arachni-rpc-em 0.1

data/lib/arachni/rpc/em/ssl.rb

@@ -0,0 +1,180 @@
+=begin
+                  Arachni-RPC
+  Copyright (c) 2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+
+=end
+
+require 'openssl'
+
+#
+# Adds support for a few helper methods to X509 certs.
+#
+# @see https://gist.github.com/1151454
+#
+class OpenSSL::X509::Certificate
+
+    def ==( other )
+        other.respond_to?( :to_pem ) && to_pem == other.to_pem
+    end
+
+    # A serial *must* be unique for each certificate. Self-signed certificates,
+    # and thus root CA certificates, have the same `issuer' as `subject'.
+    def top_level?
+        serial == serial && issuer.to_s == subject.to_s
+    end
+
+    alias_method :root?, :top_level?
+    alias_method :self_signed?, :top_level?
+end
+
+module Arachni
+module RPC
+module EM
+
+#
+# Adds support for SSL and peer verification.
+#
+# To be included by EventMachine::Connection classes.
+#
+# @see https://gist.github.com/1151454
+#
+# @author: Tasos "Zapotek" Laskos
+#                                      <tasos.laskos@gmail.com>
+#                                      <zapotek@segfault.gr>
+# @version: 0.1
+#
+module SSL
+
+    include ::Arachni::RPC::EM::ConnectionUtilities
+
+    #
+    # Starts SSL with the supplied keys, certs etc.
+    #
+    def start_ssl
+        @verified_peer = false
+        @ssl_requested = true
+
+        ssl_opts = {}
+        if ssl_opts?
+
+            ssl_opts = {
+                    :private_key_file => @opts[:ssl_pkey],
+                    :cert_chain_file  => @opts[:ssl_cert],
+                    :verify_peer      => true
+                }
+
+            @last_seen_cert = nil
+        end
+
+        # ap ssl_opts
+        start_tls( ssl_opts )
+    end
+
+    def verified_peer?
+        @verified_peer
+    end
+
+    #
+    # Cleans up any SSL related resources.
+    #
+    def end_ssl
+    end
+
+    #
+    # To be implemented by the parent.
+    #
+    # By default, it will 'warn' if the severity is :error and will 'raise'
+    # if the severity if :fatal.
+    #
+    # @param    [Symbol]    severity    :fatal, :error, :warn, :info, :debug
+    # @param    [String]    progname    name of the component that performed the action
+    # @param    [String]    msg         message to log
+    #
+    def log( severity, progname, msg )
+        warn "#{progname}: #{msg}" if severity == :error
+        raise "#{progname}: #{msg}" if severity == :fatal
+    end
+
+    #
+    # @return   [OpenSSL::X509::Store]  certificate store
+    #
+    def ca_store
+        if !@ca_store
+            if file = @opts[:ssl_ca]
+                @ca_store = OpenSSL::X509::Store.new
+                @ca_store.add_file( file )
+            else
+                raise "No CA certificate has been provided."
+            end
+        end
+
+        return @ca_store
+    end
+
+    #
+    # Verifies the peer cert based on the {#ca_store}.
+    #
+    # @see http://eventmachine.rubyforge.org/EventMachine/Connection.html#M000271
+    #
+    def ssl_verify_peer( cert_string )
+
+        cert = OpenSSL::X509::Certificate.new( cert_string )
+
+        # Some servers send the same certificate multiple times. I'm not even
+        # joking... (gmail.com)
+        return true if cert == @last_seen_cert
+
+        if ca_store.verify( cert )
+            @last_seen_cert = cert
+
+            # A server may send the root certificate, which we already have and thus
+            # should not be added to the store again.
+            ca_store.add_cert( @last_seen_cert ) if !@last_seen_cert.root?
+
+            @verified_peer = true
+            return true
+        else
+            log( :error, 'SSL',
+                "#{ca_store.error_string.capitalize} ['#{peer_ip_addr}']."
+            )
+            return false
+        end
+    end
+
+    #
+    # Checks for an appropriate server cert hostname if run from the client-side.
+    #
+    # Does nothing when on the server-side.
+    #
+    # @see http://eventmachine.rubyforge.org/EventMachine/Connection.html#M000270
+    #
+    def ssl_handshake_completed
+        if are_we_a_client? && ssl_opts? &&
+           !OpenSSL::SSL.verify_certificate_identity( @last_seen_cert,
+                @opts[:host] )
+
+            log( :error, 'SSL',
+                "The hostname '#{@server.opts[:host]}' " +
+                "does not match the server certificate."
+            )
+
+            connection_close
+        end
+    end
+
+    def are_we_a_client?
+        @opts[:role] == :client
+    end
+
+    def ssl_opts?
+        @opts[:ssl_ca] && @opts[:ssl_pkey] && @opts[:ssl_cert]
+    end
+
+end
+end
+end
+end

data/lib/arachni/rpc/em/version.rb

@@ -0,0 +1,17 @@
+=begin
+                  Arachni-RPC
+  Copyright (c) 2011 Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
+
+  This is free software; you can copy and distribute and modify
+  this program under the term of the GPL v2.0 License
+  (See LICENSE file for details)
+
+=end
+
+module Arachni
+module RPC
+module EM
+    VERSION = '0.1'
+end
+end
+end

data/spec/arachni/rpc/em/client_spec.rb

@@ -0,0 +1,211 @@
+require File.join( File.expand_path( File.dirname( __FILE__ ) ), '../../../', 'spec_helper' )
+
+describe Arachni::RPC::EM::Client do
+
+    before( :all ) do
+        @arg = [
+            'one',
+            2,
+            { :three => 3 },
+            [ 4 ]
+        ]
+    end
+
+    describe "#initialize" do
+        it "should be able to properly assign class options (including :role)" do
+            opts = rpc_opts.merge( :role => :client )
+            start_client( opts ).opts.should == opts
+        end
+    end
+
+    describe "raw interface" do
+
+        context "when using Threads" do
+
+            it "should be able to perform synchronous calls" do
+                @arg.should == start_client( rpc_opts ).call( 'test.foo', @arg )
+            end
+
+            it "should be able to perform asynchronous calls" do
+                start_client( rpc_opts ).call( 'test.foo', @arg ) {
+                    |res|
+                    @arg.should == res
+                    ::EM.stop
+                }
+                Arachni::RPC::EM.block!
+            end
+        end
+
+        context "when run inside the Reactor loop" do
+
+            it "should be able to perform synchronous calls" do
+                ::EM.run do
+
+                    ::Arachni::RPC::EM::Synchrony.run do
+                        @arg.should == start_client( rpc_opts ).call( 'test.foo', @arg )
+                        ::EM.stop
+                    end
+                end
+            end
+
+            it "should be able to perform asynchronous calls" do
+                ::EM.run do
+
+                    start_client( rpc_opts ).call( 'test.foo', @arg ) {
+                        |res|
+                        res.should == @arg
+                        ::EM.stop
+                    }
+
+                end
+            end
+
+        end
+    end
+
+    describe "Arachni::RPC::RemoteObjectMapper interface" do
+        it "should be able to properly forward synchronous calls" do
+            test = Arachni::RPC::RemoteObjectMapper.new( start_client( rpc_opts ), 'test' )
+            test.foo( @arg ).should == @arg
+            # ::EM.stop
+        end
+
+        it "should be able to properly forward synchronous calls" do
+            test = Arachni::RPC::RemoteObjectMapper.new( start_client( rpc_opts ), 'test' )
+            test.foo( @arg ) {
+                |res|
+                res.should == @arg
+                ::EM.stop
+            }
+            Arachni::RPC::EM.block!
+        end
+    end
+
+    describe "exception" do
+        context 'when performing asynchronous calls' do
+
+            it "should be returned when requesting inexistent objects" do
+                start_client( rpc_opts ).call( 'bar.foo' ) {
+                    |res|
+                    res.rpc_invalid_object_error?.should be_true
+                    ::EM.stop
+                }
+                Arachni::RPC::EM.block!
+            end
+
+            it "should be returned when requesting inexistent or non-public methods" do
+                start_client( rpc_opts ).call( 'test.bar' ) {
+                    |res|
+                    res.rpc_invalid_method_error?.should be_true
+                    ::EM.stop
+                }
+                Arachni::RPC::EM.block!
+            end
+
+            it "should be returned when there's a remote exception" do
+                start_client( rpc_opts ).call( 'test.foo' ) {
+                    |res|
+                    res.rpc_remote_exception?.should be_true
+                    ::EM.stop
+                }
+                Arachni::RPC::EM.block!
+            end
+
+        end
+
+        context 'when performing synchronous calls' do
+
+            it "should be raised when requesting inexistent objects" do
+                begin
+                    start_client( rpc_opts ).call( 'bar2.foo' )
+                rescue Exception => e
+                    e.rpc_invalid_object_error?.should be_true
+                end
+            end
+
+            it "should be raised when requesting inexistent or non-public methods" do
+                begin
+                    start_client( rpc_opts ).call( 'test.bar2' )
+                rescue Exception => e
+                    e.rpc_invalid_method_error?.should be_true
+                end
+
+            end
+
+            it "should be raised when there's a remote exception" do
+                begin
+                    start_client( rpc_opts ).call( 'test.foo' )
+                rescue Exception => e
+                    e.rpc_remote_exception?.should be_true
+                end
+            end
+
+        end
+    end
+
+    it "should be able to retain stability and consistency under heavy load" do
+        client = start_client( rpc_opts )
+
+        n    = 1000
+        cnt  = 0
+
+        mismatches = []
+
+        n.times {
+            |i|
+            client.call( 'test.foo', i ) {
+                |res|
+
+                cnt += 1
+
+                mismatches << [i, res] if i != res
+                ::EM.stop if cnt == n || !mismatches.empty?
+            }
+        }
+
+        Arachni::RPC::EM.block!
+
+        mismatches.should be_empty
+    end
+
+    it "should throw error when connecting to inexistent server" do
+        start_client( rpc_opts.merge( :port => 9999 ) ).call( 'test.foo', @arg ) {
+            |res|
+            res.rpc_connection_error?.should be_true
+            ::EM.stop
+        }
+        Arachni::RPC::EM.block!
+    end
+
+    context "when using valid SSL primitives" do
+        it "should be able to establish a connection" do
+            res = start_client( rpc_opts_with_ssl_primitives ).call( 'test.foo', @arg )
+            res.should == @arg
+            ::EM.stop
+        end
+    end
+
+    context "when using invalid SSL primitives" do
+        it "should not be able to establish a connection" do
+            start_client( rpc_opts_with_invalid_ssl_primitives ).call( 'test.foo', @arg ){
+                |res|
+                res.rpc_connection_error?.should be_true
+                ::EM.stop
+            }
+            Arachni::RPC::EM.block!
+        end
+    end
+
+    context "when using mixed SSL primitives" do
+        it "should not be able to establish a connection" do
+            start_client( rpc_opts_with_mixed_ssl_primitives ).call( 'test.foo', @arg ){
+                |res|
+                res.rpc_connection_error?.should be_true
+                res.rpc_ssl_error?.should be_true
+                ::EM.stop
+            }
+            Arachni::RPC::EM.block!
+        end
+    end
+
+end

data/spec/arachni/rpc/em/em_spec.rb

@@ -0,0 +1,4 @@
+require File.join( File.expand_path( File.dirname( __FILE__ ) ), '../../../', 'spec_helper' )
+
+describe Arachni::RPC::EM do
+end

data/spec/arachni/rpc/em/server_spec.rb

@@ -0,0 +1,79 @@
+require File.join( File.expand_path( File.dirname( __FILE__ ) ), '../../../', 'spec_helper' )
+
+class Arachni::RPC::EM::Server
+    public :async?, :async_check, :object_exist?, :public_method?
+    attr_accessor :proxy
+end
+
+describe Arachni::RPC::EM::Server do
+
+    before( :all ) do
+        @opts = rpc_opts.merge( :port => 7333 )
+        @server, t = start_server( @opts )
+    end
+
+    describe "#initialize" do
+        it "should be able to properly setup class options" do
+            @server.opts.should == @opts
+        end
+    end
+
+    it "should retain the supplied token" do
+        @server.token.should == @opts[:token]
+    end
+
+    it "should have a Logger" do
+        @server.logger.class.should == ::Logger
+    end
+
+    describe "#alive?" do
+        subject { @server.alive? }
+        it { should == true }
+    end
+
+    describe "#async?" do
+
+        it "should return true for async methods" do
+            @server.async?( 'test', 'async_foo' ).should be_true
+        end
+
+        it "should return false for sync methods" do
+            @server.async?( 'test', 'foo' ).should be_false
+        end
+    end
+
+    describe "#async_check" do
+
+        it "should return true for async methods" do
+            @server.async_check( Test.new.method( :async_foo ) ).should be_true
+        end
+
+        it "should return false for sync methods" do
+            @server.async_check( Test.new.method( :foo ) ).should be_false
+        end
+    end
+
+    describe "#object_exist?" do
+
+        it "should return true for valid objects" do
+            @server.object_exist?( 'test' ).should be_true
+        end
+
+        it "should return false for inexistent objects" do
+            @server.object_exist?( 'foo' ).should be_false
+        end
+    end
+
+    describe "#public_method?" do
+
+        it "should return true for public methods" do
+            @server.public_method?( 'test', 'foo' ).should be_true
+        end
+
+        it "should return false for inexistent or non-public methods" do
+            @server.public_method?( 'test', 'bar' ).should be_false
+        end
+    end
+
+end
+