commit rubygem-httpclient for openSUSE:Factory

Mon, 10 Oct 2016 07:22:50 -0700 

Hello community,

here is the log from the commit of package rubygem-httpclient for 
openSUSE:Factory checked in at 2016-10-10 16:22:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-httpclient (Old)
 and      /work/SRC/openSUSE:Factory/.rubygem-httpclient.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "rubygem-httpclient"

Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-httpclient/rubygem-httpclient.changes    
2016-09-12 13:26:23.000000000 +0200
+++ 
/work/SRC/openSUSE:Factory/.rubygem-httpclient.new/rubygem-httpclient.changes   
    2016-10-10 16:22:25.000000000 +0200
@@ -1,0 +2,6 @@
+Sat Sep 10 04:30:53 UTC 2016 - [email protected]
+
+- updated to version 2.8.2.3
+  no changelog found
+
+-------------------------------------------------------------------

Old:
----
  httpclient-2.8.2.1.gem

New:
----
  httpclient-2.8.2.3.gem

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ rubygem-httpclient.spec ++++++
--- /var/tmp/diff_new_pack.mZ5eMy/_old  2016-10-10 16:22:26.000000000 +0200
+++ /var/tmp/diff_new_pack.mZ5eMy/_new  2016-10-10 16:22:26.000000000 +0200
@@ -24,7 +24,7 @@
 #
 
 Name:           rubygem-httpclient
-Version:        2.8.2.1
+Version:        2.8.2.3
 Release:        0
 %define mod_name httpclient
 %define mod_full_name %{mod_name}-%{version}

++++++ httpclient-2.8.2.1.gem -> httpclient-2.8.2.3.gem ++++++
Files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/httpclient/jruby_ssl_socket.rb 
new/lib/httpclient/jruby_ssl_socket.rb
--- old/lib/httpclient/jruby_ssl_socket.rb      2016-08-16 04:30:22.000000000 
+0200
+++ new/lib/httpclient/jruby_ssl_socket.rb      2016-08-28 08:48:35.000000000 
+0200
@@ -455,6 +455,7 @@
 
     DEFAULT_SSL_PROTOCOL = 
(java.lang.System.getProperty('java.specification.version') == '1.7') ? 
'TLSv1.2' : 'TLS'
     def initialize(socket, dest, config, debug_dev = nil)
+      @config = config
       if config.ssl_version == :auto
         ssl_version = DEFAULT_SSL_PROTOCOL
       else
@@ -527,7 +528,11 @@
   private
 
     def post_connection_check(hostname, wrap_cert)
-      BrowserCompatHostnameVerifier.new.verify(hostname, wrap_cert.cert)
+      if [email protected]?
+        return
+      else
+        BrowserCompatHostnameVerifier.new.verify(hostname, wrap_cert.cert)
+      end
     end
   end
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/httpclient/ssl_config.rb 
new/lib/httpclient/ssl_config.rb
--- old/lib/httpclient/ssl_config.rb    2016-08-16 04:30:22.000000000 +0200
+++ new/lib/httpclient/ssl_config.rb    2016-08-28 08:48:35.000000000 +0200
@@ -39,27 +39,25 @@
     if SSLEnabled
       include OpenSSL
 
-      if RUBY_ENGINE == 'jruby'
-        module ::OpenSSL
-          module X509
-            class Store
-              attr_reader :_httpclient_cert_store_items
-
-              # TODO: use prepend instead when we drop JRuby + 1.9.x support
-              wrapped = {}
-
-              wrapped[:initialize] = instance_method(:initialize)
-              define_method(:initialize) do |*args|
-                wrapped[:initialize].bind(self).call(*args)
-                @_httpclient_cert_store_items = [ENV['SSL_CERT_FILE'] || 
:default]
-              end
+      module ::OpenSSL
+        module X509
+          class Store
+            attr_reader :_httpclient_cert_store_items
+
+            # TODO: use prepend instead when we drop JRuby + 1.9.x support
+            wrapped = {}
+
+            wrapped[:initialize] = instance_method(:initialize)
+            define_method(:initialize) do |*args|
+              wrapped[:initialize].bind(self).call(*args)
+              @_httpclient_cert_store_items = [ENV['SSL_CERT_FILE'] || 
:default]
+            end
 
-              [:add_cert, :add_file, :add_path].each do |m|
-                wrapped[m] = instance_method(m)
-                define_method(m) do |cert|
-                  wrapped[m].bind(self).call(cert)
-                  @_httpclient_cert_store_items << cert
-                end
+            [:add_cert, :add_file, :add_path].each do |m|
+              wrapped[m] = instance_method(m)
+              define_method(m) do |cert|
+                wrapped[m].bind(self).call(cert)
+                @_httpclient_cert_store_items << cert
               end
             end
           end
@@ -118,7 +116,7 @@
     attr_reader :client_ca # :nodoc:
 
     # These array keeps original files/dirs that was added to @cert_store
-    def cert_store_items; @cert_store._httpclient_cert_store_items || []; end
+    def cert_store_items; @cert_store._httpclient_cert_store_items; end
     attr_reader :cert_store_crl_items
 
     # Creates a SSLConfig.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/httpclient/version.rb 
new/lib/httpclient/version.rb
--- old/lib/httpclient/version.rb       2016-08-16 04:30:22.000000000 +0200
+++ new/lib/httpclient/version.rb       2016-08-28 08:48:35.000000000 +0200
@@ -1,3 +1,3 @@
 class HTTPClient
-  VERSION = '2.8.2.1'
+  VERSION = '2.8.2.3'
 end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata        2016-08-16 04:30:22.000000000 +0200
+++ new/metadata        2016-08-28 08:48:35.000000000 +0200
@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: httpclient
 version: !ruby/object:Gem::Version
-  version: 2.8.2.1
+  version: 2.8.2.3
 platform: ruby
 authors:
 - Hiroshi Nakamura
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-16 00:00:00.000000000 Z
+date: 2016-08-28 00:00:00.000000000 Z
 dependencies: []
 description: 
 email: [email protected]
@@ -103,7 +103,7 @@
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: gives something like the functionality of libwww-perl (LWP) in Ruby
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/test/test_ssl.rb new/test/test_ssl.rb
--- old/test/test_ssl.rb        2016-08-16 04:30:22.000000000 +0200
+++ new/test/test_ssl.rb        2016-08-28 08:48:35.000000000 +0200
@@ -175,6 +175,13 @@
     #
     cfg.cert_store.add_cert(cert('subca.cert'))
     assert_equal("hello", @client.get_content(@url))
+    cfg.clear_cert_store
+    begin
+      @client.get(@url)
+      assert(false)
+    rescue OpenSSL::SSL::SSLError => ssle
+      assert_match(/(certificate verify failed|unable to find valid 
certification path to requested target)/, ssle.message)
+    end
   end
 
 if defined?(HTTPClient::JRubySSLSocket)
@@ -268,6 +275,114 @@
     end
   end
 
+  VERIFY_TEST_CERT_LOCALHOST = OpenSSL::X509::Certificate.new(<<-EOS)
+-----BEGIN CERTIFICATE-----
+MIIB9jCCAV+gAwIBAgIJAIH8Gsm4PcNKMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
+BAMMCWxvY2FsaG9zdDAeFw0xNjA4MTgxMDI2MDVaFw00NDAxMDMxMDI2MDVaMBQx
+EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+p7D8q0lcx5EZEV5+zPnQsxrbft5xyhH/MCStbH46DRATGPNSOaLRCG5r8gTKQzpD
+4swGrQFYe2ienQ+7o4aEHErsXp4O/EmDKeiXWWrMqPr23r3HOBDebuynC/sCwy7N
+epnX9u1VLB03eo+suj4d86OoOF+o11t9ZP+GA29Rsf8CAwEAAaNQME4wHQYDVR0O
+BBYEFIxsJuPVvd5KKFcAvHGSeKSsWiUJMB8GA1UdIwQYMBaAFIxsJuPVvd5KKFcA
+vHGSeKSsWiUJMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADgYEAMJaVCrrM
+SM2I06Vr4BL+jtDFhZh3HmJFEDpwEFQ5Y9hduwdUGRBGCpkuea3fE2FKwWW9gLM1
+w7rFMzYFtCEqm78dJWIU79MRy0wjO4LgtYfoikgBh6JKWuV5ed/+L3sLyLG0ZTtv
+lrD7lzDtXgwvj007PxDoYRp3JwYzKRmTbH8=
+-----END CERTIFICATE-----
+  EOS
+
+  VERIFY_TEST_CERT_FOO_DOMAIN = OpenSSL::X509::Certificate.new(<<-EOS)
+-----BEGIN CERTIFICATE-----
+MIIB8jCCAVugAwIBAgIJAL/od7Whx7VTMA0GCSqGSIb3DQEBCwUAMBIxEDAOBgNV
+BAMMB2Zvby5jb20wHhcNMTYwODE4MTAyMzUyWhcNNDQwMTAzMTAyMzUyWjASMRAw
+DgYDVQQDDAdmb28uY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnsPyr
+SVzHkRkRXn7M+dCzGtt+3nHKEf8wJK1sfjoNEBMY81I5otEIbmvyBMpDOkPizAat
+AVh7aJ6dD7ujhoQcSuxeng78SYMp6JdZasyo+vbevcc4EN5u7KcL+wLDLs16mdf2
+7VUsHTd6j6y6Ph3zo6g4X6jXW31k/4YDb1Gx/wIDAQABo1AwTjAdBgNVHQ4EFgQU
+jGwm49W93kooVwC8cZJ4pKxaJQkwHwYDVR0jBBgwFoAUjGwm49W93kooVwC8cZJ4
+pKxaJQkwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQCVKTvfxx+yezuR
+5WpVKw1E9qabKOYFB5TqdHMHreRubMJTaoZC+YzhcCwtyLlAA9+axKINAiMM8T+z
+jjfOHQSa2GS2TaaVDJWmXIgsAlEbjd2BEiQF0LZYGJRG9pyq0WbTV+CyFdrghjcO
+xX/t7OG7NfOG9dhv3J+5SX10S5V5Dg==
+-----END CERTIFICATE-----
+  EOS
+
+  VERIFY_TEST_CERT_ALT_NAME = OpenSSL::X509::Certificate.new(<<-EOS)
+-----BEGIN CERTIFICATE-----
+MIICDDCCAXWgAwIBAgIJAOxXY4nOwxhGMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
+BAMMCWxvY2FsaG9zdDAeFw0xNjA4MTgxMDM0NTJaFw00NDAxMDMxMDM0NTJaMBQx
+EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
+p7D8q0lcx5EZEV5+zPnQsxrbft5xyhH/MCStbH46DRATGPNSOaLRCG5r8gTKQzpD
+4swGrQFYe2ienQ+7o4aEHErsXp4O/EmDKeiXWWrMqPr23r3HOBDebuynC/sCwy7N
+epnX9u1VLB03eo+suj4d86OoOF+o11t9ZP+GA29Rsf8CAwEAAaNmMGQwFAYDVR0R
+BA0wC4IJKi5mb28uY29tMB0GA1UdDgQWBBSMbCbj1b3eSihXALxxknikrFolCTAf
+BgNVHSMEGDAWgBSMbCbj1b3eSihXALxxknikrFolCTAMBgNVHRMEBTADAQH/MA0G
+CSqGSIb3DQEBCwUAA4GBADJlKNFuOnsDIhHGW72HuQw4naN6lM3eZE9JJ+UF/XIF
+ghGtgqw+00Yy5wMFc1K2Wm4p5NymmDfC/P1FOe34bpxt9/IWm6mEoIWoodC3N4Cm
+PtnSS1/CRWzVIPGMglTGGDcUc70tfeAWgyTxgcNQd4vTFtnN0f0RDdaXa8kfKMTw
+-----END CERTIFICATE-----
+  EOS
+
+  VERIFY_TEST_PKEY = OpenSSL::PKey::RSA.new(<<-EOS)
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCnsPyrSVzHkRkRXn7M+dCzGtt+3nHKEf8wJK1sfjoNEBMY81I5
+otEIbmvyBMpDOkPizAatAVh7aJ6dD7ujhoQcSuxeng78SYMp6JdZasyo+vbevcc4
+EN5u7KcL+wLDLs16mdf27VUsHTd6j6y6Ph3zo6g4X6jXW31k/4YDb1Gx/wIDAQAB
+AoGAe0RHx+WKtQx8/96VmTl951qzxMPho2etTYd4kAsNwzJwx2N9qu57eBYrdWF+
+CQMYievucFhP4Y+bINtC1Eb6btz9TCUwjCfeIxfGRoFf3cxVmxlsRJJmN1kSZlu1
+yYlcMVuP4noeFIMQBRrt5pyLCx2Z9A01NCQT4Y6VoREBIeECQQDWeNhsL6xkrmdB
+M9+zl+SqHdNKhgKwMdp74+UNnAV9I8GB7bGlOWhc83aqMLgS+JBDFXcmNF/KawTR
+zcnkod5xAkEAyClFgr3lZQSnwUwoA/AOcyW0+H63taaaXS/g8n3H8ENK6kL4ldUx
+IgCk2ekbQ5Y3S2WScIGXNxMOza9MlsOvbwJAPUtoPvMZB+U4KVBT/JXKijvf6QqH
+tidpU8L78XnHr84KPcHa5WeUxgvmvBkUYoebYzC9TrPlNIqFZBi2PJtuYQJBAMda
+E5j7eJT75fhm2RPS6xFT5MH5sw6AOA3HucrJ63AoFVzsBpl0E9NBwO4ndLgDzF6T
+cx4Kc4iuunewuB8QFpECQQCfvsHCjIJ/X4kiqeBzxDq2GR/oDgQkOzY+4H9U7Lwl
+e61RBaxk5OHOA0bLtvJblV6NL72ZEZhX60wAWbrOPhpT
+-----END RSA PRIVATE KEY-----
+  EOS
+
+  def test_post_connection_check
+    teardown_server
+    setup_server_with_server_cert(nil, VERIFY_TEST_CERT_LOCALHOST, 
VERIFY_TEST_PKEY)
+    file = Tempfile.new('cert')
+    File.write(file.path, VERIFY_TEST_CERT_LOCALHOST.to_pem)
+    @client.ssl_config.add_trust_ca(file.path)
+    assert_nothing_raised do
+      @client.get("https://localhost:#{serverport}/hello";)
+    end
+    @client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    assert_nothing_raised do
+      @client.get("https://localhost:#{serverport}/hello";)
+    end
+    @client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
+
+    teardown_server
+    setup_server_with_server_cert(nil, VERIFY_TEST_CERT_FOO_DOMAIN, 
VERIFY_TEST_PKEY)
+    File.write(file.path, VERIFY_TEST_CERT_FOO_DOMAIN.to_pem)
+    @client.ssl_config.add_trust_ca(file.path)
+    assert_raises(OpenSSL::SSL::SSLError) do
+      @client.get("https://localhost:#{serverport}/hello";)
+    end
+    @client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    assert_nothing_raised do
+      @client.get("https://localhost:#{serverport}/hello";)
+    end
+    @client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
+
+    teardown_server
+    setup_server_with_server_cert(nil, VERIFY_TEST_CERT_ALT_NAME, 
VERIFY_TEST_PKEY)
+    File.write(file.path, VERIFY_TEST_CERT_ALT_NAME.to_pem)
+    @client.ssl_config.add_trust_ca(file.path)
+    assert_raises(OpenSSL::SSL::SSLError) do
+      @client.get("https://localhost:#{serverport}/hello";)
+    end
+    @client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    assert_nothing_raised do
+      @client.get("https://localhost:#{serverport}/hello";)
+    end
+    @client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_PEER
+  end
+
 private
 
   def cert(filename)
@@ -331,6 +446,33 @@
     @serverport = @server.config[:Port]
     [:hello].each do |sym|
       @server.mount(
+        "/#{sym}",
+        WEBrick::HTTPServlet::ProcHandler.new(method("do_#{sym}").to_proc)
+      )
+    end
+    @server_thread = start_server_thread(@server)
+  end
+
+  def setup_server_with_server_cert(ca_cert, server_cert, server_key)
+    logger = Logger.new(STDERR)
+    logger.level = Logger::Severity::FATAL     # avoid logging SSLError (ERROR 
level)
+    @server = WEBrick::HTTPServer.new(
+      :BindAddress => "localhost",
+      :Logger => logger,
+      :Port => 0,
+      :AccessLog => [],
+      :DocumentRoot => DIR,
+      :SSLEnable => true,
+      :SSLCACertificateFile => ca_cert,
+      :SSLCertificate => server_cert,
+      :SSLPrivateKey => server_key,
+      :SSLVerifyClient => nil,
+      :SSLClientCA => nil,
+      :SSLCertName => nil
+    )
+    @serverport = @server.config[:Port]
+    [:hello].each do |sym|
+      @server.mount(
         "/#{sym}",
         WEBrick::HTTPServlet::ProcHandler.new(method("do_#{sym}").to_proc)
       )

Reply via email to