httpclient 2.8.2.4 → 2.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/test/test_ssl.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  require File.expand_path('helper', File.dirname(__FILE__))
2
2
  require 'webrick/https'
3
+ require 'time'
3
4
 
4
5
 
5
6
  class TestSSL < Test::Unit::TestCase
@@ -7,6 +8,8 @@ class TestSSL < Test::Unit::TestCase
7
8
 
8
9
  DIR = File.dirname(File.expand_path(__FILE__))
9
10
 
11
+ OPENSSL_VERSION = Integer(OpenSSL::OPENSSL_LIBRARY_VERSION.match(/OpenSSL (\d+)\./)[1])
12
+
10
13
  def setup
11
14
  super
12
15
  @serverpid = @client = nil
@@ -24,6 +27,10 @@ class TestSSL < Test::Unit::TestCase
24
27
  File.expand_path(filename, DIR)
25
28
  end
26
29
 
30
+ def read_path(filename)
31
+ File.read(path(filename))
32
+ end
33
+
27
34
  def test_proxy_ssl
28
35
  setup_proxyserver
29
36
  escape_noproxy do
@@ -31,7 +38,7 @@ class TestSSL < Test::Unit::TestCase
31
38
  @client.ssl_config.set_client_cert_file(path('client.cert'), path('client.key'))
32
39
  @client.ssl_config.add_trust_ca(path('ca.cert'))
33
40
  @client.ssl_config.add_trust_ca(path('subca.cert'))
34
- @client.debug_dev = str = ""
41
+ @client.debug_dev = str = "".dup
35
42
  assert_equal(200, @client.get(@url).status)
36
43
  assert(/accept/ =~ @proxyio.string, 'proxy is not used')
37
44
  assert(/Host: localhost:#{serverport}/ =~ str)
@@ -70,7 +77,7 @@ unless defined?(HTTPClient::JRubySSLSocket)
70
77
  end
71
78
 
72
79
  def test_debug_dev
73
- str = @client.debug_dev = ''
80
+ str = @client.debug_dev = ''.dup
74
81
  cfg = @client.ssl_config
75
82
  cfg.client_cert = path("client.cert")
76
83
  cfg.client_key = path("client.key")
@@ -81,13 +88,14 @@ end
81
88
  end
82
89
 
83
90
  def test_verification_without_httpclient
84
- raw_cert = "-----BEGIN CERTIFICATE-----\nMIIDOTCCAiGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBCMRMwEQYKCZImiZPyLGQB\nGRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMRAwDgYDVQQDDAdSdWJ5\nIENBMB4XDTE2MDgxMDE3MjEzNFoXDTE3MDgxMDE3MjEzNFowSzETMBEGCgmSJomT\n8ixkARkWA29yZzEZMBcGCgmSJomT8ixkARkWCXJ1YnktbGFuZzEZMBcGA1UEAwwQ\nUnVieSBjZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\nAJCfsSXpSMpmZCVa+ZCM+QDgomnhDlvnrGDq6pasTaIspGTXgws+7r8Dt/cNe6EH\nHJpRH2cGRiO4yPcfcT9eS4X7k8OC4f33wHfACOmLu6LeoNE8ujmSk6L6WzLUI+sE\nnLZbFrXxoAo4XHsm8vEG9C+jEoXZ1p+47wrAGaDwDQTnzlMy4dT9pRQEJP2G/Rry\nUkuZn8SUWmh3/YS78iaSzsNF1cgE1ealHOrPPFDjiCGDaH/LHyUPYlbFSLZ/B7Qx\nLxi5sePLcywWq/EJrmWpgeVTDjtNijsdKv/A3qkY+fm/oD0pzt7XsfJaP9YKNyJO\nQFdxWZeiPcDF+Hwf+IwSr+kCAwEAAaMxMC8wDgYDVR0PAQH/BAQDAgeAMB0GA1Ud\nDgQWBBQNvzYzJyXemGhxbA8NMXLolDnPyjANBgkqhkiG9w0BAQsFAAOCAQEARIJV\noKejGlOTn71QutnNnu07UtTu0IHs6YqjYzzND+m4JXLN+wvYm72AFUG0b1L7dRg0\niK8XjQrlNQNVqP1Mc6tffchy20neOPOHeiO6qTdRU8P2S8D3Uwe+1qhgxjfE+cWc\nwZmWxYK4HA8c58PxWMqrkr2QqXDplG9KWLvOgrtPGiLLZcQSKhvvB63QzItHBDU6\nRayiJY3oPkK/HrIvFlySqFqzWmuyknkciOFywEHQMz/tcSFJ2QFpPj/tBz9VXohH\nZ8KscmfhZrTPBjo+ky1lz/WraWoz4LMiLnkC2ABczWLRSawu+v3Irx1NFJngt05e\npqwtqIUeg7j+JLiTaA==\n-----END CERTIFICATE-----"
85
- raw_ca_cert = "-----BEGIN CERTIFICATE-----\nMIIDYjCCAkqgAwIBAgIBATANBgkqhkiG9w0BAQsFADBCMRMwEQYKCZImiZPyLGQB\nGRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMRAwDgYDVQQDDAdSdWJ5\nIENBMB4XDTE2MDgxMDE3MjA1NFoXDTE4MDgxMDE3MjA1NFowQjETMBEGCgmSJomT\n8ixkARkWA29yZzEZMBcGCgmSJomT8ixkARkWCXJ1YnktbGFuZzEQMA4GA1UEAwwH\nUnVieSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALKGwyM3Ejtl\npo7CqaDlS71gDZn3gm6IwWpmRMLJofSI9LCwAbjijSC2HvO0xUWoYW40FbzjnnEi\ngszsWyPwuQIx9t0bhuAyllNIfImmkaQkrikXKBKzia4jPnbc4iXPnfjuThjESFWl\ntfbN6y1B5TjKhD1KelfakUO+iMu8WlIA9NKQZYfJ/F3QSpP5Iqb3KN/jVifFbDV8\nbAl3Ln4rT2kTCKrZZcl1jmWsJv8jBw6+P7hk0/Mu0JeHAITsjbNbpHd8UXpCfbVs\nsNGZrBU4uJdZ2YTG+Y27/t25jFNQwb+TWbvig7rfdX2sjssuxa00BBxarC08tIVj\nZprM37KcNn8CAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\nAQYwHQYDVR0OBBYEFA2/NjMnJd6YaHFsDw0xcuiUOc/KMB8GA1UdIwQYMBYEFA2/\nNjMnJd6YaHFsDw0xcuiUOc/KMA0GCSqGSIb3DQEBCwUAA4IBAQAJSOw49XqvUll0\n3vU9EAO6yUdeZSsQENIfYbRMQgapbnN1vTyrUjPZkGC5hIE1pVdoHtEoUEICxIwy\nr6BKxiSLBDLp+rvIuDdzMkXIWdUVvTZguVRyKtM2gfnpsPLpVnv+stBmAW2SMyxm\nkymhOpkjdv3He+45uorB3tdfBS9VVomDEUJdg38UE1b5eXRQ3D6gG0iCPFzKszXg\nLoAYhGxtjCJaKlbzduMK0YO6aelgW1+XnVIKcA7DJ9egk5d/dFZBPFfwumwr9hTH\nh7/fp3Fr87weI+CkfmFyJZrsEBlXJBVuvPesMVHTh3Whm5kmCdWcBJU0QmSq42ZL\n72U0PXLR\n-----END CERTIFICATE-----"
91
+ raw_cert = "-----BEGIN CERTIFICATE-----\nMIIDKDCCAhCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES\nMBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X\nDTA0MDEzMTAzMTQ1OFoXDTM1MDEyMzAzMTQ1OFowZTELMAkGA1UEBgwCSlAxEjAQ\nBgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMRAwDgYDVQQDDAdleGFtcGxl\nMSIwIAYJKoZIhvcNAQkBDBNleGFtcGxlQGV4YW1wbGUub3JnMIGfMA0GCSqGSIb3\nDQEBAQUAA4GNADCBiQKBgQDRWssrK8Gyr+500hpLjCGR3+AHL8/hEJM5zKi/MgLW\njTkvsgOwbYwXOiNtAbR9y4/ucDq7EY+cMUMHES4uFaPTcOaAV0aZRmk8AgslN1tQ\ngNS6ew7/Luq3DcVeWkX8PYgR9VG0mD1MPfJ6+IFA5d3vKpdBkBgN4l46jjO0/2Xf\newIDAQABo4GPMIGMMAwGA1UdEwEB/wQCMAAwMQYJYIZIAYb4QgENBCQWIlJ1Ynkv\nT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFOFvay0H7lr2\nxUx6waYEV2bVDYQhMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYI\nKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBABd2dYWqbDIWf5sWFvslezxJv8gI\nw64KCJBuyJAiDuf+oazr3016kMzAlt97KecLZDusGNagPrq02UX7YMoQFsWJBans\ncDtHrkM0al5r6/WGexNMgtYbNTYzt/IwodISGBgZ6dsOuhznwms+IBsTNDAvWeLP\nlt2tOqD8kEmjwMgn0GDRuKjs4EoboA3kMULb1p9akDV9ZESU3eOtpS5/G5J5msLI\n9WXbYBjcjvkLuJH9VsJhb+R58Vl0ViemvAHhPilSl1SPWVunGhv6FcIkdBEi1k9F\ne8BNMmsEjFiANiIRvpdLRbiGBt0KrKTndVfsmoKCvY48oCOvnzxtahFxfs8=\n-----END CERTIFICATE-----"
92
+ raw_ca_cert = "-----BEGIN CERTIFICATE-----\nMIID0DCCArigAwIBAgIBADANBgkqhkiG9w0BAQUFADA8MQswCQYDVQQGDAJKUDES\nMBAGA1UECgwJSklOLkdSLkpQMQwwCgYDVQQLDANSUlIxCzAJBgNVBAMMAkNBMB4X\nDTA0MDEzMDAwNDIzMloXDTM2MDEyMjAwNDIzMlowPDELMAkGA1UEBgwCSlAxEjAQ\nBgNVBAoMCUpJTi5HUi5KUDEMMAoGA1UECwwDUlJSMQswCQYDVQQDDAJDQTCCASIw\nDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANbv0x42BTKFEQOE+KJ2XmiSdZpR\nwjzQLAkPLRnLB98tlzs4xo+y4RyY/rd5TT9UzBJTIhP8CJi5GbS1oXEerQXB3P0d\nL5oSSMwGGyuIzgZe5+vZ1kgzQxMEKMMKlzA73rbMd4Jx3u5+jdbP0EDrPYfXSvLY\nbS04n2aX7zrN3x5KdDrNBfwBio2/qeaaj4+9OxnwRvYP3WOvqdW0h329eMfHw0pi\nJI0drIVdsEqClUV4pebT/F+CPUPkEh/weySgo9wANockkYu5ujw2GbLFcO5LXxxm\ndEfcVr3r6t6zOA4bJwL0W/e6LBcrwiG/qPDFErhwtgTLYf6Er67SzLyA66UCAwEA\nAaOB3DCB2TAPBgNVHRMBAf8EBTADAQH/MDEGCWCGSAGG+EIBDQQkFiJSdWJ5L09w\nZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRJ7Xd380KzBV7f\nUSKIQ+O/vKbhDzAOBgNVHQ8BAf8EBAMCAQYwZAYDVR0jBF0wW4AUSe13d/NCswVe\n31EiiEPjv7ym4Q+hQKQ+MDwxCzAJBgNVBAYMAkpQMRIwEAYDVQQKDAlKSU4uR1Iu\nSlAxDDAKBgNVBAsMA1JSUjELMAkGA1UEAwwCQ0GCAQAwDQYJKoZIhvcNAQEFBQAD\nggEBAIu/mfiez5XN5tn2jScgShPgHEFJBR0BTJBZF6xCk0jyqNx/g9HMj2ELCuK+\nr/Y7KFW5c5M3AQ+xWW0ZSc4kvzyTcV7yTVIwj2jZ9ddYMN3nupZFgBK1GB4Y05GY\nMJJFRkSu6d/Ph5ypzBVw2YMT/nsOo5VwMUGLgS7YVjU+u/HNWz80J3oO17mNZllj\nPvORJcnjwlroDnS58KoJ7GDgejv3ESWADvX1OHLE4cRkiQGeLoEU4pxdCxXRqX0U\nPbwIkZN9mXVcrmPHq8MWi4eC/V7hnbZETMHuWhUoiNdOEfsAXr3iP4KjyyRdwc7a\nd/xgcK06UVQRL/HbEYGiQL056mc=\n-----END CERTIFICATE-----"
86
93
  ca_cert = ::OpenSSL::X509::Certificate.new(raw_ca_cert)
87
94
  cert = ::OpenSSL::X509::Certificate.new(raw_cert)
88
95
  store = ::OpenSSL::X509::Store.new
89
96
  store.add_cert(ca_cert)
90
- assert(store.verify(cert))
97
+ store.time = Time.new(2017, 01, 01)
98
+ assert(store.verify(cert), "Verify failed: #{store.error_string}, #{store.error}")
91
99
  end
92
100
 
93
101
  def test_verification
@@ -246,6 +254,7 @@ end
246
254
  end
247
255
 
248
256
  def test_no_sslv3
257
+ omit('TODO: SSLv3 is not supported in many environments. re-enable when disable TLSv1')
249
258
  teardown_server
250
259
  setup_server_with_ssl_version(:SSLv3)
251
260
  assert_raise(OpenSSL::SSL::SSLError) do
@@ -254,17 +263,29 @@ end
254
263
  end
255
264
  end
256
265
 
257
- def test_allow_tlsv1
258
- teardown_server
259
- setup_server_with_ssl_version(:TLSv1)
260
- assert_nothing_raised do
261
- @client.ssl_config.verify_mode = nil
262
- @client.get("https://localhost:#{serverport}/hello")
266
+ if OPENSSL_VERSION < 3
267
+ def test_allow_tlsv1
268
+ teardown_server
269
+ setup_server_with_ssl_version(:TLSv1)
270
+ assert_nothing_raised do
271
+ @client.ssl_config.verify_mode = nil
272
+ @client.get("https://localhost:#{serverport}/hello")
273
+ end
274
+ end
275
+ else
276
+ def test_disallow_tlsv1
277
+ teardown_server
278
+ setup_server_with_ssl_version(:TLSv1)
279
+ ssle = assert_raise(OpenSSL::SSL::SSLError) do
280
+ @client.ssl_config.verify_mode = nil
281
+ @client.get("https://localhost:#{serverport}/hello")
282
+ end
283
+ assert_match(/tlsv1 alert protocol version/, ssle.message)
263
284
  end
264
285
  end
265
286
 
266
287
  def test_use_higher_TLS
267
- omit('TODO: it does not pass with Java 7 or old openssl ')
288
+ omit('TODO: it does not pass with Java 7 or old openssl')
268
289
  teardown_server
269
290
  setup_server_with_ssl_version('TLSv1_2')
270
291
  assert_nothing_raised do
@@ -275,78 +296,14 @@ end
275
296
  end
276
297
  end
277
298
 
278
- VERIFY_TEST_CERT_LOCALHOST = OpenSSL::X509::Certificate.new(<<-EOS)
279
- -----BEGIN CERTIFICATE-----
280
- MIIB9jCCAV+gAwIBAgIJAIH8Gsm4PcNKMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
281
- BAMMCWxvY2FsaG9zdDAeFw0xNjA4MTgxMDI2MDVaFw00NDAxMDMxMDI2MDVaMBQx
282
- EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
283
- p7D8q0lcx5EZEV5+zPnQsxrbft5xyhH/MCStbH46DRATGPNSOaLRCG5r8gTKQzpD
284
- 4swGrQFYe2ienQ+7o4aEHErsXp4O/EmDKeiXWWrMqPr23r3HOBDebuynC/sCwy7N
285
- epnX9u1VLB03eo+suj4d86OoOF+o11t9ZP+GA29Rsf8CAwEAAaNQME4wHQYDVR0O
286
- BBYEFIxsJuPVvd5KKFcAvHGSeKSsWiUJMB8GA1UdIwQYMBaAFIxsJuPVvd5KKFcA
287
- vHGSeKSsWiUJMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEAMJaVCrrM
288
- SM2I06Vr4BL+jtDFhZh3HmJFEDpwEFQ5Y9hduwdUGRBGCpkuea3fE2FKwWW9gLM1
289
- w7rFMzYFtCEqm78dJWIU79MRy0wjO4LgtYfoikgBh6JKWuV5ed/+L3sLyLG0ZTtv
290
- lrD7lzDtXgwvj007PxDoYRp3JwYzKRmTbH8=
291
- -----END CERTIFICATE-----
292
- EOS
293
-
294
- VERIFY_TEST_CERT_FOO_DOMAIN = OpenSSL::X509::Certificate.new(<<-EOS)
295
- -----BEGIN CERTIFICATE-----
296
- MIIB8jCCAVugAwIBAgIJAL/od7Whx7VTMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
297
- BAMMB2Zvby5jb20wHhcNMTYwODE4MTAyMzUyWhcNNDQwMTAzMTAyMzUyWjASMRAw
298
- DgYDVQQDDAdmb28uY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnsPyr
299
- SVzHkRkRXn7M+dCzGtt+3nHKEf8wJK1sfjoNEBMY81I5otEIbmvyBMpDOkPizAat
300
- AVh7aJ6dD7ujhoQcSuxeng78SYMp6JdZasyo+vbevcc4EN5u7KcL+wLDLs16mdf2
301
- 7VUsHTd6j6y6Ph3zo6g4X6jXW31k/4YDb1Gx/wIDAQABo1AwTjAdBgNVHQ4EFgQU
302
- jGwm49W93kooVwC8cZJ4pKxaJQkwHwYDVR0jBBgwFoAUjGwm49W93kooVwC8cZJ4
303
- pKxaJQkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQCVKTvfxx+yezuR
304
- 5WpVKw1E9qabKOYFB5TqdHMHreRubMJTaoZC+YzhcCwtyLlAA9+axKINAiMM8T+z
305
- jjfOHQSa2GS2TaaVDJWmXIgsAlEbjd2BEiQF0LZYGJRG9pyq0WbTV+CyFdrghjcO
306
- xX/t7OG7NfOG9dhv3J+5SX10S5V5Dg==
307
- -----END CERTIFICATE-----
308
- EOS
309
-
310
- VERIFY_TEST_CERT_ALT_NAME = OpenSSL::X509::Certificate.new(<<-EOS)
311
- -----BEGIN CERTIFICATE-----
312
- MIICDDCCAXWgAwIBAgIJAOxXY4nOwxhGMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
313
- BAMMCWxvY2FsaG9zdDAeFw0xNjA4MTgxMDM0NTJaFw00NDAxMDMxMDM0NTJaMBQx
314
- EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
315
- p7D8q0lcx5EZEV5+zPnQsxrbft5xyhH/MCStbH46DRATGPNSOaLRCG5r8gTKQzpD
316
- 4swGrQFYe2ienQ+7o4aEHErsXp4O/EmDKeiXWWrMqPr23r3HOBDebuynC/sCwy7N
317
- epnX9u1VLB03eo+suj4d86OoOF+o11t9ZP+GA29Rsf8CAwEAAaNmMGQwFAYDVR0R
318
- BA0wC4IJKi5mb28uY29tMB0GA1UdDgQWBBSMbCbj1b3eSihXALxxknikrFolCTAf
319
- BgNVHSMEGDAWgBSMbCbj1b3eSihXALxxknikrFolCTAMBgNVHRMEBTADAQH/MA0G
320
- CSqGSIb3DQEBCwUAA4GBADJlKNFuOnsDIhHGW72HuQw4naN6lM3eZE9JJ+UF/XIF
321
- ghGtgqw+00Yy5wMFc1K2Wm4p5NymmDfC/P1FOe34bpxt9/IWm6mEoIWoodC3N4Cm
322
- PtnSS1/CRWzVIPGMglTGGDcUc70tfeAWgyTxgcNQd4vTFtnN0f0RDdaXa8kfKMTw
323
- -----END CERTIFICATE-----
324
- EOS
325
-
326
- VERIFY_TEST_PKEY = OpenSSL::PKey::RSA.new(<<-EOS)
327
- -----BEGIN RSA PRIVATE KEY-----
328
- MIICXQIBAAKBgQCnsPyrSVzHkRkRXn7M+dCzGtt+3nHKEf8wJK1sfjoNEBMY81I5
329
- otEIbmvyBMpDOkPizAatAVh7aJ6dD7ujhoQcSuxeng78SYMp6JdZasyo+vbevcc4
330
- EN5u7KcL+wLDLs16mdf27VUsHTd6j6y6Ph3zo6g4X6jXW31k/4YDb1Gx/wIDAQAB
331
- AoGAe0RHx+WKtQx8/96VmTl951qzxMPho2etTYd4kAsNwzJwx2N9qu57eBYrdWF+
332
- CQMYievucFhP4Y+bINtC1Eb6btz9TCUwjCfeIxfGRoFf3cxVmxlsRJJmN1kSZlu1
333
- yYlcMVuP4noeFIMQBRrt5pyLCx2Z9A01NCQT4Y6VoREBIeECQQDWeNhsL6xkrmdB
334
- M9+zl+SqHdNKhgKwMdp74+UNnAV9I8GB7bGlOWhc83aqMLgS+JBDFXcmNF/KawTR
335
- zcnkod5xAkEAyClFgr3lZQSnwUwoA/AOcyW0+H63taaaXS/g8n3H8ENK6kL4ldUx
336
- IgCk2ekbQ5Y3S2WScIGXNxMOza9MlsOvbwJAPUtoPvMZB+U4KVBT/JXKijvf6QqH
337
- tidpU8L78XnHr84KPcHa5WeUxgvmvBkUYoebYzC9TrPlNIqFZBi2PJtuYQJBAMda
338
- E5j7eJT75fhm2RPS6xFT5MH5sw6AOA3HucrJ63AoFVzsBpl0E9NBwO4ndLgDzF6T
339
- cx4Kc4iuunewuB8QFpECQQCfvsHCjIJ/X4kiqeBzxDq2GR/oDgQkOzY+4H9U7Lwl
340
- e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
341
- -----END RSA PRIVATE KEY-----
342
- EOS
343
-
344
299
  def test_post_connection_check
345
300
  teardown_server
346
- setup_server_with_server_cert(nil, VERIFY_TEST_CERT_LOCALHOST, VERIFY_TEST_PKEY)
347
- file = Tempfile.new('cert')
348
- File.write(file.path, VERIFY_TEST_CERT_LOCALHOST.to_pem)
349
- @client.ssl_config.add_trust_ca(file.path)
301
+ setup_server_with_server_cert(
302
+ nil,
303
+ OpenSSL::X509::Certificate.new(read_path("fixtures/verify.localhost.cert")),
304
+ OpenSSL::PKey::RSA.new(read_path("fixtures/verify.key")),
305
+ )
306
+ @client.ssl_config.add_trust_ca(path("fixtures/verify.localhost.cert"))
350
307
  assert_nothing_raised do
351
308
  @client.get("https://localhost:#{serverport}/hello")
352
309
  end
@@ -357,9 +314,12 @@ e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
357
314
  @client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
358
315
 
359
316
  teardown_server
360
- setup_server_with_server_cert(nil, VERIFY_TEST_CERT_FOO_DOMAIN, VERIFY_TEST_PKEY)
361
- File.write(file.path, VERIFY_TEST_CERT_FOO_DOMAIN.to_pem)
362
- @client.ssl_config.add_trust_ca(file.path)
317
+ setup_server_with_server_cert(
318
+ nil,
319
+ OpenSSL::X509::Certificate.new(read_path("fixtures/verify.foo.cert")),
320
+ OpenSSL::PKey::RSA.new(read_path("fixtures/verify.key")),
321
+ )
322
+ @client.ssl_config.add_trust_ca(path("fixtures/verify.foo.cert"))
363
323
  assert_raises(OpenSSL::SSL::SSLError) do
364
324
  @client.get("https://localhost:#{serverport}/hello")
365
325
  end
@@ -370,9 +330,12 @@ e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
370
330
  @client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
371
331
 
372
332
  teardown_server
373
- setup_server_with_server_cert(nil, VERIFY_TEST_CERT_ALT_NAME, VERIFY_TEST_PKEY)
374
- File.write(file.path, VERIFY_TEST_CERT_ALT_NAME.to_pem)
375
- @client.ssl_config.add_trust_ca(file.path)
333
+ setup_server_with_server_cert(
334
+ nil,
335
+ OpenSSL::X509::Certificate.new(read_path("fixtures/verify.alt.cert")),
336
+ OpenSSL::PKey::RSA.new(read_path("fixtures/verify.key")),
337
+ )
338
+ @client.ssl_config.add_trust_ca(path("fixtures/verify.alt.cert"))
376
339
  assert_raises(OpenSSL::SSL::SSLError) do
377
340
  @client.get("https://localhost:#{serverport}/hello")
378
341
  end
@@ -385,7 +348,46 @@ e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
385
348
 
386
349
  def test_x509_store_add_cert_prepend
387
350
  store = OpenSSL::X509::Store.new
388
- assert_equal(store, store.add_cert(OpenSSL::X509::Certificate.new(VERIFY_TEST_CERT_LOCALHOST)))
351
+ assert_equal(store, store.add_cert(OpenSSL::X509::Certificate.new(read_path("fixtures/verify.localhost.cert"))))
352
+ end
353
+
354
+ def test_tcp_keepalive
355
+ @client.tcp_keepalive = true
356
+ @client.ssl_config.add_trust_ca(path('ca-chain.pem'))
357
+ @client.get_content(@url)
358
+
359
+ # expecting HTTP keepalive caches the socket
360
+ session = @client.instance_variable_get(:@session_manager).send(:get_cached_session, HTTPClient::Site.new(URI.parse(@url)))
361
+ socket = session.instance_variable_get(:@socket).instance_variable_get(:@socket)
362
+
363
+ assert_true(session.tcp_keepalive)
364
+ if RUBY_ENGINE == 'jruby'
365
+ assert_true(socket.getKeepAlive())
366
+ else
367
+ assert_equal(Socket::SO_KEEPALIVE, socket.getsockopt(Socket::SOL_SOCKET, Socket::SO_KEEPALIVE).optname)
368
+ end
369
+ end
370
+
371
+ def test_timeout
372
+ url = "https://localhost:#{serverport}/"
373
+ @client.ssl_config.add_trust_ca(path('ca-chain.pem'))
374
+ assert_equal('sleep', @client.get_content(url + 'sleep?sec=2'))
375
+ @client.receive_timeout = 1
376
+ @client.reset_all
377
+ assert_equal('sleep', @client.get_content(url + 'sleep?sec=0'))
378
+
379
+ start = Time.now
380
+ assert_raise(HTTPClient::ReceiveTimeoutError) do
381
+ @client.get_content(url + 'sleep?sec=5')
382
+ end
383
+ if Time.now - start > 3
384
+ # before #342 it detected timeout when IO was freed
385
+ fail 'timeout does not work'
386
+ end
387
+
388
+ @client.receive_timeout = 3
389
+ @client.reset_all
390
+ assert_equal('sleep', @client.get_content(url + 'sleep?sec=2'))
389
391
  end
390
392
 
391
393
  private
@@ -420,7 +422,7 @@ private
420
422
  :SSLCertName => nil
421
423
  )
422
424
  @serverport = @server.config[:Port]
423
- [:hello].each do |sym|
425
+ [:hello, :sleep].each do |sym|
424
426
  @server.mount(
425
427
  "/#{sym}",
426
428
  WEBrick::HTTPServlet::ProcHandler.new(method("do_#{sym}").to_proc)
@@ -490,6 +492,13 @@ private
490
492
  res.body = "hello"
491
493
  end
492
494
 
495
+ def do_sleep(req, res)
496
+ sec = req.query['sec'].to_i
497
+ sleep sec
498
+ res['content-type'] = 'text/html'
499
+ res.body = "sleep"
500
+ end
501
+
493
502
  def start_server_thread(server)
494
503
  t = Thread.new {
495
504
  Thread.current.abort_on_exception = true
metadata CHANGED
@@ -1,16 +1,30 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: httpclient
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.8.2.4
4
+ version: 2.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Hiroshi Nakamura
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-09-10 00:00:00.000000000 Z
12
- dependencies: []
13
- description:
11
+ date: 2025-02-22 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: mutex_m
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ description:
14
28
  email: nahi@ruby-lang.org
15
29
  executables:
16
30
  - httpclient
@@ -46,6 +60,7 @@ files:
46
60
  - sample/auth.rb
47
61
  - sample/cookie.rb
48
62
  - sample/dav.rb
63
+ - sample/generate_test_keys.rb
49
64
  - sample/howto.rb
50
65
  - sample/jsonclient.rb
51
66
  - sample/oauth_buzz.rb
@@ -63,17 +78,26 @@ files:
63
78
  - sample/wcat.rb
64
79
  - test/ca-chain.pem
65
80
  - test/ca.cert
81
+ - test/ca.key
82
+ - test/ca.srl
66
83
  - test/client-pass.key
67
84
  - test/client.cert
68
85
  - test/client.key
86
+ - test/fixtures/verify.alt.cert
87
+ - test/fixtures/verify.foo.cert
88
+ - test/fixtures/verify.key
89
+ - test/fixtures/verify.localhost.cert
69
90
  - test/helper.rb
70
91
  - test/htdigest
71
92
  - test/htpasswd
93
+ - test/jruby_ssl_socket/test_pemutils.rb
72
94
  - test/runner.rb
73
95
  - test/server.cert
74
96
  - test/server.key
75
97
  - test/sslsvr.rb
76
98
  - test/subca.cert
99
+ - test/subca.key
100
+ - test/subca.srl
77
101
  - test/test_auth.rb
78
102
  - test/test_cookie.rb
79
103
  - test/test_hexdump.rb
@@ -87,7 +111,7 @@ homepage: https://github.com/nahi/httpclient
87
111
  licenses:
88
112
  - ruby
89
113
  metadata: {}
90
- post_install_message:
114
+ post_install_message:
91
115
  rdoc_options: []
92
116
  require_paths:
93
117
  - lib
@@ -102,9 +126,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
102
126
  - !ruby/object:Gem::Version
103
127
  version: '0'
104
128
  requirements: []
105
- rubyforge_project:
106
- rubygems_version: 2.5.1
107
- signing_key:
129
+ rubygems_version: 3.5.3
130
+ signing_key:
108
131
  specification_version: 4
109
132
  summary: gives something like the functionality of libwww-perl (LWP) in Ruby
110
133
  test_files: []