Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge branch 'ssl'

Closes #148, references #145
  • Loading branch information...
commit 7ad6d024e5da1622c8fcbc721fa0c3bff980f143 2 parents b9373a2 + 9abe1ff
@mislav mislav authored
View
1  .gitignore
@@ -4,6 +4,7 @@ rdoc
doc
log
pkg/*
+tmp
.rvmrc
.rbenv*
View
7 .travis.yml
@@ -5,6 +5,13 @@ language: ruby
matrix:
allow_failures:
- rvm: ruby-head
+ # "CRASH: A fatal error has occurred."
+ - rvm: rbx-19mode
+ env: SSL=yes
+
+env:
+ - SSL=no
+ - SSL=yes
rvm:
- rbx-18mode
View
2  Gemfile
@@ -7,7 +7,7 @@ end
group :test do
gem 'em-http-request', '~> 1.0', :require => 'em-http'
gem 'em-synchrony', '~> 1.0', :require => ['em-synchrony', 'em-synchrony/em-http'], :platforms => :ruby_19
- gem 'excon', '>= 0.14.1'
+ gem 'excon', '>= 0.16.1'
gem 'httpclient', '~> 2.2'
gem 'net-http-persistent', '~> 2.5', :require => false
gem 'leftright', '~> 0.9', :require => false
View
32 Rakefile
@@ -1,4 +1,6 @@
require 'date'
+require 'fileutils'
+require 'openssl'
require 'rake/testtask'
task :default => :test
@@ -26,6 +28,23 @@ def replace_header(head, header_name)
head.sub!(/(\.#{header_name}\s*= ').*'/) { "#{$1}#{send(header_name)}'"}
end
+# Adapted from WEBrick::Utils. Skips cert extensions so it
+# can be used as a CA bundle
+def create_self_signed_cert(bits, cn, comment)
+ rsa = OpenSSL::PKey::RSA.new(bits)
+ cert = OpenSSL::X509::Certificate.new
+ cert.version = 2
+ cert.serial = 1
+ name = OpenSSL::X509::Name.new(cn)
+ cert.subject = name
+ cert.issuer = name
+ cert.not_before = Time.now
+ cert.not_after = Time.now + (365*24*60*60)
+ cert.public_key = rsa.public_key
+ cert.sign(rsa, OpenSSL::Digest::SHA1.new)
+ return [cert, rsa]
+end
+
## standard tasks
desc "Run all tests"
@@ -33,6 +52,17 @@ task :test do
exec 'script/test'
end
+desc "Generate certificates for SSL tests"
+task :'test:generate_certs' do
+ cert, key = create_self_signed_cert(1024, [['CN', 'localhost']], 'Faraday Test CA')
+ FileUtils.mkdir_p 'tmp'
+ File.open('tmp/faraday-cert.key', 'w') {|f| f.puts(key) }
+ File.open('tmp/faraday-cert.crt', 'w') {|f| f.puts(cert.to_s) }
+end
+
+file 'tmp/faraday-cert.key' => :'test:generate_certs'
+file 'tmp/faraday-cert.crt' => :'test:generate_certs'
+
desc "Open an irb session preloaded with this library"
task :console do
sh "irb -rubygems -r ./lib/#{name}.rb"
@@ -51,7 +81,7 @@ end
desc "Build #{gem_file} into the pkg directory"
task :build => :gemspec do
- sh "mkdir -p pkg"
+ FileUtils.mkdir_p 'pkg'
sh "gem build #{gemspec_file}"
sh "mv #{gem_file} pkg"
end
View
4 lib/faraday/adapter/excon.rb
@@ -16,6 +16,10 @@ def call(env)
opts[:ssl_verify_peer] = !!ssl.fetch(:verify, true)
opts[:ssl_ca_path] = ssl[:ca_path] if ssl[:ca_path]
opts[:ssl_ca_file] = ssl[:ca_file] if ssl[:ca_file]
+
+ # https://github.com/geemus/excon/issues/106
+ # https://github.com/jruby/jruby-ossl/issues/19
+ opts[:nonblock] = false
end
if ( req = env[:request] )
View
1  lib/faraday/adapter/patron.rb
@@ -53,6 +53,7 @@ def call(env)
def create_session
session = ::Patron::Session.new
+ session.insecure = true
@block.call(session) if @block
session
end
View
3  lib/faraday/adapter/rack.rb
@@ -29,7 +29,8 @@ def call(env)
super
rack_env = {
:method => env[:method],
- :input => env[:body].respond_to?(:read) ? env[:body].read : env[:body]
+ :input => env[:body].respond_to?(:read) ? env[:body].read : env[:body],
+ 'rack.url_scheme' => env[:url].scheme
}
env[:request_headers].each do |name, value|
View
27 script/test
@@ -10,6 +10,7 @@
# $ script/test
# $ script/test test/env_test.rb
# $ script/test excon typhoeus
+# $ SSL=yes script/test net_http -- -n /ssl/
require 'rubygems'
require 'bundler'
@@ -24,10 +25,19 @@ end
$VERBOSE = true
-host = '127.0.0.1'
+host = 'localhost'
logfile = 'log/test.log'
test_glob = 'test/**/*_test.rb'
+if ssl_mode = ENV['SSL'] == 'yes'
+ unless ENV['SSL_KEY'] and ENV['SSL_FILE']
+ key_file = ENV['SSL_KEY'] = 'tmp/faraday-cert.key'
+ cert_file = ENV['SSL_FILE'] = 'tmp/faraday-cert.crt'
+ system 'rake', key_file, cert_file
+ abort unless $?.success?
+ end
+end
+
require 'fileutils'
FileUtils.mkdir_p 'log'
@@ -41,6 +51,7 @@ ensure
end
server = nil
+require 'openssl' # for JRuby 1.6.7.2 in 1.9 mode on Travis
Thread.abort_on_exception = true
@@ -59,6 +70,14 @@ thread = Thread.new do
:Port => port, :Logger => WEBrick::Log::new(log_io),
:AccessLog => [[log_io, "[%{X-Faraday-Adapter}i] %m %U -> %s %b"]]
}
+ if ssl_mode
+ require 'webrick/https'
+ webrick_opts.update \
+ :SSLEnable => true,
+ :SSLPrivateKey => OpenSSL::PKey::RSA.new(File.read(key_file)),
+ :SSLCertificate => OpenSSL::X509::Certificate.new(File.read(cert_file)),
+ :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE
+ end
Rack::Handler::WEBrick.run(Faraday::LiveServer, webrick_opts) {|serv| server = serv }
end
@@ -78,9 +97,11 @@ if ARGV.any?
test_files.concat extra_args
end
-require 'net/http'
+require 'net/https'
conn = Net::HTTP.new host, port
conn.open_timeout = conn.read_timeout = 0.1
+conn.use_ssl = ssl_mode
+conn.verify_mode = OpenSSL::SSL::VERIFY_NONE
# test if test server is accepting requests
responsive = lambda { |path|
@@ -100,7 +121,7 @@ begin
abort "test server didn't manage to start" if server_pings >= 50
end until responsive.call('/echo')
-ENV['LIVE'] = "http://#{host}:#{port}"
+ENV['LIVE'] = "http#{ssl_mode ? 's' : ''}://#{host}:#{port}"
ok = system 'ruby', '-Ilib:test', '-S', 'testrb', *test_files
server.respond_to?(:stop!) ? server.stop! : server.stop
View
3  test/adapters/em_http_test.rb
@@ -14,6 +14,7 @@ def test_binds_local_socket
conn = create_connection :request => { :bind => { :host => host } }
assert_equal host, conn.options[:bind][:host]
end
- end
+ end unless jruby? and ssl_mode?
+ # https://github.com/eventmachine/eventmachine/issues/180
end
end
View
4 test/adapters/em_synchrony_test.rb
@@ -15,6 +15,6 @@ def test_binds_local_socket
#put conn.get('/who-am-i').body
assert_equal host, conn.options[:bind][:host]
end
- end
- end unless RUBY_VERSION < '1.9' or (defined? RUBY_ENGINE and 'jruby' == RUBY_ENGINE)
+ end unless RUBY_VERSION < '1.9' or jruby?
+ end
end
View
5 test/adapters/excon_test.rb
@@ -5,6 +5,9 @@ class ExconTest < Faraday::TestCase
def adapter() :excon end
- Integration.apply(self, :NonParallel)
+ Integration.apply(self, :NonParallel) do
+ # https://github.com/geemus/excon/issues/126 ?
+ undef :test_timeout if ssl_mode?
+ end
end
end
View
16 test/adapters/integration.rb
@@ -7,9 +7,11 @@ module Adapters
# `#adapter` required. returns a symbol for the adapter middleware name
# `#adapter_options` optional. extra arguments for building an adapter
module Integration
- def self.apply(base, *extras)
+ def self.apply(base, *extra_features)
if base.live_server?
- ([:Common] + extras).each {|name| base.send(:include, self.const_get(name)) }
+ features = [:Common]
+ features.concat extra_features
+ features.each {|name| base.send(:include, self.const_get(name)) }
yield if block_given?
elsif !defined? @warned
warn "Warning: Not running integration tests against a live server."
@@ -93,6 +95,11 @@ def test_GET_sends_user_agent
assert_equal 'Agent Faraday', response.body
end
+ def test_GET_ssl
+ expected = self.class.ssl_mode?.to_s
+ assert_equal expected, get('ssl').body
+ end
+
def test_POST_send_url_encoded_params
assert_equal %(post {"name"=>"zack"}), post('echo', :name => 'zack').body
end
@@ -184,7 +191,10 @@ def create_connection(options = {})
end
server = self.class.live_server
- url = 'http://%s:%d' % [server.host, server.port]
+ url = '%s://%s:%d' % [server.scheme, server.host, server.port]
+
+ options[:ssl] ||= {}
+ options[:ssl][:ca_file] ||= ENV['SSL_FILE']
Faraday::Connection.new(url, options, &builder_block).tap do |conn|
conn.headers['X-Faraday-Adapter'] = adapter.to_s
View
6 test/adapters/net_http_test.rb
@@ -10,11 +10,5 @@ def adapter() :net_http end
Integration.apply(self, *behaviors)
- def test_configure_ssl
- http = Net::HTTP.new 'disney.com', 443
- # this should not raise an error
- Faraday::Adapter::NetHttp.new.configure_ssl(http, :ssl => {:verify => true})
- end
-
end
end
View
4 test/adapters/patron_test.rb
@@ -11,7 +11,7 @@ def adapter() :patron end
# https://github.com/toland/patron/issues/52
undef :test_GET_with_body
- end
+ end unless jruby?
- end unless defined? RUBY_ENGINE and 'jruby' == RUBY_ENGINE
+ end
end
View
4 test/adapters/typhoeus_test.rb
@@ -14,7 +14,7 @@ def test_binds_local_socket
conn = create_connection :request => { :bind => { :host => host } }
assert_equal host, conn.options[:bind][:host]
end
- end
- end unless defined? RUBY_ENGINE and 'jruby' == RUBY_ENGINE
+ end unless jruby?
+ end
end
View
12 test/helper.rb
@@ -69,5 +69,17 @@ def capture_warnings
$stderr = old
end
end
+
+ def self.jruby?
+ defined? RUBY_ENGINE and 'jruby' == RUBY_ENGINE
+ end
+
+ def self.rbx?
+ defined? RUBY_ENGINE and 'rbx' == RUBY_ENGINE
+ end
+
+ def self.ssl_mode?
+ ENV['SSL'] == 'yes'
+ end
end
end
View
4 test/live_server.rb
@@ -50,6 +50,10 @@ class LiveServer < Sinatra::Base
status 204 # no content
end
+ get '/ssl' do
+ request.secure?.to_s
+ end
+
error do |e|
"#{e.class}\n#{e.to_s}\n#{e.backtrace.join("\n")}"
end
Please sign in to comment.
Something went wrong with that request. Please try again.