Work correctly if SSL library is too old for SNI.

author: Steve Kemp <steve@steve.org.uk> 2015-03-04 13:18:14 +0000
committer: Steve Kemp <steve@steve.org.uk> 2015-03-04 13:18:14 +0000
commit: e1d1a83e61bb6b2fbc646ac42addbafc1defb132 (patch)
tree: be38e6ca4676906d0be4de063ec7f215de9a1d82 /lib
parent: afe70db414de24982d6ae6231064f64fc7df2515 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/custodian/protocoltest/ssl.rb b/lib/custodian/protocoltest/ssl.rb
index a979fcb..4d4ee2f 100644
--- a/lib/custodian/protocoltest/ssl.rb
+++ b/lib/custodian/protocoltest/ssl.rb
@@ -158,7 +158,14 @@ class SSLCheck
         s = TCPSocket.open(uri.host, uri.port)
         s = OpenSSL::SSL::SSLSocket.new(s, ctx)
         s.sync_close = true
-        s.hostname = uri.host # SNI
+
+        # Setup a hostname for SNI-purposes.
+        begin
+          s.hostname = uri.host
+        rescue NoMethodError => err
+          # SNI isn't possible, as the SSL library is too old.
+        end
+
         s.connect
         @certificate = s.peer_cert
         self.bundle = s.peer_cert_chain
author	Steve Kemp <steve@steve.org.uk>	2015-03-04 13:18:14 +0000
committer	Steve Kemp <steve@steve.org.uk>	2015-03-04 13:18:14 +0000
commit	e1d1a83e61bb6b2fbc646ac42addbafc1defb132 (patch)
tree	be38e6ca4676906d0be4de063ec7f215de9a1d82 /lib
parent	afe70db414de24982d6ae6231064f64fc7df2515 (diff)