aws-sdk-core 3.124.0 → 3.186.0

data/lib/aws-sdk-sts/types.rb

@@ -10,32 +10,6 @@
 module Aws::STS
   module Types
 
-    # @note When making an API call, you may pass AssumeRoleRequest
-    #   data as a hash:
-    #
-    #       {
-    #         role_arn: "arnType", # required
-    #         role_session_name: "roleSessionNameType", # required
-    #         policy_arns: [
-    #           {
-    #             arn: "arnType",
-    #           },
-    #         ],
-    #         policy: "sessionPolicyDocumentType",
-    #         duration_seconds: 1,
-    #         tags: [
-    #           {
-    #             key: "tagKeyType", # required
-    #             value: "tagValueType", # required
-    #           },
-    #         ],
-    #         transitive_tag_keys: ["tagKeyType"],
-    #         external_id: "externalIdType",
-    #         serial_number: "serialNumberType",
-    #         token_code: "tokenCodeType",
-    #         source_identity: "sourceIdentityType",
-    #       }
-    #
     # @!attribute [rw] role_arn
     #   The Amazon Resource Name (ARN) of the role to assume.
     #   @return [String]
@@ -70,12 +44,13 @@ module Aws::STS
     #   Web Services Service Namespaces][1] in the Amazon Web Services
     #   General Reference.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -116,12 +91,13 @@ module Aws::STS
     #   include the tab (\\u0009), linefeed (\\u000A), and carriage return
     #   (\\u000D) characters.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -181,12 +157,13 @@ module Aws::STS
     #   values can’t exceed 256 characters. For these and additional limits,
     #   see [IAM and STS Character Limits][2] in the *IAM User Guide*.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -213,7 +190,7 @@ module Aws::STS
     #
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html
     #   [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length
-    #   [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/session-tags.html#id_session-tags_ctlogs
+    #   [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_ctlogs
     #   @return [Array<Types::Tag>]
     #
     # @!attribute [rw] transitive_tag_keys
@@ -310,6 +287,10 @@ module Aws::STS
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html
     #   @return [String]
     #
+    # @!attribute [rw] provided_contexts
+    #   Reserved for future use.
+    #   @return [Array<Types::ProvidedContext>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleRequest AWS API Documentation
     #
     class AssumeRoleRequest < Struct.new(
@@ -323,7 +304,8 @@ module Aws::STS
       :external_id,
       :serial_number,
       :token_code,
-      :source_identity)
+      :source_identity,
+      :provided_contexts)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -394,22 +376,6 @@ module Aws::STS
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass AssumeRoleWithSAMLRequest
-    #   data as a hash:
-    #
-    #       {
-    #         role_arn: "arnType", # required
-    #         principal_arn: "arnType", # required
-    #         saml_assertion: "SAMLAssertionType", # required
-    #         policy_arns: [
-    #           {
-    #             arn: "arnType",
-    #           },
-    #         ],
-    #         policy: "sessionPolicyDocumentType",
-    #         duration_seconds: 1,
-    #       }
-    #
     # @!attribute [rw] role_arn
     #   The Amazon Resource Name (ARN) of the role that the caller is
     #   assuming.
@@ -443,12 +409,13 @@ module Aws::STS
     #   Web Services Service Namespaces][1] in the Amazon Web Services
     #   General Reference.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -489,12 +456,13 @@ module Aws::STS
     #   include the tab (\\u0009), linefeed (\\u000A), and carriage return
     #   (\\u000D) characters.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -545,7 +513,7 @@ module Aws::STS
       :policy_arns,
       :policy,
       :duration_seconds)
-      SENSITIVE = []
+      SENSITIVE = [:saml_assertion]
       include Aws::Structure
     end
 
@@ -613,7 +581,7 @@ module Aws::STS
     #     in IAM.
     #
     #   The combination of `NameQualifier` and `Subject` can be used to
-    #   uniquely identify a federated user.
+    #   uniquely identify a user.
     #
     #   The following pseudocode shows how the hash value is calculated:
     #
@@ -665,23 +633,6 @@ module Aws::STS
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass AssumeRoleWithWebIdentityRequest
-    #   data as a hash:
-    #
-    #       {
-    #         role_arn: "arnType", # required
-    #         role_session_name: "roleSessionNameType", # required
-    #         web_identity_token: "clientTokenType", # required
-    #         provider_id: "urlType",
-    #         policy_arns: [
-    #           {
-    #             arn: "arnType",
-    #           },
-    #         ],
-    #         policy: "sessionPolicyDocumentType",
-    #         duration_seconds: 1,
-    #       }
-    #
     # @!attribute [rw] role_arn
     #   The Amazon Resource Name (ARN) of the role that the caller is
     #   assuming.
@@ -706,17 +657,18 @@ module Aws::STS
     #   provided by the identity provider. Your application must get this
     #   token by authenticating the user who is using your application with
     #   a web identity provider before the application makes an
-    #   `AssumeRoleWithWebIdentity` call.
+    #   `AssumeRoleWithWebIdentity` call. Only tokens with RSA algorithms
+    #   (RS256) are supported.
     #   @return [String]
     #
     # @!attribute [rw] provider_id
-    #   The fully qualified host component of the domain name of the
-    #   identity provider.
+    #   The fully qualified host component of the domain name of the OAuth
+    #   2.0 identity provider. Do not specify this value for an OpenID
+    #   Connect identity provider.
     #
-    #   Specify this value only for OAuth 2.0 access tokens. Currently
-    #   `www.amazon.com` and `graph.facebook.com` are the only supported
-    #   identity providers for OAuth 2.0 access tokens. Do not include URL
-    #   schemes and port numbers.
+    #   Currently `www.amazon.com` and `graph.facebook.com` are the only
+    #   supported identity providers for OAuth 2.0 access tokens. Do not
+    #   include URL schemes and port numbers.
     #
     #   Do not specify this value for OpenID Connect ID tokens.
     #   @return [String]
@@ -733,12 +685,13 @@ module Aws::STS
     #   Web Services Service Namespaces][1] in the Amazon Web Services
     #   General Reference.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -779,12 +732,13 @@ module Aws::STS
     #   include the tab (\\u0009), linefeed (\\u000A), and carriage return
     #   (\\u000D) characters.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -832,7 +786,7 @@ module Aws::STS
       :policy_arns,
       :policy,
       :duration_seconds)
-      SENSITIVE = []
+      SENSITIVE = [:web_identity_token]
       include Aws::Structure
     end
 
@@ -993,17 +947,10 @@ module Aws::STS
       :secret_access_key,
       :session_token,
       :expiration)
-      SENSITIVE = []
+      SENSITIVE = [:secret_access_key]
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass DecodeAuthorizationMessageRequest
-    #   data as a hash:
-    #
-    #       {
-    #         encoded_message: "encodedMessageType", # required
-    #       }
-    #
     # @!attribute [rw] encoded_message
     #   The encoded message that was returned with the response.
     #   @return [String]
@@ -1074,13 +1021,6 @@ module Aws::STS
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetAccessKeyInfoRequest
-    #   data as a hash:
-    #
-    #       {
-    #         access_key_id: "accessKeyIdType", # required
-    #       }
-    #
     # @!attribute [rw] access_key_id
     #   The identifier of an access key.
     #
@@ -1149,26 +1089,6 @@ module Aws::STS
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetFederationTokenRequest
-    #   data as a hash:
-    #
-    #       {
-    #         name: "userNameType", # required
-    #         policy: "sessionPolicyDocumentType",
-    #         policy_arns: [
-    #           {
-    #             arn: "arnType",
-    #           },
-    #         ],
-    #         duration_seconds: 1,
-    #         tags: [
-    #           {
-    #             key: "tagKeyType", # required
-    #             value: "tagValueType", # required
-    #           },
-    #         ],
-    #       }
-    #
     # @!attribute [rw] name
     #   The name of the federated user. The name is used as an identifier
     #   for the temporary security credentials (such as `Bob`). For example,
@@ -1187,8 +1107,8 @@ module Aws::STS
     #
     #   You must pass an inline or managed [session policy][1] to this
     #   operation. You can pass a single JSON policy document to use as an
-    #   inline session policy. You can also specify up to 10 managed
-    #   policies to use as managed session policies.
+    #   inline session policy. You can also specify up to 10 managed policy
+    #   Amazon Resource Names (ARNs) to use as managed session policies.
     #
     #   This parameter is optional. However, if you do not pass any session
     #   policies, then the resulting federated user session has no
@@ -1216,12 +1136,13 @@ module Aws::STS
     #   include the tab (\\u0009), linefeed (\\u000A), and carriage return
     #   (\\u000D) characters.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -1238,13 +1159,13 @@ module Aws::STS
     #
     #   You must pass an inline or managed [session policy][1] to this
     #   operation. You can pass a single JSON policy document to use as an
-    #   inline session policy. You can also specify up to 10 managed
-    #   policies to use as managed session policies. The plaintext that you
-    #   use for both inline and managed session policies can't exceed 2,048
-    #   characters. You can provide up to 10 managed policy ARNs. For more
-    #   information about ARNs, see [Amazon Resource Names (ARNs) and Amazon
-    #   Web Services Service Namespaces][2] in the Amazon Web Services
-    #   General Reference.
+    #   inline session policy. You can also specify up to 10 managed policy
+    #   Amazon Resource Names (ARNs) to use as managed session policies. The
+    #   plaintext that you use for both inline and managed session policies
+    #   can't exceed 2,048 characters. You can provide up to 10 managed
+    #   policy ARNs. For more information about ARNs, see [Amazon Resource
+    #   Names (ARNs) and Amazon Web Services Service Namespaces][2] in the
+    #   Amazon Web Services General Reference.
     #
     #   This parameter is optional. However, if you do not pass any session
     #   policies, then the resulting federated user session has no
@@ -1265,12 +1186,13 @@ module Aws::STS
     #   are granted in addition to the permissions that are granted by the
     #   session policies.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -1284,11 +1206,10 @@ module Aws::STS
     #   The duration, in seconds, that the session should last. Acceptable
     #   durations for federation sessions range from 900 seconds (15
     #   minutes) to 129,600 seconds (36 hours), with 43,200 seconds (12
-    #   hours) as the default. Sessions obtained using Amazon Web Services
-    #   account root user credentials are restricted to a maximum of 3,600
-    #   seconds (one hour). If the specified duration is longer than one
-    #   hour, the session obtained by using root user credentials defaults
-    #   to one hour.
+    #   hours) as the default. Sessions obtained using root user credentials
+    #   are restricted to a maximum of 3,600 seconds (one hour). If the
+    #   specified duration is longer than one hour, the session obtained by
+    #   using root user credentials defaults to one hour.
     #   @return [Integer]
     #
     # @!attribute [rw] tags
@@ -1301,12 +1222,13 @@ module Aws::STS
     #   values can’t exceed 256 characters. For these and additional limits,
     #   see [IAM and STS Character Limits][2] in the *IAM User Guide*.
     #
-    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed session
-    #   policies and session tags into a packed binary format that has a
-    #   separate limit. Your request can fail for this limit even if your
-    #   plaintext meets the other requirements. The `PackedPolicySize`
-    #   response element indicates by percentage how close the policies and
-    #   tags for your request are to the upper size limit.
+    #   <note markdown="1"> An Amazon Web Services conversion compresses the passed inline
+    #   session policy, managed policy ARNs, and session tags into a packed
+    #   binary format that has a separate limit. Your request can fail for
+    #   this limit even if your plaintext meets the other requirements. The
+    #   `PackedPolicySize` response element indicates by percentage how
+    #   close the policies and tags for your request are to the upper size
+    #   limit.
     #
     #    </note>
     #
@@ -1379,15 +1301,6 @@ module Aws::STS
       include Aws::Structure
     end
 
-    # @note When making an API call, you may pass GetSessionTokenRequest
-    #   data as a hash:
-    #
-    #       {
-    #         duration_seconds: 1,
-    #         serial_number: "serialNumberType",
-    #         token_code: "tokenCodeType",
-    #       }
-    #
     # @!attribute [rw] duration_seconds
     #   The duration, in seconds, that the credentials should remain valid.
     #   Acceptable durations for IAM user sessions range from 900 seconds
@@ -1571,13 +1484,6 @@ module Aws::STS
     # A reference to the IAM managed policy that is passed as a session
     # policy for a role session or a federated user session.
     #
-    # @note When making an API call, you may pass PolicyDescriptorType
-    #   data as a hash:
-    #
-    #       {
-    #         arn: "arnType",
-    #       }
-    #
     # @!attribute [rw] arn
     #   The Amazon Resource Name (ARN) of the IAM managed policy to use as a
     #   session policy for the role. For more information about ARNs, see
@@ -1597,6 +1503,25 @@ module Aws::STS
       include Aws::Structure
     end
 
+    # Reserved for future use.
+    #
+    # @!attribute [rw] provider_arn
+    #   Reserved for future use.
+    #   @return [String]
+    #
+    # @!attribute [rw] context_assertion
+    #   Reserved for future use.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/ProvidedContext AWS API Documentation
+    #
+    class ProvidedContext < Struct.new(
+      :provider_arn,
+      :context_assertion)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # STS is not activated in the requested region for the account that is
     # being asked to generate credentials. The account administrator must
     # use the IAM console to activate STS in that region. For more
@@ -1628,14 +1553,6 @@ module Aws::STS
     #
     # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html
     #
-    # @note When making an API call, you may pass Tag
-    #   data as a hash:
-    #
-    #       {
-    #         key: "tagKeyType", # required
-    #         value: "tagValueType", # required
-    #       }
-    #
     # @!attribute [rw] key
     #   The key for a session tag.
     #

data/lib/aws-sdk-sts.rb

@@ -15,9 +15,13 @@ end
 
 require_relative 'aws-sdk-sts/types'
 require_relative 'aws-sdk-sts/client_api'
+require_relative 'aws-sdk-sts/plugins/endpoints.rb'
 require_relative 'aws-sdk-sts/client'
 require_relative 'aws-sdk-sts/errors'
 require_relative 'aws-sdk-sts/resource'
+require_relative 'aws-sdk-sts/endpoint_parameters'
+require_relative 'aws-sdk-sts/endpoint_provider'
+require_relative 'aws-sdk-sts/endpoints'
 require_relative 'aws-sdk-sts/customizations'
 
 # This module provides support for AWS Security Token Service. This module is available in the
@@ -50,6 +54,6 @@ require_relative 'aws-sdk-sts/customizations'
 # @!group service
 module Aws::STS
 
-  GEM_VERSION = '3.124.0'
+  GEM_VERSION = '3.186.0'
 
 end

data/lib/seahorse/client/async_base.rb

@@ -49,4 +49,3 @@ module Seahorse
     end
   end
 end
-

data/lib/seahorse/client/configuration.rb

@@ -68,7 +68,7 @@ module Seahorse
           @block = block
         end
 
-        def call(*args) 
+        def call(*args)
           @block.call(*args)
         end
       end
@@ -204,10 +204,6 @@ module Seahorse
         def value_at(opt_name)
           value = @struct[opt_name]
           if value.is_a?(Defaults)
-            # this config value is used by endpoint discovery
-            if opt_name == :endpoint && @struct.members.include?(:regional_endpoint)
-              @struct[:regional_endpoint] = true
-            end
             resolve_defaults(opt_name, value)
           else
             value

data/lib/seahorse/client/h2/connection.rb

@@ -43,7 +43,9 @@ module Seahorse
           @h2_client = HTTP2::Client.new(
             settings_max_concurrent_streams: max_concurrent_streams
           )
-          @logger = options[:logger] || Logger.new($stdout) if @http_wire_trace
+          @logger = if @http_wire_trace
+            options[:logger] || Logger.new($stdout)
+          end
           @chunk_size = options[:read_chunk_size] || CHUNKSIZE
           @errors = []
           @status = :ready
@@ -104,7 +106,7 @@ module Seahorse
           @mutex.synchronize {
             return if @socket_thread
             @socket_thread = Thread.new do
-              while !@socket.closed?
+              while @socket && !@socket.closed?
                 begin
                   data = @socket.read_nonblock(@chunk_size)
                   @h2_client << data
@@ -130,6 +132,7 @@ module Seahorse
                   self.close!
                 end
               end
+              @socket_thread = nil
             end
             @socket_thread.abort_on_exception = true
           }
@@ -142,10 +145,6 @@ module Seahorse
               @socket.close
               @socket = nil
             end
-            if @socket_thread
-              Thread.kill(@socket_thread)
-              @socket_thread = nil
-            end
             @status = :closed
           }
         end
@@ -183,11 +182,13 @@ module Seahorse
               @socket.flush
             end
           end
-          @h2_client.on(:frame_sent) do |frame|
-            debug_output("frame: #{frame.inspect}", :send)
-          end
-          @h2_client.on(:frame_received) do |frame|
-            debug_output("frame: #{frame.inspect}", :receive)
+          if @http_wire_trace
+            @h2_client.on(:frame_sent) do |frame|
+              debug_output("frame: #{frame.inspect}", :send)
+            end
+            @h2_client.on(:frame_received) do |frame|
+              debug_output("frame: #{frame.inspect}", :receive)
+            end
           end
         end
 

data/lib/seahorse/client/net_http/connection_pool.rb

@@ -34,6 +34,7 @@ module Seahorse
           ssl_ca_bundle: nil,
           ssl_ca_directory: nil,
           ssl_ca_store: nil,
+          ssl_timeout: nil
         }
 
         # @api private
@@ -187,6 +188,9 @@ module Seahorse
           #   disables this behaviour.  This value can safely be set per
           #   request on the session yielded by {#session_for}.
           #
+          # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+          #   in seconds.
+          #
           # @option options [Boolean] :http_wire_trace (false) When `true`,
           #   HTTP debug output will be sent to the `:logger`.
           #
@@ -248,6 +252,7 @@ module Seahorse
               :ssl_ca_bundle => options[:ssl_ca_bundle],
               :ssl_ca_directory => options[:ssl_ca_directory],
               :ssl_ca_store => options[:ssl_ca_store],
+              :ssl_timeout => options[:ssl_timeout]
             }
           end
 
@@ -285,6 +290,8 @@ module Seahorse
 
           if endpoint.scheme == 'https'
             http.use_ssl = true
+            http.ssl_timeout = ssl_timeout
+
             if ssl_verify_peer?
               http.verify_mode = OpenSSL::SSL::VERIFY_PEER
               http.ca_file = ssl_ca_bundle if ssl_ca_bundle