cert fixes

yurijmi · Oct 14, 2011 · 4f88c22 · 4f88c22
1 parent 163ab0a
commit 4f88c22
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 11 deletions.
diff --git a/ext/curb_easy.c b/ext/curb_easy.c
@@ -1338,7 +1338,7 @@ static VALUE ruby_curl_easy_ssl_verify_peer_q(VALUE self) {
 
 /*
  * call-seq:
- *   easy.ssl_verify_host = boolean                   => boolean
+ *   easy.ssl_verify_host = [0, 1, 2]                   => [0, 1, 2]
  *
  * Configure whether this Curl instance will verify that the server cert
  * is for the server it is known as. When true (the default) the server
@@ -1350,18 +1350,18 @@ static VALUE ruby_curl_easy_ssl_verify_peer_q(VALUE self) {
  * The server could be lying. To control lying, see ssl_verify_peer? .
  */
 static VALUE ruby_curl_easy_ssl_verify_host_set(VALUE self, VALUE ssl_verify_host) {
-  CURB_BOOLEAN_SETTER(ruby_curl_easy, ssl_verify_host);
+  CURB_IMMED_SETTER(ruby_curl_easy, ssl_verify_host, 0);
 }
 
 /*
  * call-seq:
- *   easy.ssl_verify_host?                            => boolean
+ *   easy.ssl_verify_host                            => number
  *
  * Determine whether this Curl instance will verify that the server cert
  * is for the server it is known as.
  */
-static VALUE ruby_curl_easy_ssl_verify_host_q(VALUE self) {
-  CURB_BOOLEAN_GETTER(ruby_curl_easy, ssl_verify_host);
+static VALUE ruby_curl_easy_ssl_verify_host_get(VALUE self) {
+  CURB_IMMED_GETTER(ruby_curl_easy, ssl_verify_host, 0);
 }
 
 /*
@@ -2029,7 +2029,9 @@ VALUE ruby_curl_easy_setup( ruby_curl_easy *rbce ) {
 
   /* Set up HTTPS cert handling if necessary */
   if (!rb_easy_nil("cert")) {
-    curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, rb_easy_get_str("certtype"));
+    if (!rb_easy_nil("certtype")) {
+      curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, rb_easy_get_str("certtype"));
+    }
     curl_easy_setopt(curl, CURLOPT_SSLCERT, rb_easy_get_str("cert"));
     if (!rb_easy_nil("certpassword")) {
       curl_easy_setopt(curl, CURLOPT_SSLCERTPASSWD, rb_easy_get_str("certpassword"));
@@ -2038,6 +2040,7 @@ VALUE ruby_curl_easy_setup( ruby_curl_easy *rbce ) {
       curl_easy_setopt(curl, CURLOPT_SSLKEY, rb_easy_get_str("cert_key"));
     }
   }
+
   if (!rb_easy_nil("cacert")) {
     curl_easy_setopt(curl, CURLOPT_CAINFO, rb_easy_get_str("cacert"));
   }
@@ -3244,8 +3247,8 @@ void init_curb_easy() {
   rb_define_method(cCurlEasy, "fetch_file_time?", ruby_curl_easy_fetch_file_time_q, 0);
   rb_define_method(cCurlEasy, "ssl_verify_peer=", ruby_curl_easy_ssl_verify_peer_set, 1);
   rb_define_method(cCurlEasy, "ssl_verify_peer?", ruby_curl_easy_ssl_verify_peer_q, 0);
-  rb_define_method(cCurlEasy, "ssl_verify_host=", ruby_curl_easy_ssl_verify_host_set, 1);
-  rb_define_method(cCurlEasy, "ssl_verify_host?", ruby_curl_easy_ssl_verify_host_q, 0);
+  rb_define_method(cCurlEasy, "ssl_verify_host_integer=", ruby_curl_easy_ssl_verify_host_set, 1);
+  rb_define_method(cCurlEasy, "ssl_verify_host", ruby_curl_easy_ssl_verify_host_get, 0);
   rb_define_method(cCurlEasy, "header_in_body=", ruby_curl_easy_header_in_body_set, 1);
   rb_define_method(cCurlEasy, "header_in_body?", ruby_curl_easy_header_in_body_q, 0);
   rb_define_method(cCurlEasy, "use_netrc=", ruby_curl_easy_use_netrc_set, 1);

diff --git a/ext/curb_multi.c b/ext/curb_multi.c
@@ -40,7 +40,6 @@ static void rb_curl_multi_run(VALUE self, CURLM *multi_handle, int *still_runnin
 
 static void curl_multi_mark(ruby_curl_multi *rbcm) {
   rb_gc_mark(rbcm->requests);
-  rb_gc_mark(rbcm->requests);
 }
 
 static void curl_multi_flush_easy(VALUE key, VALUE easy, ruby_curl_multi *rbcm) {

diff --git a/lib/curl/easy.rb b/lib/curl/easy.rb
@@ -120,6 +120,26 @@ def proxy_url=(url)
       set :proxy, url
     end
 
+    def ssl_verify_host=(value)
+      value = 1 if value.class == TrueClass
+      value = 0 if value.class == FalseClass
+      self.ssl_verify_host_integer=value
+    end
+
+    # 
+    # call-seq:
+    #   easy.ssl_verify_host?                            => boolean
+    # 
+    # Deprecated: call easy.ssl_verify_host instead
+    # can be one of [0,1,2]
+    # 
+    # Determine whether this Curl instance will verify that the server cert
+    # is for the server it is known as.
+    # 
+    def ssl_verify_host?
+      ssl_verify_host.nil? ? false : (ssl_verify_host > 0)
+    end
+
     # 
     # call-seq:
     #   easy.interface = string                          => string
@@ -347,6 +367,7 @@ def download(url, filename = url.split(/\?/).first.split(/\//).last, &blk)
     # Allow the incoming cert string to be file:password
     # but be careful to not use a colon from a windows file path
     # as the split point. Mimic what curl's main does
+    if respond_to?(:cert=)
     alias_method :native_cert=, :cert=
     def cert=(cert_file)
       pos = cert_file.rindex(':')
@@ -358,5 +379,7 @@ def cert=(cert_file)
       end
       self.cert
     end
+    end
+
   end
 end
diff --git a/tests/tc_curl_easy.rb b/tests/tc_curl_easy.rb
@@ -461,7 +461,8 @@ def test_ssl_verify_peer
   def test_ssl_verify_host
     c = Curl::Easy.new    
     assert c.ssl_verify_host?
-    assert !c.ssl_verify_host = false
+    c.ssl_verify_host = 0
+    c.ssl_verify_host = false
     assert !c.ssl_verify_host?
   end
 
@@ -718,7 +719,10 @@ def test_cert
 
   def test_cert_with_password
     curl = Curl::Easy.new(TestServlet.url)
-    curl.cert= File.join(File.dirname(__FILE__),"cert.pem:password")
+    path = File.join(File.dirname(__FILE__),"cert.pem:password")
+    curl.cert = path
+    puts path.inspect
+    puts curl.cert.inspect
     assert_match /cert.pem$/,curl.cert
   end