lib/httpx/io/ssl.rb in httpx-0.11.3 vs lib/httpx/io/ssl.rb in httpx-0.12.0
- old
+ new
@@ -1,31 +1,28 @@
# frozen_string_literal: true
require "openssl"
module HTTPX
+ TLSError = OpenSSL::SSL::SSLError
+
class SSL < TCP
TLS_OPTIONS = if OpenSSL::SSL::SSLContext.instance_methods.include?(:alpn_protocols)
{ alpn_protocols: %w[h2 http/1.1] }
else
{}
end
def initialize(_, _, options)
+ super
@ctx = OpenSSL::SSL::SSLContext.new
ctx_options = TLS_OPTIONS.merge(options.ssl)
- @tls_hostname = ctx_options.delete(:hostname)
+ @sni_hostname = ctx_options.delete(:hostname) || @hostname
@ctx.set_params(ctx_options) unless ctx_options.empty?
- super
- @tls_hostname ||= @hostname
@state = :negotiated if @keep_open
end
- def interests
- @interests || super
- end
-
def protocol
@io.alpn_protocol || super
rescue StandardError
super
end
@@ -57,15 +54,16 @@
return if @state == :negotiated ||
@state != :connected
unless @io.is_a?(OpenSSL::SSL::SSLSocket)
@io = OpenSSL::SSL::SSLSocket.new(@io, @ctx)
- @io.hostname = @tls_hostname
+ @io.hostname = @sni_hostname
@io.sync_close = true
end
@io.connect_nonblock
- @io.post_connection_check(@tls_hostname) if @ctx.verify_mode != OpenSSL::SSL::VERIFY_NONE
+ @io.post_connection_check(@sni_hostname) if @ctx.verify_mode != OpenSSL::SSL::VERIFY_NONE
transition(:negotiated)
+ @interests = :w
rescue ::IO::WaitReadable
@interests = :r
rescue ::IO::WaitWritable
@interests = :w
end