httpclient 2.8.2.2 → 2.8.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/httpclient/jruby_ssl_socket.rb +6 -1
- data/lib/httpclient/version.rb +1 -1
- data/test/test_ssl.rb +135 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 76aaf8605d32987924b266d0ac33d7f6780dcfc1
|
|
4
|
+
data.tar.gz: 9ca40eda6f563b3074b229eea7339001e0a7b603
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fd44ec70d82b57616b112eb40fadd6c85a49eea6b56b3fe080ec737dd232313c32d87956c68c0d66a9afdaf335878ebac56f1602a702555662946ada92eb5a43
|
|
7
|
+
data.tar.gz: fe7f8c13ce11220231943a43634f0cba2895e92330d483b9dde8fc2138b017371d4db2f43f9db053d2a5038b514984c6263251265d6ad831f0fdfc1f09644741
|
|
@@ -455,6 +455,7 @@ unless defined?(SSLSocket)
|
|
|
455
455
|
|
|
456
456
|
DEFAULT_SSL_PROTOCOL = (java.lang.System.getProperty('java.specification.version') == '1.7') ? 'TLSv1.2' : 'TLS'
|
|
457
457
|
def initialize(socket, dest, config, debug_dev = nil)
|
|
458
|
+
@config = config
|
|
458
459
|
if config.ssl_version == :auto
|
|
459
460
|
ssl_version = DEFAULT_SSL_PROTOCOL
|
|
460
461
|
else
|
|
@@ -527,7 +528,11 @@ unless defined?(SSLSocket)
|
|
|
527
528
|
private
|
|
528
529
|
|
|
529
530
|
def post_connection_check(hostname, wrap_cert)
|
|
530
|
-
|
|
531
|
+
if !@config.verify?
|
|
532
|
+
return
|
|
533
|
+
else
|
|
534
|
+
BrowserCompatHostnameVerifier.new.verify(hostname, wrap_cert.cert)
|
|
535
|
+
end
|
|
531
536
|
end
|
|
532
537
|
end
|
|
533
538
|
|
data/lib/httpclient/version.rb
CHANGED
data/test/test_ssl.rb
CHANGED
|
@@ -275,6 +275,114 @@ end
|
|
|
275
275
|
end
|
|
276
276
|
end
|
|
277
277
|
|
|
278
|
+
VERIFY_TEST_CERT_LOCALHOST = OpenSSL::X509::Certificate.new(<<-EOS)
|
|
279
|
+
-----BEGIN CERTIFICATE-----
|
|
280
|
+
MIIB9jCCAV+gAwIBAgIJAIH8Gsm4PcNKMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
|
|
281
|
+
BAMMCWxvY2FsaG9zdDAeFw0xNjA4MTgxMDI2MDVaFw00NDAxMDMxMDI2MDVaMBQx
|
|
282
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|
|
283
|
+
p7D8q0lcx5EZEV5+zPnQsxrbft5xyhH/MCStbH46DRATGPNSOaLRCG5r8gTKQzpD
|
|
284
|
+
4swGrQFYe2ienQ+7o4aEHErsXp4O/EmDKeiXWWrMqPr23r3HOBDebuynC/sCwy7N
|
|
285
|
+
epnX9u1VLB03eo+suj4d86OoOF+o11t9ZP+GA29Rsf8CAwEAAaNQME4wHQYDVR0O
|
|
286
|
+
BBYEFIxsJuPVvd5KKFcAvHGSeKSsWiUJMB8GA1UdIwQYMBaAFIxsJuPVvd5KKFcA
|
|
287
|
+
vHGSeKSsWiUJMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEAMJaVCrrM
|
|
288
|
+
SM2I06Vr4BL+jtDFhZh3HmJFEDpwEFQ5Y9hduwdUGRBGCpkuea3fE2FKwWW9gLM1
|
|
289
|
+
w7rFMzYFtCEqm78dJWIU79MRy0wjO4LgtYfoikgBh6JKWuV5ed/+L3sLyLG0ZTtv
|
|
290
|
+
lrD7lzDtXgwvj007PxDoYRp3JwYzKRmTbH8=
|
|
291
|
+
-----END CERTIFICATE-----
|
|
292
|
+
EOS
|
|
293
|
+
|
|
294
|
+
VERIFY_TEST_CERT_FOO_DOMAIN = OpenSSL::X509::Certificate.new(<<-EOS)
|
|
295
|
+
-----BEGIN CERTIFICATE-----
|
|
296
|
+
MIIB8jCCAVugAwIBAgIJAL/od7Whx7VTMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
|
|
297
|
+
BAMMB2Zvby5jb20wHhcNMTYwODE4MTAyMzUyWhcNNDQwMTAzMTAyMzUyWjASMRAw
|
|
298
|
+
DgYDVQQDDAdmb28uY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnsPyr
|
|
299
|
+
SVzHkRkRXn7M+dCzGtt+3nHKEf8wJK1sfjoNEBMY81I5otEIbmvyBMpDOkPizAat
|
|
300
|
+
AVh7aJ6dD7ujhoQcSuxeng78SYMp6JdZasyo+vbevcc4EN5u7KcL+wLDLs16mdf2
|
|
301
|
+
7VUsHTd6j6y6Ph3zo6g4X6jXW31k/4YDb1Gx/wIDAQABo1AwTjAdBgNVHQ4EFgQU
|
|
302
|
+
jGwm49W93kooVwC8cZJ4pKxaJQkwHwYDVR0jBBgwFoAUjGwm49W93kooVwC8cZJ4
|
|
303
|
+
pKxaJQkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQCVKTvfxx+yezuR
|
|
304
|
+
5WpVKw1E9qabKOYFB5TqdHMHreRubMJTaoZC+YzhcCwtyLlAA9+axKINAiMM8T+z
|
|
305
|
+
jjfOHQSa2GS2TaaVDJWmXIgsAlEbjd2BEiQF0LZYGJRG9pyq0WbTV+CyFdrghjcO
|
|
306
|
+
xX/t7OG7NfOG9dhv3J+5SX10S5V5Dg==
|
|
307
|
+
-----END CERTIFICATE-----
|
|
308
|
+
EOS
|
|
309
|
+
|
|
310
|
+
VERIFY_TEST_CERT_ALT_NAME = OpenSSL::X509::Certificate.new(<<-EOS)
|
|
311
|
+
-----BEGIN CERTIFICATE-----
|
|
312
|
+
MIICDDCCAXWgAwIBAgIJAOxXY4nOwxhGMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
|
|
313
|
+
BAMMCWxvY2FsaG9zdDAeFw0xNjA4MTgxMDM0NTJaFw00NDAxMDMxMDM0NTJaMBQx
|
|
314
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|
|
315
|
+
p7D8q0lcx5EZEV5+zPnQsxrbft5xyhH/MCStbH46DRATGPNSOaLRCG5r8gTKQzpD
|
|
316
|
+
4swGrQFYe2ienQ+7o4aEHErsXp4O/EmDKeiXWWrMqPr23r3HOBDebuynC/sCwy7N
|
|
317
|
+
epnX9u1VLB03eo+suj4d86OoOF+o11t9ZP+GA29Rsf8CAwEAAaNmMGQwFAYDVR0R
|
|
318
|
+
BA0wC4IJKi5mb28uY29tMB0GA1UdDgQWBBSMbCbj1b3eSihXALxxknikrFolCTAf
|
|
319
|
+
BgNVHSMEGDAWgBSMbCbj1b3eSihXALxxknikrFolCTAMBgNVHRMEBTADAQH/MA0G
|
|
320
|
+
CSqGSIb3DQEBCwUAA4GBADJlKNFuOnsDIhHGW72HuQw4naN6lM3eZE9JJ+UF/XIF
|
|
321
|
+
ghGtgqw+00Yy5wMFc1K2Wm4p5NymmDfC/P1FOe34bpxt9/IWm6mEoIWoodC3N4Cm
|
|
322
|
+
PtnSS1/CRWzVIPGMglTGGDcUc70tfeAWgyTxgcNQd4vTFtnN0f0RDdaXa8kfKMTw
|
|
323
|
+
-----END CERTIFICATE-----
|
|
324
|
+
EOS
|
|
325
|
+
|
|
326
|
+
VERIFY_TEST_PKEY = OpenSSL::PKey::RSA.new(<<-EOS)
|
|
327
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
328
|
+
MIICXQIBAAKBgQCnsPyrSVzHkRkRXn7M+dCzGtt+3nHKEf8wJK1sfjoNEBMY81I5
|
|
329
|
+
otEIbmvyBMpDOkPizAatAVh7aJ6dD7ujhoQcSuxeng78SYMp6JdZasyo+vbevcc4
|
|
330
|
+
EN5u7KcL+wLDLs16mdf27VUsHTd6j6y6Ph3zo6g4X6jXW31k/4YDb1Gx/wIDAQAB
|
|
331
|
+
AoGAe0RHx+WKtQx8/96VmTl951qzxMPho2etTYd4kAsNwzJwx2N9qu57eBYrdWF+
|
|
332
|
+
CQMYievucFhP4Y+bINtC1Eb6btz9TCUwjCfeIxfGRoFf3cxVmxlsRJJmN1kSZlu1
|
|
333
|
+
yYlcMVuP4noeFIMQBRrt5pyLCx2Z9A01NCQT4Y6VoREBIeECQQDWeNhsL6xkrmdB
|
|
334
|
+
M9+zl+SqHdNKhgKwMdp74+UNnAV9I8GB7bGlOWhc83aqMLgS+JBDFXcmNF/KawTR
|
|
335
|
+
zcnkod5xAkEAyClFgr3lZQSnwUwoA/AOcyW0+H63taaaXS/g8n3H8ENK6kL4ldUx
|
|
336
|
+
IgCk2ekbQ5Y3S2WScIGXNxMOza9MlsOvbwJAPUtoPvMZB+U4KVBT/JXKijvf6QqH
|
|
337
|
+
tidpU8L78XnHr84KPcHa5WeUxgvmvBkUYoebYzC9TrPlNIqFZBi2PJtuYQJBAMda
|
|
338
|
+
E5j7eJT75fhm2RPS6xFT5MH5sw6AOA3HucrJ63AoFVzsBpl0E9NBwO4ndLgDzF6T
|
|
339
|
+
cx4Kc4iuunewuB8QFpECQQCfvsHCjIJ/X4kiqeBzxDq2GR/oDgQkOzY+4H9U7Lwl
|
|
340
|
+
e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
|
|
341
|
+
-----END RSA PRIVATE KEY-----
|
|
342
|
+
EOS
|
|
343
|
+
|
|
344
|
+
def test_post_connection_check
|
|
345
|
+
teardown_server
|
|
346
|
+
setup_server_with_server_cert(nil, VERIFY_TEST_CERT_LOCALHOST, VERIFY_TEST_PKEY)
|
|
347
|
+
file = Tempfile.new('cert')
|
|
348
|
+
File.write(file.path, VERIFY_TEST_CERT_LOCALHOST.to_pem)
|
|
349
|
+
@client.ssl_config.add_trust_ca(file.path)
|
|
350
|
+
assert_nothing_raised do
|
|
351
|
+
@client.get("https://localhost:#{serverport}/hello")
|
|
352
|
+
end
|
|
353
|
+
@client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
354
|
+
assert_nothing_raised do
|
|
355
|
+
@client.get("https://localhost:#{serverport}/hello")
|
|
356
|
+
end
|
|
357
|
+
@client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
358
|
+
|
|
359
|
+
teardown_server
|
|
360
|
+
setup_server_with_server_cert(nil, VERIFY_TEST_CERT_FOO_DOMAIN, VERIFY_TEST_PKEY)
|
|
361
|
+
File.write(file.path, VERIFY_TEST_CERT_FOO_DOMAIN.to_pem)
|
|
362
|
+
@client.ssl_config.add_trust_ca(file.path)
|
|
363
|
+
assert_raises(OpenSSL::SSL::SSLError) do
|
|
364
|
+
@client.get("https://localhost:#{serverport}/hello")
|
|
365
|
+
end
|
|
366
|
+
@client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
367
|
+
assert_nothing_raised do
|
|
368
|
+
@client.get("https://localhost:#{serverport}/hello")
|
|
369
|
+
end
|
|
370
|
+
@client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
371
|
+
|
|
372
|
+
teardown_server
|
|
373
|
+
setup_server_with_server_cert(nil, VERIFY_TEST_CERT_ALT_NAME, VERIFY_TEST_PKEY)
|
|
374
|
+
File.write(file.path, VERIFY_TEST_CERT_ALT_NAME.to_pem)
|
|
375
|
+
@client.ssl_config.add_trust_ca(file.path)
|
|
376
|
+
assert_raises(OpenSSL::SSL::SSLError) do
|
|
377
|
+
@client.get("https://localhost:#{serverport}/hello")
|
|
378
|
+
end
|
|
379
|
+
@client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
380
|
+
assert_nothing_raised do
|
|
381
|
+
@client.get("https://localhost:#{serverport}/hello")
|
|
382
|
+
end
|
|
383
|
+
@client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
|
384
|
+
end
|
|
385
|
+
|
|
278
386
|
private
|
|
279
387
|
|
|
280
388
|
def cert(filename)
|
|
@@ -345,6 +453,33 @@ private
|
|
|
345
453
|
@server_thread = start_server_thread(@server)
|
|
346
454
|
end
|
|
347
455
|
|
|
456
|
+
def setup_server_with_server_cert(ca_cert, server_cert, server_key)
|
|
457
|
+
logger = Logger.new(STDERR)
|
|
458
|
+
logger.level = Logger::Severity::FATAL # avoid logging SSLError (ERROR level)
|
|
459
|
+
@server = WEBrick::HTTPServer.new(
|
|
460
|
+
:BindAddress => "localhost",
|
|
461
|
+
:Logger => logger,
|
|
462
|
+
:Port => 0,
|
|
463
|
+
:AccessLog => [],
|
|
464
|
+
:DocumentRoot => DIR,
|
|
465
|
+
:SSLEnable => true,
|
|
466
|
+
:SSLCACertificateFile => ca_cert,
|
|
467
|
+
:SSLCertificate => server_cert,
|
|
468
|
+
:SSLPrivateKey => server_key,
|
|
469
|
+
:SSLVerifyClient => nil,
|
|
470
|
+
:SSLClientCA => nil,
|
|
471
|
+
:SSLCertName => nil
|
|
472
|
+
)
|
|
473
|
+
@serverport = @server.config[:Port]
|
|
474
|
+
[:hello].each do |sym|
|
|
475
|
+
@server.mount(
|
|
476
|
+
"/#{sym}",
|
|
477
|
+
WEBrick::HTTPServlet::ProcHandler.new(method("do_#{sym}").to_proc)
|
|
478
|
+
)
|
|
479
|
+
end
|
|
480
|
+
@server_thread = start_server_thread(@server)
|
|
481
|
+
end
|
|
482
|
+
|
|
348
483
|
def do_hello(req, res)
|
|
349
484
|
res['content-type'] = 'text/html'
|
|
350
485
|
res.body = "hello"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: httpclient
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.8.2.
|
|
4
|
+
version: 2.8.2.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Hiroshi Nakamura
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-08-
|
|
11
|
+
date: 2016-08-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email: nahi@ruby-lang.org
|
|
@@ -103,7 +103,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
103
103
|
version: '0'
|
|
104
104
|
requirements: []
|
|
105
105
|
rubyforge_project:
|
|
106
|
-
rubygems_version: 2.
|
|
106
|
+
rubygems_version: 2.5.1
|
|
107
107
|
signing_key:
|
|
108
108
|
specification_version: 4
|
|
109
109
|
summary: gives something like the functionality of libwww-perl (LWP) in Ruby
|