diff --git a/ChangeLog b/ChangeLog index e8c0e97cb7..dfaddfa7ef 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +Sat Nov 5 15:42:52 2016 Shugo Maeda + + * lib/net/smtp.rb (tlsconnect): support timeout for TLS handshake. + [ruby-core:76893] [Bug #12678] + + * lib/net/protocol.rb (ssl_socket_connect): new method to implement + timeout for TLS handshake. + + * lib/net/http.rb (connect): use Net::Protocol#ssl_socket_connect. + Sat Nov 5 14:17:20 2016 Nobuyoshi Nakada * parse.y (brace_body, do_body): since cmdarg_stack is saved in diff --git a/lib/net/http.rb b/lib/net/http.rb index 4738bc621a..25d7dae873 100644 --- a/lib/net/http.rb +++ b/lib/net/http.rb @@ -930,21 +930,7 @@ module Net #:nodoc: Process.clock_gettime(Process::CLOCK_REALTIME) < @ssl_session.time.to_f + @ssl_session.timeout s.session = @ssl_session if @ssl_session end - if timeout = @open_timeout - while true - raise Net::OpenTimeout if timeout <= 0 - start = Process.clock_gettime Process::CLOCK_MONOTONIC - # to_io is required because SSLSocket doesn't have wait_readable yet - case s.connect_nonblock(exception: false) - when :wait_readable; s.to_io.wait_readable(timeout) - when :wait_writable; s.to_io.wait_writable(timeout) - else; break - end - timeout -= Process.clock_gettime(Process::CLOCK_MONOTONIC) - start - end - else - s.connect - end + ssl_socket_connect(s, @open_timeout) if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE s.post_connection_check(@address) end diff --git a/lib/net/protocol.rb b/lib/net/protocol.rb index b53370931a..6b75b94cda 100644 --- a/lib/net/protocol.rb +++ b/lib/net/protocol.rb @@ -34,6 +34,24 @@ module Net # :nodoc: end End end + + def ssl_socket_connect(s, timeout) + if timeout + while true + raise Net::OpenTimeout if timeout <= 0 + start = Process.clock_gettime Process::CLOCK_MONOTONIC + # to_io is required because SSLSocket doesn't have wait_readable yet + case s.connect_nonblock(exception: false) + when :wait_readable; s.to_io.wait_readable(timeout) + when :wait_writable; s.to_io.wait_writable(timeout) + else; break + end + timeout -= Process.clock_gettime(Process::CLOCK_MONOTONIC) - start + end + else + s.connect + end + end end diff --git a/lib/net/smtp.rb b/lib/net/smtp.rb index 50cd742495..ac8ddc5bf2 100644 --- a/lib/net/smtp.rb +++ b/lib/net/smtp.rb @@ -167,7 +167,7 @@ module Net # Net::SMTP.start('your.smtp.server', 25, 'mail.from.domain', # 'Your Account', 'Your Password', :cram_md5) # - class SMTP + class SMTP < Protocol Revision = %q$Revision$.split[1] @@ -581,7 +581,7 @@ module Net s = ssl_socket(s, @ssl_context) logging "TLS connection started" s.sync_close = true - s.connect + ssl_socket_connect(s, @open_timeout) if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE s.post_connection_check(@address) end diff --git a/test/net/smtp/test_smtp.rb b/test/net/smtp/test_smtp.rb index 3bcceb6fc5..656e77dc86 100644 --- a/test/net/smtp/test_smtp.rb +++ b/test/net/smtp/test_smtp.rb @@ -5,6 +5,10 @@ require 'test/unit' module Net class TestSMTP < Test::Unit::TestCase + CA_FILE = File.expand_path("../imap/cacert.pem", __dir__) + SERVER_KEY = File.expand_path("../imap/server.key", __dir__) + SERVER_CERT = File.expand_path("../imap/server.crt", __dir__) + class FakeSocket attr_reader :write_io @@ -98,5 +102,57 @@ module Net smtp.rcptto("foo\r\nbar") end end + + def test_tls_connect + server = TCPServer.new("127.0.0.1", 0) + ctx = OpenSSL::SSL::SSLContext.new + ctx.ca_file = CA_FILE + ctx.key = File.open(SERVER_KEY) { |f| + OpenSSL::PKey::RSA.new(f) + } + ctx.cert = File.open(SERVER_CERT) { |f| + OpenSSL::X509::Certificate.new(f) + } + ssl_server = OpenSSL::SSL::SSLServer.new(server, ctx) + begin + sock = nil + Thread.start do + sock = ssl_server.accept + sock.write("220 localhost Service ready\r\n") + sock.gets + sock.write("250 localhost\r\n") + sock.gets + sock.write("221 localhost Service closing transmission channel\r\n") + end + smtp = Net::SMTP.new("localhost", server.addr[1]) + smtp.enable_tls + smtp.open_timeout = 0.1 + smtp.start do + end + ensure + sock.close if sock + ssl_server.close + end + end + + def test_tls_connect_timeout + server = TCPServer.new("127.0.0.1", 0) + begin + sock = nil + Thread.start do + sock = server.accept + end + smtp = Net::SMTP.new("127.0.0.1", server.addr[1]) + smtp.enable_tls + smtp.open_timeout = 0.1 + assert_raise(Net::OpenTimeout) do + smtp.start do + end + end + ensure + sock.close if sock + server.close + end + end end end diff --git a/test/net/smtp/test_ssl_socket.rb b/test/net/smtp/test_ssl_socket.rb index 20792190c8..354f413040 100644 --- a/test/net/smtp/test_ssl_socket.rb +++ b/test/net/smtp/test_ssl_socket.rb @@ -7,6 +7,11 @@ module Net class MySMTP < SMTP attr_accessor :fake_tcp, :fake_ssl + def initialize(*args) + super(*args) + @open_timeout = nil + end + def tcp_socket address, port fake_tcp end