nats-pure 0.2.4 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/nats/io/client.rb +39 -4
- data/lib/nats/io/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 6511a5fc9c87e5a783322e9fe0b02f66a2b36d47c1ea806208877ec2c63c6a23
|
|
4
|
+
data.tar.gz: bfdc75088d4a39cf5e020248664d72e3ae2cdc774a26a69fcc15ddf67727e531
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 300ab49335e50800e0dc0c5971dd5b96682a7e0a5be9c9f09edf10f0a1c97a3c3f10749d1b87276cd4a709d724c8e3c627ef239a5fc49ff3cfff9f2e32ac71f7
|
|
7
|
+
data.tar.gz: 49a3618d2dc8ab3fd7844d4e7d98035c9fbfdb68e0f336e94437edeec0572197437cc02d14f136b006b52a641a8f588cd4abaec688f1b6252efb8e361391b9a5
|
data/lib/nats/io/client.rb
CHANGED
|
@@ -148,6 +148,10 @@ module NATS
|
|
|
148
148
|
|
|
149
149
|
# Secure TLS options
|
|
150
150
|
@tls = nil
|
|
151
|
+
|
|
152
|
+
# Hostname of current server; used for when TLS host
|
|
153
|
+
# verification is enabled.
|
|
154
|
+
@hostname = nil
|
|
151
155
|
end
|
|
152
156
|
|
|
153
157
|
# Establishes connection to NATS
|
|
@@ -175,7 +179,16 @@ module NATS
|
|
|
175
179
|
uris = opts[:servers] || [DEFAULT_URI]
|
|
176
180
|
uris.shuffle! unless @options[:dont_randomize_servers]
|
|
177
181
|
uris.each do |u|
|
|
178
|
-
|
|
182
|
+
nats_uri = case u
|
|
183
|
+
when URI
|
|
184
|
+
u.dup
|
|
185
|
+
else
|
|
186
|
+
URI.parse(u)
|
|
187
|
+
end
|
|
188
|
+
@server_pool << {
|
|
189
|
+
:uri => nats_uri,
|
|
190
|
+
:hostname => nats_uri.host
|
|
191
|
+
}
|
|
179
192
|
end
|
|
180
193
|
|
|
181
194
|
# Check for TLS usage
|
|
@@ -196,6 +209,9 @@ module NATS
|
|
|
196
209
|
# Connection established and now in process of sending CONNECT to NATS
|
|
197
210
|
@status = CONNECTING
|
|
198
211
|
|
|
212
|
+
# Use the hostname from the server for TLS hostname verification.
|
|
213
|
+
@hostname = srv[:hostname]
|
|
214
|
+
|
|
199
215
|
# Established TCP connection successfully so can start connect
|
|
200
216
|
process_connect_init
|
|
201
217
|
|
|
@@ -507,7 +523,8 @@ module NATS
|
|
|
507
523
|
u.password ||= @uri.password if @uri.password
|
|
508
524
|
end
|
|
509
525
|
|
|
510
|
-
|
|
526
|
+
# NOTE: Auto discovery won't work here when TLS host verification is enabled.
|
|
527
|
+
srv = { :uri => u, :reconnect_attempts => 0, :discovered => true, :hostname => u.host }
|
|
511
528
|
srvs << srv
|
|
512
529
|
end
|
|
513
530
|
end
|
|
@@ -798,11 +815,26 @@ module NATS
|
|
|
798
815
|
else
|
|
799
816
|
# Defaults
|
|
800
817
|
tls_context = OpenSSL::SSL::SSLContext.new
|
|
801
|
-
|
|
818
|
+
|
|
819
|
+
# Use the default verification options from Ruby:
|
|
820
|
+
# https://github.com/ruby/ruby/blob/96db72ce38b27799dd8e80ca00696e41234db6ba/ext/openssl/lib/openssl/ssl.rb#L19-L29
|
|
821
|
+
#
|
|
822
|
+
# Insecure TLS versions not supported already:
|
|
823
|
+
# https://github.com/ruby/openssl/commit/3e5a009966bd7f806f7180d82cf830a04be28986
|
|
824
|
+
#
|
|
825
|
+
tls_context.set_params
|
|
802
826
|
end
|
|
803
827
|
|
|
804
828
|
# Setup TLS connection by rewrapping the socket
|
|
805
829
|
tls_socket = OpenSSL::SSL::SSLSocket.new(@io.socket, tls_context)
|
|
830
|
+
|
|
831
|
+
# Close TCP socket after closing TLS socket as well.
|
|
832
|
+
tls_socket.sync_close = true
|
|
833
|
+
|
|
834
|
+
# Required to enable hostname verification if Ruby runtime supports it (>= 2.4):
|
|
835
|
+
# https://github.com/ruby/openssl/commit/028e495734e9e6aa5dba1a2e130b08f66cf31a21
|
|
836
|
+
tls_socket.hostname = @hostname
|
|
837
|
+
|
|
806
838
|
tls_socket.connect
|
|
807
839
|
@io.socket = tls_socket
|
|
808
840
|
when (server_using_secure_connection? and !client_using_secure_connection?)
|
|
@@ -857,6 +889,9 @@ module NATS
|
|
|
857
889
|
@io.connect
|
|
858
890
|
@stats[:reconnects] += 1
|
|
859
891
|
|
|
892
|
+
# Set hostname to use for TLS hostname verification
|
|
893
|
+
@hostname = srv[:hostname]
|
|
894
|
+
|
|
860
895
|
# Established TCP connection successfully so can start connect
|
|
861
896
|
process_connect_init
|
|
862
897
|
|
|
@@ -873,7 +908,7 @@ module NATS
|
|
|
873
908
|
# to see whether need to take it out from rotation
|
|
874
909
|
srv[:auth_required] ||= true if @server_info[:auth_required]
|
|
875
910
|
server_pool << srv if can_reuse_server?(srv)
|
|
876
|
-
|
|
911
|
+
|
|
877
912
|
@last_err = e
|
|
878
913
|
|
|
879
914
|
# Trigger async error handler
|
data/lib/nats/io/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nats-pure
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Waldemar Quevedo
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2018-02-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: NATS is an open-source, high-performance, lightweight cloud messaging
|
|
14
14
|
system.
|
|
@@ -41,7 +41,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
41
41
|
version: '0'
|
|
42
42
|
requirements: []
|
|
43
43
|
rubyforge_project:
|
|
44
|
-
rubygems_version: 2.
|
|
44
|
+
rubygems_version: 2.7.3
|
|
45
45
|
signing_key:
|
|
46
46
|
specification_version: 4
|
|
47
47
|
summary: NATS is an open-source, high-performance, lightweight cloud messaging system.
|