rack-bridge 0.5.1 → 0.6.0

data/README.rdoc

@@ -1,6 +1,35 @@
 = rack-bridge
 
-Description goes here.
+Rack-Bridge provides a rack-based server for connecting to a BRIDGE-capable server (like CloudBridge). This can be used with any rack-capable framework that supports automatic loading of the handler, which includes at least rackup and rails. Examples for those two frameworks are below.
+
+== Examples
+
+Save a key you got from oncloud.org in your user key store:
+
+	bridge_store_key 1178fbd04c4aea4c8a7f09627bbf67df83a51805:1267585275:pickles.oncloud.org
+	
+Save a key you got from oncloud.org in your app's key store:
+
+	bridge_store_key --site 1178fbd04c4aea4c8a7f09627bbf67df83a51805:1267585275:pickles.oncloud.org
+
+Use Rackup to connect to pickles.oncloud.org (assumes you stored the key as above):
+
+	rackup -s Bridge -o pickles.oncloud.org config.ru
+	
+Use Rails >= 2.3 to connect to pickles.oncloud.org (assumes you stored the key as above):
+
+	script/server Bridge -b pickles.oncloud.org
+	
+Specify a key through the environment without saving it:
+
+	BRIDGE_KEYS=1178fbd04c4aea4c8a7f09627bbf67df83a51805:1267585275:pickles.oncloud.org rackup -s Bridge -o pickles.oncloud.org config.ru
+	BRIDGE_KEYS=1178fbd04c4aea4c8a7f09627bbf67df83a51805:1267585275:pickles.oncloud.org script/server Bridge -b pickles.oncloud.org
+
+== More Information
+
+CloudBridge: http://www.github.com/stormbrew/cloudbridge
+OnCloud: http://www.oncloud.org
+Summary of CloudBridge/OnCloud: http://www.stormbrew.ca/2010/03/18/oncloud-org-and-cloudbridge-and-how-the-web-is-like-donkey-kong-country/
 
 == Note on Patches/Pull Requests
  

data/Rakefile

@@ -10,7 +10,7 @@ begin
     gem.email = "graham@stormbrew.ca"
     gem.homepage = "http://github.com/stormbrew/rack-bridge"
     gem.authors = ["Graham Batty"]
-    gem.add_dependency "jaws", ">= 0.5.0"
+    gem.add_dependency "jaws", "= 0.6.0"
     gem.add_development_dependency "rspec", ">= 1.2.9"
     # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
   end

data/VERSION

@@ -1 +1 @@
-0.5.1
+0.6.0

data/bin/bridge-store-key

@@ -0,0 +1,44 @@
+#!/usr/bin/env ruby
+require 'optparse'
+require 'bridge/key_tools'
+
+user_path = Bridge::KeyTools.user_path
+global_path = Bridge::KeyTools.global_path
+site_path = Bridge::KeyTools.site_path
+
+type = :user
+opt = OptionParser.new do |opts|
+  opts.banner = "Usage: #{$0} [options] KEY"
+  
+  if (user_path)
+    opts.on("u", "--user", "Add to the user registry (#{user_path}) DEFAULT") do
+      type = :user
+    end
+  end
+  
+  if (global_path)
+    opts.on("g", "--global", "Add to the global registry (#{global_path})") do
+      type = :global
+    end
+  end
+  
+  if (site_path)
+    opts.on("s", "--site", "Add to the site registry (#{site_path})") do
+      type = :site
+    end
+  end
+  
+  opts.on("h", "--help", "Show this help") do
+    puts(opts)
+    exit(1)
+  end
+end
+opt.parse!
+key = ARGV.shift
+if (!key)
+  puts("Must supply a key!")
+  puts(opt)
+  exit(1)
+end
+
+Bridge::KeyTools.save_key(key, type)

data/lib/bridge/key_tools.rb

@@ -0,0 +1,81 @@
+module Bridge
+  module KeyTools
+    # Finds a parent path with name in it recursively. Must pass
+    # a normalized path in (see File.expand_path)
+    def self.find_nearest(path, name)
+      if (Dir.glob(File.join(path, name)).empty?)
+        parent = File.dirname(path)
+        if (parent == path) # can't collapse any further, no match
+          return nil
+        end
+        return find_nearest(parent, name)
+      else
+        return path
+      end
+    end
+    
+    # Returns the path to a key file in the local site if it can be determined.
+    # Specifically, it'll look for the nearest parent directory with any of the
+    # following under it (in priority order)
+    # script/server
+    # *.ru
+    # .git
+    # .hg
+    def self.site_path(path = Dir.getwd)
+      nearest = find_nearest(path, "script/server") ||
+                find_nearest(path, "*.ru") ||
+                find_nearest(path, ".git") ||
+                find_nearest(path, ".hg")
+      return nearest && File.join(nearest, ".bridge_keys")
+    end
+    
+    # Returns the path to a key file in the user's home directory if one exists.
+    # Returns nil if not found
+    def self.user_path
+      File.join(ENV["HOME"], ".bridge_keys") if (ENV["HOME"])
+    end
+    
+    # Returns the path to the global key file
+    def self.global_path
+      File.join("/etc", "bridge_keys")
+    end      
+    
+    # Returns an array of saved keys for the hosts passed in. Note
+    # that it will never load a key for a full wildcard host ("*")
+    # as that would be a serious security concern.
+    def self.load_keys(for_hosts)
+      paths = [site_path, user_path, global_path].compact
+      keys = []
+      
+      paths.each do |path|
+        if (File.exists? path)
+          lines = File.readlines(path)
+          lines.each do |key|
+            key.gsub!(%r{\n$}, '')
+            key_string, timestamp, host = key.split(":", 3)
+            next if host == '*'
+            for_hosts.each do |for_host|
+              if (%r{(^|\*|\.)#{Regexp.escape(host)}$}.match(for_host))
+                keys << key
+              end
+            end
+          end
+        end
+      end
+      return keys.uniq 
+    end
+    
+    # Saves +key+ in the path identified by +type+ (:global, :user, :site).
+    # Will not save a key for host '*'
+    def self.save_key(key, type = :user)
+      key_string, timestamp, host = key.split(":", 3)
+      return if host == '*'
+      path = send(:"#{type}_path")
+      if (path)
+        File.open(path, "a") do |f|
+          f.puts(key)
+        end
+      end
+    end
+  end
+end

data/lib/bridge/server.rb

@@ -0,0 +1,93 @@
+require 'jaws/server'
+require 'bridge/tcp_server'
+require 'bridge/key_tools'
+
+module Bridge
+  # An HTTP Rack-based server based on the Jaws web server.
+  class Server < Jaws::Server
+    DefaultOptions = Jaws::Server::DefaultOptions.merge({
+      :UseKeyFiles => true,
+      :Keys => "",
+      :Port => 8079,
+    })
+    
+    # The host information to set up where to listen. It's formatted
+    # as follows:
+    # [listen.host1,listen.host2,...@]bridge.host
+    # where each of the listen.hosts is a host that this server
+    # should handle requests for and the bridge.host is the address
+    # of the bridge host itself. Note that if you're only listening
+    # on one host and it shares its ip with the bridge server itself,
+    # you can simply give it that host (ie. pickles.oncloud.org will
+    # connect to pickles.oncloud.org to server for pickles.oncloud.org)
+    # An example of a more complicated example might be:
+    # www.blah.com,blah.com@blorp.com
+    # You can also have leading wildcards in the hosts:
+    # *.blorp.com,blorp.com@blorp.com
+    # Or more concisely (*. matches subdomains, *blah matches *.blah and blah):
+    # *blorp.com@blorp.com
+    # Or yet more concisely (without an @, wildcards are removed to find the address):
+    # *blorp.com
+    # And of course, to match everything on a bridge server:
+    # *@blorp.com
+    attr_accessor :host    
+    # Whether or not the local key files (.bridge_keys in
+    # the current app's directory, the user's homedir, and
+    # /etc) should be searched for matching keys when connecting
+    # to the server. Also set with options[:UseKeyFiles]
+    attr_accessor :use_key_files
+    # The keys that should be sent to the BRIDGE server.
+    # Also set with options[:Keys]
+    attr_accessor :keys
+    
+    # The hosts this server responds to. Derived from #host
+    attr_reader :listen_hosts
+    # The bridge server we intend to connect to. Derived from #host
+    attr_reader :bridge_server
+    
+    def initialize(options = DefaultOptions)
+      super(DefaultOptions.merge(options))
+
+      @use_key_files = @options[:UseKeyFiles]
+
+      hosts, @bridge_server = @host.split("@", 2)
+      if (@bridge_server.nil?)
+        # no bridge specified, we expect there to be a single host
+        # and (once trimmed of wildcards) it becomes our bridge server
+        # address.
+        @bridge_server = hosts.gsub(%r{^\*\.?}, '')
+        hosts = [hosts]
+      else
+        # there was a bridge, so we can allow multiple hosts and don't need
+        # any magic for the bridge
+        hosts = hosts.split(',')
+      end
+      @listen_hosts = hosts.collect do |h|
+        # We need to expand *blah into *.blah and blah. This is a client-side
+        # convenience, not something the server deals with.
+        if (match = %r{^\*[^\.](.+)$}.match(h))
+          ["*." << match[1], match[1]]
+        else
+          h
+        end
+      end.flatten
+
+      @keys = @options[:Keys].split(",")
+      @keys << ENV["BRIDGE_KEYS"] if (ENV["BRIDGE_KEYS"])
+      if (@use_key_files)
+        @keys << Bridge::KeyTools.load_keys(@listen_hosts)
+      end
+      @keys.flatten!
+    end
+    
+    def create_listener(options)
+      l = Bridge::TCPServer.new(bridge_server, port, listen_hosts, keys)
+      # There's no shared state externally accessible, so we just make
+      # synchronize on the listener a no-op.
+      def l.synchronize
+        yield
+      end
+      return l
+    end
+  end
+end

data/lib/bridge/tcp_server.rb

@@ -0,0 +1,154 @@
+require 'socket'
+
+module Bridge
+  # This is the class returned by TCPServer.accept. It is a TCPSocket with a couple of extra features.
+  class TCPSocket < ::TCPSocket
+    class RetryError < RuntimeError
+      attr_reader :timeout
+      def initialize(msg, timeout = 5)
+        super(msg)
+        @timeout = timeout
+      end
+    end
+    
+    def initialize(cloud_host, cloud_port, listen_hosts, listen_keys)
+      @cloud_host = cloud_host
+      @cloud_port = cloud_port
+      @listen_hosts = listen_hosts
+      @listen_keys = listen_keys
+      
+      super(@cloud_host, @cloud_port)
+    end
+    
+    def send_bridge_request()
+			write("BRIDGE / HTTP/1.1\r\n")
+			write("Expect: 100-continue\r\n")
+			@listen_hosts.each {|host|
+				write("Host: #{host}\r\n")
+			}
+			@listen_keys.each {|key|
+				write("Host-Key: #{key}\r\n")
+			}
+			write("\r\n")      
+    end
+    
+    # This just tries to determine if the server will honor
+    # requests as specified above so that the TCPServer initializer
+    # can error out early if it won't.
+    def verify()
+      send_bridge_request()
+      begin
+        line = gets()
+        match = line.match(%r{^HTTP/1\.[01] ([0-9]{3,3}) (.*)$})
+        if (!match)
+          raise "HTTP BRIDGE error: bridge server sent incorrect reply to bridge request."
+        end
+        case code = match[1].to_i
+        when 100, 101
+          return true
+  			when 401 # 401 Access Denied, key wasn't right.
+  			  raise "HTTP BRIDGE error #{code}: host key was invalid or missing, but required."
+  		  when 503, 504 # 503 Service Unavailable or 504 Gateway Timeout
+  		    raise "HTTP BRIDGE error #{code}: could not verify server can handle requests because it's overloaded."
+  	    else
+  	      raise "HTTP BRIDGE error #{code}: #{match[2]} unknown error connecting to bridge server."
+        end 
+      ensure
+        close() # once we do this, we just assume the connection is useless.
+      end
+    end
+    
+    # This does the full setup process on the request, returning only
+    # when the connection is actually available.
+    def setup()
+      send_bridge_request
+      code = nil
+			name = nil
+			headers = []
+			while (line = gets())
+				line = line.strip
+				if (line == "")
+					case code.to_i
+					when 100 # 100 Continue, just a ping. Ignore.
+						code = name = nil
+						headers = []
+						next
+					when 101 # 101 Upgrade, successfuly got a connection.
+						write("HTTP/1.1 100 Continue\r\n\r\n") # let the server know we're still here.
+						return self
+					when 401 # 401 Access Denied, key wasn't right.
+					  close()
+					  raise "HTTP BRIDGE error #{code}: host key was invalid or missing, but required."
+					when 503, 504 # 503 Service Unavailable or 504 Gateway Timeout, just retry.
+						close()
+						sleep_time = headers.find {|header| header["Retry-After"] } || 5
+						raise RetryError.new("BRIDGE server timed out or is overloaded, wait #{sleep_time}s to try again.", sleep_time)
+					else
+						raise "HTTP BRIDGE error #{code}: #{name} waiting for connection."
+					end
+				end
+		
+				if (!code && !name) # This is the initial response line
+					if (match = line.match(%r{^HTTP/1\.[01] ([0-9]{3,3}) (.*)$}))
+						code = match[1]
+						name = match[2]
+						next
+					else
+						raise "Parse error in BRIDGE request reply."
+					end
+				else
+					if (match = line.match(%r{^(.+?):\s+(.+)$}))
+						headers.push({match[1] => match[2]})
+					else
+						raise "Parse error in BRIDGE request reply's headers."
+					end
+				end
+			end
+			return nil
+		end
+  end
+  
+  # This class emulates the behaviour of TCPServer, but 'listens' on a cloudbridge
+	# server rather than a local interface. Otherwise attempts to have a mostly identical
+	# interface to ::TCPServer.
+	class TCPServer
+		def initialize(cloud_host, cloud_port, listen_hosts = ['*'], listen_keys = [])
+			@cloud_host = cloud_host
+			@cloud_port = cloud_port
+			@listen_hosts = listen_hosts
+			@listen_keys = listen_keys
+			@closed = false
+			begin
+			  TCPSocket.new(@cloud_host, @cloud_port, @listen_hosts, @listen_keys).verify
+		  rescue Errno::ECONNREFUSED
+		    raise "HTTP BRIDGE Error: No Bridge server at #{@cloud_host}:#{@cloud_port}"
+	    end
+		end
+	
+		def accept()
+			begin
+				# Connect to the cloudbridge and let it know we're available for a connection.
+				# This is all entirely syncronous.
+				begin
+					socket = TCPSocket.new(@cloud_host, @cloud_port, @listen_hosts, @listen_keys)
+				rescue Errno::ECONNREFUSED
+					sleep(0.5)
+					retry
+				end
+				socket.setup
+				return socket
+			rescue RetryError => e
+			  sleep(e.timeout)
+			  retry
+			end
+		end
+	
+		def close()
+			@closed = true
+		end
+		
+		def closed?()
+		  return @closed
+	  end
+	end
+end

data/lib/rack/handler/bridge.rb

@@ -0,0 +1,11 @@
+require 'bridge/server'
+
+module Rack
+  module Handler
+    class Bridge
+      def self.run(app, options = Bridge::Server::DefaultOptions)
+        ::Bridge::Server.new(options).run(app)
+      end
+    end
+  end
+end

metadata

@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
   prerelease: false
   segments: 
   - 0
-  - 5
-  - 1
-  version: 0.5.1
+  - 6
+  - 0
+  version: 0.6.0
 platform: ruby
 authors: 
 - Graham Batty
@@ -14,21 +14,21 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-03-17 00:00:00 -06:00
-default_executable: 
+date: 2010-03-19 00:00:00 -06:00
+default_executable: bridge-store-key
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: jaws
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
     requirements: 
-    - - ">="
+    - - "="
       - !ruby/object:Gem::Version 
         segments: 
         - 0
-        - 5
+        - 6
         - 0
-        version: 0.5.0
+        version: 0.6.0
   type: :runtime
   version_requirements: *id001
 - !ruby/object:Gem::Dependency 
@@ -47,8 +47,8 @@ dependencies:
   version_requirements: *id002
 description: Rack handler and other tools for communicating with a BRIDGE-capable server (like CloudBridge)
 email: graham@stormbrew.ca
-executables: []
-
+executables: 
+- bridge-store-key
 extensions: []
 
 extra_rdoc_files: 
@@ -61,6 +61,11 @@ files:
 - README.rdoc
 - Rakefile
 - VERSION
+- bin/bridge-store-key
+- lib/bridge/key_tools.rb
+- lib/bridge/server.rb
+- lib/bridge/tcp_server.rb
+- lib/rack/handler/bridge.rb
 - spec/rack-bridge_spec.rb
 - spec/spec.opts
 - spec/spec_helper.rb