From f9e3814e2938d377f46d37e5d67be2e7a028823f Mon Sep 17 00:00:00 2001
From: Stefan Budeanu <stefan.budeanu@shopify.com>
Date: Mon, 9 Sep 2024 15:05:20 -0400
Subject: [PATCH] Allow setting verify_hostname to false

---
 lib/net/http/persistent.rb       |  5 ++---
 test/test_net_http_persistent.rb | 19 +++++++++++++++++--
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/lib/net/http/persistent.rb b/lib/net/http/persistent.rb
index 282dec9..ad64853 100644
--- a/lib/net/http/persistent.rb
+++ b/lib/net/http/persistent.rb
@@ -1001,7 +1001,7 @@ def ssl connection
     connection.verify_depth    = @verify_depth
     connection.verify_mode     = @verify_mode
     connection.verify_hostname = @verify_hostname if
-      @verify_hostname && connection.respond_to?(:verify_hostname=)
+      @verify_hostname != nil && connection.respond_to?(:verify_hostname=)
 
     if OpenSSL::SSL::VERIFY_PEER == OpenSSL::SSL::VERIFY_NONE and
        not Object.const_defined?(:I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG) then
@@ -1111,7 +1111,7 @@ def verify_mode= verify_mode
   end
 
   ##
-  # Sets the HTTPS verify_hostname.  Defaults to false.
+  # Sets the HTTPS verify_hostname.
 
   def verify_hostname= verify_hostname
     @verify_hostname = verify_hostname
@@ -1131,4 +1131,3 @@ def verify_callback= callback
 
 require_relative 'persistent/connection'
 require_relative 'persistent/pool'
-
diff --git a/test/test_net_http_persistent.rb b/test/test_net_http_persistent.rb
index 9147bfa..fe00e75 100644
--- a/test/test_net_http_persistent.rb
+++ b/test/test_net_http_persistent.rb
@@ -1343,7 +1343,7 @@ def test_ssl_verify_mode
     assert_equal OpenSSL::SSL::VERIFY_NONE, c.verify_mode
   end
 
-  def test_ssl_verify_hostname
+  def test_ssl_enable_verify_hostname
     skip 'OpenSSL is missing' unless HAVE_OPENSSL
 
     @http.verify_hostname = true
@@ -1358,6 +1358,22 @@ def test_ssl_verify_hostname
     assert c.verify_hostname
   end
 
+  def test_ssl_disable_verify_hostname
+    skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
+    @http.verify_hostname = false
+    c = Net::HTTP.new 'localhost', 80
+
+    skip 'net/http doesn\'t provide verify_hostname= method' unless
+      c.respond_to?(:verify_hostname=)
+
+    @http.ssl c
+
+    assert c.use_ssl?
+    assert c.verify_hostname == false
+  end
+
+
   def test_ssl_warning
     skip 'OpenSSL is missing' unless HAVE_OPENSSL
 
@@ -1474,4 +1490,3 @@ def test_connection_pool_after_fork
     end
   end
 end
-