Recent CI experimentation has shown system OpenSSL to be different than Ruby OpenSSL. May cause testing issues.
Adds Ruby OpenSSL version info to test log by test_puma_server_ssl.rb when Minitest loads test files.
* Fix ssl_v3_rejection test hanging
When closing the server, puma would get caught in a loop where it would
expect IO.select to timeout but instead it would return a file
descriptor ready to read, but in a end-of-file condition.
* Remove windows tweaks from test_puma_server_ssl.rb
So that the hang I'm getting when running the tests locally can be
reproduced.
* Add missing appveyor entry
* Try fix 2.2.9 build
* Fix extra package installation on appveyor
When a test that boots a server fails it may not properly close out the port. When this happens there is a cascading failure as all other tests that use that port also fail. It becomes hard to find the actual failure reason. This commit uses a new number of every time port is used.
Moves the require for puma/events from the individual test files and
into the main test helper.
The reason for this was while I was debugging the `test_puma_server.rb`
tests I was getting an error for an uninitialized constant for
`Puma::Event`.
Moving the require from the individual files to the test help means the
`puma/events` will always be included instead of having to remember to
do that. It makes debugging individual tests locally easier.
running `rake` loads all files starting with `test_` which is not supposed to also load the helper,
since the helper should be loaded by each test and is not a test itself.
* Bump minitest version.
* Add basic test helper file.
* Use minitest for web server tests.
* Use Minitest for unix socket tests.
* Use Minitest for ThreadPool tests.
* Use Minitest for TCP-Rack tests
* Use Minitest for TCPLogger tests.
* Add missing helper to test helpers.
* Use Minitest for Rack server tests.
* Use Minitest for Rack handler tests.
* Use Minitest for Puma::Server tests.
* Use Minitest for Puma::Server with SSL tests.
* Use Minitest for persisten connections tests.
* Require puma in test_helper file.
* Use minitest for Puma::NullIO tests.
* Remove unnecessary requires on test files.
* Use Minitest for MiniSSL tests.
* Use Minitest for IOBuffer tests.
* Require bundler/setup in Rakefile.
* Use Minitest for HttpParser tests.
* Use Minitest for Puma::Configuration tests.
* Use Minitest for Puma::CLI tests.
* Bump Minitest version for Ruby 2.1 Gemfile.
* Use Minitest for integration tests.
* Use Minitest for Puma::App::Status tests.
* Remove test-unit from Gemfiles.
* Add timeout helper to Minitest::Test.
* Use Minitest for Puma::Binder tests.
* Remove testhelp file.
* Add missing require to Puma::Binder tests.
* Prefer require instead of require_relative.
Adds support for `verify_mode` to configure client authentication when running under JRuby.
Things to note:
- Assumes the CA used to verify client certs is in the same java
keystore file that is used when setting up the HTTPS TLS listener. We
could split this out, but not sure if it's necessary.
- Friendly/helpful error messages explaining why the verification failed
are not present in the same way they are in the CRuby/OpenSSL code
path. I'm not sure how to make them available.
- I did not include any code to create the `keystore.jks` file in the
`examples/puma/client-certs` directory because I didn't see any
existing code to create the `examples/puma/keystore.jks` file. The
commands to create this keystore would be:
```
cd examples/puma/client-certs
openssl pkcs12 -chain -CAfile ./ca.crt -export -password pass:blahblah -inkey server.key -in server.crt -name server -out server.p12
keytool -importkeystore -srckeystore server.p12 -srcstoretype pkcs12 -srcstorepass blahblah -destkeystore keystore.jks -deststoretype JKS -storepass blahblah
keytool -importcert -alias ca -noprompt -trustcacerts -file ca.crt -keystore keystore.jks -storepass blahblah
```
Both the C and JRuby SSL implementations would hang on a bad handshake
because they were not producing the EOF expected in that case.
Update their error handling to behave correctly here (note:
`test_ssl_v3_rejection` covers this).
- Implement MiniSSL for JRuby
- Modify `Binder` and `MiniSSL::Context` to to accommodate the fact
that Java SSL demands a java keystore rather than a key/cert pair
- Change the MiniSSL native extension interface to take a
`MiniSSL::Context` rather than a key/cert pair so that each extension
can grab keys off the context as appropriate
