Skip to content

Commit

Permalink
Fix puma#968 Default verify_mode to peer
Browse files Browse the repository at this point in the history
  • Loading branch information
@frankwong15
frankwong15 committed Apr 30, 2016
1 parent 8e4580a commit 4bdff12
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion lib/puma/binder.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,7 +194,7 @@ def parse(binds, logger)
MiniSSL::VERIFY_NONE
end
else
ctx.verify_mode = MiniSSL::VERIFY_NONE
ctx.verify_mode = MiniSSL::VERIFY_PEER
end

if fd = @inherited_fds.delete(str)
Expand Down
4 changes: 2 additions & 2 deletions lib/puma/dsl.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -259,9 +259,9 @@ def threads(min, max)
def ssl_bind(host, port, opts)
if defined?(JRUBY_VERSION)
keystore_additions = "keystore=#{opts[:keystore]}&keystore-pass=#{opts[:keystore_pass]}"
bind "ssl://#{host}:#{port}?cert=#{opts[:cert]}&key=#{opts[:key]}&#{keystore_additions}&verify_mode=#{opts[:verify_mode] || 'none'}"
bind "ssl://#{host}:#{port}?cert=#{opts[:cert]}&key=#{opts[:key]}&#{keystore_additions}&verify_mode=#{opts[:verify_mode] || 'peer'}"
else
bind "ssl://#{host}:#{port}?cert=#{opts[:cert]}&key=#{opts[:key]}&verify_mode=#{opts[:verify_mode] || 'none'}"
bind "ssl://#{host}:#{port}?cert=#{opts[:cert]}&key=#{opts[:key]}&verify_mode=#{opts[:verify_mode] || 'peer'}"
end
end

Expand Down

0 comments on commit 4bdff12

Please sign in to comment.