faye-websocket 0.10.6 → 0.11.1

data/lib/faye/eventsource.rb

@@ -63,7 +63,7 @@ module Faye
     end
 
   private
-    
+
     def open
       return unless @ready_state == WebSocket::API::CONNECTING
 
@@ -83,9 +83,9 @@ module Faye
                 gsub(/(\r\n|\r|\n)/, '\1data: ')
 
       frame  = ""
-      frame << "event: #{options[:event]}\r\n" if options[:event]
-      frame << "id: #{options[:id]}\r\n" if options[:id]
-      frame << "data: #{message}\r\n\r\n"
+      frame << "event: #{ options[:event] }\r\n" if options[:event]
+      frame << "id: #{ options[:id] }\r\n" if options[:id]
+      frame << "data: #{ message }\r\n\r\n"
 
       @stream.write(frame)
       true

data/lib/faye/rack_stream.rb

@@ -79,6 +79,7 @@ module Faye
     end
 
     def write(data)
+      return @rack_hijack_io_reader.send_data(data) if @rack_hijack_io_reader
       return @rack_hijack_io.write(data) if @rack_hijack_io
       return @stream_send.call(data) if @stream_send
     rescue => e

data/lib/faye/websocket.rb

@@ -17,9 +17,10 @@ module Faye
   class WebSocket
     root = File.expand_path('../websocket', __FILE__)
 
-    autoload :Adapter, root + '/adapter'
-    autoload :API,     root + '/api'
-    autoload :Client,  root + '/client'
+    autoload :Adapter,      root + '/adapter'
+    autoload :API,          root + '/api'
+    autoload :Client,       root + '/client'
+    autoload :SslVerifier,  root + '/ssl_verifier'
 
     ADAPTERS = {
       'goliath'  => :Goliath,
@@ -44,7 +45,7 @@ module Faye
     def self.load_adapter(backend)
       const = Kernel.const_get(ADAPTERS[backend]) rescue nil
       require(backend) unless const
-      path = File.expand_path("../adapters/#{backend}.rb", __FILE__)
+      path = File.expand_path("../adapters/#{ backend }.rb", __FILE__)
       require(path) if File.file?(path)
     end
 

data/lib/faye/websocket/api.rb

@@ -43,7 +43,7 @@ module Faye
 
         @driver.on(:open)    { |e| open }
         @driver.on(:message) { |e| receive_message(e.data) }
-        @driver.on(:close)   { |e| begin_close(e.reason, e.code) }
+        @driver.on(:close)   { |e| begin_close(e.reason, e.code, :wait_for_write => true) }
 
         @driver.on(:error) do |error|
           emit_error(error.message)
@@ -83,13 +83,16 @@ module Faye
         unless code == 1000 or (code >= 3000 and code <= 4999)
           raise ArgumentError, "Failed to execute 'close' on WebSocket: " +
                                "The code must be either 1000, or between 3000 and 4999. " +
-                               "#{code} is neither."
+                               "#{ code } is neither."
+        end
+
+        if @ready_state < CLOSING
+          @close_timer = EventMachine.add_timer(CLOSE_TIMEOUT) { begin_close('', 1006) }
         end
 
         @ready_state = CLOSING unless @ready_state == CLOSED
-        @driver.close(reason, code)
 
-        @close_timer = EventMachine.add_timer(CLOSE_TIMEOUT) { begin_close('', 1006) }
+        @driver.close(reason, code)
       end
 
       def protocol
@@ -121,13 +124,17 @@ module Faye
         dispatch_event(event)
       end
 
-      def begin_close(reason, code)
+      def begin_close(reason, code, options = {})
         return if @ready_state == CLOSED
         @ready_state = CLOSING
         @close_params = [reason, code]
 
         if @stream
-          @stream.close_connection_after_writing
+          if options[:wait_for_write]
+            @stream.close_connection_after_writing
+          else
+            @stream.close_connection
+          end
         else
           finalize_close
         end

data/lib/faye/websocket/api/event.rb

@@ -10,7 +10,7 @@ module Faye::WebSocket::API
 
     def initialize(event_type, options)
       @type = event_type
-      options.each { |key, value| instance_variable_set("@#{key}", value) }
+      options.each { |key, value| instance_variable_set("@#{ key }", value) }
     end
 
     def init_event(event_type, can_bubble, cancelable)

data/lib/faye/websocket/api/event_target.rb

@@ -5,10 +5,10 @@ module Faye::WebSocket::API
     events = %w[open message error close]
 
     events.each do |event_type|
-      define_method "on#{event_type}=" do |handler|
+      define_method "on#{ event_type }=" do |handler|
         EventMachine.next_tick do
           flush(event_type, handler)
-          instance_variable_set("@on#{event_type}", handler)
+          instance_variable_set("@on#{ event_type }", handler)
         end
       end
     end

data/lib/faye/websocket/client.rb

@@ -7,7 +7,7 @@ module Faye
       extend Forwardable
       include API
 
-      DEFAULT_PORTS    = {'http' => 80, 'https' => 443, 'ws' => 80, 'wss' => 443}
+      DEFAULT_PORTS    = { 'http' => 80, 'https' => 443, 'ws' => 80, 'wss' => 443 }
       SECURE_PROTOCOLS = ['https', 'wss']
 
       def_delegators :@driver, :headers, :status
@@ -17,58 +17,72 @@ module Faye
         super(options) { ::WebSocket::Driver.client(self, :max_length => options[:max_length], :protocols => protocols) }
 
         proxy       = options.fetch(:proxy, {})
-        endpoint    = URI.parse(proxy[:origin] || @url)
-        port        = endpoint.port || DEFAULT_PORTS[endpoint.scheme]
-        @secure     = SECURE_PROTOCOLS.include?(endpoint.scheme)
+        @endpoint   = URI.parse(proxy[:origin] || @url)
+        port        = @endpoint.port || DEFAULT_PORTS[@endpoint.scheme]
         @origin_tls = options.fetch(:tls, {})
         @socket_tls = proxy[:origin] ? proxy.fetch(:tls, {}) : @origin_tls
 
-        if proxy[:origin]
-          @proxy = @driver.proxy(proxy[:origin])
-          if headers = proxy[:headers]
-            headers.each { |name, value| @proxy.set_header(name, value) }
-          end
+        configure_proxy(proxy)
 
-          @proxy.on(:connect) do
-            uri    = URI.parse(@url)
-            secure = SECURE_PROTOCOLS.include?(uri.scheme)
-            @proxy = nil
+        EventMachine.connect(@endpoint.host, port, Connection) do |conn|
+          conn.parent = self
+        end
+      rescue => error
+        on_network_error(error)
+      end
 
-            if secure
-              origin_tls = {:sni_hostname => uri.host}.merge(@origin_tls)
-              @stream.start_tls(origin_tls)
-            end
+    private
+
+      def configure_proxy(proxy)
+        return unless proxy[:origin]
 
-            @driver.start
-          end
+        @proxy = @driver.proxy(proxy[:origin])
+        @proxy.on(:error) { |error| @driver.emit(:error, error) }
 
-          @proxy.on(:error) do |error|
-            @driver.emit(:error, error)
-          end
+        if headers = proxy[:headers]
+          headers.each { |name, value| @proxy.set_header(name, value) }
         end
 
-        EventMachine.connect(endpoint.host, port, Connection) do |conn|
-          conn.parent = self
+        @proxy.on(:connect) do
+          @proxy = nil
+          start_tls(URI.parse(@url), @origin_tls)
+          @driver.start
         end
-      rescue => error
-        emit_error("Network error: #{url}: #{error.message}")
-        finalize_close
       end
 
-    private
+      def start_tls(uri, options)
+        return unless SECURE_PROTOCOLS.include?(uri.scheme)
+
+        tls_options = { :sni_hostname => uri.host, :verify_peer => true }.merge(options)
+        @ssl_verifier = SslVerifier.new(uri.host, tls_options)
+        @stream.start_tls(tls_options)
+      end
 
       def on_connect(stream)
         @stream = stream
-
-        if @secure
-          socket_tls = {:sni_hostname => URI.parse(@url).host}.merge(@socket_tls)
-          @stream.start_tls(socket_tls)
-        end
+        start_tls(@endpoint, @socket_tls)
 
         worker = @proxy || @driver
         worker.start
       end
 
+      def on_network_error(error)
+        emit_error("Network error: #{ @url }: #{ error.message }")
+        finalize_close
+      end
+
+      def ssl_verify_peer(cert)
+        @ssl_verifier.ssl_verify_peer(cert)
+      rescue => error
+        on_network_error(error)
+      end
+
+      def ssl_handshake_completed
+        @ssl_verifier.ssl_handshake_completed
+      rescue => error
+        on_network_error(error)
+      end
+
       module Connection
         attr_accessor :parent
 
@@ -76,11 +90,20 @@ module Faye
           parent.__send__(:on_connect, self)
         end
 
+        def ssl_verify_peer(cert)
+          parent.__send__(:ssl_verify_peer, cert)
+        end
+
+        def ssl_handshake_completed
+          parent.__send__(:ssl_handshake_completed)
+        end
+
         def receive_data(data)
           parent.__send__(:parse, data)
         end
 
-        def unbind
+        def unbind(error = nil)
+          parent.__send__(:emit_error, error) if error
           parent.__send__(:finalize_close)
         end
 

data/lib/faye/websocket/ssl_verifier.rb

@@ -0,0 +1,89 @@
+# This code is based on the implementation in Faraday:
+#
+#     https://github.com/lostisland/faraday/blob/v1.0.1/lib/faraday/adapter/em_http_ssl_patch.rb
+#
+# Faraday is published under the MIT license as detailed here:
+#
+#     https://github.com/lostisland/faraday/blob/v1.0.1/LICENSE.md
+#
+# Copyright (c) 2009-2019 Rick Olson, Zack Hobson
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+
+require 'openssl'
+
+module Faye
+  class WebSocket
+
+    SSLError = Class.new(OpenSSL::SSL::SSLError)
+
+    class SslVerifier
+      def initialize(hostname, ssl_opts)
+        @hostname   = hostname
+        @ssl_opts   = ssl_opts
+        @cert_store = OpenSSL::X509::Store.new
+
+        if root = @ssl_opts[:root_cert_file]
+          [root].flatten.each { |ca_path| @cert_store.add_file(ca_path) }
+        else
+          @cert_store.set_default_paths
+        end
+      end
+
+      def ssl_verify_peer(cert_text)
+        return true unless should_verify?
+
+        certificate = parse_cert(cert_text)
+        return false unless certificate
+
+        unless @cert_store.verify(certificate)
+          raise SSLError, "Unable to verify the server certificate for '#{ @hostname }'"
+        end
+
+        store_cert(certificate)
+        @last_cert = certificate
+
+        true
+      end
+
+      def ssl_handshake_completed
+        return unless should_verify?
+
+        unless identity_verified?
+          raise SSLError, "Host '#{ @hostname }' does not match the server certificate"
+        end
+      end
+
+    private
+
+      def should_verify?
+        @ssl_opts[:verify_peer] != false
+      end
+
+      def parse_cert(cert_text)
+        OpenSSL::X509::Certificate.new(cert_text)
+      rescue OpenSSL::X509::CertificateError
+        nil
+      end
+
+      def store_cert(certificate)
+        @cert_store.add_cert(certificate)
+      rescue OpenSSL::X509::StoreError => error
+        raise error unless error.message == 'cert already in hash table'
+      end
+
+      def identity_verified?
+        @last_cert and OpenSSL::SSL.verify_certificate_identity(@last_cert, @hostname)
+      end
+    end
+
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: faye-websocket
 version: !ruby/object:Gem::Version
-  version: 0.10.6
+  version: 0.11.1
 platform: ruby
 authors:
 - James Coglan
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-01-22 00:00:00.000000000 Z
+date: 2021-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: eventmachine
@@ -66,20 +66,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: public_suffix
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: 1.5.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: 1.5.0
 - !ruby/object:Gem::Dependency
   name: puma
   requirement: !ruby/object:Gem::Requirement
@@ -137,45 +123,51 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.2.0
 - !ruby/object:Gem::Dependency
-  name: rainbows
+  name: thin
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 4.4.0
+        version: 1.2.0
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 4.4.0
+        version: 1.2.0
+    - - ">"
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: thin
+  name: rainbows
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.0
+        version: 4.4.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.2.0
+        version: 4.4.0
 - !ruby/object:Gem::Dependency
   name: goliath
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - ">"
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - ">"
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
@@ -192,7 +184,7 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 4.0.0
-description: 
+description:
 email: jcoglan@gmail.com
 executables: []
 extensions: []
@@ -200,17 +192,8 @@ extra_rdoc_files:
 - README.md
 files:
 - CHANGELOG.md
+- LICENSE.md
 - README.md
-- examples/app.rb
-- examples/autobahn_client.rb
-- examples/client.rb
-- examples/config.ru
-- examples/haproxy.conf
-- examples/proxy_server.rb
-- examples/rainbows.conf
-- examples/server.rb
-- examples/sse.html
-- examples/ws.html
 - lib/faye/adapters/goliath.rb
 - lib/faye/adapters/rainbows.rb
 - lib/faye/adapters/rainbows_client.rb
@@ -223,11 +206,12 @@ files:
 - lib/faye/websocket/api/event.rb
 - lib/faye/websocket/api/event_target.rb
 - lib/faye/websocket/client.rb
+- lib/faye/websocket/ssl_verifier.rb
 homepage: https://github.com/faye/faye-websocket-ruby
 licenses:
-- MIT
+- Apache-2.0
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options:
 - "--main"
 - README.md
@@ -246,9 +230,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.8
-signing_key: 
+rubygems_version: 3.1.6
+signing_key:
 specification_version: 4
 summary: Standards-compliant WebSocket server and client
 test_files: []