ruby.git/lib/net, branch ruby_2_5 The Ruby Programming Language merge revision(s) 67563: [Backport #15769] 2019-07-31T14:02:50+00:00 usa usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-07-31T14:02:50+00:00 402bf6d516ac80e7ce1f58660086962231acf425 Support SNI (Reapplying r67488) This fixes connecting using TLS 1.3 to imap.gmail.com [Fix GH-2077] [Feature #15594] From: Marc-Antoine Perennou <Marc-Antoine@Perennou.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67717 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	Support SNI (Reapplying r67488)

	This fixes connecting using TLS 1.3 to imap.gmail.com

	[Fix GH-2077] [Feature #15594]

	From: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67717 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 64234,64252: [Backport #15219] 2019-03-12T23:23:17+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-12T23:23:17+00:00 0fd238c72f2952c5fa22841c1828c39e8c2faa95 net/http, net/ftp: fix session resumption with TLS 1.3 When TLS 1.3 is in use, the session ticket may not have been sent yet even though a handshake has finished. Also, the ticket could change if multiple session ticket messages are sent by the server. Use SSLContext#session_new_cb instead of calling SSLSocket#session immediately after a handshake. This way also works with earlier protocol versions. net/http, net/ftp: skip SSL/TLS session resumption tests Due to a bug in OpenSSL 1.1.0h[1] (it's only in this specific version; it was introduced just before the release and is already fixed in their stable branch), the callback set by SSLContext#session_new_cb= does not get called for clients, making net/http and net/ftp not attempt session resumption. Let's disable the affected test cases for now. Another option would be to fallback to using SSLSocket#session as we did before r64234. But since only a single version is affected and hopefully a new stable version containing the fix will be released in near future, I chose not to add such workaround code to lib/. [1] https://github.com/openssl/openssl/pull/5967 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67237 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	net/http, net/ftp: fix session resumption with TLS 1.3

	When TLS 1.3 is in use, the session ticket may not have been sent yet
	even though a handshake has finished. Also, the ticket could change if
	multiple session ticket messages are sent by the server. Use
	SSLContext#session_new_cb instead of calling SSLSocket#session
	immediately after a handshake. This way also works with earlier protocol
	versions.

	net/http, net/ftp: skip SSL/TLS session resumption tests

	Due to a bug in OpenSSL 1.1.0h[1] (it's only in this specific version;
	it was introduced just before the release and is already fixed in their
	stable branch), the callback set by SSLContext#session_new_cb= does not
	get called for clients, making net/http and net/ftp not attempt session
	resumption.

	Let's disable the affected test cases for now. Another option would be
	to fallback to using SSLSocket#session as we did before r64234. But
	since only a single version is affected and hopefully a new stable
	version containing the fix will be released in near future, I chose not
	to add such workaround code to lib/.

	[1] https://github.com/openssl/openssl/pull/5967

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67237 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 66401: [Backport #15412] 2019-01-20T04:49:40+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-01-20T04:49:40+00:00 4c426290d65d43e54c69a5ca469ba6a4e8ec1133 Move autoload to toplevel So that classes which uses Net::HTTP with https can use OpenSSL namespace for example exception classes like OpenSSL::SSL::SSLError. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@66877 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	Move autoload to toplevel

	So that classes which uses Net::HTTP with https can use OpenSSL
	namespace for example exception classes like OpenSSL::SSL::SSLError.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@66877 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 62099: [Backport #14416] 2018-08-18T08:35:42+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-08-18T08:35:42+00:00 3993fbb5f6bfdae0bce040988d7e2dd632247cdc net/pop: make modified strings mutable Thanks to Michael Zimmerman for the bug report * lib/net/pop.rb: make modified strings mutable [ruby-core:85210] [Bug #14416] * test/net/pop/test_pop.rb: new test git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@64443 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	net/pop: make modified strings mutable

	Thanks to Michael Zimmerman for the bug report

	* lib/net/pop.rb: make modified strings mutable
	  [ruby-core:85210] [Bug #14416]
	* test/net/pop/test_pop.rb: new test

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@64443 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 63396: [Backport #14750] 2018-08-17T16:20:53+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-08-17T16:20:53+00:00 34783456e8105c65377a4473b466ffeaa581d87e net/imap: Fix ArgumentError in send_string_data Thanks to ShockwaveNN (Pavel Lobashov) for reporting the bug. [ruby-core:86990] [Bug #14750] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@64420 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	net/imap: Fix ArgumentError in send_string_data

	Thanks to ShockwaveNN (Pavel Lobashov) for reporting the bug.
	[ruby-core:86990] [Bug #14750]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@64420 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 61639: [Backport #14323] 2018-02-16T08:17:36+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2018-02-16T08:17:36+00:00 d3eeb14db743736428b79ddc4c1d3d8026f15d6f net/ftp: fix FrozenError in BufferedSocket I noticed this bug while working on something else with RUBYOPT=-d on, existing test cases all passed with it. Note: I use String.new because it is the local style, here, I prefer +'' (or ''.b, for a future commit) * lib/net/ftp.rb (BufferedSocket#read): use String.new * test/net/ftp/test_buffered_socket.rb (test_read_nil): new test [ruby-core:84675] [Bug #14323] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@62425 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	net/ftp: fix FrozenError in BufferedSocket

	I noticed this bug while working on something else with
	RUBYOPT=-d on, existing test cases all passed with it.

	Note: I use String.new because it is the local style, here,
	I prefer +'' (or ''.b, for a future commit)

	* lib/net/ftp.rb (BufferedSocket#read): use String.new
	* test/net/ftp/test_buffered_socket.rb (test_read_nil): new test
	  [ruby-core:84675] [Bug #14323]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@62425 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
raise error if value contains CR/LF in iniheader of initialize_http_header 2017-12-20T12:06:59+00:00 naruse naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-12-20T12:06:59+00:00 0078e40115fd53e2cafd4e8cfb6ff5fd7f87c3db like r59693, initialize_http_header also should raise error. [Bug #14208] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61359 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
like r59693, initialize_http_header also should raise error. [Bug #14208]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61359 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Fix a command injection vulnerability in Net::FTP. 2017-12-14T13:41:30+00:00 nagachika nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-12-14T13:41:30+00:00 6d3f72e5be2312be312f2acbf3465b05293c1431 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61242 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61242 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Add uplevel keyword to Kernel#warn and use it 2017-12-12T11:56:25+00:00 shyouhei shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-12-12T11:56:25+00:00 f2a91397fd7f9ca5bb3d296ec6df2de6f9cfc7cb If uplevel keyword is given, the warning message is prepended with caller file and line information and the string "warning: ". The use of the uplevel keyword makes Kernel#warn format output similar to how rb_warn formats output. This patch modifies net/ftp and net/imap to use Kernel#warn instead of $stderr.puts or $stderr.printf, since they are used for printing warnings. This makes lib/cgi/core and tempfile use $stderr.puts instead of warn for debug logging, since they are used for debug printing and not for warning. This does not modify bundler, rubygems, or rdoc, as those are maintained outside of ruby and probably wish to remain backwards compatible with older ruby versions. rb_warn_m code is originally from nobu, but I've changed it so that it only includes the path and lineno from uplevel (not the method), and also prepends the string "warning: ", to make it more similar to rb_warn. From: Jeremy Evans code@jeremyevans.net Signed-off-by: Urabe Shyouhei shyouhei@ruby-lang.org git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
If uplevel keyword is given, the warning message is prepended
with caller file and line information and the string "warning: ".
The use of the uplevel keyword makes Kernel#warn format output
similar to how rb_warn formats output.

This patch modifies net/ftp and net/imap to use Kernel#warn
instead of $stderr.puts or $stderr.printf, since they are used
for printing warnings.

This makes lib/cgi/core and tempfile use $stderr.puts instead of
warn for debug logging, since they are used for debug printing
and not for warning.

This does not modify bundler, rubygems, or rdoc, as those are
maintained outside of ruby and probably wish to remain backwards
compatible with older ruby versions.

rb_warn_m code is originally from nobu, but I've changed it
so that it only includes the path and lineno from uplevel
(not the method), and also prepends the string "warning: ",
to make it more similar to rb_warn.

From: Jeremy Evans code@jeremyevans.net
Signed-off-by: Urabe Shyouhei shyouhei@ruby-lang.org


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61155 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
http.rb: improve docs 2017-11-07T20:13:48+00:00 stomar stomar@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2017-11-07T20:13:48+00:00 35bd2ad25e52561d01e76dbeaf25bc4cc836bc32 * lib/net/http.rb: [DOC] fix typos and grammar git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60710 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* lib/net/http.rb: [DOC] fix typos and grammar

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@60710 b2dd03c8-39d4-4d8f-98ff-823fe69b080e