Class: Excon::SSLSocket

Inherits:
Socket
  • Object
show all
Defined in:
lib/excon/ssl_socket.rb

Instance Attribute Summary

Attributes inherited from Socket

#params

Instance Method Summary collapse

Methods inherited from Socket

#read, #write

Constructor Details

#initialize(params = {}, proxy = nil) ⇒ SSLSocket

Returns a new instance of SSLSocket.



30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
 
# File 'lib/excon/ssl_socket.rb', line 30

def initialize(params = {}, proxy = nil)
  super

  # create ssl context
  ssl_context = OpenSSL::SSL::SSLContext.new
  ssl_context.ssl_version = 'SSLv3'

  if params[:ssl_verify_peer]
    # turn verification on
    ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER

    if params[:ssl_ca_path]
      ssl_context.ca_path = params[:ssl_ca_path]
    elsif params[:ssl_ca_file]
      ssl_context.ca_file = params[:ssl_ca_file]
    else
      # use default cert store
      store = OpenSSL::X509::Store.new
      store.set_default_paths
      ssl_context.cert_store = store
    end
  else
    # turn verification off
    ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
  end

  if @params.has_key?(:client_cert) && @params.has_key?(:client_key)
    ssl_context.cert = OpenSSL::X509::Certificate.new(File.read(@params[:client_cert]))
    ssl_context.key = OpenSSL::PKey::RSA.new(File.read(@params[:client_key]))
  end

  @socket = OpenSSL::SSL::SSLSocket.new(@socket, ssl_context)
  @socket.sync_close = true

  if @proxy
    request = 'CONNECT ' << @params[:host] << ':' << @params[:port] << Excon::HTTP_1_1
    request << 'Host: ' << @params[:host] << ':' << @params[:port] << Excon::CR_NL

    if @proxy[:password] || @proxy[:user]
      auth = ['' << @proxy[:user].to_s << ':' << @proxy[:password].to_s].pack('m').delete(Excon::CR_NL)
      request << "Proxy-Authorization: Basic " << auth << Excon::CR_NL
    end

    request << Excon::CR_NL

    # write out the proxy setup request
    @socket.write(request)

    # eat the proxy's connection response
    Excon::Response.parse(@socket, {})
  end

  # connect the new OpenSSL::SSL::SSLSocket
  @socket.connect

  # Server Name Indication (SNI) RFC 3546
  if @socket.respond_to?(:hostname=)
    @socket.hostname = @params[:host]
  end

  # verify connection
  if params[:ssl_verify_peer]
    @socket.post_connection_check(@params[:host])
  end

  @socket
end

Instance Method Details

#connectObject 



8
9
10
 
# File 'lib/excon/ssl_socket.rb', line 8

def connect
  @socket = TCPSocket.new(@params[:host], @params[:port])
end