Class: EventMachine::HttpStubConnection
- Inherits:
-
Connection
- Object
- Connection
- EventMachine::HttpStubConnection
- Includes:
- Deferrable
- Defined in:
- lib/em-http/http_connection.rb
Instance Attribute Summary collapse
-
#parent ⇒ Object
Returns the value of attribute parent.
Instance Method Summary collapse
- #certificate_store ⇒ Object
- #connection_completed ⇒ Object
- #host ⇒ Object
- #receive_data(data) ⇒ Object
- #ssl_handshake_completed ⇒ Object
-
#ssl_verify_peer(cert_string) ⇒ Object
TLS verification support, original implementation by Mislav Marohnić github.com/lostisland/faraday/blob/63cf47c95b573539f047c729bd9ad67560bc83ff/lib/faraday/adapter/em_http_ssl_patch.rb.
- #unbind(reason = nil) ⇒ Object
- #verify_peer? ⇒ Boolean
Instance Attribute Details
#parent ⇒ Object
Returns the value of attribute parent.
17 18 19 |
# File 'lib/em-http/http_connection.rb', line 17 def parent @parent end |
Instance Method Details
#certificate_store ⇒ Object
86 87 88 89 90 91 92 93 94 |
# File 'lib/em-http/http_connection.rb', line 86 def certificate_store @certificate_store ||= begin store = OpenSSL::X509::Store.new store.set_default_paths ca_file = parent.connopts.tls[:cert_chain_file] store.add_file(ca_file) if ca_file store end end |
#connection_completed ⇒ Object
32 33 34 |
# File 'lib/em-http/http_connection.rb', line 32 def connection_completed @parent.connection_completed end |
#host ⇒ Object
82 83 84 |
# File 'lib/em-http/http_connection.rb', line 82 def host parent.connopts.host end |
#receive_data(data) ⇒ Object
24 25 26 27 28 29 30 |
# File 'lib/em-http/http_connection.rb', line 24 def receive_data(data) begin @parent.receive_data data rescue EventMachine::Connectify::CONNECTError => e @parent.close(e.) end end |
#ssl_handshake_completed ⇒ Object
64 65 66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/em-http/http_connection.rb', line 64 def ssl_handshake_completed unless verify_peer? warn "[WARNING; em-http-request] TLS hostname validation is disabled (use 'tls: {verify_peer: true}'), see" + " CVE-2020-13482 and https://github.com/igrigorik/em-http-request/issues/339 for details" unless parent.connopts.tls.has_key?(:verify_peer) return true end unless OpenSSL::SSL.verify_certificate_identity(@last_seen_cert, host) raise OpenSSL::SSL::SSLError.new(%(host "#{host}" does not match the server certificate)) else true end end |
#ssl_verify_peer(cert_string) ⇒ Object
TLS verification support, original implementation by Mislav Marohnić github.com/lostisland/faraday/blob/63cf47c95b573539f047c729bd9ad67560bc83ff/lib/faraday/adapter/em_http_ssl_patch.rb
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 |
# File 'lib/em-http/http_connection.rb', line 42 def ssl_verify_peer(cert_string) cert = nil begin cert = OpenSSL::X509::Certificate.new(cert_string) rescue OpenSSL::X509::CertificateError return false end @last_seen_cert = cert if certificate_store.verify(@last_seen_cert) begin certificate_store.add_cert(@last_seen_cert) rescue OpenSSL::X509::StoreError => e raise e unless e. == 'cert already in hash table' end true else raise OpenSSL::SSL::SSLError.new(%(unable to verify the server certificate for "#{host}")) end end |
#unbind(reason = nil) ⇒ Object
36 37 38 |
# File 'lib/em-http/http_connection.rb', line 36 def unbind(reason=nil) @parent.unbind(reason) end |
#verify_peer? ⇒ Boolean
78 79 80 |
# File 'lib/em-http/http_connection.rb', line 78 def verify_peer? parent.connopts.tls[:verify_peer] end |