class Gem::Request

Public Class Methods

configure_connection_for_https(connection, cert_files) click to toggle source
# File lib/rubygems/request.rb, line 48
def self.configure_connection_for_https(connection, cert_files)
  require 'net/https'
  connection.use_ssl = true
  connection.verify_mode =
    Gem.configuration.ssl_verify_mode || OpenSSL::SSL::VERIFY_PEER
  store = OpenSSL::X509::Store.new

  if Gem.configuration.ssl_client_cert
    pem = File.read Gem.configuration.ssl_client_cert
    connection.cert = OpenSSL::X509::Certificate.new pem
    connection.key = OpenSSL::PKey::RSA.new pem
  end

  store.set_default_paths
  cert_files.each do |ssl_cert_file|
    store.add_file ssl_cert_file
  end
  if Gem.configuration.ssl_ca_cert
    if File.directory? Gem.configuration.ssl_ca_cert
      store.add_path Gem.configuration.ssl_ca_cert
    else
      store.add_file Gem.configuration.ssl_ca_cert
    end
  end
  connection.cert_store = store

  connection.verify_callback = proc do |preverify_ok, store_context|
    verify_certificate store_context unless preverify_ok

    preverify_ok
  end

  connection
rescue LoadError => e
  raise unless (e.respond_to?(:path) && e.path == 'openssl') ||
               e.message =~ / -- openssl$/

  raise Gem::Exception.new(
          'Unable to require openssl, install OpenSSL and rebuild Ruby (preferred) or use non-HTTPS sources')
end
get_cert_files() click to toggle source
# File lib/rubygems/request.rb, line 43
def self.get_cert_files
  pattern = File.expand_path("./ssl_certs/*/*.pem", File.dirname(__FILE__))
  Dir.glob(pattern)
end
get_proxy_from_env(scheme = 'http') click to toggle source

Returns a proxy URI for the given scheme if one is set in the environment variables.

# File lib/rubygems/request.rb, line 165
def self.get_proxy_from_env(scheme = 'http')
  _scheme = scheme.downcase
  _SCHEME = scheme.upcase
  env_proxy = ENV["#{_scheme}_proxy"] || ENV["#{_SCHEME}_PROXY"]

  no_env_proxy = env_proxy.nil? || env_proxy.empty?

  if no_env_proxy
    return (_scheme == 'https' || _scheme == 'http') ?
      :no_proxy : get_proxy_from_env('http')
  end

  require "uri"
  uri = URI(Gem::UriFormatter.new(env_proxy).normalize)

  if uri and uri.user.nil? and uri.password.nil?
    user     = ENV["#{_scheme}_proxy_user"] || ENV["#{_SCHEME}_PROXY_USER"]
    password = ENV["#{_scheme}_proxy_pass"] || ENV["#{_SCHEME}_PROXY_PASS"]

    uri.user     = Gem::UriFormatter.new(user).escape
    uri.password = Gem::UriFormatter.new(password).escape
  end

  uri
end
new(uri, request_class, last_modified, pool) click to toggle source
# File lib/rubygems/request.rb, line 30
def initialize(uri, request_class, last_modified, pool)
  @uri = uri
  @request_class = request_class
  @last_modified = last_modified
  @requests = Hash.new 0
  @user_agent = user_agent

  @connection_pool = pool
end
verify_certificate(store_context) click to toggle source
# File lib/rubygems/request.rb, line 89
def self.verify_certificate(store_context)
  depth  = store_context.error_depth
  error  = store_context.error_string
  number = store_context.error
  cert   = store_context.current_cert

  ui.alert_error "SSL verification error at depth #{depth}: #{error} (#{number})"

  extra_message = verify_certificate_message number, cert

  ui.alert_error extra_message if extra_message
end
verify_certificate_message(error_number, cert) click to toggle source
# File lib/rubygems/request.rb, line 102
def self.verify_certificate_message(error_number, cert)
  return unless cert
  case error_number
  when OpenSSL::X509::V_ERR_CERT_HAS_EXPIRED then
    "Certificate #{cert.subject} expired at #{cert.not_after.iso8601}"
  when OpenSSL::X509::V_ERR_CERT_NOT_YET_VALID then
    "Certificate #{cert.subject} not valid until #{cert.not_before.iso8601}"
  when OpenSSL::X509::V_ERR_CERT_REJECTED then
    "Certificate #{cert.subject} is rejected"
  when OpenSSL::X509::V_ERR_CERT_UNTRUSTED then
    "Certificate #{cert.subject} is not trusted"
  when OpenSSL::X509::V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT then
    "Certificate #{cert.issuer} is not trusted"
  when OpenSSL::X509::V_ERR_INVALID_CA then
    "Certificate #{cert.subject} is an invalid CA certificate"
  when OpenSSL::X509::V_ERR_INVALID_PURPOSE then
    "Certificate #{cert.subject} has an invalid purpose"
  when OpenSSL::X509::V_ERR_SELF_SIGNED_CERT_IN_CHAIN then
    "Root certificate is not trusted (#{cert.subject})"
  when OpenSSL::X509::V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY then
    "You must add #{cert.issuer} to your local trusted store"
  when
    OpenSSL::X509::V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE then
    "Cannot verify certificate issued by #{cert.issuer}"
  end
end

Public Instance Methods

cert_files() click to toggle source
# File lib/rubygems/request.rb, line 41
def cert_files; @connection_pool.cert_files; end
connection_for(uri) click to toggle source

Creates or an HTTP connection based on uri, or retrieves an existing connection, using a proxy if needed.

# File lib/rubygems/request.rb, line 133
def connection_for(uri)
  @connection_pool.checkout
rescue defined?(OpenSSL::SSL) ? OpenSSL::SSL::SSLError : Errno::EHOSTDOWN,
       Errno::EHOSTDOWN => e
  raise Gem::RemoteFetcher::FetchError.new(e.message, uri)
end
fetch() { |request| ... } click to toggle source
# File lib/rubygems/request.rb, line 140
def fetch
  request = @request_class.new @uri.request_uri

  unless @uri.nil? || @uri.user.nil? || @uri.user.empty?
    request.basic_auth Gem::UriFormatter.new(@uri.user).unescape,
                       Gem::UriFormatter.new(@uri.password).unescape
  end

  request.add_field 'User-Agent', @user_agent
  request.add_field 'Connection', 'keep-alive'
  request.add_field 'Keep-Alive', '30'

  if @last_modified
    request.add_field 'If-Modified-Since', @last_modified.httpdate
  end

  yield request if block_given?

  perform_request request
end
proxy_uri() click to toggle source
# File lib/rubygems/request.rb, line 40
def proxy_uri; @connection_pool.proxy_uri; end
reset(connection) click to toggle source

Resets HTTP connection connection.

# File lib/rubygems/request.rb, line 269
def reset(connection)
  @requests.delete connection.object_id

  connection.finish
  connection.start
end
user_agent() click to toggle source
# File lib/rubygems/request.rb, line 276
def user_agent
  ua = "RubyGems/#{Gem::VERSION} #{Gem::Platform.local}".dup

  ruby_version = RUBY_VERSION
  ruby_version += 'dev' if RUBY_PATCHLEVEL == -1

  ua << " Ruby/#{ruby_version} (#{RUBY_RELEASE_DATE}"
  if RUBY_PATCHLEVEL >= 0
    ua << " patchlevel #{RUBY_PATCHLEVEL}"
  elsif defined?(RUBY_REVISION)
    ua << " revision #{RUBY_REVISION}"
  end
  ua << ")"

  ua << " #{RUBY_ENGINE}" if RUBY_ENGINE != 'ruby'

  ua
end