RSpec
Ruby on Rails
Ruby
- 1_8_6_287
- 1_8_7_72
- 1_8_7_330
- 1_9_1_378 (0)
- 1_9_2_180 (0)
- 1_9_3_125 (38)
- 1_9_3_392 (0)
- 2_1_10 (0)
- 2_2_9 (0)
- 2_4_6 (-19)
- 2_5_5 (0)
- 2_6_3 (0)
- What's this?
-
new
-
add_certificate
(>= v2_5_5)
-
ciphers
-
ciphers=
-
ecdh_curves=
(>= v2_4_6)
-
enable_fallback_scsv
(>= v2_5_5)
-
flush_sessions
-
freeze
(>= v2_4_6)
-
max_version=
(>= v2_5_5)
-
min_version=
(>= v2_5_5)
-
options
(>= v2_4_6)
-
options=
(>= v2_4_6)
-
security_level
(>= v2_4_6)
-
security_level=
(>= v2_4_6)
-
session_add
-
session_cache_mode
-
session_cache_mode=
-
session_cache_size
-
session_cache_size=
-
session_cache_stats
-
session_remove
-
set_minmax_proto_version
(>= v2_5_5)
-
set_params
-
setup
-
ssl_version=
= private
= protected
An SSLContext is used to set various options regarding certificates, algorithms, verification, session caching, etc. The SSLContext is used to create an SSLSocket.
All attributes must be set before creating an SSLSocket as the SSLContext will be frozen afterward.
The following attributes are available but don’t show up in rdoc:
-
ssl_version, cert, key, client_ca, ca_file, ca_path, timeout,
-
verify_mode, verify_depth client_cert_cb, tmp_dh_callback,
-
session_id_context, session_add_cb, session_new_cb, session_remove_cb
Constants
DEFAULT_PARAMS = { :ssl_version => "SSLv23", :verify_mode => OpenSSL::SSL::VERIFY_PEER, :ciphers => "ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW", :options => OpenSSL::SSL::OP_ALL, }
DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
SESSION_CACHE_OFF = LONG2FIX(SSL_SESS_CACHE_OFF)
SESSION_CACHE_CLIENT = LONG2FIX(SSL_SESS_CACHE_CLIENT)
SESSION_CACHE_SERVER = LONG2FIX(SSL_SESS_CACHE_SERVER)
SESSION_CACHE_BOTH = LONG2FIX(SSL_SESS_CACHE_BOTH)
SESSION_CACHE_NO_AUTO_CLEAR = LONG2FIX(SSL_SESS_CACHE_NO_AUTO_CLEAR)
SESSION_CACHE_NO_INTERNAL_LOOKUP = LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)
SESSION_CACHE_NO_INTERNAL_STORE = LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL_STORE)
SESSION_CACHE_NO_INTERNAL = LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL)
METHODS = ary
Attributes
| [RW] | cert |
Context certificate |
| [RW] | key |
Context private key |
| [RW] | client_ca |
A certificate or Array of certificates that will be sent to the client. |
| [RW] | ca_file |
The path to a file containing a PEM-format CA certificate |
| [RW] | ca_path |
The path to a directory containing CA certificates in PEM format. Files are looked up by subject’s X509 name’s hash value. |
| [RW] | timeout |
Maximum session lifetime. |
| [RW] | ssl_timeout |
Maximum session lifetime. |
| [RW] | verify_mode |
Session verification mode. Valid modes are VERIFY_NONE, VERIFY_PEER, VERIFY_CLIENT_ONCE, VERIFY_FAIL_IF_NO_PEER_CERT and defined on OpenSSL::SSL |
| [RW] | verify_depth |
Number of CA certificates to walk when verifying a certificate chain. |
| [RW] | verify_callback |
A callback for additional certificate verification. The callback is invoked for each certificate in the chain. The callback is invoked with two values. preverify_ok indicates indicates if the verification was passed (true) or not (false). store_context is an OpenSSL::X509::StoreContext containing the context used for certificate verification. If the callback returns false verification is stopped. |
| [RW] | options |
Sets various OpenSSL options. |
| [RW] | cert_store |
An OpenSSL::X509::Store used for certificate verification |
| [RW] | extra_chain_cert |
An Array of extra X509 certificates to be added to the certificate chain. |
| [RW] | client_cert_cb |
A callback invoked when a client certificate is requested by a server and no certificate has been set. The callback is invoked with a Session and must return an Array containing an OpenSSL::X509::Certificate and an OpenSSL::PKey. If any other value is returned the handshake is suspended. |
| [RW] | tmp_dh_callback |
A callback invoked when DH parameters are required. The callback is invoked with the Session for the key exchange, an flag indicating the use of an export cipher and the keylength required. The callback must return an OpenSSL::PKey::DH instance of the correct key length. |
| [RW] | session_id_context |
Sets the context in which a session can be reused. This allows sessions for multiple applications to be distinguished, for exapmle, by name. |
| [RW] | session_get_cb |
A callback invoked on a server when a session is proposed by the client but the session could not be found in the server’s internal cache. The callback is invoked with the SSLSocket and session id. The callback may return a Session from an external cache. |
| [RW] | session_new_cb |
A callback invoked when a new session was negotiatied. The callback is invoked with an SSLSocket. If false is returned the session will be removed from the internal cache. |
| [RW] | session_remove_cb |
A callback invoked when a session is removed from the internal cache. The callback is invoked with an SSLContext and a Session. |
| [RW] | servername_cb |
A callback invoked at connect time to distinguish between multiple server names. The callback is invoked with an SSLSocket and a server name. The callback must return an SSLContext for the server name or nil. |
