rest-client 1.6.7 → 1.6.8.rc1

data/lib/restclient/payload.rb

@@ -9,14 +9,14 @@ module RestClient
     def generate(params)
       if params.is_a?(String)
         Base.new(params)
-      elsif params.respond_to?(:read)
-        Streamed.new(params)
-      elsif params
+      elsif params.is_a?(Hash)
         if params.delete(:multipart) == true || has_file?(params)
           Multipart.new(params)
         else
           UrlEncoded.new(params)
         end
+      elsif params.respond_to?(:read)
+        Streamed.new(params)
       else
         nil
       end
@@ -44,7 +44,7 @@ module RestClient
             has_file_array?(v)
           else
             v.respond_to?(:path) && v.respond_to?(:read)
-          end
+        end
       end
     end
 
@@ -147,12 +147,17 @@ module RestClient
 
       # for UrlEncoded escape the keys
       def handle_key key
-        URI.escape(key.to_s, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
+        parser.escape(key.to_s, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
       end
 
       def headers
         super.merge({'Content-Type' => 'application/x-www-form-urlencoded'})
       end
+
+      private
+        def parser
+          URI.const_defined?(:Parser) ? URI::Parser.new : URI
+        end
     end
 
     class Multipart < Base

data/lib/restclient/platform.rb

@@ -0,0 +1,29 @@
+module RestClient
+  module Platform
+    # Return true if we are running on a darwin-based Ruby platform. This will
+    # be false for jruby even on OS X.
+    #
+    # @return [Boolean]
+    def self.mac?
+      RUBY_PLATFORM.include?('darwin')
+    end
+
+    # Return true if we are running on Windows.
+    #
+    # @return [Boolean]
+    #
+    def self.windows?
+      # Ruby only sets File::ALT_SEPARATOR on Windows, and the Ruby standard
+      # library uses that to test what platform it's on.
+      !!File::ALT_SEPARATOR
+    end
+
+    # Return true if we are running on jruby.
+    #
+    # @return [Boolean]
+    #
+    def self.jruby?
+      RUBY_PLATFORM == 'java'
+    end
+  end
+end

data/lib/restclient/request.rb

@@ -22,12 +22,14 @@ module RestClient
   # * :verify_ssl enable ssl verification, possible values are constants from OpenSSL::SSL
   # * :timeout and :open_timeout passing in -1 will disable the timeout by setting the corresponding net timeout values to nil
   # * :ssl_client_cert, :ssl_client_key, :ssl_ca_file
+  # * :ssl_verify_callback, :ssl_verify_callback_warnings
   class Request
 
     attr_reader :method, :url, :headers, :cookies,
                 :payload, :user, :password, :timeout, :max_redirects,
                 :open_timeout, :raw_response, :verify_ssl, :ssl_client_cert,
-                :ssl_client_key, :ssl_ca_file, :processed_headers, :args
+                :ssl_client_key, :ssl_ca_file, :processed_headers, :args,
+                :ssl_verify_callback, :ssl_verify_callback_warnings
 
     def self.execute(args, & block)
       new(args).execute(& block)
@@ -53,6 +55,8 @@ module RestClient
       @ssl_client_cert = args[:ssl_client_cert] || nil
       @ssl_client_key = args[:ssl_client_key] || nil
       @ssl_ca_file = args[:ssl_ca_file] || nil
+      @ssl_verify_callback = args[:ssl_verify_callback] || nil
+      @ssl_verify_callback_warnings = args.fetch(:ssl_verify_callback, true)
       @tf = nil # If you are a raw request, this is your tempfile
       @max_redirects = args[:max_redirects] || 10
       @processed_headers = make_headers headers
@@ -129,29 +133,40 @@ module RestClient
           if p[k].is_a? Hash
             process_payload(p[k], key)
           else
-            value = URI.escape(p[k].to_s, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
+            value = parser.escape(p[k].to_s, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
             "#{key}=#{value}"
           end
         end.join("&")
       end
     end
 
+    def print_verify_callback_warnings
+      warned = false
+      if RestClient::Platform.mac?
+        warn('warning: ssl_verify_callback return code is ignored on OS X')
+        warned = true
+      end
+      if RestClient::Platform.jruby?
+        warn('warning: SSL verify_callback may not work correctly in jruby')
+        warn('see https://github.com/jruby/jruby/issues/597')
+        warned = true
+      end
+      warned
+    end
+
     def transmit uri, req, payload, & block
       setup_credentials req
 
       net = net_http_class.new(uri.host, uri.port)
       net.use_ssl = uri.is_a?(URI::HTTPS)
-      if (@verify_ssl == false) || (@verify_ssl == OpenSSL::SSL::VERIFY_NONE)
-        net.verify_mode = OpenSSL::SSL::VERIFY_NONE
-      elsif @verify_ssl.is_a? Integer
-        net.verify_mode = @verify_ssl
-        net.verify_callback = lambda do |preverify_ok, ssl_context|
-          if (!preverify_ok) || ssl_context.error != 0
-            err_msg = "SSL Verification failed -- Preverify: #{preverify_ok}, Error: #{ssl_context.error_string} (#{ssl_context.error})"
-            raise SSLCertificateNotVerified.new(err_msg)
-          end
-          true
+      if @verify_ssl
+        if @verify_ssl.is_a? Integer
+          net.verify_mode = @verify_ssl
+        else
+          net.verify_mode = OpenSSL::SSL::VERIFY_PEER
         end
+      else
+        net.verify_mode = OpenSSL::SSL::VERIFY_NONE
       end
       net.cert = @ssl_client_cert if @ssl_client_cert
       net.key = @ssl_client_key if @ssl_client_key
@@ -161,7 +176,26 @@ module RestClient
 
       # disable the timeout if the timeout value is -1
       net.read_timeout = nil if @timeout == -1
-      net.out_timeout = nil if @open_timeout == -1
+      net.open_timeout = nil if @open_timeout == -1
+
+      # verify_callback isn't well supported on all platforms, but do allow
+      # users to set one if they want.
+      if ssl_verify_callback
+        net.verify_callback = ssl_verify_callback
+
+        # Hilariously, jruby only calls the callback when cert_store is set to
+        # something, so make sure to set one.
+        # https://github.com/jruby/jruby/issues/597
+        if RestClient::Platform.jruby?
+          net.cert_store ||= OpenSSL::X509::Store.new
+        end
+
+        if ssl_verify_callback_warnings != false
+          if print_verify_callback_warnings
+            warn('pass :ssl_verify_callback_warnings => false to silence this')
+          end
+        end
+      end
 
       RestClient.before_execution_procs.each do |before_proc|
         before_proc.call(req, args)
@@ -182,6 +216,11 @@ module RestClient
       raise RestClient::ServerBrokeConnection
     rescue Timeout::Error
       raise RestClient::RequestTimeout
+    rescue OpenSSL::SSL::SSLError => error
+      # UGH. Not sure if this is needed at all. SSLCertificateNotVerified is not being used internally.
+      # I think it would be better to leave SSLError processing to the client (they'd have to do that anyway...)
+      raise SSLCertificateNotVerified.new(error.message) if error.message.include?("certificate verify failed")
+      raise error
     end
 
     def setup_credentials(req)
@@ -295,6 +334,11 @@ module RestClient
       {:accept => '*/*; q=0.5, application/xml', :accept_encoding => 'gzip, deflate'}
     end
 
+    private
+      def parser
+        URI.const_defined?(:Parser) ? URI::Parser.new : URI
+      end
+
   end
 end
 

data/lib/restclient/response.rb

@@ -6,7 +6,9 @@ module RestClient
 
     include AbstractResponse
 
-    attr_accessor :args, :body, :net_http_res
+    attr_accessor :args, :net_http_res
+
+    attr_writer :body
 
     def body
       self

data/lib/restclient/version.rb

@@ -0,0 +1,7 @@
+module RestClient
+  VERSION = '1.6.8.rc1' unless defined?(self::VERSION)
+
+  def self.version
+    VERSION
+  end
+end

data/rest-client.gemspec

@@ -0,0 +1,26 @@
+# -*- encoding: utf-8 -*-
+
+require File.expand_path("../lib/restclient/version", __FILE__)
+
+Gem::Specification.new do |s|
+  s.name = 'rest-client'
+  s.version = RestClient::VERSION
+  s.authors = ['REST Client Team']
+  s.description = 'A simple HTTP and REST client for Ruby, inspired by the Sinatra microframework style of specifying actions: get, put, post, delete.'
+  s.license = 'MIT'
+  s.email = 'rest.client@librelist.com'
+  s.executables = ['restclient']
+  s.extra_rdoc_files = ["README.rdoc", "history.md"]
+  s.files = `git ls-files`.split("\n")
+  s.test_files = `git ls-files -- spec/*`.split("\n")
+  s.homepage = 'https://github.com/rest-client/rest-client'
+  s.summary = 'Simple HTTP and REST client for Ruby, inspired by microframework syntax for specifying actions.'
+
+  s.add_dependency(%q<mime-types>, ["~> 1.16"])
+  s.add_dependency(%q<rdoc>, [">= 2.4.2"])
+  s.add_development_dependency(%q<rake>, ["~> 10.0"])
+  s.add_development_dependency(%q<webmock>, ["~> 1.4"])
+  s.add_development_dependency(%q<rspec>, ["~> 2.4"])
+  s.add_development_dependency(%q<pry>)
+end
+

data/spec/abstract_response_spec.rb

@@ -16,55 +16,55 @@ describe RestClient::AbstractResponse do
   end
 
   before do
-    @net_http_res = mock('net http response')
+    @net_http_res = double('net http response')
     @response = MyAbstractResponse.new(@net_http_res, {})
   end
 
   it "fetches the numeric response code" do
     @net_http_res.should_receive(:code).and_return('200')
-    @response.code.should == 200
+    @response.code.should eq 200
   end
 
   it "has a nice description" do
     @net_http_res.should_receive(:to_hash).and_return({'Content-Type' => ['application/pdf']})
     @net_http_res.should_receive(:code).and_return('200')
-    @response.description == '200 OK | application/pdf  bytes\n'
+    @response.description.should eq "200 OK | application/pdf  bytes\n"
   end
 
   it "beautifies the headers by turning the keys to symbols" do
     h = RestClient::AbstractResponse.beautify_headers('content-type' => [ 'x' ])
-    h.keys.first.should == :content_type
+    h.keys.first.should eq :content_type
   end
 
   it "beautifies the headers by turning the values to strings instead of one-element arrays" do
     h = RestClient::AbstractResponse.beautify_headers('x' => [ 'text/html' ] )
-    h.values.first.should == 'text/html'
+    h.values.first.should eq 'text/html'
   end
 
   it "fetches the headers" do
     @net_http_res.should_receive(:to_hash).and_return('content-type' => [ 'text/html' ])
-    @response.headers.should == { :content_type => 'text/html' }
+    @response.headers.should eq({ :content_type => 'text/html' })
   end
 
   it "extracts cookies from response headers" do
     @net_http_res.should_receive(:to_hash).and_return('set-cookie' => ['session_id=1; path=/'])
-    @response.cookies.should == { 'session_id' => '1' }
+    @response.cookies.should eq({ 'session_id' => '1' })
   end
 
   it "extract strange cookies" do
     @net_http_res.should_receive(:to_hash).and_return('set-cookie' => ['session_id=ZJ/HQVH6YE+rVkTpn0zvTQ==; path=/'])
-    @response.cookies.should == { 'session_id' => 'ZJ%2FHQVH6YE+rVkTpn0zvTQ%3D%3D' }
+    @response.cookies.should eq({ 'session_id' => 'ZJ%2FHQVH6YE+rVkTpn0zvTQ%3D%3D' })
   end
 
   it "doesn't escape cookies" do
     @net_http_res.should_receive(:to_hash).and_return('set-cookie' => ['session_id=BAh7BzoNYXBwX25hbWUiEGFwcGxpY2F0aW9uOgpsb2dpbiIKYWRtaW4%3D%0A--08114ba654f17c04d20dcc5228ec672508f738ca; path=/'])
-    @response.cookies.should == { 'session_id' => 'BAh7BzoNYXBwX25hbWUiEGFwcGxpY2F0aW9uOgpsb2dpbiIKYWRtaW4%3D%0A--08114ba654f17c04d20dcc5228ec672508f738ca' }
+    @response.cookies.should eq({ 'session_id' => 'BAh7BzoNYXBwX25hbWUiEGFwcGxpY2F0aW9uOgpsb2dpbiIKYWRtaW4%3D%0A--08114ba654f17c04d20dcc5228ec672508f738ca' })
   end
 
   it "can access the net http result directly" do
-    @response.net_http_res.should == @net_http_res
+    @response.net_http_res.should eq @net_http_res
   end
-  
+
   describe "#return!" do
     it "should return the response itself on 200-codes" do
       @net_http_res.should_receive(:code).and_return('200')
@@ -75,7 +75,7 @@ describe RestClient::AbstractResponse do
       @net_http_res.should_receive(:code).and_return('1000')
       lambda { @response.return! }.should raise_error RestClient::RequestFailed
     end
-    
+
     it "should raise an error on a redirection after non-GET/HEAD requests" do
       @net_http_res.should_receive(:code).and_return('301')
       @response.args.merge(:method => :put)

data/spec/base.rb

@@ -1,11 +1,8 @@
 def is_ruby_19?
-  RUBY_VERSION == '1.9.1' or RUBY_VERSION == '1.9.2'
+  RUBY_VERSION > '1.9'
 end
 
-Encoding.default_internal = Encoding.default_external = "ASCII-8BIT" if is_ruby_19?
-
 require 'rubygems'
-require 'spec'
 
 begin
   require "ruby-debug"

data/spec/exceptions_spec.rb

@@ -1,23 +1,23 @@
 require File.join( File.dirname(File.expand_path(__FILE__)), 'base')
 
 require 'webmock/rspec'
-include WebMock
+include WebMock::API
 
 describe RestClient::Exception do
   it "returns a 'message' equal to the class name if the message is not set, because 'message' should not be nil" do
     e = RestClient::Exception.new
-    e.message.should == "RestClient::Exception"
+    e.message.should eq "RestClient::Exception"
   end
-  
+
   it "returns the 'message' that was set" do
     e = RestClient::Exception.new
     message = "An explicitly set message"
     e.message = message
-    e.message.should == message
+    e.message.should eq message
   end
-  
+
   it "sets the exception message to ErrorMessage" do
-    RestClient::ResourceNotFound.new.message.should == 'Resource Not Found'
+    RestClient::ResourceNotFound.new.message.should eq 'Resource Not Found'
   end
 
   it "contains exceptions in RestClient" do
@@ -29,13 +29,13 @@ end
 describe RestClient::ServerBrokeConnection do
   it "should have a default message of 'Server broke connection'" do
     e = RestClient::ServerBrokeConnection.new
-    e.message.should == 'Server broke connection'
+    e.message.should eq 'Server broke connection'
   end
 end
 
 describe RestClient::RequestFailed do
   before do
-    @response = mock('HTTP Response', :code => '502')
+    @response = double('HTTP Response', :code => '502')
   end
 
   it "stores the http response on the exception" do
@@ -43,17 +43,17 @@ describe RestClient::RequestFailed do
     begin
       raise RestClient::RequestFailed, response
     rescue RestClient::RequestFailed => e
-      e.response.should == response
+      e.response.should eq response
     end
   end
 
   it "http_code convenience method for fetching the code as an integer" do
-    RestClient::RequestFailed.new(@response).http_code.should == 502
+    RestClient::RequestFailed.new(@response).http_code.should eq 502
   end
 
   it "http_body convenience method for fetching the body (decoding when necessary)" do
-    RestClient::RequestFailed.new(@response).http_code.should == 502
-    RestClient::RequestFailed.new(@response).message.should == 'HTTP status code 502'
+    RestClient::RequestFailed.new(@response).http_code.should eq 502
+    RestClient::RequestFailed.new(@response).message.should eq 'HTTP status code 502'
   end
 
   it "shows the status code in the message" do
@@ -67,22 +67,22 @@ describe RestClient::ResourceNotFound do
     begin
       raise RestClient::ResourceNotFound, response
     rescue RestClient::ResourceNotFound => e
-      e.response.should == response
+      e.response.should eq response
     end
   end
 end
 
 describe "backwards compatibility" do
   it "alias RestClient::Request::Redirect to RestClient::Redirect" do
-    RestClient::Request::Redirect.should == RestClient::Redirect
+    RestClient::Request::Redirect.should eq RestClient::Redirect
   end
 
   it "alias RestClient::Request::Unauthorized to RestClient::Unauthorized" do
-    RestClient::Request::Unauthorized.should == RestClient::Unauthorized
+    RestClient::Request::Unauthorized.should eq RestClient::Unauthorized
   end
 
   it "alias RestClient::Request::RequestFailed to RestClient::RequestFailed" do
-    RestClient::Request::RequestFailed.should == RestClient::RequestFailed
+    RestClient::Request::RequestFailed.should eq RestClient::RequestFailed
   end
 
   it "make the exception's response act like an Net::HTTPResponse" do
@@ -92,7 +92,7 @@ describe "backwards compatibility" do
       RestClient.get "www.example.com"
       raise
     rescue RestClient::ResourceNotFound => e
-      e.response.body.should == body
+      e.response.body.should eq body
     end
   end
 end

data/spec/integration/capath_digicert/244b5494.0

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw
+KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw
+MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ
+MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu
+Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t
+Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS
+OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3
+MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ
+NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe
+h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB
+Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY
+JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ
+V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp
+myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK
+mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K
+-----END CERTIFICATE-----