always_verify_ssl_certificates 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/always_verify_ssl_certificates.gemspec +4 -5
- data/lib/always_verify_ssl_certificates.rb +5 -1
- metadata +6 -6
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.3.0
|
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
# Generated by jeweler
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
|
-
# Instead, edit Jeweler::Tasks in
|
|
3
|
+
# Instead, edit Jeweler::Tasks in rakefile, and run the gemspec command
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = %q{always_verify_ssl_certificates}
|
|
8
|
-
s.version = "0.
|
|
8
|
+
s.version = "0.3.0"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["James Golick"]
|
|
12
|
-
s.date = %q{
|
|
12
|
+
s.date = %q{2011-03-17}
|
|
13
13
|
s.description = %q{Ruby’s net/http is setup to never verify SSL certificates by default. Most ruby libraries do the same. That means that you’re not verifying the identity of the server you’re communicating with and are therefore exposed to man in the middle attacks. This gem monkey-patches net/http to force certificate verification and make turning it off impossible.}
|
|
14
14
|
s.email = %q{jamesgolick@gmail.com}
|
|
15
15
|
s.extra_rdoc_files = [
|
|
@@ -31,7 +31,7 @@ Gem::Specification.new do |s|
|
|
|
31
31
|
s.homepage = %q{http://github.com/jamesgolick/always_verify_ssl_certificates}
|
|
32
32
|
s.rdoc_options = ["--charset=UTF-8"]
|
|
33
33
|
s.require_paths = ["lib"]
|
|
34
|
-
s.rubygems_version = %q{1.
|
|
34
|
+
s.rubygems_version = %q{1.5.2}
|
|
35
35
|
s.summary = %q{Force net/http to always verify SSL certificates.}
|
|
36
36
|
s.test_files = [
|
|
37
37
|
"test/helper.rb",
|
|
@@ -39,7 +39,6 @@ Gem::Specification.new do |s|
|
|
|
39
39
|
]
|
|
40
40
|
|
|
41
41
|
if s.respond_to? :specification_version then
|
|
42
|
-
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
|
43
42
|
s.specification_version = 3
|
|
44
43
|
|
|
45
44
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'resolv'
|
|
2
|
+
require 'resolv-replace'
|
|
1
3
|
require "net/http"
|
|
2
4
|
require "net/https"
|
|
3
5
|
|
|
@@ -9,7 +11,9 @@ module Net
|
|
|
9
11
|
s = timeout(@open_timeout) { TCPSocket.open(conn_address(), conn_port()) }
|
|
10
12
|
D "opened"
|
|
11
13
|
if use_ssl?
|
|
12
|
-
self.verify_mode
|
|
14
|
+
if self.verify_mode != OpenSSL::SSL::VERIFY_PEER
|
|
15
|
+
self.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
16
|
+
end
|
|
13
17
|
s = OpenSSL::SSL::SSLSocket.new(s, @ssl_context)
|
|
14
18
|
s.sync_close = true
|
|
15
19
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: always_verify_ssl_certificates
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
5
|
-
prerelease:
|
|
4
|
+
hash: 19
|
|
5
|
+
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
|
-
-
|
|
8
|
+
- 3
|
|
9
9
|
- 0
|
|
10
|
-
version: 0.
|
|
10
|
+
version: 0.3.0
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- James Golick
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date:
|
|
18
|
+
date: 2011-03-17 00:00:00 -07:00
|
|
19
19
|
default_executable:
|
|
20
20
|
dependencies: []
|
|
21
21
|
|
|
@@ -69,7 +69,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
69
69
|
requirements: []
|
|
70
70
|
|
|
71
71
|
rubyforge_project:
|
|
72
|
-
rubygems_version: 1.
|
|
72
|
+
rubygems_version: 1.5.2
|
|
73
73
|
signing_key:
|
|
74
74
|
specification_version: 3
|
|
75
75
|
summary: Force net/http to always verify SSL certificates.
|