Age | Commit message (Collapse) | Author |
|
RFC 6066, section 3, explicitly disallows the use of an IP address
as an SNI server name. So check if the connection is being made
to an IP address using the resolv regexps, and do not set an SNI
hostname in that case.
Recent changes to LibreSSL make it more strictly follow RFC 6066,
resulting an s.hostname= raising an error if passed an IP address.
When such verions of LibreSSL are used, this change not only fixes
the net/http tests, it also fixes tests for webrick and open-uri,
which both make SSL connections to 127.0.0.1 using net/http in
their tests.
Avoid warning in the openssl extension by unsetting
@ssl_context.verify_hostname if connecting to an IP address.
Make changes so that the post_connection_check still happens
when connecting to an IP address, which is necessary to keep
checking that the certificate returned includes the IP address,
which one of the tests depends on.
Revert the previous change that modified the regexp used for
checking the error message.
https://github.com/ruby/net-http/commit/fa68e64bee
|
|
https://github.com/ruby/net-protocol/commit/35d7b08a54
|
|
This gem exposes no executables.
https://github.com/ruby/net-protocol/commit/3c4def2a64
|
|
Renames `D` to `debug` in `Net::HTTP` and introduces an alias for
backwards compatibility. This was done for readability reasons, in that
`D` did not clearly reflect what the method was doing and can cause some
confusion.
https://github.com/ruby/net-http/commit/582d6e87d6
|
|
`response_body_permitted?` is a method of request.
|
|
This gem exposes no executable files.
https://github.com/ruby/net-http/commit/3b3743f6ce
|
|
https://github.com/ruby/net-protocol/commit/d4982420e6
|
|
https://github.com/ruby/net-http/commit/9d95c5e3e6
|
|
https://github.com/ruby/net-http/commit/2a97b4729b
|
|
https://github.com/ruby/net-http/commit/dada6007bf
|
|
The last_communicated timestamp is for HTTP persistent connection, to
decide whether the current TCP connection may be reused for the
subsequent requests or not. Naturally, the timer must be reset if the
connection is recreated since it is no longer relevant.
https://github.com/ruby/net-http/commit/0a013de42d
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4970
|
|
https://github.com/ruby/net-http/commit/f3e65e2a31
|
|
https://github.com/ruby/net-protocol/commit/088e52609a
|
|
The existing implementation of `Net::HTTP#write_timeout` relies on
`Net::BefferedIO` to trigger the `Net::WriteTimeout` error. This commit
changes `send_request_with_body_stream` to remove the optimization that
was making `Net::HTTP#write_timeout` not work when `body_stream` is
used.
Open issue:
https://bugs.ruby-lang.org/issues/17933
https://github.com/ruby/net-http/commit/a0fab1ab52
|
|
Mitigate the security risk:
https://devcraft.io/2021/01/07/universal-deserialisation-gadget-for-ruby-2-x-3-x.html
https://github.com/ruby/net-protocol/commit/a9970437e8
|
|
https://github.com/ruby/net-protocol/commit/97c4b68528
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4530
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4530
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4530
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4530
|
|
https://github.com/ruby/net-ftp/commit/895ba44b3c
|
|
It is not used in net/http library code since commit 15ccd0118c13
(r36473 in ruby svn trunk, 2012).
require's in test suite are also cleaned up.
https://github.com/ruby/net-http/commit/996d18a43f
|
|
|
|
|
|
* updated obsoleted RFCs to current versions
* linked most references to their RFCs
* linked extension commands to their RFCs
* removed unidiomatic `()` from instance method links
* escaped `IMAP` in a few places
* converted all response structs to explicit classes: this makes much
nicer rdoc output than listing them all under "constants"
* grouped flags constants into their own sections
https://github.com/ruby/net-imap/commit/9cd562ac84
|
|
Partially implements #10.
https://github.com/ruby/net-imap/commit/64d1080d63
|
|
Partially implements #10.
https://github.com/ruby/net-imap/commit/2a9afa83bf
|
|
Partially implements #10.
https://github.com/ruby/net-imap/commit/0d43c5e856
|
|
Partially implements #10.
https://github.com/ruby/net-imap/commit/24e929fdd2
|
|
Partially implements #10.
https://github.com/ruby/net-imap/commit/746757b936
|
|
Partially implements #10.
https://github.com/ruby/net-imap/commit/c2408aac9a
|
|
Added RFC links to all SASL mechanism specifications.
https://github.com/ruby/net-imap/commit/53ff4b0c09
|
|
* Add authzid support
* must not contain NULL chars
* improve rdoc
https://github.com/ruby/net-imap/commit/a587fc71b7
|
|
Also updates rdoc with SASL specifications and deprecations. Of these
four, only `PLAIN` isn't deprecated!
+@@authenticators+ was changed to a class instance var
+@authenticators+. No one should have been using the class variable
directly, so that should be fine.
https://github.com/ruby/net-imap/commit/23f241b081
|
|
https://github.com/ruby/net-imap/commit/4057c662e7
|
|
OpenSSL make take some time to initialize, and it would be best
to take that time before connecting instead of after.
From joshc on Redmine.
Fixes Ruby Bug #9459
https://github.com/ruby/net-http/commit/14e09fba24
|
|
Introduced in https://github.com/ruby/ruby/commit/c1652035644
`/s` marks the regexp as encoded with Windows-31J which makes little
sense.
Nurse thinks the intent was to use `/m` for a multi-line regexp.
https://github.com/ruby/net-http/commit/6c15342cdf
|
|
If someone sets an env variable defining a http_proxy, containing a
username / password with percent-encoded characters, then the resulting
base64 encoded auth header will be wrong.
For example, suppose a username is `Y\X` and the password is `R%S] ?X`.
Properly URL encoded the proxy url would be:
http://Y%5CX:R%25S%5D%20%3FX@proxy.example:8000
The resulting proxy auth header should be: `WVxYOlIlU10gP1g=`, but the
getters defined by ruby StdLib `URI` return a username `Y%5CX` and
password `R%25S%5D%20%3FX`, resulting in `WSU1Q1g6UiUyNVMlNUQlMjAlM0ZY`.
As a result the proxy will deny the request.
Please note that this is my first contribution to the ruby ecosystem, to
standard lib especially and I am not a ruby developer.
References:
- https://gitlab.com/gitlab-org/gitlab/-/issues/289836
- https://bugs.ruby-lang.org/projects/ruby-master/repository/trunk/revisions/58461
- https://bugs.ruby-lang.org/issues/17542
https://github.com/ruby/net-http/commit/e57d4f38aa
|
|
Use Socket.tcp's connect_timeout option instead
https://github.com/ruby/net-http/commit/753cae3bbc
|
|
testings >0.2.1
https://github.com/ruby/net-smtp/commit/8f2c9323e2
|
|
https://github.com/ruby/net-smtp/commit/69bba6b125
|
|
Timeout.timeout is inefficient since it spins up a new thread for
each invocation, use Socket.tcp's connect_timeout option instead
https://github.com/ruby/net-smtp/commit/6ae4a59f05
|
|
keyword argument
Additional params are passed to OpenSSL::SSL::SSLContext#set_params.
For example, `Net::SMTP#start(ssl_context_params: { cert_store: my_store, timeout: 123 })`
calls `set_params({ cert_store: my_store, timeout: 123 })`.
https://github.com/ruby/net-smtp/commit/4213389c21
|
|
iff means if and only if, but readers without that knowledge might
assume this to be a spelling mistake. To me, this seems like
exclusionary language that is unnecessary. Simply using "if and only if"
instead should suffice.
https://github.com/ruby/net-ftp/commit/e920473618
|
|
Reported by Alexandr Savca as a DoS vulnerability, but Net::FTP is a
client library and the impact of the issue is low, so I have decided
to fix it as a normal issue.
Based on patch by nobu.
https://github.com/ruby/net-ftp/commit/a93af636f8
|
|
setting up the transfer
Previously, the connection leaked in this case. This uses
begin/ensure and checking for an error in the ensure block.
An alternative approach would be to not even perform the
connection until after the RETR (or other) command has been
sent. However, I'm not sure all FTP servers support that.
The current behavior is:
* Send (PASV/EPSV)
* Connect to the host/port returned in 227/229 reply
* Send (RETR/other command)
Changing it to connect after the RETR could break things.
FTP servers might expect that the client has already
connected before sending the RETR. The alternative
approach is more likely to introduce backwards compatibility
issues, compared to the begin/ensure approach taken here.
Fixes Ruby Bug 17027
https://github.com/ruby/net-ftp/commit/6e8535f076
|
|
Timeout.timeout is inefficient since it spins up a new thread for
each invocation, use Socket.tcp's connect_timeout option instead
when we aren't using SOCKS (we can't replace Timeout.timeout
for SOCKS yet since SOCKSSocket doesn't have a connect_timeout
option).
https://github.com/ruby/net-ftp/commit/d65910132f
|
|
https://github.com/ruby/net-imap/commit/31f96ea884
|
|
Fixes #14
https://github.com/ruby/net-imap/commit/39d39ff9bb
|