RubyGems - net-http-paranoid - Versions diffs - 0.0.1 - Mend

net-http-paranoid 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

data/ChangeLog +2 -0
data/README +55 -0
data/Rakefile +134 -0
data/lib/net/http/paranoid.rb +65 -0
data/spec/net-http-paranoid_spec.rb +57 -0
data/spec/spec.opts +1 -0
metadata +72 -0

data/ChangeLog ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ ChangeLog of http://svn.coderepos.org/share/lang/ruby/net-http-paranoid/trunk
2	+

data/README ADDED Viewed

@@ -0,0 +1,55 @@
+= net-http-paranoid
+This package is port of LWPx::ParanoidAgent
+written by Brad Fitzpatrick.
+== Description
+If you want to access a host which passed by
+unstrusted person, you should be careful not to
+access your LAN computer.
+This enables to control Net::HTTP ACL.
+== Installation
+=== Archive Installation
+	rake install
+=== Gem Installation
+	gem install nethttpparanoid
+== Features/Problems
+* DNS resolv (atodeyaru)
+== Synopsis
+	require "net/http"
+	require "net/http/paranoid"
+	paranoid = Net::HTTP::Paranoid.new
+	paranoid.whitelist << "localhost"
+	paranoid.blacklist << "google.com"
+	uri  = URI("http://google.com/")
+	http = Net::HTTP.new(uri.host, uri.port)
+	# paranoid.wrap raise NotAllowedHostError
+	# if the host is blacklisted or LAN.
+	paranoid.wrap(http).start do |http|
+		# if the host is allowed
+		http.get
+	end
+== Copyright
+Author::    cho45 <cho45@lowreal.net>
+Copyright:: Copyright (c) 2008 cho45
+License::   Ruby's

data/Rakefile ADDED Viewed

@@ -0,0 +1,134 @@
+require 'rubygems'
+require "shipit"
+require 'rake'
+require 'rake/clean'
+require 'rake/testtask'
+require 'rake/packagetask'
+require 'rake/gempackagetask'
+require 'rake/rdoctask'
+require 'rake/contrib/rubyforgepublisher'
+require 'rake/contrib/sshpublisher'
+require 'spec/rake/spectask'
+require 'fileutils'
+include FileUtils
+$LOAD_PATH.unshift "lib"
+require "net/http/paranoid"
+NAME              = "net-http-paranoid"
+AUTHOR            = "cho45"
+EMAIL             = "cho45@lowreal.net"
+DESCRIPTION       = "Safety Net::HTTP"
+RUBYFORGE_PROJECT = "lowreal"
+HOMEPATH          = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"
+BIN_FILES         = %w(  )
+VERS              = Net::HTTP::Paranoid::VERSION
+REV = File.read(".svn/entries")[/committed-rev="(d+)"/, 1] rescue nil
+CLEAN.include ['**/.*.sw?', '*.gem', '.config']
+RDOC_OPTS = [
+	'--title', "#{NAME} documentation",
+	"--charset", "utf-8",
+	"--opname", "index.html",
+	"--line-numbers",
+	"--main", "README",
+	"--inline-source",
+]
+task :default => [:spec]
+task :package => [:clean]
+Spec::Rake::SpecTask.new do |t|
+	t.spec_opts = ['--options', "spec/spec.opts"]
+	t.spec_files = FileList['spec/*_spec.rb']
+	t.rcov = true
+end
+spec = Gem::Specification.new do |s|
+	s.name              = NAME
+	s.version           = VERS
+	s.platform          = Gem::Platform::RUBY
+	s.has_rdoc          = true
+	s.extra_rdoc_files  = ["README", "ChangeLog"]
+	s.rdoc_options     += RDOC_OPTS + ['--exclude', '^(examples|extras)/']
+	s.summary           = DESCRIPTION
+	s.description       = DESCRIPTION
+	s.author            = AUTHOR
+	s.email             = EMAIL
+	s.homepage          = HOMEPATH
+	s.executables       = BIN_FILES
+	s.rubyforge_project = RUBYFORGE_PROJECT
+	s.bindir            = "bin"
+	s.require_path      = "lib"
+	s.autorequire       = ""
+	s.test_files        = Dir["test/test_*.rb"]
+	#s.add_dependency('activesupport', '>=1.3.1')
+	#s.required_ruby_version = '>= 1.8.2'
+	s.files = %w(README ChangeLog Rakefile) +
+		Dir.glob("{bin,doc,spec,test,lib,templates,generator,extras,website,script}/**/*") +
+		Dir.glob("ext/**/*.{h,c,rb}") +
+		Dir.glob("examples/**/*.rb") +
+		Dir.glob("tools/*.rb")
+	s.extensions = FileList["ext/**/extconf.rb"].to_a
+end
+Rake::GemPackageTask.new(spec) do |p|
+	p.need_tar = true
+	p.gem_spec = spec
+end
+task :install do
+	name = "#{NAME}-#{VERS}.gem"
+	sh %{rake package}
+	sh %{sudo gem install pkg/#{name}}
+end
+task :uninstall => [:clean] do
+	sh %{sudo gem uninstall #{NAME}}
+end
+Rake::RDocTask.new do |rdoc|
+	rdoc.rdoc_dir = 'html'
+	rdoc.options += RDOC_OPTS
+	rdoc.template = "resh"
+	#rdoc.template = "#{ENV['template']}.rb" if ENV['template']
+	if ENV['DOC_FILES']
+		rdoc.rdoc_files.include(ENV['DOC_FILES'].split(/,\s*/))
+	else
+		rdoc.rdoc_files.include('README', 'ChangeLog')
+		rdoc.rdoc_files.include('lib/**/*.rb')
+		rdoc.rdoc_files.include('ext/**/*.c')
+	end
+end
+desc "Publish to RubyForge"
+task :rubyforge => [:rdoc, :package] do
+	require 'rubyforge'
+	@local_dir = "html"
+	@host = "cho45@rubyforge.org"
+	@remote_dir = "/var/www/gforge-projects/#{RUBYFORGE_PROJECT}/#{NAME}"
+	sh %{rsync -r --delete --verbose #{@local_dir}/ #{@host}:#{@remote_dir}}
+end
+Rake::ShipitTask.new do |s|
+	s.Step.new {
+		system("svn", "up")
+	}.and {}
+	s.Step.new {
+		raise "changelog-with-hatenastar.rb is not found" unless system("which", "changelog-with-hatenastar.rb")
+	}.and {
+		system("changelog-with-hatenastar.rb > ChangeLog")
+	}
+	s.ChangeVersion "lib/net/http/paranoid.rb", "VERSION"
+	s.Commit
+	s.Task :clean, :package
+	s.RubyForge
+	s.Tag
+	s.Twitter
+	s.Task :rubyforge
+end

data/lib/net/http/paranoid.rb ADDED Viewed

@@ -0,0 +1,65 @@
+require "net/http"
+class Net::HTTP::Paranoid
+	VERSION = "0.0.1"
+	class ParanoidError < StandardError; end
+	class NotAllowedHostError < ParanoidError; end
+	attr_reader :blacklist
+	attr_reader :whitelist
+	def initialize
+		@blacklist = []
+		@whitelist = []
+	end
+	def wrap(http)
+		unless allow?(http.address)
+			raise NotAllowedHostError, "#{http.address} is not allowed host"
+		end
+		http
+	end
+	def allow?(address)
+		[
+			[@whitelist, true], [@blacklist, false]
+		].each do |list, ret|
+			list.each do |a|
+				return ret if a === address
+				name, _, _, ip = TCPSocket.gethostbyname(address)
+				return ret if a === name
+				return ret if a === ip
+			end
+		end
+		!lan?(address)
+	end
+	private
+	def lan?(address)
+		address = Socket.gethostbyname(address)[3]
+		unless address.size == 4
+			# may be IPv6, it is currently denied
+			return true
+		end
+		address = address.unpack("N").first
+		ret = false
+		# From LWPx::ParanoidAgent written by Brad Fitzpatrick.
+		if (address & 0xFF000000) == 0x00000000 || # 0.0.0.0/8
+		   (address & 0xFF000000) == 0x0A000000 || # 10.0.0.0/8
+		   (address & 0xFF000000) == 0x7F000000 || # 127.0.0.0/8
+		   (address & 0xFFF00000) == 0xAC100000 || # 172.16.0.0/12
+		   (address & 0xFFFF0000) == 0xA9FE0000 || # 169.254.0.0/16
+		   (address & 0xFFFF0000) == 0xC0A80000 || # 192.168.0.0/16
+		    address               == 0xFFFFFFFF || # 255.255.255.255
+		   (address & 0xF0000000) == 0xE0000000    # multicast addresses
+			ret = true
+		end
+		ret
+	end
+end

data/spec/net-http-paranoid_spec.rb ADDED Viewed

@@ -0,0 +1,57 @@
+#!/usr/bin/env ruby
+require "uri"
+$LOAD_PATH << "lib"
+$LOAD_PATH << "../lib"
+require "net/http/paranoid"
+describe Net::HTTP::Paranoid do
+	before do
+		@paranoid = Net::HTTP::Paranoid.new
+	end
+	it "should not allow to access LAN" do
+		should_be_blocked = %w(
+			localhost 127.0.0.1 192.168.0.1
+			::1
+		)
+		should_be_blocked.each do |host|
+			proc {
+				@paranoid.wrap(Net::HTTP.new(host))
+			}.should raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+		end
+		proc {
+			@paranoid.wrap(Net::HTTP.new("localhost"))
+		}.should raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+	end
+	it "shoud allow global IP address" do
+		host = "64.233.187.99"
+		proc {
+			@paranoid.wrap(Net::HTTP.new(host))
+		}.should_not raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+	end
+	it "should treat blacklist/whitelist" do
+		@paranoid.whitelist << "localhost"
+		@paranoid.blacklist << "google.com"
+		proc {
+			uri  = URI("http://localhost/")
+			http = Net::HTTP.new(uri.host, uri.port)
+			@paranoid.wrap(http)
+		}.should_not raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+		proc {
+			uri  = URI("http://google.com/")
+			http = Net::HTTP.new(uri.host, uri.port)
+			@paranoid.wrap(http)
+		}.should raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+	end
+end

data/spec/spec.opts ADDED Viewed

	@@ -0,0 +1 @@
1	+ --color

metadata ADDED Viewed

@@ -0,0 +1,72 @@
+--- !ruby/object:Gem::Specification
+name: net-http-paranoid
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- cho45
+autorequire: ""
+bindir: bin
+cert_chain: []
+date: 2008-02-10 00:00:00 +09:00
+default_executable:
+dependencies: []
+description: Safety Net::HTTP
+email: cho45@lowreal.net
+executables: []
+extensions: []
+extra_rdoc_files:
+- README
+- ChangeLog
+files:
+- README
+- ChangeLog
+- Rakefile
+- spec/net-http-paranoid_spec.rb
+- spec/spec.opts
+- lib/net
+- lib/net/http
+- lib/net/http/paranoid.rb
+has_rdoc: true
+homepage: http://lowreal.rubyforge.org
+post_install_message:
+rdoc_options:
+- --title
+- net-http-paranoid documentation
+- --charset
+- utf-8
+- --opname
+- index.html
+- --line-numbers
+- --main
+- README
+- --inline-source
+- --exclude
+- ^(examples|extras)/
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+requirements: []
+rubyforge_project: lowreal
+rubygems_version: 1.0.1
+signing_key:
+specification_version: 2
+summary: Safety Net::HTTP
+test_files: []