From 7be2beab34bd1f97e80426e04711f65900b69e18 Mon Sep 17 00:00:00 2001
From: Adam Jacob <adam@hjksolutions.com>
Date: Mon, 16 Mar 2009 14:09:34 -0700
Subject: [PATCH] Adding a switch to control ssl verification

---
 lib/restclient/request.rb |  5 +++--
 spec/request_spec.rb      | 21 +++++++++++++++++++++
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/lib/restclient/request.rb b/lib/restclient/request.rb
index bf1c263b..38ff2da9 100644
--- a/lib/restclient/request.rb
+++ b/lib/restclient/request.rb
@@ -6,7 +6,7 @@ module RestClient
 	#   RestClient::Request.execute(:method => :head, :url => 'http://example.com')
    #
 	class Request
-		attr_reader :method, :url, :payload, :headers, :cookies, :user, :password, :timeout, :open_timeout
+		attr_reader :method, :url, :payload, :headers, :cookies, :user, :password, :timeout, :open_timeout, :verify_ssl
 
 		def self.execute(args)
 			new(args).execute
@@ -22,6 +22,7 @@ def initialize(args)
 			@password = args[:password]
 			@timeout = args[:timeout]
 			@open_timeout = args[:open_timeout]
+			@verify_ssl = args[:verify_ssl] || false
 		end
 
 		def execute
@@ -94,7 +95,7 @@ def transmit(uri, req, payload)
 
 			net = net_http_class.new(uri.host, uri.port)
 			net.use_ssl = uri.is_a?(URI::HTTPS)
-			net.verify_mode = OpenSSL::SSL::VERIFY_NONE
+			net.verify_mode = OpenSSL::SSL::VERIFY_NONE if @verify_ssl == false
 			net.read_timeout = @timeout if @timeout
 			net.open_timeout = @open_timeout if @open_timeout
 
diff --git a/spec/request_spec.rb b/spec/request_spec.rb
index 03da45d1..94fa87d0 100644
--- a/spec/request_spec.rb
+++ b/spec/request_spec.rb
@@ -325,4 +325,25 @@
 		
 		@request.transmit(@uri, 'req', nil)
 	end
+	
+	it "should default to not verifying ssl certificates" do
+	  @request.verify_ssl.should == false
+	end
+	
+	it "should set net.verify_mode to OpenSSL::SSL::VERIFY_NONE if verify_ssl is false" do
+	  @net.should_receive(:verify_mode=).with(OpenSSL::SSL::VERIFY_NONE)
+	  @http.stub!(:request)
+	  @request.stub!(:process_result)
+	  @request.stub!(:response_log)
+	  @request.transmit(@uri, 'req', 'payload')
+	end
+	
+	it "should not set net.verify_mode to OpenSSL::SSL::VERIFY_NONE if verify_ssl is true" do
+	  @request = RestClient::Request.new(:method => :put, :url => 'https://some/resource', :payload => 'payload', :verify_ssl => true)
+	  @net.should_not_receive(:verify_mode=).with(OpenSSL::SSL::VERIFY_NONE)
+	  @http.stub!(:request)
+	  @request.stub!(:process_result)
+	  @request.stub!(:response_log)
+	  @request.transmit(@uri, 'req', 'payload')
+	end
 end