diff options
Diffstat (limited to 'dev-lang/ruby/files/ruby-1.8.6_p110-net-http-p111.patch')
| -rw-r--r-- | dev-lang/ruby/files/ruby-1.8.6_p110-net-http-p111.patch | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/dev-lang/ruby/files/ruby-1.8.6_p110-net-http-p111.patch b/dev-lang/ruby/files/ruby-1.8.6_p110-net-http-p111.patch new file mode 100644 index 0000000..82bc32d --- /dev/null +++ b/dev-lang/ruby/files/ruby-1.8.6_p110-net-http-p111.patch @@ -0,0 +1,125 @@ +Index: ext/openssl/lib/openssl/ssl.rb +=================================================================== +--- ext/openssl/lib/openssl/ssl.rb (revision 13503) ++++ ext/openssl/lib/openssl/ssl.rb (revision 13504) +@@ -88,7 +88,7 @@ + end + } + end +- raise SSLError, "hostname not match" ++ raise SSLError, "hostname was not match with the server certificate" + end + end + +Index: ChangeLog +=================================================================== +--- ChangeLog (revision 13503) ++++ ChangeLog (revision 13504) +@@ -1,3 +1,17 @@ ++Sun Sep 23 21:57:25 2007 GOTOU Yuuzou <gotoyuzo@notwork.org> ++ ++ * lib/net/http.rb: an SSL verification (the server hostname should ++ be matched with its certificate's commonName) is added. ++ this verification can be skipped by ++ "Net::HTTP#enable_post_connection_check=(false)". ++ suggested by Chris Clark <cclark at isecpartners.com> ++ ++ * lib/net/open-uri.rb: use Net::HTTP#enable_post_connection_check to ++ perform SSL post connection check. ++ ++ * ext/openssl/lib/openssl/ssl.c ++ (OpenSSL::SSL::SSLSocket#post_connection_check): refine error message. ++ + Sun Sep 23 07:49:49 2007 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * eval.c, intern.h, ext/thread/thread.c: should not free queue while +Index: version.h +=================================================================== +--- version.h (revision 13503) ++++ version.h (revision 13504) +@@ -1,15 +1,15 @@ + #define RUBY_VERSION "1.8.6" +-#define RUBY_RELEASE_DATE "2007-09-23" ++#define RUBY_RELEASE_DATE "2007-09-24" + #define RUBY_VERSION_CODE 186 +-#define RUBY_RELEASE_CODE 20070923 +-#define RUBY_PATCHLEVEL 110 ++#define RUBY_RELEASE_CODE 20070924 ++#define RUBY_PATCHLEVEL 111 + + #define RUBY_VERSION_MAJOR 1 + #define RUBY_VERSION_MINOR 8 + #define RUBY_VERSION_TEENY 6 + #define RUBY_RELEASE_YEAR 2007 + #define RUBY_RELEASE_MONTH 9 +-#define RUBY_RELEASE_DAY 23 ++#define RUBY_RELEASE_DAY 24 + + #ifdef RUBY_EXTERN + RUBY_EXTERN const char ruby_version[]; +Index: lib/open-uri.rb +=================================================================== +--- lib/open-uri.rb (revision 13503) ++++ lib/open-uri.rb (revision 13504) +@@ -229,6 +229,7 @@ + if target.class == URI::HTTPS + require 'net/https' + http.use_ssl = true ++ http.enable_post_connection_check = true + http.verify_mode = OpenSSL::SSL::VERIFY_PEER + store = OpenSSL::X509::Store.new + store.set_default_paths +@@ -240,16 +241,6 @@ + + resp = nil + http.start { +- if target.class == URI::HTTPS +- # xxx: information hiding violation +- sock = http.instance_variable_get(:@socket) +- if sock.respond_to?(:io) +- sock = sock.io # 1.9 +- else +- sock = sock.instance_variable_get(:@socket) # 1.8 +- end +- sock.post_connection_check(target_host) +- end + req = Net::HTTP::Get.new(request_uri, header) + if options.include? :http_basic_authentication + user, pass = options[:http_basic_authentication] +Index: lib/net/http.rb +=================================================================== +--- lib/net/http.rb (revision 13503) ++++ lib/net/http.rb (revision 13504) +@@ -470,6 +470,7 @@ + @debug_output = nil + @use_ssl = false + @ssl_context = nil ++ @enable_post_connection_check = false + end + + def inspect +@@ -526,6 +527,9 @@ + false # redefined in net/https + end + ++ # specify enabling SSL server certificate and hostname checking. ++ attr_accessor :enable_post_connection_check ++ + # Opens TCP connection and HTTP session. + # + # When this method is called with block, gives a HTTP object +@@ -584,6 +588,14 @@ + HTTPResponse.read_new(@socket).value + end + s.connect ++ if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE ++ begin ++ s.post_connection_check(@address) ++ rescue OpenSSL::SSL::SSLError => ex ++ raise ex if @enable_post_connection_check ++ warn ex.message ++ end ++ end + end + on_connect + end |