Class: HTTPX::SSL

Inherits:
TCP
  • Object
show all
Defined in:
lib/httpx/io/ssl.rb

Direct Known Subclasses

ProxySSL

Constant Summary collapse

TLS_OPTIONS =
if OpenSSL::SSL::SSLContext.instance_methods.include?(:alpn_protocols)
  { alpn_protocols: %w[h2 http/1.1] }
else
  {}
end

Constants included from Loggable

Loggable::COLORS

Instance Attribute Summary

Attributes inherited from TCP

#addresses, #ip, #port

Instance Method Summary collapse

Methods inherited from TCP

#closed?, #to_io

Methods included from Loggable

#log, #log_exception

Constructor Details

#initialize(_, _, options) ⇒ SSL

Returns a new instance of SSL.



13
14
15
16
17
18
19
# File 'lib/httpx/io/ssl.rb', line 13

def initialize(_, _, options)
  @ctx = OpenSSL::SSL::SSLContext.new
  ctx_options = TLS_OPTIONS.merge(options.ssl)
  @ctx.set_params(ctx_options) unless ctx_options.empty?
  super
  @state = :negotiated if @keep_open
end

Instance Method Details

#closeObject



38
39
40
41
42
43
44
# File 'lib/httpx/io/ssl.rb', line 38

def close
  super
  # allow reconnections
  # connect only works if initial @io is a socket
  @io = @io.io if @io.respond_to?(:io)
  @negotiated = false
end

#connectObject



50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# File 'lib/httpx/io/ssl.rb', line 50

def connect
  super
  if @keep_open
    @state = :negotiated
    return
  end
  return if @state == :negotiated ||
            @state != :connected

  unless @io.is_a?(OpenSSL::SSL::SSLSocket)
    @io = OpenSSL::SSL::SSLSocket.new(@io, @ctx)
    @io.hostname = @hostname
    @io.sync_close = true
  end
  @io.connect_nonblock
  @io.post_connection_check(@hostname) if @ctx.verify_mode != OpenSSL::SSL::VERIFY_NONE
  transition(:negotiated)
rescue ::IO::WaitReadable,
       ::IO::WaitWritable
end

#connected?Boolean

Returns:

  • (Boolean)


46
47
48
# File 'lib/httpx/io/ssl.rb', line 46

def connected?
  @state == :negotiated
end

#inspectObject



97
98
99
100
# File 'lib/httpx/io/ssl.rb', line 97

def inspect
  id = @io.closed? ? "closed" : @io.to_io.fileno
  "#<SSL(fd: #{id}): #{@ip}:#{@port} state: #{@state}>"
end

#protocolObject



25
26
27
28
29
# File 'lib/httpx/io/ssl.rb', line 25

def protocol
  @io.alpn_protocol || super
rescue StandardError
  super
end

#read(size, buffer) ⇒ Object



72
73
74
75
76
# File 'lib/httpx/io/ssl.rb', line 72

def read(*)
  super
rescue ::IO::WaitWritable
  0
end

#schemeObject



21
22
23
# File 'lib/httpx/io/ssl.rb', line 21

def scheme
  "https"
end

#verify_hostname(host) ⇒ Object



31
32
33
34
35
36
# File 'lib/httpx/io/ssl.rb', line 31

def verify_hostname(host)
  return false if @ctx.verify_mode == OpenSSL::SSL::VERIFY_NONE
  return false if @io.peer_cert.nil?

  OpenSSL::SSL.verify_certificate_identity(@io.peer_cert, host)
end

#writeObject



78
79
80
81
82
# File 'lib/httpx/io/ssl.rb', line 78

def write(*)
  super
rescue ::IO::WaitReadable
  0
end