Closed bluemango closed 10 years ago
IMHO skipping certificate verification is pretty much always a bad idea. See, for example this discussion: http://stackoverflow.com/a/9238221
Hey @bluemango , show us some code. I agree that adding an option to skip ssl verification is a bad idea most likely, but perhaps adding an option to memoize connection so you can set it yourself further down the line would have minimal impact.
You just need to add this after line 38 in lib/rubypress/client.rb
return @connection if defined?(@connection)
I tried forking and adding this myself, but the current version blows up under Ruby 1.9.3
uninitialized constant Net::ReadTimeout (NameError)
The problem is line 7 in lib/rubypress/xml_rpc_retryable.rb
Net::ReadTimeout isn't defined in ruby 1.9.x.
@bluemango well, I do kind of want to maintain 1.9.x compatibility for now. Is there a workaround? Or can we make this Ruby version dependent, i.e. > 2.0.0?
This is what I did on my local version. Just haven't gotten around to pushing it.
xml_rpc_retryable.rb
RETRY_EXCEPTIONS = [
Timeout::Error
]
RETRY_EXCEPTIONS << Net::ReadTimeout if Net.const_defined?(:ReadTimeout)
@bluemango cool, that looks good to me! Feel free to submit a PR.
@bluemango closing this issue to due to lack of activity. Please feel free to open it up or open up a pull request if you'd like to merge your code!
A lot of WordPress blogs use self-signed SSL certs. If you try to connect to them with this library you get the following error:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
It would be great if there was an option to set the SSL verify mode. This needs to be set on the Net::HTTP instance by setting verify_mode = OpenSSL::SSL::VERIFY_NONE
The problem right now is that since @connection is not memoized I can't find a way to set this option on the Net::HTTP instance since each time a call is made, a new @connection variable is set.
One option would be to memoize the @connection variable or adding an option to skip ssl verification.