ruby-changes:2881
From: ko1@a...
Date: 21 Dec 2007 01:27:29 +0900
Subject: [ruby-changes:2881] gotoyuzo - Ruby:r14372 (trunk): * ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL::SSLContext.build):
gotoyuzo 2007-12-21 01:27:14 +0900 (Fri, 21 Dec 2007)
New Revision: 14372
Modified files:
trunk/ChangeLog
trunk/ext/openssl/lib/openssl/ssl.rb
Log:
* ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL::SSLContext.build):
enable CRL checking on default cert store.
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ChangeLog?r1=14372&r2=14371
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ext/openssl/lib/openssl/ssl.rb?r1=14372&r2=14371
Index: ChangeLog
===================================================================
--- ChangeLog (revision 14371)
+++ ChangeLog (revision 14372)
@@ -1,3 +1,8 @@
+Fri Dec 21 01:21:49 2007 GOTOU Yuuzou <gotoyuzo@n...>
+
+ * ext/openssl/lib/openssl/ssl.rb (OpenSSL::SSL::SSLContext.build):
+ enable CRL checking by default.
+
Fri Dec 21 01:20:56 2007 GOTOU Yuuzou <gotoyuzo@n...>
* lib/net/http.rb (Net::HTTP#connect): use
Index: ext/openssl/lib/openssl/ssl.rb
===================================================================
--- ext/openssl/lib/openssl/ssl.rb (revision 14371)
+++ ext/openssl/lib/openssl/ssl.rb (revision 14372)
@@ -37,6 +37,9 @@
unless ctx.ca_file or ctx.ca_path or
ctx.cert_store or ctx.verify_callback
ctx.cert_store = OpenSSL::X509::Store.new
+ if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
+ ctx.cert_store.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
+ end
ctx.cert_store.set_default_paths
end
end
--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml