When access an XML-RPC service using xmlrpc/client in ruby, it throws an OpenSSL::SSL::SSLError when the server certificate is not valid. How can I make it ignore this error and proceed with the connection?
在ruby中使用xmlrpc / client访问XML-RPC服务时,如果服务器证书无效,则会抛出OpenSSL :: SSL :: SSLError。如何让它忽略此错误并继续连接?
2 个解决方案
#1
12
Turns out it's like this:
原来它是这样的:
xmlrpc = ::XMLRPC::Client.new("foohost")
xmlrpc.instance_variable_get(:@http).instance_variable_set(:@verify_mode, OpenSSL::SSL::VERIFY_NONE)
That works with ruby 1.9.2, but clearly is poking at internals, so the real answer is "the API doesn't provide such a mechanism, but here's a hack".
这适用于ruby 1.9.2,但显然是在盯着内部,所以真正的答案是“API不提供这样的机制,但这里是一个黑客”。
#2
0
Actually the client has been updated, now one has direct access to the http connection: https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/41286/diff/lib/xmlrpc/client.rb
实际上客户端已经更新,现在可以直接访问http连接:https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/41286/diff/lib/xmlrpc/client.rb
xmlrpc.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
But better set ca_file or ca_path. Still I see no option to apply such config to _async calls.
但最好设置ca_file或ca_path。我仍然看不到将此配置应用于_async调用的选项。
Update: found a workaround by monkey patching the client object:
更新:通过猴子修补客户端对象找到了一种解决方法:
xmlrpc_client.http.ca_file = @options[:ca_file]
xmlrpc_client.instance_variable_set(:@ca_file, @options[:ca_file])
def xmlrpc_client.net_http(host, port, proxy_host, proxy_port)
h = Net::HTTP.new host, port, proxy_host, proxy_port
h.ca_file = @ca_file
h
end
So you need both, the older approach and the monkey patching. We add also an instance variable, otherwise the new method cannot see the actual value.
所以你需要两者,旧方法和猴子修补。我们还添加了一个实例变量,否则新方法无法看到实际值。
#1
12
Turns out it's like this:
原来它是这样的:
xmlrpc = ::XMLRPC::Client.new("foohost")
xmlrpc.instance_variable_get(:@http).instance_variable_set(:@verify_mode, OpenSSL::SSL::VERIFY_NONE)
That works with ruby 1.9.2, but clearly is poking at internals, so the real answer is "the API doesn't provide such a mechanism, but here's a hack".
这适用于ruby 1.9.2,但显然是在盯着内部,所以真正的答案是“API不提供这样的机制,但这里是一个黑客”。
#2
0
Actually the client has been updated, now one has direct access to the http connection: https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/41286/diff/lib/xmlrpc/client.rb
实际上客户端已经更新,现在可以直接访问http连接:https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/41286/diff/lib/xmlrpc/client.rb
xmlrpc.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
But better set ca_file or ca_path. Still I see no option to apply such config to _async calls.
但最好设置ca_file或ca_path。我仍然看不到将此配置应用于_async调用的选项。
Update: found a workaround by monkey patching the client object:
更新:通过猴子修补客户端对象找到了一种解决方法:
xmlrpc_client.http.ca_file = @options[:ca_file]
xmlrpc_client.instance_variable_set(:@ca_file, @options[:ca_file])
def xmlrpc_client.net_http(host, port, proxy_host, proxy_port)
h = Net::HTTP.new host, port, proxy_host, proxy_port
h.ca_file = @ca_file
h
end
So you need both, the older approach and the monkey patching. We add also an instance variable, otherwise the new method cannot see the actual value.
所以你需要两者,旧方法和猴子修补。我们还添加了一个实例变量,否则新方法无法看到实际值。