rage-iodine 1.7.58

data/ext/iodine/iodine_tcp.c

@@ -0,0 +1,346 @@
+#include "iodine.h"
+#include <ruby/encoding.h>
+#include <ruby/io.h>
+
+#define FIO_INCLUDE_STR
+#include "fio.h"
+
+/* *****************************************************************************
+Static stuff
+***************************************************************************** */
+static ID call_id;
+static ID on_closed_id;
+static rb_encoding *IodineBinaryEncoding;
+
+static VALUE port_id;
+static VALUE address_id;
+static VALUE handler_id;
+static VALUE timeout_id;
+
+/* *****************************************************************************
+Raw TCP/IP Protocol
+***************************************************************************** */
+
+#define IODINE_MAX_READ 8192
+
+typedef struct {
+  fio_protocol_s p;
+  VALUE io;
+} iodine_protocol_s;
+
+typedef struct {
+  VALUE io;
+  ssize_t len;
+  char buffer[IODINE_MAX_READ];
+} iodine_buffer_s;
+
+/**
+ * Converts an iodine_buffer_s pointer to a Ruby string.
+ */
+static void *iodine_tcp_on_data_in_GIL(void *b_) {
+  iodine_buffer_s *b = b_;
+  if (!b) {
+    FIO_LOG_FATAL("(iodine->tcp/ip->on_data->GIL) WTF?!\n");
+    exit(-1);
+  }
+  VALUE data = IodineStore.add(rb_str_new(b->buffer, b->len));
+  rb_enc_associate(data, IodineBinaryEncoding);
+  iodine_connection_fire_event(b->io, IODINE_CONNECTION_ON_MESSAGE, data);
+  IodineStore.remove(data);
+  return NULL;
+  // return (void *)IodineStore.add(rb_usascii_str_new((const char *)b->buffer,
+  // b->len));
+}
+
+/** Called when a data is available, but will not run concurrently */
+static void iodine_tcp_on_data(intptr_t uuid, fio_protocol_s *protocol) {
+  iodine_buffer_s buffer;
+  buffer.len = fio_read(uuid, buffer.buffer, IODINE_MAX_READ);
+  if (buffer.len <= 0) {
+    return;
+  }
+  buffer.io = ((iodine_protocol_s *)protocol)->io;
+  IodineCaller.enterGVL(iodine_tcp_on_data_in_GIL, &buffer);
+  if (buffer.len == IODINE_MAX_READ) {
+    fio_force_event(uuid, FIO_EVENT_ON_DATA);
+  }
+}
+
+/** called when the socket is ready to be written to. */
+static void iodine_tcp_on_ready(intptr_t uuid, fio_protocol_s *protocol) {
+  iodine_protocol_s *p = (iodine_protocol_s *)protocol;
+  iodine_connection_fire_event(p->io, IODINE_CONNECTION_ON_DRAINED, Qnil);
+  (void)uuid;
+}
+
+/**
+ * Called when the server is shutting down, immediately before closing the
+ * connection.
+ */
+static uint8_t iodine_tcp_on_shutdown(intptr_t uuid, fio_protocol_s *protocol) {
+  iodine_protocol_s *p = (iodine_protocol_s *)protocol;
+  iodine_connection_fire_event(p->io, IODINE_CONNECTION_ON_SHUTDOWN, Qnil);
+  return 0;
+  (void)uuid;
+}
+
+/** Called when the connection was closed, but will not run concurrently */
+
+static void iodine_tcp_on_close(intptr_t uuid, fio_protocol_s *protocol) {
+  iodine_protocol_s *p = (iodine_protocol_s *)protocol;
+  iodine_connection_fire_event(p->io, IODINE_CONNECTION_ON_CLOSE, Qnil);
+  free(p);
+  (void)uuid;
+}
+
+/** called when a connection's timeout was reached */
+static void iodine_tcp_ping(intptr_t uuid, fio_protocol_s *protocol) {
+  iodine_protocol_s *p = (iodine_protocol_s *)protocol;
+  iodine_connection_fire_event(p->io, IODINE_CONNECTION_PING, Qnil);
+  (void)uuid;
+}
+
+/** fio_listen callback, called when a connection opens */
+static void iodine_tcp_on_open(intptr_t uuid, void *udata) {
+  if (!fio_is_valid(uuid))
+    return;
+  VALUE handler = IodineCaller.call((VALUE)udata, call_id);
+  IodineStore.add(handler);
+  iodine_tcp_attch_uuid(uuid, handler);
+  IodineStore.remove(handler);
+}
+
+/** called when the listening socket is destroyed */
+static void iodine_tcp_on_finish(intptr_t uuid, void *udata) {
+  IodineStore.remove((VALUE)udata);
+  (void)uuid;
+}
+
+/**
+ * The `on_connect` callback should either call `fio_attach` or close the
+ * connection.
+ */
+static void iodine_tcp_on_connect(intptr_t uuid, void *udata) {
+  iodine_tcp_attch_uuid(uuid, (VALUE)udata);
+  IodineStore.remove((VALUE)udata);
+}
+
+/**
+ * The `on_fail` is called when a socket fails to connect. The old sock UUID
+ * is passed along.
+ */
+static void iodine_tcp_on_fail(intptr_t uuid, void *udata) {
+  IodineStore.remove((VALUE)udata);
+}
+
+/* *****************************************************************************
+The Ruby API implementation
+***************************************************************************** */
+
+// clang-format off
+/**
+The {listen} method instructs iodine to listen to incoming connections using either TCP/IP or Unix sockets.
+
+The method accepts a single Hash argument with the following optional keys:
+
+:port :: The port to listen to, deafults to nil (using a Unix socket)
+:address :: The address to listen to, which could be a Unix Socket path as well as an IPv4 / IPv6 address. Deafults to 0.0.0.0 (or the IPv6 equivelant).
+:handler :: An object that answers the `call` method (i.e., a Proc).
+
+The method also accepts an optional block.
+
+Either a block or the :handler key MUST be present.
+
+The handler Proc (or object) should return a connection callback object that supports the following callbacks (see also {Iodine::Connection}):
+
+on_open(client) :: called after a connection was established
+on_message(client, data) :: called when incoming data is available. Data may be fragmented.
+on_drained(client) :: called when all the pending `client.write` events have been processed (see {Iodine::Connection#pending}).
+ping(client) :: called whenever a timeout has occured (see {Iodine::Connection#timeout=}).
+on_shutdown(client) :: called if the server is shutting down. This is called before the connection is closed.
+on_close(client) :: called when the connection with the client was closed.
+
+The `client` argument is an {Iodine::Connection} instance that represents the connection / the client.
+
+Here's a telnet based chat-room example:
+
+      require 'iodine'
+      # define the protocol for our service
+      module ChatHandler
+        def self.on_open(client)
+          # Set a connection timeout
+          client.timeout = 10
+          # subscribe to the chat channel.
+          client.subscribe :chat
+          # Write a welcome message
+          client.publish :chat, "new member entered the chat\r\n"
+        end
+        # this is called for incoming data - note data might be fragmented.
+        def self.on_message(client, data)
+          # publish the data we received
+          client.publish :chat, data
+          # close the connection when the time comes
+          client.close if data =~ /^bye[\n\r]/
+        end
+        # called whenever timeout occurs.
+        def self.ping(client)
+          client.write "System: quite, isn't it...?\r\n"
+        end
+        # called if the connection is still open and the server is shutting down.
+        def self.on_shutdown(client)
+          # write the data we received
+          client.write "Chat server going away. Try again later.\r\n"
+        end
+        # returns the callback object (self).
+        def self.call
+          self
+        end
+      end
+      # we use can both the `handler` keyword or a block, anything that answers #call.
+      Iodine.listen(port: "3000", handler: ChatHandler)
+      # start the service
+      Iodine.threads = 1
+      Iodine.start
+
+
+
+Returns the handler object used.
+*/
+intptr_t iodine_tcp_listen(iodine_connection_args_s args) {
+  // clang-format on
+  IodineStore.add(args.handler);
+#ifdef __MINGW32__
+  return fio_listen(.port = args.port.data, .address = args.address.data,
+                    .on_open = iodine_tcp_on_open,
+                    .on_finish = iodine_tcp_on_finish,
+                    .udata = (void *)args.handler);
+#else
+  return fio_listen(.port = args.port.data, .address = args.address.data,
+                    .on_open = iodine_tcp_on_open,
+                    .on_finish = iodine_tcp_on_finish, .tls = args.tls,
+                    .udata = (void *)args.handler);
+#endif
+}
+
+// clang-format off
+/**
+The {connect} method instructs iodine to connect to a server using either TCP/IP or Unix sockets.
+
+The method accepts a single Hash argument with the following optional keys:
+
+:port :: The port to listen to, deafults to 0 (using a Unix socket)
+:address :: The address to listen to, which could be a Unix Socket path as well as an IPv4 / IPv6 address. Deafults to 0.0.0.0 (or the IPv6 equivelant).
+:handler :: A connection callback object that supports the following same callbacks listen in the {listen} method's documentation.
+:timeout :: An integer timeout for connection establishment (doen't effect the new connection's timeout. Should be in the rand of 0..255.
+:tls :: An {Iodine::TLS} object (optional) for secure connections.
+
+The method also accepts an optional block.
+
+Either a block or the :handler key MUST be present.
+
+If the connection fails, only the `on_close` callback will be called (with a `nil` client).
+
+Returns the handler object used.
+*/
+intptr_t iodine_tcp_connect(iodine_connection_args_s args){
+  // clang-format on
+  IodineStore.add(args.handler);
+#ifdef __MINGW32__
+  return fio_connect(.port = args.port.data, .address = args.address.data,
+                     .on_connect = iodine_tcp_on_connect,
+                     .on_fail = iodine_tcp_on_fail, .timeout = args.ping,
+                     .udata = (void *)args.handler);
+#else
+  return fio_connect(.port = args.port.data, .address = args.address.data,
+                     .on_connect = iodine_tcp_on_connect, .tls = args.tls,
+                     .on_fail = iodine_tcp_on_fail, .timeout = args.ping,
+                     .udata = (void *)args.handler);
+#endif
+}
+
+// clang-format off
+/**
+The {attach_fd} method instructs iodine to attach a socket to the server using it's numerical file descriptor.
+
+This is faster than attaching a Ruby IO object since it allows iodine to directly call the system's read/write methods. However, this doesn't support TLS/SSL connections.
+
+This method requires two objects, a file descriptor (`fd`) and a callback object.
+
+See {listen} for details about the callback object.
+
+Returns the callback object (handler) used.
+*/
+static VALUE iodine_tcp_attach_fd(VALUE self, VALUE fd, VALUE handler) {
+  // clang-format on
+  Check_Type(fd, T_FIXNUM);
+  if (handler == Qnil || handler == Qfalse || handler == Qtrue) {
+    rb_raise(rb_eArgError, "A callback object must be provided.");
+  }
+  IodineStore.add(handler);
+  int other = dup(NUM2INT(fd));
+  if (other == -1) {
+    rb_raise(rb_eIOError, "invalid fd.");
+  }
+  intptr_t uuid = fio_fd2uuid(other);
+  iodine_tcp_attch_uuid(uuid, handler);
+  IodineStore.remove(handler);
+  return handler;
+  (void)self;
+}
+
+/* *****************************************************************************
+Add the Ruby API methods to the Iodine object
+***************************************************************************** */
+
+void iodine_init_tcp_connections(void) {
+  call_id = rb_intern2("call", 4);
+  port_id = IodineStore.add(rb_id2sym(rb_intern("port")));
+  address_id = IodineStore.add(rb_id2sym(rb_intern("address")));
+  handler_id = IodineStore.add(rb_id2sym(rb_intern("handler")));
+  timeout_id = IodineStore.add(rb_id2sym(rb_intern("timeout")));
+  on_closed_id = rb_intern("on_closed");
+
+  IodineBinaryEncoding = rb_enc_find("binary");
+
+  rb_define_module_function(IodineModule, "attach_fd", iodine_tcp_attach_fd, 2);
+}
+
+/* *****************************************************************************
+Allow uuid attachment
+***************************************************************************** */
+
+/** assigns a protocol and IO object to a handler */
+void iodine_tcp_attch_uuid(intptr_t uuid, VALUE handler) {
+  FIO_LOG_DEBUG("Iodine attaching handler %p to uuid %p", (void *)handler,
+                (void *)uuid);
+  if (handler == Qnil || handler == Qfalse || handler == Qtrue) {
+    fio_close(uuid);
+    return;
+  }
+  /* temporary, in case `iodine_connection_new` invokes the GC */
+  iodine_protocol_s *p = malloc(sizeof(*p));
+  FIO_ASSERT_ALLOC(p);
+  *p = (iodine_protocol_s){
+      .p =
+          {
+              .on_data = iodine_tcp_on_data,
+              .on_ready = NULL /* set only after the on_open callback */,
+              .on_shutdown = iodine_tcp_on_shutdown,
+              .on_close = iodine_tcp_on_close,
+              .ping = iodine_tcp_ping,
+          },
+      .io = iodine_connection_new(.type = IODINE_CONNECTION_RAW, .uuid = uuid,
+                                  .arg = p, .handler = handler),
+  };
+  /* clear away (remember the connection object manages these concerns) */
+  fio_attach(uuid, &p->p);
+  if (fio_is_valid(uuid)) {
+    iodine_connection_fire_event(p->io, IODINE_CONNECTION_ON_OPEN, Qnil);
+    p->p.on_ready = iodine_tcp_on_ready;
+    fio_force_event(uuid, FIO_EVENT_ON_READY);
+  } else {
+    FIO_LOG_DEBUG(
+        "Iodine couldn't attach handler %p to uuid %p - invalid uuid.",
+        (void *)handler, (void *)uuid);
+  }
+}

data/ext/iodine/iodine_tcp.h

@@ -0,0 +1,13 @@
+#ifndef H_IODINE_RAW_TCP_IP_H
+#define H_IODINE_RAW_TCP_IP_H
+
+#include "ruby.h"
+
+#include "iodine.h"
+
+void iodine_init_tcp_connections(void);
+void iodine_tcp_attch_uuid(intptr_t uuid, VALUE handler);
+intptr_t iodine_tcp_listen(iodine_connection_args_s args);
+intptr_t iodine_tcp_connect(iodine_connection_args_s args);
+
+#endif

data/ext/iodine/iodine_tls.c

@@ -0,0 +1,261 @@
+#ifdef __MINGW32__
+// make pedantic compiler happy
+typedef struct {
+  int bogus;
+} bogus_s;
+
+#else
+#include <ruby.h>
+
+#include <fio.h>
+#include <fio_tls.h>
+#include <iodine.h>
+
+static VALUE server_name_sym = Qnil, certificate_sym = Qnil,
+             private_key_sym = Qnil, password_sym = Qnil;
+VALUE IodineTLSClass;
+/* *****************************************************************************
+C <=> Ruby Data allocation
+***************************************************************************** */
+
+static size_t iodine_tls_data_size(const void *c_) {
+  return sizeof(fio_tls_s *);
+  (void)c_;
+}
+
+static void iodine_tls_data_free(void *c_) { fio_tls_destroy(c_); }
+
+static const rb_data_type_t iodine_tls_data_type = {
+    .wrap_struct_name = "IodineTLSData",
+    .function =
+        {
+            .dmark = NULL,
+            .dfree = iodine_tls_data_free,
+            .dsize = iodine_tls_data_size,
+        },
+    .data = NULL,
+    // .flags = RUBY_TYPED_FREE_IMMEDIATELY,
+};
+
+/* Iodine::PubSub::Engine.allocate */
+static VALUE iodine_tls_data_alloc_c(VALUE klass) {
+  fio_tls_s *tls = fio_tls_new(NULL, NULL, NULL, NULL);
+  FIO_ASSERT_ALLOC(tls);
+  return TypedData_Wrap_Struct(klass, &iodine_tls_data_type, tls);
+}
+
+/* *****************************************************************************
+ALPN selection callback
+***************************************************************************** */
+
+FIO_FUNC void iodine_tls_alpn_cb(intptr_t uuid, void *udata, void *block_) {
+  if (!fio_is_valid(uuid)) {
+    FIO_LOG_DEBUG("ALPN callback called for invalid connetion. SSL/TLS error?");
+    return;
+  }
+  VALUE new_handler = IodineCaller.call((VALUE)block_, iodine_call_id);
+  if (!new_handler || new_handler == Qnil || new_handler == Qtrue ||
+      new_handler == Qfalse) {
+    fio_close(uuid);
+    return;
+  }
+
+  iodine_tcp_attch_uuid(uuid, new_handler);
+
+  (void)udata; /* we can't use `udata`, since it's different in HTTP vs. TCP */
+}
+
+/* *****************************************************************************
+C API
+***************************************************************************** */
+
+fio_tls_s *iodine_tls2c(VALUE self) {
+  fio_tls_s *c = NULL;
+  if (self == Qnil || self == Qfalse)
+    return NULL;
+  TypedData_Get_Struct(self, fio_tls_s, &iodine_tls_data_type, c);
+  if (!c) {
+    rb_raise(rb_eTypeError, "Iodine::TLS error - not an Iodine::TLS object?");
+  }
+  return c;
+}
+
+/* *****************************************************************************
+Ruby API
+***************************************************************************** */
+
+/**
+Assigns the TLS context a public sertificate, allowing remote parties to
+validate the connection's identity.
+
+A self signed certificate is automatically created if the `server_name` argument
+is specified and either (or both) of the `certificate` or `private_ket`
+arguments are missing.
+
+Some implementations allow servers to have more than a single certificate, which
+will be selected using the SNI extension. I believe the existing OpenSSL
+implementation supports this option (untested).
+
+     Iodine::TLS#use_certificate(server_name,
+                                 certificate = nil,
+                                 private_key = nil,
+                                 password = nil)
+
+Certificates and keys should be String objects leading to a PEM file.
+
+This method also accepts named arguments. i.e.:
+
+     tls = Iodine::TLS.new
+     tls.use_certificate server_name: "example.com"
+     tls.use_certificate certificate: "my_cert.pem", private_key: "my_key.pem"
+
+Since TLS setup is crucial for security, a missing file will result in Iodine
+crashing with an error message. This is expected behavior.
+
+*/
+static VALUE iodine_tls_use_certificate(int argc, VALUE *argv, VALUE self) {
+  VALUE server_name = Qnil, certificate = Qnil, private_key = Qnil,
+        password = Qnil;
+  if (argc == 1 && RB_TYPE_P(argv[0], T_HASH)) {
+    /* named arguments */
+    server_name = rb_hash_aref(argv[0], server_name_sym);
+    certificate = rb_hash_aref(argv[0], certificate_sym);
+    private_key = rb_hash_aref(argv[0], private_key_sym);
+    password = rb_hash_aref(argv[0], password_sym);
+  } else {
+    /* regular arguments */
+    switch (argc) {
+    case 4: /* overflow */
+      password = argv[3];
+      Check_Type(password, T_STRING);
+    case 3: /* overflow */
+      private_key = argv[1];
+      Check_Type(private_key, T_STRING);
+    case 2: /* overflow */
+      certificate = argv[2];
+      Check_Type(certificate, T_STRING);
+    case 1: /* overflow */
+      server_name = argv[0];
+      Check_Type(server_name, T_STRING);
+      break;
+    default:
+      rb_raise(rb_eArgError, "expecting 1..4 arguments or named arguments.");
+      return self;
+    }
+  }
+
+  fio_tls_s *t = iodine_tls2c(self);
+  char *srvname = (server_name == Qnil ? NULL : StringValueCStr(server_name));
+  char *pubcert = (certificate == Qnil ? NULL : StringValueCStr(certificate));
+  char *prvkey = (private_key == Qnil ? NULL : StringValueCStr(private_key));
+  char *pass = (password == Qnil ? NULL : StringValueCStr(password));
+
+  fio_tls_cert_add(t, srvname, pubcert, prvkey, pass);
+  return self;
+}
+
+/**
+Adds a certificate PEM file to the list of trusted certificates and enforces
+peer verification.
+
+This is extremely important when using {Iodine::TLS} for client connections,
+since adding the target server's
+
+It is enough to add the Certificate Authority's (CA) certificate, there's no
+need to add each client or server certificate.
+
+When {trust} is used on a server TLS, only trusted clients will be allowed to
+connect.
+
+Since TLS setup is crucial for security, a missing file will result in Iodine
+crashing with an error message. This is expected behavior.
+*/
+static VALUE iodine_tls_trust(VALUE self, VALUE certificate) {
+  Check_Type(certificate, T_STRING);
+  fio_tls_s *t = iodine_tls2c(self);
+  char *pubcert =
+      (certificate == Qnil ? NULL : IODINE_RSTRINFO(certificate).data);
+  fio_tls_trust(t, pubcert);
+  return self;
+}
+
+/**
+Adds an ALPN protocol callback for the named protocol, the required block must
+return the handler for that protocol.
+
+The first protocol added will be the default protocol in cases where ALPN
+failed.
+
+i.e.:
+
+     tls.on_protocol("http/1.1") { HTTPConnection.new }
+
+When implementing TLS clients, this identifies the protocol(s) that should be
+requested by the client.
+
+When implementing TLS servers, this identifies the protocol(s) offered by the
+server.
+
+More than a single protocol can be set, but iodine doesn't offer, at this
+moment, a way to handle these changes or to detect which protocol was selected
+except by assigning a different callback per protocol.
+
+This is implemented using the ALPN extension to TLS.
+*/
+static VALUE iodine_tls_alpn(VALUE self, VALUE protocol_name) {
+  Check_Type(protocol_name, T_STRING);
+  rb_need_block();
+  fio_tls_s *t = iodine_tls2c(self);
+  char *prname =
+      (protocol_name == Qnil ? NULL : IODINE_RSTRINFO(protocol_name).data);
+  VALUE block = IodineStore.add(rb_block_proc());
+  fio_tls_alpn_add(t, prname, iodine_tls_alpn_cb, (void *)block,
+                   (void (*)(void *))IodineStore.remove);
+  return self;
+}
+
+/**
+Creates a new {Iodine::TLS} object and calles the {#use_certificate} method with
+the supplied arguments.
+*/
+static VALUE iodine_tls_new(int argc, VALUE *argv, VALUE self) {
+  if (argc) {
+    iodine_tls_use_certificate(argc, argv, self);
+  }
+  return self;
+}
+
+/* *****************************************************************************
+Initialize Iodine::TLS
+***************************************************************************** */
+#define IODINE_MAKE_SYM(name)                                                  \
+  do {                                                                         \
+    name##_sym = rb_id2sym(rb_intern(#name));                                  \
+    rb_global_variable(&name##_sym);                                           \
+  } while (0)
+
+void iodine_init_tls(void) {
+
+  IODINE_MAKE_SYM(server_name);
+  IODINE_MAKE_SYM(certificate);
+  IODINE_MAKE_SYM(private_key);
+  IODINE_MAKE_SYM(password);
+
+  IodineTLSClass = rb_define_class_under(IodineModule, "TLS", rb_cObject);
+  rb_define_alloc_func(IodineTLSClass, iodine_tls_data_alloc_c);
+  rb_define_method(IodineTLSClass, "initialize", iodine_tls_new, -1);
+  rb_define_method(IodineTLSClass, "use_certificate",
+                   iodine_tls_use_certificate, -1);
+  rb_define_method(IodineTLSClass, "trust", iodine_tls_trust, 1);
+  rb_define_method(IodineTLSClass, "on_protocol", iodine_tls_alpn, 1);
+
+#if HAVE_OPENSSL
+  rb_const_set(IodineTLSClass, rb_intern("SUPPORTED"), Qtrue);
+#elif HAVE_BEARSSL
+  rb_const_set(IodineTLSClass, rb_intern("SUPPORTED"), Qfalse);
+#else
+  rb_const_set(IodineTLSClass, rb_intern("SUPPORTED"), Qfalse);
+#endif
+}
+#undef IODINE_MAKE_SYM
+#endif

data/ext/iodine/iodine_tls.h

@@ -0,0 +1,13 @@
+#ifndef H_IODINE_TLS_H
+#define H_IODINE_TLS_H
+
+#include "iodine.h"
+
+#include "fio_tls.h"
+
+void iodine_init_tls(void);
+fio_tls_s *iodine_tls2c(VALUE self);
+
+extern VALUE IodineTLSClass;
+
+#endif