🔒 Add ssl_ctx and ssl_ctx_params attr readers
#174
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
To match the most common order in modern ruby projects: * Moved `attr_reader`s down below class methods. * Moved `#initialize` up above all public instance method `def`s. * Moved an method down with other public instance method `def`s. This commit should contain no other code changes.
Updated rdoc for #initialize: * Various stylistic changes, mostly for options and exceptions. * Added examples to demonstrate connecting with clear-text, TLS, and checking the greeting for "OK" or "PREAUTH". * Added links to OpenSSL::SSL::SSLContext rdoc.
* Extract four methods: * `convert_deprecated_options` * `start_imap_connection`: begins IMAP protocol on connected socket * `get_server_greeting`: wraps `get_response` with greeting specifics * `start_receiver_thread` * Various other small stylistic tweaks, e.g: grouped similar ivars. This _should_ be the result of a series of "pure" safe refactorings. All existing behavior should remain unchanged.
`Net::IMAP#ssl_ctx` will return the `OpenSSL::SSL::SSLContext` used by the `OpenSSL::SSL::SSLSocket` when TLS is attempted, even when the TLS handshake is unsuccessful. The context object will be frozen. It will return `nil` for a plaintext connection. `Net::IMAP#ssl_ctx_params` will return the parameters that were sent to `OpenSSL::SSL::SSLContext#set_params` when the connection tries to use TLS (even when unsuccessful). It will return `false` for a plaintext connection. Additionally, error handling for the arguments to `#starttls` was moved *before* sending the command to the server. This way a simple argument error will still raise an exception, but won't result in dropping the connection. Because `ssl_ctx` is also created ahead of time, this will also catch invalid SSLContext params.
Collaborator
Author
|
Note: This PR accidentally included rdoc references to |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Net::IMAP#ssl_ctxwill return theOpenSSL::SSL::SSLContextused by theOpenSSL::SSL::SSLSocketwhen TLS is attempted, even when the TLS handshake is unsuccessful. The context object will be frozen. It will returnnilfor a plaintext connection.Net::IMAP#ssl_ctx_paramswill return the parameters that were sent toOpenSSL::SSL::SSLContext#set_paramswhen the connection tries to use TLS (even when unsuccessful). It will returnfalsefor a plaintext connection.Additionally, error handling for the arguments to
#starttlswas moved before sending the command to the server. This way a simple argument error will still raise an exception, but won't result in dropping the connection. Becausessl_ctxis also created ahead of time, this will also catch invalid SSLContext params.Tangentially:
#initializewas moved to the top of thepublicsection of the class definition, to match common conventions.#initializeand#startlsrdoc, including examples, links toOpenSSL::SSL::SSLContext#set_params, etc.#initializewas refactored into several extracted private methods, for readability.