ruby-tls 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +14 -6
- data/EM-LICENSE +60 -60
- data/README.md +69 -69
- data/Rakefile +19 -19
- data/ext/Rakefile +18 -18
- data/ext/tls/page.cpp +107 -107
- data/ext/tls/page.h +61 -62
- data/ext/tls/ssl.cpp +593 -591
- data/ext/tls/ssl.h +130 -130
- data/lib/ruby-tls/connection.rb +121 -121
- data/lib/ruby-tls/ext.rb +32 -32
- data/lib/ruby-tls/version.rb +3 -3
- data/lib/ruby-tls.rb +7 -7
- data/ruby-tls.gemspec +32 -32
- data/spec/client.crt +31 -31
- data/spec/client.key +51 -51
- data/spec/comms_spec.rb +147 -147
- data/spec/verify_spec.rb +118 -118
- metadata +18 -16
data/ext/tls/ssl.h
CHANGED
@@ -1,130 +1,130 @@
|
|
1
|
-
/*****************************************************************************
|
2
|
-
|
3
|
-
$Id$
|
4
|
-
|
5
|
-
File: ssl.h
|
6
|
-
Date: 30Apr06
|
7
|
-
|
8
|
-
Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
|
9
|
-
Gmail: blackhedd
|
10
|
-
|
11
|
-
This program is free software; you can redistribute it and/or modify
|
12
|
-
it under the terms of either: 1) the GNU General Public License
|
13
|
-
as published by the Free Software Foundation; either version 2 of the
|
14
|
-
License, or (at your option) any later version; or 2) Ruby's License.
|
15
|
-
|
16
|
-
See the file COPYING for complete licensing information.
|
17
|
-
|
18
|
-
*****************************************************************************/
|
19
|
-
|
20
|
-
|
21
|
-
#ifndef __SslBox__H_
|
22
|
-
#define __SslBox__H_
|
23
|
-
|
24
|
-
#include <iostream>
|
25
|
-
#include <string>
|
26
|
-
|
27
|
-
#include <openssl/ssl.h>
|
28
|
-
#include <openssl/err.h>
|
29
|
-
|
30
|
-
#include <assert.h>
|
31
|
-
|
32
|
-
#include "page.h"
|
33
|
-
|
34
|
-
using namespace std;
|
35
|
-
|
36
|
-
|
37
|
-
/******************
|
38
|
-
class SslContext_t
|
39
|
-
******************/
|
40
|
-
|
41
|
-
class SslContext_t
|
42
|
-
{
|
43
|
-
public:
|
44
|
-
SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
|
45
|
-
virtual ~SslContext_t();
|
46
|
-
|
47
|
-
private:
|
48
|
-
static bool bLibraryInitialized;
|
49
|
-
|
50
|
-
private:
|
51
|
-
bool bIsServer;
|
52
|
-
SSL_CTX *pCtx;
|
53
|
-
|
54
|
-
EVP_PKEY *PrivateKey;
|
55
|
-
X509 *Certificate;
|
56
|
-
|
57
|
-
friend class SslBox_t;
|
58
|
-
};
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
typedef struct tls_state_s tls_state_t;
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
/**************
|
68
|
-
class SslBox_t
|
69
|
-
**************/
|
70
|
-
|
71
|
-
class SslBox_t
|
72
|
-
{
|
73
|
-
public:
|
74
|
-
SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
|
75
|
-
virtual ~SslBox_t();
|
76
|
-
|
77
|
-
int PutPlaintext (const char*, int);
|
78
|
-
int GetPlaintext (char*, int);
|
79
|
-
|
80
|
-
bool PutCiphertext (const char*, int);
|
81
|
-
bool CanGetCiphertext();
|
82
|
-
int GetCiphertext (char*, int);
|
83
|
-
bool IsHandshakeCompleted() { return bHandshakeCompleted; }
|
84
|
-
|
85
|
-
X509 *GetPeerCert();
|
86
|
-
|
87
|
-
void Shutdown();
|
88
|
-
|
89
|
-
protected:
|
90
|
-
SslContext_t *Context;
|
91
|
-
|
92
|
-
bool bIsServer;
|
93
|
-
bool bHandshakeCompleted;
|
94
|
-
bool bVerifyPeer;
|
95
|
-
SSL *pSSL;
|
96
|
-
BIO *pbioRead;
|
97
|
-
BIO *pbioWrite;
|
98
|
-
|
99
|
-
PageList OutboundQ;
|
100
|
-
};
|
101
|
-
|
102
|
-
|
103
|
-
typedef void (*ssl_close_cb)(const tls_state_t*);
|
104
|
-
typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
|
105
|
-
typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
|
106
|
-
typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
|
107
|
-
typedef void (*ssl_handshake_cb)(const tls_state_t*);
|
108
|
-
|
109
|
-
struct tls_state_s {
|
110
|
-
int handshake_signaled;
|
111
|
-
|
112
|
-
ssl_close_cb close_cb;
|
113
|
-
ssl_verify_cb verify_cb;
|
114
|
-
ssl_dispatch_cb dispatch_cb;
|
115
|
-
ssl_transmit_cb transmit_cb;
|
116
|
-
ssl_handshake_cb handshake_cb;
|
117
|
-
|
118
|
-
SslBox_t* SslBox;
|
119
|
-
};
|
120
|
-
|
121
|
-
|
122
|
-
extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
|
123
|
-
|
124
|
-
extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
|
125
|
-
extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
|
126
|
-
extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
|
127
|
-
extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
|
128
|
-
|
129
|
-
|
130
|
-
#endif // __SslBox__H_
|
1
|
+
/*****************************************************************************
|
2
|
+
|
3
|
+
$Id$
|
4
|
+
|
5
|
+
File: ssl.h
|
6
|
+
Date: 30Apr06
|
7
|
+
|
8
|
+
Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
|
9
|
+
Gmail: blackhedd
|
10
|
+
|
11
|
+
This program is free software; you can redistribute it and/or modify
|
12
|
+
it under the terms of either: 1) the GNU General Public License
|
13
|
+
as published by the Free Software Foundation; either version 2 of the
|
14
|
+
License, or (at your option) any later version; or 2) Ruby's License.
|
15
|
+
|
16
|
+
See the file COPYING for complete licensing information.
|
17
|
+
|
18
|
+
*****************************************************************************/
|
19
|
+
|
20
|
+
|
21
|
+
#ifndef __SslBox__H_
|
22
|
+
#define __SslBox__H_
|
23
|
+
|
24
|
+
#include <iostream>
|
25
|
+
#include <string>
|
26
|
+
|
27
|
+
#include <openssl/ssl.h>
|
28
|
+
#include <openssl/err.h>
|
29
|
+
|
30
|
+
#include <assert.h>
|
31
|
+
|
32
|
+
#include "page.h"
|
33
|
+
|
34
|
+
using namespace std;
|
35
|
+
|
36
|
+
|
37
|
+
/******************
|
38
|
+
class SslContext_t
|
39
|
+
******************/
|
40
|
+
|
41
|
+
class SslContext_t
|
42
|
+
{
|
43
|
+
public:
|
44
|
+
SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
|
45
|
+
virtual ~SslContext_t();
|
46
|
+
|
47
|
+
private:
|
48
|
+
static bool bLibraryInitialized;
|
49
|
+
|
50
|
+
private:
|
51
|
+
bool bIsServer;
|
52
|
+
SSL_CTX *pCtx;
|
53
|
+
|
54
|
+
EVP_PKEY *PrivateKey;
|
55
|
+
X509 *Certificate;
|
56
|
+
|
57
|
+
friend class SslBox_t;
|
58
|
+
};
|
59
|
+
|
60
|
+
|
61
|
+
|
62
|
+
|
63
|
+
typedef struct tls_state_s tls_state_t;
|
64
|
+
|
65
|
+
|
66
|
+
|
67
|
+
/**************
|
68
|
+
class SslBox_t
|
69
|
+
**************/
|
70
|
+
|
71
|
+
class SslBox_t
|
72
|
+
{
|
73
|
+
public:
|
74
|
+
SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
|
75
|
+
virtual ~SslBox_t();
|
76
|
+
|
77
|
+
int PutPlaintext (const char*, int);
|
78
|
+
int GetPlaintext (char*, int);
|
79
|
+
|
80
|
+
bool PutCiphertext (const char*, int);
|
81
|
+
bool CanGetCiphertext();
|
82
|
+
int GetCiphertext (char*, int);
|
83
|
+
bool IsHandshakeCompleted() { return bHandshakeCompleted; }
|
84
|
+
|
85
|
+
X509 *GetPeerCert();
|
86
|
+
|
87
|
+
void Shutdown();
|
88
|
+
|
89
|
+
protected:
|
90
|
+
SslContext_t *Context;
|
91
|
+
|
92
|
+
bool bIsServer;
|
93
|
+
bool bHandshakeCompleted;
|
94
|
+
bool bVerifyPeer;
|
95
|
+
SSL *pSSL;
|
96
|
+
BIO *pbioRead;
|
97
|
+
BIO *pbioWrite;
|
98
|
+
|
99
|
+
PageList OutboundQ;
|
100
|
+
};
|
101
|
+
|
102
|
+
|
103
|
+
typedef void (*ssl_close_cb)(const tls_state_t*);
|
104
|
+
typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
|
105
|
+
typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
|
106
|
+
typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
|
107
|
+
typedef void (*ssl_handshake_cb)(const tls_state_t*);
|
108
|
+
|
109
|
+
struct tls_state_s {
|
110
|
+
int handshake_signaled;
|
111
|
+
|
112
|
+
ssl_close_cb close_cb;
|
113
|
+
ssl_verify_cb verify_cb;
|
114
|
+
ssl_dispatch_cb dispatch_cb;
|
115
|
+
ssl_transmit_cb transmit_cb;
|
116
|
+
ssl_handshake_cb handshake_cb;
|
117
|
+
|
118
|
+
SslBox_t* SslBox;
|
119
|
+
};
|
120
|
+
|
121
|
+
|
122
|
+
extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
|
123
|
+
|
124
|
+
extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
|
125
|
+
extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
|
126
|
+
extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
|
127
|
+
extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
|
128
|
+
|
129
|
+
|
130
|
+
#endif // __SslBox__H_
|
data/lib/ruby-tls/connection.rb
CHANGED
@@ -1,121 +1,121 @@
|
|
1
|
-
|
2
|
-
module RubyTls
|
3
|
-
class Connection
|
4
|
-
CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
|
5
|
-
|
6
|
-
#
|
7
|
-
# Initializes the State instance.
|
8
|
-
#
|
9
|
-
def initialize(callback_obj = nil)
|
10
|
-
@state = ::RubyTls::State.new
|
11
|
-
@callbacks = {} # so GC doesn't clean them up on java
|
12
|
-
@started = false
|
13
|
-
|
14
|
-
if not callback_obj.nil?
|
15
|
-
CALLBACKS.each do |callback|
|
16
|
-
self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
20
|
-
yield self if block_given?
|
21
|
-
end
|
22
|
-
|
23
|
-
def close_cb(&block)
|
24
|
-
cb = Callback.new(@callbacks, &block)
|
25
|
-
@callbacks[:close_cb] = cb
|
26
|
-
@state[:close_cb] = cb
|
27
|
-
end
|
28
|
-
|
29
|
-
def verify_cb
|
30
|
-
cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
|
31
|
-
begin
|
32
|
-
yield(cert) == true ? 1 : 0
|
33
|
-
rescue
|
34
|
-
# TODO:: Provide some debugging output
|
35
|
-
0
|
36
|
-
end
|
37
|
-
end
|
38
|
-
@callbacks[:verify_cb] = cb
|
39
|
-
@state[:verify_cb] = cb
|
40
|
-
end
|
41
|
-
|
42
|
-
def dispatch_cb(&block)
|
43
|
-
cb = DataCallback.new(@callbacks, &block)
|
44
|
-
@callbacks[:dispatch_cb] = cb
|
45
|
-
@state[:dispatch_cb] = cb
|
46
|
-
end
|
47
|
-
|
48
|
-
def transmit_cb(&block)
|
49
|
-
cb = DataCallback.new(@callbacks, &block)
|
50
|
-
@callbacks[:transmit_cb] = cb
|
51
|
-
@state[:transmit_cb] = cb
|
52
|
-
end
|
53
|
-
|
54
|
-
def handshake_cb(&block)
|
55
|
-
cb = Callback.new(@callbacks, &block)
|
56
|
-
@callbacks[:handshake_cb] = cb
|
57
|
-
@state[:handshake_cb] = cb
|
58
|
-
end
|
59
|
-
|
60
|
-
|
61
|
-
def start(args = {})
|
62
|
-
return if @started
|
63
|
-
|
64
|
-
server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
|
65
|
-
[priv_key, cert_chain].each do |file|
|
66
|
-
next if file.nil? or file.empty?
|
67
|
-
raise FileNotFoundException,
|
68
|
-
"Could not find #{file} to start tls" unless File.exists? file
|
69
|
-
end
|
70
|
-
|
71
|
-
@started = true
|
72
|
-
::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
|
73
|
-
end
|
74
|
-
|
75
|
-
def encrypt(data)
|
76
|
-
return unless @started
|
77
|
-
::RubyTls.encrypt_data(@state, data, data.length)
|
78
|
-
end
|
79
|
-
|
80
|
-
def decrypt(data)
|
81
|
-
return unless @started
|
82
|
-
::RubyTls.decrypt_data(@state, data, data.length)
|
83
|
-
end
|
84
|
-
|
85
|
-
|
86
|
-
protected
|
87
|
-
|
88
|
-
|
89
|
-
class Callback < ::FFI::Function
|
90
|
-
#
|
91
|
-
# Creates a new Parser callback.
|
92
|
-
#
|
93
|
-
def self.new(callbacks)
|
94
|
-
super(:void, [::RubyTls::State.ptr]) do |state|
|
95
|
-
begin
|
96
|
-
yield
|
97
|
-
rescue => e
|
98
|
-
# shutdown the connection on error
|
99
|
-
# TODO:: Provide some debugging output
|
100
|
-
callbacks[:close_cb].call state
|
101
|
-
end
|
102
|
-
end
|
103
|
-
end
|
104
|
-
end
|
105
|
-
|
106
|
-
class DataCallback < ::FFI::Function
|
107
|
-
def self.new(callbacks)
|
108
|
-
super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
|
109
|
-
begin
|
110
|
-
data = buffer.get_bytes(0, length)
|
111
|
-
yield(data)
|
112
|
-
rescue => e
|
113
|
-
# shutdown the connection on error
|
114
|
-
# TODO:: Provide some debugging output
|
115
|
-
callbacks[:close_cb].call state
|
116
|
-
end
|
117
|
-
end
|
118
|
-
end
|
119
|
-
end
|
120
|
-
end
|
121
|
-
end
|
1
|
+
|
2
|
+
module RubyTls
|
3
|
+
class Connection
|
4
|
+
CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
|
5
|
+
|
6
|
+
#
|
7
|
+
# Initializes the State instance.
|
8
|
+
#
|
9
|
+
def initialize(callback_obj = nil)
|
10
|
+
@state = ::RubyTls::State.new
|
11
|
+
@callbacks = {} # so GC doesn't clean them up on java
|
12
|
+
@started = false
|
13
|
+
|
14
|
+
if not callback_obj.nil?
|
15
|
+
CALLBACKS.each do |callback|
|
16
|
+
self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
yield self if block_given?
|
21
|
+
end
|
22
|
+
|
23
|
+
def close_cb(&block)
|
24
|
+
cb = Callback.new(@callbacks, &block)
|
25
|
+
@callbacks[:close_cb] = cb
|
26
|
+
@state[:close_cb] = cb
|
27
|
+
end
|
28
|
+
|
29
|
+
def verify_cb
|
30
|
+
cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
|
31
|
+
begin
|
32
|
+
yield(cert) == true ? 1 : 0
|
33
|
+
rescue
|
34
|
+
# TODO:: Provide some debugging output
|
35
|
+
0
|
36
|
+
end
|
37
|
+
end
|
38
|
+
@callbacks[:verify_cb] = cb
|
39
|
+
@state[:verify_cb] = cb
|
40
|
+
end
|
41
|
+
|
42
|
+
def dispatch_cb(&block)
|
43
|
+
cb = DataCallback.new(@callbacks, &block)
|
44
|
+
@callbacks[:dispatch_cb] = cb
|
45
|
+
@state[:dispatch_cb] = cb
|
46
|
+
end
|
47
|
+
|
48
|
+
def transmit_cb(&block)
|
49
|
+
cb = DataCallback.new(@callbacks, &block)
|
50
|
+
@callbacks[:transmit_cb] = cb
|
51
|
+
@state[:transmit_cb] = cb
|
52
|
+
end
|
53
|
+
|
54
|
+
def handshake_cb(&block)
|
55
|
+
cb = Callback.new(@callbacks, &block)
|
56
|
+
@callbacks[:handshake_cb] = cb
|
57
|
+
@state[:handshake_cb] = cb
|
58
|
+
end
|
59
|
+
|
60
|
+
|
61
|
+
def start(args = {})
|
62
|
+
return if @started
|
63
|
+
|
64
|
+
server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
|
65
|
+
[priv_key, cert_chain].each do |file|
|
66
|
+
next if file.nil? or file.empty?
|
67
|
+
raise FileNotFoundException,
|
68
|
+
"Could not find #{file} to start tls" unless File.exists? file
|
69
|
+
end
|
70
|
+
|
71
|
+
@started = true
|
72
|
+
::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
|
73
|
+
end
|
74
|
+
|
75
|
+
def encrypt(data)
|
76
|
+
return unless @started
|
77
|
+
::RubyTls.encrypt_data(@state, data, data.length)
|
78
|
+
end
|
79
|
+
|
80
|
+
def decrypt(data)
|
81
|
+
return unless @started
|
82
|
+
::RubyTls.decrypt_data(@state, data, data.length)
|
83
|
+
end
|
84
|
+
|
85
|
+
|
86
|
+
protected
|
87
|
+
|
88
|
+
|
89
|
+
class Callback < ::FFI::Function
|
90
|
+
#
|
91
|
+
# Creates a new Parser callback.
|
92
|
+
#
|
93
|
+
def self.new(callbacks)
|
94
|
+
super(:void, [::RubyTls::State.ptr]) do |state|
|
95
|
+
begin
|
96
|
+
yield
|
97
|
+
rescue => e
|
98
|
+
# shutdown the connection on error
|
99
|
+
# TODO:: Provide some debugging output
|
100
|
+
callbacks[:close_cb].call state
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
class DataCallback < ::FFI::Function
|
107
|
+
def self.new(callbacks)
|
108
|
+
super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
|
109
|
+
begin
|
110
|
+
data = buffer.get_bytes(0, length)
|
111
|
+
yield(data)
|
112
|
+
rescue => e
|
113
|
+
# shutdown the connection on error
|
114
|
+
# TODO:: Provide some debugging output
|
115
|
+
callbacks[:close_cb].call state
|
116
|
+
end
|
117
|
+
end
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
121
|
+
end
|
data/lib/ruby-tls/ext.rb
CHANGED
@@ -1,32 +1,32 @@
|
|
1
|
-
require 'ffi'
|
2
|
-
require 'ffi-compiler/loader'
|
3
|
-
|
4
|
-
module RubyTls
|
5
|
-
extend FFI::Library
|
6
|
-
ffi_lib FFI::Compiler::Loader.find('ruby-tls-ext')
|
7
|
-
|
8
|
-
|
9
|
-
callback :ssl_close_cb, [:pointer], :void
|
10
|
-
callback :ssl_verify_cb, [:pointer, :string], :int
|
11
|
-
callback :ssl_dispatch_cb, [:pointer, :pointer, :int], :void
|
12
|
-
callback :ssl_transmit_cb, [:pointer, :pointer, :int], :void
|
13
|
-
callback :ssl_handshake_cb, [:pointer], :void
|
14
|
-
|
15
|
-
class State < FFI::Struct
|
16
|
-
layout :handshake_sig, :int,
|
17
|
-
|
18
|
-
:close_cb, :ssl_close_cb,
|
19
|
-
:verify_cb, :ssl_verify_cb, # Optional
|
20
|
-
:dispatch_cb, :ssl_dispatch_cb,
|
21
|
-
:transmit_cb, :ssl_transmit_cb,
|
22
|
-
:handshake_cb, :ssl_handshake_cb, # Optional unless first to send data
|
23
|
-
|
24
|
-
:ssl_box, :pointer
|
25
|
-
end
|
26
|
-
|
27
|
-
|
28
|
-
attach_function :start_tls, [State.by_ref, :bool, :string, :string, :bool], :void, :blocking => true
|
29
|
-
attach_function :decrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
|
30
|
-
attach_function :encrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
|
31
|
-
#attach_function :get_peer_cert, [], :int, :blocking => true
|
32
|
-
end
|
1
|
+
require 'ffi'
|
2
|
+
require 'ffi-compiler/loader'
|
3
|
+
|
4
|
+
module RubyTls
|
5
|
+
extend FFI::Library
|
6
|
+
ffi_lib FFI::Compiler::Loader.find('ruby-tls-ext')
|
7
|
+
|
8
|
+
|
9
|
+
callback :ssl_close_cb, [:pointer], :void
|
10
|
+
callback :ssl_verify_cb, [:pointer, :string], :int
|
11
|
+
callback :ssl_dispatch_cb, [:pointer, :pointer, :int], :void
|
12
|
+
callback :ssl_transmit_cb, [:pointer, :pointer, :int], :void
|
13
|
+
callback :ssl_handshake_cb, [:pointer], :void
|
14
|
+
|
15
|
+
class State < FFI::Struct
|
16
|
+
layout :handshake_sig, :int,
|
17
|
+
|
18
|
+
:close_cb, :ssl_close_cb,
|
19
|
+
:verify_cb, :ssl_verify_cb, # Optional
|
20
|
+
:dispatch_cb, :ssl_dispatch_cb,
|
21
|
+
:transmit_cb, :ssl_transmit_cb,
|
22
|
+
:handshake_cb, :ssl_handshake_cb, # Optional unless first to send data
|
23
|
+
|
24
|
+
:ssl_box, :pointer
|
25
|
+
end
|
26
|
+
|
27
|
+
|
28
|
+
attach_function :start_tls, [State.by_ref, :bool, :string, :string, :bool], :void, :blocking => true
|
29
|
+
attach_function :decrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
|
30
|
+
attach_function :encrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
|
31
|
+
#attach_function :get_peer_cert, [], :int, :blocking => true
|
32
|
+
end
|
data/lib/ruby-tls/version.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
|
-
module RubyTls
|
2
|
-
VERSION = "1.0.
|
3
|
-
end
|
1
|
+
module RubyTls
|
2
|
+
VERSION = "1.0.1"
|
3
|
+
end
|
data/lib/ruby-tls.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
|
-
require "ffi" # Bindings to C libraries
|
2
|
-
|
3
|
-
require "ruby-tls/ext" # Loads the ext using FFI
|
4
|
-
require "ruby-tls/connection" # The ruby abstraction
|
5
|
-
|
6
|
-
module RubyTls
|
7
|
-
end
|
1
|
+
require "ffi" # Bindings to C libraries
|
2
|
+
|
3
|
+
require "ruby-tls/ext" # Loads the ext using FFI
|
4
|
+
require "ruby-tls/connection" # The ruby abstraction
|
5
|
+
|
6
|
+
module RubyTls
|
7
|
+
end
|
data/ruby-tls.gemspec
CHANGED
@@ -1,32 +1,32 @@
|
|
1
|
-
# -*- encoding: utf-8 -*-
|
2
|
-
$:.push File.expand_path("../lib", __FILE__)
|
3
|
-
require "ruby-tls/version"
|
4
|
-
|
5
|
-
Gem::Specification.new do |s|
|
6
|
-
s.name = "ruby-tls"
|
7
|
-
s.version = RubyTls::VERSION
|
8
|
-
s.authors = ["Stephen von Takach"]
|
9
|
-
s.email = ["steve@cotag.me"]
|
10
|
-
s.
|
11
|
-
s.homepage = "https://github.com/cotag/ruby-tls"
|
12
|
-
s.summary = "Abstract TLS for Ruby"
|
13
|
-
s.description = <<-EOF
|
14
|
-
Allows transport layers outside Ruby TCP be secured.
|
15
|
-
EOF
|
16
|
-
|
17
|
-
|
18
|
-
s.add_dependency 'ffi-compiler', '>= 0.0.2'
|
19
|
-
s.add_dependency 'rake'
|
20
|
-
|
21
|
-
s.add_development_dependency 'rspec'
|
22
|
-
s.add_development_dependency 'yard'
|
23
|
-
|
24
|
-
|
25
|
-
s.files = Dir["{lib}/**/*"] + %w(Rakefile ruby-tls.gemspec README.md EM-LICENSE)
|
26
|
-
s.files += ["ext/tls/ssl.cpp", "ext/tls/ssl.h", "ext/tls/page.cpp", "ext/tls/page.h"]
|
27
|
-
s.test_files = Dir["spec/**/*"]
|
28
|
-
s.extra_rdoc_files = ["README.md"]
|
29
|
-
|
30
|
-
s.extensions << "ext/Rakefile"
|
31
|
-
s.require_paths = ["lib"]
|
32
|
-
end
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "ruby-tls/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "ruby-tls"
|
7
|
+
s.version = RubyTls::VERSION
|
8
|
+
s.authors = ["Stephen von Takach"]
|
9
|
+
s.email = ["steve@cotag.me"]
|
10
|
+
s.licenses = ["Ruby", "GPL"]
|
11
|
+
s.homepage = "https://github.com/cotag/ruby-tls"
|
12
|
+
s.summary = "Abstract TLS for Ruby"
|
13
|
+
s.description = <<-EOF
|
14
|
+
Allows transport layers outside Ruby TCP be secured.
|
15
|
+
EOF
|
16
|
+
|
17
|
+
|
18
|
+
s.add_dependency 'ffi-compiler', '>= 0.0.2'
|
19
|
+
s.add_dependency 'rake'
|
20
|
+
|
21
|
+
s.add_development_dependency 'rspec'
|
22
|
+
s.add_development_dependency 'yard'
|
23
|
+
|
24
|
+
|
25
|
+
s.files = Dir["{lib}/**/*"] + %w(Rakefile ruby-tls.gemspec README.md EM-LICENSE)
|
26
|
+
s.files += ["ext/tls/ssl.cpp", "ext/tls/ssl.h", "ext/tls/page.cpp", "ext/tls/page.h"]
|
27
|
+
s.test_files = Dir["spec/**/*"]
|
28
|
+
s.extra_rdoc_files = ["README.md"]
|
29
|
+
|
30
|
+
s.extensions << "ext/Rakefile"
|
31
|
+
s.require_paths = ["lib"]
|
32
|
+
end
|