From 6f9bab7222fd74b5b56aee96e35e6c50b082aafb Mon Sep 17 00:00:00 2001
From: Stephen Touset <stephen@squareup.com>
Date: Fri, 18 Apr 2014 13:42:02 -0700
Subject: [PATCH] Expose SSLContext#extra_chain_cert in Net::HTTP

Currently, Net::HTTP can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, SSLContext supports
assigning to #extra_chain_cert=.

This adds support in Net::HTTP for exposing this underlying SSLContext
property to end-users.
---
 lib/net/http.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/net/http.rb b/lib/net/http.rb
index 6d6a24f..eb89bc9 100644
--- a/lib/net/http.rb
+++ b/lib/net/http.rb
@@ -766,6 +766,7 @@ module Net   #:nodoc:
       :@cert,
       :@cert_store,
       :@ciphers,
+      :@extra_chain_cert,
       :@key,
       :@ssl_timeout,
       :@ssl_version,
@@ -779,6 +780,7 @@ module Net   #:nodoc:
       :cert,
       :cert_store,
       :ciphers,
+      :extra_chain_cert
       :key,
       :ssl_timeout,
       :ssl_version,
@@ -806,6 +808,10 @@ module Net   #:nodoc:
     # Sets the available ciphers.  See OpenSSL::SSL::SSLContext#ciphers=
     attr_accessor :ciphers
 
+    # Sets the extra X509 certificates to be added to the certificate chain.
+    # See OpenSSL::SSL::SSLContext#extra_chain_cert=
+    attr_accessor :extra_chain_cert
+
     # Sets an OpenSSL::PKey::RSA or OpenSSL::PKey::DSA object.
     # (This method is appeared in Michal Rokos's OpenSSL extension.)
     attr_accessor :key
-- 
1.9.1