rest-client 1.6.7 → 1.8.0

data/lib/restclient/windows/root_certs.rb

@@ -0,0 +1,105 @@
+require 'openssl'
+require 'ffi'
+
+# Adapted from Puppet, Copyright (c) Puppet Labs Inc,
+# licensed under the Apache License, Version 2.0.
+#
+# https://github.com/puppetlabs/puppet/blob/bbe30e0a/lib/puppet/util/windows/root_certs.rb
+
+# Represents a collection of trusted root certificates.
+#
+# @api public
+class RestClient::Windows::RootCerts
+  include Enumerable
+  extend FFI::Library
+
+  typedef :ulong, :dword
+  typedef :uintptr_t, :handle
+
+  def initialize(roots)
+    @roots = roots
+  end
+
+  # Enumerates each root certificate.
+  # @yieldparam cert [OpenSSL::X509::Certificate] each root certificate
+  # @api public
+  def each
+    @roots.each {|cert| yield cert}
+  end
+
+  # Returns a new instance.
+  # @return [RestClient::Windows::RootCerts] object constructed from current root certificates
+  def self.instance
+    new(self.load_certs)
+  end
+
+  # Returns an array of root certificates.
+  #
+  # @return [Array<[OpenSSL::X509::Certificate]>] an array of root certificates
+  # @api private
+  def self.load_certs
+    certs = []
+
+    # This is based on a patch submitted to openssl:
+    # http://www.mail-archive.com/openssl-dev@openssl.org/msg26958.html
+    ptr = FFI::Pointer::NULL
+    store = CertOpenSystemStoreA(nil, "ROOT")
+    begin
+      while (ptr = CertEnumCertificatesInStore(store, ptr)) and not ptr.null?
+        context = CERT_CONTEXT.new(ptr)
+        cert_buf = context[:pbCertEncoded].read_bytes(context[:cbCertEncoded])
+        begin
+          certs << OpenSSL::X509::Certificate.new(cert_buf)
+        rescue => detail
+          warn("Failed to import root certificate: #{detail.inspect}")
+        end
+      end
+    ensure
+      CertCloseStore(store, 0)
+    end
+
+    certs
+  end
+
+  private
+
+  # typedef ULONG_PTR HCRYPTPROV_LEGACY;
+  # typedef void *HCERTSTORE;
+
+  class CERT_CONTEXT < FFI::Struct
+    layout(
+      :dwCertEncodingType, :dword,
+      :pbCertEncoded,      :pointer,
+      :cbCertEncoded,      :dword,
+      :pCertInfo,          :pointer,
+      :hCertStore,         :handle
+    )
+  end
+
+  # HCERTSTORE
+  # WINAPI
+  # CertOpenSystemStoreA(
+  #   __in_opt HCRYPTPROV_LEGACY hProv,
+  #   __in LPCSTR szSubsystemProtocol
+  #   );
+  ffi_lib :crypt32
+  attach_function :CertOpenSystemStoreA, [:pointer, :string], :handle
+
+  # PCCERT_CONTEXT
+  # WINAPI
+  # CertEnumCertificatesInStore(
+  #   __in HCERTSTORE hCertStore,
+  #   __in_opt PCCERT_CONTEXT pPrevCertContext
+  #   );
+  ffi_lib :crypt32
+  attach_function :CertEnumCertificatesInStore, [:handle, :pointer], :pointer
+
+  # BOOL
+  # WINAPI
+  # CertCloseStore(
+  #   __in_opt HCERTSTORE hCertStore,
+  #   __in DWORD dwFlags
+  #   );
+  ffi_lib :crypt32
+  attach_function :CertCloseStore, [:handle, :dword], :bool
+end

data/lib/restclient/windows.rb

@@ -0,0 +1,8 @@
+module RestClient
+  module Windows
+  end
+end
+
+if RestClient::Platform.windows?
+  require_relative './windows/root_certs'
+end

data/lib/restclient.rb

@@ -1,14 +1,11 @@
+require 'net/http'
+require 'openssl'
+require 'stringio'
 require 'uri'
 require 'zlib'
-require 'stringio'
-
-begin
-  require 'net/https'
-rescue LoadError => e
-  raise e unless RUBY_PLATFORM =~ /linux/
-  raise LoadError, "no such file to load -- net/https. Try running apt-get install libopenssl-ruby"
-end
 
+require File.dirname(__FILE__) + '/restclient/version'
+require File.dirname(__FILE__) + '/restclient/platform'
 require File.dirname(__FILE__) + '/restclient/exceptions'
 require File.dirname(__FILE__) + '/restclient/request'
 require File.dirname(__FILE__) + '/restclient/abstract_response'
@@ -16,7 +13,7 @@ require File.dirname(__FILE__) + '/restclient/response'
 require File.dirname(__FILE__) + '/restclient/raw_response'
 require File.dirname(__FILE__) + '/restclient/resource'
 require File.dirname(__FILE__) + '/restclient/payload'
-require File.dirname(__FILE__) + '/restclient/net_http_ext'
+require File.dirname(__FILE__) + '/restclient/windows'
 
 # This module's static methods are the entry point for using the REST client.
 #
@@ -103,12 +100,6 @@ module RestClient
     @@log = create_log log
   end
 
-  def self.version
-    version_path = File.dirname(__FILE__) + "/../VERSION"
-    return File.read(version_path).chomp if File.file?(version_path)
-    "0.0.0"
-  end
-
   # Create a log that respond to << like a logger
   # param can be 'stdout', 'stderr', a string (then we will log to that file) or a logger (then we return it)
   def self.create_log param

data/rest-client.gemspec

@@ -0,0 +1,30 @@
+# -*- encoding: utf-8 -*-
+
+require File.expand_path('../lib/restclient/version', __FILE__)
+
+Gem::Specification.new do |s|
+  s.name = 'rest-client'
+  s.version = RestClient::VERSION
+  s.authors = ['REST Client Team']
+  s.description = 'A simple HTTP and REST client for Ruby, inspired by the Sinatra microframework style of specifying actions: get, put, post, delete.'
+  s.license = 'MIT'
+  s.email = 'rest.client@librelist.com'
+  s.executables = ['restclient']
+  s.extra_rdoc_files = ['README.rdoc', 'history.md']
+  s.files = `git ls-files -z`.split("\0")
+  s.test_files = `git ls-files -z spec/`.split("\0")
+  s.homepage = 'https://github.com/rest-client/rest-client'
+  s.summary = 'Simple HTTP and REST client for Ruby, inspired by microframework syntax for specifying actions.'
+
+  s.add_development_dependency('webmock', '~> 1.4')
+  s.add_development_dependency('rspec', '~> 2.4')
+  s.add_development_dependency('pry')
+  s.add_development_dependency('pry-doc')
+  s.add_development_dependency('rdoc', '>= 2.4.2', '< 5.0')
+
+  s.add_dependency('http-cookie', '>= 1.0.2', '< 2.0')
+  s.add_dependency('mime-types', '>= 1.16', '< 3.0')
+  s.add_dependency('netrc', '~> 0.7')
+
+  s.required_ruby_version = '>= 1.9.2'
+end

data/rest-client.windows.gemspec

@@ -0,0 +1,19 @@
+#
+# Gemspec for Windows platforms. We can't put these in the main gemspec because
+# it results in bundler platform hell when trying to build the gem.
+#
+# Set $BUILD_PLATFORM when calling gem build with this gemspec to build for
+# Windows platforms like x86-mingw32.
+#
+s = eval(File.read(File.join(File.dirname(__FILE__), 'rest-client.gemspec')))
+
+platform = ENV['BUILD_PLATFORM'] || RUBY_PLATFORM
+
+case platform
+when /(mingw32|mswin32)/
+  # ffi is needed for RestClient::Windows::RootCerts
+  s.add_dependency('ffi', '~> 1.9')
+  s.platform = platform
+end
+
+s

data/spec/integration/capath_digicert/244b5494.0

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw
+KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw
+MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ
+MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu
+Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t
+Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS
+OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3
+MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ
+NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe
+h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB
+Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY
+JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ
+V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp
+myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK
+mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K
+-----END CERTIFICATE-----

data/spec/integration/capath_digicert/81b9768f.0

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw
+KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw
+MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ
+MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu
+Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t
+Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS
+OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3
+MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ
+NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe
+h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB
+Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY
+JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ
+V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp
+myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK
+mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K
+-----END CERTIFICATE-----

data/spec/integration/capath_digicert/README

@@ -0,0 +1,8 @@
+The CA path symlinks can be created by c_rehash(1ssl).
+
+But in order for the tests to work on Windows, they have to be regular files.
+You can turn them all into regular files by running this on a GNU system:
+
+    for file in $(find . -type l); do
+        cp -iv --remove-destination $(readlink -e $file) $file
+    done

data/spec/integration/capath_digicert/digicert.crt

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw
+KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw
+MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ
+MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu
+Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t
+Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS
+OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3
+MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ
+NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe
+h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB
+Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY
+JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ
+V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp
+myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK
+mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K
+-----END CERTIFICATE-----

data/spec/integration/capath_verisign/415660c1.0

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+-----END CERTIFICATE-----

data/spec/integration/capath_verisign/7651b327.0

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+-----END CERTIFICATE-----

data/spec/integration/capath_verisign/README

@@ -0,0 +1,8 @@
+The CA path symlinks can be created by c_rehash(1ssl).
+
+But in order for the tests to work on Windows, they have to be regular files.
+You can turn them all into regular files by running this on a GNU system:
+
+    for file in $(find . -type l); do
+        cp -iv --remove-destination $(readlink -e $file) $file
+    done

data/spec/integration/capath_verisign/verisign.crt

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+-----END CERTIFICATE-----

data/spec/integration/certs/digicert.crt

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw
+KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw
+MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ
+MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu
+Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t
+Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS
+OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3
+MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ
+NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe
+h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB
+Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY
+JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ
+V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp
+myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK
+mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe
+vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K
+-----END CERTIFICATE-----

data/spec/{integration_spec.rb → integration/integration_spec.rb}

@@ -1,7 +1,4 @@
-require File.join( File.dirname(File.expand_path(__FILE__)), 'base')
-
-require 'webmock/rspec'
-include WebMock
+require 'spec_helper'
 
 describe RestClient do
 
@@ -9,15 +6,15 @@ describe RestClient do
     body = 'abc'
     stub_request(:get, "www.example.com").to_return(:body => body, :status => 200)
     response = RestClient.get "www.example.com"
-    response.code.should == 200
-    response.body.should == body
+    response.code.should eq 200
+    response.body.should eq body
   end
 
   it "a simple request with gzipped content" do
     stub_request(:get, "www.example.com").with(:headers => { 'Accept-Encoding' => 'gzip, deflate' }).to_return(:body => "\037\213\b\b\006'\252H\000\003t\000\313T\317UH\257\312,HM\341\002\000G\242(\r\v\000\000\000", :status => 200,  :headers => { 'Content-Encoding' => 'gzip' } )
     response = RestClient.get "www.example.com"
-    response.code.should == 200
-    response.body.should == "i'm gziped\n"
+    response.code.should eq 200
+    response.body.should eq "i'm gziped\n"
   end
 
   it "a 404" do
@@ -27,12 +24,12 @@ describe RestClient do
       RestClient.get "www.example.com"
       raise
     rescue RestClient::ResourceNotFound => e
-      e.http_code.should == 404
-      e.response.code.should == 404
-      e.response.body.should == body
-      e.http_body.should == body
+      e.http_code.should eq 404
+      e.response.code.should eq 404
+      e.response.body.should eq body
+      e.http_body.should eq body
     end
   end
 
 
-end
+end

data/spec/integration/request_spec.rb

@@ -1,25 +1,104 @@
-require File.join( File.dirname(File.expand_path(__FILE__)), '../base')
+require 'spec_helper'
 
 describe RestClient::Request do
+  before(:all) do
+    WebMock.disable!
+  end
+
+  after(:all) do
+    WebMock.enable!
+  end
+
   describe "ssl verification" do
     it "is successful with the correct ca_file" do
       request = RestClient::Request.new(
         :method => :get,
-        :url => 'https://www.mozilla.com',
-        :verify_ssl => OpenSSL::SSL::VERIFY_PEER,
-        :ssl_ca_file => File.join(File.dirname(__FILE__), "certs", "equifax.crt")
+        :url => 'https://www.mozilla.org',
+        :ssl_ca_file => File.join(File.dirname(__FILE__), "certs", "digicert.crt")
+      )
+      expect { request.execute }.to_not raise_error
+    end
+
+    it "is successful with the correct ca_path" do
+      request = RestClient::Request.new(
+        :method => :get,
+        :url => 'https://www.mozilla.org',
+        :ssl_ca_path => File.join(File.dirname(__FILE__), "capath_digicert")
       )
       expect { request.execute }.to_not raise_error
     end
 
-    it "is unsuccessful with an incorrect ca_file" do
+    # TODO: deprecate and remove RestClient::SSLCertificateNotVerified and just
+    # pass through OpenSSL::SSL::SSLError directly. See note in
+    # lib/restclient/request.rb.
+    #
+    # On OS X, this test fails since Apple has patched OpenSSL to always fall
+    # back on the system CA store.
+    it "is unsuccessful with an incorrect ca_file", :unless => RestClient::Platform.mac_mri? do
       request = RestClient::Request.new(
         :method => :get,
-        :url => 'https://www.mozilla.com',
-        :verify_ssl => OpenSSL::SSL::VERIFY_PEER,
+        :url => 'https://www.mozilla.org',
         :ssl_ca_file => File.join(File.dirname(__FILE__), "certs", "verisign.crt")
       )
       expect { request.execute }.to raise_error(RestClient::SSLCertificateNotVerified)
     end
+
+    # On OS X, this test fails since Apple has patched OpenSSL to always fall
+    # back on the system CA store.
+    it "is unsuccessful with an incorrect ca_path", :unless => RestClient::Platform.mac_mri? do
+      request = RestClient::Request.new(
+        :method => :get,
+        :url => 'https://www.mozilla.org',
+        :ssl_ca_path => File.join(File.dirname(__FILE__), "capath_verisign")
+      )
+      expect { request.execute }.to raise_error(RestClient::SSLCertificateNotVerified)
+    end
+
+    it "is successful using the default system cert store" do
+      request = RestClient::Request.new(
+        :method => :get,
+        :url => 'https://www.mozilla.org',
+        :verify_ssl => true,
+      )
+      expect {request.execute }.to_not raise_error
+    end
+
+    it "executes the verify_callback" do
+      ran_callback = false
+      request = RestClient::Request.new(
+        :method => :get,
+        :url => 'https://www.mozilla.org',
+        :verify_ssl => true,
+        :ssl_verify_callback => lambda { |preverify_ok, store_ctx|
+          ran_callback = true
+          preverify_ok
+        },
+      )
+      expect {request.execute }.to_not raise_error
+      ran_callback.should eq(true)
+    end
+
+    it "fails verification when the callback returns false",
+       :unless => RestClient::Platform.mac_mri? do
+      request = RestClient::Request.new(
+        :method => :get,
+        :url => 'https://www.mozilla.org',
+        :verify_ssl => true,
+        :ssl_verify_callback => lambda { |preverify_ok, store_ctx| false },
+      )
+      expect { request.execute }.to raise_error(RestClient::SSLCertificateNotVerified)
+    end
+
+    it "succeeds verification when the callback returns true",
+       :unless => RestClient::Platform.mac_mri? do
+      request = RestClient::Request.new(
+        :method => :get,
+        :url => 'https://www.mozilla.org',
+        :verify_ssl => true,
+        :ssl_ca_file => File.join(File.dirname(__FILE__), "certs", "verisign.crt"),
+        :ssl_verify_callback => lambda { |preverify_ok, store_ctx| true },
+      )
+      expect { request.execute }.to_not raise_error
+    end
   end
 end

data/spec/spec_helper.rb

@@ -0,0 +1,2 @@
+require 'webmock/rspec'
+require 'restclient'

data/spec/{abstract_response_spec.rb → unit/abstract_response_spec.rb}

@@ -1,4 +1,4 @@
-require File.join( File.dirname(File.expand_path(__FILE__)), 'base')
+require 'spec_helper'
 
 describe RestClient::AbstractResponse do
 
@@ -8,63 +8,66 @@ describe RestClient::AbstractResponse do
 
     attr_accessor :size
 
-    def initialize net_http_res, args
+    def initialize net_http_res, args, request
       @net_http_res = net_http_res
       @args = args
+      @request = request
     end
 
   end
 
   before do
-    @net_http_res = mock('net http response')
-    @response = MyAbstractResponse.new(@net_http_res, {})
+    @net_http_res = double('net http response')
+    @request = double('restclient request', :url => 'http://example.com')
+    @response = MyAbstractResponse.new(@net_http_res, {}, @request)
   end
 
   it "fetches the numeric response code" do
     @net_http_res.should_receive(:code).and_return('200')
-    @response.code.should == 200
+    @response.code.should eq 200
   end
 
   it "has a nice description" do
     @net_http_res.should_receive(:to_hash).and_return({'Content-Type' => ['application/pdf']})
     @net_http_res.should_receive(:code).and_return('200')
-    @response.description == '200 OK | application/pdf  bytes\n'
+    @response.description.should eq "200 OK | application/pdf  bytes\n"
   end
 
   it "beautifies the headers by turning the keys to symbols" do
     h = RestClient::AbstractResponse.beautify_headers('content-type' => [ 'x' ])
-    h.keys.first.should == :content_type
+    h.keys.first.should eq :content_type
   end
 
   it "beautifies the headers by turning the values to strings instead of one-element arrays" do
     h = RestClient::AbstractResponse.beautify_headers('x' => [ 'text/html' ] )
-    h.values.first.should == 'text/html'
+    h.values.first.should eq 'text/html'
   end
 
   it "fetches the headers" do
     @net_http_res.should_receive(:to_hash).and_return('content-type' => [ 'text/html' ])
-    @response.headers.should == { :content_type => 'text/html' }
+    @response.headers.should eq({ :content_type => 'text/html' })
   end
 
   it "extracts cookies from response headers" do
     @net_http_res.should_receive(:to_hash).and_return('set-cookie' => ['session_id=1; path=/'])
-    @response.cookies.should == { 'session_id' => '1' }
+    @response.cookies.should eq({ 'session_id' => '1' })
   end
 
   it "extract strange cookies" do
     @net_http_res.should_receive(:to_hash).and_return('set-cookie' => ['session_id=ZJ/HQVH6YE+rVkTpn0zvTQ==; path=/'])
-    @response.cookies.should == { 'session_id' => 'ZJ%2FHQVH6YE+rVkTpn0zvTQ%3D%3D' }
+    @response.headers.should eq({:set_cookie => ['session_id=ZJ/HQVH6YE+rVkTpn0zvTQ==; path=/']})
+    @response.cookies.should eq({ 'session_id' => 'ZJ/HQVH6YE+rVkTpn0zvTQ==' })
   end
 
   it "doesn't escape cookies" do
     @net_http_res.should_receive(:to_hash).and_return('set-cookie' => ['session_id=BAh7BzoNYXBwX25hbWUiEGFwcGxpY2F0aW9uOgpsb2dpbiIKYWRtaW4%3D%0A--08114ba654f17c04d20dcc5228ec672508f738ca; path=/'])
-    @response.cookies.should == { 'session_id' => 'BAh7BzoNYXBwX25hbWUiEGFwcGxpY2F0aW9uOgpsb2dpbiIKYWRtaW4%3D%0A--08114ba654f17c04d20dcc5228ec672508f738ca' }
+    @response.cookies.should eq({ 'session_id' => 'BAh7BzoNYXBwX25hbWUiEGFwcGxpY2F0aW9uOgpsb2dpbiIKYWRtaW4%3D%0A--08114ba654f17c04d20dcc5228ec672508f738ca' })
   end
 
   it "can access the net http result directly" do
-    @response.net_http_res.should == @net_http_res
+    @response.net_http_res.should eq @net_http_res
   end
-  
+
   describe "#return!" do
     it "should return the response itself on 200-codes" do
       @net_http_res.should_receive(:code).and_return('200')
@@ -75,7 +78,7 @@ describe RestClient::AbstractResponse do
       @net_http_res.should_receive(:code).and_return('1000')
       lambda { @response.return! }.should raise_error RestClient::RequestFailed
     end
-    
+
     it "should raise an error on a redirection after non-GET/HEAD requests" do
       @net_http_res.should_receive(:code).and_return('301')
       @response.args.merge(:method => :put)