> > @@ -147,7 +148,7 @@ def set_params(params={})
> >  
> >        # call-seq:
> >        #    ctx.min_version = OpenSSL::SSL::TLS1_2_VERSION
> > -      #    ctx.min_version = :TLS1_2
> > +      #    ctx.min_version = :TLSv1_2
> >        #    ctx.min_version = nil
> >        #
> >        # Sets the lower bound on the supported SSL/TLS protocol version. The
> > @@ -166,18 +167,30 @@ def set_params(params={})
> >        #   sock = OpenSSL::SSL::SSLSocket.new(tcp_sock, ctx)
> >        #   sock.connect # Initiates a connection using either TLS 1.1 or TLS 1.2
> >        def min_version=(version)
> > +        case version
> > +        when nil, Integer
> > +        else
> > +          version = (METHODS_MAP[version] or
> > +            raise ArgumentError, "unknown SSL version `#{version.inspect}'")
> > +        end
> >          set_minmax_proto_version(version, @max_proto_version ||= nil)
> >          @min_proto_version = version
> >        end
> 
> 'TLS1_2' comes from "TLS1_2_VERSION".sub(/_VERSION$/, ""), where
> TLS1_2_VERSION is a value defined by OpenSSL and can be passed to
> SSL_CTX_set_min_proto_version(). On the other hand, 'TLSv1_2' comes
> from the name of a deprecated SSL method, TLSv1_2_method().
> 
> It was natural that SSLContext#ssl_version= takes names with 'v' since
> it was a method that actually sets an SSL method used by the SSL
> context. However, as SSLContext#{min,max}_version have nothing to do
> with those SSL methods, I don't think it makes sense to follow their
> naming convention. At least, it is odd that they now accept 'SSLv23'.

No responses yet, but please let me revert this change (and adapt a
net/http test case added by r60311) for now so that I can import
fresher master from upstream.

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>