diff -pruN ruby-1.8.6-p111.orig/ext/openssl/lib/net/ftptls.rb ruby-1.8.6-p111/ext/openssl/lib/net/ftptls.rb

--- ruby-1.8.6-p111.orig/ext/openssl/lib/net/ftptls.rb	2007-02-13 08:01:19.000000000 +0900

+++ ruby-1.8.6-p111/ext/openssl/lib/net/ftptls.rb	2007-10-29 21:10:24.000000000 +0900

@@ -29,13 +29,23 @@ require 'net/ftp'

 module Net

   class FTPTLS < FTP

+    def connect(host, port=FTP_PORT)

+       @hostname = host

+       super

+    end

+

     def login(user = "anonymous", passwd = nil, acct = nil)

+       store = OpenSSL::X509::Store.new

+       store.set_default_paths

        ctx = OpenSSL::SSL::SSLContext.new('SSLv23')

+       ctx.cert_store = store

+       ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER

        ctx.key = nil

        ctx.cert = nil

        voidcmd("AUTH TLS")

        @sock = OpenSSL::SSL::SSLSocket.new(@sock, ctx)

        @sock.connect

+       @sock.post_connection_check(@hostname)

        super(user, passwd, acct)

        voidcmd("PBSZ 0")

     end

diff -pruN ruby-1.8.6-p111.orig/ext/openssl/lib/net/telnets.rb ruby-1.8.6-p111/ext/openssl/lib/net/telnets.rb

--- ruby-1.8.6-p111.orig/ext/openssl/lib/net/telnets.rb	2007-02-13 08:01:19.000000000 +0900

+++ ruby-1.8.6-p111/ext/openssl/lib/net/telnets.rb	2007-10-29 21:13:03.000000000 +0900

@@ -134,6 +134,9 @@ module Net

             @sock.verify_callback = @options['VerifyCallback']

             @sock.verify_depth    = @options['VerifyDepth']

             @sock.connect

+            if @options['VerifyMode'] != OpenSSL::SSL::VERIFY_NONE

+              @sock.post_connection_check(@options['Host'])

+            end

             @ssl = true

           end

           ''

diff -pruN ruby-1.8.6-p111.orig/lib/net/http.rb ruby-1.8.6-p111/lib/net/http.rb

--- ruby-1.8.6-p111.orig/lib/net/http.rb	2007-09-24 17:12:24.000000000 +0900

+++ ruby-1.8.6-p111/lib/net/http.rb	2007-10-29 21:12:12.000000000 +0900

@@ -470,7 +470,6 @@ module Net   #:nodoc:

       @debug_output = nil

       @use_ssl = false

       @ssl_context = nil

-      @enable_post_connection_check = false

     end

     def inspect

@@ -527,9 +526,6 @@ module Net   #:nodoc:

       false   # redefined in net/https

     end

-    # specify enabling SSL server certificate and hostname checking.

-    attr_accessor :enable_post_connection_check

-

     # Opens TCP connection and HTTP session.

     # 

     # When this method is called with block, gives a HTTP object

@@ -589,12 +585,7 @@ module Net   #:nodoc:

         end

         s.connect

         if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE

-          begin

-            s.post_connection_check(@address)

-          rescue OpenSSL::SSL::SSLError => ex

-            raise ex if @enable_post_connection_check

-            warn ex.message

-          end

+          s.post_connection_check(@address)

         end

       end

       on_connect

diff -pruN ruby-1.8.6-p111.orig/lib/net/imap.rb ruby-1.8.6-p111/lib/net/imap.rb

--- ruby-1.8.6-p111.orig/lib/net/imap.rb	2007-08-22 08:28:09.000000000 +0900

+++ ruby-1.8.6-p111/lib/net/imap.rb	2007-10-29 21:14:38.000000000 +0900

@@ -900,6 +900,7 @@ module Net

         end

         @sock = SSLSocket.new(@sock, context)

         @sock.connect   # start ssl session.

+        @sock.post_connection_check(@host) if verify

       else

         @usessl = false

       end

diff -pruN ruby-1.8.6-p111.orig/lib/open-uri.rb ruby-1.8.6-p111/lib/open-uri.rb

--- ruby-1.8.6-p111.orig/lib/open-uri.rb	2007-09-24 17:12:24.000000000 +0900

+++ ruby-1.8.6-p111/lib/open-uri.rb	2007-10-29 21:16:03.000000000 +0900

@@ -229,7 +229,6 @@ module OpenURI

     if target.class == URI::HTTPS

       require 'net/https'

       http.use_ssl = true

-      http.enable_post_connection_check = true

       http.verify_mode = OpenSSL::SSL::VERIFY_PEER

       store = OpenSSL::X509::Store.new

       store.set_default_paths