b/spec/httparty/request_spec.rb index f233dd1..04201eb 100644 --- a/spec/httparty/request_spec.rb +++ b/spec/httparty/request_spec.rb @@ -165,6 +165,11 @@ describe HTTParty::Request do request.send(:http).use_ssl?.should == true end + it 'uses specified ssl_version' do + request = HTTParty::Request.new(Net::HTTP::Get, 'https://foobar.com', :ssl_version => :TLSv1) + request.send(:http).ssl_version.should == :TLSv1 + end + context "PEM certificates" do before do OpenSSL::X509::Certificate.stub(:new) diff --git a/spec/httparty_spec.rb b/spec/httparty_spec.rb index 5650b4b..d23baa9 100644 --- a/spec/httparty_spec.rb +++ b/spec/httparty_spec.rb @@ -38,6 +38,13 @@ describe HTTParty do end end + describe 'ssl_version' do + it 'should set the ssl_version content' do + @klass.ssl_version :SSLv3 + @klass.default_options[:ssl_version].should == :SSLv3 + end + end + describe 'http_proxy' do it 'should set the address' do @klass.http_proxy 'proxy.foo.com', 80 From 6b88a95a4054b6116f2376130a58c96d6710ae5b Mon Sep 17 00:00:00 2001 From: Hendy Tanata Date: Mon, 20 Aug 2012 22:06:15 +0800 Subject: [PATCH 2/2] ssl_version option is only available in Ruby 1.9. --- lib/httparty.rb | 2 +- lib/httparty/request.rb | 2 +- spec/httparty/request_spec.rb | 5 ++++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/httparty.rb b/lib/httparty.rb index 1476f31..3d0b466 100644 --- a/lib/httparty.rb +++ b/lib/httparty.rb @@ -296,7 +296,7 @@ module HTTParty default_options[:query_string_normalizer] = normalizer end - # Allows setting of SSL version to use. + # Allows setting of SSL version to use. This only works in Ruby 1.9. # You can get a list of valid versions from OpenSSL::SSL::SSLContext::METHODS. # # class Foo diff --git a/lib/httparty/request.rb b/lib/httparty/request.rb index 6ec2080..47008f9 100644 --- a/lib/httparty/request.rb +++ b/lib/httparty/request.rb @@ -114,7 +114,7 @@ module HTTParty http.verify_mode = OpenSSL::SSL::VERIFY_PEER end - if options[:ssl_version] + if options[:ssl_version] && http.respond_to?(:ssl_version=) http.ssl_version = options[:ssl_version] end end diff --git a/spec/httparty/request_spec.rb b/spec/httparty/request_spec.rb index 04201eb..c3b8f28 100644 --- a/spec/httparty/request_spec.rb +++ b/spec/httparty/request_spec.rb @@ -167,7 +167,10 @@ describe HTTParty::Request do it 'uses specified ssl_version' do request = HTTParty::Request.new(Net::HTTP::Get, 'https://foobar.com', :ssl_version => :TLSv1) - request.send(:http).ssl_version.should == :TLSv1 + http = request.send(:http) + if http.respond_to?(:ssl_version) + http.ssl_version.should == :TLSv1 + end end context "PEM certificates" do