Skip to content
Browse files

OpenSSL is no longer required

This allows net-http-persistent to be used where OpenSSL is not
available.

If an HTTPS resource is accessed an exception is raised.
  • Loading branch information...
1 parent 9d79b38 commit 1bf9703b373c429b9934375ccf3af16e5426b942 @drbrain committed
Showing with 96 additions and 30 deletions.
  1. +6 −1 History.txt
  2. +23 −5 lib/net/http/persistent.rb
  3. +57 −20 test/test_net_http_persistent.rb
  4. +10 −4 test/test_net_http_persistent_ssl_reuse.rb
View
7 History.txt
@@ -1,4 +1,9 @@
-=== 2.8.1
+=== 2.9
+
+* Minor enhancement
+ * OpenSSL is no longer required. If OpenSSL is not available an exception
+ will be raised when attempting to access HTTPS resources. Feature request
+ by André Arko
* Bug fixes
* Explain the proper way of sending parameters depending upon the request
View
28 lib/net/http/persistent.rb
@@ -1,5 +1,9 @@
require 'net/http'
-require 'net/https'
+begin
+ require 'net/https'
+rescue LoadError
+ # net/https or openssl
+end if RUBY_VERSION < '1.9' # but only for 1.8
require 'net/http/faster'
require 'uri'
require 'cgi' # for escaping
@@ -9,6 +13,8 @@
rescue LoadError
end
+autoload :OpenSSL, 'openssl'
+
##
# Persistent connections for Net::HTTP
#
@@ -183,9 +189,14 @@ class Net::HTTP::Persistent
EPOCH = Time.at 0 # :nodoc:
##
+ # Is OpenSSL available? This test works with autoload
+
+ HAVE_OPENSSL = defined? OpenSSL::SSL # :nodoc:
+
+ ##
# The version of Net::HTTP::Persistent you are using
- VERSION = '2.8.1'
+ VERSION = '2.9'
##
# Exceptions rescued for automatic retry on ruby 2.0.0. This overlaps with
@@ -198,7 +209,7 @@ class Net::HTTP::Persistent
Errno::ECONNRESET,
Errno::ECONNABORTED,
Errno::EPIPE,
- OpenSSL::SSL::SSLError,
+ (OpenSSL::SSL::SSLError if HAVE_OPENSSL),
Timeout::Error,
].compact
@@ -482,12 +493,16 @@ def initialize name = nil, proxy = nil
@private_key = nil
@ssl_version = nil
@verify_callback = nil
- @verify_mode = OpenSSL::SSL::VERIFY_PEER
+ @verify_mode = nil
@cert_store = nil
@generation = 0 # incremented when proxy URI changes
@ssl_generation = 0 # incremented when SSL session variables change
- @reuse_ssl_sessions = OpenSSL::SSL.const_defined? :Session
+
+ if HAVE_OPENSSL then
+ @verify_mode = OpenSSL::SSL::VERIFY_PEER
+ @reuse_ssl_sessions = OpenSSL::SSL.const_defined? :Session
+ end
@retry_change_requests = false
@@ -563,6 +578,9 @@ def connection_for uri
use_ssl = uri.scheme.downcase == 'https'
if use_ssl then
+ raise Net::HTTP::Persistent::Error, 'OpenSSL is not available' unless
+ HAVE_OPENSSL
+
ssl_generation = @ssl_generation
ssl_cleanup ssl_generation
View
77 test/test_net_http_persistent.rb
@@ -1,9 +1,10 @@
require 'rubygems'
require 'minitest/autorun'
require 'net/http/persistent'
-require 'openssl'
require 'stringio'
+HAVE_OPENSSL = defined?(OpenSSL::SSL)
+
module Net::HTTP::Persistent::TestConnect
def self.included mod
mod.send :alias_method, :orig_connect, :connect
@@ -179,6 +180,8 @@ def test_initialize
assert_empty @http.no_proxy
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
ssl_session_exists = OpenSSL::SSL.const_defined? :Session
assert_equal ssl_session_exists, @http.reuse_ssl_sessions
@@ -190,6 +193,8 @@ def test_initialize_name
end
def test_initialize_no_ssl_session
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
skip "OpenSSL::SSL::Session does not exist on #{RUBY_PLATFORM}" unless
OpenSSL::SSL.const_defined? :Session
@@ -401,6 +406,8 @@ def test_connection_for_refused
end
def test_connection_for_finished_ssl
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
uri = URI.parse 'https://example.com/path'
c = @http.connection_for uri
@@ -561,6 +568,8 @@ def cached.started?; false end
end
def test_connection_for_ssl
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
uri = URI.parse 'https://example.com/path'
c = @http.connection_for uri
@@ -569,6 +578,8 @@ def test_connection_for_ssl
end
def test_connection_for_ssl_cached
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
@uri = URI.parse 'https://example.com/path'
cached = ssl_connection 0
@@ -579,6 +590,8 @@ def test_connection_for_ssl_cached
end
def test_connection_for_ssl_cached_reconnect
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
@uri = URI.parse 'https://example.com/path'
cached = ssl_connection
@@ -591,6 +604,8 @@ def test_connection_for_ssl_cached_reconnect
end
def test_connection_for_ssl_case
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
uri = URI.parse 'HTTPS://example.com/path'
c = @http.connection_for uri
@@ -1201,6 +1216,8 @@ def c.request(*a)
end
def test_request_ssl_error
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
uri = URI.parse 'https://example.com/path'
c = @http.connection_for uri
def c.request(*)
@@ -1410,6 +1427,8 @@ def c.finish() raise IOError end
end
def test_shutdown_ssl
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
@uri = URI 'https://example'
@http.connection_for @uri
@@ -1449,6 +1468,8 @@ def test_shutdown_thread
end
def test_ssl
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
@http.verify_callback = :callback
c = Net::HTTP.new 'localhost', 80
@@ -1461,6 +1482,8 @@ def test_ssl
end
def test_ssl_ca_file
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
@http.ca_file = 'ca_file'
@http.verify_callback = :callback
c = Net::HTTP.new 'localhost', 80
@@ -1473,6 +1496,8 @@ def test_ssl_ca_file
end
def test_ssl_cert_store
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
store = OpenSSL::X509::Store.new
@http.cert_store = store
@@ -1485,6 +1510,8 @@ def test_ssl_cert_store
end
def test_ssl_cert_store_default
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
@http.verify_mode = OpenSSL::SSL::VERIFY_PEER
c = Net::HTTP.new 'localhost', 80
@@ -1496,6 +1523,8 @@ def test_ssl_cert_store_default
end
def test_ssl_certificate
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
@http.certificate = :cert
@http.private_key = :key
c = Net::HTTP.new 'localhost', 80
@@ -1508,6 +1537,8 @@ def test_ssl_certificate
end
def test_ssl_verify_mode
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
@http.verify_mode = OpenSSL::SSL::VERIFY_NONE
c = Net::HTTP.new 'localhost', 80
@@ -1518,35 +1549,41 @@ def test_ssl_verify_mode
end
def test_ssl_warning
- orig_verify_peer = OpenSSL::SSL::VERIFY_PEER
- OpenSSL::SSL.send :remove_const, :VERIFY_PEER
- OpenSSL::SSL.send :const_set, :VERIFY_PEER, OpenSSL::SSL::VERIFY_NONE
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
- c = Net::HTTP.new 'localhost', 80
+ begin
+ orig_verify_peer = OpenSSL::SSL::VERIFY_PEER
+ OpenSSL::SSL.send :remove_const, :VERIFY_PEER
+ OpenSSL::SSL.send :const_set, :VERIFY_PEER, OpenSSL::SSL::VERIFY_NONE
- out, err = capture_io do
- @http.ssl c
- end
+ c = Net::HTTP.new 'localhost', 80
+
+ out, err = capture_io do
+ @http.ssl c
+ end
- assert_empty out
+ assert_empty out
- assert_match %r%localhost:80%, err
- assert_match %r%I_KNOW_THAT_OPENSSL%, err
+ assert_match %r%localhost:80%, err
+ assert_match %r%I_KNOW_THAT_OPENSSL%, err
- Object.send :const_set, :I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG, nil
+ Object.send :const_set, :I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG, nil
- assert_silent do
- @http.ssl c
- end
- ensure
- OpenSSL::SSL.send :remove_const, :VERIFY_PEER
- OpenSSL::SSL.send :const_set, :VERIFY_PEER, orig_verify_peer
- if Object.const_defined?(:I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG) then
- Object.send :remove_const, :I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG
+ assert_silent do
+ @http.ssl c
+ end
+ ensure
+ OpenSSL::SSL.send :remove_const, :VERIFY_PEER
+ OpenSSL::SSL.send :const_set, :VERIFY_PEER, orig_verify_peer
+ if Object.const_defined?(:I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG) then
+ Object.send :remove_const, :I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG
+ end
end
end
def test_ssl_cleanup
+ skip 'OpenSSL is missing' unless HAVE_OPENSSL
+
uri1 = URI.parse 'https://one.example'
c1 = @http.connection_for uri1
View
14 test/test_net_http_persistent_ssl_reuse.rb
@@ -1,9 +1,15 @@
require 'rubygems'
require 'minitest/autorun'
require 'net/http/persistent'
-require 'openssl'
-require 'webrick'
-require 'webrick/ssl'
+have_ssl =
+ begin
+ require 'openssl'
+ require 'webrick'
+ require 'webrick/ssl'
+ true
+ rescue LoadError
+ false
+ end
##
# This test is based on (and contains verbatim code from) the Net::HTTP tests
@@ -102,5 +108,5 @@ def test_ssl_connection_reuse
assert ssl_socket.session_reused?
end
-end
+end if have_ssl

0 comments on commit 1bf9703

Please sign in to comment.
Something went wrong with that request. Please try again.