class HTTPClient::SSLSocket
Wraps up OpenSSL::SSL::SSLSocket and offers debugging features.
Constants
- DEFAULT_SSL_PROTOCOL
Public Class Methods
create_socket(session)
click to toggle source
# File lib/httpclient/jruby_ssl_socket.rb, line 431 def self.create_socket(session) site = session.proxy || session.dest socket = Socket.new(site.host, site.port) begin if session.proxy session.connect_ssl_proxy(JavaSocketWrap.new(socket), Util.urify(session.dest.to_s)) end rescue socket.close raise end new(socket, session.dest, session.ssl_config, session.debug_dev) end
new(socket, dest, config, debug_dev = nil)
click to toggle source
Calls superclass method
HTTPClient::JavaSocketWrap.new
# File lib/httpclient/jruby_ssl_socket.rb, line 446 def initialize(socket, dest, config, debug_dev = nil) if config.ssl_version == :auto ssl_version = DEFAULT_SSL_PROTOCOL else ssl_version = config.ssl_version.to_s.gsub(/_/, '.') end unless config.cert_store_crl_items.empty? raise NotImplementedError.new('Manual CRL configuration is not yet supported') end km = nil if config.client_cert && config.client_key loader = KeyStoreLoader.new loader.add(config.client_cert, config.client_key, config.client_key_pass) kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm) kmf.init(loader.keystore, KeyStoreLoader::PASSWORD) km = kmf.getKeyManagers end trust_store = nil verify_callback = config.verify_callback || config.method(:default_verify_callback) if config.verify_mode == nil tmf = VerifyNoneTrustManagerFactory.new(verify_callback) else tmf = SystemTrustManagerFactory.new(verify_callback) loader = TrustStoreLoader.new config.cert_store_items.each do |item| loader.add(item) end trust_store = loader.trust_store end tmf.init(trust_store) tm = tmf.getTrustManagers ctx = SSLContext.getInstance(ssl_version) ctx.init(km, tm, nil) if config.timeout ctx.getClientSessionContext.setSessionTimeout(config.timeout) end factory = ctx.getSocketFactory begin ssl_socket = factory.createSocket(socket, dest.host, dest.port, true) ssl_socket.setEnabledProtocols([ssl_version].to_java(java.lang.String)) if ssl_version != DEFAULT_SSL_PROTOCOL if config.ciphers != SSLConfig::CIPHERS_DEFAULT ssl_socket.setEnabledCipherSuites(config.ciphers.to_java(java.lang.String)) end ssl_socket.startHandshake ssl_session = ssl_socket.getSession @peer_cert = JavaCertificate.new(ssl_session.getPeerCertificates.first) if $DEBUG warn("Protocol version: #{ssl_session.getProtocol}") warn("Cipher: #{ssl_socket.getSession.getCipherSuite}") end post_connection_check(dest.host, @peer_cert) rescue java.security.GeneralSecurityException => e raise OpenSSL::SSL::SSLError.new(e.getMessage) rescue javax.net.ssl.SSLException => e raise OpenSSL::SSL::SSLError.new(e.getMessage) rescue java.net.SocketException => e raise OpenSSL::SSL::SSLError.new(e.getMessage) end super(ssl_socket, debug_dev) end
Public Instance Methods
<<(str)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 91 def <<(str) rv = @ssl_socket.write(str) debug(str) rv end
close()
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 60 def close @ssl_socket.close @socket.close end
closed?()
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 65 def closed? @socket.closed? end
eof?()
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 69 def eof? @ssl_socket.eof? end
flush()
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 97 def flush @ssl_socket.flush end
gets(rs)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 73 def gets(rs) str = @ssl_socket.gets(rs) debug(str) str end
peer_cert()
click to toggle source
# File lib/httpclient/jruby_ssl_socket.rb, line 512 def peer_cert @peer_cert end
read(size, buf = nil)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 79 def read(size, buf = nil) str = @ssl_socket.read(size, buf) debug(str) str end
readpartial(size, buf = nil)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 85 def readpartial(size, buf = nil) str = @ssl_socket.readpartial(size, buf) debug(str) str end
ssl_connect(hostname = nil)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 42 def ssl_connect(hostname = nil) if hostname && @ssl_socket.respond_to?(:hostname=) @ssl_socket.hostname = hostname end @ssl_socket.connect if $DEBUG if @ssl_socket.respond_to?(:ssl_version) warn("Protocol version: #{@ssl_socket.ssl_version}") end warn("Cipher: #{@ssl_socket.cipher.inspect}") end post_connection_check(hostname) end
sync()
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 101 def sync @ssl_socket.sync end
sync=(sync)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 105 def sync=(sync) @ssl_socket.sync = sync end
Private Instance Methods
check_mask(value, mask)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 126 def check_mask(value, mask) value & mask == mask end
create_openssl_socket(socket)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 130 def create_openssl_socket(socket) ssl_socket = nil if OpenSSL::SSL.const_defined?("SSLContext") ctx = OpenSSL::SSL::SSLContext.new @context.set_context(ctx) ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ctx) else ssl_socket = OpenSSL::SSL::SSLSocket.new(socket) @context.set_context(ssl_socket) end ssl_socket end
debug(str)
click to toggle source
# File lib/httpclient/ssl_socket.rb, line 143 def debug(str) @debug_dev << str if @debug_dev && str end
post_connection_check(hostname, wrap_cert)
click to toggle source
# File lib/httpclient/jruby_ssl_socket.rb, line 518 def post_connection_check(hostname, wrap_cert) BrowserCompatHostnameVerifier.new.verify(hostname, wrap_cert.cert) end