class OpenSSL::SSL::SSLSocket
Public Class Methods
(*untyped) → void
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9297
def initialize: (*untyped) -> void
Creates a new SSL socket from io which must be a real IO object (not an IO-like object that responds to read/write).
If ctx is provided the SSL Sockets initial params will be taken from the context.
The OpenSSL::Buffering module provides additional IO methods.
This method will freeze the SSLContext if one is provided; however, session management is still allowed in the frozen SSLContext.
(untyped remote_host, untyped remote_port, ?untyped local_host, ?untyped local_port, ?context: untyped) → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 8976
def self.open: (untyped remote_host, untyped remote_port, ?untyped local_host, ?untyped local_port, ?context: untyped) -> untyped
Creates a new instance of SSLSocket. remote_host and remote_port are used to open TCPSocket. If local_host and local_port are specified, then those parameters are used on the local end to establish the connection. If context is provided, the SSL Sockets initial params will be taken from the context.
Examples
sock = OpenSSL::SSL::SSLSocket.open('localhost', 443) sock.connect # Initiates a connection to localhost:443
with SSLContext:
ctx = OpenSSL::SSL::SSLContext.new sock = OpenSSL::SSL::SSLSocket.open('localhost', 443, context: ctx) sock.connect # Initiates a connection to localhost:443 with SSLContext
Public Instance Methods
() → self
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 8984
def accept: () -> self
Waits for a SSL/TLS client to initiate a handshake.
(?exception: true) → self
(exception: false) → (self | :wait_readable | :wait_writable)
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9008
def accept_nonblock: (?exception: true) -> self
| (exception: false) -> (self | :wait_readable | :wait_writable)
Initiates the SSL/TLS handshake as a server in non-blocking manner.
# emulates blocking accept begin ssl.accept_nonblock rescue IO::WaitReadable IO.select([s2]) retry rescue IO::WaitWritable IO.select(nil, [s2]) retry end
By specifying a keyword argument exception to false, you can indicate that accept_nonblock should not raise an IO::WaitReadable or IO::WaitWritable exception, but return the symbol :wait_readable or :wait_writable instead.
() → String?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9018
def alpn_protocol: () -> String?
Returns the ALPN protocol string that was finally selected by the server during the handshake.
() → X509::Certificate?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9026
def cert: () -> X509::Certificate?
The X509 certificate for this socket endpoint.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9035
def cipher: () -> [ String, String, Integer, Integer ]?
Returns the cipher suite actually used in the current session, or nil if no session has been established.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9048
def client_ca: () -> (Array[X509::Name] | Array[X509::Certificate] | X509::Certificate)
Returns the list of client CAs. Please note that in contrast to SSLContext#client_ca= no array of X509::Certificate is returned but X509::Name instances of the CA’s subject distinguished name.
In server mode, returns the list set by SSLContext#client_ca=. In client mode, returns the list of client CAs sent from the server.
() → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9279
def client_cert_cb: () -> untyped
() → self
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9056
def connect: () -> self
Initiates an SSL/TLS handshake with a server.
(?exception: true) → self
(exception: false) → (self | :wait_readable | :wait_writable)
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9080
def connect_nonblock: (?exception: true) -> self
| (exception: false) -> (self | :wait_readable | :wait_writable)
Initiates the SSL/TLS handshake as a client in non-blocking manner.
# emulates blocking connect begin ssl.connect_nonblock rescue IO::WaitReadable IO.select([s2]) retry rescue IO::WaitWritable IO.select(nil, [s2]) retry end
By specifying a keyword argument exception to false, you can indicate that connect_nonblock should not raise an IO::WaitReadable or IO::WaitWritable exception, but return the symbol :wait_readable or :wait_writable instead.
() → SSLContext
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9086
def context: () -> SSLContext
The SSLContext object used in this connection.
() → String?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9094
def finished_message: () -> String?
Returns the last Finished message sent
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9096
def hostname: () -> String?
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9105
def hostname=: (String) -> String
Sets the server hostname used for SNI. This needs to be set before SSLSocket#connect.
() → BasicSocket
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9110
def io: () -> BasicSocket
The underlying IO object.
() → String?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9119
def npn_protocol: () -> String?
Returns the protocol string that was finally selected by the client during the handshake.
() → X509::Certificate?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9127
def peer_cert: () -> X509::Certificate?
The X509 certificate for this socket’s peer.
() → Array[X509::Certificate]?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9135
def peer_cert_chain: () -> Array[X509::Certificate]?
The X509 certificate chain for this socket’s peer.
() → String?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9143
def peer_finished_message: () -> String?
Returns the last Finished message received
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9151
def pending: () -> Integer
The number of bytes that are immediately available for reading.
(String hostname) → true
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9162
def post_connection_check: (String hostname) -> true
Perform hostname verification following RFC 6125.
This method MUST be called after calling connect to ensure that the hostname of a remote peer has been verified.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9171
def session: () -> Session?
Returns the SSLSession object currently used, or nil if the session is not established.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9179
def session=: (Session) -> Session
Sets the Session to be used when the connection is established.
() → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9304
def session_get_cb: () -> untyped
() → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9311
def session_new_cb: () -> untyped
() → bool
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9187
def session_reused?: () -> bool
Returns true if a reused session was negotiated during the handshake.
() → tls_version
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9196
def ssl_version: () -> tls_version
Returns a String representing the SSL/TLS version that was negotiated for the connection, for example “TLSv1.2”.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9205
def state: () -> String
A description of the current connection state. This is for diagnostic purposes only.
() → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9320
def stop: () -> untyped
Sends “close notify” to the peer and tries to shut down the SSL connection gracefully.
() → bool
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9211
def sync_close: () -> bool
Whether to close the underlying socket as well, when the SSL/TLS connection is shut down. This defaults to false.
[U] (boolish) → U
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9217
def sync_close=: [U] (boolish) -> U
Whether to close the underlying socket as well, when the SSL/TLS connection is shut down. This defaults to false.
() → nil
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9228
def sysclose: () -> nil
Sends “close notify” to the peer and tries to shut down the SSL connection gracefully.
If sync_close is set to true, the underlying IO is also closed.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9238
def sysread: (Integer length, ?String buffer) -> String
Reads length bytes from the SSL connection. If a pre-allocated buffer is provided the data will be written into it.
(*untyped) → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9335
def sysread_nonblock: (*untyped) -> untyped
A non-blocking version of sysread. Raises an SSLError if reading would block. If “exception: false” is passed, this method returns a symbol of :wait_readable, :wait_writable, or nil, rather than raising an exception.
Reads length bytes from the SSL connection. If a pre-allocated buffer is provided the data will be written into it.
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9246
def syswrite: (String data) -> Integer
Writes string to the SSL connection.
(*untyped) → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9344
def syswrite_nonblock: (*untyped) -> untyped
() → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9351
def tmp_dh_callback: () -> untyped
() → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9358
def tmp_ecdh_callback: () -> untyped
() → PKey::PKey?
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9254
def tmp_key: () -> PKey::PKey?
Returns the ephemeral key used in case of forward secrecy cipher.
() → untyped
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9365
def using_anon_cipher?: () -> untyped
() → Integer
Source
# File vendor/bundle/ruby/4.0.0/gems/rbs-4.0.3/stdlib/openssl/0/openssl.rbs, line 9270
def verify_result: () -> Integer
Returns the result of the peer certificates verification. See verify(1) for error values and descriptions.
If no peer certificate was presented X509_V_OK is returned.