Bug #8758 » 0001-DOC-adding-basic-documentation-to-SSLServer.patch
| ChangeLog | ||
|---|---|---|
|
Fri Aug 9 01:13:18 2013 Rafał Lisowski <lisukorin@gmail.com>
|
||
|
* ext/openssl/ssl.rb: [DOC] adding basic documentation
|
||
|
to SSLServer.
|
||
|
Fri Aug 9 00:10:32 2013 Nobuyoshi Nakada <nobu@ruby-lang.org>
|
||
|
* enumerator.c (lazy_zip_func): fix non-single argument. fix
|
||
| ext/openssl/lib/openssl/ssl.rb | ||
|---|---|---|
|
end
|
||
|
end
|
||
|
##
|
||
|
#
|
||
|
# SSLServer represents a TCP/IP server socket with Secure Sockets Layer.
|
||
|
#
|
||
|
# A simple SSL server may look like:
|
||
|
#
|
||
|
# require 'socket'
|
||
|
# require 'openssl'
|
||
|
#
|
||
|
# tcp_serv = TCPServer.new("127.0.0.1", 28561)
|
||
|
#
|
||
|
# ssl_context = OpenSSL::SSL::SSLContext.new
|
||
|
# ssl_context.ca_file = 'ca.pem'
|
||
|
# ssl_context.cert = OpenSSL::X509::Certificate.new( File.open( 'cert.cert' ))
|
||
|
# ssl_context.key = OpenSSL::PKey::RSA.new( File.open( 'priv.key' ))
|
||
|
# ssl_context.ciphers = 'HIGH:MEDIUM'
|
||
|
# ssl_context.ssl_version = 'TLSv1'
|
||
|
# flags = OpenSSL::SSL::VERIFY_PEER|OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
|
||
|
# ssl_context.verify_mode = flags
|
||
|
#
|
||
|
# ssl_serv = OpenSSL::SSL::SSLServer.new( tcp_serv, ssl_context )
|
||
|
#
|
||
|
# socket = ssl_serv.accept
|
||
|
# socket.puts Time.now
|
||
|
# socket.close
|
||
|
#
|
||
|
# Note that cert.cert and priv.key can be in one pem file.
|
||
|
# In that case pass the same file to both context methods (cert and key).
|
||
|
#
|
||
|
# OpenSSL provides detailed instruction how generate certificates using Ruby.
|
||
|
#
|
||
|
# To manually test above server one can use
|
||
|
# openssl s_client[http://www.openssl.org/docs/apps/s_client.html] eg
|
||
|
#
|
||
|
# $ openssl s_client -host localhost -port 28561 -tls1 -cert ./cert.pem
|
||
|
#
|
||
|
class SSLServer
|
||
|
include SocketForwarder
|
||
|
# if true then #accept works exactly the same
|
||
|
# as TCPServer#accept
|
||
|
attr_accessor :start_immediately
|
||
|
# Create a new SSLServer.
|
||
|
# * +srv+ is a TCPServer instance
|
||
|
# * +ctx+ is a OpenSSL::SSL::SSLContext instance
|
||
|
def initialize(svr, ctx)
|
||
|
@svr = svr
|
||
|
@ctx = ctx
|
||
| ... | ... | |
|
@start_immediately = true
|
||
|
end
|
||
|
# Returns TCPServer passed as an first argument to initializer.
|
||
|
def to_io
|
||
|
@svr
|
||
|
end
|
||
|
# See TCPServer#listen for details.
|
||
|
def listen(backlog=5)
|
||
|
@svr.listen(backlog)
|
||
|
end
|
||
|
# See BasicSocket#shutdown for details.
|
||
|
def shutdown(how=Socket::SHUT_RDWR)
|
||
|
@svr.shutdown(how)
|
||
|
end
|
||
|
# Works similar to TCPServer#accept.
|
||
|
def accept
|
||
|
sock = @svr.accept
|
||
|
begin
|
||
| ... | ... | |
|
end
|
||
|
end
|
||
|
# See IO#close for details.
|
||
|
def close
|
||
|
@svr.close
|
||
|
end
|
||