Prev: How to Make Fast Online Money to Fill Your PayPal Account
Next: ruby-1.9.1: require 'rio' fails
From: Liping Bao on 3 Dec 2009 01:42 Hello All I need to https connect an apache server that only support tls1 protocol. How do I switch to use ONLY tls1 in https module? I searched over internet for a long while and found nothing useful for me. The apache server itself is ok. I could connect to it with IE by using tls1. My ruby scripts are also ok to https connect the other regular apache server. And from the httpd log, it is confirmed that it is raised by wrong version number. My ruby version: ruby 1.8.6 Thanks in advance for your help! Best Regards Liping -- Posted via http://www.ruby-forum.com/.
From: Brian Candler on 3 Dec 2009 04:31 Liping Bao wrote: > Hello All > > I need to https connect an apache server that only support tls1 > protocol. > How do I switch to use ONLY tls1 in https module? I searched over > internet for a long while and found nothing useful for me. Have a look in the source code, probably somewhere like /usr/lib/ruby/1.8/net/https.rb You can see there is an instance variable @ssl_context which keeps the SSL state. Now see the docs for this: http://www.ruby-doc.org/core-1.9/classes/OpenSSL/SSL/SSLContext.html It looks like you should be able to replace SSLContext.new with SSLContext.new(:TLSv1) Looking through the code, I think you can do this without monkey-patching, by setting the @ssl_context variable *before* calling use_ssl=true. Something like this (untested): uri = URI.parse(ARGV[0] || 'https://localhost/') http = Net::HTTP.new(uri.host, uri.port) if uri.scheme == "https" http.instance_eval { @ssl_context = OpenSSL::SSL::SSLContext.new(:TLSv1) } http.use_ssl = true end If this works, then go to redmine.ruby-lang.org and submit a ticket suggesting this be made available as a feature, e.g. --- https.rb.orig 2009-12-03 09:27:56.000000000 +0000 +++ https.rb 2009-12-03 09:30:18.000000000 +0000 @@ -121,7 +121,7 @@ raise IOError, "use_ssl value changed, but session already started" \ if started? and @use_ssl != flag if flag and not @ssl_context - @ssl_context = OpenSSL::SSL::SSLContext.new + @ssl_context = flag == true ? OpenSSL::SSL::SSLContext.new : OpenSSL::SSL::SSLContext.new(flag) end @use_ssl = flag end -- Posted via http://www.ruby-forum.com/.
From: Liping Bao on 6 Dec 2009 21:44 Brian Candler wrote: > if uri.scheme == "https" > http.instance_eval { @ssl_context = > OpenSSL::SSL::SSLContext.new(:TLSv1) } > http.use_ssl = true > end > Thanks a lot! It works for me. > if started? and @use_ssl != flag > if flag and not @ssl_context > - @ssl_context = OpenSSL::SSL::SSLContext.new > + @ssl_context = flag == true ? OpenSSL::SSL::SSLContext.new : > OpenSSL::SSL::SSLContext.new(flag) > end Sorry, I do not understand the code segment. What kind of improvement do you mean? I think the current usage is ok for me. -- Posted via http://www.ruby-forum.com/.
From: Brian Candler on 7 Dec 2009 02:01 Liping Bao wrote: > Brian Candler wrote: >> if uri.scheme == "https" >> http.instance_eval { @ssl_context = >> OpenSSL::SSL::SSLContext.new(:TLSv1) } >> http.use_ssl = true >> end >> > > Thanks a lot! It works for me. > >> if started? and @use_ssl != flag >> if flag and not @ssl_context >> - @ssl_context = OpenSSL::SSL::SSLContext.new >> + @ssl_context = flag == true ? OpenSSL::SSL::SSLContext.new : >> OpenSSL::SSL::SSLContext.new(flag) >> end > Sorry, I do not understand the code segment. What kind of improvement > do you mean? I think the current usage is ok for me. It would let you say http.use_ssl = :TLSv1 -- Posted via http://www.ruby-forum.com/.
From: Liping Bao on 7 Dec 2009 22:05 > It would let you say > > http.use_ssl = :TLSv1 Thanks, I got it. I tried your diff, and with a little change, it does work. Here is the final diff. - flag = (flag ? true : false) raise IOError, "use_ssl value changed, but session already started" \ if started? and @use_ssl != flag if flag and not @ssl_context - @ssl_context = OpenSSL::SSL::SSLContext.new + @ssl_context = flag == true ? OpenSSL::SSL::SSLContext.new : OpenSSL::SSL::SSLContext.new(flag) end @use_ssl = flag end I have already submitted the ticket. -- Posted via http://www.ruby-forum.com/.
|
Next
|
Last
Pages: 1 2 Prev: How to Make Fast Online Money to Fill Your PayPal Account Next: ruby-1.9.1: require 'rio' fails |