eventmachine 0.12.6 → 0.12.8

data/lib/em/protocols/saslauth.rb

@@ -0,0 +1,175 @@
+#--
+#
+# Author:: Francis Cianfrocca (gmail: blackhedd)
+# Homepage::  http://rubyeventmachine.com
+# Date:: 15 November 2006
+# 
+# See EventMachine and EventMachine::Connection for documentation and
+# usage examples.
+#
+#----------------------------------------------------------------------------
+#
+# Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
+# Gmail: blackhedd
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of either: 1) the GNU General Public License
+# as published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version; or 2) Ruby's License.
+# 
+# See the file COPYING for complete licensing information.
+#
+#---------------------------------------------------------------------------
+#
+# 
+# 
+
+module EventMachine
+  module Protocols
+
+    # Implements SASL authd.
+    # This is a very, very simple protocol that mimics the one used
+    # by saslauthd and pwcheck, two outboard daemons included in the
+    # standard SASL library distro.
+    # The only thing this is really suitable for is SASL PLAIN
+    # (user+password) authentication, but the SASL libs that are
+    # linked into standard servers (like imapd and sendmail) implement
+    # the other ones.
+    #
+    # SASL-auth is intended for reasonably fast operation inside a
+    # single machine, so it has no transport-security (although there
+    # have been multi-machine extensions incorporating transport-layer
+    # encryption).
+    #
+    # The standard saslauthd module generally runs privileged and does
+    # its work by referring to the system-account files.
+    #
+    # This feature was added to EventMachine to enable the development
+    # of custom authentication/authorization engines for standard servers.
+    #
+    # To use SASLauth, include it in a class that subclasses EM::Connection,
+    # and reimplement the validate method.
+    #
+    # The typical way to incorporate this module into an authentication
+    # daemon would be to set it as the handler for a UNIX-domain socket.
+    # The code might look like this:
+    #
+    #  EM.start_unix_domain_server( "/var/run/saslauthd/mux", MyHandler )
+    #  File.chmod( 0777, "/var/run/saslauthd/mux")
+    #
+    # The chmod is probably needed to ensure that unprivileged clients can
+    # access the UNIX-domain socket.
+    #
+    # It's also a very good idea to drop superuser privileges (if any), after
+    # the UNIX-domain socket has been opened.
+    #--
+    # Implementation details: assume the client can send us pipelined requests,
+    # and that the client will close the connection.
+    #
+    # The client sends us four values, each encoded as a two-byte length field in
+    # network order followed by the specified number of octets.
+    # The fields specify the username, password, service name (such as imap),
+    # and the "realm" name. We send back the barest minimum reply, a single
+    # field also encoded as a two-octet length in network order, followed by
+    # either "NO" or "OK" - simplicity itself.
+    #
+    # We enforce a maximum field size just as a sanity check.
+    # We do NOT automatically time out the connection.
+    #
+    # The code we use to parse out the values is ugly and probably slow.
+    # Improvements welcome.
+    #
+    module SASLauth
+
+      MaxFieldSize = 128*1024
+      def post_init
+        super
+        @sasl_data = ""
+        @sasl_values = []
+      end
+
+      def receive_data data
+        @sasl_data << data
+        while @sasl_data.length >= 2
+          len = (@sasl_data[0,2].unpack("n")).first
+          raise "SASL Max Field Length exceeded" if len > MaxFieldSize
+          if @sasl_data.length >= (len + 2)
+            @sasl_values << @sasl_data[2,len]
+            @sasl_data.slice!(0...(2+len))
+            if @sasl_values.length == 4
+              send_data( validate(*@sasl_values) ? "\0\002OK" : "\0\002NO" )
+              @sasl_values.clear
+            end
+          else
+            break
+          end
+        end
+      end
+
+      def validate username, psw, sysname, realm
+        p username
+        p psw
+        p sysname
+        p realm
+        true
+      end
+    end
+
+    # Implements the SASL authd client protocol.
+    # This is a very, very simple protocol that mimics the one used
+    # by saslauthd and pwcheck, two outboard daemons included in the
+    # standard SASL library distro.
+    # The only thing this is really suitable for is SASL PLAIN
+    # (user+password) authentication, but the SASL libs that are
+    # linked into standard servers (like imapd and sendmail) implement
+    # the other ones.
+    #
+    # You can use this module directly as a handler for EM Connections,
+    # or include it in a module or handler class of your own.
+    #
+    # First connect to a SASL server (it's probably a TCP server, or more
+    # likely a Unix-domain socket). Then call the #validate? method,
+    # passing at least a username and a password. #validate? returns
+    # a Deferrable which will either succeed or fail, depending
+    # on the status of the authentication operation.
+    #
+    module SASLauthclient
+      MaxFieldSize = 128*1024
+
+      def validate? username, psw, sysname=nil, realm=nil
+
+        str = [username, psw, sysname, realm].map {|m|
+          [(m || "").length, (m || "")]
+        }.flatten.pack( "nA*" * 4 )
+        send_data str
+
+        d = EM::DefaultDeferrable.new
+        @queries.unshift d
+        d
+      end
+
+      def post_init
+        @sasl_data = ""
+        @queries = []
+      end
+
+      def receive_data data
+        @sasl_data << data
+
+        while @sasl_data.length > 2
+          len = (@sasl_data[0,2].unpack("n")).first
+          raise "SASL Max Field Length exceeded" if len > MaxFieldSize
+          if @sasl_data.length >= (len + 2)
+            val = @sasl_data[2,len]
+            @sasl_data.slice!(0...(2+len))
+            q = @queries.pop
+            (val == "NO") ? q.fail : q.succeed
+          else
+            break
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/em/protocols/smtpclient.rb

@@ -0,0 +1,331 @@
+#--
+#
+# Author:: Francis Cianfrocca (gmail: blackhedd)
+# Homepage::  http://rubyeventmachine.com
+# Date:: 16 July 2006
+# 
+# See EventMachine and EventMachine::Connection for documentation and
+# usage examples.
+#
+#----------------------------------------------------------------------------
+#
+# Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
+# Gmail: blackhedd
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of either: 1) the GNU General Public License
+# as published by the Free Software Foundation; either version 2 of the
+# License, or (at your option) any later version; or 2) Ruby's License.
+# 
+# See the file COPYING for complete licensing information.
+#
+#---------------------------------------------------------------------------
+#
+# 
+
+require 'ostruct'
+
+module EventMachine
+  module Protocols
+
+    # Simple SMTP client
+    #
+    #   email = EM::Protocols::SmtpClient.send(
+    #     :domain=>"example.com",
+    #     :host=>'localhost',
+    #     :port=>25, # optional, defaults 25
+    #     :starttls=>true, # use ssl
+    #     :from=>"sender@example.com",
+    #     :to=> ["to_1@example.com", "to_2@example.com"],
+    #     :header=> {"Subject" => "This is a subject line"},
+    #     :body=> "This is the body of the email"
+    #   )
+    #   email.callback{
+    #     puts 'Email sent!'
+    #   }
+    #   email.errback{ |e|
+    #     puts 'Email failed!'
+    #   }
+    #
+    class SmtpClient < Connection
+      include EventMachine::Deferrable
+      include EventMachine::Protocols::LineText2
+
+      # :host => required String
+      #   a string containing the IP address or host name of the SMTP server to connect to.
+      # :port => optional
+      #   defaults to 25.
+      # :domain => required String
+      #   This is passed as the argument to the EHLO command.
+      # :starttls => optional Boolean
+      #   If it evaluates true, then the client will initiate STARTTLS with
+      #   the server, and abort the connection if the negotiation doesn't succeed.
+      #   TODO, need to be able to pass certificate parameters with this option.
+      # :auth => optional Hash of auth parameters
+      #   If not given, then no auth will be attempted.
+      #   (In that case, the connection will be aborted if the server requires auth.)
+      #   Specify the hash value :type to determine the auth type, along with additional parameters
+      #   depending on the type.
+      #   Currently only :type => :plain is supported. Pass additional parameters :username (String),
+      #   and :password (either a String or a Proc that will be called at auth-time).
+      #   Example: :auth => {:type=>:plain, :username=>"mickey@disney.com", :password=>"mouse"}
+      # :from => required String
+      #   Specifies the sender of the message. Will be passed as the argument
+      #   to the MAIL FROM. Do NOT enclose the argument in angle-bracket (<>) characters.
+      #   The connection will abort if the server rejects the value.
+      # :to => required String or Array of Strings
+      #   The recipient(s) of the message. Do NOT enclose
+      #   any of the values in angle-brackets (<>) characters. It's NOT a fatal error if one or more
+      #   recipients are rejected by the server. (Of course, if ALL of them are, the server will most
+      #   likely trigger an error when we try to send data.) An array of codes containing the status
+      #   of each requested recipient is available after the call completes. TODO, we should define
+      #   an overridable stub that will be called on rejection of a recipient or a sender, giving
+      #   user code the chance to try again or abort the connection.
+      # :header => Required hash of values to be transmitted in the header of the message.
+      #   The hash keys are the names of the headers (do NOT append a trailing colon), and the values are strings
+      #   containing the header values. TODO, support Arrays of header values, which would cause us to
+      #   send that specific header line more than once.
+      #
+      #   Example: :header => {"Subject" => "Bogus", "CC" => "myboss@example.com"}
+      # :body => Optional string, defaults blank.
+      #   This will be passed as the body of the email message.
+      #   TODO, this needs to be significantly beefed up. As currently written, this requires the caller
+      #   to properly format the input into CRLF-delimited lines of 7-bit characters in the standard
+      #   SMTP transmission format. We need to be able to automatically convert binary data, and add
+      #   correct line-breaks to text data. I think the :body parameter should remain as it is, and we
+      #   should add a :content parameter that contains autoconversions and/or conversion parameters.
+      #   Then we can check if either :body or :content is present and do the right thing.
+      # :verbose => Optional.
+      #   If true, will cause a lot of information (including the server-side of the
+      #   conversation) to be dumped to $>.
+      #
+      def self.send args={}
+        args[:port] ||= 25
+        args[:body] ||= ""
+
+=begin
+      (I don't think it's possible for EM#connect to throw an exception under normal
+      circumstances, so this original code is stubbed out. A connect-failure will result
+      in the #unbind method being called without calling #connection_completed.)
+      begin
+        EventMachine.connect( args[:host], args[:port], self) {|c|
+          # According to the EM docs, we will get here AFTER post_init is called.
+          c.args = args
+          c.set_comm_inactivity_timeout 60
+        }
+      rescue
+        # We'll get here on a connect error. This code mimics the effect
+        # of a call to invoke_internal_error. Would be great to DRY this up.
+        # (Actually, it may be that we never get here, if EM#connect catches
+        # its errors internally.)
+        d = EM::DefaultDeferrable.new
+        d.set_deferred_status(:failed, {:error=>[:connect, 500, "unable to connect to server"]})
+        d
+      end
+=end
+        EventMachine.connect( args[:host], args[:port], self) {|c|
+          # According to the EM docs, we will get here AFTER post_init is called.
+          c.args = args
+          c.set_comm_inactivity_timeout 60
+        }
+      end
+
+      # :stopdoc:
+
+      attr_writer :args
+
+      def post_init
+        @return_values = OpenStruct.new
+        @return_values.start_time = Time.now
+      end
+
+      def connection_completed
+        @responder = :receive_signon
+        @msg = []
+      end
+
+      # We can get here in a variety of ways, all of them being failures unless
+      # the @succeeded flag is set. If a protocol success was recorded, then don't
+      # set a deferred success because the caller will already have done it
+      # (no need to wait until the connection closes to invoke the callbacks).
+      #
+      def unbind
+        unless @succeeded
+          @return_values.elapsed_time = Time.now - @return_values.start_time
+          @return_values.responder = @responder
+          @return_values.code = @code
+          @return_values.message = @msg
+          set_deferred_status(:failed, @return_values)
+        end
+      end
+
+      def receive_line ln
+        $>.puts ln if @args[:verbose]
+        @range = ln[0...1].to_i
+        @code = ln[0...3].to_i
+        @msg << ln[4..-1]
+        unless ln[3...4] == '-'
+          $>.puts @responder if @args[:verbose]
+          send @responder
+          @msg.clear
+        end
+      end
+
+      # We encountered an error from the server and will close the connection.
+      # Use the error and message the server returned.
+      #
+      def invoke_error
+        @return_values.elapsed_time = Time.now - @return_values.start_time
+        @return_values.responder = @responder
+        @return_values.code = @code
+        @return_values.message = @msg
+        set_deferred_status :failed, @return_values
+        send_data "QUIT\r\n"
+        close_connection_after_writing
+      end
+
+      # We encountered an error on our side of the protocol and will close the connection.
+      # Use an extra-protocol error code (900) and use the message from the caller.
+      #
+      def invoke_internal_error msg = "???"
+        @return_values.elapsed_time = Time.now - @return_values.start_time
+        @return_values.responder = @responder
+        @return_values.code = 900
+        @return_values.message = msg
+        set_deferred_status :failed, @return_values
+        send_data "QUIT\r\n"
+        close_connection_after_writing
+      end
+
+      def receive_signon
+        return invoke_error unless @range == 2
+        send_data "EHLO #{@args[:domain]}\r\n"
+        @responder = :receive_ehlo_response
+      end
+
+      def receive_ehlo_response
+        return invoke_error unless @range == 2
+        @server_caps = @msg
+        invoke_starttls
+      end
+
+      def invoke_starttls
+        if @args[:starttls]
+          # It would be more sociable to first ask if @server_caps contains
+          # the string "STARTTLS" before we invoke it, but hey, life's too short.
+          send_data "STARTTLS\r\n"
+          @responder = :receive_starttls_response
+        else
+          invoke_auth
+        end
+      end
+      def receive_starttls_response
+        return invoke_error unless @range == 2
+        start_tls
+        invoke_auth
+      end
+
+      # Perform an authentication. If the caller didn't request one, then fall through
+      # to the mail-from state.
+      def invoke_auth
+        if @args[:auth]
+          if @args[:auth][:type] == :plain
+            psw = @args[:auth][:password]
+            if psw.respond_to?(:call)
+              psw = psw.call
+            end
+            #str = Base64::encode64("\0#{@args[:auth][:username]}\0#{psw}").chomp
+            str = ["\0#{@args[:auth][:username]}\0#{psw}"].pack("m").chomp
+            send_data "AUTH PLAIN #{str}\r\n"
+            @responder = :receive_auth_response
+          else
+            return invoke_internal_error("unsupported auth type")
+          end
+        else
+          invoke_mail_from
+        end
+      end
+      def receive_auth_response
+        return invoke_error unless @range == 2
+        invoke_mail_from
+      end
+
+      def invoke_mail_from
+        send_data "MAIL FROM: <#{@args[:from]}>\r\n"
+        @responder = :receive_mail_from_response
+      end
+      def receive_mail_from_response
+        return invoke_error unless @range == 2
+        invoke_rcpt_to
+      end
+
+      def invoke_rcpt_to
+        @rcpt_responses ||= []
+        l = @rcpt_responses.length
+        to = @args[:to].is_a?(Array) ? @args[:to] : [@args[:to].to_s]
+        if l < to.length
+          send_data "RCPT TO: <#{to[l]}>\r\n"
+          @responder = :receive_rcpt_to_response
+        else
+          e = @rcpt_responses.select {|rr| rr.last == 2}
+          if e and e.length > 0
+            invoke_data
+          else
+            invoke_error
+          end
+        end
+      end
+      def receive_rcpt_to_response
+        @rcpt_responses << [@code, @msg, @range]
+        invoke_rcpt_to
+      end
+
+      def invoke_data
+        send_data "DATA\r\n"
+        @responder = :receive_data_response
+      end
+      def receive_data_response
+        return invoke_error unless @range == 3
+
+        # The data to send can be given either in @args[:content] (an array or string of raw data
+        # which MUST be in correct SMTP body format, including a trailing dot line), or a header and
+        # body given in @args[:header] and @args[:body].
+        #
+        if @args[:content]
+          send_data @args[:content].to_s
+        else
+          # The header can be a hash or an array.
+          if @args[:header].is_a?(Hash)
+            (@args[:header] || {}).each {|k,v| send_data "#{k}: #{v}\r\n" }
+          else
+            send_data @args[:header].to_s
+          end
+          send_data "\r\n"
+
+          if @args[:body].is_a?(Array)
+            @args[:body].each {|e| send_data e}
+          else
+            send_data @args[:body].to_s
+          end
+
+          send_data "\r\n.\r\n"
+        end
+
+        @responder = :receive_message_response
+      end
+      def receive_message_response
+        return invoke_error unless @range == 2
+        send_data "QUIT\r\n"
+        close_connection_after_writing
+        @succeeded = true
+        @return_values.elapsed_time = Time.now - @return_values.start_time
+        @return_values.responder = @responder
+        @return_values.code = @code
+        @return_values.message = @msg
+        set_deferred_status :succeeded, @return_values
+      end
+
+      # :startdoc:
+    end
+  end
+end