Currently, Net::HTTP can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, SSLContext supports
assigning to #extra_chain_cert=.
This adds support in Net::HTTP for exposing this underlying SSLContext
property to end-users. [Feature #9758]
* Let Net::HTTP.get take request headers
* Add more test cases for no header usages
* Add examples with request headers
* Add a NEWS entry [ci skip]
[Feature #16686]
According to https://github.com/ruby/openssl/pull/60,
> Currently an user who wants to do the hostname verification needs to
call SSLSocket#post_connection_check explicitly after the TLS connection
is established.
if an user who wants to skip the hostname verification,
SSLSocket#post_connection_check doesn't need to be called
https://bugs.ruby-lang.org/issues/16555
to replace the address for TCP/IP connection [Feature #5180]
There're 3 layers of hostname:
* host address for TCP/IP
* TLS server name
* HTTP Host header value
To test DNS round robin or check server certificate from server local,
people sometimes want to connect server with given IP address but keep
TLS server name and HTTP Host header value.
closes [Feature #15215]
closes https://github.com/ruby/ruby/pull/1893
closes https://github.com/ruby/ruby/pull/1977
An EPIPE when sending the request should be ignored. Even if you
cannot write more data, you may still be able to read the server's
response.
Fixes [Bug #14466]
So that classes which uses Net::HTTP with https can use OpenSSL
namespace for example exception classes like OpenSSL::SSL::SSLError.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66401 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/net/http.rb: Documentation for Net::HTTP claims that
multipart/form-data is not supported, but Net::HTTPHeader#set_form
supports it since 1.9.3.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65230 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
When TLS 1.3 is in use, the session ticket may not have been sent yet
even though a handshake has finished. Also, the ticket could change if
multiple session ticket messages are sent by the server. Use
SSLContext#session_new_cb instead of calling SSLSocket#session
immediately after a handshake. This way also works with earlier protocol
versions.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64234 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Thanks to Paul Kuruvilla <rohitpaulk@gmail.com> for the patch
* lib/net/http.rb: fix documentation for HTTP connection reuse
[ruby-core:84815] [Bug #14349]
From: Paul Kuruvilla <rohitpaulk@gmail.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62113 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
If uplevel keyword is given, the warning message is prepended
with caller file and line information and the string "warning: ".
The use of the uplevel keyword makes Kernel#warn format output
similar to how rb_warn formats output.
This patch modifies net/ftp and net/imap to use Kernel#warn
instead of $stderr.puts or $stderr.printf, since they are used
for printing warnings.
This makes lib/cgi/core and tempfile use $stderr.puts instead of
warn for debug logging, since they are used for debug printing
and not for warning.
This does not modify bundler, rubygems, or rdoc, as those are
maintained outside of ruby and probably wish to remain backwards
compatible with older ruby versions.
rb_warn_m code is originally from nobu, but I've changed it
so that it only includes the path and lineno from uplevel
(not the method), and also prepends the string "warning: ",
to make it more similar to rb_warn.
From: Jeremy Evans code@jeremyevans.net
Signed-off-by: Urabe Shyouhei shyouhei@ruby-lang.org
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
require_relative speeds up loading of files by reducing path
lookups. On a clean install with RubyGems-enabled,
"ruby -rnet/http -e exit" shows a reduction in failed open(2)
syscalls from 410 to 350 (x86-64 GNU/Linux).
I could not measure a time difference on my Linux-based
machines, however this should be noticeable to users of other
kernels with worse syscall and VFS performance than Linux.
Further use of require_relative will reduce lookups in other
places.
* lib/net/http.rb: use require_relative
[ruby-core:78285] [Feature #12973]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60388 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Note that this feature is enabled only on environment variables are
multi-user safe. In this time the list includes Linux, FreeBSD, or
Darwin. [Bug #12921]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58461 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
When net/http connects to an HTTPS server through a CONNECT proxy, it
writes the CONNECT request to an unconnected OpenSSL::SSL::SSLSocket.
OpenSSL::SSL::SSLSocket traditionally fallbacks to a method call on the
underlying IO object if a read/write method is called before the TLS
connection is established. So it automagically works correctly, emitting
the "SSL session is not started yet" warning.
This is not obvious at first glance. The warning is also noisy. Let's
just write to the plain socket instead of relying on the SSLSocket's
behavior.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56857 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
in 1xx (HTTPInformation) also needs to continue. [Bug #12890]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56596 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/net/http.rb (Net::HTTP#proxy_uri): cache the case no proxy
is used.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55520 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* lib/net/http.rb (Net::HTTP#proxy): use conditional operator to
get rid of confusing ruby-mode.el.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55519 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
When you change this to true, you may need to add more tests.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53141 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
