diff options
-rw-r--r-- | lib/open-uri.rb | 3 | ||||
-rw-r--r-- | test/open-uri/test_ssl.rb | 10 |
2 files changed, 13 insertions, 0 deletions
diff --git a/lib/open-uri.rb b/lib/open-uri.rb index 36bc3e7266..2bcbec5110 100644 --- a/lib/open-uri.rb +++ b/lib/open-uri.rb @@ -99,6 +99,7 @@ module OpenURI :open_timeout => true, :ssl_ca_cert => nil, :ssl_verify_mode => nil, + :ssl_version => nil, :ftp_active_mode => false, :redirect => true, :encoding => nil, @@ -298,6 +299,8 @@ module OpenURI require 'net/https' http.use_ssl = true http.verify_mode = options[:ssl_verify_mode] || OpenSSL::SSL::VERIFY_PEER + http.ssl_version = options[:ssl_version] if options[:ssl_version] && + OpenSSL::SSL::SSLContext::METHODS.include?(options[:ssl_version]) store = OpenSSL::X509::Store.new if options[:ssl_ca_cert] Array(options[:ssl_ca_cert]).each do |cert| diff --git a/test/open-uri/test_ssl.rb b/test/open-uri/test_ssl.rb index 4f645d83b9..a4e20b553f 100644 --- a/test/open-uri/test_ssl.rb +++ b/test/open-uri/test_ssl.rb @@ -107,6 +107,16 @@ class TestOpenURISSL } end + def test_validation_ssl_version + with_https {|srv, dr, url| + setup_validation(srv, dr) + URI.open("#{url}/data", :ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, :ssl_version => :TLSv1_2) {|f| + assert_equal("200", f.status[0]) + assert_equal("ddd", f.read) + } + } + end + def with_https_proxy(proxy_log_tester=lambda {|proxy_log, proxy_access_log| assert_equal([], proxy_log) }) proxy_log = [] proxy_logger = WEBrick::Log.new(proxy_log, WEBrick::BasicLog::WARN) |