(PUP-744) Expand scope of OpenSSL rescue block
The persistent http connection work introduced a regression,
preventing the agent from displaying useful error messages when SSL
verification fails, e.g. the server's SSL certificate doesn't match
the hostname the agent tried to connect to. The connection_spec test
didn't catch the issue, because those tests execute with the
non-caching pool, which always uses non-persistent connections.
The root cause is because the Connection class assumed http
connections are started by ruby in the Net::HTTP#request
method, so the OpenSSL rescue block wrapped that call.
However, in order to use persistent http connection, the caller needs
to explicitly start the connection prior to calling Net::HTTP#request,
which happens in the outer Connection#with_connection method.
This commit expands the scope of the rescue block. This way we receive
meaningful error messages if the connection is started explicitly for
persistent connections, or on-demand for non-persistent connections. It
also executes the ssl verification tests using persistent connections.
Also note that with_connection is private, so the fact that
Pool#with_connection or Net::HTTP#request can start the connection
is not visible to users of the Connection class.