← Back to branch summary

~ubuntu-branches/ubuntu/utopic/ruby-excon/utopic

« back to all changes in this revision

Viewing changes to lib/excon/ssl_socket.rb

  • Committer: Package Import Robot
  • Author(s): Praveen Arimbrathodiyil
  • Date: 2014-01-14 18:44:24 UTC
  • mfrom: (1.1.4)
  • Revision ID: package-import@ubuntu.com-20140114184424-3nx5mqudhzjpcrjs
Tags: 0.31.0-1
* Team upload
* New upstream release
* Refresh patches
* Bump standards version to 3.9.5 (no changes)

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/excon/ssl_socket.rb
1
1
module Excon
2
2
  class SSLSocket < Socket
3
3
 
 
4
    HAVE_NONBLOCK = [:connect_nonblock, :read_nonblock, :write_nonblock].all? {|m|
 
5
      OpenSSL::SSL::SSLSocket.public_method_defined?(m)
 
6
    }
 
7
 
4
8
    def initialize(data = {})
5
 
      @data = data
6
 
      check_nonblock_support
7
 
 
8
9
      super
9
10
 
10
11
      # create ssl context
11
12
      ssl_context = OpenSSL::SSL::SSLContext.new
12
 
 
 
13
      ssl_context.ciphers = @data[:ciphers]
 
14
      ssl_context.ssl_version = @data[:ssl_version] if @data[:ssl_version]
13
15
      if @data[:ssl_verify_peer]
14
16
        # turn verification on
15
17
        ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
16
18
 
17
 
        if @data[:ssl_ca_path]
18
 
          ssl_context.ca_path = @data[:ssl_ca_path]
19
 
        elsif @data[:ssl_ca_file]
20
 
          ssl_context.ca_file = @data[:ssl_ca_file]
 
19
        if ca_path = ENV['SSL_CERT_DIR'] || @data[:ssl_ca_path]
 
20
          ssl_context.ca_path = ca_path
 
21
        elsif ca_file = ENV['SSL_CERT_FILE'] || @data[:ssl_ca_file]
 
22
          ssl_context.ca_file = ca_file
21
23
        else # attempt default, fallback to bundled
22
24
          ssl_context.cert_store = OpenSSL::X509::Store.new
23
 
          if !defined?(OpenSSL::Config::DEFAULT_CONFIG_FILE) || File.exists?(OpenSSL::Config::DEFAULT_CONFIG_FILE)
24
 
            ssl_context.cert_store.set_default_paths
25
 
          else
26
 
            ssl_context.cert_store.add_file(DEFAULT_CA_FILE)
 
25
          ssl_context.cert_store.set_default_paths
 
26
 
 
27
          # workaround issue #257 (JRUBY-6970)
 
28
          ca_file = DEFAULT_CA_FILE
 
29
          ca_file.gsub!(/^jar:/, "") if ca_file =~ /^jar:file:\//
 
30
 
 
31
          begin
 
32
            ssl_context.cert_store.add_file(ca_file)
 
33
          rescue => e
 
34
            Excon.display_warning("Excon unable to add file to cert store, ignoring: #{ca_file}\n[#{e.class}] #{e.message}")
27
35
          end
28
36
        end
29
37
      else
44
52
      end
45
53
 
46
54
      if @data[:proxy]
47
 
        request = 'CONNECT ' << @data[:host] << ':' << @data[:port] << Excon::HTTP_1_1
48
 
        request << 'Host: ' << @data[:host] << ':' << @data[:port] << Excon::CR_NL
 
55
        request = 'CONNECT ' << @data[:host] << port_string(@data) << Excon::HTTP_1_1
 
56
        request << 'Host: ' << @data[:host] << port_string(@data) << Excon::CR_NL
49
57
 
50
58
        if @data[:proxy][:password] || @data[:proxy][:user]
51
59
          auth = ['' << @data[:proxy][:user].to_s << ':' << @data[:proxy][:password].to_s].pack('m').delete(Excon::CR_NL)
81
89
      @socket
82
90
    end
83
91
 
84
 
    def read(max_length=nil)
85
 
      check_nonblock_support
86
 
      super
87
 
    end
88
 
 
89
 
    def write(data)
90
 
      check_nonblock_support
91
 
      super
92
 
    end
93
 
 
94
92
    private
95
93
 
96
 
    def check_nonblock_support
 
94
    def connect
97
95
      # backwards compatability for things lacking nonblock
98
 
      if !DEFAULT_NONBLOCK && @data[:nonblock]
99
 
        Excon.display_warning("Excon nonblock is not supported by your OpenSSL::SSL::SSLSocket")
100
 
        @data[:nonblock] = false
101
 
      end
102
 
    end
103
 
 
104
 
    def connect
105
 
      check_nonblock_support
 
96
      @nonblock = HAVE_NONBLOCK && @nonblock
106
97
      super
107
98
    end
108
99