http_session 0.1.0

data/test/helper.rb

@@ -0,0 +1,84 @@
+require 'rubygems'
+
+# require 'bundler'
+# begin
+#   Bundler.setup(:default, :development)
+# rescue Bundler::BundlerError => e
+#   $stderr.puts e.message
+#   $stderr.puts "Run `bundle install` to install missing gems"
+#   exit e.status_code
+# end
+
+if ENV.has_key?('USE_SIMPLECOV')
+  require 'simplecov'
+  SimpleCov.start do
+    add_group 'Libraries', 'lib'
+  end
+end
+
+require 'test/unit'
+begin
+  require 'shoulda'
+rescue LoadError
+  puts 'WARNING: missing shoulda library, cannot continue run tests'
+  exit
+end
+
+require 'webrick'
+require 'webrick/https'
+require 'openssl'
+require 'thread'
+TEST_SERVER_PORT = 8081
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+require 'http_session'
+
+class Test::Unit::TestCase
+  
+  # start a simple webrick server that runs the given servlet and other options for testing
+  @wbthread = nil
+  def start_server(use_ssl=false, config={})
+    # always run on this port
+    config.update(:Port => TEST_SERVER_PORT)
+    # for debugging the server itself, log debug output to stderr
+    # config.update(:Logger => ::WEBrick::Log.new($stderr, ::WEBrick::Log::DEBUG))
+    # or squelch all server logging for normal use
+    config.update(:Logger => ::WEBrick::Log.new('/dev/null'))
+    config.update(:AccessLog => [ [ File.open('/dev/null', 'w'), ::WEBrick::AccessLog::COMBINED_LOG_FORMAT ] ])
+    # don't ever process any requests in parallel, always run each test one at a time
+    config.update(:MaxClients => 1)
+    
+    if use_ssl
+      # configure server to run with SSL
+      config.update(:SSLEnable => true)
+      config.update(:SSLVerifyClient => ::OpenSSL::SSL::VERIFY_NONE)
+      config.update(:SSLCertificate => ::OpenSSL::X509::Certificate.new(File.open(File.expand_path('../ssl/server.crt',  __FILE__)).read))
+      config.update(:SSLPrivateKey => ::OpenSSL::PKey::RSA.new(File.open(File.expand_path('../ssl/server.key',  __FILE__)).read))
+      config.update(:SSLCertName => [ [ "CN", 'localhost' ] ])
+    end
+    
+    # create the server
+    server = ::WEBrick::HTTPServer.new(config)
+    yield server if block_given?
+    # run the server in its own thread, setting up USR1 signal to tell it to quit
+    @wbthread = Thread.new(server) do |server|
+      trap('USR1') { server.shutdown }
+      server.start
+    end
+  end
+  
+  # stop the simple webrick server
+  def stop_server
+    if ! @wbthread.nil? && @wbthread.alive?
+      # signal server thread to quit
+      Process.kill('USR1', Process.pid)
+      # wait for it to actually quit
+      # note: Sometimes it appears to hang here at this join, when there's something wrong with the server or client
+      # when that happens just comment out to see more debug info what's wrong
+      # you'll also get some spurrious concurrency errors of course, but at least the problem will show up too
+      @wbthread.join
+    end
+  end
+  
+end

data/test/ssl/README.rdoc

@@ -0,0 +1,32 @@
+= How to update these files
+
+These files are only good for so many years, and then they need to be updated... it is set to a very long time because they are only for testing purposes not for actual use of course.
+
+== Generate your own CA (Certificate Authority):
+
+  openssl genrsa -des3 -out ca.key 4096
+  openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
+
+password is 1234
+
+== Generate a server key and request for signing (csr):
+
+  openssl genrsa -des3 -out server.key 4096
+  openssl req -new -key server.key -out server.csr
+
+CN must match host name or IP i.e. localhost, and must be different from CA's CN
+
+== Sign the certificate signing request (csr) with the self-created Certificate Authority (CA) that you made earlier:
+
+  openssl x509 -req -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
+
+increment serial each time it's updated
+
+== Convert server.key into a password-less one:
+
+  openssl rsa -in server.key -out server.key.insecure
+  mv server.key.insecure server.key
+
+that's it! :)
+
+reference used: http://www.tc.umn.edu/~brams006/selfsign.html

data/test/ssl/ca.crt

@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIFzzCCA7egAwIBAgIJAO8zD/BC+rdSMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
+c2NvMRUwEwYDVQQKDAxUZXN0IENvbXBhbnkxFDASBgNVBAsMC0RldmVsb3BtZW50
+MRUwEwYDVQQDDAxsb2NhbGhvc3QgQ0EwHhcNMTEwNjI1MDg0MTU1WhcNMjEwNjIy
+MDg0MTU1WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQG
+A1UEBwwNU2FuIEZyYW5jaXNjbzEVMBMGA1UECgwMVGVzdCBDb21wYW55MRQwEgYD
+VQQLDAtEZXZlbG9wbWVudDEVMBMGA1UEAwwMbG9jYWxob3N0IENBMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1AOLIPgIWKlS+uJhEUjdmLWZZYC308Kc
+Yw+mJu1SchmfEqLPzp7pA2T3zkboHHpFhYx8kj+0vQPLzhcO0IfGckgiJjNdh8+m
+yaUMtgKfx762EkqkmWaLL27OMvGI/ZmAIevuJAiLtKdgv5d+rKBKDMFbEzCauXwF
+5Z6YbW/Ssx8VcG4Hb4SY7ivVMYWLgeh2V53rHRour+c6Vx8Yh2SOUTI+t6FBMH9N
+V3l4bigs0kEJj5ApqIRpoNvVL8dJOUyZKIVxkVmyidmgRqOLAS8ZjQbyVb6CXRDg
+Cm5DDmWiKRbTEBoPGRrDjgqkMwpYH9HPoElZQrbfeUf3LbIA5p6bIx55VXVf63HF
+lOb61KTfyzQ9yBmjwAG7YTCzCZ5yNChgiYdnZJs7ELlU9zKI6cGHPwIJnAq0YPOo
+FtOpQd5BJcVJ14efdAkrrNvbrdkhozRCorkIc91USEQCooXLeBVYuJw7Xl1t/FTx
+Ne3iLtGzdX4h7gowoqsNF3IdE0FG/mG/1AQU44dTOYZiBnubZcPSnC0elWPkrZZb
+AJ6ifDYGITv9gBj0+Z+yArGdcorrieobHWlGgkPTpsfn2E+gdXNY7CcmJIz+7Up9
+2c2spER6J9hKzhIBReto0YCT5aM7wgB0U+phSMQcR0ZP9TxN58Yhl3rFjpEVS81G
+u90GC5Y/uEsCAwEAAaNQME4wHQYDVR0OBBYEFAuZ6H1rDg57x2XJ1TkwCjJeXNVp
+MB8GA1UdIwQYMBaAFAuZ6H1rDg57x2XJ1TkwCjJeXNVpMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQEFBQADggIBAG0jdL4a6hC7j4oNTbNtbNib1ZvN3OzXH242Fa1o
+N28LuMCYWOFzans7EPCdvxGzXI25cNXpv3qFv6HxVOVjF8Stl9T5+AQ4H0lcWjXv
+1a/MoBn2MuxoDd95jPSTz8IycGKrJu0PpkOH5DKRbFq6ocQDQNN2Mhvzv6FciAxo
+5rPE2R/XAk/QM0JbYBe/2wERc7S+yvrasrc4OQxoNmN9Q2AEXp62FKXxl3ksY8B1
+VmN0OM3uNEXAtk5akc1/wZZ8vTJKwk3LwN73Pba4nD78qJWScCfbmrOkPncp4Tk9
+84Vf9Ka8PsuKaCwV5Eo4fyeukhZpbyyyawiBYN+gm7/FVyQcr44l9wSvf5TOkaXm
+IkSt1Izso/X2/Vlx+H48ItAMZxVLNcOjDTqNs1xNvqseLD1JwSIGygjZFB7BVx/a
+K8+pVMYZNPd9e0xXTuok0ChaTUVWKxCo2qnd+6gZ4MLUNEygAZfjpzWr5RKOYgYx
+BTGuoMEQTm0n995845pI4iCqgTOgdahBFPhXGgBU9pd2Ggwi5oczsJf5p7z5SCDp
+DFlbKuip32r4MXSS+vOIbb2+gPxa4kSK8SyPIkbAs1ysZkZqT9qtWE7tGvJrQjbi
+mDwSIqPcSLNjp1tHWnqQjwsY6/XTbL1V/rsaGxsJan9C9fjNkdyNrSt3uZz4zqTs
+I4rJ
+-----END CERTIFICATE-----

data/test/ssl/ca.key

@@ -0,0 +1,54 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,5083380FBB8F8A0E
+
+4sPl5JJ3ceXW+xqKmozeI5hxiAeIcmvfLoMO4IHpKNDGMt/yO4zlEN8IPt3i1tgL
+xE5NjtqwyL/zzp1s5OsOXVkwHwpznDUsMYF30gpRTLoVCxV91Px56AFJgQGJ31lm
+LU7Qq/XrRVx0Z1CMjwr7dMrDIY3+KF+4PEMvYz5Ms0C95yXZkzyt6MQOW7qSdvHG
+MmMMX3tgAxIv9uvm3j/S78upaMnefcp2LpID6MUgtwLxl7r3VNsB/u/GJYaDGRYK
+4+ByEfZsC+ktv0HXBTYJJUXt6n8o3unDF4NvNhksQG5Lhn9+hrAShqng3ItdxVbS
+Dof5ARGknjrYAB5tHNitnhDZ60EGkguST9z/D3ux3Pzm6EooRPJLsAMRpT/N9ld+
+AYFqf6oiJFFfM0zu7dIy5OcgNNpJqnl+5Zx6OK20TlsPZuTib7mDdqSIjPsTu9fK
+9Bsuf2DEVYFg2MF3vlmFH2AkAYz9Ic+/PXKUeNRGX0dDRsmCgn7ZgattfY5ex83L
+Z8tCT8zyBj+BQajtE+B8bku7Sz6V35qvPdrvn5A7JJMVNopqfIIAHOb0S6OWy9Wq
+SsiD90B9QzFGat+3eoP4/pFiPnkpyZptzdxlyVWHvP66klQYnV9foW/cdsbCIQ6b
+/xiMEQBmJIU+0OPykh8NAG4SypN2PwnZwlyoX6MmYBkvuYCh6i0euo5kiFSeGD+X
+oCbMGkrXFAPb1AGZBbLOc3p0eolPrelD3VygmB5JTWfM79JcFVXtLBp3/7lu5xKM
+WGDlwUkMlXV87andaqItNuWJU7RdTrFt2eh5d9jEANxj6zYC3O/U9YECzzo4ZSrR
+Onmr4QUNDIjO5svjZuKL/pipQSz3D0/X2zaAiq+BJEabZNPwfhAHl+MtJG5yqRHU
+ERIXvdvrACVv1swsS5SrIIwyyzsjmYXMlCoIp04MdIiTFtjUHHWGch6HHUA/CKQs
+6bq7EaC1enJpi445ddkfYeB+1Pxm1qMYf1La1QC7lt5Vsj4w5fXZ+SAyW9zxx4Kg
+VCX6y4ZPfNgkfJWcxRU5VigqBOVxcumGRzCBbdF5WMaGKTw4ww2M0XtBsb6JGdX6
+nt9CHZVH+IyT6NS3oL/5Y3OS0v6TPigyqLusnG9EysZB/9zdhNB3WmnSrEPzAJvi
+5kKq7cQxy188h+FvLG2qVZFs4GDAK9733BPWlEKYDp8HjsRKoeIymSkc5wbOYUcV
+t+cG+kvet22B5jnPvdZbMr/cOTnAuq7gmir2CjF8MjS/Gv1vLjBg875e3RATlHWE
+nYS5aGP9a/fmrzeKnaf4SK26CPQe+ohgudkM1EMwbzcX/GjZQuBv+FS+8aY9M2qL
+ZhUsRGQ6qIYxQtWy4qYmV3uc4sC4zw5Ju+L9Yu6jAEMGoK3hlghG4puLZkX3vlAh
+XwRFtNPYHONXyARR8TN2nckmMTIj7fKFV/0Bm7xYvvTm0Zz8i0D4q9I5v9efvlLF
+cgfY41bQMeg92maJDHLDndoHC6C8L1XJnsz7CiK3YL/B0PjkKz5jO4Vx50roUgbG
+4OlQrRMhGxZuovT6Oq0I1jlJYTUqjTCCuMxkEpmpPd5TDpVGjr65YqWp4o/DXdr8
+eMSxJvz8w96dY0oFIhESzWbk+e1yT4hMCr5x7ITsHzXSf0zmbliMLgFIreUiOWFJ
+6k4r7mLuBMDWfLRJWi5J0ZX3J8MA9HzIjwzjPoCcu5Wf1Y+ROiO/QF5DaIlA1mup
+H+iyeMtdHqPiT2c709Moj7wSgy2tLmsp5+QV5/E1YWJmJiuxeUD578tfRjpb6R6P
+wPZoPMGfkMpYOKNnF45mjiJlIfi8Paveb8NoJ6Vq/yUDsS1DpkptuWzomuIlH3po
+0ooMvNYtuPTAbfYsVh2GozW0kGOJBRhGHZIY64kMQ3gNp1cEUg6LyEEPF16i6Tqu
+aC2aIWHy7zMH1+A396YTcCbVYHr/ZvvjycDf8lwX87pmg2+FotykAmq3nwdJoFRd
+8pzPrTKjE+HbUJqEShzZC/Lf3ft1lUSTM5U7xhB6SjKSc1/aATosdCWySLi5RbCi
+VUYBGeqzY77WunxOCmciUjrvLlEP8vsqW3CG8drhOibFqcdvyR1aEGUtL7AJecXR
+dnLF46//lEE/iNOHrq6CK7v10lGTb0lO2i+A82A6c3sM0NK1chn1hiwNiZx2cIET
+KS31GbRdlFsT97wy993kZ+DSTEzlRPP1KciFPN8mdB/wF5LwhMTTYaIxRVXWMrFj
+vDeWKbXYcZAHjrX2QD/G9J4YuqtEGj/z9/wo0DRZQ/FbSFIyK+iDVGtE5hOJ0D2s
+PS6MYksjuwC3SCYkB+gS5CZ3bVbZrPiqFnnWz8KZzpOgeOepTrDn5N2B5suSBB1k
+Ecn8HgPKCuN5V78so5BA68KjQAAfiu3naDUCNQTvetH025Pj+GSekwcYf6iU4wGv
+Na9V8WeGOA1FtTuCvj4005KiVSYjyzJzohIYgSUDNIk+4nuWQN6pTQfndcmkt7GF
+nNcOmyPTosyVPBPGwIjTsgYC1/t7f0RVN24Fzc/58eCXfQovS/h7jXMCWNqvisM8
+wLbTQqcvHeJZf0zp2ekEUuNmbCpcWU7I3BQ+nqQ0UwW03dh5L1SG3AmnQmgy0krC
+zMT54WN73o4CxqthpsG3h19ij/VHLfL/IROZgIPn0YzeJpdFDlmU3Csq8s0jiNBa
+/fwnsAt/vmstD16pz7k8IYsb38UQUVn0XLc6nM7WHbEbuk67cJ0STsHf/MfSxD7Y
+i5pJa8OPaYUTPWsGCKOC9OLUStVI/lko6J0FFqNAreO0pnfy3BgFS/B/NmeN2JtG
+pOeXBlB52tIKrB7sHe9L361a+CQtXLhy5G41HwoWcTqinUXdC+vqYKkTzmVQR0aj
++qT9k8taY69plZsG0QjeazHDDtkmZ4drzDNGUCOgHTzVtWs6iuKxQqLPcPgMOEn5
+L3aZrhrM/M8f1DPokJgVYpdoJ2hv8x3X9TqHLMYXF+5GaQ5FefWbxP5BkxP8Bh8g
+fei75Cyy4gvU+P1M/38RPFsFlugVnE4pYK58218KuC69UGQuc+i1/dC577u6hVDW
+lyvHdOb/aB6awjmd0zD9jgji/Ee6FOqLLkMoFMKKSA6wTd3cgnkOb5qam9oVMixV
+-----END RSA PRIVATE KEY-----

data/test/ssl/server.crt

@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFVzCCAz8CAQEwDQYJKoZIhvcNAQEFBQAwfjELMAkGA1UEBhMCVVMxEzARBgNV
+BAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xFTATBgNVBAoM
+DFRlc3QgQ29tcGFueTEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxFTATBgNVBAMMDGxv
+Y2FsaG9zdCBDQTAeFw0xMTA2MjUwODQyMzJaFw0yMTA2MjIwODQyMzJaMGUxCzAJ
+BgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJh
+bmNpc2NvMRUwEwYDVQQKDAxUZXN0IENvbXBhbnkxEjAQBgNVBAMMCWxvY2FsaG9z
+dDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANJpbZZ8Op7qqGUM9Nfr
+2xXP2m1sLwJBd3TuJW5T7RL9BuyzxLu8tbEz++eWqy3sEKKgzMaBermBLMVp2E1/
+8dI7Ek2vDUYHGnlK3qf9fbdnUPiBdNRAyVU/pxoUHRRFXQ4Y7kNl2ed45pAV+OE4
+1Qc4LLRF3cwQqbrgMCmt8KgzCy/eJfkH44fRjpUSFzu/O20sn95MuamK72SPewSg
+TOHSQyEL1GzHn4d1Yct5Zan9j00uCOrcaUulpxqGz4dBrhhC48UKVgVfHBC9qJRr
+YEyywW4MQnKFFBBc7AEtfIgMbeKThkGnH9B0Z4WI2rGjZVXv+g2nyIvL0VEdeu2N
+zfQxrrPg1j5sQ6OLu2nO2iiQMVz37ud/9KfT+4tuiRaPQGi9RCrhy0fZJQLr+c2I
+M/UrmrJ9oA7FXwvZTc81fOX6fWPKix1oPxSIsykSPSZnqfyc/01/anEH1PMbPZB6
+NYtA4549adFlv7yIyJTm3o9/H3U9UdN+7wco4TqspdZ4tGEKLTjOB58L1bfFPLlH
+NgOfNKExcnY/pdwGgp42AxF8cbk8BOvNsHVrgUEYbpykpBYifJbYihSnmgwxbRUN
+MTCrbd5oGrs+eGkTDe/TMZO1BoWnhm7TVsNdJFuzqapnOLjM0EDHqgX+en2A7430
+N5H777EGXMHWrLSTns7V/hrJAgMBAAEwDQYJKoZIhvcNAQEFBQADggIBAFxLZ5XL
+4GP0rKRQvahUyaamyN1GMH81t6hQ0SNpsJpq7Ekl7snHdYeBORqcpUhVsrp3I1At
+0C8hOFcdANo5V67VqgJkK2X+TW9vyz3Z2yZG3pOCEuHpJs3w1atA/6en/8LnTCqh
+SWCqOqeaM9Vs9yb/pv5WH3ir0Ua7X7N9U7xujUwblMWjsBouhBfEQrg1CVvwAu8G
+XRU42Vmkj787RBAIAxIbfADbcxPpTHL3ZFmZwTIYSx87AV0caUQY2x51Y+VBXJ5o
+7J/l+beLjlAMf65X6nGp4wzpywzblwzCMMgYdHgJlXOtSQ1INnPvh7oohGHjJGQQ
+HsKNAWQQjiFQTk6Yq0TvOW/fCTjcIF9ziwMa5blCbVGIZ7u70moN6FhOvAULb0pa
+2ABtGQZzhjZL29qnDKwCeVAOGUaXfueLM7VERUlqoWjkXeyPvOH3pEb0YarYKeE1
+wW2Qdz8UrhUqNoa1lV2ABAvMIZfJ/FUaiuoY8ifvpaMgcr3uQEq6ll/52sK2Fh41
+zfcjjmG4Ne1TRNwK+OzGAsvSutGHCgVlyFtzgGwaZrLkpcDCp/eeU68xG1T3MQuH
+UbxQXzxVIgnCAWfY5grs0kC00tWXZWkXfeNQ8qK+QCpn/W8/gQu1bnhHR2gnKuRR
+IpLcSuP5rwtQcfwJwlc2TF6BLDc36qitzJO7
+-----END CERTIFICATE-----

data/test/ssl/server.csr

@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIEqjCCApICAQAwZTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEx
+FjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xFTATBgNVBAoMDFRlc3QgQ29tcGFueTES
+MBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEA0mltlnw6nuqoZQz01+vbFc/abWwvAkF3dO4lblPtEv0G7LPEu7y1sTP755ar
+LewQoqDMxoF6uYEsxWnYTX/x0jsSTa8NRgcaeUrep/19t2dQ+IF01EDJVT+nGhQd
+FEVdDhjuQ2XZ53jmkBX44TjVBzgstEXdzBCpuuAwKa3wqDMLL94l+Qfjh9GOlRIX
+O787bSyf3ky5qYrvZI97BKBM4dJDIQvUbMefh3Vhy3llqf2PTS4I6txpS6WnGobP
+h0GuGELjxQpWBV8cEL2olGtgTLLBbgxCcoUUEFzsAS18iAxt4pOGQacf0HRnhYja
+saNlVe/6DafIi8vRUR167Y3N9DGus+DWPmxDo4u7ac7aKJAxXPfu53/0p9P7i26J
+Fo9AaL1EKuHLR9klAuv5zYgz9Suasn2gDsVfC9lNzzV85fp9Y8qLHWg/FIizKRI9
+Jmep/Jz/TX9qcQfU8xs9kHo1i0Djnj1p0WW/vIjIlObej38fdT1R037vByjhOqyl
+1ni0YQotOM4HnwvVt8U8uUc2A580oTFydj+l3AaCnjYDEXxxuTwE682wdWuBQRhu
+nKSkFiJ8ltiKFKeaDDFtFQ0xMKtt3mgauz54aRMN79Mxk7UGhaeGbtNWw10kW7Op
+qmc4uMzQQMeqBf56fYDvjfQ3kfvvsQZcwdastJOeztX+GskCAwEAAaAAMA0GCSqG
+SIb3DQEBBQUAA4ICAQAkJp5VaLvvcsC5xo6XN5MYNMSfkT4sv8MynAIpJOd6ScIt
+iuL9aD4vSQ2OOfa2MLsGFMgdH9pp54JvQ65EoPDWCp42YdxMViFmSrmuqWaQTKlN
+AyVoLVUGzpTWrmrFD88V/f4ntN8OCHIYcyTLAE2kokzIrKdMRqS47JYZkSOrICnF
+OKIJIoqD/poJ29MPlPbWjP9Z7pwsRuP39BFRi9FkOQtoHkrUXzswdy88BjKovklR
+5CvFtaOUxoj/xdwMgf2mMVHThIHsJR5VQm09PBfGakNICZwx0E44Bi0GF2v5nvje
+F4qKx8/wYFRBJ7G5FyarSWlZsQagtusN8aaDp588oCmHJ9CkISgGFbBR+6iMKxi2
+60infnxNo2jA4CKu2vZHU0Q7NP7xGX0sgv/RGZdg9bt7v4h9CnORbtlXEi/xZmYa
+xJFyrIgHq/6MP12WpAHwYVCAqhRl7DUqP8I3wExM8jEGotQ/7t2PNfXmqz6QCDZV
+g+a+5ztmw0PcG140o3uT7xahYTmAY7df8WryejNIZO/W5NKK/ZSD/ID3ETHT8yF4
+kNwKdWuAIl+AH047O5XYswwkgok/vHQh2ae0GsjpX5372uDiACjodu+ma2omQZqM
+G0kE/vg9HJPoYt2AhsnpUiDwzI3ENjCu03AIUSyt4iC50OezK8XKmv+5uKn+NA==
+-----END CERTIFICATE REQUEST-----

data/test/ssl/server.key

@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJJwIBAAKCAgEA0mltlnw6nuqoZQz01+vbFc/abWwvAkF3dO4lblPtEv0G7LPE
+u7y1sTP755arLewQoqDMxoF6uYEsxWnYTX/x0jsSTa8NRgcaeUrep/19t2dQ+IF0
+1EDJVT+nGhQdFEVdDhjuQ2XZ53jmkBX44TjVBzgstEXdzBCpuuAwKa3wqDMLL94l
++Qfjh9GOlRIXO787bSyf3ky5qYrvZI97BKBM4dJDIQvUbMefh3Vhy3llqf2PTS4I
+6txpS6WnGobPh0GuGELjxQpWBV8cEL2olGtgTLLBbgxCcoUUEFzsAS18iAxt4pOG
+Qacf0HRnhYjasaNlVe/6DafIi8vRUR167Y3N9DGus+DWPmxDo4u7ac7aKJAxXPfu
+53/0p9P7i26JFo9AaL1EKuHLR9klAuv5zYgz9Suasn2gDsVfC9lNzzV85fp9Y8qL
+HWg/FIizKRI9Jmep/Jz/TX9qcQfU8xs9kHo1i0Djnj1p0WW/vIjIlObej38fdT1R
+037vByjhOqyl1ni0YQotOM4HnwvVt8U8uUc2A580oTFydj+l3AaCnjYDEXxxuTwE
+682wdWuBQRhunKSkFiJ8ltiKFKeaDDFtFQ0xMKtt3mgauz54aRMN79Mxk7UGhaeG
+btNWw10kW7Opqmc4uMzQQMeqBf56fYDvjfQ3kfvvsQZcwdastJOeztX+GskCAwEA
+AQKCAgAt1L8FD0wpf01srVTLj1kqOBsIyI64vA/MDW9jx64U+749Yq7QgbtFvN/6
+wsvIdentsn7IIj3cGDHrUjHGN78xnqJO/3kxrqxqjQ9Qoht3Dm8JohEThoUUJ4g7
+WvQ2jSFGx9FmJtI+5Au8iLysOhfUubyrC6jTITIHPXvgKD4KNQwTwhydUMWTuOaI
+u+cJoY7NKfIslqO+NUANtF8EU/JLIeRzV0NO6nBqLfw+ONQXId7L3eIdXiMlUhDC
+62hausi0CiXYrnasNtpDHzyQD49rRWhykwMKNMh5A/R4ETNV4vcwahfNRxzb5+8A
+nB2eocuZ22qo/MnnAV83fudexQt95soYaOIql6OUvk/fWEC9QJUuw910y0lqpyPx
+D8fyIPVeR9PZ3l6UVVgfxVsYEcWwo/W06jWXQpPr96s4jO3I4xm7V8fzmQE5nas7
+5dh4jrVlyv2wsK1j9gW25eCzAKDvCnk7o5qpU2mBZn/GY86IsrA46JfMNDMf3CoK
++J4fcJHDsO7H1ZYUJ1AktMn+0tmiNVYI94kg5DV8p5H9hR9WxJeT2DJqNX0zYcSh
+iy1TWCheCwWUUzy4yzwA5nK1ZRCHvWMpQBURy4KkwgX84s5N7RAGlxdvCvIBRCN/
+jM7btop76Twl8mSzn7xbkKaS66zVM8k7SAD7yi+7LlepjX8STQKCAQEA+nDvgzXM
+l/thTHCpDoYh1+ThM49EDidQglRxCZIp3EGQevDzklBtWNgA8kNQJGERPTr3ceNo
+LDvWkkPxOrA/sdgCWkX6donnwZA6mx0dbSKuA2FhVY6et9y60T+arstSYf2PXsjt
+gIHoE1GDFyLujepn2ORTqU7a1FHCUn1G9lkVoOL7gCdcwl5yO0jt4bxekPG27ir7
+W4UNp9nJavA+xw5mFr7oY0jjRhBprXgIQmaTp8w4eJCUGNiWcO58DUKunNabWlK0
+U6Gyuk7+xcEjMdFP4gwOZXsnUxK8QeQq0iW2XYbRh5cV2DmUWGEfUDm1Uwpg7nFq
+51jgIscQwKTgawKCAQEA1xUJX8Af4HlRXfcQTUQFQvPQcq7I7hhXAQyVukqxgKpR
+87PUOWVSHmA/jOCN1lnizsBExrhNbhgPyTbN7TMpExFVAGDD4TZNdFu8CPilX36i
+3MTcm85uhfSCU1xKz6qSw4b9qA01ooOhWTLoEeQKp+omyhRtc+aB0FtVzO5LNMpx
+AVbZ0h5rwpCu2GYJnDxY3/0c18Q3q6YgN42SHVrPVpp/iPFlY0cT6cs9CD3tbr68
+CeTxfHzq/lLFtYa5bW9GEjKAGE10P0eLdLDUYW+jJmcyYT9fiykGQa9ICAK2vQtc
+m/CpJc7KaNvVG9I129vYKlBNeI7TGmBXPv2Vf0UumwKCAQAGse41O8L0bSv0ty5N
+zRgqhVvf3PycxEBKu6cp8lZcJQSPxNE+IBhMP7oGv/XsgwvK70CeMs4eIJtj3Z0d
+TIjnYDbv4t8HPDiN3CU08FpRCJROUtQfTWjA0Y3M+j5QXe8d34Ftr0FqJg7mNU+j
+1rM56AJOsgvqgskm0+i1+9Nh0o/ZdTfz/RlluNCk9RYm6ro8dbnGNC/0CmKLEi9o
+RHPpLmFcSk48GT66KMYqdQMDg2p/Gd6ImpTa9S9QZY+7awTv/Gy6xWs8sR3uDR6S
+es9ODaJtEJVx8RDkD6QovsjGRWvSpEAFt+xFk4R7uFz18BUA204sEawh8yZKx7eS
+7tVxAoIBAB7JdxcKpEV4eCowJFg7BVnJFqxj0oUqXMHcsE4DRRc6yhJNSnKQy0ln
+05Dxz7vAEBQyN2YOmZ7JuPC/dIigix+cmoM8Vq2VHU8rlmXeWaWqtdtOHpn62Z05
+G7KdAmRpcSql1wdIJMZHe0AOZmOxNclFXhoNBIHTm/9cI5L7BS7gT362lOVbz2cB
+WNXG/Vcs2DfvvkIwZxud4vywuhqTlhw6b0kF7NJiKTqNCgZ0/ticWsQ7zklYhDa1
+WHGcgExm4ivWqLlR1PL95btlWHE+Dqd/nBmJfb6ot6mNUo06/jdfOflkYIH18MlD
+tmSOGYGIHZApAH3iS9t5sONmXxDhsUMCggEAF3u3Xr9g4CFj2XloYueziB4hRWVP
+kfIC7Oao/se39+Yka3nhu/mFSNB2AMc0tpiuLsKv79IL1BjWzswq52taOp20DMmi
+TaH+HEiqTSrGSvhMgLKqD2F7EVgEX2Yz6CgFwOUSI1TFcNmsYyeGmEzWc8iILLBT
+KnZ6/u2fBj+OLjsg0kIQ78Fq/kKWR6gelaO3AFGaOWtlajtDXlrJbg4yOdu+bAhM
+/f9hv0QdU7Mq3npus5D7fPahhUbownSkw/SaWLkJRQVpXRasluuQrymRdCwlGSqZ
+YsSQVQWbZ3XYYMi5J4Kj1nGcPxFDaJF/pWtlS9G0Yatzs3QuEV6jdUANaw==
+-----END RSA PRIVATE KEY-----

data/test/test_http_session.rb

@@ -0,0 +1,292 @@
+require 'helper'
+
+class TestHttpSession < Test::Unit::TestCase
+  context 'simple class methods' do
+    setup { @c = HttpSession }
+    
+    context 'key' do
+      should('defaults') { assert_equal 'http://foo:80',   @c.key('foo', false, nil)  }
+      should('port')     { assert_equal 'http://foo:8080', @c.key('foo', false, 8080) }
+      should('ssl')      { assert_equal 'https://foo:443', @c.key('foo', true,  nil)  }
+      should('ssl port') { assert_equal 'https://foo:444', @c.key('foo', true,  444)  }
+    end
+    
+    context 'port_or_default' do
+      should('defaults') { assert_equal 80,   @c.port_or_default(nil,  false) }
+      should('port')     { assert_equal 8080, @c.port_or_default(8080, false) }
+      should('ssl')      { assert_equal 443,  @c.port_or_default(nil,  true)  }
+      should('ssl port') { assert_equal 444,  @c.port_or_default(444,  true)  }
+    end
+    
+    context 'get' do
+      setup { @i = @c.use('foo') }
+      should('work')     { assert_equal @i,  @c.get('foo') }
+      should('fail')     { assert_equal nil, @c.get('bar') }
+      should('nossl')    { assert_equal @i,  @c.get('foo', false) }
+      should('bad ssl')  { assert_equal nil, @c.get('foo', true) }
+      should('port')     { assert_equal @i,  @c.get('foo', false, 80) }
+      should('bad port') { assert_equal nil, @c.get('foo', false, 8080) }
+    end
+    
+    context 'exists?' do
+      setup { @i = @c.use('foo') }
+      should('work')     { assert_equal true,  @c.exists?('foo') }
+      should('fail')     { assert_equal false, @c.exists?('bar') }
+      should('nossl')    { assert_equal true,  @c.exists?('foo', false) }
+      should('bad ssl')  { assert_equal false, @c.exists?('foo', true) }
+      should('port')     { assert_equal true,  @c.exists?('foo', false, 80) }
+      should('bad port') { assert_equal false, @c.exists?('foo', false, 8080) }
+    end
+    
+  end
+  context 'simple instance methods' do
+    setup { @c = HttpSession.new('foo', false, nil) }
+    
+    context 'cookies?' do
+      should 'empty' do
+        assert_equal false, @c.cookies?
+      end
+      should 'set' do
+        @c.cookies['foo'] = 'bar'
+        assert_equal true, @c.cookies?
+      end
+    end
+    
+    context 'cookie_string' do
+      setup { @c.cookies['foo'] = 'bar' }
+      should 'one' do
+        assert_equal 'foo=bar', @c.cookie_string
+      end
+      should 'two' do
+        @c.cookies['one'] = 'two'
+        assert @c.cookie_string.split(', ').include?('foo=bar')
+        assert @c.cookie_string.split(', ').include?('one=two')
+      end
+    end
+    
+  end
+  
+  context 'bad request type' do
+    should 'fail with message' do
+      begin
+        HttpSession.use('localhost', false, TEST_SERVER_PORT).request('/', {}, :foo)
+      rescue ArgumentError => e
+        assert_equal('bad type: foo', e.message)
+      else
+        fail 'nothing was raised'
+      end
+    end
+  end
+  
+  context 'server' do
+    teardown { stop_server }
+    
+    context 'basic' do
+      setup { start_server { |server| server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' }) } }
+      should('get_request_url') { assert_equal 'pong', HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/ping").body }
+      should('use/request') { assert_equal 'pong', HttpSession.use('localhost', false, TEST_SERVER_PORT).request('/ping').body }
+      should('post_request_url') { assert_equal 'pong', HttpSession.post_request_url("http://localhost:#{TEST_SERVER_PORT}/ping", {'foo' => 'bar'}).body }
+      should('use/request post') { assert_equal 'pong', HttpSession.use('localhost', false, TEST_SERVER_PORT).request('/ping', {}, :post, {'foo' => 'bar'}).body }
+      
+      should 'close' do
+        assert_equal 'pong', HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/ping").body
+        sesn = HttpSession.get('localhost', false, TEST_SERVER_PORT)
+        assert_not_nil sesn
+        assert_equal true, sesn.handle.started?
+        sesn.close
+        assert_equal false, sesn.handle.started?
+      end
+      should 'delete' do
+        assert_equal 'pong', HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/ping").body
+        sesn = HttpSession.get('localhost', false, TEST_SERVER_PORT)
+        assert_not_nil sesn
+        sesn.close
+        sesn.delete
+        sesn = HttpSession.get('localhost', false, TEST_SERVER_PORT)
+        assert_equal nil, sesn
+      end
+    end
+    
+    context 'redirect' do
+      setup do
+        start_server do |server|
+          server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' })
+          server.mount_proc('/redir', Proc.new { |req, resp| resp.set_redirect(::WEBrick::HTTPStatus::Found, "http://localhost:#{TEST_SERVER_PORT}/ping") })
+        end
+      end
+      should('work') { assert_equal 'pong', HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/redir").body }
+    end
+    
+    # context 'redirect without host' do
+    #   setup do
+    #     start_server do |server|
+    #       server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' })
+    #       # note: webrick is smart and converts this to a properly-formed redirect with http://host:port
+    #       # and it does it if I set the headers directly too... so there doesn't seem to be any way to
+    #       # exercise our bad-webserver-redirect-handling code using webrick...
+    #       server.mount_proc('/redir', Proc.new { |req, resp| resp.set_redirect(::WEBrick::HTTPStatus::Found, "/ping") })
+    #     end
+    #   end
+    #   should('work') { assert_equal 'pong', HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/redir").body }
+    # end
+    
+    context 'redirect 10x' do
+      setup do
+        start_server do |server|
+          redircount = 0
+          server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' })
+          server.mount_proc('/redir', Proc.new { |req, resp|
+            where = redircount < 9 ? 'redir' : 'ping' # add one for the last redirect to the ping
+            redircount += 1
+            resp.set_redirect(::WEBrick::HTTPStatus::Found, "http://localhost:#{TEST_SERVER_PORT}/#{where}")
+          })
+        end
+      end
+      should('work') { assert_equal 'pong', HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/redir").body }
+    end
+    
+    context 'redirect 11x' do
+      setup do
+        start_server do |server|
+          redircount = 0
+          server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' })
+          server.mount_proc('/redir', Proc.new { |req, resp|
+            where = ((redircount < 10) ? 'redir' : 'ping')
+            redircount += 1
+            resp.set_redirect(::WEBrick::HTTPStatus::Found, "http://localhost:#{TEST_SERVER_PORT}/#{where}")
+          })
+        end
+      end
+      # should 'fail'  do
+      #   assert_raise(Net::HTTPError) do
+      #     HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/redir")
+      #   end
+      # end
+      # assert_raise can only check instance, not message... so we do this much longer thing instead:
+      should 'fail with message' do
+        begin
+          HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/redir")
+        rescue Net::HTTPError => e
+          assert_equal('Redirection limit exceeded', e.message)
+        else
+          fail 'nothing was raised'
+        end
+      end
+    end
+    
+    context 'sent cookie' do
+      setup do
+        start_server do |server|
+          server.mount_proc('/ping', Proc.new { |req, resp|
+            resp.cookies << ::WEBrick::Cookie.new('foo', 'bar')
+            resp.body = 'pong'
+          })
+        end
+      end
+      should 'be received' do
+        assert_equal 'pong', HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/ping").body
+        assert_equal 'bar',  HttpSession.get('localhost', false, TEST_SERVER_PORT).cookies['foo']
+      end
+    end
+    
+    context 'sent/expected cookie' do
+      setup do
+        start_server do |server|
+          # set a cookie when you go to /get
+          server.mount_proc('/get', Proc.new { |req, resp|
+            resp.cookies << ::WEBrick::Cookie.new('foo', 'bar')
+            resp.body = 'hereyago'
+          })
+          # check if the cookie was sent back when you go to /check, and return 'set' or 'BAD' in the body indicating
+          server.mount_proc('/check', Proc.new { |req, resp|
+            resp.body = req.cookies[0].name == 'foo' && req.cookies[0].value == 'bar' ? 'set' : 'BAD'
+          })
+        end
+      end
+      should 'be received and sent back' do
+        assert_equal 'hereyago', HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/get").body
+        assert_equal 'set',      HttpSession.get_request_url("http://localhost:#{TEST_SERVER_PORT}/check").body
+      end
+    end
+    
+    context 'ssl with self signed cert' do
+      teardown do
+        # make sure everything's forgotten about these, since we keep changing important ssl connection stuff here...
+        sesn = HttpSession.get('localhost', true, TEST_SERVER_PORT)
+        sesn.close
+        sesn.delete
+      end
+      
+      context 'with verification disabled' do
+        setup do
+          HttpSession.ssl_verify_mode = OpenSSL::SSL::VERIFY_NONE
+          start_server(true) { |server| server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' }) }
+        end
+        should('work') { assert_equal 'pong', HttpSession.get_request_url("https://localhost:#{TEST_SERVER_PORT}/ping").body }
+      end
+      
+      context 'with verifying ca set' do
+        setup do
+          HttpSession.ssl_ca_file = File.expand_path('../ssl/ca.crt',  __FILE__)
+          start_server(true) { |server| server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' }) }
+        end
+        should('work') { assert_equal 'pong', HttpSession.get_request_url("https://localhost:#{TEST_SERVER_PORT}/ping").body }
+      end
+      
+      context 'with default ca bundle' do
+        setup { start_server(true) { |server| server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' }) } }
+        should 'fail verification' do
+          begin
+            HttpSession.get_request_url("https://localhost:#{TEST_SERVER_PORT}/ping")
+          rescue OpenSSL::SSL::SSLError => e
+            assert_match(/certificate verify failed/, e.message)
+          else
+            fail 'nothing was raised'
+          end
+        end
+      end
+      
+    end
+    
+    context 'when monitoring socket accepts' do
+      setup do
+        # start a server that counts each time it accepts a socket connection
+        @acpt_count = 0
+        start_server(false, {:AcceptCallback => Proc.new { |sock| @acpt_count += 1 }}) do |server|
+          server.mount_proc('/ping', Proc.new { |req, resp| resp.body = 'pong' })
+        end
+        # make sure client connection is fresh
+        @sesn = HttpSession.use('localhost', false, TEST_SERVER_PORT)
+        @sesn.close if @sesn.handle.started?
+      end
+      teardown do
+        @sesn.close
+      end
+      
+      should 'still have an open handle and reuse it via keepalives' do
+        assert_equal false, @sesn.handle.started?
+        assert_equal 0, @acpt_count
+        assert_equal 'pong', @sesn.request('/ping').body
+        assert_equal true, @sesn.handle.started?
+        assert_equal 1, @acpt_count
+        assert_equal 'pong', @sesn.request('/ping').body
+        assert_equal true, @sesn.handle.started?
+        assert_equal 1, @acpt_count
+      end
+      
+      should 'disable keepalive with connection close' do
+        assert_equal false, @sesn.handle.started?
+        assert_equal 0, @acpt_count
+        assert_equal 'pong', @sesn.request('/ping', {'connection' => 'close'}).body
+        assert_equal true, @sesn.handle.started?
+        assert_equal 1, @acpt_count
+        assert_equal 'pong', @sesn.request('/ping').body
+        assert_equal true, @sesn.handle.started?
+        assert_equal 2, @acpt_count
+      end
+      
+    end
+    
+    # TODO: test retry_limit
+  end
+end