summaryrefslogtreecommitdiff
path: root/lib/rbot/ircsocket.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/rbot/ircsocket.rb')
-rw-r--r--lib/rbot/ircsocket.rb11
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/rbot/ircsocket.rb b/lib/rbot/ircsocket.rb
index 029d1ca5..e5131c2b 100644
--- a/lib/rbot/ircsocket.rb
+++ b/lib/rbot/ircsocket.rb
@@ -285,6 +285,9 @@ module Irc
@lines_sent = 0
@lines_received = 0
@ssl = opts[:ssl]
+ @ssl_verify = opts[:ssl_verify]
+ @ssl_ca_file = opts[:ssl_ca_file]
+ @ssl_ca_path = opts[:ssl_ca_path]
@penalty_pct = opts[:penalty_pct] || 100
end
@@ -331,7 +334,13 @@ module Irc
if(@ssl)
require 'openssl'
ssl_context = OpenSSL::SSL::SSLContext.new()
- ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
+ if @ssl_verify
+ ssl_context.ca_file = @ssl_ca_file if @ssl_ca_file and not @ssl_ca_file.empty?
+ ssl_context.ca_path = @ssl_ca_path if @ssl_ca_path and not @ssl_ca_path.empty?
+ ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
+ else
+ ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
+ end
sock = OpenSSL::SSL::SSLSocket.new(sock, ssl_context)
sock.sync_close = true
sock.connect
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-27 21:10:56 +0000