ruby-changes:22374
From: drbrain <ko1@a...>
Date: Fri, 3 Feb 2012 07:54:22 +0900 (JST)
Subject: [ruby-changes:22374] drbrain:r34423 (trunk): * ext/openssl/ossl_x509store.c: Add class documentation for
drbrain 2012-02-03 07:54:10 +0900 (Fri, 03 Feb 2012) New Revision: 34423 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=34423 Log: * ext/openssl/ossl_x509store.c: Add class documentation for OpenSSL::X509::Store Modified files: trunk/ChangeLog trunk/ext/openssl/ossl_x509store.c Index: ChangeLog =================================================================== --- ChangeLog (revision 34422) +++ ChangeLog (revision 34423) @@ -1,3 +1,8 @@ +Fri Feb 3 06:53:22 2012 Eric Hodel <drbrain@s...> + + * ext/openssl/ossl_x509store.c: Add class documentation for + OpenSSL::X509::Store + Thu Feb 2 22:28:13 2012 Kazuhiro NISHIYAMA <zn@m...> * test/net/http/test_https_proxy.rb Index: ext/openssl/ossl_x509store.c =================================================================== --- ext/openssl/ossl_x509store.c (revision 34422) +++ ext/openssl/ossl_x509store.c (revision 34423) @@ -571,8 +571,47 @@ { VALUE x509stctx; +#if 0 + mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */ + mX509 = rb_define_module_under(mOSSL, "X509"); +#endif + eX509StoreError = rb_define_class_under(mX509, "StoreError", eOSSLError); + /* Document-class: OpenSSL::X509::Store + * + * The X509 certificate store holds trusted CA certificates used to verify + * peer certificates. + * + * The easiest way to create a useful certificate store is: + * + * cert_store = OpenSSL::X509::Store.new + * cert_store.set_default_paths + * + * This will use your system's built-in certificates. + * + * If your system does not have a default set of certificates you can + * obtain a set from Mozilla here: http://curl.haxx.se/docs/caextract.html + * (Note that this set does not have an HTTPS download option so you may + * wish to use the firefox-db2pem.sh script to extract the certificates + * from a local install to avoid man-in-the-middle attacks.) + * + * After downloading or generating a cacert.pem from the above link you + * can create a certificate store from the pem file like this: + * + * cert_store = OpenSSL::X509::Store.new + * cert_store.add_file 'cacert.pem' + * + * The certificate store can be used with an SSLSocket like this: + * + * ssl_context = OpenSSL::SSL::SSLContext.new + * ssl_context.cert_store = cert_store + * + * tcp_socket = TCPSocket.open 'example.com', 443 + * + * ssl_socket = OpenSSL::SSL::SSLSocket.new tcp_socket, ssl_context + */ + cX509Store = rb_define_class_under(mX509, "Store", rb_cObject); rb_attr(cX509Store, rb_intern("verify_callback"), 1, 0, Qfalse); rb_attr(cX509Store, rb_intern("error"), 1, 0, Qfalse); -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/