ruby-changes:10595
From: knu <ko1@a...>
Date: Mon, 9 Feb 2009 12:15:50 +0900 (JST)
Subject: [ruby-changes:10595] Ruby:r22152 (ruby_1_8): r22141@crimson: knu | 2009-02-08 22:04:26 +0900
knu 2009-02-09 12:15:41 +0900 (Mon, 09 Feb 2009) New Revision: 22152 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=22152 Log: r22141@crimson: knu | 2009-02-08 22:04:26 +0900 (:ssl_verify_mode): new option suggested by Will Glynn. (r9958) (:ssl_ca_cert): new option. (r9958, r13691) Modified directories: branches/ruby_1_8/ Modified files: branches/ruby_1_8/ChangeLog branches/ruby_1_8/lib/open-uri.rb Index: ruby_1_8/ChangeLog =================================================================== --- ruby_1_8/ChangeLog (revision 22151) +++ ruby_1_8/ChangeLog (revision 22152) @@ -6,6 +6,8 @@ (OpenURI.open_loop): prohibit multiple proxy options. (r9339) (OpenURI.open_loop): find_proxy should return nil when proxy does not exist. [ruby-dev:27630] (r9500) + (:ssl_verify_mode): new option suggested by Will Glynn. (r9958) + (:ssl_ca_cert): new option. (r9958, r13691) Mon Feb 9 01:21:16 2009 Tanaka Akira <akr@f...> Index: ruby_1_8/lib/open-uri.rb =================================================================== --- ruby_1_8/lib/open-uri.rb (revision 22151) +++ ruby_1_8/lib/open-uri.rb (revision 22152) @@ -96,6 +96,8 @@ :content_length_proc => true, :http_basic_authentication => true, :read_timeout => true, + :ssl_ca_cert => nil, + :ssl_verify_mode => nil, } def OpenURI.check_options(options) # :nodoc: @@ -266,9 +268,17 @@ if target.class == URI::HTTPS require 'net/https' http.use_ssl = true - http.verify_mode = OpenSSL::SSL::VERIFY_PEER + http.verify_mode = options[:ssl_verify_mode] || OpenSSL::SSL::VERIFY_PEER store = OpenSSL::X509::Store.new - store.set_default_paths + if options[:ssl_ca_cert] + if File.directory? options[:ssl_ca_cert] + store.add_path options[:ssl_ca_cert] + else + store.add_file options[:ssl_ca_cert] + end + else + store.set_default_paths + end http.cert_store = store end if options.include? :read_timeout @@ -570,6 +580,19 @@ # # :read_timeout option specifies a timeout of read for http connections. # + # [:ssl_ca_cert] + # Synopsis: + # :ssl_ca_cert=>filename + # + # :ssl_ca_cert is used to specify CA certificate for SSL. + # If it is given, default certificates are not used. + # + # [:ssl_verify_mode] + # Synopsis: + # :ssl_verify_mode=>mode + # + # :ssl_verify_mode is used to specify openssl verify mode. + # # OpenURI::OpenRead#open returns an IO like object if block is not given. # Otherwise it yields the IO object and return the value of the block. # The IO object is extended with OpenURI::Meta. Property changes on: ruby_1_8 ___________________________________________________________________ Name: svk:merge - 050cfa88-b445-4b2e-b226-957b86f2c464:/local/ruby/1.8:22140 b2dd03c8-39d4-4d8f-98ff-823fe69b080e:/trunk:5286 + 050cfa88-b445-4b2e-b226-957b86f2c464:/local/ruby/1.8:22141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e:/trunk:5286 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/