iff means if and only if, but readers without that knowledge might
assume this to be a spelling mistake. To me, this seems like
exclusionary language that is unnecessary. Simply using "if and only if"
instead should suffice.
e920473618
Reported by Alexandr Savca as a DoS vulnerability, but Net::FTP is a
client library and the impact of the issue is low, so I have decided
to fix it as a normal issue.
Based on patch by nobu.
a93af636f8
Previously, the connection leaked in this case. This uses
begin/ensure and checking for an error in the ensure block.
An alternative approach would be to not even perform the
connection until after the RETR (or other) command has been
sent. However, I'm not sure all FTP servers support that.
The current behavior is:
* Send (PASV/EPSV)
* Connect to the host/port returned in 227/229 reply
* Send (RETR/other command)
Changing it to connect after the RETR could break things.
FTP servers might expect that the client has already
connected before sending the RETR. The alternative
approach is more likely to introduce backwards compatibility
issues, compared to the begin/ensure approach taken here.
Fixes Ruby Bug 17027
6e8535f076
Timeout.timeout is inefficient since it spins up a new thread for
each invocation, use Socket.tcp's connect_timeout option instead
when we aren't using SOCKS (we can't replace Timeout.timeout
for SOCKS yet since SOCKSSocket doesn't have a connect_timeout
option).
d65910132f
When TLS 1.3 is in use, the session ticket may not have been sent yet
even though a handshake has finished. Also, the ticket could change if
multiple session ticket messages are sent by the server. Use
SSLContext#session_new_cb instead of calling SSLSocket#session
immediately after a handshake. This way also works with earlier protocol
versions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64234 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
I noticed this bug while working on something else with
RUBYOPT=-d on, existing test cases all passed with it.
Note: I use String.new because it is the local style, here,
I prefer +'' (or ''.b, for a future commit)
* lib/net/ftp.rb (BufferedSocket#read): use String.new
* test/net/ftp/test_buffered_socket.rb (test_read_nil): new test
[ruby-core:84675] [Bug #14323]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61639 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
If uplevel keyword is given, the warning message is prepended
with caller file and line information and the string "warning: ".
The use of the uplevel keyword makes Kernel#warn format output
similar to how rb_warn formats output.
This patch modifies net/ftp and net/imap to use Kernel#warn
instead of $stderr.puts or $stderr.printf, since they are used
for printing warnings.
This makes lib/cgi/core and tempfile use $stderr.puts instead of
warn for debug logging, since they are used for debug printing
and not for warning.
This does not modify bundler, rubygems, or rdoc, as those are
maintained outside of ruby and probably wish to remain backwards
compatible with older ruby versions.
rb_warn_m code is originally from nobu, but I've changed it
so that it only includes the path and lineno from uplevel
(not the method), and also prepends the string "warning: ",
to make it more similar to rb_warn.
From: Jeremy Evans code@jeremyevans.net
Signed-off-by: Urabe Shyouhei shyouhei@ruby-lang.org
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/net/ftp.rb (Net::FTP#initialize): simplify as per
the original intent.
* spec/ruby/library/net/ftp/initialize_spec.rb: adapt specs.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59981 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
The TLS handshake timeout can be specified independently, because the TLS
handshake doesn't start just after the underlying connection is established,
but after the AUTH command is completed. It's also useful for testing
purposes. However, if ssl_handshake_timeout is not specified, open_timeout
is used instead for convenience.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56919 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
In that case, BufferedSSLSocket#read in FTP#close exceeded timeout because
BufferedSSLSocket#shutdown did nothing. So BufferedIO#rbuf_fill is
overridden in BufferedSSLSocket to raise an EOFError if the connection is
shut down.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56880 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Based on the patch by soleboxy.
[Fix GH-1478] [ruby-core:78240] [Feature #12965]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56879 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SSLSocket#send is not defined, so use #write instead. flags and dest are
ignored.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56871 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/net/ftp.rb (Net::FTP#initialize): [DOC] fix type in option
name, :username is used but :use is not.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56862 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Because @sock.remote_address fails if @sock is an SSLSocket.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56847 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
SSLSocket#stop is a private method and cannot be called, but explicit calls
are not necessary because SSL_shutdown() is called from SSLSocket#close.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56846 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
If the :ssl options is specified, the control connection is protected with
TLS in the manner described in RFC 4217. Data connections are also
protected with TLS unless the :private_data_connection is set to false.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56834 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
