ruby.git/lib/net/ftp.rb, branch v2_5_8 The Ruby Programming Language merge revision(s) 64234,64252: [Backport #15219] 2019-03-12T23:23:17+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-12T23:23:17+00:00 0fd238c72f2952c5fa22841c1828c39e8c2faa95 net/http, net/ftp: fix session resumption with TLS 1.3 When TLS 1.3 is in use, the session ticket may not have been sent yet even though a handshake has finished. Also, the ticket could change if multiple session ticket messages are sent by the server. Use SSLContext#session_new_cb instead of calling SSLSocket#session immediately after a handshake. This way also works with earlier protocol versions. net/http, net/ftp: skip SSL/TLS session resumption tests Due to a bug in OpenSSL 1.1.0h[1] (it's only in this specific version; it was introduced just before the release and is already fixed in their stable branch), the callback set by SSLContext#session_new_cb= does not get called for clients, making net/http and net/ftp not attempt session resumption. Let's disable the affected test cases for now. Another option would be to fallback to using SSLSocket#session as we did before r64234. But since only a single version is affected and hopefully a new stable version containing the fix will be released in near future, I chose not to add such workaround code to lib/. [1] https://github.com/openssl/openssl/pull/5967 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67237 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	net/http, net/ftp: fix session resumption with TLS 1.3

	When TLS 1.3 is in use, the session ticket may not have been sent yet
	even though a handshake has finished. Also, the ticket could change if
	multiple session ticket messages are sent by the server. Use
	SSLContext#session_new_cb instead of calling SSLSocket#session
	immediately after a handshake. This way also works with earlier protocol
	versions.

	net/http, net/ftp: skip SSL/TLS session resumption tests

	Due to a bug in OpenSSL 1.1.0h[1] (it's only in this specific version;
	it was introduced just before the release and is already fixed in their
	stable branch), the callback set by SSLContext#session_new_cb= does not
	get called for clients, making net/http and net/ftp not attempt session
	resumption.

	Let's disable the affected test cases for now. Another option would be
	to fallback to using SSLSocket#session as we did before r64234. But
	since only a single version is affected and hopefully a new stable
	version containing the fix will be released in near future, I chose not
	to add such workaround code to lib/.

	[1] https://github.com/openssl/openssl/pull/5967

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67237 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 61639: [Backport #14323] 2018-02-16T08:17:36+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-02-16T08:17:36+00:00 d3eeb14db743736428b79ddc4c1d3d8026f15d6f net/ftp: fix FrozenError in BufferedSocket I noticed this bug while working on something else with RUBYOPT=-d on, existing test cases all passed with it. Note: I use String.new because it is the local style, here, I prefer +'' (or ''.b, for a future commit) * lib/net/ftp.rb (BufferedSocket#read): use String.new * test/net/ftp/test_buffered_socket.rb (test_read_nil): new test [ruby-core:84675] [Bug #14323] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@62425 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	net/ftp: fix FrozenError in BufferedSocket

	I noticed this bug while working on something else with
	RUBYOPT=-d on, existing test cases all passed with it.

	Note: I use String.new because it is the local style, here,
	I prefer +'' (or ''.b, for a future commit)

	* lib/net/ftp.rb (BufferedSocket#read): use String.new
	* test/net/ftp/test_buffered_socket.rb (test_read_nil): new test
	  [ruby-core:84675] [Bug #14323]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@62425 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Fix a command injection vulnerability in Net::FTP. 2017-12-14T13:41:30+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-12-14T13:41:30+00:00 6d3f72e5be2312be312f2acbf3465b05293c1431 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61242 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61242 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Add uplevel keyword to Kernel#warn and use it 2017-12-12T11:56:25+00:00 shyouhei shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-12-12T11:56:25+00:00 f2a91397fd7f9ca5bb3d296ec6df2de6f9cfc7cb If uplevel keyword is given, the warning message is prepended with caller file and line information and the string "warning: ". The use of the uplevel keyword makes Kernel#warn format output similar to how rb_warn formats output. This patch modifies net/ftp and net/imap to use Kernel#warn instead of $stderr.puts or $stderr.printf, since they are used for printing warnings. This makes lib/cgi/core and tempfile use $stderr.puts instead of warn for debug logging, since they are used for debug printing and not for warning. This does not modify bundler, rubygems, or rdoc, as those are maintained outside of ruby and probably wish to remain backwards compatible with older ruby versions. rb_warn_m code is originally from nobu, but I've changed it so that it only includes the path and lineno from uplevel (not the method), and also prepends the string "warning: ", to make it more similar to rb_warn. From: Jeremy Evans code@jeremyevans.net Signed-off-by: Urabe Shyouhei shyouhei@ruby-lang.org git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
If uplevel keyword is given, the warning message is prepended
with caller file and line information and the string "warning: ".
The use of the uplevel keyword makes Kernel#warn format output
similar to how rb_warn formats output.

This patch modifies net/ftp and net/imap to use Kernel#warn
instead of $stderr.puts or $stderr.printf, since they are used
for printing warnings.

This makes lib/cgi/core and tempfile use $stderr.puts instead of
warn for debug logging, since they are used for debug printing
and not for warning.

This does not modify bundler, rubygems, or rdoc, as those are
maintained outside of ruby and probably wish to remain backwards
compatible with older ruby versions.

rb_warn_m code is originally from nobu, but I've changed it
so that it only includes the path and lineno from uplevel
(not the method), and also prepends the string "warning: ",
to make it more similar to rb_warn.

From: Jeremy Evans code@jeremyevans.net
Signed-off-by: Urabe Shyouhei shyouhei@ruby-lang.org


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Fix warning: assigned but unused variable 2017-10-17T11:58:51+00:00 kazu kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-10-17T11:58:51+00:00 73d128ff2c58d1c3029378a872174f03e4dd3541 [Bug #14020][ruby-core:83313] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60198 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
[Bug #14020][ruby-core:83313]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60198 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Prefer adapting specs to complicating library code 2017-09-20T21:50:14+00:00 eregon eregon@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-09-20T21:50:14+00:00 2dd35a74533e63ad2b9b8804ef62b153ac926978 * lib/net/ftp.rb (Net::FTP#initialize): simplify as per the original intent. * spec/ruby/library/net/ftp/initialize_spec.rb: adapt specs. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59981 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* lib/net/ftp.rb (Net::FTP#initialize): simplify as per
  the original intent.
* spec/ruby/library/net/ftp/initialize_spec.rb: adapt specs.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59981 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Adapt tools to follow spec/rubyspec => spec/ruby rename 2017-09-20T20:19:54+00:00 eregon eregon@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-09-20T20:19:54+00:00 aaf07f7ad5fa892911b2f5a5390cdfdb865d74d9 * [Misc #13792] [ruby-core:82287] * Prefer test-spec over test-rubyspec in spec/README. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59980 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* [Misc #13792] [ruby-core:82287]
* Prefer test-spec over test-rubyspec in spec/README.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59980 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Suppress warnings. 2016-11-29T08:44:21+00:00 shugo shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-11-29T08:44:21+00:00 fa7066f81839060d0a49f674625e6382233dcd3d git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56925 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56925 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
net/ftp: add a new option ssl_handshake_timeout to Net::FTP.new. 2016-11-29T02:47:11+00:00 shugo shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-11-29T02:47:11+00:00 7242e6a9b6f692b1d7d3f26bfe4a34356ca743a6 The TLS handshake timeout can be specified independently, because the TLS handshake doesn't start just after the underlying connection is established, but after the AUTH command is completed. It's also useful for testing purposes. However, if ssl_handshake_timeout is not specified, open_timeout is used instead for convenience. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56919 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
The TLS handshake timeout can be specified independently, because the TLS
handshake doesn't start just after the underlying connection is established,
but after the AUTH command is completed.  It's also useful for testing
purposes.  However, if ssl_handshake_timeout is not specified, open_timeout
is used instead for convenience.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56919 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
net/ftp: close the socket directly when an error occurs during TLS handshake. 2016-11-29T02:33:34+00:00 shugo shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2016-11-29T02:33:34+00:00 a4072112b267766843530768c9eaaf5ee4f3fe8d Otherwise, @sock.read in Net::FTP#close hungs until read_timeout exceeded. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56918 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
Otherwise, @sock.read in Net::FTP#close hungs until read_timeout exceeded.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56918 b2dd03c8-39d4-4d8f-98ff-823fe69b080e