Class: Riemann::Client::SSLSocket

Inherits:

TcpSocket

Object
TcpSocket
Riemann::Client::SSLSocket

show all

Defined in:: lib/riemann/client/ssl_socket.rb

Overview

Socket: A specialized socket that has been configure

Instance Attribute Summary

Attributes inherited from TcpSocket

#connect_timeout, #host, #keepalive_count, #keepalive_idle, #keepalive_interval, #port, #read_timeout, #write_timeout

Instance Method Summary collapse

#connect_nonblock(addr, timeout) ⇒ Object

Internal: Connect to the give address within the timeout.
#initialize(options = {}) ⇒ SSLSocket constructor

A new instance of SSLSocket.
#ssl_context ⇒ Object

Methods inherited from TcpSocket

#close, #closed?, connect, #connect, #connect_nonblock_finalize, #connect_or_error, #keepalive_active?, #read, #readpartial, #socket, #socket_factory, #using_keepalive?, #wait_readable, #wait_writable, #write

Constructor Details

#initialize(options = {}) ⇒ `SSLSocket`

Returns a new instance of SSLSocket.

# File 'lib/riemann/client/ssl_socket.rb', line 10

def initialize(options = {})
  super(options)
  @key_file = options[:key_file]
  @cert_file = options[:cert_file]
  @ca_file = options[:ca_file]
  @ssl_verify = options[:ssl_verify]
end

Instance Method Details

#connect_nonblock(addr, timeout) ⇒ `Object`

Internal: Connect to the give address within the timeout.

Make an attempt to connect to a single address within the given timeout.

Return the ::Socket when it is connected, or raise an Error if no connection was possible.

# File 'lib/riemann/client/ssl_socket.rb', line 34

def connect_nonblock(addr, timeout)
  sock = super(addr, timeout)
  ssl_socket = OpenSSL::SSL::SSLSocket.new(sock, ssl_context)
  ssl_socket.sync = true

  begin
    ssl_socket.connect_nonblock
  rescue IO::WaitReadable
    unless IO.select([ssl_socket], nil, nil, timeout)
      raise Timeout, "Could not read from #{host}:#{port} in #{timeout} seconds"
    end

    retry
  rescue IO::WaitWritable
    unless IO.select(nil, [ssl_socket], nil, timeout)
      raise Timeout, "Could not write to #{host}:#{port} in #{timeout} seconds"
    end

    retry
  end
  ssl_socket
end

#ssl_context ⇒ `Object`

# File 'lib/riemann/client/ssl_socket.rb', line 18

def ssl_context
  @ssl_context ||= OpenSSL::SSL::SSLContext.new.tap do |ctx|
    ctx.key = OpenSSL::PKey::RSA.new(File.read(@key_file))
    ctx.cert = OpenSSL::X509::Certificate.new(File.read(@cert_file))
    ctx.ca_file = @ca_file if @ca_file
    ctx.min_version = OpenSSL::SSL::TLS1_2_VERSION
    ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER if @ssl_verify
  end
end