Land rapid7#4828, Fixes SSL support for http_login

wchen-r7 · wchen-r7 · commit c0f1509f8345 · 2015-02-23T15:04:34.000-06:00
diff --git a/lib/metasploit/framework/login_scanner/http.rb b/lib/metasploit/framework/login_scanner/http.rb
@@ -193,7 +193,6 @@ def check_setup
         #   login with.
         # @return [Result] A Result object indicating success or failure
         def attempt_login(credential)
-          ssl = false if ssl.nil?
 
           result_opts = {
             credential: credential,
@@ -314,6 +313,10 @@ def set_sane_defaults
             self.ssl = true
           end
 
+          if self.ssl.nil?
+            self.ssl = false
+          end
+
           nil
         end
 
diff --git a/spec/support/shared/examples/metasploit/framework/login_scanner/http.rb b/spec/support/shared/examples/metasploit/framework/login_scanner/http.rb
@@ -40,7 +40,7 @@
     context "without ssl, with non-default port" do
       subject(:http_scanner) { described_class.new(port:0) }
       it "should not set ssl" do
-        expect(http_scanner.ssl).to be_nil
+        expect(http_scanner.ssl).to be_falsey
         expect(http_scanner.port).to eq(0)
       end
     end
