httpclient 2.8.2.4 → 2.8.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 241dd999985ce751afe54cf45ca1d2df8a4b05c7
-  data.tar.gz: 9a4021e0b3f9f1a9a40ecb56f48b139217d51621
+  metadata.gz: 45217dcc777d36d71246dd468e40b79caad351d6
+  data.tar.gz: afcf1a175414e0a1dde95eb5823b0fa339655d9c
 SHA512:
-  metadata.gz: 2d306ba29a27b6e1e8507141b83a162c8b4c97ac03b4daf61982883be51ef0831cd79ff1d7e90047c5cda4ca1f775d6609d645a01a7ce289cb7e2a99519637d6
-  data.tar.gz: c3fe5f9e0e6ab7b2e4afd0560ff2ec8f01e736d18dc66e431d6d3f1b89481e20acee6d4d4eadb8c2a6d03c27b6ecc3f0175e84dccaefa74e461615f579f93716
+  metadata.gz: f5ae105eb3b269d67521a35446e3518b359e7a359c0c8a14500ef9e9ff8c4681c20b103bb4d5a2f96cdd9caa337fc149f39df3754bb9f3185b6914f284adfdc0
+  data.tar.gz: 005d1769b6906e0c107ba63e7a178c4d73aae59198ed3efe866e8722fdadcf4c4142c3724c167b6db5f8a45cb03f517083164c18fdd1aa65074dc4ab362bc9de

data/lib/httpclient.rb

@@ -355,6 +355,8 @@ class HTTPClient
   # if your ruby is older than 2005-09-06, do not set socket_sync = false to
   # avoid an SSL socket blocking bug in openssl/buffering.rb.
   attr_proxy(:socket_sync, true)
+  # Enables TCP keepalive; no timing settings exist at present
+  attr_proxy(:tcp_keepalive, true)
   # User-Agent header in HTTP request.
   attr_proxy(:agent_name, true)
   # From header in HTTP request.

data/lib/httpclient/jruby_ssl_socket.rb

@@ -15,9 +15,23 @@ class HTTPClient
 unless defined?(SSLSocket)
 
   class JavaSocketWrap
+    java_import 'java.net.InetSocketAddress'
     java_import 'java.io.BufferedInputStream'
+
     BUF_SIZE = 1024 * 16
 
+    def self.connect(socket, site, opts = {})
+      socket_addr = InetSocketAddress.new(site.host, site.port)
+      if opts[:connect_timeout]
+        socket.connect(socket_addr, opts[:connect_timeout])
+      else
+        socket.connect(socket_addr)
+      end
+      socket.setSoTimeout(opts[:so_timeout]) if opts[:so_timeout]
+      socket.setKeepAlive(true) if opts[:tcp_keepalive]
+      socket
+    end
+
     def initialize(socket, debug_dev = nil)
       @socket = socket
       @debug_dev = debug_dev
@@ -39,7 +53,6 @@ unless defined?(SSLSocket)
       @socket.isClosed
     end
 
-
     def gets(rs)
       while (size = @bufstr.index(rs)).nil?
         if fill() == -1
@@ -105,11 +118,15 @@ unless defined?(SSLSocket)
   private
 
     def fill
-      size = @instr.read(@buf)
-      if size > 0
-        @bufstr << String.from_java_bytes(@buf, Encoding::BINARY)[0, size]
+      begin
+        size = @instr.read(@buf)
+        if size > 0
+          @bufstr << String.from_java_bytes(@buf, Encoding::BINARY)[0, size]
+        end
+        size
+      rescue java.io.IOException => e
+        raise OpenSSL::SSL::SSLError.new("#{e.class}: #{e.getMessage}")
       end
-      size
     end
 
     def debug(str)
@@ -267,8 +284,8 @@ unless defined?(SSLSocket)
 
     module PEMUtils
       def self.read_certificate(pem)
-        pem = pem.sub(/-----BEGIN CERTIFICATE-----/, '').sub(/-----END CERTIFICATE-----/, '')
-        der = pem.unpack('m*').first
+        cert = pem.sub(/.*?-----BEGIN CERTIFICATE-----/m, '').sub(/-----END CERTIFICATE-----.*?/m, '')
+        der = cert.unpack('m*').first
         cf = CertificateFactory.getInstance('X.509')
         cf.generateCertificate(ByteArrayInputStream.new(der.to_java_bytes))
       end
@@ -440,27 +457,56 @@ unless defined?(SSLSocket)
     end
 
     def self.create_socket(session)
-      site = session.proxy || session.dest
-      socket = Socket.new(site.host, site.port)
+      opts = {
+        :connect_timeout => session.connect_timeout * 1000,
+        # send_timeout is ignored in JRuby
+        :so_timeout => session.receive_timeout * 1000,
+        :tcp_keepalive => session.tcp_keepalive,
+        :debug_dev => session.debug_dev
+      }
+      socket = nil
       begin
         if session.proxy
+          site = session.proxy || session.dest
+          socket = JavaSocketWrap.connect(Socket.new, site, opts)
           session.connect_ssl_proxy(JavaSocketWrap.new(socket), Util.urify(session.dest.to_s))
         end
+        new(socket, session.dest, session.ssl_config, opts)
       rescue
-        socket.close
+        socket.close if socket
         raise
       end
-      new(socket, session.dest, session.ssl_config, session.debug_dev)
     end
 
     DEFAULT_SSL_PROTOCOL = (java.lang.System.getProperty('java.specification.version') == '1.7') ? 'TLSv1.2' : 'TLS'
-    def initialize(socket, dest, config, debug_dev = nil)
+    def initialize(socket, dest, config, opts = {})
       @config = config
+      begin
+        @ssl_socket = create_ssl_socket(socket, dest, config, opts)
+        ssl_version = java_ssl_version(config)
+        @ssl_socket.setEnabledProtocols([ssl_version].to_java(java.lang.String)) if ssl_version != DEFAULT_SSL_PROTOCOL
+        if config.ciphers != SSLConfig::CIPHERS_DEFAULT
+          @ssl_socket.setEnabledCipherSuites(config.ciphers.to_java(java.lang.String))
+        end
+        ssl_connect(dest.host)
+      rescue java.security.GeneralSecurityException => e
+        raise OpenSSL::SSL::SSLError.new(e.getMessage)
+      rescue java.io.IOException => e
+        raise OpenSSL::SSL::SSLError.new("#{e.class}: #{e.getMessage}")
+      end
+
+      super(@ssl_socket, opts[:debug_dev])
+    end
+
+    def java_ssl_version(config)
       if config.ssl_version == :auto
-        ssl_version = DEFAULT_SSL_PROTOCOL
+        DEFAULT_SSL_PROTOCOL
       else
-        ssl_version = config.ssl_version.to_s.tr('_', '.')
+        config.ssl_version.to_s.tr('_', '.')
       end
+    end
+
+    def create_ssl_context(config)
       unless config.cert_store_crl_items.empty?
         raise NotImplementedError.new('Manual CRL configuration is not yet supported')
       end
@@ -489,36 +535,24 @@ unless defined?(SSLSocket)
       tmf.init(trust_store)
       tm = tmf.getTrustManagers
 
-      ctx = SSLContext.getInstance(ssl_version)
+      ctx = SSLContext.getInstance(java_ssl_version(config))
       ctx.init(km, tm, nil)
       if config.timeout
         ctx.getClientSessionContext.setSessionTimeout(config.timeout)
       end
+      ctx
+    end
 
+    def create_ssl_socket(socket, dest, config, opts)
+      ctx = create_ssl_context(config)
       factory = ctx.getSocketFactory
-      begin
+      if socket
         ssl_socket = factory.createSocket(socket, dest.host, dest.port, true)
-        ssl_socket.setEnabledProtocols([ssl_version].to_java(java.lang.String)) if ssl_version != DEFAULT_SSL_PROTOCOL
-        if config.ciphers != SSLConfig::CIPHERS_DEFAULT
-          ssl_socket.setEnabledCipherSuites(config.ciphers.to_java(java.lang.String))
-        end
-        ssl_socket.startHandshake
-        ssl_session = ssl_socket.getSession
-        @peer_cert = JavaCertificate.new(ssl_session.getPeerCertificates.first)
-        if $DEBUG
-          warn("Protocol version: #{ssl_session.getProtocol}")
-          warn("Cipher: #{ssl_socket.getSession.getCipherSuite}")
-        end
-        post_connection_check(dest.host, @peer_cert)
-      rescue java.security.GeneralSecurityException => e
-        raise OpenSSL::SSL::SSLError.new(e.getMessage)
-      rescue javax.net.ssl.SSLException => e
-        raise OpenSSL::SSL::SSLError.new(e.getMessage)
-      rescue java.net.SocketException => e
-        raise OpenSSL::SSL::SSLError.new(e.getMessage)
+      else
+        ssl_socket = factory.createSocket
+        JavaSocketWrap.connect(ssl_socket, dest, opts)
       end
-
-      super(ssl_socket, debug_dev)
+      ssl_socket
     end
 
     def peer_cert
@@ -527,11 +561,22 @@ unless defined?(SSLSocket)
 
   private
 
-    def post_connection_check(hostname, wrap_cert)
+    def ssl_connect(hostname)
+      @ssl_socket.startHandshake
+      ssl_session = @ssl_socket.getSession
+      @peer_cert = JavaCertificate.new(ssl_session.getPeerCertificates.first)
+      if $DEBUG
+        warn("Protocol version: #{ssl_session.getProtocol}")
+        warn("Cipher: #{@ssl_socket.getSession.getCipherSuite}")
+      end
+      post_connection_check(hostname)
+    end
+
+    def post_connection_check(hostname)
       if !@config.verify?
         return
       else
-        BrowserCompatHostnameVerifier.new.verify(hostname, wrap_cert.cert)
+        BrowserCompatHostnameVerifier.new.verify(hostname, @peer_cert.cert)
       end
     end
   end

data/lib/httpclient/session.rb

@@ -76,7 +76,7 @@ class HTTPClient
     def to_s # :nodoc:
       addr
     end
-    
+
     # Returns true if scheme, host and port of the given URI matches with this.
     def match(uri)
       (@scheme == uri.scheme) and (@host == uri.host) and (@port == uri.port.to_i)
@@ -105,6 +105,8 @@ class HTTPClient
     attr_accessor :debug_dev
     # Boolean value for Socket#sync
     attr_accessor :socket_sync
+    # Boolean value to send TCP keepalive packets; no timing settings exist at present
+    attr_accessor :tcp_keepalive
 
     attr_accessor :connect_timeout
     # Maximum retry count.  0 for infinite.
@@ -137,6 +139,7 @@ class HTTPClient
       @protocol_version = nil
       @debug_dev = client.debug_dev
       @socket_sync = true
+      @tcp_keepalive = false
       @chunk_size = ::HTTP::Message::Body::DEFAULT_CHUNK_SIZE
 
       @connect_timeout = 60
@@ -216,6 +219,7 @@ class HTTPClient
       sess = Session.new(@client, site, @agent_name, @from)
       sess.proxy = via_proxy ? @proxy : nil
       sess.socket_sync = @socket_sync
+      sess.tcp_keepalive = @tcp_keepalive
       sess.requested_version = @protocol_version if @protocol_version
       sess.connect_timeout = @connect_timeout
       sess.connect_retry = @connect_retry
@@ -437,6 +441,8 @@ class HTTPClient
     attr_accessor :proxy
     # Boolean value for Socket#sync
     attr_accessor :socket_sync
+    # Boolean value to send TCP keepalive packets; no timing settings exist at present
+    attr_accessor :tcp_keepalive
     # Requested protocol version
     attr_accessor :requested_version
     # Device for dumping log for debugging
@@ -464,6 +470,7 @@ class HTTPClient
       @dest = dest
       @proxy = nil
       @socket_sync = true
+      @tcp_keepalive = false
       @requested_version = nil
 
       @debug_dev = nil
@@ -606,17 +613,16 @@ class HTTPClient
           clean_local = @socket_local.host.delete("[]")
           socket = TCPSocket.new(clean_host, port, clean_local, @socket_local.port)
         end
+        socket.setsockopt(Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, true) if @tcp_keepalive
         if @debug_dev
           @debug_dev << "! CONNECTION ESTABLISHED\n"
           socket.extend(DebugSocket)
           socket.debug_dev = @debug_dev
         end
       rescue SystemCallError => e
-        e.message << " (#{host}:#{port})"
-        raise
+        raise e.class, e.message + " (#{host}:#{port})"
       rescue SocketError => e
-        e.message << " (#{host}:#{port})"
-        raise
+        raise e.class, e.message + " (#{host}:#{port})"
       end
       socket
     end

data/lib/httpclient/ssl_config.rb

@@ -66,55 +66,76 @@ class HTTPClient
       end
     end
 
+    class << self
+    private
+      def attr_config(symbol)
+        name = symbol.to_s
+        ivar_name = "@#{name}"
+        define_method(name) {
+          instance_variable_get(ivar_name)
+        }
+        define_method("#{name}=") { |rhs|
+          if instance_variable_get(ivar_name) != rhs
+            instance_variable_set(ivar_name, rhs)
+            change_notify
+          end
+        }
+        symbol
+      end
+    end
+
+
     CIPHERS_DEFAULT = "ALL:!aNULL:!eNULL:!SSLv2" # OpenSSL >1.0.0 default
 
     # Which TLS protocol version (also called method) will be used. Defaults
-    # to :auto which means that OpenSSL decides (In my tests this resulted 
+    # to :auto which means that OpenSSL decides (In my tests this resulted
     # with always the highest available protocol being used).
     # String name of OpenSSL's SSL version method name: TLSv1_2, TLSv1_1, TLSv1,
     # SSLv2, SSLv23, SSLv3 or :auto (and nil) to allow version negotiation (default).
     # See {OpenSSL::SSL::SSLContext::METHODS} for a list of available versions
     # in your specific Ruby environment.
-    attr_reader :ssl_version
+    attr_config :ssl_version
     # OpenSSL::X509::Certificate:: certificate for SSL client authentication.
     # nil by default. (no client authentication)
-    attr_reader :client_cert
+    attr_config :client_cert
     # OpenSSL::PKey::PKey:: private key for SSL client authentication.
     # nil by default. (no client authentication)
-    attr_reader :client_key
-    attr_reader :client_key_pass
+    attr_config :client_key
+    # OpenSSL::PKey::PKey:: private key pass phrase for client_key.
+    # nil by default. (no pass phrase)
+    attr_config :client_key_pass
 
     # A number which represents OpenSSL's verify mode.  Default value is
     # OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT.
-    attr_reader :verify_mode
+    attr_config :verify_mode
     # A number of verify depth.  Certification path which length is longer than
     # this depth is not allowed.
     # CAUTION: this is OpenSSL specific option and ignored on JRuby.
-    attr_reader :verify_depth
+    attr_config :verify_depth
     # A callback handler for custom certificate verification.  nil by default.
     # If the handler is set, handler.call is invoked just after general
     # OpenSSL's verification.  handler.call is invoked with 2 arguments,
     # ok and ctx; ok is a result of general OpenSSL's verification.  ctx is a
     # OpenSSL::X509::StoreContext.
-    attr_reader :verify_callback
+    attr_config :verify_callback
     # SSL timeout in sec.  nil by default.
-    attr_reader :timeout
+    attr_config :timeout
     # A number of OpenSSL's SSL options.  Default value is
     # OpenSSL::SSL::OP_ALL | OpenSSL::SSL::OP_NO_SSLv2
     # CAUTION: this is OpenSSL specific option and ignored on JRuby.
     # Use ssl_version to specify the TLS version you want to use.
-    attr_reader :options
+    attr_config :options
     # A String of OpenSSL's cipher configuration.  Default value is
     # ALL:!ADH:!LOW:!EXP:!MD5:+SSLv2:@STRENGTH
     # See ciphers(1) man in OpenSSL for more detail.
-    attr_reader :ciphers
+    attr_config :ciphers
 
     # OpenSSL::X509::X509::Store used for verification.  You can reset the
     # store with clear_cert_store and set the new store with cert_store=.
     attr_reader :cert_store # don't use if you don't know what it is.
 
     # For server side configuration.  Ignore this.
-    attr_reader :client_ca # :nodoc:
+    attr_config :client_ca # :nodoc:
 
     # These array keeps original files/dirs that was added to @cert_store
     def cert_store_items; @cert_store._httpclient_cert_store_items; end
@@ -126,7 +147,7 @@ class HTTPClient
       @client = client
       @cert_store = X509::Store.new
       @cert_store_crl_items = []
-      @client_cert = @client_key = @client_ca = nil
+      @client_cert = @client_key = @client_key_pass = @client_ca = nil
       @verify_mode = SSL::VERIFY_PEER | SSL::VERIFY_FAIL_IF_NO_PEER_CERT
       @verify_depth = nil
       @verify_callback = nil
@@ -144,42 +165,18 @@ class HTTPClient
       @cacerts_loaded = false
     end
 
-    # Sets SSL version method String.  Possible values: "SSLv2" for SSL2,
-    # "SSLv3" for SSL3 and TLS1.x, "SSLv23" for SSL3 with fallback to SSL2.
-    def ssl_version=(ssl_version)
-      @ssl_version = ssl_version
-      change_notify
-    end
-
-    # Sets certificate (OpenSSL::X509::Certificate) for SSL client
-    # authentication.
-    # client_key and client_cert must be a pair.
-    #
-    # Calling this method resets all existing sessions.
-    def client_cert=(client_cert)
-      @client_cert = client_cert
-      change_notify
-    end
-
-    # Sets private key (OpenSSL::PKey::PKey) for SSL client authentication.
-    # client_key and client_cert must be a pair.
-    #
-    # Calling this method resets all existing sessions.
-    def client_key=(client_key)
-      @client_key = client_key
-      change_notify
-    end
-
     # Sets certificate and private key for SSL client authentication.
     # cert_file:: must be a filename of PEM/DER formatted file.
     # key_file:: must be a filename of PEM/DER formatted file.  Key must be an
     #            RSA key.  If you want to use other PKey algorithm,
     #            use client_key=.
     #
-    # Calling this method resets all existing sessions.
+    # Calling this method resets all existing sessions if value is changed.
     def set_client_cert_file(cert_file, key_file, pass = nil)
-      @client_cert, @client_key, @client_key_pass = cert_file, key_file, pass
-      change_notify
+      if (@client_cert != cert_file) || (@client_key != key_file) || (@client_key_pass != pass)
+        @client_cert, @client_key, @client_key_pass = cert_file, key_file, pass
+        change_notify
+      end
     end
 
     # Sets OpenSSL's default trusted CA certificates.  Generally, OpenSSL is
@@ -216,9 +213,12 @@ class HTTPClient
     #
     # Calling this method resets all existing sessions.
     def cert_store=(cert_store)
-      @cacerts_loaded = true # avoid lazy override
-      @cert_store = cert_store
-      change_notify
+      # This is object equality check, since OpenSSL::X509::Store doesn't overload ==
+      if !@cacerts_loaded || (@cert_store != cert_store)
+        @cacerts_loaded = true # avoid lazy override
+        @cert_store = cert_store
+        change_notify
+      end
     end
 
     # Sets trust anchor certificate(s) for verification.
@@ -276,62 +276,6 @@ class HTTPClient
     end
     alias set_crl add_crl
 
-    # Sets verify mode of OpenSSL.  New value must be a combination of
-    # constants OpenSSL::SSL::VERIFY_*
-    #
-    # Calling this method resets all existing sessions.
-    def verify_mode=(verify_mode)
-      @verify_mode = verify_mode
-      change_notify
-    end
-
-    # Sets verify depth.  New value must be a number.
-    #
-    # Calling this method resets all existing sessions.
-    def verify_depth=(verify_depth)
-      @verify_depth = verify_depth
-      change_notify
-    end
-
-    # Sets callback handler for custom certificate verification.
-    # See verify_callback.
-    #
-    # Calling this method resets all existing sessions.
-    def verify_callback=(verify_callback)
-      @verify_callback = verify_callback
-      change_notify
-    end
-
-    # Sets SSL timeout in sec.
-    #
-    # Calling this method resets all existing sessions.
-    def timeout=(timeout)
-      @timeout = timeout
-      change_notify
-    end
-
-    # Sets SSL options.  New value must be a combination of # constants
-    # OpenSSL::SSL::OP_*
-    #
-    # Calling this method resets all existing sessions.
-    def options=(options)
-      @options = options
-      change_notify
-    end
-
-    # Sets cipher configuration.  New value must be a String.
-    #
-    # Calling this method resets all existing sessions.
-    def ciphers=(ciphers)
-      @ciphers = ciphers
-      change_notify
-    end
-
-    def client_ca=(client_ca) # :nodoc:
-      @client_ca = client_ca
-      change_notify
-    end
-
     def verify?
       @verify_mode && (@verify_mode & OpenSSL::SSL::VERIFY_PEER != 0)
     end
@@ -471,7 +415,6 @@ class HTTPClient
 
     # Use 2048 bit certs trust anchor
     def load_cacerts(cert_store)
-      ver = OpenSSL::OPENSSL_VERSION
       file = File.join(File.dirname(__FILE__), 'cacert.pem')
       add_trust_ca_to_store(cert_store, file)
     end

data/lib/httpclient/ssl_socket.rb

@@ -14,43 +14,31 @@ class HTTPClient
   # Wraps up OpenSSL::SSL::SSLSocket and offers debugging features.
   class SSLSocket
     def self.create_socket(session)
+      opts = {
+        :debug_dev => session.debug_dev
+      }
       site = session.proxy || session.dest
       socket = session.create_socket(site.host, site.port)
       begin
         if session.proxy
           session.connect_ssl_proxy(socket, Util.urify(session.dest.to_s))
         end
-        ssl_socket = new(socket, session.ssl_config, session.debug_dev)
-        ssl_socket.ssl_connect(session.dest.host)
-        ssl_socket
+        new(socket, session.dest, session.ssl_config, opts)
       rescue
         socket.close
         raise
       end
     end
 
-    def initialize(socket, context, debug_dev = nil)
+    def initialize(socket, dest, config, opts = {})
       unless SSLEnabled
         raise ConfigurationError.new('Ruby/OpenSSL module is required')
       end
       @socket = socket
-      @context = context
+      @config = config
       @ssl_socket = create_openssl_socket(@socket)
-      @debug_dev = debug_dev
-    end
-
-    def ssl_connect(hostname = nil)
-      if hostname && @ssl_socket.respond_to?(:hostname=)
-        @ssl_socket.hostname = hostname
-      end
-      @ssl_socket.connect
-      if $DEBUG
-        if @ssl_socket.respond_to?(:ssl_version)
-          warn("Protocol version: #{@ssl_socket.ssl_version}")
-        end
-        warn("Cipher: #{@ssl_socket.cipher.inspect}")
-      end
-      post_connection_check(hostname)
+      @debug_dev = opts[:debug_dev]
+      ssl_connect(dest.host)
     end
 
     def peer_cert
@@ -108,8 +96,22 @@ class HTTPClient
 
   private
 
+    def ssl_connect(hostname = nil)
+      if hostname && @ssl_socket.respond_to?(:hostname=)
+        @ssl_socket.hostname = hostname
+      end
+      @ssl_socket.connect
+      if $DEBUG
+        if @ssl_socket.respond_to?(:ssl_version)
+          warn("Protocol version: #{@ssl_socket.ssl_version}")
+        end
+        warn("Cipher: #{@ssl_socket.cipher.inspect}")
+      end
+      post_connection_check(hostname)
+    end
+
     def post_connection_check(hostname)
-      verify_mode = @context.verify_mode || OpenSSL::SSL::VERIFY_NONE
+      verify_mode = @config.verify_mode || OpenSSL::SSL::VERIFY_NONE
       if verify_mode == OpenSSL::SSL::VERIFY_NONE
         return
       elsif @ssl_socket.peer_cert.nil? and
@@ -119,7 +121,7 @@ class HTTPClient
       if @ssl_socket.respond_to?(:post_connection_check) and RUBY_VERSION > "1.8.4"
         @ssl_socket.post_connection_check(hostname)
       else
-        @context.post_connection_check(@ssl_socket.peer_cert, hostname)
+        @config.post_connection_check(@ssl_socket.peer_cert, hostname)
       end
     end
 
@@ -131,11 +133,11 @@ class HTTPClient
       ssl_socket = nil
       if OpenSSL::SSL.const_defined?("SSLContext")
         ctx = OpenSSL::SSL::SSLContext.new
-        @context.set_context(ctx)
+        @config.set_context(ctx)
         ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ctx)
       else
         ssl_socket = OpenSSL::SSL::SSLSocket.new(socket)
-        @context.set_context(ssl_socket)
+        @config.set_context(ssl_socket)
       end
       ssl_socket
     end

data/lib/httpclient/version.rb

@@ -1,3 +1,3 @@
 class HTTPClient
-  VERSION = '2.8.2.4'
+  VERSION = '2.8.3'
 end

data/test/jruby_ssl_socket/test_pemutils.rb

@@ -0,0 +1,32 @@
+require File.expand_path('helper', File.join(File.dirname(__FILE__),  ".."))
+
+
+class PEMUtilsTest < Test::Unit::TestCase
+  include Helper
+
+  def setup
+    @raw_cert = "-----BEGIN CERTIFICATE-----\nMIIDOTCCAiGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBCMRMwEQYKCZImiZPyLGQB\nGRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMRAwDgYDVQQDDAdSdWJ5\nIENBMB4XDTE2MDgxMDE3MjEzNFoXDTE3MDgxMDE3MjEzNFowSzETMBEGCgmSJomT\n8ixkARkWA29yZzEZMBcGCgmSJomT8ixkARkWCXJ1YnktbGFuZzEZMBcGA1UEAwwQ\nUnVieSBjZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nAJCfsSXpSMpmZCVa+ZCM+QDgomnhDlvnrGDq6pasTaIspGTXgws+7r8Dt/cNe6EH\nHJpRH2cGRiO4yPcfcT9eS4X7k8OC4f33wHfACOmLu6LeoNE8ujmSk6L6WzLUI+sE\nnLZbFrXxoAo4XHsm8vEG9C+jEoXZ1p+47wrAGaDwDQTnzlMy4dT9pRQEJP2G/Rry\nUkuZn8SUWmh3/YS78iaSzsNF1cgE1ealHOrPPFDjiCGDaH/LHyUPYlbFSLZ/B7Qx\nLxi5sePLcywWq/EJrmWpgeVTDjtNijsdKv/A3qkY+fm/oD0pzt7XsfJaP9YKNyJO\nQFdxWZeiPcDF+Hwf+IwSr+kCAwEAAaMxMC8wDgYDVR0PAQH/BAQDAgeAMB0GA1Ud\nDgQWBBQNvzYzJyXemGhxbA8NMXLolDnPyjANBgkqhkiG9w0BAQsFAAOCAQEARIJV\noKejGlOTn71QutnNnu07UtTu0IHs6YqjYzzND+m4JXLN+wvYm72AFUG0b1L7dRg0\niK8XjQrlNQNVqP1Mc6tffchy20neOPOHeiO6qTdRU8P2S8D3Uwe+1qhgxjfE+cWc\nwZmWxYK4HA8c58PxWMqrkr2QqXDplG9KWLvOgrtPGiLLZcQSKhvvB63QzItHBDU6\nRayiJY3oPkK/HrIvFlySqFqzWmuyknkciOFywEHQMz/tcSFJ2QFpPj/tBz9VXohH\nZ8KscmfhZrTPBjo+ky1lz/WraWoz4LMiLnkC2ABczWLRSawu+v3Irx1NFJngt05e\npqwtqIUeg7j+JLiTaA==\n-----END CERTIFICATE-----"
+  end
+
+  def test_read_certificate
+    assert_nothing_raised do
+      binary = HTTPClient::JRubySSLSocket::PEMUtils.read_certificate(@raw_cert)
+    end
+  end
+
+  def test_read_certificate_works_with_random_ascii_text_outside_begin_end
+    raw_cert_with_ascii = "some text before begin\n" + @raw_cert + "\nsome text after end"
+    assert_nothing_raised do
+      binary = HTTPClient::JRubySSLSocket::PEMUtils.read_certificate(raw_cert_with_ascii)
+    end
+  end
+
+  def test_read_certificate_uses_all_content_if_missing_begin_end
+    cert = @raw_cert.sub(/-----BEGIN CERTIFICATE-----/, '').sub(/-----END CERTIFICATE-----/, '')
+    assert_nothing_raised do
+      binary = HTTPClient::JRubySSLSocket::PEMUtils.read_certificate(cert)
+    end
+  end
+
+
+end

data/test/test_httpclient.rb

@@ -1908,6 +1908,18 @@ EOS
     end
   end
 
+  def test_tcp_keepalive
+    @client.tcp_keepalive = true
+    @client.get(serverurl)
+
+    # expecting HTTP keepalive caches the socket
+    session = @client.instance_variable_get(:@session_manager).send(:get_cached_session, HTTPClient::Site.new(URI.parse(serverurl)))
+    socket = session.instance_variable_get(:@socket)
+
+    assert_true(session.tcp_keepalive)
+    assert_equal(Socket::SO_KEEPALIVE, socket.getsockopt(Socket::SOL_SOCKET, Socket::SO_KEEPALIVE).optname)
+  end
+
 private
 
   def check_query_get(query)

data/test/test_ssl.rb

@@ -388,6 +388,45 @@ e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
     assert_equal(store, store.add_cert(OpenSSL::X509::Certificate.new(VERIFY_TEST_CERT_LOCALHOST)))
   end
 
+  def test_tcp_keepalive
+    @client.tcp_keepalive = true
+    @client.ssl_config.add_trust_ca(path('ca-chain.pem'))
+    @client.get_content(@url)
+
+    # expecting HTTP keepalive caches the socket
+    session = @client.instance_variable_get(:@session_manager).send(:get_cached_session, HTTPClient::Site.new(URI.parse(@url)))
+    socket = session.instance_variable_get(:@socket).instance_variable_get(:@socket)
+
+    assert_true(session.tcp_keepalive)
+    if RUBY_ENGINE == 'jruby'
+      assert_true(socket.getKeepAlive())
+    else
+      assert_equal(Socket::SO_KEEPALIVE, socket.getsockopt(Socket::SOL_SOCKET, Socket::SO_KEEPALIVE).optname)
+    end
+  end
+
+  def test_timeout
+    url = "https://localhost:#{serverport}/"
+    @client.ssl_config.add_trust_ca(path('ca-chain.pem'))
+    assert_equal('sleep', @client.get_content(url + 'sleep?sec=2'))
+    @client.receive_timeout = 1
+    @client.reset_all
+    assert_equal('sleep', @client.get_content(url + 'sleep?sec=0'))
+
+    start = Time.now
+    assert_raise(HTTPClient::ReceiveTimeoutError) do
+      @client.get_content(url + 'sleep?sec=5')
+    end
+    if Time.now - start > 3
+      # before #342 it detected timeout when IO was freed
+      fail 'timeout does not work'
+    end
+
+    @client.receive_timeout = 3
+    @client.reset_all
+    assert_equal('sleep', @client.get_content(url + 'sleep?sec=2'))
+  end
+
 private
 
   def cert(filename)
@@ -420,7 +459,7 @@ private
       :SSLCertName => nil
     )
     @serverport = @server.config[:Port]
-    [:hello].each do |sym|
+    [:hello, :sleep].each do |sym|
       @server.mount(
         "/#{sym}",
         WEBrick::HTTPServlet::ProcHandler.new(method("do_#{sym}").to_proc)
@@ -490,6 +529,13 @@ private
     res.body = "hello"
   end
 
+  def do_sleep(req, res)
+    sec = req.query['sec'].to_i
+    sleep sec
+    res['content-type'] = 'text/html'
+    res.body = "sleep"
+  end
+
   def start_server_thread(server)
     t = Thread.new {
       Thread.current.abort_on_exception = true

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: httpclient
 version: !ruby/object:Gem::Version
-  version: 2.8.2.4
+  version: 2.8.3
 platform: ruby
 authors:
 - Hiroshi Nakamura
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-10 00:00:00.000000000 Z
+date: 2016-12-09 00:00:00.000000000 Z
 dependencies: []
 description: 
 email: nahi@ruby-lang.org
@@ -69,6 +69,7 @@ files:
 - test/helper.rb
 - test/htdigest
 - test/htpasswd
+- test/jruby_ssl_socket/test_pemutils.rb
 - test/runner.rb
 - test/server.cert
 - test/server.key
@@ -103,7 +104,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.8
 signing_key: 
 specification_version: 4
 summary: gives something like the functionality of libwww-perl (LWP) in Ruby