Class: Vault::PersistentHTTP
- Inherits:
-
Object
- Object
- Vault::PersistentHTTP
- Defined in:
- lib/vault/persistent.rb
Defined Under Namespace
Classes: Connection, Error, Pool, TimedStackMulti
Constant Summary collapse
- EPOCH =
The beginning of Time
Time.at 0
- HAVE_OPENSSL =
Is OpenSSL available? This test works with autoload
defined? OpenSSL::SSL # :nodoc:
- VERSION =
The version of PersistentHTTP you are using
'3.0.0'
- RETRIED_EXCEPTIONS =
Exceptions rescued for automatic retry on ruby 2.0.0. This overlaps with the exception list for ruby 1.x.
[ # :nodoc: (Net::ReadTimeout if Net.const_defined? :ReadTimeout), IOError, EOFError, Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPIPE, (OpenSSL::SSL::SSLError if HAVE_OPENSSL), Timeout::Error, ].compact
Instance Attribute Summary collapse
-
#ca_file ⇒ Object
An SSL certificate authority.
-
#ca_path ⇒ Object
A directory of SSL certificates to be used as certificate authorities.
-
#cert_store ⇒ Object
An SSL certificate store.
-
#certificate ⇒ Object
(also: #cert)
This client’s OpenSSL::X509::Certificate.
-
#ciphers ⇒ Object
The ciphers allowed for SSL connections.
-
#debug_output ⇒ Object
Sends debug_output to this IO via Net::HTTP#set_debug_output.
-
#generation ⇒ Object
readonly
Current connection generation.
-
#headers ⇒ Object
readonly
Headers that are added to every request using Net::HTTP#add_field.
-
#http_versions ⇒ Object
readonly
Maps host:port to an HTTP version.
-
#idle_timeout ⇒ Object
Maximum time an unused connection can remain idle before being automatically closed.
-
#keep_alive ⇒ Object
The value sent in the Keep-Alive header.
-
#max_requests ⇒ Object
Maximum number of requests on a connection before it is considered expired and automatically closed.
-
#min_version ⇒ Object
Minimum SSL version to use.
-
#name ⇒ Object
readonly
A name for this connection.
-
#no_proxy ⇒ Object
readonly
List of host suffixes which will not be proxied.
-
#open_timeout ⇒ Object
Seconds to wait until a connection is opened.
-
#override_headers ⇒ Object
readonly
Headers that are added to every request using Net::HTTP#[]=.
-
#pool ⇒ Object
readonly
Test-only accessor for the connection pool.
-
#private_key ⇒ Object
(also: #key)
This client’s SSL private key.
-
#proxy_uri ⇒ Object
readonly
The URL through which requests will be proxied.
-
#read_timeout ⇒ Object
Seconds to wait until reading one block.
-
#retry_change_requests ⇒ Object
Enable retries of non-idempotent requests that change data (e.g. POST requests) when the server has disconnected.
-
#reuse_ssl_sessions ⇒ Object
By default SSL sessions are reused to avoid extra SSL handshakes.
-
#socket_options ⇒ Object
readonly
An array of options for Socket#setsockopt.
-
#ssl_generation ⇒ Object
readonly
Current SSL connection generation.
-
#ssl_timeout ⇒ Object
SSL session lifetime.
-
#timeout_key ⇒ Object
readonly
Where this instance’s last-use times live in the thread local variables.
-
#verify_callback ⇒ Object
SSL verification callback.
-
#verify_depth ⇒ Object
Sets the depth of SSL certificate verification.
-
#verify_mode ⇒ Object
HTTPS verify mode.
Class Method Summary collapse
-
.detect_idle_timeout(uri, max = 10) ⇒ Object
Use this method to detect the idle timeout of the host at
uri
.
Instance Method Summary collapse
-
#can_retry?(req) ⇒ Boolean
Is the request
req
idempotent or is retry_change_requests allowed. -
#connection_for(uri) ⇒ Object
Creates a new connection for
uri
. -
#error_message(connection) ⇒ Object
Returns an error message containing the number of requests performed on this connection.
-
#escape(str) ⇒ Object
URI::escape wrapper.
-
#expired?(connection) ⇒ Boolean
Returns true if the connection should be reset due to an idle timeout, or maximum request count, false otherwise.
-
#finish(connection) ⇒ Object
Finishes the Net::HTTP
connection
. -
#http_version(uri) ⇒ Object
Returns the HTTP protocol version for
uri
. -
#idempotent?(req) ⇒ Boolean
Is
req
idempotent according to RFC 2616?. -
#initialize(name = nil, proxy = nil, pool_size = Vault::Defaults::DEFAULT_POOL_SIZE, pool_timeout = Vault::Defaults::DEFAULT_POOL_TIMEOUT) ⇒ PersistentHTTP
constructor
Creates a new PersistentHTTP.
-
#normalize_uri(uri) ⇒ Object
Adds “http://” to the String
uri
if it is missing. -
#pipeline(uri, requests, &block) ⇒ Object
Pipelines
requests
to the HTTP server aturi
yielding responses if a block is given. -
#proxy=(proxy) ⇒ Object
Sets the proxy server.
-
#proxy_bypass?(host, port) ⇒ Boolean
Returns true when proxy should by bypassed for host.
-
#proxy_from_env ⇒ Object
Creates a URI for an HTTP proxy server from ENV variables.
-
#reconnect ⇒ Object
Forces reconnection of HTTP connections.
-
#reconnect_ssl ⇒ Object
Forces reconnection of SSL connections.
-
#request(uri, req = nil, &block) ⇒ Object
Makes a request on
uri
. -
#request_failed(exception, req, connection) ⇒ Object
Raises an Error for
exception
which resulted from attempting the requestreq
on theconnection
. -
#request_setup(req_or_uri) ⇒ Object
Creates a GET request if
req_or_uri
is a URI and adds headers to the request. -
#reset(connection) ⇒ Object
Finishes then restarts the Net::HTTP
connection
. -
#shutdown ⇒ Object
Shuts down all connections.
-
#ssl(connection) ⇒ Object
Enables SSL on
connection
. -
#start(http) ⇒ Object
Starts the Net::HTTP
connection
. -
#unescape(str) ⇒ Object
URI::unescape wrapper.
Constructor Details
#initialize(name = nil, proxy = nil, pool_size = Vault::Defaults::DEFAULT_POOL_SIZE, pool_timeout = Vault::Defaults::DEFAULT_POOL_TIMEOUT) ⇒ PersistentHTTP
Creates a new PersistentHTTP.
Set name
to keep your connections apart from everybody else’s. Not required currently, but highly recommended. Your library name should be good enough. This parameter will be required in a future version.
proxy
may be set to a URI::HTTP or :ENV to pick up proxy options from the environment. See proxy_from_env for details.
In order to use a URI for the proxy you may need to do some extra work beyond URI parsing if the proxy requires a password:
proxy = URI 'http://proxy.example'
proxy.user = 'AzureDiamond'
proxy.password = 'hunter2'
Set pool_size
to limit the maximum number of connections allowed. Defaults to 1/4 the number of allowed file handles. You can have no more than this many threads with active HTTP transactions.
503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 |
# File 'lib/vault/persistent.rb', line 503 def initialize name=nil, proxy=nil, pool_size=Vault::Defaults::DEFAULT_POOL_SIZE, pool_timeout=Vault::Defaults::DEFAULT_POOL_TIMEOUT @name = name @debug_output = nil @proxy_uri = nil @no_proxy = [] @headers = {} @override_headers = {} @http_versions = {} @keep_alive = 30 @open_timeout = nil @read_timeout = nil @idle_timeout = 5 @max_requests = nil @socket_options = [] @ssl_generation = 0 # incremented when SSL session variables change @socket_options << [Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1] if Socket.const_defined? :TCP_NODELAY @pool = PersistentHTTP::Pool.new size: pool_size, timeout: pool_timeout do |http_args| PersistentHTTP::Connection.new Net::HTTP, http_args, @ssl_generation end @certificate = nil @ca_file = nil @ca_path = nil @ciphers = nil @min_version = nil @private_key = nil @ssl_timeout = nil @verify_callback = nil @verify_depth = nil @verify_mode = nil @cert_store = nil @generation = 0 # incremented when proxy URI changes if HAVE_OPENSSL then @verify_mode = OpenSSL::SSL::VERIFY_PEER @reuse_ssl_sessions = OpenSSL::SSL.const_defined? :Session end @retry_change_requests = false self.proxy = proxy if proxy end |
Instance Attribute Details
#ca_file ⇒ Object
An SSL certificate authority. Setting this will set verify_mode to VERIFY_PEER.
298 299 300 |
# File 'lib/vault/persistent.rb', line 298 def ca_file @ca_file end |
#ca_path ⇒ Object
A directory of SSL certificates to be used as certificate authorities. Setting this will set verify_mode to VERIFY_PEER.
304 305 306 |
# File 'lib/vault/persistent.rb', line 304 def ca_path @ca_path end |
#cert_store ⇒ Object
An SSL certificate store. Setting this will override the default certificate store. See verify_mode for more information.
310 311 312 |
# File 'lib/vault/persistent.rb', line 310 def cert_store @cert_store end |
#certificate ⇒ Object Also known as: cert
This client’s OpenSSL::X509::Certificate
287 288 289 |
# File 'lib/vault/persistent.rb', line 287 def certificate @certificate end |
#ciphers ⇒ Object
The ciphers allowed for SSL connections
315 316 317 |
# File 'lib/vault/persistent.rb', line 315 def ciphers @ciphers end |
#debug_output ⇒ Object
Sends debug_output to this IO via Net::HTTP#set_debug_output.
Never use this method in production code, it causes a serious security hole.
323 324 325 |
# File 'lib/vault/persistent.rb', line 323 def debug_output @debug_output end |
#generation ⇒ Object (readonly)
Current connection generation
328 329 330 |
# File 'lib/vault/persistent.rb', line 328 def generation @generation end |
#headers ⇒ Object (readonly)
Headers that are added to every request using Net::HTTP#add_field
333 334 335 |
# File 'lib/vault/persistent.rb', line 333 def headers @headers end |
#http_versions ⇒ Object (readonly)
Maps host:port to an HTTP version. This allows us to enable version specific features.
339 340 341 |
# File 'lib/vault/persistent.rb', line 339 def http_versions @http_versions end |
#idle_timeout ⇒ Object
Maximum time an unused connection can remain idle before being automatically closed.
345 346 347 |
# File 'lib/vault/persistent.rb', line 345 def idle_timeout @idle_timeout end |
#keep_alive ⇒ Object
The value sent in the Keep-Alive header. Defaults to 30. Not needed for HTTP/1.1 servers.
This may not work correctly for HTTP/1.0 servers
This method may be removed in a future version as RFC 2616 does not require this header.
362 363 364 |
# File 'lib/vault/persistent.rb', line 362 def keep_alive @keep_alive end |
#max_requests ⇒ Object
Maximum number of requests on a connection before it is considered expired and automatically closed.
351 352 353 |
# File 'lib/vault/persistent.rb', line 351 def max_requests @max_requests end |
#min_version ⇒ Object
Minimum SSL version to use.
373 374 375 |
# File 'lib/vault/persistent.rb', line 373 def min_version @min_version end |
#name ⇒ Object (readonly)
A name for this connection. Allows you to keep your connections apart from everybody else’s.
368 369 370 |
# File 'lib/vault/persistent.rb', line 368 def name @name end |
#no_proxy ⇒ Object (readonly)
List of host suffixes which will not be proxied
403 404 405 |
# File 'lib/vault/persistent.rb', line 403 def no_proxy @no_proxy end |
#open_timeout ⇒ Object
Seconds to wait until a connection is opened. See Net::HTTP#open_timeout
378 379 380 |
# File 'lib/vault/persistent.rb', line 378 def open_timeout @open_timeout end |
#override_headers ⇒ Object (readonly)
Headers that are added to every request using Net::HTTP#[]=
383 384 385 |
# File 'lib/vault/persistent.rb', line 383 def override_headers @override_headers end |
#pool ⇒ Object (readonly)
Test-only accessor for the connection pool
408 409 410 |
# File 'lib/vault/persistent.rb', line 408 def pool @pool end |
#private_key ⇒ Object Also known as: key
This client’s SSL private key
388 389 390 |
# File 'lib/vault/persistent.rb', line 388 def private_key @private_key end |
#proxy_uri ⇒ Object (readonly)
The URL through which requests will be proxied
398 399 400 |
# File 'lib/vault/persistent.rb', line 398 def proxy_uri @proxy_uri end |
#read_timeout ⇒ Object
Seconds to wait until reading one block. See Net::HTTP#read_timeout
413 414 415 |
# File 'lib/vault/persistent.rb', line 413 def read_timeout @read_timeout end |
#retry_change_requests ⇒ Object
Enable retries of non-idempotent requests that change data (e.g. POST requests) when the server has disconnected.
This will in the worst case lead to multiple requests with the same data, but it may be useful for some applications. Take care when enabling this option to ensure it is safe to POST or perform other non-idempotent requests to the server.
480 481 482 |
# File 'lib/vault/persistent.rb', line 480 def retry_change_requests @retry_change_requests end |
#reuse_ssl_sessions ⇒ Object
By default SSL sessions are reused to avoid extra SSL handshakes. Set this to false if you have problems communicating with an HTTPS server like:
SSL_connect [...] read finished A: unexpected message (OpenSSL::SSL::SSLError)
422 423 424 |
# File 'lib/vault/persistent.rb', line 422 def reuse_ssl_sessions @reuse_ssl_sessions end |
#socket_options ⇒ Object (readonly)
An array of options for Socket#setsockopt.
By default the TCP_NODELAY option is set on sockets.
To set additional options append them to this array:
http. << [Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, 1]
433 434 435 |
# File 'lib/vault/persistent.rb', line 433 def @socket_options end |
#ssl_generation ⇒ Object (readonly)
Current SSL connection generation
438 439 440 |
# File 'lib/vault/persistent.rb', line 438 def ssl_generation @ssl_generation end |
#ssl_timeout ⇒ Object
SSL session lifetime
443 444 445 |
# File 'lib/vault/persistent.rb', line 443 def ssl_timeout @ssl_timeout end |
#timeout_key ⇒ Object (readonly)
Where this instance’s last-use times live in the thread local variables
448 449 450 |
# File 'lib/vault/persistent.rb', line 448 def timeout_key @timeout_key end |
#verify_callback ⇒ Object
SSL verification callback. Used when ca_file or ca_path is set.
453 454 455 |
# File 'lib/vault/persistent.rb', line 453 def verify_callback @verify_callback end |
#verify_depth ⇒ Object
Sets the depth of SSL certificate verification
458 459 460 |
# File 'lib/vault/persistent.rb', line 458 def verify_depth @verify_depth end |
#verify_mode ⇒ Object
HTTPS verify mode. Defaults to OpenSSL::SSL::VERIFY_PEER which verifies the server certificate.
If no ca_file, ca_path or cert_store is set the default system certificate store is used.
You can use verify_mode
to override any default values.
469 470 471 |
# File 'lib/vault/persistent.rb', line 469 def verify_mode @verify_mode end |
Class Method Details
.detect_idle_timeout(uri, max = 10) ⇒ Object
Use this method to detect the idle timeout of the host at uri
. The value returned can be used to configure #idle_timeout. max
controls the maximum idle timeout to detect.
After
Idle timeout detection is performed by creating a connection then performing a HEAD request in a loop until the connection terminates waiting one additional second per loop.
NOTE: This may not work on ruby > 1.9.
248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 |
# File 'lib/vault/persistent.rb', line 248 def self.detect_idle_timeout uri, max = 10 uri = URI uri unless URI::Generic === uri uri += '/' req = Net::HTTP::Head.new uri.request_uri http = new 'net-http-persistent detect_idle_timeout' http.connection_for uri do |connection| sleep_time = 0 http = connection.http loop do response = http.request req $stderr.puts "HEAD #{uri} => #{response.code}" if $DEBUG unless Net::HTTPOK === response then raise Error, "bad response code #{response.code} detecting idle timeout" end break if sleep_time >= max sleep_time += 1 $stderr.puts "sleeping #{sleep_time}" if $DEBUG sleep sleep_time end end rescue # ignore StandardErrors, we've probably found the idle timeout. ensure return sleep_time unless $! end |
Instance Method Details
#can_retry?(req) ⇒ Boolean
Is the request req
idempotent or is retry_change_requests allowed.
735 736 737 |
# File 'lib/vault/persistent.rb', line 735 def can_retry? req @retry_change_requests && !idempotent?(req) end |
#connection_for(uri) ⇒ Object
Creates a new connection for uri
603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 |
# File 'lib/vault/persistent.rb', line 603 def connection_for uri use_ssl = uri.scheme.downcase == 'https' net_http_args = [uri.hostname, uri.port] net_http_args.concat @proxy_args if @proxy_uri and not proxy_bypass? uri.hostname, uri.port connection = @pool.checkout net_http_args http = connection.http connection.ressl @ssl_generation if connection.ssl_generation != @ssl_generation if not http.started? then ssl http if use_ssl start http elsif expired? connection then reset connection end http.read_timeout = @read_timeout if @read_timeout http.keep_alive_timeout = @idle_timeout if @idle_timeout return yield connection rescue Errno::ECONNREFUSED address = http.proxy_address || http.address port = http.proxy_port || http.port raise Error, "connection refused: #{address}:#{port}" rescue Errno::EHOSTDOWN address = http.proxy_address || http.address port = http.proxy_port || http.port raise Error, "host down: #{address}:#{port}" ensure # Only perform checkin if we successfully checked a connection out if connection @pool.checkin net_http_args end end |
#error_message(connection) ⇒ Object
Returns an error message containing the number of requests performed on this connection
650 651 652 653 654 655 656 657 |
# File 'lib/vault/persistent.rb', line 650 def connection connection.requests -= 1 # fixup age = Time.now - connection.last_use "after #{connection.requests} requests on #{connection.http.object_id}, " \ "last used #{age} seconds ago" end |
#escape(str) ⇒ Object
URI::escape wrapper
662 663 664 |
# File 'lib/vault/persistent.rb', line 662 def escape str CGI.escape str if str end |
#expired?(connection) ⇒ Boolean
Returns true if the connection should be reset due to an idle timeout, or maximum request count, false otherwise.
678 679 680 681 682 683 684 |
# File 'lib/vault/persistent.rb', line 678 def expired? connection return true if @max_requests && connection.requests >= @max_requests return false unless @idle_timeout return true if @idle_timeout.zero? Time.now - connection.last_use > @idle_timeout end |
#finish(connection) ⇒ Object
Finishes the Net::HTTP connection
707 708 709 710 711 712 |
# File 'lib/vault/persistent.rb', line 707 def finish connection connection.finish connection.http.instance_variable_set :@ssl_session, nil unless @reuse_ssl_sessions end |
#http_version(uri) ⇒ Object
Returns the HTTP protocol version for uri
717 718 719 |
# File 'lib/vault/persistent.rb', line 717 def http_version uri @http_versions["#{uri.hostname}:#{uri.port}"] end |
#idempotent?(req) ⇒ Boolean
Is req
idempotent according to RFC 2616?
724 725 726 727 728 729 730 |
# File 'lib/vault/persistent.rb', line 724 def idempotent? req case req when Net::HTTP::Delete, Net::HTTP::Get, Net::HTTP::Head, Net::HTTP::Options, Net::HTTP::Put, Net::HTTP::Trace then true end end |
#normalize_uri(uri) ⇒ Object
Adds “http://” to the String uri
if it is missing.
742 743 744 |
# File 'lib/vault/persistent.rb', line 742 def normalize_uri uri (uri =~ /^https?:/) ? uri : "http://#{uri}" end |
#pipeline(uri, requests, &block) ⇒ Object
Pipelines requests
to the HTTP server at uri
yielding responses if a block is given. Returns all responses recieved.
See Net::HTTP::Pipeline for further details.
Only if net-http-pipeline
was required before net-http-persistent
#pipeline will be present.
757 758 759 760 761 |
# File 'lib/vault/persistent.rb', line 757 def pipeline uri, requests, &block # :yields: responses connection_for uri do |connection| connection.http.pipeline requests, &block end end |
#proxy=(proxy) ⇒ Object
Sets the proxy server. The proxy
may be the URI of the proxy server, the symbol :ENV
which will read the proxy from the environment or nil to disable use of a proxy. See #proxy_from_env for details on setting the proxy from the environment.
If the proxy URI is set after requests have been made, the next request will shut-down and re-open all connections.
The no_proxy
query parameter can be used to specify hosts which shouldn’t be reached via proxy; if set it should be a comma separated list of hostname suffixes, optionally with :port
appended, for example example.com,some.host:8080
.
789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 |
# File 'lib/vault/persistent.rb', line 789 def proxy= proxy @proxy_uri = case proxy when :ENV then proxy_from_env when URI::HTTP then proxy when nil then # ignore else raise ArgumentError, 'proxy must be :ENV or a URI::HTTP' end @no_proxy.clear if @proxy_uri then @proxy_args = [ @proxy_uri.hostname, @proxy_uri.port, unescape(@proxy_uri.user), unescape(@proxy_uri.password), ] @proxy_connection_id = [nil, *@proxy_args].join ':' if @proxy_uri.query then @no_proxy = CGI.parse(@proxy_uri.query)['no_proxy'].join(',').downcase.split(',').map { |x| x.strip }.reject { |x| x.empty? } end end reconnect reconnect_ssl end |
#proxy_bypass?(host, port) ⇒ Boolean
Returns true when proxy should by bypassed for host.
863 864 865 866 867 868 869 870 871 872 873 |
# File 'lib/vault/persistent.rb', line 863 def proxy_bypass? host, port host = host.downcase host_port = [host, port].join ':' @no_proxy.each do |name| return true if host[-name.length, name.length] == name or host_port[-name.length, name.length] == name end false end |
#proxy_from_env ⇒ Object
Creates a URI for an HTTP proxy server from ENV variables.
If HTTP_PROXY
is set a proxy will be returned.
If HTTP_PROXY_USER
or HTTP_PROXY_PASS
are set the URI is given the indicated user and password unless HTTP_PROXY contains either of these in the URI.
The NO_PROXY
ENV variable can be used to specify hosts which shouldn’t be reached via proxy; if set it should be a comma separated list of hostname suffixes, optionally with :port
appended, for example example.com,some.host:8080
. When set to *
no proxy will be returned.
For Windows users, lowercase ENV variables are preferred over uppercase ENV variables.
836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 |
# File 'lib/vault/persistent.rb', line 836 def proxy_from_env env_proxy = ENV['http_proxy'] || ENV['HTTP_PROXY'] return nil if env_proxy.nil? or env_proxy.empty? uri = URI normalize_uri env_proxy env_no_proxy = ENV['no_proxy'] || ENV['NO_PROXY'] # '*' is special case for always bypass return nil if env_no_proxy == '*' if env_no_proxy then uri.query = "no_proxy=#{escape(env_no_proxy)}" end unless uri.user or uri.password then uri.user = escape ENV['http_proxy_user'] || ENV['HTTP_PROXY_USER'] uri.password = escape ENV['http_proxy_pass'] || ENV['HTTP_PROXY_PASS'] end uri end |
#reconnect ⇒ Object
Forces reconnection of HTTP connections.
878 879 880 |
# File 'lib/vault/persistent.rb', line 878 def reconnect @generation += 1 end |
#reconnect_ssl ⇒ Object
Forces reconnection of SSL connections.
885 886 887 |
# File 'lib/vault/persistent.rb', line 885 def reconnect_ssl @ssl_generation += 1 end |
#request(uri, req = nil, &block) ⇒ Object
Makes a request on uri
. If req
is nil a Net::HTTP::Get is performed against uri
.
If a block is passed #request behaves like Net::HTTP#request (the body of the response will not have been read).
req
must be a Net::HTTPRequest subclass (see Net::HTTP for a list).
If there is an error and the request is idempotent according to RFC 2616 it will be retried automatically.
920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 |
# File 'lib/vault/persistent.rb', line 920 def request uri, req = nil, &block retried = false bad_response = false uri = URI uri req = request_setup req || uri response = nil connection_for uri do |connection| http = connection.http begin connection.requests += 1 response = http.request req, &block if req.connection_close? or (response.http_version <= '1.0' and not response.connection_keep_alive?) or response.connection_close? then finish connection end rescue Net::HTTPBadResponse => e = connection finish connection raise Error, "too many bad responses #{}" if bad_response or not can_retry? req bad_response = true retry rescue *RETRIED_EXCEPTIONS => e request_failed e, req, connection if retried or not can_retry? req reset connection retried = true retry rescue Errno::EINVAL, Errno::ETIMEDOUT => e # not retried on ruby 2 request_failed e, req, connection if retried or not can_retry? req reset connection retried = true retry rescue Exception => e finish connection raise ensure connection.last_use = Time.now end end @http_versions["#{uri.hostname}:#{uri.port}"] ||= response.http_version response end |
#request_failed(exception, req, connection) ⇒ Object
Raises an Error for exception
which resulted from attempting the request req
on the connection
.
Finishes the connection
.
987 988 989 990 991 992 993 994 |
# File 'lib/vault/persistent.rb', line 987 def request_failed exception, req, connection # :nodoc: due_to = "(due to #{exception.} - #{exception.class})" = "too many connection resets #{due_to} #{ connection}" finish connection raise Error, , exception.backtrace end |
#request_setup(req_or_uri) ⇒ Object
Creates a GET request if req_or_uri
is a URI and adds headers to the request.
Returns the request.
1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 |
# File 'lib/vault/persistent.rb', line 1002 def request_setup req_or_uri # :nodoc: req = if URI === req_or_uri then Net::HTTP::Get.new req_or_uri.request_uri else req_or_uri end @headers.each do |pair| req.add_field(*pair) end @override_headers.each do |name, value| req[name] = value end unless req['Connection'] then req.add_field 'Connection', 'keep-alive' req.add_field 'Keep-Alive', @keep_alive end req end |
#reset(connection) ⇒ Object
Finishes then restarts the Net::HTTP connection
892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 |
# File 'lib/vault/persistent.rb', line 892 def reset connection http = connection.http finish connection start http rescue Errno::ECONNREFUSED e = Error.new "connection refused: #{http.address}:#{http.port}" e.set_backtrace $@ raise e rescue Errno::EHOSTDOWN e = Error.new "host down: #{http.address}:#{http.port}" e.set_backtrace $@ raise e end |
#shutdown ⇒ Object
Shuts down all connections
NOTE: Calling shutdown for can be dangerous!
If any thread is still using a connection it may cause an error! Call #shutdown when you are completely done making requests!
1033 1034 1035 1036 1037 |
# File 'lib/vault/persistent.rb', line 1033 def shutdown @pool.available.shutdown do |http| http.finish end end |
#ssl(connection) ⇒ Object
Enables SSL on connection
1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 |
# File 'lib/vault/persistent.rb', line 1042 def ssl connection connection.use_ssl = true connection.ciphers = @ciphers if @ciphers if @min_version if connection.respond_to? :min_version= connection.min_version = @min_version else connection.ssl_version = @min_version end end connection.ssl_timeout = @ssl_timeout if @ssl_timeout connection.verify_depth = @verify_depth connection.verify_mode = @verify_mode if OpenSSL::SSL::VERIFY_PEER == OpenSSL::SSL::VERIFY_NONE and not Object.const_defined?(:I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG) then warn <<-WARNING !!!SECURITY WARNING!!! The SSL HTTP connection to: #{connection.address}:#{connection.port} !!!MAY NOT BE VERIFIED!!! On your platform your OpenSSL implementation is broken. There is no difference between the values of VERIFY_NONE and VERIFY_PEER. This means that attempting to verify the security of SSL connections may not work. This exposes you to man-in-the-middle exploits, snooping on the contents of your connection and other dangers to the security of your data. To disable this warning define the following constant at top-level in your application: I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG = nil WARNING end connection.ca_file = @ca_file if @ca_file connection.ca_path = @ca_path if @ca_path if @ca_file or @ca_path then connection.verify_callback = @verify_callback if @verify_callback end if @certificate and @private_key then connection.cert = @certificate connection.key = @private_key end connection.cert_store = if @cert_store then @cert_store else store = OpenSSL::X509::Store.new store.set_default_paths store end end |
#start(http) ⇒ Object
Starts the Net::HTTP connection
689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/vault/persistent.rb', line 689 def start http http.set_debug_output @debug_output if @debug_output http.open_timeout = @open_timeout if @open_timeout http.start socket = http.instance_variable_get :@socket if socket then # for fakeweb @socket_options.each do |option| socket.io.setsockopt(*option) end end end |
#unescape(str) ⇒ Object
URI::unescape wrapper
669 670 671 |
# File 'lib/vault/persistent.rb', line 669 def unescape str CGI.unescape str if str end |