manticore 0.7.1-java → 0.8.0-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 67e67c0611ad51fbaf279f456ef5a9e463038f1017c0eb8c7665032a05534b59
-  data.tar.gz: 0ecf2a3014befbbc5b26d95c3ee36809ccc8605e450631e4ec0f1c143225bbc5
+  metadata.gz: 063b0fd32e3dfbee4335d04293e098e8b1bc054ecd727ff51011e6eef3675c4b
+  data.tar.gz: 8a5da3e5e6433d7d57e388069e95393fbc66220f1695ab7b1443f9dc49f84d11
 SHA512:
-  metadata.gz: 19f7db686cff19817b8310f7838f9115d343ab7516e7cbab066c0f0f7d223c7a0a42c40f9e361426c07345088dbdb818cabab59fb2a481d35050f939e27afafd
-  data.tar.gz: ebc35118980baac6eff3e1f795f5ad3aa0af01c7ac29cd6a9502f9300fb1da88d8b97ecfc7c1198d5902a35ab2501179df775791e3306e27004e85d690145bc2
+  metadata.gz: db22357ef64973e1452bb970dbb2d7a6c960c895db7d0afe1ae96339f414a06dba8c1039b7f5d3d0ce493443317a9d72c7dce04e7c7fbab98704e55e124d2766
+  data.tar.gz: 6744d52a35f0e94d23db237b9f364353eeec4bb3667eb35a06620cf16b676e5b49bd76bb12ba7296f6924b2b7ae052cb4f1d443a6f1e87b00d32b9d1af60c507

data/.travis.yml

@@ -5,7 +5,7 @@ cache:
   - directories:
     - $HOME/.m2
 rvm:
-  - jruby-9.2.16.0 # Ruby 2.5
+  - jruby-9.2.19.0 # Ruby 2.5
 jdk:
   - oraclejdk8
   - openjdk8

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+### v0.8.0
+
+* [feat] restore compat with (legacy) verify: false (#102)
+* Accept untrusted certs when SSL verify is disabled (#100)
+* [deps] update http-client to 4.5.13 (#99)
+
 ## v0.7
 
 ### v0.7.1

data/README.md

@@ -2,7 +2,7 @@
 
 **Note**: While I'll continue to maintain the library here, I've moved the canonical copy to Gitlab at https://gitlab.com/cheald/manticore - it is preferred that you submit issues and PRs there.
 
-[![Build Status](https://travis-ci.org/cheald/manticore.svg?branch=master)](https://travis-ci.org/cheald/manticore)
+[![Build Status](https://app.travis-ci.com/cheald/manticore.svg?branch=master)](https://app.travis-ci.com/cheald/manticore)
 
 Manticore is a fast, robust HTTP client built on the Apache HTTPClient libraries. It is only compatible with JRuby.
 

data/Rakefile

@@ -36,6 +36,7 @@ task :generate_certs do
     # Create the CA
     "#{openssl} genrsa 4096 | #{openssl} pkcs8 -topk8 -nocrypt -out #{root}/root-ca.key",
     "#{openssl} req -sha256 -x509 -newkey rsa:4096 -nodes -key #{root}/root-ca.key -sha256 -days 365 -out #{root}/root-ca.crt -subj \"/C=US/ST=The Internet/L=The Internet/O=Manticore CA/OU=Manticore/CN=localhost\"",
+    "#{openssl} req -sha256 -x509 -newkey rsa:4096 -nodes -key #{root}/root-ca.key -sha256 -days 365 -out #{root}/root-untrusted-ca.crt -subj \"/C=US/ST=The Darknet/L=The Darknet/O=Manticore CA/OU=Manticore/CN=localhost\"",
 
     # Create the client CSR, key, and signed cert
     "#{openssl} genrsa 4096 | #{openssl} pkcs8 -topk8 -nocrypt -out #{root}/client.key",
@@ -48,6 +49,7 @@ task :generate_certs do
     "#{openssl} req -sha256 -key #{root}/host.key -newkey rsa:4096 -out #{root}/host.csr -subj \"/C=US/ST=The Internet/L=The Internet/O=Manticore Host/OU=Manticore/CN=localhost\"",
     "#{openssl} x509 -req -in #{root}/host.csr -CA #{root}/root-ca.crt -CAkey #{root}/root-ca.key -CAcreateserial -out #{root}/host.crt -sha256 -days 1",
     "#{openssl} x509 -req -in #{root}/host.csr -CA #{root}/root-ca.crt -CAkey #{root}/root-ca.key -CAcreateserial -out #{root}/host-expired.crt -sha256 -days -7",
+    "#{openssl} x509 -req -in #{root}/host.csr -CA #{root}/root-untrusted-ca.crt -CAkey #{root}/root-ca.key -CAcreateserial -out #{root}/host-untrusted.crt -sha256 -days 1",
 
     "#{keytool} -import -file #{root}/root-ca.crt -alias rootCA -keystore #{root}/truststore.jks -noprompt -storepass test123",
     "#{openssl} pkcs12 -export -clcerts -out #{root}/client.p12 -inkey #{root}/client.key -in #{root}/client.crt -certfile #{root}/root-ca.crt -password pass:test123",

data/lib/manticore/client.rb

@@ -88,6 +88,7 @@ module Manticore
     java_import "org.apache.http.auth.UsernamePasswordCredentials"
     java_import "org.apache.http.conn.ssl.SSLConnectionSocketFactory"
     java_import "org.apache.http.conn.ssl.SSLContextBuilder"
+    java_import "org.apache.http.conn.ssl.TrustAllStrategy"
     java_import "org.apache.http.conn.ssl.TrustSelfSignedStrategy"
     java_import "org.apache.http.client.utils.URIBuilder"
     java_import "org.apache.http.impl.DefaultConnectionReuseStrategy"
@@ -611,11 +612,14 @@ module Manticore
     def ssl_socket_factory_from_options(ssl_options)
       trust_store = trust_strategy = nil
 
-      verifier = SSLConnectionSocketFactory::STRICT_HOSTNAME_VERIFIER
       case ssl_options.fetch(:verify, :strict)
-      when false, :disable, :none
+      when false
         trust_store = nil
-        trust_strategy = TrustSelfSignedStrategy.new
+        trust_strategy = TrustSelfSignedStrategy::INSTANCE
+        verifier = SSLConnectionSocketFactory::ALLOW_ALL_HOSTNAME_VERIFIER
+      when :disable, :none
+        trust_store = nil
+        trust_strategy = TrustAllStrategy::INSTANCE
         verifier = SSLConnectionSocketFactory::ALLOW_ALL_HOSTNAME_VERIFIER
       when :browser
         verifier = SSLConnectionSocketFactory::BROWSER_COMPATIBLE_HOSTNAME_VERIFIER

data/lib/manticore/version.rb

@@ -1,3 +1,3 @@
 module Manticore
-  VERSION = "0.7.1"
+  VERSION = "0.8.0"
 end

data/lib/manticore_jars.rb

@@ -1,8 +1,18 @@
 # this is a generated file, to avoid over-writing it just delete this comment
-require "jar_dependencies"
+begin
+  require 'jar_dependencies'
+rescue LoadError
+  require 'commons-logging/commons-logging/1.2/commons-logging-1.2.jar'
+  require 'commons-codec/commons-codec/1.15/commons-codec-1.15.jar'
+  require 'org/apache/httpcomponents/httpcore/4.4.14/httpcore-4.4.14.jar'
+  require 'org/apache/httpcomponents/httpclient/4.5.13/httpclient-4.5.13.jar'
+  require 'org/apache/httpcomponents/httpmime/4.5.13/httpmime-4.5.13.jar'
+end
 
-require_jar("commons-logging", "commons-logging", "1.2")
-require_jar("org.apache.httpcomponents", "httpmime", "4.5.2")
-require_jar("commons-codec", "commons-codec", "1.10")
-require_jar("org.apache.httpcomponents", "httpclient", "4.5.2")
-require_jar("org.apache.httpcomponents", "httpcore", "4.4.4")
+if defined? Jars
+  require_jar 'commons-logging', 'commons-logging', '1.2'
+  require_jar 'commons-codec', 'commons-codec', '1.15'
+  require_jar 'org.apache.httpcomponents', 'httpcore', '4.4.14'
+  require_jar 'org.apache.httpcomponents', 'httpclient', '4.5.13'
+  require_jar 'org.apache.httpcomponents', 'httpmime', '4.5.13'
+end

data/manticore.gemspec

@@ -33,9 +33,9 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rake"
   spec.add_development_dependency "jar-dependencies", "~> 0.4.1"
 
-  spec.requirements << "jar org.apache.httpcomponents:httpclient, '~> 4.5.0'"
-  spec.requirements << "jar org.apache.httpcomponents:httpmime,   '~> 4.5.0'"
+  spec.requirements << "jar org.apache.httpcomponents:httpclient, '~> 4.5.13'"
+  spec.requirements << "jar org.apache.httpcomponents:httpmime,   '~> 4.5.13'"
   spec.requirements << "jar commons-logging:commons-logging,      '~> 1.2'"
   spec.requirements << "jar commons-codec:commons-codec,          '~> 1.9'"
-  spec.requirements << "jar org.apache.httpcomponents:httpcore,   '~> 4.4.4'"
+  spec.requirements << "jar org.apache.httpcomponents:httpcore,   '~> 4.4.14'"
 end

data/spec/manticore/client_spec.rb

@@ -233,6 +233,10 @@ describe Manticore::Client do
         it "does not break on expired SSL certificates" do
           expect { client.get("https://localhost:55446/").body }.to_not raise_exception
         end
+
+        it "does not break on untrusted certificates" do
+          expect { client.get("https://localhost:55447/").body }.to_not raise_exception
+        end
       end
 
       context "against a server that verifies clients" do

data/spec/spec_helper.rb

@@ -151,6 +151,7 @@ RSpec.configure do |c|
     start_ssl_server 55444
     start_ssl_server 55445, :SSLVerifyClient => OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT, :SSLCACertificateFile => File.expand_path("../ssl/root-ca.crt", __FILE__)
     start_ssl_server 55446, cert: File.expand_path("../ssl/host-expired.crt", __FILE__)
+    start_ssl_server 55447, cert: File.expand_path("../ssl/host-untrusted.crt", __FILE__), SSLCACertificateFile: File.expand_path("../ssl/root-untrusted-ca.crt", __FILE__)
 
     Manticore.disable_httpcomponents_logging!
   }

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: manticore
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.8.0
 platform: java
 authors:
 - Chris Heald
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-08-18 00:00:00.000000000 Z
+date: 2022-01-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -17,8 +17,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: openssl_pkcs8_pure
-  type: :runtime
   prerelease: false
+  type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -31,8 +31,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: bundler
-  type: :development
   prerelease: false
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -45,8 +45,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
   name: rake
-  type: :development
   prerelease: false
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -59,8 +59,8 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.4.1
   name: jar-dependencies
-  type: :development
   prerelease: false
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -86,7 +86,7 @@ files:
 - ext/manticore/org/manticore/HttpGetWithEntity.java
 - ext/manticore/org/manticore/Manticore.java
 - gem-public_cert.pem
-- lib/commons-codec/commons-codec/1.10/commons-codec-1.10.jar
+- lib/commons-codec/commons-codec/1.15/commons-codec-1.15.jar
 - lib/commons-logging/commons-logging/1.2/commons-logging-1.2.jar
 - lib/faraday/adapter/manticore.rb
 - lib/manticore.rb
@@ -99,9 +99,9 @@ files:
 - lib/manticore/stubbed_response.rb
 - lib/manticore/version.rb
 - lib/manticore_jars.rb
-- lib/org/apache/httpcomponents/httpclient/4.5.2/httpclient-4.5.2.jar
-- lib/org/apache/httpcomponents/httpcore/4.4.4/httpcore-4.4.4.jar
-- lib/org/apache/httpcomponents/httpmime/4.5.2/httpmime-4.5.2.jar
+- lib/org/apache/httpcomponents/httpclient/4.5.13/httpclient-4.5.13.jar
+- lib/org/apache/httpcomponents/httpcore/4.4.14/httpcore-4.4.14.jar
+- lib/org/apache/httpcomponents/httpmime/4.5.13/httpmime-4.5.13.jar
 - lib/org/manticore/manticore-ext.jar
 - manticore.gemspec
 - spec/manticore/client_proxy_spec.rb
@@ -131,12 +131,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements:
-- jar org.apache.httpcomponents:httpclient, '~> 4.5.0'
-- jar org.apache.httpcomponents:httpmime,   '~> 4.5.0'
+- jar org.apache.httpcomponents:httpclient, '~> 4.5.13'
+- jar org.apache.httpcomponents:httpmime,   '~> 4.5.13'
 - jar commons-logging:commons-logging,      '~> 1.2'
 - jar commons-codec:commons-codec,          '~> 1.9'
-- jar org.apache.httpcomponents:httpcore,   '~> 4.4.4'
-rubygems_version: 3.0.6
+- jar org.apache.httpcomponents:httpcore,   '~> 4.4.14'
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Manticore is an HTTP client built on the Apache HttpCore components