httpclient 2.8.2.4 → 2.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/lib/hexdump.rb +12 -12
- data/lib/httpclient/http.rb +8 -8
- data/lib/httpclient/jruby_ssl_socket.rb +90 -39
- data/lib/httpclient/session.rb +13 -7
- data/lib/httpclient/ssl_config.rb +75 -123
- data/lib/httpclient/ssl_socket.rb +26 -24
- data/lib/httpclient/util.rb +1 -1
- data/lib/httpclient/version.rb +1 -1
- data/lib/httpclient.rb +7 -1
- data/lib/jsonclient.rb +8 -5
- data/sample/auth.rb +1 -1
- data/sample/generate_test_keys.rb +99 -0
- data/test/ca-chain.pem +32 -36
- data/test/ca.cert +16 -19
- data/test/ca.key +27 -0
- data/test/ca.srl +1 -0
- data/test/client-pass.key +30 -18
- data/test/client.cert +17 -16
- data/test/client.key +25 -13
- data/test/fixtures/verify.alt.cert +20 -0
- data/test/fixtures/verify.foo.cert +20 -0
- data/test/fixtures/verify.key +27 -0
- data/test/fixtures/verify.localhost.cert +20 -0
- data/test/helper.rb +5 -7
- data/test/jruby_ssl_socket/test_pemutils.rb +32 -0
- data/test/server.cert +16 -15
- data/test/server.key +25 -13
- data/test/subca.cert +16 -17
- data/test/subca.key +27 -0
- data/test/subca.srl +1 -0
- data/test/test_auth.rb +21 -17
- data/test/test_hexdump.rb +1 -2
- data/test/test_http-access2.rb +31 -23
- data/test/test_httpclient.rb +69 -58
- data/test/test_jsonclient.rb +18 -0
- data/test/test_ssl.rb +99 -90
- metadata +32 -9
data/test/test_ssl.rb
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
require File.expand_path('helper', File.dirname(__FILE__))
|
2
2
|
require 'webrick/https'
|
3
|
+
require 'time'
|
3
4
|
|
4
5
|
|
5
6
|
class TestSSL < Test::Unit::TestCase
|
@@ -7,6 +8,8 @@ class TestSSL < Test::Unit::TestCase
|
|
7
8
|
|
8
9
|
DIR = File.dirname(File.expand_path(__FILE__))
|
9
10
|
|
11
|
+
OPENSSL_VERSION = Integer(OpenSSL::OPENSSL_LIBRARY_VERSION.match(/OpenSSL (\d+)\./)[1])
|
12
|
+
|
10
13
|
def setup
|
11
14
|
super
|
12
15
|
@serverpid = @client = nil
|
@@ -24,6 +27,10 @@ class TestSSL < Test::Unit::TestCase
|
|
24
27
|
File.expand_path(filename, DIR)
|
25
28
|
end
|
26
29
|
|
30
|
+
def read_path(filename)
|
31
|
+
File.read(path(filename))
|
32
|
+
end
|
33
|
+
|
27
34
|
def test_proxy_ssl
|
28
35
|
setup_proxyserver
|
29
36
|
escape_noproxy do
|
@@ -31,7 +38,7 @@ class TestSSL < Test::Unit::TestCase
|
|
31
38
|
@client.ssl_config.set_client_cert_file(path('client.cert'), path('client.key'))
|
32
39
|
@client.ssl_config.add_trust_ca(path('ca.cert'))
|
33
40
|
@client.ssl_config.add_trust_ca(path('subca.cert'))
|
34
|
-
@client.debug_dev = str = ""
|
41
|
+
@client.debug_dev = str = "".dup
|
35
42
|
assert_equal(200, @client.get(@url).status)
|
36
43
|
assert(/accept/ =~ @proxyio.string, 'proxy is not used')
|
37
44
|
assert(/Host: localhost:#{serverport}/ =~ str)
|
@@ -70,7 +77,7 @@ unless defined?(HTTPClient::JRubySSLSocket)
|
|
70
77
|
end
|
71
78
|
|
72
79
|
def test_debug_dev
|
73
|
-
str = @client.debug_dev = ''
|
80
|
+
str = @client.debug_dev = ''.dup
|
74
81
|
cfg = @client.ssl_config
|
75
82
|
cfg.client_cert = path("client.cert")
|
76
83
|
cfg.client_key = path("client.key")
|
@@ -81,13 +88,14 @@ end
|
|
81
88
|
end
|
82
89
|
|
83
90
|
def test_verification_without_httpclient
|
84
|
-
raw_cert = "-----BEGIN CERTIFICATE-----\
|
85
|
-
raw_ca_cert = "-----BEGIN CERTIFICATE-----\
|
91
|
+
raw_cert = "-----BEGIN CERTIFICATE-----\nMIIDKDCCAhCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES\nMBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X\nDTA0MDEzMTAzMTQ1OFoXDTM1MDEyMzAzMTQ1OFowZTELMAkGA1UEBgwCSlAxEjAQ\nBgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMRAwDgYDVQQDDAdleGFtcGxl\nMSIwIAYJKoZIhvcNAQkBDBNleGFtcGxlQGV4YW1wbGUub3JnMIGfMA0GCSqGSIb3\nDQEBAQUAA4GNADCBiQKBgQDRWssrK8Gyr+500hpLjCGR3+AHL8/hEJM5zKi/MgLW\njTkvsgOwbYwXOiNtAbR9y4/ucDq7EY+cMUMHES4uFaPTcOaAV0aZRmk8AgslN1tQ\ngNS6ew7/Luq3DcVeWkX8PYgR9VG0mD1MPfJ6+IFA5d3vKpdBkBgN4l46jjO0/2Xf\newIDAQABo4GPMIGMMAwGA1UdEwEB/wQCMAAwMQYJYIZIAYb4QgENBCQWIlJ1Ynkv\nT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFOFvay0H7lr2\nxUx6waYEV2bVDYQhMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYI\nKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBABd2dYWqbDIWf5sWFvslezxJv8gI\nw64KCJBuyJAiDuf+oazr3016kMzAlt97KecLZDusGNagPrq02UX7YMoQFsWJBans\ncDtHrkM0al5r6/WGexNMgtYbNTYzt/IwodISGBgZ6dsOuhznwms+IBsTNDAvWeLP\nlt2tOqD8kEmjwMgn0GDRuKjs4EoboA3kMULb1p9akDV9ZESU3eOtpS5/G5J5msLI\n9WXbYBjcjvkLuJH9VsJhb+R58Vl0ViemvAHhPilSl1SPWVunGhv6FcIkdBEi1k9F\ne8BNMmsEjFiANiIRvpdLRbiGBt0KrKTndVfsmoKCvY48oCOvnzxtahFxfs8=\n-----END CERTIFICATE-----"
|
92
|
+
raw_ca_cert = "-----BEGIN CERTIFICATE-----\nMIID0DCCArigAwIBAgIBADANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES\nMBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X\nDTA0MDEzMDAwNDIzMloXDTM2MDEyMjAwNDIzMlowPDELMAkGA1UEBgwCSlAxEjAQ\nBgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQswCQYDVQQDDAJDQTCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbv0x42BTKFEQOE+KJ2XmiSdZpR\nwjzQLAkPLRnLB98tlzs4xo+y4RyY/rd5TT9UzBJTIhP8CJi5GbS1oXEerQXB3P0d\nL5oSSMwGGyuIzgZe5+vZ1kgzQxMEKMMKlzA73rbMd4Jx3u5+jdbP0EDrPYfXSvLY\nbS04n2aX7zrN3x5KdDrNBfwBio2/qeaaj4+9OxnwRvYP3WOvqdW0h329eMfHw0pi\nJI0drIVdsEqClUV4pebT/F+CPUPkEh/weySgo9wANockkYu5ujw2GbLFcO5LXxxm\ndEfcVr3r6t6zOA4bJwL0W/e6LBcrwiG/qPDFErhwtgTLYf6Er67SzLyA66UCAwEA\nAaOB3DCB2TAPBgNVHRMBAf8EBTADAQH/MDEGCWCGSAGG+EIBDQQkFiJSdWJ5L09w\nZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRJ7Xd380KzBV7f\nUSKIQ+O/vKbhDzAOBgNVHQ8BAf8EBAMCAQYwZAYDVR0jBF0wW4AUSe13d/NCswVe\n31EiiEPjv7ym4Q+hQKQ+MDwxCzAJBgNVBAYMAkpQMRIwEAYDVQQKDAlKSU4uR1Iu\nSlAxDDAKBgNVBAsMA1JSUjELMAkGA1UEAwwCQ0GCAQAwDQYJKoZIhvcNAQEFBQAD\nggEBAIu/mfiez5XN5tn2jScgShPgHEFJBR0BTJBZF6xCk0jyqNx/g9HMj2ELCuK+\nr/Y7KFW5c5M3AQ+xWW0ZSc4kvzyTcV7yTVIwj2jZ9ddYMN3nupZFgBK1GB4Y05GY\nMJJFRkSu6d/Ph5ypzBVw2YMT/nsOo5VwMUGLgS7YVjU+u/HNWz80J3oO17mNZllj\nPvORJcnjwlroDnS58KoJ7GDgejv3ESWADvX1OHLE4cRkiQGeLoEU4pxdCxXRqX0U\nPbwIkZN9mXVcrmPHq8MWi4eC/V7hnbZETMHuWhUoiNdOEfsAXr3iP4KjyyRdwc7a\nd/xgcK06UVQRL/HbEYGiQL056mc=\n-----END CERTIFICATE-----"
|
86
93
|
ca_cert = ::OpenSSL::X509::Certificate.new(raw_ca_cert)
|
87
94
|
cert = ::OpenSSL::X509::Certificate.new(raw_cert)
|
88
95
|
store = ::OpenSSL::X509::Store.new
|
89
96
|
store.add_cert(ca_cert)
|
90
|
-
|
97
|
+
store.time = Time.new(2017, 01, 01)
|
98
|
+
assert(store.verify(cert), "Verify failed: #{store.error_string}, #{store.error}")
|
91
99
|
end
|
92
100
|
|
93
101
|
def test_verification
|
@@ -246,6 +254,7 @@ end
|
|
246
254
|
end
|
247
255
|
|
248
256
|
def test_no_sslv3
|
257
|
+
omit('TODO: SSLv3 is not supported in many environments. re-enable when disable TLSv1')
|
249
258
|
teardown_server
|
250
259
|
setup_server_with_ssl_version(:SSLv3)
|
251
260
|
assert_raise(OpenSSL::SSL::SSLError) do
|
@@ -254,17 +263,29 @@ end
|
|
254
263
|
end
|
255
264
|
end
|
256
265
|
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
266
|
+
if OPENSSL_VERSION < 3
|
267
|
+
def test_allow_tlsv1
|
268
|
+
teardown_server
|
269
|
+
setup_server_with_ssl_version(:TLSv1)
|
270
|
+
assert_nothing_raised do
|
271
|
+
@client.ssl_config.verify_mode = nil
|
272
|
+
@client.get("https://localhost:#{serverport}/hello")
|
273
|
+
end
|
274
|
+
end
|
275
|
+
else
|
276
|
+
def test_disallow_tlsv1
|
277
|
+
teardown_server
|
278
|
+
setup_server_with_ssl_version(:TLSv1)
|
279
|
+
ssle = assert_raise(OpenSSL::SSL::SSLError) do
|
280
|
+
@client.ssl_config.verify_mode = nil
|
281
|
+
@client.get("https://localhost:#{serverport}/hello")
|
282
|
+
end
|
283
|
+
assert_match(/tlsv1 alert protocol version/, ssle.message)
|
263
284
|
end
|
264
285
|
end
|
265
286
|
|
266
287
|
def test_use_higher_TLS
|
267
|
-
omit('TODO: it does not pass with Java 7 or old openssl
|
288
|
+
omit('TODO: it does not pass with Java 7 or old openssl')
|
268
289
|
teardown_server
|
269
290
|
setup_server_with_ssl_version('TLSv1_2')
|
270
291
|
assert_nothing_raised do
|
@@ -275,78 +296,14 @@ end
|
|
275
296
|
end
|
276
297
|
end
|
277
298
|
|
278
|
-
VERIFY_TEST_CERT_LOCALHOST = OpenSSL::X509::Certificate.new(<<-EOS)
|
279
|
-
-----BEGIN CERTIFICATE-----
|
280
|
-
MIIB9jCCAV+gAwIBAgIJAIH8Gsm4PcNKMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
|
281
|
-
BAMMCWxvY2FsaG9zdDAeFw0xNjA4MTgxMDI2MDVaFw00NDAxMDMxMDI2MDVaMBQx
|
282
|
-
EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|
283
|
-
p7D8q0lcx5EZEV5+zPnQsxrbft5xyhH/MCStbH46DRATGPNSOaLRCG5r8gTKQzpD
|
284
|
-
4swGrQFYe2ienQ+7o4aEHErsXp4O/EmDKeiXWWrMqPr23r3HOBDebuynC/sCwy7N
|
285
|
-
epnX9u1VLB03eo+suj4d86OoOF+o11t9ZP+GA29Rsf8CAwEAAaNQME4wHQYDVR0O
|
286
|
-
BBYEFIxsJuPVvd5KKFcAvHGSeKSsWiUJMB8GA1UdIwQYMBaAFIxsJuPVvd5KKFcA
|
287
|
-
vHGSeKSsWiUJMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEAMJaVCrrM
|
288
|
-
SM2I06Vr4BL+jtDFhZh3HmJFEDpwEFQ5Y9hduwdUGRBGCpkuea3fE2FKwWW9gLM1
|
289
|
-
w7rFMzYFtCEqm78dJWIU79MRy0wjO4LgtYfoikgBh6JKWuV5ed/+L3sLyLG0ZTtv
|
290
|
-
lrD7lzDtXgwvj007PxDoYRp3JwYzKRmTbH8=
|
291
|
-
-----END CERTIFICATE-----
|
292
|
-
EOS
|
293
|
-
|
294
|
-
VERIFY_TEST_CERT_FOO_DOMAIN = OpenSSL::X509::Certificate.new(<<-EOS)
|
295
|
-
-----BEGIN CERTIFICATE-----
|
296
|
-
MIIB8jCCAVugAwIBAgIJAL/od7Whx7VTMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
|
297
|
-
BAMMB2Zvby5jb20wHhcNMTYwODE4MTAyMzUyWhcNNDQwMTAzMTAyMzUyWjASMRAw
|
298
|
-
DgYDVQQDDAdmb28uY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnsPyr
|
299
|
-
SVzHkRkRXn7M+dCzGtt+3nHKEf8wJK1sfjoNEBMY81I5otEIbmvyBMpDOkPizAat
|
300
|
-
AVh7aJ6dD7ujhoQcSuxeng78SYMp6JdZasyo+vbevcc4EN5u7KcL+wLDLs16mdf2
|
301
|
-
7VUsHTd6j6y6Ph3zo6g4X6jXW31k/4YDb1Gx/wIDAQABo1AwTjAdBgNVHQ4EFgQU
|
302
|
-
jGwm49W93kooVwC8cZJ4pKxaJQkwHwYDVR0jBBgwFoAUjGwm49W93kooVwC8cZJ4
|
303
|
-
pKxaJQkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQCVKTvfxx+yezuR
|
304
|
-
5WpVKw1E9qabKOYFB5TqdHMHreRubMJTaoZC+YzhcCwtyLlAA9+axKINAiMM8T+z
|
305
|
-
jjfOHQSa2GS2TaaVDJWmXIgsAlEbjd2BEiQF0LZYGJRG9pyq0WbTV+CyFdrghjcO
|
306
|
-
xX/t7OG7NfOG9dhv3J+5SX10S5V5Dg==
|
307
|
-
-----END CERTIFICATE-----
|
308
|
-
EOS
|
309
|
-
|
310
|
-
VERIFY_TEST_CERT_ALT_NAME = OpenSSL::X509::Certificate.new(<<-EOS)
|
311
|
-
-----BEGIN CERTIFICATE-----
|
312
|
-
MIICDDCCAXWgAwIBAgIJAOxXY4nOwxhGMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
|
313
|
-
BAMMCWxvY2FsaG9zdDAeFw0xNjA4MTgxMDM0NTJaFw00NDAxMDMxMDM0NTJaMBQx
|
314
|
-
EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|
315
|
-
p7D8q0lcx5EZEV5+zPnQsxrbft5xyhH/MCStbH46DRATGPNSOaLRCG5r8gTKQzpD
|
316
|
-
4swGrQFYe2ienQ+7o4aEHErsXp4O/EmDKeiXWWrMqPr23r3HOBDebuynC/sCwy7N
|
317
|
-
epnX9u1VLB03eo+suj4d86OoOF+o11t9ZP+GA29Rsf8CAwEAAaNmMGQwFAYDVR0R
|
318
|
-
BA0wC4IJKi5mb28uY29tMB0GA1UdDgQWBBSMbCbj1b3eSihXALxxknikrFolCTAf
|
319
|
-
BgNVHSMEGDAWgBSMbCbj1b3eSihXALxxknikrFolCTAMBgNVHRMEBTADAQH/MA0G
|
320
|
-
CSqGSIb3DQEBCwUAA4GBADJlKNFuOnsDIhHGW72HuQw4naN6lM3eZE9JJ+UF/XIF
|
321
|
-
ghGtgqw+00Yy5wMFc1K2Wm4p5NymmDfC/P1FOe34bpxt9/IWm6mEoIWoodC3N4Cm
|
322
|
-
PtnSS1/CRWzVIPGMglTGGDcUc70tfeAWgyTxgcNQd4vTFtnN0f0RDdaXa8kfKMTw
|
323
|
-
-----END CERTIFICATE-----
|
324
|
-
EOS
|
325
|
-
|
326
|
-
VERIFY_TEST_PKEY = OpenSSL::PKey::RSA.new(<<-EOS)
|
327
|
-
-----BEGIN RSA PRIVATE KEY-----
|
328
|
-
MIICXQIBAAKBgQCnsPyrSVzHkRkRXn7M+dCzGtt+3nHKEf8wJK1sfjoNEBMY81I5
|
329
|
-
otEIbmvyBMpDOkPizAatAVh7aJ6dD7ujhoQcSuxeng78SYMp6JdZasyo+vbevcc4
|
330
|
-
EN5u7KcL+wLDLs16mdf27VUsHTd6j6y6Ph3zo6g4X6jXW31k/4YDb1Gx/wIDAQAB
|
331
|
-
AoGAe0RHx+WKtQx8/96VmTl951qzxMPho2etTYd4kAsNwzJwx2N9qu57eBYrdWF+
|
332
|
-
CQMYievucFhP4Y+bINtC1Eb6btz9TCUwjCfeIxfGRoFf3cxVmxlsRJJmN1kSZlu1
|
333
|
-
yYlcMVuP4noeFIMQBRrt5pyLCx2Z9A01NCQT4Y6VoREBIeECQQDWeNhsL6xkrmdB
|
334
|
-
M9+zl+SqHdNKhgKwMdp74+UNnAV9I8GB7bGlOWhc83aqMLgS+JBDFXcmNF/KawTR
|
335
|
-
zcnkod5xAkEAyClFgr3lZQSnwUwoA/AOcyW0+H63taaaXS/g8n3H8ENK6kL4ldUx
|
336
|
-
IgCk2ekbQ5Y3S2WScIGXNxMOza9MlsOvbwJAPUtoPvMZB+U4KVBT/JXKijvf6QqH
|
337
|
-
tidpU8L78XnHr84KPcHa5WeUxgvmvBkUYoebYzC9TrPlNIqFZBi2PJtuYQJBAMda
|
338
|
-
E5j7eJT75fhm2RPS6xFT5MH5sw6AOA3HucrJ63AoFVzsBpl0E9NBwO4ndLgDzF6T
|
339
|
-
cx4Kc4iuunewuB8QFpECQQCfvsHCjIJ/X4kiqeBzxDq2GR/oDgQkOzY+4H9U7Lwl
|
340
|
-
e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
|
341
|
-
-----END RSA PRIVATE KEY-----
|
342
|
-
EOS
|
343
|
-
|
344
299
|
def test_post_connection_check
|
345
300
|
teardown_server
|
346
|
-
setup_server_with_server_cert(
|
347
|
-
|
348
|
-
|
349
|
-
|
301
|
+
setup_server_with_server_cert(
|
302
|
+
nil,
|
303
|
+
OpenSSL::X509::Certificate.new(read_path("fixtures/verify.localhost.cert")),
|
304
|
+
OpenSSL::PKey::RSA.new(read_path("fixtures/verify.key")),
|
305
|
+
)
|
306
|
+
@client.ssl_config.add_trust_ca(path("fixtures/verify.localhost.cert"))
|
350
307
|
assert_nothing_raised do
|
351
308
|
@client.get("https://localhost:#{serverport}/hello")
|
352
309
|
end
|
@@ -357,9 +314,12 @@ e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
|
|
357
314
|
@client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
358
315
|
|
359
316
|
teardown_server
|
360
|
-
setup_server_with_server_cert(
|
361
|
-
|
362
|
-
|
317
|
+
setup_server_with_server_cert(
|
318
|
+
nil,
|
319
|
+
OpenSSL::X509::Certificate.new(read_path("fixtures/verify.foo.cert")),
|
320
|
+
OpenSSL::PKey::RSA.new(read_path("fixtures/verify.key")),
|
321
|
+
)
|
322
|
+
@client.ssl_config.add_trust_ca(path("fixtures/verify.foo.cert"))
|
363
323
|
assert_raises(OpenSSL::SSL::SSLError) do
|
364
324
|
@client.get("https://localhost:#{serverport}/hello")
|
365
325
|
end
|
@@ -370,9 +330,12 @@ e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
|
|
370
330
|
@client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
371
331
|
|
372
332
|
teardown_server
|
373
|
-
setup_server_with_server_cert(
|
374
|
-
|
375
|
-
|
333
|
+
setup_server_with_server_cert(
|
334
|
+
nil,
|
335
|
+
OpenSSL::X509::Certificate.new(read_path("fixtures/verify.alt.cert")),
|
336
|
+
OpenSSL::PKey::RSA.new(read_path("fixtures/verify.key")),
|
337
|
+
)
|
338
|
+
@client.ssl_config.add_trust_ca(path("fixtures/verify.alt.cert"))
|
376
339
|
assert_raises(OpenSSL::SSL::SSLError) do
|
377
340
|
@client.get("https://localhost:#{serverport}/hello")
|
378
341
|
end
|
@@ -385,7 +348,46 @@ e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
|
|
385
348
|
|
386
349
|
def test_x509_store_add_cert_prepend
|
387
350
|
store = OpenSSL::X509::Store.new
|
388
|
-
assert_equal(store, store.add_cert(OpenSSL::X509::Certificate.new(
|
351
|
+
assert_equal(store, store.add_cert(OpenSSL::X509::Certificate.new(read_path("fixtures/verify.localhost.cert"))))
|
352
|
+
end
|
353
|
+
|
354
|
+
def test_tcp_keepalive
|
355
|
+
@client.tcp_keepalive = true
|
356
|
+
@client.ssl_config.add_trust_ca(path('ca-chain.pem'))
|
357
|
+
@client.get_content(@url)
|
358
|
+
|
359
|
+
# expecting HTTP keepalive caches the socket
|
360
|
+
session = @client.instance_variable_get(:@session_manager).send(:get_cached_session, HTTPClient::Site.new(URI.parse(@url)))
|
361
|
+
socket = session.instance_variable_get(:@socket).instance_variable_get(:@socket)
|
362
|
+
|
363
|
+
assert_true(session.tcp_keepalive)
|
364
|
+
if RUBY_ENGINE == 'jruby'
|
365
|
+
assert_true(socket.getKeepAlive())
|
366
|
+
else
|
367
|
+
assert_equal(Socket::SO_KEEPALIVE, socket.getsockopt(Socket::SOL_SOCKET, Socket::SO_KEEPALIVE).optname)
|
368
|
+
end
|
369
|
+
end
|
370
|
+
|
371
|
+
def test_timeout
|
372
|
+
url = "https://localhost:#{serverport}/"
|
373
|
+
@client.ssl_config.add_trust_ca(path('ca-chain.pem'))
|
374
|
+
assert_equal('sleep', @client.get_content(url + 'sleep?sec=2'))
|
375
|
+
@client.receive_timeout = 1
|
376
|
+
@client.reset_all
|
377
|
+
assert_equal('sleep', @client.get_content(url + 'sleep?sec=0'))
|
378
|
+
|
379
|
+
start = Time.now
|
380
|
+
assert_raise(HTTPClient::ReceiveTimeoutError) do
|
381
|
+
@client.get_content(url + 'sleep?sec=5')
|
382
|
+
end
|
383
|
+
if Time.now - start > 3
|
384
|
+
# before #342 it detected timeout when IO was freed
|
385
|
+
fail 'timeout does not work'
|
386
|
+
end
|
387
|
+
|
388
|
+
@client.receive_timeout = 3
|
389
|
+
@client.reset_all
|
390
|
+
assert_equal('sleep', @client.get_content(url + 'sleep?sec=2'))
|
389
391
|
end
|
390
392
|
|
391
393
|
private
|
@@ -420,7 +422,7 @@ private
|
|
420
422
|
:SSLCertName => nil
|
421
423
|
)
|
422
424
|
@serverport = @server.config[:Port]
|
423
|
-
[:hello].each do |sym|
|
425
|
+
[:hello, :sleep].each do |sym|
|
424
426
|
@server.mount(
|
425
427
|
"/#{sym}",
|
426
428
|
WEBrick::HTTPServlet::ProcHandler.new(method("do_#{sym}").to_proc)
|
@@ -490,6 +492,13 @@ private
|
|
490
492
|
res.body = "hello"
|
491
493
|
end
|
492
494
|
|
495
|
+
def do_sleep(req, res)
|
496
|
+
sec = req.query['sec'].to_i
|
497
|
+
sleep sec
|
498
|
+
res['content-type'] = 'text/html'
|
499
|
+
res.body = "sleep"
|
500
|
+
end
|
501
|
+
|
493
502
|
def start_server_thread(server)
|
494
503
|
t = Thread.new {
|
495
504
|
Thread.current.abort_on_exception = true
|
metadata
CHANGED
@@ -1,16 +1,30 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: httpclient
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.9.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Hiroshi Nakamura
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
12
|
-
dependencies:
|
13
|
-
|
11
|
+
date: 2025-02-22 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: mutex_m
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
description:
|
14
28
|
email: nahi@ruby-lang.org
|
15
29
|
executables:
|
16
30
|
- httpclient
|
@@ -46,6 +60,7 @@ files:
|
|
46
60
|
- sample/auth.rb
|
47
61
|
- sample/cookie.rb
|
48
62
|
- sample/dav.rb
|
63
|
+
- sample/generate_test_keys.rb
|
49
64
|
- sample/howto.rb
|
50
65
|
- sample/jsonclient.rb
|
51
66
|
- sample/oauth_buzz.rb
|
@@ -63,17 +78,26 @@ files:
|
|
63
78
|
- sample/wcat.rb
|
64
79
|
- test/ca-chain.pem
|
65
80
|
- test/ca.cert
|
81
|
+
- test/ca.key
|
82
|
+
- test/ca.srl
|
66
83
|
- test/client-pass.key
|
67
84
|
- test/client.cert
|
68
85
|
- test/client.key
|
86
|
+
- test/fixtures/verify.alt.cert
|
87
|
+
- test/fixtures/verify.foo.cert
|
88
|
+
- test/fixtures/verify.key
|
89
|
+
- test/fixtures/verify.localhost.cert
|
69
90
|
- test/helper.rb
|
70
91
|
- test/htdigest
|
71
92
|
- test/htpasswd
|
93
|
+
- test/jruby_ssl_socket/test_pemutils.rb
|
72
94
|
- test/runner.rb
|
73
95
|
- test/server.cert
|
74
96
|
- test/server.key
|
75
97
|
- test/sslsvr.rb
|
76
98
|
- test/subca.cert
|
99
|
+
- test/subca.key
|
100
|
+
- test/subca.srl
|
77
101
|
- test/test_auth.rb
|
78
102
|
- test/test_cookie.rb
|
79
103
|
- test/test_hexdump.rb
|
@@ -87,7 +111,7 @@ homepage: https://github.com/nahi/httpclient
|
|
87
111
|
licenses:
|
88
112
|
- ruby
|
89
113
|
metadata: {}
|
90
|
-
post_install_message:
|
114
|
+
post_install_message:
|
91
115
|
rdoc_options: []
|
92
116
|
require_paths:
|
93
117
|
- lib
|
@@ -102,9 +126,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
102
126
|
- !ruby/object:Gem::Version
|
103
127
|
version: '0'
|
104
128
|
requirements: []
|
105
|
-
|
106
|
-
|
107
|
-
signing_key:
|
129
|
+
rubygems_version: 3.5.3
|
130
|
+
signing_key:
|
108
131
|
specification_version: 4
|
109
132
|
summary: gives something like the functionality of libwww-perl (LWP) in Ruby
|
110
133
|
test_files: []
|