ftw 0.0.42 → 0.0.43
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ftw/connection.rb +29 -15
- data/lib/ftw/server.rb +2 -0
- data/lib/ftw/version.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e554187a6f1f99f8aff5f44525e78e22e8d26650
|
|
4
|
+
data.tar.gz: 3470b1876552ed207ee28f063ed88ff5baea514e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 368bd3157428d274bde3ba04c1ca670002ff1993cbd03292f71b2706433a24c63ce8d9fd7a95d45c67e282a1864526608d7237f79125171da78560f2953a0b8c
|
|
7
|
+
data.tar.gz: 8ab90dfa46381cd5a6cf4d107d4892dc179ff2c27c8281508f6181bed91688c1d4234d149c596a1dae16400a60efaa4da2b790ad72f0916640f3a3ff93ce56b7
|
data/lib/ftw/connection.rb
CHANGED
|
@@ -2,6 +2,7 @@ require "cabin" # rubygem "cabin"
|
|
|
2
2
|
require "ftw/dns"
|
|
3
3
|
require "ftw/poolable"
|
|
4
4
|
require "ftw/namespace"
|
|
5
|
+
require "ftw/agent"
|
|
5
6
|
require "socket"
|
|
6
7
|
require "timeout" # ruby stdlib, just for the Timeout exception.
|
|
7
8
|
|
|
@@ -267,20 +268,21 @@ class FTW::Connection
|
|
|
267
268
|
|
|
268
269
|
# End this connection, specifying why.
|
|
269
270
|
def disconnect(reason)
|
|
271
|
+
io = @socket
|
|
270
272
|
if @socket.is_a?(OpenSSL::SSL::SSLSocket)
|
|
271
273
|
@socket.sysclose()
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
274
|
+
io = @socket.io
|
|
275
|
+
end
|
|
276
|
+
begin
|
|
277
|
+
io.close_read
|
|
278
|
+
rescue IOError => e
|
|
279
|
+
# Ignore, perhaps we shouldn't ignore.
|
|
280
|
+
end
|
|
278
281
|
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
end
|
|
282
|
+
begin
|
|
283
|
+
io.close_write
|
|
284
|
+
rescue IOError => e
|
|
285
|
+
# Ignore, perhaps we shouldn't ignore.
|
|
284
286
|
end
|
|
285
287
|
end # def disconnect
|
|
286
288
|
|
|
@@ -319,11 +321,18 @@ class FTW::Connection
|
|
|
319
321
|
# * :certificate_store, an OpenSSL::X509::Store
|
|
320
322
|
# * :timeout, a timeout threshold in seconds.
|
|
321
323
|
# * :ciphers, an OpenSSL ciphers string, see `openssl ciphers` manual for details.
|
|
322
|
-
# * :
|
|
324
|
+
# * :ssl_version, any of: SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2
|
|
325
|
+
# * :certificate, an OpenSSL::X509::Certificate
|
|
326
|
+
# * :key, an OpenSSL::PKey (like OpenSSL::PKey::RSA)
|
|
327
|
+
#
|
|
328
|
+
# Both `certificate` and `key` are highly recommended if the connection
|
|
329
|
+
# belongs to a server (not a client connection).
|
|
323
330
|
#
|
|
324
331
|
# Notes:
|
|
325
332
|
# * Version may depend on your platform (openssl compilation settings, JVM
|
|
326
333
|
# version, export restrictions, etc)
|
|
334
|
+
# * Available ciphers will depend on your version of Ruby (or JRuby and JVM),
|
|
335
|
+
# OpenSSL, etc.
|
|
327
336
|
def secure(options=nil)
|
|
328
337
|
# Skip this if we're already secure.
|
|
329
338
|
return if secured?
|
|
@@ -331,7 +340,7 @@ class FTW::Connection
|
|
|
331
340
|
defaults = {
|
|
332
341
|
:timeout => nil,
|
|
333
342
|
:ciphers => FTW::Agent::Configuration::SSL_CIPHER_MAP["MOZILLA_MODERN"],
|
|
334
|
-
:
|
|
343
|
+
:ssl_version => "TLSv1.1"
|
|
335
344
|
}
|
|
336
345
|
settings = defaults.merge(options) unless options.nil?
|
|
337
346
|
|
|
@@ -353,8 +362,8 @@ class FTW::Connection
|
|
|
353
362
|
ssloptions |= OpenSSL::SSL::OP_NO_COMPRESSION
|
|
354
363
|
end
|
|
355
364
|
# https://github.com/jruby/jruby/issues/1874
|
|
356
|
-
version = OpenSSL::SSL::SSLContext::METHODS.find { |x| x.to_s.gsub("_",".") == settings[:
|
|
357
|
-
raise InvalidConfiguration, "Invalid SSL/TLS version '#{settings[:
|
|
365
|
+
version = OpenSSL::SSL::SSLContext::METHODS.find { |x| x.to_s.gsub("_",".") == settings[:ssl_version] }
|
|
366
|
+
raise InvalidConfiguration, "Invalid SSL/TLS version '#{settings[:ssl_version]}'" if version.nil?
|
|
358
367
|
sslcontext.ssl_version = version
|
|
359
368
|
|
|
360
369
|
# We have to set ciphers *after* setting ssl_version because setting
|
|
@@ -370,6 +379,11 @@ class FTW::Connection
|
|
|
370
379
|
end
|
|
371
380
|
sslcontext.cert_store = settings[:certificate_store]
|
|
372
381
|
|
|
382
|
+
if settings.include?(:certificate) && settings.include?(:key)
|
|
383
|
+
sslcontext.cert = settings[:certificate]
|
|
384
|
+
sslcontext.key = settings[:key]
|
|
385
|
+
end
|
|
386
|
+
|
|
373
387
|
@socket = OpenSSL::SSL::SSLSocket.new(@socket, sslcontext)
|
|
374
388
|
|
|
375
389
|
# TODO(sissel): Set up local certificat/key stuff. This is required for
|
data/lib/ftw/server.rb
CHANGED
data/lib/ftw/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ftw
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.43
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jordan Sissel
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-06-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: cabin
|
|
@@ -146,9 +146,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
146
146
|
version: '0'
|
|
147
147
|
requirements: []
|
|
148
148
|
rubyforge_project:
|
|
149
|
-
rubygems_version: 2.
|
|
149
|
+
rubygems_version: 2.4.6
|
|
150
150
|
signing_key:
|
|
151
151
|
specification_version: 4
|
|
152
152
|
summary: For The Web. Trying to build a solid and sane API for client and server web
|
|
153
153
|
stuff. Client and Server operations for HTTP, WebSockets, SPDY, etc.
|
|
154
154
|
test_files: []
|
|
155
|
+
has_rdoc:
|