From ef0736604a327e30568ea97ca07637c7d144544e Mon Sep 17 00:00:00 2001
From: yugui <yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 12 Jan 2011 07:26:18 +0000
Subject: * lib/net/http.rb (Net::HTTP#connect): makes it timeout during   SSL
 handshake too. [ruby-core:34203]   Patch by Marc Slemko.

* test/net/http/test_http.rb (TestNetHTTP_v1_2#test_timeout_during_HTTP_session):
  test for [ruby-core:34203]

* test/net/http/test_https.rb (TestNetHTTPS#test_timeout_during_SSL_handshake):
  ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30520 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog                   | 12 ++++++++++++
 lib/net/http.rb             | 34 ++++++++++++++++++++--------------
 test/net/http/test_http.rb  | 19 +++++++++++++++++++
 test/net/http/test_https.rb | 22 ++++++++++++++++++++++
 4 files changed, 73 insertions(+), 14 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index a7d3036cf1..2e2ec0310b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+Wed Jan 12 16:25:12 2011  Yuki Sonoda (Yugui)  <yugui@yugui.jp>
+
+	* lib/net/http.rb (Net::HTTP#connect): makes it timeout during 
+	  SSL handshake too. [ruby-core:34203]
+	  Patch by Marc Slemko.
+
+	* test/net/http/test_http.rb (TestNetHTTP_v1_2#test_timeout_during_HTTP_session):
+	  test for [ruby-core:34203]
+
+	* test/net/http/test_https.rb (TestNetHTTPS#test_timeout_during_SSL_handshake):
+	  ditto.
+
 Wed Jan 12 16:24:53 2011  Yuki Sonoda (Yugui)  <yugui@yugui.jp>
 
 	* ext/readline/extconf.rb: new checks for RL_PROMPT_START_IGNORE 
diff --git a/lib/net/http.rb b/lib/net/http.rb
index fac9a0beb1..c90b20297c 100644
--- a/lib/net/http.rb
+++ b/lib/net/http.rb
@@ -767,21 +767,27 @@ module Net   #:nodoc:
       @socket.read_timeout = @read_timeout
       @socket.debug_output = @debug_output
       if use_ssl?
-        if proxy?
-          @socket.writeline sprintf('CONNECT %s:%s HTTP/%s',
-                                    @address, @port, HTTPVersion)
-          @socket.writeline "Host: #{@address}:#{@port}"
-          if proxy_user
-            credential = ["#{proxy_user}:#{proxy_pass}"].pack('m')
-            credential.delete!("\r\n")
-            @socket.writeline "Proxy-Authorization: Basic #{credential}"
+        begin
+          if proxy?
+            @socket.writeline sprintf('CONNECT %s:%s HTTP/%s',
+                                      @address, @port, HTTPVersion)
+            @socket.writeline "Host: #{@address}:#{@port}"
+            if proxy_user
+              credential = ["#{proxy_user}:#{proxy_pass}"].pack('m')
+              credential.delete!("\r\n")
+              @socket.writeline "Proxy-Authorization: Basic #{credential}"
+            end
+            @socket.writeline ''
+            HTTPResponse.read_new(@socket).value
           end
-          @socket.writeline ''
-          HTTPResponse.read_new(@socket).value
-        end
-        s.connect
-        if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
-          s.post_connection_check(@address)
+          timeout(@open_timeout) { s.connect }
+          if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
+            s.post_connection_check(@address)
+          end
+        rescue => exception
+          D "Conn close because of connect error #{exception}"
+          @socket.close if @socket and not @socket.closed?
+          raise exception
         end
       end
       on_connect
diff --git a/test/net/http/test_http.rb b/test/net/http/test_http.rb
index 036a6a1570..18ca79e721 100644
--- a/test/net/http/test_http.rb
+++ b/test/net/http/test_http.rb
@@ -182,6 +182,25 @@ module TestNetHTTP_version_1_1_methods
     assert_equal data, res.entity
   end
 
+  def test_timeout_during_HTTP_session
+    bug4246 = "expected the HTTP session to have timed out but have not. c.f. [ruby-core:34203]"
+
+    # listen for connections... but deliberately do not complete SSL handshake
+    TCPServer.open(0) {|server|
+      port = server.addr[1]
+
+      conn = Net::HTTP.new('localhost', port)
+      conn.read_timeout = 1
+      conn.open_timeout = 1
+
+      th = Thread.new do
+        assert_raise(Timeout::Error) {
+          conn.get('/')
+        }
+      end
+      assert th.join(10), bug4246
+    }
+  end
 end
 
 
diff --git a/test/net/http/test_https.rb b/test/net/http/test_https.rb
index 95c63da750..8da7090c68 100644
--- a/test/net/http/test_https.rb
+++ b/test/net/http/test_https.rb
@@ -2,6 +2,7 @@ require "test/unit"
 begin
   require 'net/https'
   require 'stringio'
+  require 'timeout'
   require File.expand_path("../../openssl/utils", File.dirname(__FILE__))
   require File.expand_path("utils", File.dirname(__FILE__))
 rescue LoadError
@@ -104,4 +105,25 @@ class TestNetHTTPS < Test::Unit::TestCase
     }
     assert_match(/hostname does not match/, ex.message)
   end
+
+  def test_timeout_during_SSL_handshake
+    bug4246 = "expected the SSL connection to have timed out but have not. [ruby-core:34203]"
+
+    # listen for connections... but deliberately do not complete SSL handshake
+    TCPServer.open(0) {|server|
+      port = server.addr[1]
+
+      conn = Net::HTTP.new('localhost', port)
+      conn.use_ssl = true
+      conn.read_timeout = 1
+      conn.open_timeout = 1
+
+      th = Thread.new do
+        assert_raise(Timeout::Error) {
+          conn.get('/')
+        }
+      end
+      assert th.join(10), bug4246
+    }
+  end
 end if defined?(OpenSSL)
-- 
cgit v1.2.3