diff -pruN 4.0.2-2/History.txt 4.0.6-1/History.txt --- 4.0.2-2/History.txt 2023-03-30 07:31:36.000000000 +0000 +++ 4.0.6-1/History.txt 2025-06-19 08:30:51.000000000 +0000 @@ -1,3 +1,27 @@ +=== 4.0.6 / 2024-12-04 + +Bug fixes: + +* Allow ConnectionPool exceptions from checkout to bubble up to caller. + +=== 4.0.5 / 2024-12-04 + +Bug fixes: + +* Allow setting extra_chain_cert= + +=== 4.0.4 / 2024-09-09 + +Bug fixes: + +* Allow setting verify_hostname to false + +=== 4.0.3 / 2024-09-09 + +Bug fixes: + +* Handle Net::HTTP#verify_hostname was added in Ruby 3.0 or later. #120 + === 4.0.2 / 2023-03-29 Bug fixes: diff -pruN 4.0.2-2/README.rdoc 4.0.6-1/README.rdoc --- 4.0.2-2/README.rdoc 2023-03-30 07:31:36.000000000 +0000 +++ 4.0.6-1/README.rdoc 2025-06-19 08:30:51.000000000 +0000 @@ -1,7 +1,7 @@ = net-http-persistent home :: https://github.com/drbrain/net-http-persistent -rdoc :: https://rdoc.info/gems/net-http-persistent +rdoc :: https://rubydoc.info/gems/net-http-persistent == DESCRIPTION: diff -pruN 4.0.2-2/debian/changelog 4.0.6-1/debian/changelog --- 4.0.2-2/debian/changelog 2024-02-07 10:59:51.000000000 +0000 +++ 4.0.6-1/debian/changelog 2025-10-26 16:20:53.000000000 +0000 @@ -1,3 +1,11 @@ +ruby-net-http-persistent (4.0.6-1) unstable; urgency=medium + + * Team upload. + * New upstream release. + * Update Standards-Version to 4.7.2, no changes needed. + + -- Simon Quigley Sun, 26 Oct 2025 11:20:53 -0500 + ruby-net-http-persistent (4.0.2-2) unstable; urgency=medium * Team upload. diff -pruN 4.0.2-2/debian/control 4.0.6-1/debian/control --- 4.0.2-2/debian/control 2024-02-07 10:59:51.000000000 +0000 +++ 4.0.6-1/debian/control 2025-10-26 16:19:23.000000000 +0000 @@ -7,7 +7,7 @@ Build-Depends: debhelper-compat (= 13), gem2deb (>= 1), rake, ruby-connection-pool (>= 2.2) -Standards-Version: 4.6.2 +Standards-Version: 4.7.2 Vcs-Git: https://salsa.debian.org/ruby-team/ruby-net-http-persistent.git Vcs-Browser: https://salsa.debian.org/ruby-team/ruby-net-http-persistent Homepage: https://github.com/drbrain/net-http-persistent diff -pruN 4.0.2-2/debian/gbp.conf 4.0.6-1/debian/gbp.conf --- 4.0.2-2/debian/gbp.conf 1970-01-01 00:00:00.000000000 +0000 +++ 4.0.6-1/debian/gbp.conf 2025-10-26 16:18:34.000000000 +0000 @@ -0,0 +1,4 @@ +[DEFAULT] +debian-branch = debian/latest +upstream-branch = upstream/latest +pristine-tar = True diff -pruN 4.0.2-2/debian/salsa-ci.yml 4.0.6-1/debian/salsa-ci.yml --- 4.0.2-2/debian/salsa-ci.yml 1970-01-01 00:00:00.000000000 +0000 +++ 4.0.6-1/debian/salsa-ci.yml 2025-10-26 16:18:34.000000000 +0000 @@ -0,0 +1,3 @@ +--- +include: + - https://salsa.debian.org/ruby-team/meta/raw/master/salsa-ci.yml diff -pruN 4.0.2-2/lib/net/http/persistent/timed_stack_multi.rb 4.0.6-1/lib/net/http/persistent/timed_stack_multi.rb --- 4.0.2-2/lib/net/http/persistent/timed_stack_multi.rb 2023-03-30 07:31:36.000000000 +0000 +++ 4.0.6-1/lib/net/http/persistent/timed_stack_multi.rb 2025-06-19 08:30:51.000000000 +0000 @@ -63,7 +63,8 @@ class Net::HTTP::Persistent::TimedStackM if @created >= @max && @enqueued >= 1 oldest, = @lru.first @lru.delete oldest - @ques[oldest].pop + connection = @ques[oldest].pop + connection.close if connection.respond_to?(:close) @created -= 1 end diff -pruN 4.0.2-2/lib/net/http/persistent.rb 4.0.6-1/lib/net/http/persistent.rb --- 4.0.2-2/lib/net/http/persistent.rb 2023-03-30 07:31:36.000000000 +0000 +++ 4.0.6-1/lib/net/http/persistent.rb 2025-06-19 08:30:51.000000000 +0000 @@ -47,9 +47,8 @@ autoload :OpenSSL, 'openssl' # # perform the POST, the URI is always required # response http.request post_uri, post # -# Note that for GET, HEAD and other requests that do not have a body you want -# to use URI#request_uri not URI#path. The request_uri contains the query -# params which are sent in the body for other requests. +# ⚠ Note that for GET, HEAD and other requests that do not have a body, +# it uses URI#request_uri as default to send query params # # == TLS/SSL # @@ -65,6 +64,7 @@ autoload :OpenSSL, 'openssl' # #ca_path :: Directory with certificate-authorities # #cert_store :: An SSL certificate store # #ciphers :: List of SSl ciphers allowed +# #extra_chain_cert :: Extra certificates to be added to the certificate chain # #private_key :: The client's SSL private key # #reuse_ssl_sessions :: Reuse a previously opened SSL session for a new # connection @@ -73,6 +73,8 @@ autoload :OpenSSL, 'openssl' # #verify_callback :: For server certificate verification # #verify_depth :: Depth of certificate verification # #verify_mode :: How connections should be verified +# #verify_hostname :: Use hostname verification for server certificate +# during the handshake # # == Proxies # @@ -179,7 +181,7 @@ class Net::HTTP::Persistent ## # The version of Net::HTTP::Persistent you are using - VERSION = '4.0.2' + VERSION = '4.0.6' ## # Error class for errors raised by Net::HTTP::Persistent. Various @@ -271,6 +273,11 @@ class Net::HTTP::Persistent attr_reader :ciphers ## + # Extra certificates to be added to the certificate chain + + attr_reader :extra_chain_cert + + ## # Sends debug_output to this IO via Net::HTTP#set_debug_output. # # Never use this method in production code, it causes a serious security @@ -455,6 +462,21 @@ class Net::HTTP::Persistent attr_reader :verify_mode ## + # HTTPS verify_hostname. + # + # If a client sets this to true and enables SNI with SSLSocket#hostname=, + # the hostname verification on the server certificate is performed + # automatically during the handshake using + # OpenSSL::SSL.verify_certificate_identity(). + # + # You can set +verify_hostname+ as true to use hostname verification + # during the handshake. + # + # NOTE: This works with Ruby > 3.0. + + attr_reader :verify_hostname + + ## # Creates a new Net::HTTP::Persistent. # # Set a +name+ for fun. Your library name should be good enough, but this @@ -513,6 +535,7 @@ class Net::HTTP::Persistent @verify_callback = nil @verify_depth = nil @verify_mode = nil + @verify_hostname = nil @cert_store = nil @generation = 0 # incremented when proxy URI changes @@ -574,6 +597,21 @@ class Net::HTTP::Persistent reconnect_ssl end + if Net::HTTP.method_defined?(:extra_chain_cert=) + ## + # Extra certificates to be added to the certificate chain. + # It is only supported starting from Net::HTTP version 0.1.1 + def extra_chain_cert= extra_chain_cert + @extra_chain_cert = extra_chain_cert + + reconnect_ssl + end + else + def extra_chain_cert= _extra_chain_cert + raise "extra_chain_cert= is not supported by this version of Net::HTTP" + end + end + ## # Creates a new connection for +uri+ @@ -592,37 +630,49 @@ class Net::HTTP::Persistent connection = @pool.checkout net_http_args - http = connection.http + begin + http = connection.http - connection.ressl @ssl_generation if - connection.ssl_generation != @ssl_generation + connection.ressl @ssl_generation if + connection.ssl_generation != @ssl_generation - if not http.started? then - ssl http if use_ssl - start http - elsif expired? connection then - reset connection - end - - http.keep_alive_timeout = @idle_timeout if @idle_timeout - http.max_retries = @max_retries if http.respond_to?(:max_retries=) - http.read_timeout = @read_timeout if @read_timeout - http.write_timeout = @write_timeout if - @write_timeout && http.respond_to?(:write_timeout=) + if not http.started? then + ssl http if use_ssl + start http + elsif expired? connection then + reset connection + end - return yield connection - rescue Errno::ECONNREFUSED - address = http.proxy_address || http.address - port = http.proxy_port || http.port + http.keep_alive_timeout = @idle_timeout if @idle_timeout + http.max_retries = @max_retries if http.respond_to?(:max_retries=) + http.read_timeout = @read_timeout if @read_timeout + http.write_timeout = @write_timeout if + @write_timeout && http.respond_to?(:write_timeout=) + + return yield connection + rescue Errno::ECONNREFUSED + if http.proxy? + address = http.proxy_address + port = http.proxy_port + else + address = http.address + port = http.port + end - raise Error, "connection refused: #{address}:#{port}" - rescue Errno::EHOSTDOWN - address = http.proxy_address || http.address - port = http.proxy_port || http.port + raise Error, "connection refused: #{address}:#{port}" + rescue Errno::EHOSTDOWN + if http.proxy? + address = http.proxy_address + port = http.proxy_port + else + address = http.address + port = http.port + end - raise Error, "host down: #{address}:#{port}" - ensure - @pool.checkin net_http_args + raise Error, "host down: #{address}:#{port}" + ensure + @pool.checkin net_http_args + end end ## @@ -947,7 +997,8 @@ class Net::HTTP::Persistent end ## - # Shuts down all connections + # Shuts down all connections. Attempting to checkout a connection after + # shutdown will raise an error. # # *NOTE*: Calling shutdown for can be dangerous! # @@ -959,6 +1010,17 @@ class Net::HTTP::Persistent end ## + # Discard all existing connections. Subsequent checkouts will create + # new connections as needed. + # + # If any thread is still using a connection it may cause an error! Call + # #reload when you are completely done making requests! + + def reload + @pool.reload { |http| http.finish } + end + + ## # Enables SSL on +connection+ def ssl connection @@ -970,8 +1032,10 @@ class Net::HTTP::Persistent connection.min_version = @min_version if @min_version connection.max_version = @max_version if @max_version - connection.verify_depth = @verify_depth - connection.verify_mode = @verify_mode + connection.verify_depth = @verify_depth + connection.verify_mode = @verify_mode + connection.verify_hostname = @verify_hostname if + @verify_hostname != nil && connection.respond_to?(:verify_hostname=) if OpenSSL::SSL::VERIFY_PEER == OpenSSL::SSL::VERIFY_NONE and not Object.const_defined?(:I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG) then @@ -1013,6 +1077,10 @@ application: connection.key = @private_key end + if defined?(@extra_chain_cert) and @extra_chain_cert + connection.extra_chain_cert = @extra_chain_cert + end + connection.cert_store = if @cert_store then @cert_store else @@ -1081,6 +1149,15 @@ application: end ## + # Sets the HTTPS verify_hostname. + + def verify_hostname= verify_hostname + @verify_hostname = verify_hostname + + reconnect_ssl + end + + ## # SSL verification callback. def verify_callback= callback @@ -1092,4 +1169,3 @@ end require_relative 'persistent/connection' require_relative 'persistent/pool' - diff -pruN 4.0.2-2/net-http-persistent.gemspec 4.0.6-1/net-http-persistent.gemspec --- 4.0.2-2/net-http-persistent.gemspec 2023-03-30 07:31:36.000000000 +0000 +++ 4.0.6-1/net-http-persistent.gemspec 2025-06-19 08:30:51.000000000 +0000 @@ -2,17 +2,17 @@ # This file has been automatically generated by gem2tgz # ######################################################### # -*- encoding: utf-8 -*- -# stub: net-http-persistent 4.0.2 ruby lib +# stub: net-http-persistent 4.0.6 ruby lib Gem::Specification.new do |s| s.name = "net-http-persistent".freeze - s.version = "4.0.2" + s.version = "4.0.6" s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version= s.metadata = { "homepage_uri" => "https://github.com/drbrain/net-http-persistent" } if s.respond_to? :metadata= s.require_paths = ["lib".freeze] s.authors = ["Eric Hodel".freeze] - s.date = "2023-03-29" + s.date = "2025-05-29" s.description = "Manages persistent connections using Net::HTTP including a thread pool for\nconnecting to multiple hosts.\n\nUsing persistent HTTP connections can dramatically increase the speed of HTTP.\nCreating a new HTTP connection for every request involves an extra TCP\nround-trip and causes TCP congestion avoidance negotiation to start over.\n\nNet::HTTP supports persistent connections with some API methods but does not\nmake setting up a single persistent connection or managing multiple\nconnections easy. Net::HTTP::Persistent wraps Net::HTTP and allows you to\nfocus on how to make HTTP requests.".freeze s.email = ["drbrain@segment7.net".freeze] s.extra_rdoc_files = ["History.txt".freeze, "Manifest.txt".freeze, "README.rdoc".freeze] @@ -21,7 +21,7 @@ Gem::Specification.new do |s| s.licenses = ["MIT".freeze] s.rdoc_options = ["--main".freeze, "README.rdoc".freeze] s.required_ruby_version = Gem::Requirement.new(">= 2.4".freeze) - s.rubygems_version = "3.2.5".freeze + s.rubygems_version = "3.3.15".freeze s.summary = "Manages persistent connections using Net::HTTP including a thread pool for connecting to multiple hosts".freeze if s.respond_to? :specification_version then @@ -29,8 +29,8 @@ Gem::Specification.new do |s| end if s.respond_to? :add_runtime_dependency then - s.add_runtime_dependency(%q.freeze, ["~> 2.2"]) + s.add_runtime_dependency(%q.freeze, ["~> 2.2", ">= 2.2.4"]) else - s.add_dependency(%q.freeze, ["~> 2.2"]) + s.add_dependency(%q.freeze, ["~> 2.2", ">= 2.2.4"]) end end diff -pruN 4.0.2-2/test/test_net_http_persistent.rb 4.0.6-1/test/test_net_http_persistent.rb --- 4.0.2-2/test/test_net_http_persistent.rb 2023-03-30 07:31:36.000000000 +0000 +++ 4.0.6-1/test/test_net_http_persistent.rb 2025-06-19 08:30:51.000000000 +0000 @@ -116,6 +116,9 @@ class TestNetHttpPersistent < Minitest:: end def proxy_port end + def proxy? + false + end end def basic_connection @@ -244,6 +247,14 @@ class TestNetHttpPersistent < Minitest:: assert_equal 1, @http.ssl_generation end + def test_extra_chain_cert_equals + skip 'extra_chain_cert is not supported by Net::HTTP' unless Net::HTTP.method_defined?(:extra_chain_cert) + @http.extra_chain_cert = :extra_chain_cert + + assert_equal :extra_chain_cert, @http.extra_chain_cert + assert_equal 1, @http.ssl_generation + end + def test_connection_for @http.open_timeout = 123 @http.read_timeout = 321 @@ -269,6 +280,16 @@ class TestNetHttpPersistent < Minitest:: assert_same used, stored end + def test_connection_for_exhaustion + @http = Net::HTTP::Persistent.new pool_size: 0 + + assert_raises Timeout::Error do + @http.connection_for @uri do |c| + assert_same nil, c + end + end + end + def test_connection_for_cached cached = basic_connection cached.http.start @@ -1244,6 +1265,17 @@ class TestNetHttpPersistent < Minitest:: refute c2.http.finished?, 'present generation connection must not be finished' end + def test_reload + c = connection + + @http.reload + + c2 = connection + + assert c.http.finished?, 'last-generation connection must be finished' + refute c2.http.finished?, 'present generation connection must not be finished' + end + def test_ssl skip 'OpenSSL is missing' unless HAVE_OPENSSL @@ -1256,6 +1288,7 @@ class TestNetHttpPersistent < Minitest:: assert_equal OpenSSL::SSL::VERIFY_PEER, c.verify_mode assert_kind_of OpenSSL::X509::Store, c.cert_store assert_nil c.verify_callback + assert_nil c.verify_hostname if c.respond_to?(:verify_hostname) end def test_ssl_ca_file @@ -1339,6 +1372,49 @@ class TestNetHttpPersistent < Minitest:: assert_equal OpenSSL::SSL::VERIFY_NONE, c.verify_mode end + def test_ssl_enable_verify_hostname + skip 'OpenSSL is missing' unless HAVE_OPENSSL + + @http.verify_hostname = true + c = Net::HTTP.new 'localhost', 80 + + skip 'net/http doesn\'t provide verify_hostname= method' unless + c.respond_to?(:verify_hostname=) + + @http.ssl c + + assert c.use_ssl? + assert c.verify_hostname + end + + def test_ssl_disable_verify_hostname + skip 'OpenSSL is missing' unless HAVE_OPENSSL + + @http.verify_hostname = false + c = Net::HTTP.new 'localhost', 80 + + skip 'net/http doesn\'t provide verify_hostname= method' unless + c.respond_to?(:verify_hostname=) + + @http.ssl c + + assert c.use_ssl? + assert c.verify_hostname == false + end + + def test_ssl_extra_chain_cert + skip 'OpenSSL is missing' unless HAVE_OPENSSL + skip 'extra_chain_cert is not supported by Net::HTTP' unless Net::HTTP.method_defined?(:extra_chain_cert) + + @http.extra_chain_cert = :extra_chain_cert + c = Net::HTTP.new 'localhost', 80 + + @http.ssl c + + assert c.use_ssl? + assert_equal :extra_chain_cert, c.extra_chain_cert + end + def test_ssl_warning skip 'OpenSSL is missing' unless HAVE_OPENSSL @@ -1455,4 +1531,3 @@ class TestNetHttpPersistent < Minitest:: end end end - diff -pruN 4.0.2-2/test/test_net_http_persistent_timed_stack_multi.rb 4.0.6-1/test/test_net_http_persistent_timed_stack_multi.rb --- 4.0.2-2/test/test_net_http_persistent_timed_stack_multi.rb 2023-03-30 07:31:36.000000000 +0000 +++ 4.0.6-1/test/test_net_http_persistent_timed_stack_multi.rb 2025-06-19 08:30:51.000000000 +0000 @@ -4,10 +4,15 @@ require 'net/http/persistent' class TestNetHttpPersistentTimedStackMulti < Minitest::Test class Connection - attr_reader :host + attr_reader :host, :closed def initialize(host) @host = host + @closed = false + end + + def close + @closed = true end end @@ -57,7 +62,7 @@ class TestNetHttpPersistentTimedStackMul @stack.pop timeout: 0 end - assert_match 'Waited 0 sec', e.message + assert_includes e.message, 'Waited 0 sec' end def test_pop_full @@ -69,6 +74,18 @@ class TestNetHttpPersistentTimedStackMul assert_empty stack end + def test_pop_closes_extra_connections + stack = Net::HTTP::Persistent::TimedStackMulti.new(1) { |host| Connection.new(host) } + + a_conn = stack.pop connection_args: 'a.example' + stack.push a_conn, connection_args: 'a.example' + + b_conn = stack.pop connection_args: 'b.example' + + assert a_conn.closed + refute b_conn.closed + end + def test_pop_wait thread = Thread.start do @stack.pop