bunny 2.14.2 → 2.22.0

data/lib/bunny/session.rb

@@ -71,6 +71,7 @@ module Bunny
     # Default reconnection interval for TCP connection failures
     DEFAULT_NETWORK_RECOVERY_INTERVAL = 5.0
 
+    DEFAULT_RECOVERABLE_EXCEPTIONS = [StandardError, TCPConnectionFailedForAllHosts, TCPConnectionFailed, AMQ::Protocol::EmptyResponseError, SystemCallError, Timeout::Error, Bunny::ConnectionLevelException, Bunny::ConnectionClosedError]
 
     #
     # API
@@ -89,7 +90,9 @@ module Bunny
     # @return [Integer] Timeout for blocking protocol operations (queue.declare, queue.bind, etc), in milliseconds. Default is 15000.
     attr_reader :continuation_timeout
     attr_reader :network_recovery_interval
+    attr_reader :connection_name
     attr_accessor :socket_configurator
+    attr_accessor :recoverable_exceptions
 
     # @param [String, Hash] connection_string_or_opts Connection string or a hash of connection options
     # @param [Hash] optz Extra options not related to connection
@@ -108,7 +111,7 @@ module Bunny
     # @option connection_string_or_opts [String] :tls_key (nil) Path to client TLS/SSL private key file (.pem)
     # @option connection_string_or_opts [Array<String>] :tls_ca_certificates Array of paths to TLS/SSL CA files (.pem), by default detected from OpenSSL configuration
     # @option connection_string_or_opts [String] :verify_peer (true) Whether TLS peer verification should be performed
-    # @option connection_string_or_opts [Symbol] :tls_version (negotiated) What TLS version should be used (:TLSv1, :TLSv1_1, or :TLSv1_2)
+    # @option connection_string_or_opts [Symbol] :tls_protocol (negotiated) What TLS version should be used (:TLSv1, :TLSv1_1, or :TLSv1_2)
     # @option connection_string_or_opts [Integer] :channel_max (2047) Maximum number of channels allowed on this connection, minus 1 to account for the special channel 0.
     # @option connection_string_or_opts [Integer] :continuation_timeout (15000) Timeout for client operations that expect a response (e.g. {Bunny::Queue#get}), in milliseconds.
     # @option connection_string_or_opts [Integer] :connection_timeout (30) Timeout in seconds for connecting to the server.
@@ -123,10 +126,15 @@ module Bunny
     # @option connection_string_or_opts [Boolean] :automatically_recover (true) Should automatically recover from network failures?
     # @option connection_string_or_opts [Integer] :recovery_attempts (nil) Max number of recovery attempts, nil means forever
     # @option connection_string_or_opts [Integer] :reset_recovery_attempts_after_reconnection (true) Should recovery attempt counter be reset after successful reconnection? When set to false, the attempt counter will last through the entire lifetime of the connection object.
+    # @option connection_string_or_opts [Proc] :recovery_attempt_started (nil) Will be called before every connection recovery attempt
+    # @option connection_string_or_opts [Proc] :recovery_completed (nil) Will be called after successful connection recovery
+    # @option connection_string_or_opts [Proc] :recovery_attempts_exhausted (nil) Will be called when the connection recovery failed after the specified amount of recovery attempts
     # @option connection_string_or_opts [Boolean] :recover_from_connection_close (true) Should this connection recover after receiving a server-sent connection.close (e.g. connection was force closed)?
+    # @option connection_string_or_opts [Object] :session_error_handler (Thread.current) Object which responds to #raise that will act as a session error handler. Defaults to Thread.current, which will raise asynchronous exceptions in the thread that created the session.
     #
     # @option optz [String] :auth_mechanism ("PLAIN") Authentication mechanism, PLAIN or EXTERNAL
     # @option optz [String] :locale ("PLAIN") Locale RabbitMQ should use
+    # @option optz [String] :connection_name (nil) Client-provided connection name, if any. Note that the value returned does not uniquely identify a connection and cannot be used as a connection identifier in HTTP API requests.
     #
     # @see http://rubybunny.info/articles/connecting.html Connecting to RabbitMQ guide
     # @see http://rubybunny.info/articles/tls.html TLS/SSL guide
@@ -169,8 +177,9 @@ module Bunny
       @automatically_recover = if opts[:automatically_recover].nil? && opts[:automatic_recovery].nil?
                                  true
                                else
-                                 opts[:automatically_recover] || opts[:automatic_recovery]
+                                 opts[:automatically_recover] | opts[:automatic_recovery]
                                end
+      @recovering_from_network_failure = false
       @max_recovery_attempts = opts[:recovery_attempts]
       @recovery_attempts     = @max_recovery_attempts
       # When this is set, connection attempts won't be reset after
@@ -184,6 +193,7 @@ module Bunny
       @continuation_timeout   = opts.fetch(:continuation_timeout, DEFAULT_CONTINUATION_TIMEOUT)
 
       @status             = :not_connected
+      @manually_closed    = false
       @blocked            = false
 
       # these are negotiated with the broker during the connection tuning phase
@@ -195,7 +205,9 @@ module Bunny
       @client_heartbeat   = self.heartbeat_from(opts)
 
       client_props         = opts[:properties] || opts[:client_properties] || {}
+      @connection_name     = client_props[:connection_name] || opts[:connection_name]
       @client_properties   = DEFAULT_CLIENT_PROPERTIES.merge(client_props)
+                                                      .merge(connection_name: connection_name)
       @mechanism           = normalize_auth_mechanism(opts.fetch(:auth_mechanism, "PLAIN"))
       @credentials_encoder = credentials_encoder_for(@mechanism)
       @locale              = @opts.fetch(:locale, DEFAULT_LOCALE)
@@ -211,9 +223,14 @@ module Bunny
       @address_index_mutex = @mutex_impl.new
 
       @channels            = Hash.new
-      @recovery_completed = opts[:recovery_completed]
 
-      @origin_thread       = Thread.current
+      @recovery_attempt_started = opts[:recovery_attempt_started]
+      @recovery_completed       = opts[:recovery_completed]
+      @recovery_attempts_exhausted          = opts[:recovery_attempts_exhausted]
+
+      @session_error_handler = opts.fetch(:session_error_handler, Thread.current)
+
+      @recoverable_exceptions = DEFAULT_RECOVERABLE_EXCEPTIONS.dup
 
       self.reset_continuations
       self.initialize_transport
@@ -340,6 +357,14 @@ module Bunny
       self
     end
 
+    def update_secret(value, reason)
+      @transport.send_frame(AMQ::Protocol::Connection::UpdateSecret.encode(value, reason))
+      @last_update_secret_ok = wait_on_continuations
+      raise_if_continuation_resulted_in_a_connection_error!
+
+      @last_update_secret_ok
+    end
+
     # Socket operation write timeout used by this connection
     # @return [Integer]
     # @private
@@ -518,6 +543,24 @@ module Bunny
       end
     end
 
+    # Defines a callable (e.g. a block) that will be called
+    # before every connection recovery attempt.
+    def before_recovery_attempt_starts(&block)
+      @recovery_attempt_started = block
+    end
+
+    # Defines a callable (e.g. a block) that will be called
+    # after successful connection recovery.
+    def after_recovery_completed(&block)
+      @recovery_completed = block
+    end
+
+    # Defines a callable (e.g. a block) that will be called
+    # when the connection recovery failed after the specified
+    # numbers of recovery attempts.
+    def after_recovery_attempts_exhausted(&block)
+      @recovery_attempts_exhausted = block
+    end
 
     #
     # Implementation
@@ -630,6 +673,8 @@ module Bunny
       when AMQ::Protocol::Connection::Unblocked then
         @blocked = false
         @unblock_callback.call(method) if @unblock_callback
+      when AMQ::Protocol::Connection::UpdateSecretOk then
+        @continuations.push(method)
       when AMQ::Protocol::Channel::Close then
         begin
           ch = synchronised_find_channel(ch_number)
@@ -638,8 +683,12 @@ module Bunny
           # avoid doing that while holding a mutex lock. MK.
           ch.handle_method(method)
         ensure
-          # synchronises on @channel_mutex under the hood
-          self.unregister_channel(ch)
+          if ch.nil?
+            @logger.warn "Received a server-sent channel.close but the channel was not found locally. Ignoring the frame."
+          else
+            # synchronises on @channel_mutex under the hood
+            self.unregister_channel(ch)
+          end
         end
       when AMQ::Protocol::Basic::GetEmpty then
         ch = find_channel(ch_number)
@@ -710,9 +759,7 @@ module Bunny
 
     # @private
     def recoverable_network_failure?(exception)
-      # No reasonably smart strategy was suggested in a few years.
-      # So just recover unconditionally. MK.
-      true
+      @recoverable_exceptions.any? {|x| exception.kind_of? x}
     end
 
     # @private
@@ -733,6 +780,7 @@ module Bunny
     def recover_from_network_failure
       sleep @network_recovery_interval
       @logger.debug "Will attempt connection recovery..."
+      notify_of_recovery_attempt_start
 
       self.initialize_transport
 
@@ -756,19 +804,23 @@ module Bunny
     rescue HostListDepleted
       reset_address_index
       retry
-    rescue TCPConnectionFailedForAllHosts, TCPConnectionFailed, AMQ::Protocol::EmptyResponseError, SystemCallError, Timeout::Error => e
-      @logger.warn "TCP connection failed, reconnecting in #{@network_recovery_interval} seconds"
-      if should_retry_recovery?
-        decrement_recovery_attemp_counter!
-        if recoverable_network_failure?(e)
+    rescue => e
+      if recoverable_network_failure?(e)
+        @logger.warn "TCP connection failed"
+        if should_retry_recovery?
+          @logger.warn "Reconnecting in #{@network_recovery_interval} seconds"
+          decrement_recovery_attemp_counter!
           announce_network_failure_recovery
           retry
+        else
+          @logger.error "Ran out of recovery attempts (limit set to #{@max_recovery_attempts}), giving up"
+          @transport.close
+          self.close(false)
+          @manually_closed = false
+          notify_of_recovery_attempts_exhausted
         end
       else
-        @logger.error "Ran out of recovery attempts (limit set to #{@max_recovery_attempts}), giving up"
-        @transport.close
-        self.close(false)
-        @manually_closed = false
+        raise e
       end
     end
 
@@ -806,8 +858,9 @@ module Bunny
       end
     end
 
-    def after_recovery_completed(&block)
-      @recovery_completed = block
+    # @private
+    def notify_of_recovery_attempt_start
+      @recovery_attempt_started.call if @recovery_attempt_started
     end
 
     # @private
@@ -815,6 +868,11 @@ module Bunny
       @recovery_completed.call if @recovery_completed
     end
 
+    # @private
+    def notify_of_recovery_attempts_exhausted
+      @recovery_attempts_exhausted.call if @recovery_attempts_exhausted
+    end
+
     # @private
     def instantiate_connection_level_exception(frame)
       case frame
@@ -850,7 +908,7 @@ module Bunny
 
       clean_up_on_shutdown
       if threaded?
-        @origin_thread.raise(@last_connection_error)
+        @session_error_handler.raise(@last_connection_error)
       else
         raise @last_connection_error
       end
@@ -1007,7 +1065,7 @@ module Bunny
 
     # @private
     def reader_loop
-      @reader_loop ||= ReaderLoop.new(@transport, self, Thread.current)
+      @reader_loop ||= ReaderLoop.new(@transport, self, @session_error_handler)
     end
 
     # @private
@@ -1270,7 +1328,7 @@ module Bunny
           end
 
           if threaded?
-            @origin_thread.raise(e)
+            @session_error_handler.raise(e)
           else
             raise e
           end
@@ -1316,8 +1374,8 @@ module Bunny
         @transport = Transport.new(self,
                                    host_from_address(address),
                                    port_from_address(address),
-                                   @opts.merge(:session_thread => @origin_thread)
-                                  )
+                                   @opts.merge(:session_error_handler => @session_error_handler)
+        )
 
         # Reset the cached progname for the logger only when no logger was provided
         @default_logger.progname = self.to_s

data/lib/bunny/transport.rb

@@ -25,6 +25,30 @@ module Bunny
     DEFAULT_READ_TIMEOUT  = 30.0
     DEFAULT_WRITE_TIMEOUT = 30.0
 
+    # mimics METHODS_MAP in ssl.rb but also lists TLS 1.3
+    # and string constants
+    TLS_VERSION_ALIASES = {
+      TLSv1: OpenSSL::SSL::TLS1_VERSION,
+      TLSv1_1: OpenSSL::SSL::TLS1_1_VERSION,
+      TLSv1_2: OpenSSL::SSL::TLS1_2_VERSION,
+      "1.0": OpenSSL::SSL::TLS1_VERSION,
+      "1.1": OpenSSL::SSL::TLS1_1_VERSION,
+      "1.2": OpenSSL::SSL::TLS1_2_VERSION,
+      OpenSSL::SSL::TLS1_VERSION => OpenSSL::SSL::TLS1_VERSION,
+      OpenSSL::SSL::TLS1_1_VERSION => OpenSSL::SSL::TLS1_1_VERSION,
+      OpenSSL::SSL::TLS1_2_VERSION => OpenSSL::SSL::TLS1_2_VERSION
+    }
+
+    # older OpenSSL versions won't support for TLS 1.3 and won't
+    # have this constant defined.
+    if defined?(OpenSSL::SSL::TLS1_3_VERSION)
+      TLS_VERSION_ALIASES["1.3"]                        = OpenSSL::SSL::TLS1_3_VERSION
+      TLS_VERSION_ALIASES[:TLSv1_3]                     = OpenSSL::SSL::TLS1_3_VERSION
+      TLS_VERSION_ALIASES[OpenSSL::SSL::TLS1_3_VERSION] = OpenSSL::SSL::TLS1_3_VERSION
+    end
+
+    TLS_VERSION_ALIASES.freeze
+
     attr_reader :session, :host, :port, :socket, :connect_timeout, :read_timeout, :write_timeout, :disconnect_timeout
     attr_reader :tls_context, :verify_peer, :tls_ca_certificates, :tls_certificate_path, :tls_key_path
 
@@ -35,7 +59,7 @@ module Bunny
 
     def initialize(session, host, port, opts)
       @session        = session
-      @session_thread = opts[:session_thread]
+      @session_error_handler = opts[:session_error_handler]
       @host    = host
       @port    = port
       @opts    = opts
@@ -146,7 +170,7 @@ module Bunny
           if @session.automatically_recover?
             @session.handle_network_failure(e)
           else
-            @session_thread.raise(Bunny::NetworkFailure.new("detected a network failure: #{e.message}", e))
+            @session_error_handler.raise(Bunny::NetworkFailure.new("detected a network failure: #{e.message}", e))
           end
         end
       end
@@ -170,7 +194,7 @@ module Bunny
           if @session.automatically_recover?
             @session.handle_network_failure(e)
           else
-            @session_thread.raise(Bunny::NetworkFailure.new("detected a network failure: #{e.message}", e))
+            @session_error_handler.raise(Bunny::NetworkFailure.new("detected a network failure: #{e.message}", e))
           end
         end
       end
@@ -188,7 +212,7 @@ module Bunny
         if @session.automatically_recover?
           @session.handle_network_failure(e)
         else
-          @session_thread.raise(Bunny::NetworkFailure.new("detected a network failure: #{e.message}", e))
+          @session_error_handler.raise(Bunny::NetworkFailure.new("detected a network failure: #{e.message}", e))
         end
       end
     end
@@ -245,7 +269,7 @@ module Bunny
         if @session.automatically_recover?
           raise
         else
-          @session_thread.raise(Bunny::NetworkFailure.new("detected a network failure: #{e.message}", e))
+          @session_error_handler.raise(Bunny::NetworkFailure.new("detected a network failure: #{e.message}", e))
         end
       end
     end
@@ -453,9 +477,9 @@ module Bunny
       end
     end
 
-    def initialize_tls_context(ctx, opts={})
+    def initialize_tls_context(ctx, opts = {})
       ctx.cert       = OpenSSL::X509::Certificate.new(@tls_certificate) if @tls_certificate
-      ctx.key        = OpenSSL::PKey::RSA.new(@tls_key) if @tls_key
+      ctx.key        = OpenSSL::PKey.read(@tls_key) if @tls_key
       ctx.cert_store = if @tls_certificate_store
                          @tls_certificate_store
                        else
@@ -463,8 +487,9 @@ module Bunny
                          @tls_ca_certificates = tls_ca_certificates_paths_from(opts)
                          initialize_tls_certificate_store(@tls_ca_certificates)
                        end
+      should_silence_warnings = opts.fetch(:tls_silence_warnings, false)
 
-      if !@tls_certificate
+      if !@tls_certificate && !should_silence_warnings
         @logger.warn <<-MSG
 Using TLS but no client certificate is provided. If RabbitMQ is configured to require & verify peer
 certificate, connection will be rejected. Learn more at https://www.rabbitmq.com/ssl.html
@@ -482,15 +507,19 @@ certificate, connection will be rejected. Learn more at https://www.rabbitmq.com
       @logger.debug { "Will use peer verification mode #{verify_mode}" }
       ctx.verify_mode = verify_mode
 
-      if !@verify_peer
+      if !@verify_peer && !should_silence_warnings
         @logger.warn <<-MSG
 Using TLS but peer hostname verification is disabled. This is convenient for local development
 but prone to man-in-the-middle attacks. Please set verify_peer: true in production. Learn more at https://www.rabbitmq.com/ssl.html
         MSG
       end
 
-      ssl_version = opts[:tls_protocol] || opts[:ssl_version]
-      ctx.ssl_version = ssl_version if ssl_version
+      ssl_version = opts[:tls_protocol] || opts[:ssl_version] || :TLSv1_2
+      if ssl_version
+        v = tls_version_constant(ssl_version)
+        ctx.min_version = v
+        ctx.max_version = v
+      end
 
       ctx
     end
@@ -501,7 +530,7 @@ but prone to man-in-the-middle attacks. Please set verify_peer: true in producti
       certs.each do |cert|
         # if it starts with / or C:/ then it's a file path that may or may not
         # exist (e.g. a default OpenSSL path). MK.
-        if File.readable?(cert) || cert =~ /^([a-z]:?)?\//i
+        if File.readable?(cert) || cert =~ /\A([a-z]:?)?\//i
           cert_files.push(cert)
         else
           cert_inlines.push(cert)
@@ -518,6 +547,14 @@ but prone to man-in-the-middle attacks. Please set verify_peer: true in producti
       end
     end
 
+
+    def tls_version_constant(value)
+      # OpenSSL::SSL::TLS1_3_VERSION and similar constants
+      # are just integers, so use the value itself as fallback since
+      # there is no class to case switch on
+      TLS_VERSION_ALIASES[value] || value
+    end
+
     def timeout_from(options)
       options[:connect_timeout] || options[:connection_timeout] || options[:timeout] || DEFAULT_CONNECTION_TIMEOUT
     end

data/lib/bunny/version.rb

@@ -2,5 +2,5 @@
 
 module Bunny
   # @return [String] Version of the library
-  VERSION = "2.14.2"
+  VERSION = "2.22.0"
 end

data/lib/bunny.rb

@@ -53,17 +53,58 @@ module Bunny
   # Instantiates a new connection. The actual network
   # connection is started with {Bunny::Session#start}
   #
+  # @param [String, Hash] connection_string_or_opts Connection string or a hash of connection options
+  # @param [Hash] optz Extra options not related to connection
+  #
+  # @option connection_string_or_opts [String] :host ("127.0.0.1") Hostname or IP address to connect to
+  # @option connection_string_or_opts [Array<String>] :hosts (["127.0.0.1"]) list of hostname or IP addresses to select hostname from when connecting
+  # @option connection_string_or_opts [Array<String>] :addresses (["127.0.0.1:5672"]) list of addresses to select hostname and port from when connecting
+  # @option connection_string_or_opts [Integer] :port (5672) Port RabbitMQ listens on
+  # @option connection_string_or_opts [String] :username ("guest") Username
+  # @option connection_string_or_opts [String] :password ("guest") Password
+  # @option connection_string_or_opts [String] :vhost ("/") Virtual host to use
+  # @option connection_string_or_opts [Integer, Symbol] :heartbeat (:server) Heartbeat timeout to offer to the server. :server means use the value suggested by RabbitMQ. 0 means heartbeats and socket read timeouts will be disabled (not recommended).
+  # @option connection_string_or_opts [Integer] :network_recovery_interval (4) Recovery interval periodic network recovery will use. This includes initial pause after network failure.
+  # @option connection_string_or_opts [Boolean] :tls (false) Should TLS/SSL be used?
+  # @option connection_string_or_opts [String] :tls_cert (nil) Path to client TLS/SSL certificate file (.pem)
+  # @option connection_string_or_opts [String] :tls_key (nil) Path to client TLS/SSL private key file (.pem)
+  # @option connection_string_or_opts [Array<String>] :tls_ca_certificates Array of paths to TLS/SSL CA files (.pem), by default detected from OpenSSL configuration
+  # @option connection_string_or_opts [String] :verify_peer (true) Whether TLS peer verification should be performed
+  # @option connection_string_or_opts [Symbol] :tls_protocol (negotiated) What TLS version should be used (:TLSv1, :TLSv1_1, or :TLSv1_2)
+  # @option connection_string_or_opts [Integer] :channel_max (2047) Maximum number of channels allowed on this connection, minus 1 to account for the special channel 0.
+  # @option connection_string_or_opts [Integer] :continuation_timeout (15000) Timeout for client operations that expect a response (e.g. {Bunny::Queue#get}), in milliseconds.
+  # @option connection_string_or_opts [Integer] :connection_timeout (30) Timeout in seconds for connecting to the server.
+  # @option connection_string_or_opts [Integer] :read_timeout (30) TCP socket read timeout in seconds. If heartbeats are disabled this will be ignored.
+  # @option connection_string_or_opts [Integer] :write_timeout (30) TCP socket write timeout in seconds.
+  # @option connection_string_or_opts [Proc] :hosts_shuffle_strategy a callable that reorders a list of host strings, defaults to Array#shuffle
+  # @option connection_string_or_opts [Proc] :recovery_completed a callable that will be called when a network recovery is performed
+  # @option connection_string_or_opts [Logger] :logger The logger.  If missing, one is created using :log_file and :log_level.
+  # @option connection_string_or_opts [IO, String] :log_file The file or path to use when creating a logger.  Defaults to STDOUT.
+  # @option connection_string_or_opts [IO, String] :logfile DEPRECATED: use :log_file instead.  The file or path to use when creating a logger.  Defaults to STDOUT.
+  # @option connection_string_or_opts [Integer] :log_level The log level to use when creating a logger.  Defaults to LOGGER::WARN
+  # @option connection_string_or_opts [Boolean] :automatically_recover (true) Should automatically recover from network failures?
+  # @option connection_string_or_opts [Integer] :recovery_attempts (nil) Max number of recovery attempts, nil means forever
+  # @option connection_string_or_opts [Integer] :reset_recovery_attempts_after_reconnection (true) Should recovery attempt counter be reset after successful reconnection? When set to false, the attempt counter will last through the entire lifetime of the connection object.
+  # @option connection_string_or_opts [Proc] :recovery_attempt_started (nil) Will be called before every connection recovery attempt
+  # @option connection_string_or_opts [Proc] :recovery_completed (nil) Will be called after successful connection recovery
+  # @option connection_string_or_opts [Boolean] :recover_from_connection_close (true) Should this connection recover after receiving a server-sent connection.close (e.g. connection was force closed)?
+  # @option connection_string_or_opts [Object] :session_error_handler (Thread.current) Object which responds to #raise that will act as a session error handler. Defaults to Thread.current, which will raise asynchronous exceptions in the thread that created the session.
+  #
+  # @option optz [String] :auth_mechanism ("PLAIN") Authentication mechanism, PLAIN or EXTERNAL
+  # @option optz [String] :locale ("PLAIN") Locale RabbitMQ should use
+  # @option optz [String] :connection_name (nil) Client-provided connection name, if any. Note that the value returned does not uniquely identify a connection and cannot be used as a connection identifier in HTTP API requests.
+  #
   # @return [Bunny::Session]
   # @see Bunny::Session#start
   # @see http://rubybunny.info/articles/getting_started.html
   # @see http://rubybunny.info/articles/connecting.html
   # @api public
-  def self.new(connection_string_or_opts = ENV['RABBITMQ_URL'], opts = {})
-    if connection_string_or_opts.respond_to?(:keys) && opts.empty?
-      opts = connection_string_or_opts
+  def self.new(connection_string_or_opts = ENV['RABBITMQ_URL'], optz = {})
+    if connection_string_or_opts.respond_to?(:keys) && optz.empty?
+      optz = connection_string_or_opts
     end
 
-    conn = Session.new(connection_string_or_opts, opts)
+    conn = Session.new(connection_string_or_opts, optz)
     @default_connection ||= conn
 
     conn