Changeset [23bdb76cde68de373e94205fabe6b717c066680d] by Andrew Parker

October 26th, 2013 @ 08:37 PM

(Fixes #69) Remove --ssl-verify and provide peer_cert

The get_peer_cert method of EM doesn't return anything unless the cert
has been verified. The --ssl-verify option of thin actually doesn't do
anything. These two behaviors combined mean that
env['rack.peer_cert'], which was introduced in thin 1.2.8, always
returns nil. Since --ssl-verify never actually caused a verification to
happen, it is better to remove that option until a fully verification
process is put in place. However, the peer_cert can be made available in
--ssl mode by always "verifying" the cert, thereby providing the client supplied certificate, if there is one, available in

Committed by Andrew Parker

  • M lib/thin/connection.rb
  • M lib/thin/controllers/controller.rb
  • M lib/thin/runner.rb
New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป