Feature #15215 ยป ssl_server_name.patch
| ruby-ssl_server_name/lib/net/http.rb 2018-10-07 10:36:31.815452755 +0200 | ||
|---|---|---|
|
@proxy_pass = nil
|
||
|
@use_ssl = false
|
||
|
@ssl_server_name = address
|
||
|
@ssl_context = nil
|
||
|
@ssl_session = nil
|
||
|
@sspi_enabled = false
|
||
| ... | ... | |
|
@use_ssl = flag
|
||
|
end
|
||
|
# The server_name parameter used for establishing the SSL connection (only
|
||
|
# if SNI is supported by OpenSSL). Defaults to the +address+ used to create
|
||
|
# this HTTP object.
|
||
|
attr_accessor :ssl_server_name
|
||
|
SSL_IVNAMES = [
|
||
|
:@ca_file,
|
||
|
:@ca_path,
|
||
| ... | ... | |
|
s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context)
|
||
|
s.sync_close = true
|
||
|
# Server Name Indication (SNI) RFC 3546
|
||
|
s.hostname = @address if s.respond_to? :hostname=
|
||
|
s.hostname = @ssl_server_name if s.respond_to? :hostname=
|
||
|
if @ssl_session and
|
||
|
Process.clock_gettime(Process::CLOCK_REALTIME) < @ssl_session.time.to_f + @ssl_session.timeout
|
||
|
s.session = @ssl_session
|
||
|
end
|
||
|
ssl_socket_connect(s, @open_timeout)
|
||
|
if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
|
||
|
s.post_connection_check(@address)
|
||
|
s.post_connection_check(@ssl_server_name)
|
||
|
end
|
||
|
D "SSL established"
|
||
|
end
|
||
| ruby-ssl_server_name/test/net/http/test_https.rb 2018-10-07 10:36:31.815452755 +0200 | ||
|---|---|---|
|
assert_match(re_msg, ex.message)
|
||
|
end
|
||
|
def test_server_name_used_for_verify
|
||
|
http = Net::HTTP.new("127.0.0.1", config("port"))
|
||
|
http.use_ssl = true
|
||
|
http.ssl_server_name = "localhost"
|
||
|
http.cert_store = TEST_STORE
|
||
|
assert_nothing_raised{
|
||
|
http.request_get("/") {|res| }
|
||
|
}
|
||
|
end
|
||
|
def test_timeout_during_SSL_handshake
|
||
|
bug4246 = "expected the SSL connection to have timed out but have not. [ruby-core:34203]"
|
||