manticore 0.6.3-java → 0.8.0-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 8b96d1eb1f7f1e5b6885a5f08e24ba394ac9fac0
-  data.tar.gz: 1ff15070f745905119d536ae7df328ce845990a6
+SHA256:
+  metadata.gz: 063b0fd32e3dfbee4335d04293e098e8b1bc054ecd727ff51011e6eef3675c4b
+  data.tar.gz: 8a5da3e5e6433d7d57e388069e95393fbc66220f1695ab7b1443f9dc49f84d11
 SHA512:
-  metadata.gz: 1f08d3632cbe683ce2456e4cde41d05545bdf5926992067f06f25af1477d9a31bac90d797a88a4f4d4a7a56477afd9f725981958ac3082e501c18199da4875b3
-  data.tar.gz: d2231b58a53b86bd77af5c2f27f79d9a4ece0d72cffbace8c1a830fefcd33a84f5c710f93d1e55e76637ab48d5966c79f466ee40c911418a59e4ce440576a8c7
+  metadata.gz: db22357ef64973e1452bb970dbb2d7a6c960c895db7d0afe1ae96339f414a06dba8c1039b7f5d3d0ce493443317a9d72c7dce04e7c7fbab98704e55e124d2766
+  data.tar.gz: 6744d52a35f0e94d23db237b9f364353eeec4bb3667eb35a06620cf16b676e5b49bd76bb12ba7296f6924b2b7ae052cb4f1d443a6f1e87b00d32b9d1af60c507

data/.gitlab-ci.yml

@@ -0,0 +1,42 @@
+.default: &default
+  variables:
+    TERM: xterm-256color
+    JRUBY_OPTS: --debug
+  cache:
+    paths:
+      - bundler --path vendor/bundle
+      - $HOME/.m2
+  before_script:
+    - apt update && apt install -y git
+    - gem install ruby-maven
+    - bundle install --path vendor/bundle
+  script:
+    - bundle exec rake
+
+test jruby-9.2:
+  <<: *default
+  image: jruby:9.2
+  artifacts:
+    expire_in: 3 days
+    paths:
+      - coverage
+
+test jruby-9.1:
+  <<: *default
+  image: jruby:9.1
+
+test jruby-1.7:
+  <<: *default
+  image: jruby:1.7
+
+pages:
+  stage: deploy
+  only:
+    - master
+  artifacts:
+    expire_in: 3 days
+    paths:
+      - public
+  script:
+    - mkdir -p public
+    - mv coverage/ public/coverage/

data/.travis.yml

@@ -1,23 +1,22 @@
+dist: trusty # due Oracle JDK
 language: ruby
-sudo: false
 cache:
   - bundler
   - directories:
     - $HOME/.m2
 rvm:
-  - jruby-1.7
-  - jruby-9.0.5.0
+  - jruby-9.2.19.0 # Ruby 2.5
 jdk:
   - oraclejdk8
-  - openjdk7
+  - openjdk8
+  - openjdk11
 before_install:
-  - gem install ruby-maven bundler
-  - bundle install
+  - gem install bundler -v 1.17.3
 matrix:
   include:
-    - rvm: jruby-9.2.0.0
-      jdk: oraclejdk8
     - rvm: jruby-head
-      jdk: oraclejdk8
+      jdk: openjdk11
+    - rvm: jruby-9.1.17.0 # Ruby 2.3
+      jdk: openjdk8
   allow_failures:
     - rvm: jruby-head

data/CHANGELOG.md

@@ -1,5 +1,34 @@
+### v0.8.0
+
+* [feat] restore compat with (legacy) verify: false (#102)
+* Accept untrusted certs when SSL verify is disabled (#100)
+* [deps] update http-client to 4.5.13 (#99)
+
+## v0.7
+
+### v0.7.1
+
+* Don't override certificates with same Subject (#93)
+* Set Java cause for ManticoreException types (#96)
+* Fix SSL handshake hang indefinitely (#98)
+
+### v0.7.0
+
+* Drop support for JRuby 1.7. It probably still works, but we don't test against it anymore
+* Fix a thread safety issue with regards to adding requests to the parallel execution queue while the client is already processing a queue (#80)
+
 ## v0.6
 
+### v0.6.4
+
+* client_cert and client_key now take the literal keys as strings, OpenSSL::X509::Certificate/OpenSSL::PKey::Pkey instances, or key file paths. (#77)
+* Reduced unnecessary string copying (!78 - thanks @kares)
+
+### v0.6.2-v0.6.3
+
+* Fixed the use of authentication information in proxy URLs (#71)
+* Changed the default encoding to UTF-8 when a response MIME is application/json (#70)
+
 ### v0.6.1
 
 * Manticore will accept a URI object (which it calls #to_s on) as an alternate to a String for the URL in client#get(url)

data/Gemfile

@@ -8,7 +8,9 @@ group :development, :test do
   gem "rspec", "~> 3.0"
   gem "rspec-its"
   gem "httpclient", "~> 2.3"
-  gem "rack", "~> 1.5"
+  gem "rack", ">= 2.1.4"
   gem "rake-compiler"
   gem "gserver"
-end
+  gem "simplecov"
+  gem "json"
+end

data/README.md

@@ -1,6 +1,8 @@
 # Manticore
 
-[![Build Status](https://travis-ci.org/cheald/manticore.svg?branch=master)](https://travis-ci.org/cheald/manticore)
+**Note**: While I'll continue to maintain the library here, I've moved the canonical copy to Gitlab at https://gitlab.com/cheald/manticore - it is preferred that you submit issues and PRs there.
+
+[![Build Status](https://app.travis-ci.com/cheald/manticore.svg?branch=master)](https://app.travis-ci.com/cheald/manticore)
 
 Manticore is a fast, robust HTTP client built on the Apache HTTPClient libraries. It is only compatible with JRuby.
 
@@ -88,7 +90,11 @@ For detailed documentation, see the [full Manticore::Client documentation](http:
 Rather than using the Facade, you can create your own standalone Client instances. When you create a `Client`, you will pass various parameters that it will use to set up the pool.
 
 ```ruby
-client = Manticore::Client.new(request_timeout: 5, connect_timeout: 5, socket_timeout: 5, pool_max: 10, pool_max_per_route: 2)
+client = Manticore::Client.new(request_timeout: 5,
+                               connect_timeout: 5,
+                               socket_timeout: 5,
+                               pool_max: 10,
+                               pool_max_per_route: 2)
 ```
 
 Then, you can make requests from the client. Pooling and route maximum constraints are automatically managed:
@@ -120,11 +126,20 @@ per-route concurrency limits, and other neat things. In general, you should crea
 To set this up, you might create 2 pools, each configured for the task:
 
 ```ruby
-general_http_client    = Manticore::Client.new connect_timeout: 10, socket_timeout: 10, request_timeout: 10, follow_redirects: true, max_per_route: 2
+general_http_client    = Manticore::Client.new(connect_timeout: 10,
+                                               socket_timeout: 10,
+                                               request_timeout: 10,
+                                               follow_redirects: true,
+                                               max_per_route: 2)
 # With an OpenSSL CA store
-proxied_backend_client = Manticore::Client.new proxy: "https://backend.internal:4242", ssl: {ca_file: "my_certs.pem"}
+proxied_backend_client = Manticore::Client.new(proxy: "https://backend.internal:4242",
+                                               ssl: { ca_file: "my_certs.pem" })
 # Or with a .jks truststore
-# proxied_backend_client = Manticore::Client.new proxy: "https://backend.internal:4242", ssl: {truststore: "./truststore.jks", truststore_password: "s3cr3t"}
+proxied_backend_client = Manticore::Client.new(proxy: "https://backend.internal:4242",
+                                               ssl: {
+                                                 truststore: "./truststore.jks",
+                                                 truststore_password: "s3cr3t"
+                                               })
 ```
 
 This would create 2 separate request pools; the first would be configured with generous timeouts and redirect following, and would use the system

data/Rakefile

@@ -36,6 +36,7 @@ task :generate_certs do
     # Create the CA
     "#{openssl} genrsa 4096 | #{openssl} pkcs8 -topk8 -nocrypt -out #{root}/root-ca.key",
     "#{openssl} req -sha256 -x509 -newkey rsa:4096 -nodes -key #{root}/root-ca.key -sha256 -days 365 -out #{root}/root-ca.crt -subj \"/C=US/ST=The Internet/L=The Internet/O=Manticore CA/OU=Manticore/CN=localhost\"",
+    "#{openssl} req -sha256 -x509 -newkey rsa:4096 -nodes -key #{root}/root-ca.key -sha256 -days 365 -out #{root}/root-untrusted-ca.crt -subj \"/C=US/ST=The Darknet/L=The Darknet/O=Manticore CA/OU=Manticore/CN=localhost\"",
 
     # Create the client CSR, key, and signed cert
     "#{openssl} genrsa 4096 | #{openssl} pkcs8 -topk8 -nocrypt -out #{root}/client.key",
@@ -48,6 +49,7 @@ task :generate_certs do
     "#{openssl} req -sha256 -key #{root}/host.key -newkey rsa:4096 -out #{root}/host.csr -subj \"/C=US/ST=The Internet/L=The Internet/O=Manticore Host/OU=Manticore/CN=localhost\"",
     "#{openssl} x509 -req -in #{root}/host.csr -CA #{root}/root-ca.crt -CAkey #{root}/root-ca.key -CAcreateserial -out #{root}/host.crt -sha256 -days 1",
     "#{openssl} x509 -req -in #{root}/host.csr -CA #{root}/root-ca.crt -CAkey #{root}/root-ca.key -CAcreateserial -out #{root}/host-expired.crt -sha256 -days -7",
+    "#{openssl} x509 -req -in #{root}/host.csr -CA #{root}/root-untrusted-ca.crt -CAkey #{root}/root-ca.key -CAcreateserial -out #{root}/host-untrusted.crt -sha256 -days 1",
 
     "#{keytool} -import -file #{root}/root-ca.crt -alias rootCA -keystore #{root}/truststore.jks -noprompt -storepass test123",
     "#{openssl} pkcs12 -export -clcerts -out #{root}/client.p12 -inkey #{root}/client.key -in #{root}/client.crt -certfile #{root}/root-ca.crt -password pass:test123",

data/ext/manticore/org/manticore/Manticore.java

@@ -66,7 +66,7 @@ public class Manticore implements Library {
 
     private IRubyObject readWholeEntity(ThreadContext context, HttpEntity entity, Encoding encoding) throws IOException {
       ByteList bl = new ByteList(EntityUtils.toByteArray(entity), false);
-      return RubyString.newStringShared(context.getRuntime(), bl, encoding);
+      return RubyString.newString(context.getRuntime(), bl, encoding);
     }
 
     private IRubyObject streamEntity(ThreadContext context, HttpEntity entity, Encoding encoding, Block block) throws IOException {
@@ -86,7 +86,7 @@ public class Manticore implements Library {
         byte[] tmp = new byte[4096];
         int l;
         while((l = instream.read(tmp)) != -1) {
-          block.call( context, RubyString.newString(context.getRuntime(), new ByteList(tmp, 0, l, true), encoding) );
+          block.call( context, RubyString.newStringShared(context.getRuntime(), new ByteList(tmp, 0, l, false), encoding) );
         }
       } finally {
         instream.close();
@@ -94,4 +94,4 @@ public class Manticore implements Library {
       return context.nil;
     }
   }
-}
+}

data/lib/faraday/adapter/manticore.rb

@@ -20,17 +20,12 @@ module Faraday
         ParallelManager.new
       end
 
-      def initialize(app, connection_options = {})
-        @connection_options = connection_options
-        super(app)
-      end
-
       def client(env)
         @client ||= begin
           opts = {}
           if ssl = env[:ssl].to_hash
             opts[:ssl] = {}
-            opts[:ssl][:verify] = :disable if ssl[:verify] == false
+            opts[:ssl][:verify] = ssl[:verify] unless ssl[:verify].nil?
             opts[:ssl][:ca_file] = ssl[:ca_file]
             opts[:ssl][:client_cert] = ssl[:client_cert]
             opts[:ssl][:client_key] = ssl[:client_key]

data/lib/manticore/client.rb

@@ -1,6 +1,7 @@
 require "thread"
 require "base64"
 require "weakref"
+require "openssl_pkcs8_pure"
 
 module Manticore
   # @!macro [new] http_method_shared
@@ -68,10 +69,8 @@ module Manticore
     include_package "org.apache.http.client.config"
     include_package "org.apache.http.config"
     include_package "org.apache.http.conn.socket"
-    include_package "org.apache.http.impl"
     include_package "org.apache.http.impl.client"
     include_package "org.apache.http.impl.conn"
-    include_package "org.apache.http.impl.auth"
     include_package "org.apache.http.entity"
     include_package "org.apache.http.message"
     include_package "org.apache.http.params"
@@ -79,16 +78,21 @@ module Manticore
     include_package "org.apache.http.auth"
     include_package "java.util.concurrent"
     include_package "org.apache.http.client.protocol"
-    include_package "org.apache.http.conn.ssl"
     include_package "java.security.cert"
     include_package "java.security.spec"
     include_package "java.security"
-    include_package "org.apache.http.client.utils"
     java_import "org.apache.http.HttpHost"
     java_import "javax.net.ssl.SSLContext"
     java_import "org.manticore.HttpGetWithEntity"
     java_import "org.manticore.HttpDeleteWithEntity"
     java_import "org.apache.http.auth.UsernamePasswordCredentials"
+    java_import "org.apache.http.conn.ssl.SSLConnectionSocketFactory"
+    java_import "org.apache.http.conn.ssl.SSLContextBuilder"
+    java_import "org.apache.http.conn.ssl.TrustAllStrategy"
+    java_import "org.apache.http.conn.ssl.TrustSelfSignedStrategy"
+    java_import "org.apache.http.client.utils.URIBuilder"
+    java_import "org.apache.http.impl.DefaultConnectionReuseStrategy"
+    java_import "org.apache.http.impl.auth.BasicScheme"
 
     # This is a class rather than a proc because the proc holds a closure around
     # the instance of the Client that creates it.
@@ -169,8 +173,8 @@ module Manticore
     # @option options [String]          ssl[:keystore_password]   (nil)        Password used for decrypting the client auth key store
     # @option options [String]          ssl[:keystore_type]       (nil)        Format of the key store, ie "JKS" or "PKCS12". If left nil, the type will be inferred from the keystore filename.
     # @option options [String]          ssl[:ca_file]             (nil)        OpenSSL-style path to an X.509 certificate to use to validate SSL certificates
-    # @option options [String]          ssl[:client_cert]         (nil)        OpenSSL-style path to an X.509 certificate to use for client authentication
-    # @option options [String]          ssl[:client_key]          (nil)        OpenSSL-style path to an RSA key to use for client authentication
+    # @option options [String|OpenSSL::X509::Certificate]   ssl[:client_cert]         (nil)        A string containing a base64-encoded X.509 certificate, OR a path to an OpenSSL-style X.509 certificate, OR an instance of OpenSSL::X509::Certificate
+    # @option options [String|OpenSSL::PKey::Pkey]          ssl[:client_key]          (nil)        A string containing a base64-encoded RSA key to use for client authentication, OR a path to an OpenSSL-style RSA key, OR an instance of OpenSSL::PKey::PKey
     # @option options [boolean]         ssl[:track_state]         (false)      Turn on or off connection state tracking. This helps prevent SSL information from leaking across threads, but means that connections
     #                                                                             can't be shared across those threads. This should generally be left off unless you know what you're doing.
     def initialize(options = {})
@@ -200,11 +204,7 @@ module Manticore
         builder.set_connection_reuse_strategy DefaultConnectionReuseStrategy.new
       end
 
-      socket_config_builder = SocketConfig.custom
-      socket_config_builder.set_so_timeout(options.fetch(:socket_timeout, DEFAULT_SOCKET_TIMEOUT) * 1000)
-      socket_config_builder.set_tcp_no_delay(options.fetch(:tcp_no_delay, true))
-      builder.set_default_socket_config socket_config_builder.build
-
+      builder.set_default_socket_config socket_config_from_options(options)
       builder.set_connection_manager pool(options)
 
       request_config = RequestConfig.custom
@@ -222,7 +222,7 @@ module Manticore
       @client = builder.build
       finalize @client, :close
       @options = options
-      @async_requests = []
+      @async_requests = Queue.new
       @stubs = {}
     end
 
@@ -333,8 +333,9 @@ module Manticore
     # @return [Array] An array of the responses from the requests executed.
     def execute!
       method = executor.java_method(:submit, [java.util.concurrent.Callable.java_class])
-      result = @async_requests.map { |r| method.call r }
-      @async_requests.clear
+
+      result = []
+      result << method.call(@async_requests.pop) until @async_requests.empty?
       result.map do |future|
         begin
           future.get
@@ -385,11 +386,13 @@ module Manticore
     def pool_builder(options)
       http_sf = PlainConnectionSocketFactory.new
 
+      # :nocov:
       if options[:ignore_ssl_validation]
         $stderr.puts "The options[:ignore_ssl_validation] setting is deprecated in favor of options[:ssl][:verify]"
         options[:ssl] ||= {}
         options[:ssl] = {:verify => !options.delete(:ignore_ssl_validation)}.merge(options[:ssl])
       end
+      # :nocov:
 
       https_sf = ssl_socket_factory_from_options options.fetch(:ssl, {})
       registry = RegistryBuilder.create.register("http", http_sf).register("https", https_sf).build
@@ -403,10 +406,19 @@ module Manticore
           cm.set_validate_after_inactivity options.fetch(:check_connection_timeout, 2_000)
           cm.set_default_max_per_route options.fetch(:pool_max_per_route, @max_pool_size)
           cm.set_max_total @max_pool_size
+          cm.set_default_socket_config socket_config_from_options(options)
+
           finalize cm, :shutdown
         end
       end
     end
+    
+    def socket_config_from_options(options)
+      socket_config_builder = SocketConfig.custom
+      socket_config_builder.set_so_timeout(options.fetch(:socket_timeout, DEFAULT_SOCKET_TIMEOUT) * 1000)
+      socket_config_builder.set_tcp_no_delay(options.fetch(:tcp_no_delay, true))
+      socket_config_builder.build
+    end
 
     def create_executor_if_needed
       return @executor if @executor
@@ -506,7 +518,7 @@ module Manticore
 
       if @use_cookies == :per_request
         store = BasicCookieStore.new
-        context.setAttribute(ClientContext.COOKIE_STORE, store)
+        context.setAttribute(ClientContext::COOKIE_STORE, store)
       end
 
       return req, context
@@ -600,11 +612,14 @@ module Manticore
     def ssl_socket_factory_from_options(ssl_options)
       trust_store = trust_strategy = nil
 
-      verifier = SSLConnectionSocketFactory::STRICT_HOSTNAME_VERIFIER
       case ssl_options.fetch(:verify, :strict)
-      when false, :disable, :none
+      when false
+        trust_store = nil
+        trust_strategy = TrustSelfSignedStrategy::INSTANCE
+        verifier = SSLConnectionSocketFactory::ALLOW_ALL_HOSTNAME_VERIFIER
+      when :disable, :none
         trust_store = nil
-        trust_strategy = TrustSelfSignedStrategy.new
+        trust_strategy = TrustAllStrategy::INSTANCE
         verifier = SSLConnectionSocketFactory::ALLOW_ALL_HOSTNAME_VERIFIER
       when :browser
         verifier = SSLConnectionSocketFactory::BROWSER_COMPATIBLE_HOSTNAME_VERIFIER
@@ -614,7 +629,7 @@ module Manticore
         raise "Invalid value for :verify. Valid values are (:all, :browser, :default)"
       end
 
-      context = SSLContexts.custom
+      context = SSLContextBuilder.new
       setup_trust_store ssl_options, context, trust_strategy
       setup_key_store ssl_options, context
 
@@ -629,8 +644,8 @@ module Manticore
         trust_store ||= blank_keystore
         open(ssl_options[:ca_file]) do |fp|
           cert_collection = CertificateFactory.get_instance("X509").generate_certificates(fp.to_inputstream).to_a
-          cert_collection.each do |cert|
-            trust_store.set_certificate_entry(cert.getSubjectX500Principal.name, cert)
+          cert_collection.each_with_index do |cert, i|
+            trust_store.set_certificate_entry("#{i}#" + cert.getSubjectX500Principal.name, cert)
           end
         end
       end
@@ -645,39 +660,44 @@ module Manticore
       keystore_password = (ssl_options[:keystore_password] || "").to_java.toCharArray
 
       # Support OpenSSL-style bare X.509 certs with an RSA key
-      # This is really dumb - we have to b64-decode the key ourselves, and we can only support PKCS8
       if ssl_options[:client_cert] && ssl_options[:client_key]
         key_store ||= blank_keystore
         certs, key = nil, nil
-        open(ssl_options[:client_cert]) do |fp|
-          certs = CertificateFactory.get_instance("X509").generate_certificates(fp.to_inputstream).to_array([].to_java(Certificate))
-        end
+
+        cert_str = if ssl_options[:client_cert].is_a?(OpenSSL::X509::Certificate)
+                     ssl_options[:client_cert].to_s
+                   elsif ssl_options[:client_cert].is_a?(String) && File.exists?(ssl_options[:client_cert])
+                     File.read(ssl_options[:client_cert])
+                   else
+                     ssl_options[:client_cert].to_s
+                   end
+
+        cert_stream = java.io.ByteArrayInputStream.new(cert_str.strip.to_java_bytes)
+        certs = CertificateFactory.get_instance("X509").generate_certificates(cert_stream).to_array([].to_java(Certificate))
+
+        key_str = if ssl_options[:client_key].is_a?(OpenSSL::PKey::PKey)
+                    ssl_options[:client_key].to_pem_pkcs8
+                  elsif ssl_options[:client_key].is_a?(String) && File.exists?(ssl_options[:client_key])
+                    File.read(ssl_options[:client_key])
+                  else
+                    ssl_options[:client_key].to_s
+                  end
 
         # Add each of the keys in the given keyfile into the keystore.
-        open(ssl_options[:client_key]) do |fp|
-          key_parts = fp.read.scan(KEY_EXTRACTION_REGEXP)
-          key_parts.each do |type, b64key|
-            body = Base64.decode64 b64key
-            spec = PKCS8EncodedKeySpec.new(body.to_java_bytes)
-            type = type.strip
-            type = "RSA" if type == ""
-            key = KeyFactory.getInstance(type).generatePrivate(spec)
-            key_store.set_key_entry("key-#{Digest::SHA1.hexdigest(body)}", key, keystore_password, certs)
-          end
+        key_parts = key_str.scan(KEY_EXTRACTION_REGEXP)
+        key_parts.each do |type, b64key|
+          body = Base64.decode64 b64key
+          spec = PKCS8EncodedKeySpec.new(body.strip.to_java_bytes)
+          type = type.strip
+          type = "RSA" if type == ""
+          key = KeyFactory.getInstance(type).generatePrivate(spec)
+          key_store.set_key_entry("key-#{Digest::SHA1.hexdigest(body)}", key, keystore_password, certs)
         end
       end
 
       context.load_key_material(key_store, keystore_password) if key_store
     end
 
-    def get_trust_store(options)
-      get_store :truststore, options
-    end
-
-    def get_key_store(options)
-      get_store :keystore, options
-    end
-
     def get_store(prefix, options)
       KeyStore.get_instance(options[:"#{prefix}_type"] || guess_store_type(options[prefix])).tap do |store|
         instream = open(options[prefix], "rb").to_inputstream

data/lib/manticore/response.rb

@@ -11,14 +11,13 @@ module Manticore
   # @!attribute [r] callback_result
   #   @return Value returned from any given on_success/response block
   class Response
-    include_package "org.apache.http.client"
-    include_package "org.apache.http.util"
-    include_package "org.apache.http.protocol"
+
+    java_import "org.apache.http.client.ResponseHandler"
     java_import "org.apache.http.client.protocol.HttpClientContext"
-    java_import "java.util.concurrent.Callable"
+    java_import "org.apache.http.protocol.ExecutionContext"
 
-    include ResponseHandler
-    include Callable
+    include org.apache.http.client.ResponseHandler
+    include java.util.concurrent.Callable
 
     attr_accessor :background
     attr_reader :context, :request, :callback_result, :called, :future
@@ -54,15 +53,16 @@ module Manticore
         ex = Manticore::ConnectTimeout
       rescue Java::JavaNet::SocketException => e
         ex = Manticore::SocketException
-      rescue Java::OrgApacheHttpClient::ClientProtocolException, Java::JavaxNetSsl::SSLHandshakeException, Java::OrgApacheHttpConn::HttpHostConnectException,
-             Java::OrgApacheHttp::NoHttpResponseException, Java::OrgApacheHttp::ConnectionClosedException => e
+      rescue Java::OrgApacheHttpClient::ClientProtocolException, Java::JavaxNetSsl::SSLHandshakeException,
+             Java::OrgApacheHttpConn::HttpHostConnectException, Java::OrgApacheHttp::NoHttpResponseException,
+             Java::OrgApacheHttp::ConnectionClosedException => e
         ex = Manticore::ClientProtocolException
       rescue Java::JavaNet::UnknownHostException => e
         ex = Manticore::ResolutionFailure
       rescue Java::JavaLang::IllegalArgumentException => e
         ex = Manticore::InvalidArgumentException
       rescue Java::JavaLang::IllegalStateException => e
-        if e.message.match(/Connection pool shut down/)
+        if (e.message || '').index('Connection pool shut down')
           ex = Manticore::ClientStoppedException
         else
           @exception = e
@@ -75,7 +75,7 @@ module Manticore
 
       # TODO: If calling async, execute_complete may fail and then silently swallow exceptions. How do we fix that?
       if ex || @exception
-        @exception ||= ex.new(e.cause || e.message)
+        @exception ||= ex.new(e)
         @handlers[:failure].call @exception
         execute_complete
         nil
@@ -90,8 +90,8 @@ module Manticore
     # @return [String]
     def final_url
       call_once
-      last_request = context.get_attribute ExecutionContext.HTTP_REQUEST
-      last_host = context.get_attribute ExecutionContext.HTTP_TARGET_HOST
+      last_request = context.get_attribute ExecutionContext::HTTP_REQUEST
+      last_host = context.get_attribute ExecutionContext::HTTP_TARGET_HOST
       host = last_host.to_uri
       url = last_request.get_uri
       URI.join(host, url.to_s)

data/lib/manticore/version.rb

@@ -1,3 +1,3 @@
 module Manticore
-  VERSION = "0.6.3"
+  VERSION = "0.8.0"
 end

data/lib/manticore.rb

@@ -5,7 +5,11 @@ require "cgi"
 require_relative "./manticore_jars.rb"
 require_relative "./org/manticore/manticore-ext"
 
-org.manticore.Manticore.new.load(JRuby.runtime, false)
+if defined? JRuby::Util.load_ext
+  JRuby::Util.load_ext 'org.manticore.Manticore'
+else
+  org.manticore.Manticore.new.load(JRuby.runtime, false)
+end
 
 require_relative "./manticore/version"
 
@@ -13,7 +17,27 @@ require_relative "./manticore/version"
 # with the beauty of Ruby.
 module Manticore
   # General base class for all Manticore exceptions
-  class ManticoreException < StandardError; end
+  class ManticoreException < StandardError
+    def initialize(arg = nil)
+      case arg
+      when nil
+        @_cause = nil
+        super()
+      when java.lang.Throwable
+        @_cause = arg
+        super(arg.message)
+      else
+        @_cause = nil
+        super(arg)
+      end
+    end
+
+    # @return cause which is likely to be a Java exception
+    # @overload Exception#cause
+    def cause
+      @_cause || super
+    end
+  end
 
   # Exception thrown if you attempt to read from a closed Response stream
   class StreamClosedException < ManticoreException; end

data/lib/manticore_jars.rb

@@ -1,8 +1,18 @@
 # this is a generated file, to avoid over-writing it just delete this comment
-require "jar_dependencies"
+begin
+  require 'jar_dependencies'
+rescue LoadError
+  require 'commons-logging/commons-logging/1.2/commons-logging-1.2.jar'
+  require 'commons-codec/commons-codec/1.15/commons-codec-1.15.jar'
+  require 'org/apache/httpcomponents/httpcore/4.4.14/httpcore-4.4.14.jar'
+  require 'org/apache/httpcomponents/httpclient/4.5.13/httpclient-4.5.13.jar'
+  require 'org/apache/httpcomponents/httpmime/4.5.13/httpmime-4.5.13.jar'
+end
 
-require_jar("commons-logging", "commons-logging", "1.2")
-require_jar("org.apache.httpcomponents", "httpmime", "4.5.2")
-require_jar("commons-codec", "commons-codec", "1.10")
-require_jar("org.apache.httpcomponents", "httpclient", "4.5.2")
-require_jar("org.apache.httpcomponents", "httpcore", "4.4.4")
+if defined? Jars
+  require_jar 'commons-logging', 'commons-logging', '1.2'
+  require_jar 'commons-codec', 'commons-codec', '1.15'
+  require_jar 'org.apache.httpcomponents', 'httpcore', '4.4.14'
+  require_jar 'org.apache.httpcomponents', 'httpclient', '4.5.13'
+  require_jar 'org.apache.httpcomponents', 'httpmime', '4.5.13'
+end

data/manticore.gemspec

@@ -19,19 +19,23 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
+  spec.required_ruby_version = '>= 2.3' # JRuby >= 9.1
+
   private_key = File.expand_path("~/.gemcert/gem-private_key.pem")
   if File.exists? private_key
     spec.signing_key = private_key
     spec.cert_chain  = ['gem-public_cert.pem']
   end
 
-  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_dependency "openssl_pkcs8_pure"
+
+  spec.add_development_dependency "bundler"
   spec.add_development_dependency "rake"
-  spec.add_development_dependency "jar-dependencies"
+  spec.add_development_dependency "jar-dependencies", "~> 0.4.1"
 
-  spec.requirements << "jar org.apache.httpcomponents:httpclient, '~> 4.5.0'"
-  spec.requirements << "jar org.apache.httpcomponents:httpmime,   '~> 4.5.0'"
+  spec.requirements << "jar org.apache.httpcomponents:httpclient, '~> 4.5.13'"
+  spec.requirements << "jar org.apache.httpcomponents:httpmime,   '~> 4.5.13'"
   spec.requirements << "jar commons-logging:commons-logging,      '~> 1.2'"
   spec.requirements << "jar commons-codec:commons-codec,          '~> 1.9'"
-  spec.requirements << "jar org.apache.httpcomponents:httpcore,   '~> 4.4.4'"
+  spec.requirements << "jar org.apache.httpcomponents:httpcore,   '~> 4.4.14'"
 end

data/spec/manticore/client_spec.rb

@@ -130,7 +130,13 @@ describe Manticore::Client do
         let(:client) { Manticore::Client.new :ssl => {:verify => :strict} }
 
         it "breaks on SSL validation errors" do
-          expect { client.get("https://localhost:55444/").call }.to raise_exception(Manticore::ClientProtocolException)
+          begin
+            client.get("https://localhost:55445/").body
+          rescue Manticore::ClientProtocolException => e
+            expect( e.cause ).to be_a javax.net.ssl.SSLHandshakeException
+          else
+            fail "exception not raised"
+          end
         end
       end
 
@@ -166,7 +172,7 @@ describe Manticore::Client do
         end
       end
 
-      context "when client_cert and client_key are given" do
+      context "when client_cert and client_key are given as file paths" do
         let(:client) {
           Manticore::Client.new(
             :ssl => {
@@ -183,6 +189,40 @@ describe Manticore::Client do
         end
       end
 
+      context "when client_cert and client_key are given as OpenSSL::X509::Certificate" do
+        let(:client) {
+          Manticore::Client.new(
+            :ssl => {
+              verify: :strict,
+              ca_file: File.expand_path("../../ssl/root-ca.crt", __FILE__),
+              client_cert: OpenSSL::X509::Certificate.new(File.read(File.expand_path("../../ssl/client.crt", __FILE__))),
+              client_key: OpenSSL::PKey::RSA.new(File.read(File.expand_path("../../ssl/client.key", __FILE__))),
+            },
+          )
+        }
+
+        it "successfully auths requests" do
+          expect(client.get("https://localhost:55445/").body).to match("hello")
+        end
+      end
+
+      context "when client_cert and client_key are given as strings" do
+        let(:client) {
+          Manticore::Client.new(
+            :ssl => {
+              verify: :strict,
+              ca_file: File.expand_path("../../ssl/root-ca.crt", __FILE__),
+              client_cert: File.read(File.expand_path("../../ssl/client.crt", __FILE__)),
+              client_key: File.read(File.expand_path("../../ssl/client.key", __FILE__)),
+            },
+          )
+        }
+
+        it "successfully auths requests" do
+          expect(client.get("https://localhost:55445/").body).to match("hello")
+        end
+      end
+
       context "when off" do
         let(:client) { Manticore::Client.new :ssl => {:verify => :disable} }
 
@@ -193,6 +233,10 @@ describe Manticore::Client do
         it "does not break on expired SSL certificates" do
           expect { client.get("https://localhost:55446/").body }.to_not raise_exception
         end
+
+        it "does not break on untrusted certificates" do
+          expect { client.get("https://localhost:55447/").body }.to_not raise_exception
+        end
       end
 
       context "against a server that verifies clients" do
@@ -529,7 +573,7 @@ describe Manticore::Client do
   describe "#head" do
     it "works" do
       response = client.head(local_server)
-      expect(JSON.load(response.body)).to be_nil
+      expect(response.body).to be_nil
     end
   end
 
@@ -730,11 +774,16 @@ describe Manticore::Client do
             ].join("\n"))
             client.close
           rescue IOError => e
+            break
           end
         end
       end
     end
 
+    after do
+      @server.kill
+    end
+
     let(:client) { Manticore::Client.new keepalive: true, pool_max: 1 }
 
     it "retries 3 times by default" do
@@ -791,7 +840,13 @@ describe Manticore::Client do
     let(:client) { Manticore::Client.new request_timeout: 1, connect_timeout: 1, socket_timeout: 1 }
 
     it "times out" do
-      expect { client.get(local_server "/?sleep=2").body }.to raise_exception(Manticore::SocketTimeout)
+      begin
+        client.get(local_server "/?sleep=2").body
+      rescue Manticore::SocketTimeout => e
+        expect( e.cause ).to be_a java.net.SocketTimeoutException
+      else
+        fail "exception not raised"
+      end
     end
 
     it "times out when custom request options are passed" do

data/spec/manticore/response_spec.rb

@@ -6,7 +6,7 @@ describe Manticore::Response do
 
   its(:headers) { is_expected.to be_a Hash }
   its(:body) { is_expected.to be_a String }
-  its(:length) { is_expected.to be_a Fixnum }
+  its(:length) { is_expected.to be_a Integer }
 
   it "provides response header lookup via #[]" do
     expect(subject["Content-Type"]).to eq "application/json"

data/spec/spec_helper.rb

@@ -1,6 +1,12 @@
 # encoding: utf-8
 require "rubygems"
 require "bundler/setup"
+require "simplecov"
+
+SimpleCov.start do
+  add_filter "spec/"
+end
+
 require "manticore"
 require "zlib"
 require "json"
@@ -145,6 +151,7 @@ RSpec.configure do |c|
     start_ssl_server 55444
     start_ssl_server 55445, :SSLVerifyClient => OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT, :SSLCACertificateFile => File.expand_path("../ssl/root-ca.crt", __FILE__)
     start_ssl_server 55446, cert: File.expand_path("../ssl/host-expired.crt", __FILE__)
+    start_ssl_server 55447, cert: File.expand_path("../ssl/host-untrusted.crt", __FILE__), SSLCACertificateFile: File.expand_path("../ssl/root-untrusted-ca.crt", __FILE__)
 
     Manticore.disable_httpcomponents_logging!
   }

metadata

@@ -1,36 +1,36 @@
 --- !ruby/object:Gem::Specification
 name: manticore
 version: !ruby/object:Gem::Version
-  version: 0.6.3
+  version: 0.8.0
 platform: java
 authors:
 - Chris Heald
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-05-28 00:00:00.000000000 Z
+date: 2022-01-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
-  name: bundler
+        version: '0'
+  name: openssl_pkcs8_pure
   prerelease: false
-  type: :development
+  type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0'
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  name: rake
+  name: bundler
   prerelease: false
   type: :development
   version_requirements: !ruby/object:Gem::Requirement
@@ -44,7 +44,7 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  name: jar-dependencies
+  name: rake
   prerelease: false
   type: :development
   version_requirements: !ruby/object:Gem::Requirement
@@ -52,6 +52,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.4.1
+  name: jar-dependencies
+  prerelease: false
+  type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.4.1
 description: Manticore is an HTTP client built on the Apache HttpCore components
 email:
 - cheald@mashable.com
@@ -60,6 +74,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".gitlab-ci.yml"
 - ".travis.yml"
 - APACHE-LICENSE-2.0.txt
 - CHANGELOG.md
@@ -71,7 +86,7 @@ files:
 - ext/manticore/org/manticore/HttpGetWithEntity.java
 - ext/manticore/org/manticore/Manticore.java
 - gem-public_cert.pem
-- lib/commons-codec/commons-codec/1.10/commons-codec-1.10.jar
+- lib/commons-codec/commons-codec/1.15/commons-codec-1.15.jar
 - lib/commons-logging/commons-logging/1.2/commons-logging-1.2.jar
 - lib/faraday/adapter/manticore.rb
 - lib/manticore.rb
@@ -84,9 +99,9 @@ files:
 - lib/manticore/stubbed_response.rb
 - lib/manticore/version.rb
 - lib/manticore_jars.rb
-- lib/org/apache/httpcomponents/httpclient/4.5.2/httpclient-4.5.2.jar
-- lib/org/apache/httpcomponents/httpcore/4.4.4/httpcore-4.4.4.jar
-- lib/org/apache/httpcomponents/httpmime/4.5.2/httpmime-4.5.2.jar
+- lib/org/apache/httpcomponents/httpclient/4.5.13/httpclient-4.5.13.jar
+- lib/org/apache/httpcomponents/httpcore/4.4.14/httpcore-4.4.14.jar
+- lib/org/apache/httpcomponents/httpmime/4.5.13/httpmime-4.5.13.jar
 - lib/org/manticore/manticore-ext.jar
 - manticore.gemspec
 - spec/manticore/client_proxy_spec.rb
@@ -109,20 +124,19 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements:
-- jar org.apache.httpcomponents:httpclient, '~> 4.5.0'
-- jar org.apache.httpcomponents:httpmime,   '~> 4.5.0'
+- jar org.apache.httpcomponents:httpclient, '~> 4.5.13'
+- jar org.apache.httpcomponents:httpmime,   '~> 4.5.13'
 - jar commons-logging:commons-logging,      '~> 1.2'
 - jar commons-codec:commons-codec,          '~> 1.9'
-- jar org.apache.httpcomponents:httpcore,   '~> 4.4.4'
-rubyforge_project:
-rubygems_version: 2.4.8
+- jar org.apache.httpcomponents:httpcore,   '~> 4.4.14'
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Manticore is an HTTP client built on the Apache HttpCore components