Class: Excon::SSLSocket

Inherits:
Socket
  • Object
show all
Defined in:
lib/excon/ssl_socket.rb

Instance Attribute Summary

Attributes inherited from Socket

#params

Instance Method Summary collapse

Constructor Details

#initialize(params = {}, proxy = nil) ⇒ SSLSocket

Returns a new instance of SSLSocket.



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/excon/ssl_socket.rb', line 4

def initialize(params = {}, proxy = nil)
  @params, @proxy = params, proxy
  check_nonblock_support

  super

  # create ssl context
  ssl_context = OpenSSL::SSL::SSLContext.new
  ssl_context.ssl_version = 'SSLv3'

  if params[:ssl_verify_peer]
    # turn verification on
    ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER

    if params[:ssl_ca_path]
      ssl_context.ca_path = params[:ssl_ca_path]
    elsif params[:ssl_ca_file]
      ssl_context.ca_file = params[:ssl_ca_file]
    else
      # use default cert store
      store = OpenSSL::X509::Store.new
      store.set_default_paths
      ssl_context.cert_store = store
    end
  else
    # turn verification off
    ssl_context.verify_mode = OpenSSL::SSL::VERIFY_NONE
  end

  if @params.has_key?(:client_cert) && @params.has_key?(:client_key)
    ssl_context.cert = OpenSSL::X509::Certificate.new(File.read(@params[:client_cert]))
    ssl_context.key = OpenSSL::PKey::RSA.new(File.read(@params[:client_key]))
  end

  @socket = OpenSSL::SSL::SSLSocket.new(@socket, ssl_context)
  @socket.sync_close = true

  if @proxy
    request = 'CONNECT ' << @params[:host] << ':' << @params[:port] << Excon::HTTP_1_1
    request << 'Host: ' << @params[:host] << ':' << @params[:port] << Excon::CR_NL

    if @proxy[:password] || @proxy[:user]
      auth = ['' << @proxy[:user].to_s << ':' << @proxy[:password].to_s].pack('m').delete(Excon::CR_NL)
      request << "Proxy-Authorization: Basic " << auth << Excon::CR_NL
    end

    request << Excon::CR_NL

    # write out the proxy setup request
    @socket.write(request)

    # eat the proxy's connection response
    Excon::Response.parse(@socket, {})
  end

  # connect the new OpenSSL::SSL::SSLSocket
  @socket.connect

  # Server Name Indication (SNI) RFC 3546
  if @socket.respond_to?(:hostname=)
    @socket.hostname = @params[:host]
  end

  # verify connection
  if params[:ssl_verify_peer]
    @socket.post_connection_check(@params[:host])
  end

  @socket
end

Instance Method Details

#connectObject 



75
76
77
78
 
# File 'lib/excon/ssl_socket.rb', line 75

def connect
  check_nonblock_support
  super
end

#read(max_length = nil) ⇒ Object 



80
81
82
83
 
# File 'lib/excon/ssl_socket.rb', line 80

def read(max_length=nil)
  check_nonblock_support
  super
end

#write(data) ⇒ Object 



85
86
87
88
 
# File 'lib/excon/ssl_socket.rb', line 85

def write(data)
  check_nonblock_support
  super
end