protocol-http1 0.20.0 → 0.22.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b49dc6301aa7d4aafb183cd1bea576bda5681e9d911245398c8c0c68ca38b1cc
-  data.tar.gz: b819f86f731d8e68391994e709318460a9c50b64fece83f398868a443faa3a72
+  metadata.gz: 550b6e9b8f04f40fbba30a9260ead61bc1921130b069f8d4f6d7005077da0e61
+  data.tar.gz: 54a8009f974a0292b1500c21f7e8047d5af4d815e7b844fa46ec0d6f6d356fee
 SHA512:
-  metadata.gz: fc1c721b351c094243953896088405b4f3800662ac9539bc599cf7d989a48623243d8e443cba789df43fa88d857cd1bacee8ae1fc520a1e5a8a4846bf23c4276
-  data.tar.gz: c6bcb1f77924b2038167ea8c88cfcfcad9cf7cda91677b09ab2f264ff8f61ef7e782ce0a183144180978fa02a2de5d03bfe3f1f424624e1424efc451724384ba
+  metadata.gz: e44973d7e04933d1e6d3e8d50c98dcc57603fc4cd7491a1ab9ed490ef659551bbf1e0eb425222cc2e61f38b9fc5af864198970505a42750dad8c97bdb68331e7
+  data.tar.gz: 6fba9bb8ac29bc13966bbebed00ca72b60d9214ba1943185e44760abb72ad5b1fa8254f4222951e5bf983263fef015a78ecdca6e6c8396c3c0e9548bade51576

data/lib/protocol/http1/body/chunked.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # Released under the MIT License.
-# Copyright, 2019-2023, by Samuel Williams.
+# Copyright, 2019-2024, by Samuel Williams.
 # Copyright, 2023, by Thomas Morgan.
 
 require 'protocol/http/body/readable'
@@ -23,14 +23,17 @@ module Protocol
 				end
 				
 				def empty?
-					@finished
+					@stream.nil?
 				end
 				
 				def close(error = nil)
-					# We only close the connection if we haven't completed reading the entire body:
-					unless @finished
-						@stream.close
-						@finished = true
+					if @stream
+						# We only close the connection if we haven't completed reading the entire body:
+						unless @finished
+							@stream.close_read
+						end
+						
+						@stream = nil
 					end
 					
 					super
@@ -40,35 +43,42 @@ module Protocol
 				
 				# Follows the procedure outlined in https://tools.ietf.org/html/rfc7230#section-4.1.3
 				def read
-					return nil if @finished
-					
-					length, _extensions = read_line.split(";", 2)
-					
-					unless length =~ VALID_CHUNK_LENGTH
-						raise BadRequest, "Invalid chunk length: #{length.dump}"
-					end
-					
-					# It is possible this line contains chunk extension, so we use `to_i` to only consider the initial integral part:
-					length = Integer(length, 16)
-					
-					if length == 0
-						@finished = true
-						
-						read_trailer
+					if !@finished
+						if @stream
+							length, _extensions = read_line.split(";", 2)
+							
+							unless length =~ VALID_CHUNK_LENGTH
+								raise BadRequest, "Invalid chunk length: #{length.inspect}"
+							end
+							
+							# It is possible this line contains chunk extension, so we use `to_i` to only consider the initial integral part:
+							length = Integer(length, 16)
+							
+							if length == 0
+								read_trailer
+								
+								# The final chunk has been read and the stream is now closed:
+								@stream = nil
+								@finished = true
+								
+								return nil
+							end
+							
+							# Read trailing CRLF:
+							chunk = @stream.read(length + 2)
+							
+							# ...and chomp it off:
+							chunk.chomp!(CRLF)
+							
+							@length += length
+							@count += 1
+							
+							return chunk
+						end
 						
-						return nil
+						# If the stream has been closed before we have read the final chunk, raise an error:
+						raise EOFError, "Stream closed before expected length was read!"
 					end
-					
-					# Read trailing CRLF:
-					chunk = @stream.read(length + 2)
-					
-					# ...and chomp it off:
-					chunk.chomp!(CRLF)
-					
-					@length += length
-					@count += 1
-					
-					return chunk
 				end
 				
 				def inspect
@@ -93,7 +103,7 @@ module Protocol
 						if match = line.match(HEADER)
 							@headers.add(match[1], match[2])
 						else
-							raise BadHeader, "Could not parse header: #{line.dump}"
+							raise BadHeader, "Could not parse header: #{line.inspect}"
 						end
 					end
 				end

data/lib/protocol/http1/body/fixed.rb

@@ -11,6 +11,7 @@ module Protocol
 			class Fixed < HTTP::Body::Readable
 				def initialize(stream, length)
 					@stream = stream
+					
 					@length = length
 					@remaining = length
 				end
@@ -19,13 +20,17 @@ module Protocol
 				attr :remaining
 				
 				def empty?
-					@remaining == 0
+					@stream.nil? or @remaining == 0
 				end
 				
 				def close(error = nil)
-					# If we are closing the body without fully reading it, the underlying connection is now in an undefined state.
-					if @remaining != 0
-						@stream.close
+					if @stream
+						# If we are closing the body without fully reading it, the underlying connection is now in an undefined state.
+						if @remaining != 0
+							@stream.close_read
+						end
+						
+						@stream = nil
 					end
 					
 					super
@@ -34,25 +39,22 @@ module Protocol
 				# @raises EOFError if the stream is closed before the expected length is read.
 				def read
 					if @remaining > 0
-						# `readpartial` will raise `EOFError` if the stream is closed/finished:
-						if chunk = @stream.readpartial(@remaining)
-							@remaining -= chunk.bytesize
-							
-							return chunk
+						if @stream
+							# `readpartial` will raise `EOFError` if the stream is finished, or `IOError` if the stream is closed.
+							if chunk = @stream.readpartial(@remaining)
+								@remaining -= chunk.bytesize
+								
+								return chunk
+							end
 						end
+						
+						# If the stream has been closed before we have read the expected length, raise an error:
+						raise EOFError, "Stream closed before expected length was read!"
 					end
 				end
 				
-				def join
-					buffer = @stream.read(@remaining)
-					
-					@remaining = 0
-					
-					return buffer
-				end
-				
 				def inspect
-					"\#<#{self.class} length=#{@length} remaining=#{@remaining}>"
+					"\#<#{self.class} length=#{@length} remaining=#{@remaining} state=#{@stream ? 'open' : 'closed'}>"
 				end
 			end
 		end

data/lib/protocol/http1/body/remainder.rb

@@ -8,53 +8,39 @@ require 'protocol/http/body/readable'
 module Protocol
 	module HTTP1
 		module Body
+			# A body that reads all remaining data from the stream.
 			class Remainder < HTTP::Body::Readable
 				BLOCK_SIZE = 1024 * 64
 				
 				# block_size may be removed in the future. It is better managed by stream.
 				def initialize(stream)
 					@stream = stream
-					@empty = false
 				end
 				
 				def empty?
-					@empty or @stream.closed?
+					@stream.nil?
 				end
 				
 				def close(error = nil)
-					# We can't really do anything in this case except close the connection.
-					@stream.close
-					@empty = true
+					if @stream
+						# We can't really do anything in this case except close the connection.
+						@stream.close_read
+						@stream = nil
+					end
 					
 					super
 				end
 				
-				# TODO this is a bit less efficient in order to maintain compatibility with `IO`.
 				def read
-					@stream.readpartial(BLOCK_SIZE)
+					@stream&.readpartial(BLOCK_SIZE)
 				rescue EOFError, IOError
-					@empty = true
-					
+					@stream = nil
 					# I noticed that in some cases you will get EOFError, and in other cases IOError!?
 					return nil
 				end
 				
-				def call(stream)
-					self.each do |chunk|
-						stream.write(chunk)
-					end
-					
-					stream.flush
-				end
-				
-				def join
-					@stream.read
-				ensure
-					@empty = true
-				end
-				
 				def inspect
-					"\#<#{self.class} #{@stream.closed? ? 'closed' : 'open'}>"
+					"\#<#{self.class} state=#{@stream ? 'open' : 'closed'}>"
 				end
 			end
 		end

data/lib/protocol/http1/connection.rb

@@ -4,7 +4,7 @@
 # Copyright, 2019-2024, by Samuel Williams.
 # Copyright, 2019, by Brian Morearty.
 # Copyright, 2020, by Bruno Sutic.
-# Copyright, 2023, by Thomas Morgan.
+# Copyright, 2023-2024, by Thomas Morgan.
 # Copyright, 2024, by Anton Zhuravsky.
 
 require 'protocol/http/headers'
@@ -105,7 +105,7 @@ module Protocol
 			def write_upgrade_header(upgrade)
 				@stream.write("connection: upgrade\r\nupgrade: #{upgrade}\r\n")
 			end
-
+			
 			# Indicates whether the connection has been hijacked meaning its
 			# IO has been handed over and is not usable anymore.
 			# @return [Boolean] hijack status
@@ -240,7 +240,7 @@ module Protocol
 					if match = line.match(HEADER)
 						fields << [match[1], match[2]]
 					else
-						raise BadHeader, "Could not parse header: #{line.dump}"
+						raise BadHeader, "Could not parse header: #{line.inspect}"
 					end
 				end
 				
@@ -423,6 +423,7 @@ module Protocol
 			end
 			
 			def read_remainder_body
+				@persistent = false
 				Body::Remainder.new(@stream)
 			end
 			
@@ -434,6 +435,12 @@ module Protocol
 				read_remainder_body
 			end
 			
+			def read_upgrade_body
+				# When you have an incoming upgrade request body, we must be extremely careful not to start reading it until the upgrade has been confirmed, otherwise if the upgrade was rejected and we started forwarding the incoming request body, it would desynchronize the connection (potential security issue).
+				# We mitigate this issue by setting @persistent to false, which will prevent the connection from being reused, even if the upgrade fails (potential performance issue).
+				read_remainder_body
+			end
+			
 			HEAD = "HEAD"
 			CONNECT = "CONNECT"
 			
@@ -444,7 +451,7 @@ module Protocol
 					if content_length =~ VALID_CONTENT_LENGTH
 						yield Integer(content_length, 10)
 					else
-						raise BadRequest, "Invalid content length: #{content_length.dump}"
+						raise BadRequest, "Invalid content length: #{content_length.inspect}"
 					end
 				end
 			end
@@ -469,6 +476,10 @@ module Protocol
 					return nil
 				end
 				
+				if status == 101
+					return read_upgrade_body
+				end
+				
 				if (status >= 100 and status < 200) or status == 204 or status == 304
 					return nil
 				end
@@ -495,6 +506,11 @@ module Protocol
 					return read_tunnel_body
 				end
 				
+				# A successful upgrade response implies that the connection will become a tunnel immediately after the empty line that concludes the header fields.
+				if headers[UPGRADE]
+					return read_upgrade_body
+				end
+				
 				# 6.  If this is a request message and none of the above are true, then
 				# the message body length is zero (no message body is present).
 				return read_body(headers)

data/lib/protocol/http1/version.rb

@@ -5,6 +5,6 @@
 
 module Protocol
 	module HTTP1
-		VERSION = "0.20.0"
+		VERSION = "0.22.0"
 	end
 end

data/license.md

@@ -4,7 +4,7 @@ Copyright, 2019-2024, by Samuel Williams.
 Copyright, 2019, by Brian Morearty.  
 Copyright, 2020, by Olle Jonsson.  
 Copyright, 2020, by Bruno Sutic.  
-Copyright, 2023, by Thomas Morgan.  
+Copyright, 2023-2024, by Thomas Morgan.  
 Copyright, 2024, by Anton Zhuravsky.  
 
 Permission is hereby granted, free of charge, to any person obtaining a copy

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: protocol-http1
 version: !ruby/object:Gem::Version
-  version: 0.20.0
+  version: 0.22.0
 platform: ruby
 authors:
 - Samuel Williams
@@ -42,7 +42,7 @@ cert_chain:
   Q2K9NVun/S785AP05vKkXZEFYxqG6EW012U4oLcFl5MySFajYXRYbuUpH6AY+HP8
   voD0MPg1DssDLKwXyt1eKD/+Fq0bFWhwVM/1XiAXL7lyYUyOq24KHgQ2Csg=
   -----END CERTIFICATE-----
-date: 2024-08-26 00:00:00.000000000 Z
+date: 2024-09-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: protocol-http