rack-tctp 0.9.11 → 0.9.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ext/engine/engine.c +13 -0
- data/lib/rack/tctp/halec.rb +1 -0
- data/lib/rack/tctp.rb +37 -7
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d05bda4c7f71e6aad8866dc1a895a8c320efa800
|
4
|
+
data.tar.gz: 48ca34e13f8c1fdffcdb947b972b134da2347b41
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 673ffaddcb9bf4fb3ce6e4ae87cf61bccf7ab7bdff73aec5cc52a918c0cc7827088334b8b8cefbc3e827713628d952436f351bb922afcbf49ddf65609116cd4b
|
7
|
+
data.tar.gz: 504d66aced51670eaafdcd1b264b1c7fa641303c2754863b7ed0d02611f68b7af9d855b01b9ca0c34e2a11a0011066c7a1aa07b1203b92a32a281fdf19ed443e
|
data/ext/engine/engine.c
CHANGED
@@ -191,6 +191,17 @@ VALUE engine_extract(VALUE self) {
|
|
191
191
|
return Qnil;
|
192
192
|
}
|
193
193
|
|
194
|
+
VALUE engine_state(VALUE self) {
|
195
|
+
ms_conn* conn;
|
196
|
+
VALUE str;
|
197
|
+
|
198
|
+
Data_Get_Struct(self, ms_conn, conn);
|
199
|
+
|
200
|
+
str = rb_str_new(SSL_state_string(conn->ssl), 6);
|
201
|
+
|
202
|
+
return str;
|
203
|
+
}
|
204
|
+
|
194
205
|
void Init_engine() {
|
195
206
|
VALUE mod, eng, rack;
|
196
207
|
|
@@ -213,4 +224,6 @@ void Init_engine() {
|
|
213
224
|
|
214
225
|
rb_define_method(eng, "write", engine_write, 1);
|
215
226
|
rb_define_method(eng, "extract", engine_extract, 0);
|
227
|
+
|
228
|
+
rb_define_method(eng, "state", engine_state, 0);
|
216
229
|
}
|
data/lib/rack/tctp/halec.rb
CHANGED
data/lib/rack/tctp.rb
CHANGED
@@ -9,6 +9,7 @@ module Rack
|
|
9
9
|
class TCTP
|
10
10
|
DEFAULT_TCTP_DISCOVERY_INFORMATION = '/.*:/halecs'
|
11
11
|
TCTP_DISCOVERY_MEDIA_TYPE = 'text/prs.tctp-discovery'
|
12
|
+
TCTP_MEDIA_TYPE = 'binary/prs.tctp'
|
12
13
|
|
13
14
|
# The slug URI can contain any HTTP compatible characters
|
14
15
|
def self.slug_base
|
@@ -67,7 +68,11 @@ module Rack
|
|
67
68
|
handshake_response = [halec.engine.extract]
|
68
69
|
|
69
70
|
# Set location header and content-length
|
70
|
-
header = {
|
71
|
+
header = {
|
72
|
+
'Location' => halec.url.to_s,
|
73
|
+
'Content-Length' => handshake_response[0].length.to_s,
|
74
|
+
'Content-Type' => TCTP_MEDIA_TYPE
|
75
|
+
}
|
71
76
|
|
72
77
|
# Set the TCTP session cookie header
|
73
78
|
Rack::Utils.set_cookie_header!(header, "tctp_session_cookie", {:value => session.session_id, :path => '/', :expires => Time.now+24*60*60})
|
@@ -89,7 +94,10 @@ module Rack
|
|
89
94
|
handshake_response = halec.engine.extract
|
90
95
|
|
91
96
|
# Send back server HALEC response
|
92
|
-
[200, {
|
97
|
+
[200, {
|
98
|
+
'Content-Length' => handshake_response.length.to_s,
|
99
|
+
'Content-Type' => TCTP_MEDIA_TYPE
|
100
|
+
}, [handshake_response]]
|
93
101
|
else
|
94
102
|
# Decrypt TCTP secured bodies
|
95
103
|
if is_tctp_encrypted_body?(req) then
|
@@ -115,7 +123,7 @@ module Rack
|
|
115
123
|
|
116
124
|
status, headers, body = @app.call(env)
|
117
125
|
|
118
|
-
if is_tctp_response_requested?(req)
|
126
|
+
if is_tctp_response_requested?(req) && status >= 200 && ![204, 205, 304].include?(status)
|
119
127
|
# Gets the first free server HALEC for encryption
|
120
128
|
# TODO Send error if cookie is missing
|
121
129
|
session = @sessions[req.cookies['tctp_session_cookie']]
|
@@ -124,7 +132,7 @@ module Rack
|
|
124
132
|
return no_usable_halec_error
|
125
133
|
end
|
126
134
|
|
127
|
-
halec = session.
|
135
|
+
halec = session.pop_halec
|
128
136
|
|
129
137
|
unless halec
|
130
138
|
return no_usable_halec_error
|
@@ -148,6 +156,12 @@ module Rack
|
|
148
156
|
content_body_length += encrypted_fragment.length
|
149
157
|
end
|
150
158
|
|
159
|
+
encrypted_body.define_singleton_method :close do
|
160
|
+
session.push_halec halec
|
161
|
+
|
162
|
+
super() if self.class.superclass.respond_to? :close
|
163
|
+
end
|
164
|
+
|
151
165
|
# Finding this bug took waaaay too long ...
|
152
166
|
body.close if body.respond_to?(:close)
|
153
167
|
|
@@ -161,6 +175,7 @@ module Rack
|
|
161
175
|
end
|
162
176
|
end
|
163
177
|
rescue Exception => e
|
178
|
+
# TODO Handle SSL Error
|
164
179
|
@logger.fatal e
|
165
180
|
|
166
181
|
error "Error in TCTP middleware. #{e} #{e.backtrace.inspect}"
|
@@ -218,14 +233,29 @@ module Rack
|
|
218
233
|
|
219
234
|
attr_reader :halecs
|
220
235
|
|
236
|
+
attr_reader :halecs_mutex
|
237
|
+
|
221
238
|
def initialize(session_id = TCTP::new_slug)
|
222
239
|
@session_id = session_id
|
223
240
|
@halecs = {}
|
241
|
+
@halecs_mutex = Mutex.new
|
242
|
+
end
|
243
|
+
|
244
|
+
def pop_halec
|
245
|
+
free_halec = nil
|
246
|
+
|
247
|
+
@halecs_mutex.synchronize do
|
248
|
+
free_halec = @halecs.first {|url, halec| halec.engine.state.eql? 'SSLOK '}
|
249
|
+
|
250
|
+
@halecs.delete free_halec[0] if free_halec
|
251
|
+
end
|
252
|
+
return free_halec[1]
|
224
253
|
end
|
225
254
|
|
226
|
-
def
|
227
|
-
|
228
|
-
|
255
|
+
def push_halec(halec)
|
256
|
+
@halecs_mutex.synchronize do
|
257
|
+
@halecs[halec.url] = halec
|
258
|
+
end
|
229
259
|
end
|
230
260
|
end
|
231
261
|
end
|