diff options
author | Jake Farrell <jfarrell@apache.org> | 2013-05-27 22:01:36 -0400 |
---|---|---|
committer | Jake Farrell <jfarrell@apache.org> | 2013-05-27 22:01:36 -0400 |
commit | fbb78a65897ff40a7a40daa1b90aef5e23789827 (patch) | |
tree | 6dffd7cb90c6ead2a1b7b92e61d9ed9559f02942 /lib/rb/lib | |
parent | d3c71827f87cc25a6469af5fd8f30e38454832e1 (diff) | |
download | thrift-fbb78a65897ff40a7a40daa1b90aef5e23789827.tar.gz |
Thrift-1978: Ruby: Thrift should allow for the SSL verify mode to be set
Client: rb
Patch: Timur Alperovich
Ruby SSL verify mode cannot be specified, which means thrift cannot be used against servers with self-signed certificates over SSL. The suggested fix is to expose the SSL verification mode as a constructor argument in lib/rb/lib/thrift/transport/http_client_transport.rb.
Diffstat (limited to 'lib/rb/lib')
-rw-r--r-- | lib/rb/lib/thrift/transport/http_client_transport.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/rb/lib/thrift/transport/http_client_transport.rb b/lib/rb/lib/thrift/transport/http_client_transport.rb index 07f74bc42..77ffe3569 100644 --- a/lib/rb/lib/thrift/transport/http_client_transport.rb +++ b/lib/rb/lib/thrift/transport/http_client_transport.rb @@ -20,16 +20,18 @@ require 'net/http' require 'net/https' +require 'openssl' require 'uri' require 'stringio' module Thrift class HTTPClientTransport < BaseTransport - def initialize(url) + def initialize(url, opts = {}) @url = URI url @headers = {'Content-Type' => 'application/x-thrift'} @outbuf = Bytes.empty_byte_buffer + @ssl_verify_mode = opts.fetch(:ssl_verify_mode, OpenSSL::SSL::VERIFY_PEER) end def open?; true end @@ -43,6 +45,7 @@ module Thrift def flush http = Net::HTTP.new @url.host, @url.port http.use_ssl = @url.scheme == 'https' + http.verify_mode = @ssl_verify_mode if @url.scheme == 'https' resp = http.post(@url.request_uri, @outbuf, @headers) data = resp.body data = Bytes.force_binary_encoding(data) |