Changeset [23bdb76cde68de373e94205fabe6b717c066680d] by Andrew Parker
October 26th, 2013 @ 08:37 PM
(Fixes #69) Remove --ssl-verify and provide peer_cert
The get_peer_cert method of EM doesn't return anything unless
the cert
has been verified. The --ssl-verify option of thin actually doesn't
do
anything. These two behaviors combined mean that
env['rack.peer_cert'], which was introduced in thin 1.2.8,
always
returns nil. Since --ssl-verify never actually caused a
verification to
happen, it is better to remove that option until a fully
verification
process is put in place. However, the peer_cert can be made
available in
--ssl mode by always "verifying" the cert, thereby providing the
client supplied certificate, if there is one, available in
env['rack.peer_cert'].
https://github.com/macournoyer/thin/commit/23bdb76cde68de373e94205f...
Committed by Andrew Parker
- M lib/thin/connection.rb
- M lib/thin/controllers/controller.rb
- M lib/thin/runner.rb
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป