Add support for specifying an SSL CA path.

[ab]

Net::HTTP already supports ssl_ca_path; rest-client just needs to pass through the option.

This also fixes SSL on rubies < 1.9. I couldn't get the tests running in the time I allocated for this, so they may be broken.

[jcoyne]

Why is the check for ruby 1.9 or greater necessary?

[ab]

The Net::HTTP in Ruby 1.8 has no method ssl_version=. I'd be happy to implement the check in some other way.

[jcoyne]

Okay, that's a very good reason to check then. I'm not a committer BTW, just watching over the pull requests.

[L2G]

net.ssl_version = @ssl_version if net.respond_to?(:ssl_version=)

What about that? Ugly, I know, but Ruby 1.8 will be retired in June anyway.

Are there consequences to ignoring the SSL version on 1.8?

[ab]

That would be OK. The main reason I did the RUBY_VERSION check is that I wanted to make it clearer that ssl_version is not going to be passed to Net::HTTP. The patch as written does an additional check in the initializer to avoid setting @ssl_version, and you don't have access to a Net::HTTP object at that time.

It probably depends on your system SSL configuration. I expect that in general without a version it will allow SSLv2, which would be a security risk except that the vast majority of well-configured servers disallow SSLv2 anyway.

[L2G]

See rest-client#159.

[L2G]

Administrative note: be mindful of rest-client#166 and rest-client#167.

[ab]

OK I'm going to clean this up and re-submit to rest-client/rest-client. Do you still want it to work on 1.8 or is rest-client planning to drop support entirely?

[L2G]

I don't consider backwards compatibility with 1.8.x necessary.