Adds backward compatibility for connection adapter verify and verify_peer options

lib/httparty/connection_adapter.rb

@@ -53,6 +53,11 @@ module HTTParty
     # Private: Regex used to strip brackets from IPv6 URIs.
     StripIpv6BracketsRegex = /\A\[(.*)\]\z/
 
+    OPTION_DEFAULTS = {
+      verify: true,
+      verify_peer: true
+    }
+
     # Public
     def self.call(uri, options)
       new(uri, options).connection
@@ -65,7 +70,7 @@ module HTTParty
       raise ArgumentError, "uri must be a #{uri_adapter}, not a #{uri.class}" unless uri.is_a? uri_adapter
 
       @uri = uri
-      @options = options
+      @options = OPTION_DEFAULTS.merge(options)
     end
 
     def connection
@@ -138,6 +143,10 @@ module HTTParty
       uri.port == 443 || uri.scheme == 'https'
     end
 
+    def verify_ssl_certificate?
+      !(options[:verify] == false || options[:verify_peer] == false)
+    end
+
     def attach_ssl_certificates(http, options)
       if http.use_ssl?
         if options.fetch(:verify, true)
@@ -158,7 +167,7 @@ module HTTParty
         if options[:pem]
           http.cert = OpenSSL::X509::Certificate.new(options[:pem])
           http.key = OpenSSL::PKey::RSA.new(options[:pem], options[:pem_password])
-          http.verify_mode = options[:verify] == false ? OpenSSL::SSL::VERIFY_NONE : OpenSSL::SSL::VERIFY_PEER
+          http.verify_mode = verify_ssl_certificate? ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE
         end
 
         # PKCS12 client certificate authentication
@@ -166,7 +175,7 @@ module HTTParty
           p12 = OpenSSL::PKCS12.new(options[:p12], options[:p12_password])
           http.cert = p12.certificate
           http.key = p12.key
-          http.verify_mode = options[:verify] == false ? OpenSSL::SSL::VERIFY_NONE : OpenSSL::SSL::VERIFY_PEER
+          http.verify_mode = verify_ssl_certificate? ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE
         end
 
         # SSL certificate authority file and/or directory

spec/httparty/connection_adapter_spec.rb

@@ -27,7 +27,7 @@ RSpec.describe HTTParty::ConnectionAdapter do
     it "sets the options" do
       options = {foo: :bar}
       adapter = HTTParty::ConnectionAdapter.new(uri, options)
-      expect(adapter.options).to be options
+      expect(adapter.options.keys).to include(:verify, :verify_peer, :foo)
     end
   end
 
@@ -372,9 +372,16 @@ RSpec.describe HTTParty::ConnectionAdapter do
             expect(subject.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
           end
 
-          context "when options include verify_peer=false" do
+          context "when options include verify=false" do
             let(:options) { {pem: pem, pem_password: "password", verify: false} }
 
+            it "should not verify the certificate" do
+              expect(subject.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
+            end
+          end
+          context "when options include verify_peer=false" do
+            let(:options) { {pem: pem, pem_password: "password", verify_peer: false} }
+
             it "should not verify the certificate" do
               expect(subject.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
             end
@@ -423,9 +430,16 @@ RSpec.describe HTTParty::ConnectionAdapter do
             expect(subject.verify_mode).to eq(OpenSSL::SSL::VERIFY_PEER)
           end
 
-          context "when options include verify_peer=false" do
+          context "when options include verify=false" do
             let(:options) { {p12: p12, p12_password: "password", verify: false} }
 
+            it "should not verify the certificate" do
+              expect(subject.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
+            end
+          end
+          context "when options include verify_peer=false" do
+            let(:options) { {p12: p12, p12_password: "password", verify_peer: false} }
+
             it "should not verify the certificate" do
               expect(subject.verify_mode).to eq(OpenSSL::SSL::VERIFY_NONE)
             end