lib/httpx/io/ssl.rb in httpx-0.3.1 vs lib/httpx/io/ssl.rb in httpx-0.4.0
- old
+ new
@@ -29,10 +29,11 @@
end
def verify_hostname(host)
return false if @ctx.verify_mode == OpenSSL::SSL::VERIFY_NONE
return false if @io.peer_cert.nil?
+
OpenSSL::SSL.verify_certificate_identity(@io.peer_cert, host)
end
def close
super
@@ -52,10 +53,11 @@
@state = :negotiated
return
end
return if @state == :negotiated ||
@state != :connected
+
unless @io.is_a?(OpenSSL::SSL::SSLSocket)
@io = OpenSSL::SSL::SSLSocket.new(@io, @ctx)
@io.hostname = @hostname
@io.sync_close = true
end
@@ -110,11 +112,13 @@
do_transition(nextstate)
end
def log_transition_state(nextstate)
return super unless nextstate == :negotiated
+
server_cert = @io.peer_cert
- "SSL connection using #{@io.ssl_version} / #{@io.cipher.first}\n" \
+ "#{super}\n\n" \
+ "SSL connection using #{@io.ssl_version} / #{Array(@io.cipher).first}\n" \
"ALPN, server accepted to use #{protocol}\n" \
"Server certificate:\n" \
" subject: #{server_cert.subject}\n" \
" start date: #{server_cert.not_before}\n" \
" start date: #{server_cert.not_after}\n" \