ipaccess 0.0.4 → 1.2.0

data/lib/ipaccess/patches/net_pop.rb

@@ -0,0 +1,171 @@
+# encoding: utf-8
+#
+# Author::    Paweł Wilk (mailto:pw@gnu.org)
+# Copyright:: Copyright (c) 2009-2014 by Paweł Wilk
+# License::   This program is licensed under the terms of {GNU Lesser General Public License}[link:docs/LGPL.html] or {Ruby License}[link:docs/COPYING.html].
+# 
+# Modules contained in this file are meant for
+# patching Ruby's Net::POP3 class in order to add
+# IP access control to it. It is also used
+# to create variant of Net::POP3 class
+# with IP access control.
+# 
+#--
+# 
+# Copyright (C) 2009 by Paweł Wilk. All Rights Reserved.
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of either: 1) the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version; or 2) Ruby's License.
+# 
+# See the file COPYING for complete licensing information.
+#
+#++
+# 
+
+require 'socket'
+require 'net/pop'
+require 'ipaccess/ip_access_errors'
+require 'ipaccess/patches/generic'
+require 'ipaccess/patches/sockets'
+
+# :stopdoc:
+
+module IPAccess::Patches::Net
+  
+  ###################################################################
+  # Net::POP3 class with IP access control.
+  # It uses output access lists.
+  
+  module POP3
+    
+    include IPAccess::Patches::ACL
+    
+    def self.included(base)
+      
+      marker = (base.name =~ /IPAccess/) ? base.superclass : base
+      return if marker.instance_variable_defined?(:@uses_ipaccess)    
+      base.instance_variable_set(:@uses_ipaccess, true)
+      
+      base.class_eval do
+        
+        # CLASS METHODS
+        unless (base.name.nil? && base.class.name == "Class")
+          (class << self; self; end).class_eval do
+            
+            # overwrite POP3.start()
+            define_method :__ipacall__start do |block, address, *args|
+              late_on_deny = nil
+              args.delete_if { |x| late_on_deny = x if (x.is_a?(Symbol) && x == :opened_on_deny) }
+              args.pop if args.last.nil?
+              late_acl = IPAccess.valid_acl?(args.last) ? args.pop : :global
+              port, account, password, isapop = *args
+              isapop = false if isapop.nil?
+              obj = new(address, port, isapop, late_acl, late_on_deny)
+              obj.start(account, password, &block)
+            end
+            
+            # block passing wrapper for Ruby 1.8
+            def start(address, *args, &block)
+              __ipacall__start(block, address, *args)
+            end
+            
+            # overwrite POP3.delete_all()
+            define_method :__ipacall__delete_all do |block, address, *args|
+              start(address, *args) { |pop|
+                pop.delete_all(&block)
+              }
+            end
+            
+            # block passing wrapper for Ruby 1.8
+            def delete_all(address, *args, &block)
+              __ipacall__delete_all(block, address, *args)
+            end
+            
+            # overwrite POP3.auth_only()
+            define_method :auth_only do |address, *args|
+              port, account, password, isapop, late_acl = *args
+              new(address, port, isapop, late_acl).auth_only account, password
+            end        
+            
+            # overwrite POP3.foreach()
+            define_method :__ipacall__foreach do |block, address, *args|
+              start(address, *args) { |pop|
+                pop.each_mail(&block)
+              }
+            end
+            
+            # block passing wrapper for Ruby 1.8
+            def foreach(address, *args, &block)
+              __ipacall__foreach(block, address, *args)
+            end
+            
+      	  end
+      	
+    	  end # class methods
+        
+        orig_initialize       = self.instance_method :initialize
+        orig_do_start         = self.instance_method :do_start
+        orig_on_connect       = self.instance_method :on_connect
+        
+        # initialize on steroids.
+        define_method  :initialize do |addr, *args|
+          @opened_on_deny = false
+          args.delete_if { |x| @opened_on_deny = true if (x.is_a?(Symbol) && x == :opened_on_deny) }
+          args.pop if args.last.nil?
+          self.acl = IPAccess.valid_acl?(args.last) ? args.pop : :global
+          obj = orig_initialize.bind(self).call(addr, *args)
+          self.acl_recheck
+          return obj
+        end
+        
+        # start on steroids.
+        define_method :do_start do |account, password|
+          prev_addr = @address
+          ipaddr = ::TCPSocket.getaddress(@address)
+          real_acl.output.check_ipstring(ipaddr, self)
+          @address = ipaddr
+          ret = orig_do_start.bind(self).call(account, password)
+          @address = prev_addr
+          self.acl_recheck
+          return ret
+        end
+        
+        # on_connect on steroids.
+        define_method :on_connect do
+          acl_recheck
+          orig_on_connect.bind(self).call
+        end
+        
+        # This method returns default access list indicator
+        # used by protected object; in this case it's +:output+.
+        define_method :default_list do
+          :output
+        end
+                
+        # this hook will be called each time @acl is reassigned
+        define_method :acl_recheck do
+          try_arm_and_check_socket @socket
+          nil
+        end
+        
+        # this hook terminates connection
+        define_method :terminate do
+          self.finish if started?
+          nil
+        end
+                
+      end # base.class_eval
+
+    end # self.included
+    
+  end # module POP3
+  
+  # patching APOP works the same way as patching POP3
+  APOP = :POP3
+  
+end # module IPAccess::Patches
+
+# :startdoc:
+

data/lib/ipaccess/patches/net_smtp.rb

@@ -0,0 +1,130 @@
+# encoding: utf-8
+#
+# Author::    Paweł Wilk (mailto:pw@gnu.org)
+# Copyright:: Copyright (c) 2009-2014 by Paweł Wilk
+# License::   This program is licensed under the terms of {GNU Lesser General Public License}[link:docs/LGPL.html] or {Ruby License}[link:docs/COPYING.html].
+# 
+# Modules contained in this file are meant for
+# patching Ruby's Net::SMTP class in order to add
+# IP access control to it. It is also used
+# to create variant of Net::SMTP class
+# with IP access control.
+# 
+#--
+# 
+# Copyright (C) 2009 by Paweł Wilk. All Rights Reserved.
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of either: 1) the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version; or 2) Ruby's License.
+# 
+# See the file COPYING for complete licensing information.
+#
+#++
+# 
+
+require 'socket'
+require 'net/smtp'
+require 'ipaccess/ip_access_errors'
+require 'ipaccess/patches/generic'
+require 'ipaccess/patches/sockets'
+
+# :stopdoc:
+
+module IPAccess::Patches::Net
+  
+  ###################################################################
+  # Net::SMTP class with IP access control.
+  # It uses output access lists.
+  
+  module SMTP
+    
+    include IPAccess::Patches::ACL
+    
+    def self.included(base)
+      
+      marker = (base.name =~ /IPAccess/) ? base.superclass : base
+      return if marker.instance_variable_defined?(:@uses_ipaccess)    
+      base.instance_variable_set(:@uses_ipaccess, true)
+      
+      base.class_eval do
+        
+        # CLASS METHODS
+        unless (base.name.nil? && base.class.name == "Class")
+          (class << self; self; end).class_eval do
+            
+            # overwrite SMTP.start()
+            define_method :__ipacall__start do |block, address, *args|
+              late_on_deny = nil
+              args.delete_if { |x| late_on_deny = x if (x.is_a?(Symbol) && x == :opened_on_deny) }
+              args.pop if args.last.nil?
+              late_acl = IPAccess.valid_acl?(args.last) ? args.smtp : :global
+              port, helo, user, secret, authtype = *args
+              obj = new(address, port, late_acl, late_on_deny)
+              obj.start(helo, user, secret, authtype, &block)
+            end
+            
+            # block passing wrapper for Ruby 1.8
+            def start(address, *args, &block)
+              __ipacall__start(block, address, *args)
+            end
+                        
+      	  end
+      	
+    	  end # class methods
+        
+        orig_initialize       = self.instance_method :initialize
+        orig_do_start         = self.instance_method :do_start
+        
+        # initialize on steroids.
+        define_method  :initialize do |addr, *args|
+          @opened_on_deny = false
+          args.delete_if { |x| @opened_on_deny = true if (x.is_a?(Symbol) && x == :opened_on_deny) }
+          args.pop if args.last.nil?
+          self.acl = IPAccess.valid_acl?(args.last) ? args.pop : :global
+          obj = orig_initialize.bind(self).call(addr, *args)
+          self.acl_recheck
+          return obj
+        end
+        
+        # start on steroids.
+        define_method :do_start do |helo_domain, user, secret, authtype|
+          prev_addr = @address
+          ipaddr = ::TCPSocket.getaddress(@address)
+          real_acl.output.check_ipstring(ipaddr, self)
+          @address = ipaddr
+          ret = orig_do_start.bind(self).call(helo_domain, user, secret, authtype)
+          @address = prev_addr
+          self.acl_recheck
+          return ret
+        end
+        private :do_start
+        
+        # This method returns default access list indicator
+        # used by protected object; in this case it's +:output+.
+        define_method :default_list do
+          :output
+        end
+        
+        # this hook will be called each time @acl is reassigned
+        define_method :acl_recheck do
+          try_arm_and_check_socket @socket
+          nil
+        end
+        
+        # this hook terminates connection
+        define_method :terminate do
+          self.finish if started?
+        end
+                
+      end # base.class_eval
+
+    end # self.included
+    
+  end # module SMTP
+  
+end # module IPAccess::Patches
+
+# :startdoc:
+

data/lib/ipaccess/patches/net_telnet.rb

@@ -0,0 +1,103 @@
+# encoding: utf-8
+#
+# Author::    Paweł Wilk (mailto:pw@gnu.org)
+# Copyright:: Copyright (c) 2009-2014 by Paweł Wilk
+# License::   This program is licensed under the terms of {GNU Lesser General Public License}[link:docs/LGPL.html] or {Ruby License}[link:docs/COPYING.html].
+# 
+# Modules contained in this file are meant for
+# patching Ruby's Net::Telnet class in order to add
+# IP access control to it. It is also used
+# to create variant of Net::Telnet class
+# with IP access control.
+# 
+#--
+# 
+# Copyright (C) 2009 by Paweł Wilk. All Rights Reserved.
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of either: 1) the GNU Lesser General Public License
+# as published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version; or 2) Ruby's License.
+# 
+# See the file COPYING for complete licensing information.
+#
+#++
+# 
+
+require 'socket'
+require 'net/telnet'
+require 'ipaccess/ip_access_errors'
+require 'ipaccess/patches/generic'
+require 'ipaccess/patches/sockets'
+
+# :stopdoc:
+
+module IPAccess::Patches::Net
+  
+  ###################################################################
+  # Net::Telnet class with IP access control.
+  # It uses output access lists.
+  
+  module Telnet
+    
+    include IPAccess::Patches::ACL
+    
+    def self.included(base)
+      
+      marker = (base.name =~ /IPAccess/) ? base.superclass : base
+      return if marker.instance_variable_defined?(:@uses_ipaccess)    
+      base.instance_variable_set(:@uses_ipaccess, true)
+      
+      base.class_eval do
+        
+        orig_initialize     = self.instance_method :initialize
+        
+        # initialize on steroids.
+        define_method  :__ipacall__initialize do |block, *args|
+          @opened_on_deny = false
+          args.delete_if { |x| @opened_on_deny = true if (x.is_a?(Symbol) && x == :opened_on_deny) }
+          args.pop if args.last.nil?
+          options = args.first
+          options["ACL"] = args.pop if (IPAccess.valid_acl?(args.last) && options.is_a?(Hash))
+          options["Host"] = "localhost" unless options.has_key?("Host")
+          self.acl = IPAccess.valid_acl?(options["ACL"]) ? options["ACL"] : :global
+          options["Host"] = ::TCPSocket.getaddress(options["Host"])
+          self.acl.output.check_ipstring(options["Host"], :none)
+          args[0] = options
+          ret = orig_initialize.bind(self).call(*args, &block)
+          self.acl_recheck
+          return ret
+        end
+        
+        # This method returns default access list indicator
+        # used by protected object; in this case it's +:output+.
+        define_method :default_list do
+          :output
+        end
+        
+        # this hook terminates connection
+        define_method :terminate do
+          self.close unless self.closed?
+        end
+        
+        # this hook will be called each time @acl is reassigned
+        define_method :acl_recheck do
+          try_arm_and_check_socket @sock
+          nil
+        end
+                
+        # block passing wrapper for Ruby 1.8
+        def initialize(*args, &block)
+          __ipacall__initialize(block, *args)
+        end
+                
+      end # base.class_eval
+
+    end # self.included
+    
+  end # module Telnet
+  
+end # module IPAccess::Patches
+
+# :startdoc:
+

data/lib/ipaccess/{netaddr_patch.rb → patches/netaddr.rb}

@@ -1,8 +1,8 @@
 # encoding: utf-8
 #
 # Author::    Paweł Wilk (mailto:pw@gnu.org)
-# Copyright:: Copyright (c) 2009 Paweł Wilk
-# License::   This program is licensed under the terms of {GNU Lesser General Public License}[link:docs/LGPL-LICENSE.html] or {Ruby License}[link:docs/COPYING.html].
+# Copyright:: Copyright (c) 2009-2014 by Paweł Wilk
+# License::   This program is licensed under the terms of {GNU Lesser General Public License}[link:docs/LGPL.html] or {Ruby License}[link:docs/COPYING.html].
 #  
 # This file extends NetAddr by adding methods
 # that bring some comfort into IPv6 handling.
@@ -22,22 +22,25 @@
 
 require 'netaddr'
 
-# This module contains few new methods extending
-# original NetAddr module.
+# :stopdoc:
+
+# This module contains a few new methods extending
+# original NetAddr[http://netaddr.rubyforge.org/classes/NetAddr.html] module.
 
 module NetAddr
 
-  # :stopdoc:
-  
+  # This class contains methods extending
+  # original CIDR[http://netaddr.rubyforge.org/classes/NetAddr/CIDR.html] class.
+
   class CIDR
   
-    # Returns +true+ if the IP address is an IPv4-mapped IPv6 address.
+    # Returns +true+ if an IP address is IPv4-mapped IPv6 address.
 
     def ipv4_mapped?
       return @version == 6 && (@ip >> 32) == 0xffff
     end
 
-    # Returns +true+ if the IP address is an IPv4-compatible IPv6 address.
+    # Returns +true+ if an IP address is IPv4-compatible IPv6 address.
 
     def ipv4_compat?
       return false if @version != 6
@@ -46,7 +49,7 @@ module NetAddr
       return (a != 0 && a != 1)
     end
 
-    # Returns +true+ if the IP address is an IPv4-compatible or
+    # Returns +true+ if an IP address is IPv4-compatible or
     # IPv4-mapped IPv6 address.
 
     def ipv4_compliant?
@@ -74,6 +77,9 @@ module NetAddr
     
   end # class CIDR
   
+  # This class contains methods extending
+  # original CIDRv4[http://netaddr.rubyforge.org/classes/NetAddr/CIDRv4.html] class.
+  
   class CIDRv4
       
     # Returns a new NetAddr::CIDRv6 object built by converting
@@ -101,6 +107,9 @@ module NetAddr
         
   end # class CIDRv4
 
+  # This class contains methods extending
+  # original CIDRv6[http://netaddr.rubyforge.org/classes/NetAddr/CIDRv6.html] class.
+  
   class CIDRv6
   
     def ipv4
@@ -121,7 +130,7 @@ module NetAddr
     
   end # class CIDRv4
   
-  # :startdoc:
-  
 end # module NetAddr
 
+# :startdoc:
+