Don't print a warning for missing client certs #110
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When you run Ruby with warnings enabled and your (HTTPS) server does not verify clients you don't expect to see a warning about clients not being verified. For example, WEBrick's default configuration does not verify client certificates (https://github.com/jruby/jruby/blob/b610805cd55ef5d56d8e431918753fc92fad5ef5/lib/ruby/stdlib/webrick/ssl.rb#L74), but when running an HTTP server in JRuby it prints "warning: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated" for every request. This does not happen in MRI.
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When you run Ruby with warnings enabled and your (HTTPS) server does not verify clients you don't expect to see a warning about clients not being verified.
For example, WEBrick's default configuration does not verify client certificates (https://github.com/jruby/jruby/blob/b610805cd55ef5d56d8e431918753fc92fad5ef5/lib/ruby/stdlib/webrick/ssl.rb#L74), but when running an HTTP server in JRuby it prints "warning: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated" for every request. This does not happen in MRI.
I have created an example script that shows the warnings: https://gist.github.com/iconara/09cf277e1854bed57fa132abf036e782
There doesn't seem to be any tests that cover what warnings are printed, so this PR does not include any tests. If there are tests that I can write to cover this I would be happy to write them if you can point me in the right direction.