ghost
commented
8 years ago @alieander, thanks for your PR! By analyzing the annotation information on this pull request, we identified @bschwartz, @freerobby and @Soulou to be potential reviewers
Closed alieander closed 8 years ago
ghost
commented
8 years ago @alieander, thanks for your PR! By analyzing the annotation information on this pull request, we identified @bschwartz, @freerobby and @Soulou to be potential reviewers
freerobby
commented
8 years ago @alieander Thanks for adding this, looks good to me! Do you mind just adding the verify_mode key to the tls_options hash in the README so people know that it's exposed? Will merge as soon as that's in there, thanks!
alieander
commented
8 years ago @freerobby I added it to both tls_options hashes along with the ca_certificate part. If this is too much let me know!
freerobby
commented
8 years ago Thanks!
Why?
Currently if you attempt to use the
ca_certificateyou will get errors when it attempts to use the given pem to located a file with that path/descriptor on disk. :( This was simply an bug... Additionally, using certificates is far more useful if you can easily verify that you are not talking to the wrong server.Change
This allow a simple passthrough of the various
OpenSSL::SSLverify modes which is needed because the default behaviour is to useOpenSSL::SSL::VERIFY_NONE... This implementation additionally makes it a little more apparent that this is the default by also defaulting to it here.