* lib/net/http.rb (Net::HTTP#connect): use

OpenSSL::SSL::SSLContext.build instead of SSLContext.new (default verify mode is now OpenSSL::SSL::VERIFY_PEER). * lib/net/https.rb: SSL parameters are defined by attr_accessor. * test/net/http/test_https.rb: add test for HTTPS features. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@14371 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2007-12-20 16:21:22 +00:00 · 2007-12-20 16:21:22 +00:00 · c6920177f3
commit c6920177f3
parent d86caf3188
5 changed files with 139 additions and 51 deletions
--- a/lib/net/https.rb
+++ b/lib/net/https.rb
@ -102,70 +102,35 @@ require 'net/http'
 require 'openssl'

 module Net
-
  class HTTP
    remove_method :use_ssl?
    def use_ssl?
      @use_ssl
    end

-    alias use_ssl use_ssl?   # for backward compatibility
-
    # Turn on/off SSL.
    # This flag must be set before starting session.
    # If you change use_ssl value after session started,
    # a Net::HTTP object raises IOError.
    def use_ssl=(flag)
      flag = (flag ? true : false)
-      raise IOError, "use_ssl value changed, but session already started" \
-          if started? and @use_ssl != flag
-      if flag and not @ssl_context
-        @ssl_context = OpenSSL::SSL::SSLContext.new
+      if started? and @use_ssl != flag
+        raise IOError, "use_ssl value changed, but session already started"
      end
      @use_ssl = flag
    end

-    def self.ssl_context_accessor(name)
-      module_eval(<<-End, __FILE__, __LINE__ + 1)
-        def #{name}
-          return nil unless @ssl_context
-          @ssl_context.#{name}
-        end
-
-        def #{name}=(val)
-          @ssl_context ||= OpenSSL::SSL::SSLContext.new
-          @ssl_context.#{name} = val
-        end
-      End
-    end
-
-    ssl_context_accessor :key
-    ssl_context_accessor :cert
-    ssl_context_accessor :ca_file
-    ssl_context_accessor :ca_path
-    ssl_context_accessor :verify_mode
-    ssl_context_accessor :verify_callback
-    ssl_context_accessor :verify_depth
-    ssl_context_accessor :cert_store
-
-    def ssl_timeout
-      return nil unless @ssl_context
-      @ssl_context.timeout
-    end
-
-    def ssl_timeout=(sec)
-      raise ArgumentError, 'Net::HTTP#ssl_timeout= called but use_ssl=false' \
-          unless use_ssl?
-      @ssl_context ||= OpenSSL::SSL::SSLContext.new
-      @ssl_context.timeout = sec
-    end
-
-    alias timeout= ssl_timeout=   # for backward compatibility
+    SSL_ATTRIBUTES = %w(
+      ssl_version key cert ca_file ca_path cert_store ciphers
+      verify_mode verify_callback verify_depth ssl_timeout
+    )
+    attr_accessor *SSL_ATTRIBUTES

    def peer_cert
-      return nil if not use_ssl? or not @socket
+      if not use_ssl? or not @socket
+        return nil
+      end
      @socket.io.peer_cert
    end
  end
-
 end