pushyd 0.21.0 → 0.22.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +5 -5
- data/bin/pushyd +8 -1
- data/lib/pushyd/constants.rb +4 -4
- data/lib/pushyd/consumer.rb +3 -3
- data/lib/pushyd/proxy.rb +7 -2
- data/lib/pushyd.rb +0 -1
- data/lib/shared/hmac_signature.rb +45 -51
- data/pushyd.gemspec +1 -1
- metadata +2 -3
- data/lib/pushyd/daemon.rb +0 -20
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fd36ea01bb992654b0c3a791e49baa77b0e66140
|
4
|
+
data.tar.gz: 1ee9dd52f747456503f799bd98cee05f5f90e66a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: fcd38ca1879c702300a43ff3c64568bb738419111b8fe10f4b4307dea965853bfd382616b2384f7730f1409e10694813d5242f851ed8a24cbf2aa266b9c71f11
|
7
|
+
data.tar.gz: e0924559663f6d9accde4e22cf7f09c0fedcc801b9b55546651c6e235d042325fc87791700c0546e37ce3d1d4f08736c462cb6405663cc7a5b938c6e44693a43
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
pushyd (0.
|
4
|
+
pushyd (0.22.0)
|
5
5
|
api-auth
|
6
6
|
bmc-daemon-lib (~> 0.4.3)
|
7
7
|
bunny (~> 2.3)
|
@@ -36,7 +36,7 @@ GEM
|
|
36
36
|
http-cookie (~> 1.0)
|
37
37
|
http-form_data (~> 1.0.1)
|
38
38
|
http_parser.rb (~> 0.6.0)
|
39
|
-
http-cookie (1.0.
|
39
|
+
http-cookie (1.0.3)
|
40
40
|
domain_name (~> 0.5)
|
41
41
|
http-form_data (1.0.1)
|
42
42
|
http_parser.rb (0.6.0)
|
@@ -44,7 +44,7 @@ GEM
|
|
44
44
|
mime-types (2.99.3)
|
45
45
|
multi_json (1.12.1)
|
46
46
|
netrc (0.11.0)
|
47
|
-
newrelic_rpm (3.16.
|
47
|
+
newrelic_rpm (3.16.3.323)
|
48
48
|
parser (2.3.1.4)
|
49
49
|
ast (~> 2.2)
|
50
50
|
powerpack (0.1.1)
|
@@ -54,13 +54,13 @@ GEM
|
|
54
54
|
http-cookie (>= 1.0.2, < 2.0)
|
55
55
|
mime-types (>= 1.16, < 3.0)
|
56
56
|
netrc (~> 0.7)
|
57
|
-
rollbar (2.13.
|
57
|
+
rollbar (2.13.3)
|
58
58
|
multi_json
|
59
59
|
rspec (3.5.0)
|
60
60
|
rspec-core (~> 3.5.0)
|
61
61
|
rspec-expectations (~> 3.5.0)
|
62
62
|
rspec-mocks (~> 3.5.0)
|
63
|
-
rspec-core (3.5.
|
63
|
+
rspec-core (3.5.4)
|
64
64
|
rspec-support (~> 3.5.0)
|
65
65
|
rspec-expectations (3.5.0)
|
66
66
|
diff-lcs (>= 1.2.0, < 2.0)
|
data/bin/pushyd
CHANGED
@@ -83,5 +83,12 @@ Daemons.run_proc(Conf.generate(:process_name), run_options) do
|
|
83
83
|
|
84
84
|
# Start daemon
|
85
85
|
Conf.log :launcher, "start daemon"
|
86
|
-
|
86
|
+
|
87
|
+
# Start the proxy
|
88
|
+
PushyDaemon::Proxy.new
|
89
|
+
|
90
|
+
# Backup infinite loop in case shout does nothing
|
91
|
+
loop do
|
92
|
+
sleep 1
|
93
|
+
end
|
87
94
|
end
|
data/lib/pushyd/constants.rb
CHANGED
@@ -6,7 +6,7 @@ MSG_RLAY = "RLAY"
|
|
6
6
|
# Constants: AMQP protocol
|
7
7
|
AMQP_HEARTBEAT_INTERVAL = 30
|
8
8
|
AMQP_RECOVERY_INTERVAL = 5
|
9
|
-
AMQP_PREFETCH =
|
9
|
+
AMQP_PREFETCH = 5
|
10
10
|
AMQP_MANUAL_ACK = false
|
11
11
|
|
12
12
|
# Constants: shouter
|
@@ -17,9 +17,9 @@ LOGGER_FORMAT = {
|
|
17
17
|
context: {
|
18
18
|
caller: "%-17s",
|
19
19
|
rule: "%-20s",
|
20
|
-
}
|
21
|
-
|
22
|
-
|
20
|
+
},
|
21
|
+
array: " - %s",
|
22
|
+
hash: " = %-20s %s",
|
23
23
|
}
|
24
24
|
|
25
25
|
|
data/lib/pushyd/consumer.rb
CHANGED
@@ -65,7 +65,7 @@ module PushyDaemon
|
|
65
65
|
|
66
66
|
# Check if we need to relay anything
|
67
67
|
unless @rule[:relay]
|
68
|
-
log_debug "handle_relay: no [relay] URL"
|
68
|
+
# log_debug "handle_relay: no [relay] URL"
|
69
69
|
return
|
70
70
|
end
|
71
71
|
|
@@ -95,7 +95,7 @@ module PushyDaemon
|
|
95
95
|
|
96
96
|
# Compute: payload MD5, HMAC signature
|
97
97
|
headers_md5 headers, request_body
|
98
|
-
headers_sign headers, @rule[:sign]
|
98
|
+
headers_sign headers, @rule[:sign]
|
99
99
|
|
100
100
|
# Build final request
|
101
101
|
request = RestClient::Request.new url: relay_url,
|
@@ -109,7 +109,7 @@ module PushyDaemon
|
|
109
109
|
|
110
110
|
# Handle exceptions
|
111
111
|
rescue RestClient::ExceptionWithResponse, URI::InvalidURIError, RestClient::InternalServerError => e
|
112
|
-
log_error "#{request_prefix} rest-client
|
112
|
+
log_error "#{request_prefix} rest-client: #{e.message}"
|
113
113
|
rescue ApiAuth::ApiAuthError, ApiAuth::UnknownHTTPRequest => e
|
114
114
|
log_error "#{request_prefix} api-auth: #{e.message}"
|
115
115
|
rescue Errno::ECONNREFUSED => e
|
data/lib/pushyd/proxy.rb
CHANGED
@@ -37,9 +37,14 @@ module PushyDaemon
|
|
37
37
|
# Send config table to logs
|
38
38
|
log_info "Proxy initialized", @table.to_s.lines
|
39
39
|
|
40
|
+
rescue BmcDaemonLib::MqConsumerException, EndpointConnectionError, ShouterInterrupted, Errno::EACCES => e
|
41
|
+
log_error "Proxy: #{e.message}"
|
42
|
+
abort "EXITING #{e.class}: #{e.message}"
|
43
|
+
|
40
44
|
rescue StandardError => e
|
41
|
-
|
42
|
-
|
45
|
+
log_error "Proxy: #{e.message}", e.backtrace
|
46
|
+
abort "EXITING #{e.class}: #{e.message} \n #{e.backtrace.to_yaml}"
|
47
|
+
|
43
48
|
raise MqConsumerException, e.message
|
44
49
|
|
45
50
|
end
|
data/lib/pushyd.rb
CHANGED
@@ -4,95 +4,89 @@ require 'base64'
|
|
4
4
|
module Shared
|
5
5
|
module HmacSignature
|
6
6
|
|
7
|
-
def
|
7
|
+
def headers_md5 headers, payload
|
8
|
+
headers['Content-MD5'] = Digest::MD5.hexdigest(payload.to_s)
|
9
|
+
end
|
10
|
+
|
11
|
+
def headers_sign headers, config
|
8
12
|
# Extract and check
|
9
13
|
return unless config.is_a? Hash
|
10
|
-
hmac_method
|
11
|
-
hmac_user
|
12
|
-
hmac_secret
|
13
|
-
|
14
|
+
hmac_method = config[:method]
|
15
|
+
hmac_user = config[:user]
|
16
|
+
hmac_secret = config[:secret]
|
17
|
+
log_debug "headers_sign config", config
|
14
18
|
|
15
19
|
# Check params
|
16
|
-
unless
|
20
|
+
unless hmac_method && hmac_user && hmac_secret
|
17
21
|
log_error "headers_sign: missing method/user/secret"
|
18
22
|
return
|
19
23
|
end
|
20
24
|
|
21
|
-
# Check
|
22
|
-
unless config[:
|
23
|
-
log_error "headers_sign:
|
25
|
+
# Check headers, and translate names to strings
|
26
|
+
unless config[:headers].is_a? Array
|
27
|
+
log_error "headers_sign: [headers] should be an array of headers to be signed"
|
24
28
|
return
|
25
29
|
end
|
30
|
+
hmac_headers = config[:headers].map(&:to_s)
|
26
31
|
|
27
|
-
#
|
28
|
-
|
29
|
-
# log_info "headers_sign: after signing", headers
|
30
|
-
end
|
32
|
+
# Update date
|
33
|
+
headers['Date'] = Time.now.utc.strftime('%a, %d %b %Y %H:%M:%S GMT')
|
31
34
|
|
32
|
-
|
33
|
-
|
35
|
+
# Let's apply the requested method
|
36
|
+
case hmac_method
|
37
|
+
when 'hmac-kong'
|
38
|
+
hmac_sign_kong headers, hmac_user, hmac_secret, hmac_headers
|
39
|
+
else
|
40
|
+
log_error "headers_sign: only [hmac-kong] method is supported"
|
41
|
+
return
|
42
|
+
end
|
34
43
|
end
|
35
44
|
|
36
45
|
private
|
37
46
|
|
38
|
-
def hmac_sign_kong headers, client_id, client_secret,
|
39
|
-
#
|
40
|
-
|
41
|
-
# headers['Content-MD5'] = Date.now.strftime('%a, %d %b %Y %H:%M:%S GMT')
|
42
|
-
# log_debug "hmac_sign_kong: headers", headers
|
43
|
-
|
44
|
-
# Filter headers we're going to hash
|
45
|
-
myheaders = hmac_headers_filter headers, names
|
47
|
+
def hmac_sign_kong headers, client_id, client_secret, selection
|
48
|
+
# Ensure we have :date in headers and no dup
|
49
|
+
selected = selection.push("date").uniq
|
46
50
|
|
47
51
|
# Signe string of headers
|
48
|
-
signature = hmac_headers_hash
|
49
|
-
log_debug "hmac_sign_kong signed [#{signature}] from
|
52
|
+
signature = hmac_headers_hash headers, selected, client_secret
|
53
|
+
log_debug "hmac_sign_kong: signed [#{signature}] from #{selected.inspect}"
|
50
54
|
|
51
55
|
# Add auth header
|
52
|
-
headers['Authorization'] = hmac_build_header(client_id,
|
56
|
+
headers['Authorization'] = hmac_build_header(client_id, selection, signature)
|
53
57
|
#headers['test'] = "testing123"
|
54
58
|
|
55
59
|
# That's OK
|
56
60
|
return headers
|
57
61
|
end
|
58
62
|
|
59
|
-
def hmac_build_header client_id,
|
63
|
+
def hmac_build_header client_id, selection, signature
|
60
64
|
sprintf 'hmac username="%s", algorithm="hmac-sha1", headers="%s", signature="%s"',
|
61
65
|
client_id,
|
62
|
-
|
66
|
+
selection.map(&:downcase).join(' '),
|
63
67
|
signature
|
64
68
|
end
|
65
69
|
|
66
|
-
def
|
67
|
-
|
70
|
+
def hmac_headers_hash headers, selection, client_secret
|
71
|
+
# Init
|
72
|
+
selected = []
|
68
73
|
|
69
|
-
#
|
70
|
-
|
74
|
+
# For each selected header
|
75
|
+
selection.each do |sel|
|
76
|
+
this = sel.downcase
|
71
77
|
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
78
|
+
# For each header, stack it or not
|
79
|
+
headers.each do |header_name, header_value|
|
80
|
+
next unless this == header_name.downcase
|
81
|
+
selected << sprintf("%s: %s", this, header_value)
|
82
|
+
end
|
77
83
|
end
|
78
84
|
|
79
|
-
#
|
80
|
-
|
81
|
-
end
|
82
|
-
|
83
|
-
def hmac_headers_hash myheaders, client_secret
|
84
|
-
# Build headers string
|
85
|
-
data = myheaders.map do |name, value|
|
86
|
-
sprintf("%s: %s", name, value)
|
87
|
-
end.join("\n")
|
88
|
-
|
89
|
-
# Hash this
|
85
|
+
# Build headers string and hash it
|
86
|
+
data = selected.join("\n")
|
90
87
|
digest = OpenSSL::Digest.new('sha1')
|
91
88
|
Base64.encode64(OpenSSL::HMAC.digest(digest, client_secret, data)).strip
|
92
89
|
end
|
93
90
|
|
94
|
-
def hmac_sign_data client_secret, data
|
95
|
-
end
|
96
|
-
|
97
91
|
end
|
98
92
|
end
|
data/pushyd.gemspec
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pushyd
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.22.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Bruno MEDICI
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-10-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -225,7 +225,6 @@ files:
|
|
225
225
|
- lib/pushyd.rb
|
226
226
|
- lib/pushyd/constants.rb
|
227
227
|
- lib/pushyd/consumer.rb
|
228
|
-
- lib/pushyd/daemon.rb
|
229
228
|
- lib/pushyd/initialize.rb
|
230
229
|
- lib/pushyd/proxy.rb
|
231
230
|
- lib/pushyd/shouter.rb
|
data/lib/pushyd/daemon.rb
DELETED
@@ -1,20 +0,0 @@
|
|
1
|
-
module PushyDaemon
|
2
|
-
class Daemon
|
3
|
-
|
4
|
-
def self.run
|
5
|
-
# Create a new proxy, and dump its configuration
|
6
|
-
Proxy.new
|
7
|
-
|
8
|
-
# Backup infinite loop in case shout does nothing
|
9
|
-
loop do
|
10
|
-
sleep 1
|
11
|
-
end
|
12
|
-
|
13
|
-
rescue BmcDaemonLib::MqConsumerException, EndpointConnectionError, ShouterInterrupted => e
|
14
|
-
abort "EXITING #{e.class}: #{e.message}"
|
15
|
-
rescue Errno::EACCES, StandardError => e
|
16
|
-
abort "EXITING #{e.class}: #{e.message} \n #{e.backtrace.to_yaml}"
|
17
|
-
end
|
18
|
-
|
19
|
-
end
|
20
|
-
end
|