RubyGems - net-http-paranoid - Versions diffs - 0.0.1 - Mend

net-http-paranoid 0.0.1

Files changed (7) hide show

data/ChangeLog +2 -0
data/README +55 -0
data/Rakefile +134 -0
data/lib/net/http/paranoid.rb +65 -0
data/spec/net-http-paranoid_spec.rb +57 -0
data/spec/spec.opts +1 -0
metadata +72 -0

data/ChangeLog ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ ChangeLog of http://svn.coderepos.org/share/lang/ruby/net-http-paranoid/trunk
2	+

data/README ADDED Viewed

@@ -0,0 +1,55 @@
+= net-http-paranoid
+This package is port of LWPx::ParanoidAgent
+written by Brad Fitzpatrick.
+== Description
+If you want to access a host which passed by
+unstrusted person, you should be careful not to
+access your LAN computer.
+This enables to control Net::HTTP ACL.
+== Installation
+=== Archive Installation
+	rake install
+=== Gem Installation
+	gem install nethttpparanoid
+== Features/Problems
+* DNS resolv (atodeyaru)
+== Synopsis
+	require "net/http"
+	require "net/http/paranoid"
+	paranoid = Net::HTTP::Paranoid.new
+	paranoid.whitelist << "localhost"
+	paranoid.blacklist << "google.com"
+	uri  = URI("http://google.com/")
+	http = Net::HTTP.new(uri.host, uri.port)
+	# paranoid.wrap raise NotAllowedHostError
+	# if the host is blacklisted or LAN.
+	paranoid.wrap(http).start do |http|
+		# if the host is allowed
+		http.get
+	end
+== Copyright
+Author::    cho45 <cho45@lowreal.net>
+Copyright:: Copyright (c) 2008 cho45
+License::   Ruby's

data/Rakefile ADDED Viewed

@@ -0,0 +1,134 @@
+require 'rubygems'
+require "shipit"
+require 'rake'
+require 'rake/clean'
+require 'rake/testtask'
+require 'rake/packagetask'
+require 'rake/gempackagetask'
+require 'rake/rdoctask'
+require 'rake/contrib/rubyforgepublisher'
+require 'rake/contrib/sshpublisher'
+require 'spec/rake/spectask'
+require 'fileutils'
+include FileUtils
+$LOAD_PATH.unshift "lib"
+require "net/http/paranoid"
+NAME              = "net-http-paranoid"
+AUTHOR            = "cho45"
+EMAIL             = "cho45@lowreal.net"
+DESCRIPTION       = "Safety Net::HTTP"
+RUBYFORGE_PROJECT = "lowreal"
+HOMEPATH          = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"
+BIN_FILES         = %w(  )
+VERS              = Net::HTTP::Paranoid::VERSION
+REV = File.read(".svn/entries")[/committed-rev="(d+)"/, 1] rescue nil
+CLEAN.include ['**/.*.sw?', '*.gem', '.config']
+RDOC_OPTS = [
+	'--title', "#{NAME} documentation",
+	"--charset", "utf-8",
+	"--opname", "index.html",
+	"--line-numbers",
+	"--main", "README",
+	"--inline-source",
+]
+task :default => [:spec]
+task :package => [:clean]
+Spec::Rake::SpecTask.new do |t|
+	t.spec_opts = ['--options', "spec/spec.opts"]
+	t.spec_files = FileList['spec/*_spec.rb']
+	t.rcov = true
+end
+spec = Gem::Specification.new do |s|
+	s.name              = NAME
+	s.version           = VERS
+	s.platform          = Gem::Platform::RUBY
+	s.has_rdoc          = true
+	s.extra_rdoc_files  = ["README", "ChangeLog"]
+	s.rdoc_options     += RDOC_OPTS + ['--exclude', '^(examples|extras)/']
+	s.summary           = DESCRIPTION
+	s.description       = DESCRIPTION
+	s.author            = AUTHOR
+	s.email             = EMAIL
+	s.homepage          = HOMEPATH
+	s.executables       = BIN_FILES
+	s.rubyforge_project = RUBYFORGE_PROJECT
+	s.bindir            = "bin"
+	s.require_path      = "lib"
+	s.autorequire       = ""
+	s.test_files        = Dir["test/test_*.rb"]
+	#s.add_dependency('activesupport', '>=1.3.1')
+	#s.required_ruby_version = '>= 1.8.2'
+	s.files = %w(README ChangeLog Rakefile) +
+		Dir.glob("{bin,doc,spec,test,lib,templates,generator,extras,website,script}/**/*") +
+		Dir.glob("ext/**/*.{h,c,rb}") +
+		Dir.glob("examples/**/*.rb") +
+		Dir.glob("tools/*.rb")
+	s.extensions = FileList["ext/**/extconf.rb"].to_a
+end
+Rake::GemPackageTask.new(spec) do |p|
+	p.need_tar = true
+	p.gem_spec = spec
+end
+task :install do
+	name = "#{NAME}-#{VERS}.gem"
+	sh %{rake package}
+	sh %{sudo gem install pkg/#{name}}
+end
+task :uninstall => [:clean] do
+	sh %{sudo gem uninstall #{NAME}}
+end
+Rake::RDocTask.new do |rdoc|
+	rdoc.rdoc_dir = 'html'
+	rdoc.options += RDOC_OPTS
+	rdoc.template = "resh"
+	#rdoc.template = "#{ENV['template']}.rb" if ENV['template']
+	if ENV['DOC_FILES']
+		rdoc.rdoc_files.include(ENV['DOC_FILES'].split(/,\s*/))
+	else
+		rdoc.rdoc_files.include('README', 'ChangeLog')
+		rdoc.rdoc_files.include('lib/**/*.rb')
+		rdoc.rdoc_files.include('ext/**/*.c')
+	end
+end
+desc "Publish to RubyForge"
+task :rubyforge => [:rdoc, :package] do
+	require 'rubyforge'
+	@local_dir = "html"
+	@host = "cho45@rubyforge.org"
+	@remote_dir = "/var/www/gforge-projects/#{RUBYFORGE_PROJECT}/#{NAME}"
+	sh %{rsync -r --delete --verbose #{@local_dir}/ #{@host}:#{@remote_dir}}
+end
+Rake::ShipitTask.new do |s|
+	s.Step.new {
+		system("svn", "up")
+	}.and {}
+	s.Step.new {
+		raise "changelog-with-hatenastar.rb is not found" unless system("which", "changelog-with-hatenastar.rb")
+	}.and {
+		system("changelog-with-hatenastar.rb > ChangeLog")
+	}
+	s.ChangeVersion "lib/net/http/paranoid.rb", "VERSION"
+	s.Commit
+	s.Task :clean, :package
+	s.RubyForge
+	s.Tag
+	s.Twitter
+	s.Task :rubyforge
+end

data/lib/net/http/paranoid.rb ADDED Viewed

@@ -0,0 +1,65 @@
+require "net/http"
+class Net::HTTP::Paranoid
+	VERSION = "0.0.1"
+	class ParanoidError < StandardError; end
+	class NotAllowedHostError < ParanoidError; end
+	attr_reader :blacklist
+	attr_reader :whitelist
+	def initialize
+		@blacklist = []
+		@whitelist = []
+	end
+	def wrap(http)
+		unless allow?(http.address)
+			raise NotAllowedHostError, "#{http.address} is not allowed host"
+		end
+		http
+	end
+	def allow?(address)
+		[
+			[@whitelist, true], [@blacklist, false]
+		].each do |list, ret|
+			list.each do |a|
+				return ret if a === address
+				name, _, _, ip = TCPSocket.gethostbyname(address)
+				return ret if a === name
+				return ret if a === ip
+			end
+		end
+		!lan?(address)
+	end
+	private
+	def lan?(address)
+		address = Socket.gethostbyname(address)[3]
+		unless address.size == 4
+			# may be IPv6, it is currently denied
+			return true
+		end
+		address = address.unpack("N").first
+		ret = false
+		# From LWPx::ParanoidAgent written by Brad Fitzpatrick.
+		if (address & 0xFF000000) == 0x00000000 || # 0.0.0.0/8
+		   (address & 0xFF000000) == 0x0A000000 || # 10.0.0.0/8
+		   (address & 0xFF000000) == 0x7F000000 || # 127.0.0.0/8
+		   (address & 0xFFF00000) == 0xAC100000 || # 172.16.0.0/12
+		   (address & 0xFFFF0000) == 0xA9FE0000 || # 169.254.0.0/16
+		   (address & 0xFFFF0000) == 0xC0A80000 || # 192.168.0.0/16
+		    address               == 0xFFFFFFFF || # 255.255.255.255
+		   (address & 0xF0000000) == 0xE0000000    # multicast addresses
+			ret = true
+		end
+		ret
+	end
+end

data/spec/net-http-paranoid_spec.rb ADDED Viewed

@@ -0,0 +1,57 @@
+#!/usr/bin/env ruby
+require "uri"
+$LOAD_PATH << "lib"
+$LOAD_PATH << "../lib"
+require "net/http/paranoid"
+describe Net::HTTP::Paranoid do
+	before do
+		@paranoid = Net::HTTP::Paranoid.new
+	end
+	it "should not allow to access LAN" do
+		should_be_blocked = %w(
+			localhost 127.0.0.1 192.168.0.1
+			::1
+		)
+		should_be_blocked.each do |host|
+			proc {
+				@paranoid.wrap(Net::HTTP.new(host))
+			}.should raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+		end
+		proc {
+			@paranoid.wrap(Net::HTTP.new("localhost"))
+		}.should raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+	end
+	it "shoud allow global IP address" do
+		host = "64.233.187.99"
+		proc {
+			@paranoid.wrap(Net::HTTP.new(host))
+		}.should_not raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+	end
+	it "should treat blacklist/whitelist" do
+		@paranoid.whitelist << "localhost"
+		@paranoid.blacklist << "google.com"
+		proc {
+			uri  = URI("http://localhost/")
+			http = Net::HTTP.new(uri.host, uri.port)
+			@paranoid.wrap(http)
+		}.should_not raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+		proc {
+			uri  = URI("http://google.com/")
+			http = Net::HTTP.new(uri.host, uri.port)
+			@paranoid.wrap(http)
+		}.should raise_error(Net::HTTP::Paranoid::NotAllowedHostError)
+	end
+end

data/spec/spec.opts ADDED Viewed

	@@ -0,0 +1 @@
1	+ --color

metadata ADDED Viewed

@@ -0,0 +1,72 @@
+--- !ruby/object:Gem::Specification
+name: net-http-paranoid
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- cho45
+autorequire: ""
+bindir: bin
+cert_chain: []
+date: 2008-02-10 00:00:00 +09:00
+default_executable:
+dependencies: []
+description: Safety Net::HTTP
+email: cho45@lowreal.net
+executables: []
+extensions: []
+extra_rdoc_files:
+- README
+- ChangeLog
+files:
+- README
+- ChangeLog
+- Rakefile
+- spec/net-http-paranoid_spec.rb
+- spec/spec.opts
+- lib/net
+- lib/net/http
+- lib/net/http/paranoid.rb
+has_rdoc: true
+homepage: http://lowreal.rubyforge.org
+post_install_message:
+rdoc_options:
+- --title
+- net-http-paranoid documentation
+- --charset
+- utf-8
+- --opname
+- index.html
+- --line-numbers
+- --main
+- README
+- --inline-source
+- --exclude
+- ^(examples|extras)/
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+  version:
+requirements: []
+rubyforge_project: lowreal
+rubygems_version: 1.0.1
+signing_key:
+specification_version: 2
+summary: Safety Net::HTTP
+test_files: []