Allow :ca_path or :ca_file to be passed in as settings, for SSL context#399
Conversation
|
I support this pull request. This pull request adds the setting for validating ca certificates. Without this, SSL/TLS may be much more easily spoofed and therefore renders SSL/TLS considerable less secure. Furthermore, the default setting is for ca_path or ca_file to be used. |
|
Hi there, looks like a good idea. Though making the default to require |
|
Hi there, just took another look at your pull request, and seems like you are defaulting to using the dummy context requiring the ca stuff by default which is good.... however, we recently merged a pull request in to make SSL work on Ruby 1.8.7 and this now conflicts. Could you rebase against master? |
|
Ping! @ndbroadbent up for rebasing? |
… to be passed in as settings.
|
Rebased! |
Allow :ca_path or :ca_file to be passed in as settings, for SSL context
|
Thanks @ndbroadbent! |
RE: Issue #345
Also refactored SSL context code in Mail::SMTP to use a shared private method:
#ssl_context.