16 April 2014

The Ruby Reflector

Topic

VERIFY_NONE

  Source Favicon
By David Bock of On the Path 2 years ago.
Email

HTTPS)

http.verify_mode = OpenSSL:: SSL:: VERIFY NONE if http.use_ssl?

http.read_timeout = @ timeout if @ timeout

# Here's the addition that allows you to see the output

http.set_debug_output $stderr

return http

end

end

All the data that flows over the http connection will be dumped to $stderr (the terminal you started the app in, unless you redirected it).

blog.codesherpas.com Read
  Source Favicon
By drbrain of Segment7 2 years ago.
Email

SSL:: VERIFY PEER is equal to OpenSSL:: SSL:: VERIFY NONE. If you have a platform that is broken this way you must define the constant: I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG = nil

at the top level of your application to disable the warning.

Bug fix

Fix persisting SSL sessions through HTTP proxies. Mechanize issue #178 by Robert Poor, net-http-persistent issues #10, #11.

blog.segment7.net Read
  Source Favicon
On James on Software 3 years ago.
Email

And nearly every net/https example uses VERIFY NONE. It's so common in example code that in the related links on the RubyInside article about the perils of VERIFY NONE , there's a link to example code that uses it (lol?).

Aaron is one of a small group of people in the ruby community who actually has the power to do something about this problem. By setting the right example, people will copy and paste good code instead of bad code. That's more useful than a million …

jamesgolick.com Read
  Source Favicon
By Peter Cooper of Ruby Inside over 3 years ago.
Email

…virtually all Ruby libraries will attempt to set their HTTPS connections to VERIFY NONE mode ( open_uri is a common exception - it gets things right!). With most of the gems I've looked at, setting the HTTPS connections to VERIFY PEER where certificates actually get verified isn't even an option. For that reason, my gem makes it impossible to set VERIFY NONE mode. This is something we need to change as a community. It's a real and significant vulnerability.

James Golick…

rubyinside.com Read