Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fix peer certificate handling in HTTP ping.

This patch fixes possible warnings resulting from missing SSL
certificates.

User can now specify the verification mode via @ssl_verify_mode option.
Default is set to VERIFY_NONE, i.e ignore the verification.

Signed-off-by: Balazs Kutil <kutil.balazs@gmail.com>
  • Loading branch information...
commit f57588a0ead06bbb8bf34ff55c4048872f0138b9 1 parent 03a6f36
Balazs Kutil authored
Showing with 8 additions and 2 deletions.
  1. +8 −1 lib/net/ping/http.rb
  2. +0 −1  test/test_net_ping_http.rb
View
9 lib/net/ping/http.rb
@@ -27,12 +27,16 @@ class Ping::HTTP < Ping
# The user agent used for the HTTP request. The default is nil.
attr_accessor :user_agent
+ # OpenSSL certificate verification mode. The default is VERIFY_NONE.
+ attr_accessor :ssl_verify_mode
+
# Creates and returns a new Ping::HTTP object. The default port is the
# port associated with the URI. The default timeout is 5 seconds.
#
def initialize(uri=nil, port=nil, timeout=5)
@follow_redirect = true
@redirect_limit = 5
+ @ssl_verify_mode = OpenSSL::SSL::VERIFY_NONE
port ||= URI.parse(uri).port if uri
@@ -67,7 +71,10 @@ def ping(host = @host)
headers["User-Agent"] = user_agent unless user_agent.nil?
Timeout.timeout(@timeout) do
http = Net::HTTP.new(uri.host, uri.port)
- http.use_ssl = (uri.scheme == 'https')
+ if uri.scheme == 'https'
+ http.use_ssl = true
+ http.verify_mode = @ssl_verify_mode
+ end
request = Net::HTTP::Get.new(uri_path)
response = http.start{ |h| h.request(request) }
end
View
1  test/test_net_ping_http.rb
@@ -163,7 +163,6 @@ def setup
assert_equal(443, @http.port)
end
- # This will generate a warning. Nothing I can do about it.
test 'ping against https site works as expected' do
@http = Net::Ping::HTTP.new(@uri_https)
assert_true(@http.ping)
Please sign in to comment.
Something went wrong with that request. Please try again.