Class: OpenSSL::SSL::SSLSocket
- Inherits:
-
Object
- Object
- OpenSSL::SSL::SSLSocket
- Includes:
- Buffering, Nonblock, SocketForwarder
- Defined in:
- lib/jopenssl22/openssl/ssl.rb,
lib/jopenssl23/openssl/ssl.rb,
lib/jopenssl18/openssl/ssl-internal.rb,
lib/jopenssl19/openssl/ssl-internal.rb
Constant Summary
Constants included from Buffering
Instance Attribute Summary collapse
-
#context ⇒ Object
readonly
Returns the value of attribute context.
-
#hostname ⇒ Object
Returns the value of attribute hostname.
-
#io ⇒ Object
(also: #to_io)
readonly
Returns the value of attribute io.
-
#sync_close ⇒ Object
Returns the value of attribute sync_close.
Attributes included from Buffering
Instance Method Summary collapse
-
#initialize(io, context = OpenSSL::SSL::SSLContext.new) ⇒ SSLSocket
constructor
call-seq: SSLSocket.new(io) => aSSLSocket SSLSocket.new(io, ctx) => aSSLSocket.
-
#post_connection_check(hostname) ⇒ Object
Perform hostname verification after an SSL connection is established.
Methods included from SocketForwarder
#addr, #closed?, #do_not_reverse_lookup=, #fcntl, #getsockopt, #peeraddr, #setsockopt
Methods included from Buffering
#<<, #close, #each, #each_byte, #eof?, #flush, #getc, #gets, #print, #printf, #puts, #read, #read_nonblock, #readchar, #readline, #readlines, #readpartial, #ungetc, #write, #write_nonblock
Constructor Details
#initialize(io, context = OpenSSL::SSL::SSLContext.new) ⇒ SSLSocket
call-seq:
SSLSocket.new(io) => aSSLSocket
SSLSocket.new(io, ctx) => aSSLSocket
Creates a new SSL socket from io
which must be a real ruby object (not an IO-like object that responds to read/write).
If ctx
is provided the SSL Sockets initial params will be taken from the context.
The OpenSSL::Buffering module provides additional IO methods.
This method will freeze the SSLContext if one is provided; however, session management is still allowed in the frozen SSLContext.
283 |
# File 'lib/jopenssl23/openssl/ssl.rb', line 283 def initialize(io, ctx = nil); raise NotImplementedError; end |
Instance Attribute Details
#context ⇒ Object (readonly)
Returns the value of attribute context.
264 265 266 |
# File 'lib/jopenssl23/openssl/ssl.rb', line 264 def context @context end |
#hostname ⇒ Object
Returns the value of attribute hostname.
261 262 263 |
# File 'lib/jopenssl23/openssl/ssl.rb', line 261 def hostname @hostname end |
#io ⇒ Object (readonly) Also known as: to_io
Returns the value of attribute io.
264 265 266 |
# File 'lib/jopenssl23/openssl/ssl.rb', line 264 def io @io end |
#sync_close ⇒ Object
Returns the value of attribute sync_close.
265 266 267 |
# File 'lib/jopenssl23/openssl/ssl.rb', line 265 def sync_close @sync_close end |
Instance Method Details
#post_connection_check(hostname) ⇒ Object
Perform hostname verification after an SSL connection is established
This method MUST be called after calling #connect to ensure that the hostname of a remote peer has been verified.
236 237 238 239 240 241 242 243 244 245 246 247 248 249 |
# File 'lib/jopenssl22/openssl/ssl.rb', line 236 def post_connection_check(hostname) if peer_cert.nil? msg = "Peer verification enabled, but no certificate received." if using_anon_cipher? msg += " Anonymous cipher suite #{cipher[0]} was negotiated. Anonymous suites must be disabled to use peer verification." end raise SSLError, msg end unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname) raise SSLError, "hostname \"#{hostname}\" does not match the server certificate" end return true end |