|
|
ab1c353 |
diff -pruN ruby-1.8.6-p111.orig/ext/openssl/lib/net/ftptls.rb ruby-1.8.6-p111/ext/openssl/lib/net/ftptls.rb
|
|
|
ab1c353 |
--- ruby-1.8.6-p111.orig/ext/openssl/lib/net/ftptls.rb 2007-02-13 08:01:19.000000000 +0900
|
|
|
ab1c353 |
+++ ruby-1.8.6-p111/ext/openssl/lib/net/ftptls.rb 2007-10-29 21:10:24.000000000 +0900
|
|
|
ab1c353 |
@@ -29,13 +29,23 @@ require 'net/ftp'
|
|
|
ab1c353 |
|
|
|
ab1c353 |
module Net
|
|
|
ab1c353 |
class FTPTLS < FTP
|
|
|
ab1c353 |
+ def connect(host, port=FTP_PORT)
|
|
|
ab1c353 |
+ @hostname = host
|
|
|
ab1c353 |
+ super
|
|
|
ab1c353 |
+ end
|
|
|
ab1c353 |
+
|
|
|
ab1c353 |
def login(user = "anonymous", passwd = nil, acct = nil)
|
|
|
ab1c353 |
+ store = OpenSSL::X509::Store.new
|
|
|
ab1c353 |
+ store.set_default_paths
|
|
|
ab1c353 |
ctx = OpenSSL::SSL::SSLContext.new('SSLv23')
|
|
|
ab1c353 |
+ ctx.cert_store = store
|
|
|
ab1c353 |
+ ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
|
ab1c353 |
ctx.key = nil
|
|
|
ab1c353 |
ctx.cert = nil
|
|
|
ab1c353 |
voidcmd("AUTH TLS")
|
|
|
ab1c353 |
@sock = OpenSSL::SSL::SSLSocket.new(@sock, ctx)
|
|
|
ab1c353 |
@sock.connect
|
|
|
ab1c353 |
+ @sock.post_connection_check(@hostname)
|
|
|
ab1c353 |
super(user, passwd, acct)
|
|
|
ab1c353 |
voidcmd("PBSZ 0")
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
diff -pruN ruby-1.8.6-p111.orig/ext/openssl/lib/net/telnets.rb ruby-1.8.6-p111/ext/openssl/lib/net/telnets.rb
|
|
|
ab1c353 |
--- ruby-1.8.6-p111.orig/ext/openssl/lib/net/telnets.rb 2007-02-13 08:01:19.000000000 +0900
|
|
|
ab1c353 |
+++ ruby-1.8.6-p111/ext/openssl/lib/net/telnets.rb 2007-10-29 21:13:03.000000000 +0900
|
|
|
ab1c353 |
@@ -134,6 +134,9 @@ module Net
|
|
|
ab1c353 |
@sock.verify_callback = @options['VerifyCallback']
|
|
|
ab1c353 |
@sock.verify_depth = @options['VerifyDepth']
|
|
|
ab1c353 |
@sock.connect
|
|
|
ab1c353 |
+ if @options['VerifyMode'] != OpenSSL::SSL::VERIFY_NONE
|
|
|
ab1c353 |
+ @sock.post_connection_check(@options['Host'])
|
|
|
ab1c353 |
+ end
|
|
|
ab1c353 |
@ssl = true
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
''
|
|
|
ab1c353 |
diff -pruN ruby-1.8.6-p111.orig/lib/net/http.rb ruby-1.8.6-p111/lib/net/http.rb
|
|
|
ab1c353 |
--- ruby-1.8.6-p111.orig/lib/net/http.rb 2007-09-24 17:12:24.000000000 +0900
|
|
|
ab1c353 |
+++ ruby-1.8.6-p111/lib/net/http.rb 2007-10-29 21:12:12.000000000 +0900
|
|
|
ab1c353 |
@@ -470,7 +470,6 @@ module Net #:nodoc:
|
|
|
ab1c353 |
@debug_output = nil
|
|
|
ab1c353 |
@use_ssl = false
|
|
|
ab1c353 |
@ssl_context = nil
|
|
|
ab1c353 |
- @enable_post_connection_check = false
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
|
|
|
ab1c353 |
def inspect
|
|
|
ab1c353 |
@@ -527,9 +526,6 @@ module Net #:nodoc:
|
|
|
ab1c353 |
false # redefined in net/https
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
|
|
|
ab1c353 |
- # specify enabling SSL server certificate and hostname checking.
|
|
|
ab1c353 |
- attr_accessor :enable_post_connection_check
|
|
|
ab1c353 |
-
|
|
|
ab1c353 |
# Opens TCP connection and HTTP session.
|
|
|
ab1c353 |
#
|
|
|
ab1c353 |
# When this method is called with block, gives a HTTP object
|
|
|
ab1c353 |
@@ -589,12 +585,7 @@ module Net #:nodoc:
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
s.connect
|
|
|
ab1c353 |
if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
|
|
|
ab1c353 |
- begin
|
|
|
ab1c353 |
- s.post_connection_check(@address)
|
|
|
ab1c353 |
- rescue OpenSSL::SSL::SSLError => ex
|
|
|
ab1c353 |
- raise ex if @enable_post_connection_check
|
|
|
ab1c353 |
- warn ex.message
|
|
|
ab1c353 |
- end
|
|
|
ab1c353 |
+ s.post_connection_check(@address)
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
on_connect
|
|
|
ab1c353 |
diff -pruN ruby-1.8.6-p111.orig/lib/net/imap.rb ruby-1.8.6-p111/lib/net/imap.rb
|
|
|
ab1c353 |
--- ruby-1.8.6-p111.orig/lib/net/imap.rb 2007-08-22 08:28:09.000000000 +0900
|
|
|
ab1c353 |
+++ ruby-1.8.6-p111/lib/net/imap.rb 2007-10-29 21:14:38.000000000 +0900
|
|
|
ab1c353 |
@@ -900,6 +900,7 @@ module Net
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
@sock = SSLSocket.new(@sock, context)
|
|
|
ab1c353 |
@sock.connect # start ssl session.
|
|
|
ab1c353 |
+ @sock.post_connection_check(@host) if verify
|
|
|
ab1c353 |
else
|
|
|
ab1c353 |
@usessl = false
|
|
|
ab1c353 |
end
|
|
|
ab1c353 |
diff -pruN ruby-1.8.6-p111.orig/lib/open-uri.rb ruby-1.8.6-p111/lib/open-uri.rb
|
|
|
ab1c353 |
--- ruby-1.8.6-p111.orig/lib/open-uri.rb 2007-09-24 17:12:24.000000000 +0900
|
|
|
ab1c353 |
+++ ruby-1.8.6-p111/lib/open-uri.rb 2007-10-29 21:16:03.000000000 +0900
|
|
|
ab1c353 |
@@ -229,7 +229,6 @@ module OpenURI
|
|
|
ab1c353 |
if target.class == URI::HTTPS
|
|
|
ab1c353 |
require 'net/https'
|
|
|
ab1c353 |
http.use_ssl = true
|
|
|
ab1c353 |
- http.enable_post_connection_check = true
|
|
|
ab1c353 |
http.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
|
ab1c353 |
store = OpenSSL::X509::Store.new
|
|
|
ab1c353 |
store.set_default_paths
|