equity 0.5

data/bin/equity

@@ -0,0 +1,294 @@
+#!/usr/bin/env ruby
+#
+#  equity 0.5 - queueing software load balancer with transmission inspection
+#               and simple HTTP header rewriting
+#
+#  Usage: equity [-dp] [-h "Header: Value"] <listen-port> [<node-address>:]<node-port> ...
+#  Run equity with no arguments for detailed usage information.
+#
+
+require 'socket'
+require 'equity/node'
+require 'equity/manager'
+require 'getoptlong'
+
+# Returns a string that can be used to identify a particular node in debugging
+# messages. At the moment this returns the address and port of the client being
+# served by the node.
+def client_id(node)
+  if node.connected?
+    "#{node.client_address}:#{node.client_port}"
+  else
+    "not connected"
+  end
+end
+
+# Prints a debug message if debugging is enabled.
+def debug(socket, message)
+  return unless $debugging
+  if socket
+    if node = Equity::Node.with_socket(socket)
+      client_id = client_id(node)
+    else
+      client_id = nil
+      begin
+        nameinfo = Socket.getnameinfo(socket.getpeername,
+          Socket::NI_NUMERICHOST | Socket::NI_NUMERICSERV)
+        client_id = "#{nameinfo[0]}:#{nameinfo[1]}"
+      rescue
+        client_id = "???:???"
+      end
+    end
+    print "[#{client_id}] "
+  end
+  puts message
+end
+
+# Prints data in hex and ASCII if packet dumping is enabled.
+BYTES_PER_PACKET_LINE = 16
+SAFE_PACKET_RX = (32..126).to_a.collect! {|n| n.chr}.join("").sub!(/[\[\]]/, '\\\1')
+def dump_packet(data, src, dst)
+  return unless $dump_packets
+  
+  node = Equity::Node.with_socket(src) || return
+  to_server = (src == node.sockets.first)
+  arrow = (to_server ? "--->" : "<---")
+  print "[#{client_id(node)}] #{arrow} #{node.address}:#{node.port}\n\n"
+  
+  data = data.dup
+  until data.empty?
+    bytes = data.slice!(0, BYTES_PER_PACKET_LINE)
+    hex = bytes.unpack("H*").first + ("  " * (BYTES_PER_PACKET_LINE - bytes.length))
+    hex1 = hex.slice!(0, BYTES_PER_PACKET_LINE)
+    hex2 = hex
+    hex1.gsub!(/(....)/, '\1 ')
+    hex2.gsub!(/(....)/, '\1 ')
+    bytes.gsub!(/[^#{SAFE_PACKET_RX}]/, ".")
+    puts "  #{hex1}  #{hex2}  #{bytes}"
+  end
+  print "\n"
+end
+
+# Handles rewriting of HTTP request headers. This method isn't very smart about
+# how it detects HTTP requests, but should work for most situations.
+def rewrite_headers!(data, src)
+  return if $header_rewrites.empty?
+  return unless http_slash_idx = data.index(" HTTP/")
+  node = Equity::Node.with_socket(src) || return
+  return unless (src == node.sockets.first)
+  
+  debug(src, "rewriting HTTP request headers")
+  
+  before_headers = data.slice!(0, data.index("\r\n", http_slash_idx))
+  headers = data.slice!(0, data.index("\r\n\r\n") + 4)
+  after_headers = data
+  
+  $header_rewrites.each do |header, value|
+    if headers.sub!(/\r\n#{header}: (.+?)\r\n/m, "\r\n#{header}: #{value}\r\n")
+      debug(src, "  #{header}: #{$1} => #{value}")
+    end
+  end
+  
+  headers.chop!
+  $header_additions.each do |header, value|
+    next if headers =~ /\r\n#{header}: /m
+    headers += "#{header}: #{value}\r\n"
+    debug(src, "  #{header}: => #{value}")
+  end
+  headers += "\r\n"
+  
+  data.replace(before_headers + headers + after_headers)
+rescue
+  # If an exception occurs, ignore it. Rewriting the headers is far less
+  # important than keeping the program alive.
+end
+
+
+# Process arguments.
+$debugging        = !!ARGV.delete('-d')
+$dump_packets     = !!ARGV.delete('-p')
+$header_rewrites  = {}
+$header_additions = {}
+
+options = GetoptLong.new(
+  ["-d", "--debug",      GetoptLong::NO_ARGUMENT],
+  ["-p", "--packets",    GetoptLong::NO_ARGUMENT],
+  ["-h", "--header",     GetoptLong::REQUIRED_ARGUMENT],
+  ["-H", "--add-header", GetoptLong::REQUIRED_ARGUMENT]
+)
+options.each do |option, argument|
+  case option
+  when "-d"
+    $debugging = true
+  when "-p"
+    $dump_packets = true
+  when "-h", "-H"
+    header = argument.split(/: */, 2)
+    unless header.length == 2
+      STDERR.puts "I don't understand this header rewrite:"
+      STDERR.puts "  #{argument}"
+      STDERR.puts "Run equity with no arguments for help."
+      exit(64) # EX_USAGE
+    end
+    $header_rewrites[header.first] = header.last
+    $header_additions[header.first] = header.last if option == "-H"
+  end
+end
+
+if ARGV.length < 2
+  STDERR.puts 'equity 0.5'
+  STDERR.puts 'Usage: equity [<options>] <listen-port> [<node-address>:]<node-port> ...'
+  STDERR.print "\n"
+  STDERR.puts 'Node addresses default to localhost. Node ports can be single port numbers, or'
+  STDERR.puts 'you can specify a range like so: 10001-10010'
+  STDERR.print "\n"
+  STDERR.puts 'The following options can be used:'
+  STDERR.puts '-d Debug mode. Stays in the foreground and prints status messages.'
+  STDERR.puts '-p Packet dumper. Stays in the foreground and displays the raw data being'
+  STDERR.puts '   transferred.'
+  STDERR.puts '-h "<header>: <value>" Rewrite an HTTP request header before retransmitting.'
+  STDERR.puts '   Can be used more than once to rewrite several headers. The space after the'
+  STDERR.puts '   colon is optional.'
+  STDERR.puts '-H Same as -h, but the header will be added to every HTTP request (as opposed'
+  STDERR.puts '   to only being rewritten if it was in the original request).'
+  STDERR.print "\n"
+  exit(64) # EX_USAGE
+end
+
+# Instantiate nodes.
+$listen_port = ARGV.shift.to_i
+
+$nodes = []
+ARGV.each do |node_spec|
+  address, port = node_spec.split(':', 2)
+  if port.nil?
+    port = address
+    address = 'localhost'
+  end
+  if port =~ /^(\d+)-(\d+)$/
+    port_range = ($1.to_i)..($2.to_i)
+    port_range.each do |p|
+      $nodes << Equity::Node.new(address, p)
+    end
+  else
+    $nodes << Equity::Node.new(address, port)
+  end
+end
+
+# Daemonize.
+unless $debugging || $dump_packets
+  fork && exit
+  Process.setsid
+  trap 'SIGHUP', 'IGNORE'
+  fork && exit
+  Dir.chdir '/tmp'
+  File.umask 0000
+  ObjectSpace.each_object(IO) do |io|
+    unless [STDIN, STDOUT, STDERR].include?(io)
+      io.close rescue nil
+    end
+  end
+  STDIN.reopen "/dev/null"
+  STDOUT.reopen "/dev/null", "a"
+  STDERR.reopen STDOUT
+end
+
+# Print debugging info for header rewrites.
+$header_rewrites.each do |header, value|
+  if $header_additions.keys.include?(header)
+    debug(nil, "Will add HTTP request header `#{header}' with value `#{value}'")
+  else
+    debug(nil, "Will rewrite value of HTTP request header `#{header}' to `#{value}'")
+  end
+end
+
+# Set up SIGINT handler to print node counters.
+trap 'SIGINT', Proc.new {
+  debug(nil, "\nNode Counters")
+  $nodes.each do |node|
+    debug(nil, "#{node} - #{node.counter} connections")
+  end
+  exit
+}
+
+# Start up control server.
+$control_server = Equity::Manager.new($nodes, $listen_port, $debugging)
+
+# Start up server.
+$client_queue = []
+
+$server = TCPServer.new(nil, $listen_port)
+$server.listen(5)
+
+debug(nil, "Ready on port #{$listen_port}")
+
+# Loop forever.
+while true
+  # Wait for one or more sockets to be readable.
+  sockets = [$server, $nodes.collect {|n| n.sockets}]
+  sockets.flatten!
+  selected = select(sockets, nil, nil, 5)
+  if selected
+    selected[0].each do |socket|
+      if socket == $server
+        # Incoming connection. Accept it and queue it.
+        client = $server.accept
+        $client_queue << client
+        debug(client, 'connection accepted')
+      else
+        # Data received. Transfer it to the socket's mate.
+        node = $nodes.find {|n| n.owns_socket?(socket)}
+        next if node.nil?
+        begin
+          data = socket.recvfrom(65536)[0]
+          raise Errno::EPIPE if data.empty?
+          mate = socket.mate
+          rewrite_headers!(data, socket)
+          dump_packet(data, socket, mate)
+          mate.write(data)
+        rescue Errno::EPIPE, Errno::ECONNRESET
+          # Connection closed. Disconnect this node.
+          debug(socket, 'disconnected')
+          node.disconnect
+        end
+      end
+    end
+  end
+  
+  # Dequeue as many clients as possible, showing favor to nodes that have
+  # handled the fewest clients.
+  while !$client_queue.empty?
+    client = $client_queue.shift
+    found_a_node = false
+    failure_count = 0
+    sorted_notes = $nodes.sort {|a,b| a.counter <=> b.counter}
+    sorted_notes.each do |node|
+      next if node.connected?
+      begin
+        node.connect(client)
+      rescue Exception => e
+        debug(client, "connection to #{node} failed: #{e.message}")
+        failure_count += 1
+        next
+      end
+      debug(client, "assigned to #{node}")
+      found_a_node = true
+      break
+    end
+    
+    $client_queue.unshift(client) unless found_a_node
+    
+    if failure_count == $nodes.length
+      # All nodes failed. Disconnect all queued clients.
+      debug(nil, 'All nodes failed')
+      $client_queue.each {|client| client.close}
+      $client_queue.replace []
+    end
+    
+    break unless found_a_node
+  end
+  
+  # Check for control packets.
+  $control_server.process_commands
+  exit if $nodes.all? {|node| node.shutdown? && !node.connected?}
+end

data/bin/equityctl

@@ -0,0 +1,103 @@
+#!/usr/bin/env ruby
+#
+#  equityctl - management client for equity
+#
+#  Usage: equityctl [<host>:]<port> <command>
+#
+#  The host defaults to localhost.
+#
+#  Command    Description
+#  status     Displays each node's address, port, connection status, and
+#             connection counter.
+#
+#  Equity uses UDP packets to send control information, so all of UDP's caveats
+#  apply to equityctl.
+#
+
+require 'equity/controller'
+require 'getoptlong'
+
+# Process options.
+options = GetoptLong.new(
+  ["--genkey", GetoptLong::NO_ARGUMENT]
+)
+options.each do |option, argument|
+  case option
+  when "--genkey"
+    $genkey = true
+  end
+end
+
+if ($genkey && !ARGV.empty?) || (!$genkey && ARGV.length != 2)
+  STDERR.puts 'Usage: equityctl [<host>:]<port> <command>'
+  STDERR.print "\n"
+  STDERR.puts 'The host defaults to localhost.'
+  STDERR.print "\n"
+  STDERR.puts 'Command    Description'
+  STDERR.puts 'status     Displays each node\'s address, port, connection status,'
+  STDERR.puts '           connection counter, and failure counter.'
+  STDERR.puts 'shutdown   Close connections immediately and shut down.'
+  STDERR.puts 'waitdown   Wait for connections to close, then shut down.'
+  STDERR.print "\n\n"
+  STDERR.puts 'Usage: equityctl --genkey'
+  STDERR.print "\n"
+  STDERR.puts 'With the --genkey option, equityctl generates a public/private key pair for'
+  STDERR.puts 'authenticating itself to equity.'
+  exit(64) # EX_USAGE
+end
+
+# If --genkey was specified, generate a key pair and exit.
+if $genkey
+  puts "Generating key..."
+  begin
+    key = Equity::Controller::Key.generate
+  rescue Exception => e
+    STDERR.puts e.message
+    exit(1)
+  end
+  puts "Done! For reference, your key is stored here:"
+  key.paths.each {|path| puts "  #{path}"}
+  # Tell the user where they need to put their public key in order for it to be
+  # useful.
+  puts "\nTo be authorized to use equityctl with your own equity processes, your public"
+  puts "key must be appended to:"
+  puts "  " + Equity::Controller::Key::PERSONAL_AUTHORIZED_KEYS_PATH  
+  puts "\nTo be authorized to use equityctl with other people's equity processes, your"
+  puts "public key must be appended to:"
+  puts "  " + Equity::Controller::Key::SYSTEM_AUTHORIZED_KEYS_PATH
+  exit
+end
+
+# Extract address, port, and command from arguments.
+address, port = ARGV.shift.split(':', 2)
+if port.nil?
+  port = address
+  address = 'localhost'
+end
+
+command = ARGV.shift
+
+# Send command.
+class NoResponseError < Exception; end
+
+controller = Equity::Controller.new(address, port.to_i)
+begin
+  case command
+  when 'status'
+    nodes = controller.node_status || raise(NoResponseError)
+    nodes.each do |node|
+      puts "#{node} #{node.connected? ? 'C' : '-'} #{node.counter} #{node.failure_counter}"
+    end
+  when 'shutdown'
+    controller.shutdown || raise(NoResponseError)
+  when 'waitdown'
+    controller.waitdown || raise(NoResponseError)
+  else
+    STDERR.puts "Unrecognized command: #{command}"
+    STDERR.puts 'Run equityctl with no arguments for a list of commands.'
+    exit(64)
+  end
+rescue NoResponseError
+  STDERR.puts "No response from #{address}:#{port}"
+  exit(1)
+end

data/lib/equity/controller.rb

@@ -0,0 +1,71 @@
+require 'socket'
+require 'dl/import'
+require 'equity/manager'
+require 'equity/node'
+require 'equity/controller/key'
+
+module Equity
+  class Controller
+    def initialize(host, port, key = Key.new)
+      @host = host.dup
+      @port = port.to_i
+      @socket = UDPSocket.new
+      @key = key
+    end
+    
+    def node_status
+      reply = send(Manager::CMD_NODE_STATUS)
+      return nil unless reply
+      
+      nodes = []
+      count = reply.slice!(0, 1)[0]
+      count.times do
+        length, connected, counter, port = reply.slice!(0, 9).unpack('nCNn')
+        address = reply.slice!(0, length - 9)
+        node = Node::Static.new(address, port)
+        node.connected = (connected != 0)
+        node.counter = counter
+        nodes << node
+      end
+      nodes
+    end
+    
+    def shutdown
+      reply = send(Manager::CMD_SHUTDOWN)
+      !!reply
+    end
+    
+    def waitdown
+      reply = send(Manager::CMD_WAITDOWN)
+      !!reply
+    end
+    
+    module Alarm
+      extend DL::Importable
+      if RUBY_PLATFORM =~ /darwin/
+        so_ext = 'dylib'
+      else
+        so_ext = 'so'
+      end
+      dlload "libc.#{so_ext}"
+      extern "unsigned int alarm(unsigned int)"
+    end
+  
+  private
+    
+    def send(message)
+      message = @key.sign(message)
+      @socket.send(message, 0, @host, @port)
+      begin
+        trap('ALRM') { raise Errno::EINTR }
+        Alarm.alarm(15)
+        reply, address = @socket.recvfrom(1024)
+      rescue Errno::EINTR
+        reply = nil
+      end
+      Alarm.alarm(0)
+      reply
+    end
+    
+  end
+end

data/lib/equity/controller/key.rb

@@ -0,0 +1,177 @@
+require 'openssl'
+require 'fileutils'
+require 'base64'
+
+module Equity
+  class Controller
+    class Key
+      
+      # Length, in bits, of generated keys.
+      LENGTH = 2048
+      
+      # Default file system path where the user's key is stored. This path is
+      # the private half of the key. The public key can be found by appending
+      # ".pub" to this path.
+      DEFAULT_IDENTITY_PATH = File.join(ENV['HOME'], ".equity", "id_dsa")
+      
+      # Array of paths that contain the lists of public keys that identify
+      # people who are authorized to control equity.
+      PERSONAL_AUTHORIZED_KEYS_PATH = File.join(ENV['HOME'], ".equity", "authorized_keys")
+      SYSTEM_AUTHORIZED_KEYS_PATH = "/etc/equity/authorized_keys"
+      
+      # Byte sequence that separates the data and the signature in signed data.
+      SIGNATURE_SEPARATOR = 0.chr
+      
+      # Generates a new DSA key pair and stores it in a pair of files at the
+      # default identity path. Returns the generated key.
+      def self.generate
+        # Generate a DSA key pair.
+        dsa = OpenSSL::PKey::DSA.generate(LENGTH)
+        # Write the private key to disk.
+        FileUtils.mkdir_p(File.dirname(DEFAULT_IDENTITY_PATH))
+        File.open(DEFAULT_IDENTITY_PATH, "w") do |io|
+          io.chmod(0600)
+          io.write(dsa.to_pem)
+        end
+        # Write the public key to disk.
+        File.open(DEFAULT_IDENTITY_PATH + ".pub", "w") do |io|
+          io.write(dsa.public_key.to_pem)
+        end
+        # Return a Key object with the newly generated key.
+        new
+      end
+      
+      # Loads a key from disk or a string. If the loaded key includes the
+      # private half of the key and the key has been loaded from disk, the
+      # file's permissions are verified to ensure that only the owner can
+      # access it. Raises a SecurityError if the file's permissions are unsafe.
+      def initialize(path_or_pem = DEFAULT_IDENTITY_PATH)
+        # Try to interpret path_or_pem as a PEM string first.
+        begin
+          @dsa = OpenSSL::PKey::DSA.new(path_or_pem)
+        rescue
+          # That didn't work. It must be a path.
+          @path = path_or_pem
+          @dsa = OpenSSL::PKey::DSA.new(IO.read(@path))
+          # If this is a private key, make sure nobody else can read it.
+          if @dsa.private?
+            mode = File.stat(@path).mode
+            unless mode & 077 == 0
+              raise SecurityError, "unsafe permissions on #{@path} - must not allow any access by group or world"
+            end
+          end
+        end
+      end
+      
+      # Returns an array of paths to all files associated with this key.
+      def paths
+        return [] if @path.nil?
+        if @dsa.private?
+          [@path, @path + ".pub"]
+        else
+          [@path + ".pub"]
+        end
+      end
+      
+      # Appends a cryptographic signature to +data+.
+      def sign(data)
+        sig = @dsa.sign(OpenSSL::Digest::DSS1.new, data)
+        a1sig = OpenSSL::ASN1.decode( sig )
+
+        sig_r = a1sig.value[0].value.to_s(2)
+        sig_s = a1sig.value[1].value.to_s(2)
+
+        if sig_r.length > 20 || sig_s.length > 20
+          raise OpenSSL::PKey::DSAError, "bad sig size"
+        end
+
+        sig_r = "\0" * ( 20 - sig_r.length ) + sig_r if sig_r.length < 20
+        sig_s = "\0" * ( 20 - sig_s.length ) + sig_s if sig_s.length < 20
+
+        return [
+          data,
+          Base64.encode64(sig_r + sig_s),
+          @dsa.public_key.to_pem
+        ].join(SIGNATURE_SEPARATOR)
+      end
+      
+      # Verifies the cryptographic signature appended to +data_with_sig+. If
+      # the signature is legitimate, the data is returned. Otherwise this
+      # method returns +false+.
+      def self.verify(data_with_sig)
+        data, sig, public_pem = data_with_sig.split(/#{SIGNATURE_SEPARATOR}/)
+        sig = Base64.decode64(sig)
+        dsa = OpenSSL::PKey::DSA.new(public_pem)
+        sig_r = sig[0,20].unpack("H*")[0].to_i(16)
+        sig_s = sig[20,20].unpack("H*")[0].to_i(16)
+        a1sig = OpenSSL::ASN1::Sequence([
+           OpenSSL::ASN1::Integer(sig_r),
+           OpenSSL::ASN1::Integer(sig_s)
+        ])
+        if dsa.verify(OpenSSL::Digest::DSS1.new, a1sig.to_der, data)
+          data
+        else
+          false
+        end
+      end
+      
+      # Returns true if this key is authorized to control equity.
+      def authorized?
+        self.class.authorized_keys.include?(self)
+      end
+      
+      # Returns an array of keys which are authorized to control equity. Raises
+      # a SecurityError if either of the authorized key files are writable by
+      # group or world, or if a private key is found in the files.
+      def self.authorized_keys
+        # Return cached keys if they've already been loaded.
+        return @authorized_keys if @authorized_keys
+        # Read the keys and verify file permissions.
+        pem = ""
+        if File.exist?(PERSONAL_AUTHORIZED_KEYS_PATH)
+          mode = File.stat(PERSONAL_AUTHORIZED_KEYS_PATH).mode
+          unless mode & 022 == 0
+            raise SecurityError, "unsafe permissions on #{PERSONAL_AUTHORIZED_KEYS_PATH} - must not be writable by group or world"
+          end
+          pem = IO.read(PERSONAL_AUTHORIZED_KEYS_PATH) + "\n"
+        end
+        if File.exist?(SYSTEM_AUTHORIZED_KEYS_PATH)
+          mode = File.stat(SYSTEM_AUTHORIZED_KEYS_PATH).mode
+          unless mode & 022 == 0
+            raise SecurityError, "unsafe permissions on #{SYSTEM_AUTHORIZED_KEYS_PATH} - must not be writable by group or world"
+          end
+          pem += IO.read(SYSTEM_AUTHORIZED_KEYS_PATH)
+        end
+        # Instantiate the keys and verify that they're all public.
+        pems = pem.split(/-----END DSA PUBLIC KEY-----/)
+        pems.pop
+        pems.collect! do |pem|
+          key = new(pem + "-----END DSA PUBLIC KEY-----")
+          if key.private?
+            raise SecurityError, "private key found in authorized keys - only public keys should be authorized"
+          end
+          key
+        end
+        # Cache the loaded keys.
+        @authorized_keys = pems
+      end
+      
+      # Returns true if this key includes the private half of the key.
+      def private?
+        @dsa.private?
+      end
+      
+      # Two keys are equal if they have the same public key.
+      def ==(other)
+        @dsa.public_key.to_s == other.instance_eval {@dsa.public_key.to_s}
+      end
+      
+      # Returns the public half of the key that signed +data_with_sig+.
+      def self.signature_key(data_with_sig)
+        data, sig, public_pem = data_with_sig.split(/#{SIGNATURE_SEPARATOR}/)
+        new(public_pem)
+      end
+      
+    end
+  end
+end

data/lib/equity/manager.rb

@@ -0,0 +1,97 @@
+require "equity/controller/key"
+
+module Equity
+  class Manager
+    
+    CMD_NODE_STATUS = "S"
+    CMD_SHUTDOWN    = "K"
+    CMD_WAITDOWN    = "W"
+    
+    CMD_NAMES = {
+      CMD_NODE_STATUS => "status",
+      CMD_SHUTDOWN    => "shutdown",
+      CMD_WAITDOWN    => "waitdown"
+    }
+    
+    def initialize(nodes, port, debugging = false)
+      @nodes = nodes
+      @socket = UDPSocket.new
+      @socket.bind(nil, port)
+      @debugging = debugging
+    end
+    
+    def process_commands
+      # Read commands from the network.
+      begin
+        data, address = @socket.recvfrom_nonblock(4096)
+      rescue Errno::EAGAIN
+      end
+      return unless data
+      command = data.split(/#{Controller::Key::SIGNATURE_SEPARATOR}/).first
+      debug("received manager command: #{command_name(command)}", address)
+      # Verify the signature and ensure that the key used to sign the command
+      # is authorized.
+      unless verified_data = Controller::Key.verify(data)
+        debug("signature verification failed - ignoring command", address)
+        return
+      end
+      unless Controller::Key.signature_key(data).authorized?
+        debug("command signed by unauthorized key - ignoring command", address)
+        return
+      end
+      data = verified_data
+      # Process the command.
+      debug("signature verified - processing command", address)
+      case data
+      when CMD_NODE_STATUS
+        reply = node_status_message
+      when CMD_SHUTDOWN
+        UDPSocket.new.send(generic_ok_message, 0, address[2], address[1])
+        exit
+      when CMD_WAITDOWN
+        reply = generic_ok_message
+        waitdown
+      else
+        debug("command not understood (#{data.unpack('H*')})", address)
+        return
+      end
+      UDPSocket.new.send(reply, 0, address[2], address[1])
+    end
+    
+  private
+    
+    def node_status_message
+      message = [@nodes.length].pack('C')
+      @nodes.each do |node|
+        message += [
+          9 + node.address.length,
+          (node.connected? ? 1 : 0),
+          node.counter,
+          node.port
+        ].pack('nCNn')
+        message += node.address
+      end
+      message
+    end
+    
+    def generic_ok_message
+      "OK"
+    end
+    
+    def waitdown
+      @nodes.each {|node| node.stop_accepting!}
+    end
+    
+    def debug(message, sockaddr)
+      return unless @debugging
+      nameinfo = Socket.getnameinfo(sockaddr,
+        Socket::NI_NUMERICHOST | Socket::NI_NUMERICSERV)
+      puts "[#{nameinfo[0]}:#{nameinfo[1]}] #{message}"
+    end
+    
+    def command_name(command)
+      CMD_NAMES[command] || "unknown"
+    end
+    
+  end
+end

data/lib/equity/node.rb

@@ -0,0 +1,113 @@
+require 'equity/socket_pairing'
+
+module Equity
+  # Represents a cluster node.
+  class Node
+    attr_reader :counter
+    attr_reader :failure_counter
+    attr_reader :address
+    attr_reader :port
+    attr_reader :client_address
+    attr_reader :client_port
+  
+    def initialize(address, port)
+      @client          = nil
+      @counter         = 0
+      @failure_counter = 0
+      @address         = address.dup
+      @port            = port.to_i
+      @active          = true
+    end
+  
+    def connect(client)
+      raise(RuntimeError, 'node is already connected') if connected?
+      raise(RuntimeError, 'node has been shut down') if shutdown?
+      begin
+        @client = client
+        @server = TCPSocket.new(@address, @port)
+        @server.extend SocketPairing
+        @server.pair_with(client)
+        @counter += 1
+        
+        begin
+          nameinfo = Socket.getnameinfo(@client.getpeername,
+            Socket::NI_NUMERICHOST | Socket::NI_NUMERICSERV)
+          @client_address, @client_port = nameinfo
+        rescue
+          @client_address, @client_port = "???", "???"
+        end
+        
+        @server
+      rescue Exception => e
+        @client = nil
+        @server = nil
+        @failure_counter += 1
+        raise e
+      end
+    end
+  
+    def disconnect
+      @client.close
+      @server.close
+      @client = nil
+      @server = nil
+      @client_address = nil
+      @client_port = nil
+    end
+  
+    def connected?
+      !!@client
+    end
+  
+    def sockets
+      connected? ? [@client, @server] : []
+    end
+  
+    def owns_socket?(socket)
+      connected? && ((socket == @client) || (socket == @server))
+    end
+  
+    def to_s
+      "#{@address}:#{@port}"
+    end
+    
+    def self.with_socket(socket)
+      ObjectSpace.each_object(self) do |node|
+        return node if node.owns_socket?(socket)
+      end
+      nil
+    end
+    
+    def stop_accepting!
+      @active = false
+    end
+    
+    def shutdown?
+      !@active
+    end
+    
+    class Static < Node
+      attr_writer :counter
+      
+      def connected=(bool)
+        @client = bool
+      end
+      
+      def connect(client)
+        raise(RuntimeError, 'static nodes cannot be connected')
+      end
+      
+      def disconnect
+        raise(RuntimeError, 'static nodes cannot be disconnected')
+      end
+      
+      def sockets
+        []
+      end
+      
+      def owns_socket?(socket)
+        false
+      end
+    end
+  end
+end

data/lib/equity/socket_pairing.rb

@@ -0,0 +1,15 @@
+module Equity
+  # Enables pairing of sockets, so a client socket can be linked to a server
+  # socket.
+  module SocketPairing
+    attr_reader :mate
+  
+    def pair_with(other_socket, one_way = false)
+      @mate = other_socket
+      unless one_way
+        other_socket.extend SocketPairing
+        other_socket.pair_with(self, true)
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,68 @@
+--- !ruby/object:Gem::Specification 
+name: equity
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 5
+  version: "0.5"
+platform: ruby
+authors: 
+- Dana Contreras
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-03-27 00:00:00 -04:00
+default_executable: 
+dependencies: []
+
+description: 
+email: 
+executables: 
+- equity
+- equityctl
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- bin/equity
+- bin/equityctl
+- lib/equity/controller.rb
+- lib/equity/controller/key.rb
+- lib/equity/manager.rb
+- lib/equity/node.rb
+- lib/equity/socket_pairing.rb
+has_rdoc: true
+homepage: http://github.com/DanaDanger/equity
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: Queueing software load balancer.
+test_files: []
+