Work correctly if SSL library is too old for SNI.

author: Steve Kemp <steve@steve.org.uk> 2015-03-04 13:18:14 +0000
committer: Steve Kemp <steve@steve.org.uk> 2015-03-04 13:18:14 +0000
commit: 0132d44bb950a4b4ff94911390d725ad11523eb3 (patch)
tree: eb9bb969534706c103dfb69ca0dc1f83de449a5d /lib
parent: dcaf8e71bd320c1ec936d4dbe2a6e82702e22a4f (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/custodian/protocoltest/ssl.rb b/lib/custodian/protocoltest/ssl.rb
index a979fcb..4d4ee2f 100644
--- a/lib/custodian/protocoltest/ssl.rb
+++ b/lib/custodian/protocoltest/ssl.rb
@@ -158,7 +158,14 @@ class SSLCheck
         s = TCPSocket.open(uri.host, uri.port)
         s = OpenSSL::SSL::SSLSocket.new(s, ctx)
         s.sync_close = true
-        s.hostname = uri.host # SNI
+
+        # Setup a hostname for SNI-purposes.
+        begin
+          s.hostname = uri.host
+        rescue NoMethodError => err
+          # SNI isn't possible, as the SSL library is too old.
+        end
+
         s.connect
         @certificate = s.peer_cert
         self.bundle = s.peer_cert_chain
author	Steve Kemp <steve@steve.org.uk>	2015-03-04 13:18:14 +0000
committer	Steve Kemp <steve@steve.org.uk>	2015-03-04 13:18:14 +0000
commit	0132d44bb950a4b4ff94911390d725ad11523eb3 (patch)
tree	eb9bb969534706c103dfb69ca0dc1f83de449a5d /lib
parent	dcaf8e71bd320c1ec936d4dbe2a6e82702e22a4f (diff)