Fix location of verify_peer check
#5
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I put this in the wrong place in 9996b7b. In the pre-9996b7b version of the code, when verify_peer was false, no server certificate verification was performed. I had misread the previous code and thought that verify_peer being false just meant that it would not check that the server certificate matched the hostname, which is what the warning message suggested; I’ve fixed the warning message here too. Also, my mistake in 9996b7b did introduce a bunch of test failures, but I didn’t notice them because on GitHub Actions these tests weren’t being run due to some misbehaviour of the requires_connection test helper; I’ll remove that helper in an upcoming commit.
Mistake in 9996b7b, which I missed since CI wasn’t running the relevant tests (as described in 139a59b). (Older versions of the OpenSSL gem hadn’t implemented certificate #== method; see ruby/openssl#158.)
lawrence-forooghian
force-pushed
the
fix-location-of-verify-peer-check
branch
from
809ff8c to
4a44908
Compare
The aim of this helper is to cause some tests to be skipped if there is no Internet connection. For some reason (which I haven’t investigated) when run on GitHub Actions these tests are always being skipped, causing me to not notice the test failures fixed in 139a59b. I am happy to remove this check; presumably if there’s no Internet connection then the affected tests will just fail, and that’s fine by me. I understand the intent of the author in adding this helper, and understand that being able to run some of the test suite offline may be a desirable thing, but I think not at the cost of it hiding failing tests by default. (There’s also a requires_port helper which is only used in the proxy-related tests; in order to remove that one we’d need to start running proxies locally and in CI, and I don’t want to spend time on that now. We don’t make use of this library’s proxy functionality in ably-ruby.) Enabling these tests on CI caused Ruby 2.2 to segfault; I have no idea of the cause (it exists on the pre-fork version of this library too) and I don’t want to look into it given that we only support Ruby 2.7+ for ably-ruby, so I’ve just removed Ruby 2.2 from CI.
lawrence-forooghian
force-pushed
the
fix-location-of-verify-peer-check
branch
from
4a44908 to
b2f3b4b
Compare
sacOO7
reviewed
May 14, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes a couple of issues I introduced in #2. I didn’t notice these issues because the tests that they broke weren’t being run in CI, so I’ve sorted that out too. See commit messages for more details.