fixed failing integration/request_spec.rb. All tests are passing now

2022-11-09 13:49:40 -05:00 · 2012-11-16 12:36:25 +00:00 · 2012-11-16 12:36:25 +00:00 · e03e5e6ce9
commit e03e5e6ce9
parent 178a0d82c8
3 changed files with 15 additions and 10 deletions
--- a/lib/restclient/request.rb
+++ b/lib/restclient/request.rb
@ -149,13 +149,6 @@ module RestClient
        net.verify_mode = OpenSSL::SSL::VERIFY_NONE
      elsif @verify_ssl.is_a? Integer
        net.verify_mode = @verify_ssl
-        net.verify_callback = lambda do |preverify_ok, ssl_context|
-          if (!preverify_ok) || ssl_context.error != 0
-            err_msg = "SSL Verification failed -- Preverify: #{preverify_ok}, Error: #{ssl_context.error_string} (#{ssl_context.error})"
-            raise SSLCertificateNotVerified.new(err_msg)
-          end
-          true
-        end
      end
      net.cert = @ssl_client_cert if @ssl_client_cert
      net.key = @ssl_client_key if @ssl_client_key
@ -186,6 +179,11 @@ module RestClient
      raise RestClient::ServerBrokeConnection
    rescue Timeout::Error
      raise RestClient::RequestTimeout
+    rescue OpenSSL::SSL::SSLError => error
+      # UGH. Not sure if this is needed at all. SSLCertificateNotVerified is not being used internally.
+      # I think it would be better to leave SSLError processing to the client (they'd have to do that anyway...)
+      raise SSLCertificateNotVerified.new(error.message) if error.message.include?("certificate verify failed")
+      raise error
    end

    def setup_credentials(req)
--- a/spec/integration/request_spec.rb
+++ b/spec/integration/request_spec.rb
@ -12,8 +12,16 @@ describe RestClient::Request do
      expect { request.execute }.to_not raise_error
    end

-    # This doesn't works any more (under 1.9.3 at the very least). Exceptions in verify_callback are ignored.
-    # see https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl.c#L237
+    # I don' think this feature is useful anymore (under 1.9.3 at the very least).
+    #
+    # Exceptions in verify_callback are ignored; RestClient has to catch OpenSSL::SSL::SSLError
+    # and either re-throw it as is, or throw SSLCertificateNotVerified
+    # based on the contents of the message field of the original exception
+    #.
+    # The client has to handle OpenSSL::SSL::SSLError exceptions anyway,
+    # why make them handle both OpenSSL *AND* RestClient exceptions???
+    #
+    # also see https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl.c#L237
    it "is unsuccessful with an incorrect ca_file" do
      request = RestClient::Request.new(
        :method => :get,
--- a/spec/request_spec.rb
+++ b/spec/request_spec.rb
@ -435,7 +435,6 @@ describe RestClient::Request do
                                          :payload => 'payload',
                                          :verify_ssl => mode )
      @net.should_receive(:verify_mode=).with(mode)
-      @net.should_receive(:verify_callback=)
      @http.stub!(:request)
      @request.stub!(:process_result)
      @request.stub!(:response_log)