ruby-tls 1.0.0 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
data/ext/tls/ssl.h CHANGED
@@ -1,130 +1,130 @@
1
- /*****************************************************************************
2
-
3
- $Id$
4
-
5
- File: ssl.h
6
- Date: 30Apr06
7
-
8
- Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
9
- Gmail: blackhedd
10
-
11
- This program is free software; you can redistribute it and/or modify
12
- it under the terms of either: 1) the GNU General Public License
13
- as published by the Free Software Foundation; either version 2 of the
14
- License, or (at your option) any later version; or 2) Ruby's License.
15
-
16
- See the file COPYING for complete licensing information.
17
-
18
- *****************************************************************************/
19
-
20
-
21
- #ifndef __SslBox__H_
22
- #define __SslBox__H_
23
-
24
- #include <iostream>
25
- #include <string>
26
-
27
- #include <openssl/ssl.h>
28
- #include <openssl/err.h>
29
-
30
- #include <assert.h>
31
-
32
- #include "page.h"
33
-
34
- using namespace std;
35
-
36
-
37
- /******************
38
- class SslContext_t
39
- ******************/
40
-
41
- class SslContext_t
42
- {
43
- public:
44
- SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
45
- virtual ~SslContext_t();
46
-
47
- private:
48
- static bool bLibraryInitialized;
49
-
50
- private:
51
- bool bIsServer;
52
- SSL_CTX *pCtx;
53
-
54
- EVP_PKEY *PrivateKey;
55
- X509 *Certificate;
56
-
57
- friend class SslBox_t;
58
- };
59
-
60
-
61
-
62
-
63
- typedef struct tls_state_s tls_state_t;
64
-
65
-
66
-
67
- /**************
68
- class SslBox_t
69
- **************/
70
-
71
- class SslBox_t
72
- {
73
- public:
74
- SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
75
- virtual ~SslBox_t();
76
-
77
- int PutPlaintext (const char*, int);
78
- int GetPlaintext (char*, int);
79
-
80
- bool PutCiphertext (const char*, int);
81
- bool CanGetCiphertext();
82
- int GetCiphertext (char*, int);
83
- bool IsHandshakeCompleted() { return bHandshakeCompleted; }
84
-
85
- X509 *GetPeerCert();
86
-
87
- void Shutdown();
88
-
89
- protected:
90
- SslContext_t *Context;
91
-
92
- bool bIsServer;
93
- bool bHandshakeCompleted;
94
- bool bVerifyPeer;
95
- SSL *pSSL;
96
- BIO *pbioRead;
97
- BIO *pbioWrite;
98
-
99
- PageList OutboundQ;
100
- };
101
-
102
-
103
- typedef void (*ssl_close_cb)(const tls_state_t*);
104
- typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
105
- typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
106
- typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
107
- typedef void (*ssl_handshake_cb)(const tls_state_t*);
108
-
109
- struct tls_state_s {
110
- int handshake_signaled;
111
-
112
- ssl_close_cb close_cb;
113
- ssl_verify_cb verify_cb;
114
- ssl_dispatch_cb dispatch_cb;
115
- ssl_transmit_cb transmit_cb;
116
- ssl_handshake_cb handshake_cb;
117
-
118
- SslBox_t* SslBox;
119
- };
120
-
121
-
122
- extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
123
-
124
- extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
125
- extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
126
- extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
127
- extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
128
-
129
-
130
- #endif // __SslBox__H_
1
+ /*****************************************************************************
2
+
3
+ $Id$
4
+
5
+ File: ssl.h
6
+ Date: 30Apr06
7
+
8
+ Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
9
+ Gmail: blackhedd
10
+
11
+ This program is free software; you can redistribute it and/or modify
12
+ it under the terms of either: 1) the GNU General Public License
13
+ as published by the Free Software Foundation; either version 2 of the
14
+ License, or (at your option) any later version; or 2) Ruby's License.
15
+
16
+ See the file COPYING for complete licensing information.
17
+
18
+ *****************************************************************************/
19
+
20
+
21
+ #ifndef __SslBox__H_
22
+ #define __SslBox__H_
23
+
24
+ #include <iostream>
25
+ #include <string>
26
+
27
+ #include <openssl/ssl.h>
28
+ #include <openssl/err.h>
29
+
30
+ #include <assert.h>
31
+
32
+ #include "page.h"
33
+
34
+ using namespace std;
35
+
36
+
37
+ /******************
38
+ class SslContext_t
39
+ ******************/
40
+
41
+ class SslContext_t
42
+ {
43
+ public:
44
+ SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
45
+ virtual ~SslContext_t();
46
+
47
+ private:
48
+ static bool bLibraryInitialized;
49
+
50
+ private:
51
+ bool bIsServer;
52
+ SSL_CTX *pCtx;
53
+
54
+ EVP_PKEY *PrivateKey;
55
+ X509 *Certificate;
56
+
57
+ friend class SslBox_t;
58
+ };
59
+
60
+
61
+
62
+
63
+ typedef struct tls_state_s tls_state_t;
64
+
65
+
66
+
67
+ /**************
68
+ class SslBox_t
69
+ **************/
70
+
71
+ class SslBox_t
72
+ {
73
+ public:
74
+ SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
75
+ virtual ~SslBox_t();
76
+
77
+ int PutPlaintext (const char*, int);
78
+ int GetPlaintext (char*, int);
79
+
80
+ bool PutCiphertext (const char*, int);
81
+ bool CanGetCiphertext();
82
+ int GetCiphertext (char*, int);
83
+ bool IsHandshakeCompleted() { return bHandshakeCompleted; }
84
+
85
+ X509 *GetPeerCert();
86
+
87
+ void Shutdown();
88
+
89
+ protected:
90
+ SslContext_t *Context;
91
+
92
+ bool bIsServer;
93
+ bool bHandshakeCompleted;
94
+ bool bVerifyPeer;
95
+ SSL *pSSL;
96
+ BIO *pbioRead;
97
+ BIO *pbioWrite;
98
+
99
+ PageList OutboundQ;
100
+ };
101
+
102
+
103
+ typedef void (*ssl_close_cb)(const tls_state_t*);
104
+ typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
105
+ typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
106
+ typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
107
+ typedef void (*ssl_handshake_cb)(const tls_state_t*);
108
+
109
+ struct tls_state_s {
110
+ int handshake_signaled;
111
+
112
+ ssl_close_cb close_cb;
113
+ ssl_verify_cb verify_cb;
114
+ ssl_dispatch_cb dispatch_cb;
115
+ ssl_transmit_cb transmit_cb;
116
+ ssl_handshake_cb handshake_cb;
117
+
118
+ SslBox_t* SslBox;
119
+ };
120
+
121
+
122
+ extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
123
+
124
+ extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
125
+ extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
126
+ extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
127
+ extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
128
+
129
+
130
+ #endif // __SslBox__H_
@@ -1,121 +1,121 @@
1
-
2
- module RubyTls
3
- class Connection
4
- CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
5
-
6
- #
7
- # Initializes the State instance.
8
- #
9
- def initialize(callback_obj = nil)
10
- @state = ::RubyTls::State.new
11
- @callbacks = {} # so GC doesn't clean them up on java
12
- @started = false
13
-
14
- if not callback_obj.nil?
15
- CALLBACKS.each do |callback|
16
- self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
17
- end
18
- end
19
-
20
- yield self if block_given?
21
- end
22
-
23
- def close_cb(&block)
24
- cb = Callback.new(@callbacks, &block)
25
- @callbacks[:close_cb] = cb
26
- @state[:close_cb] = cb
27
- end
28
-
29
- def verify_cb
30
- cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
31
- begin
32
- yield(cert) == true ? 1 : 0
33
- rescue
34
- # TODO:: Provide some debugging output
35
- 0
36
- end
37
- end
38
- @callbacks[:verify_cb] = cb
39
- @state[:verify_cb] = cb
40
- end
41
-
42
- def dispatch_cb(&block)
43
- cb = DataCallback.new(@callbacks, &block)
44
- @callbacks[:dispatch_cb] = cb
45
- @state[:dispatch_cb] = cb
46
- end
47
-
48
- def transmit_cb(&block)
49
- cb = DataCallback.new(@callbacks, &block)
50
- @callbacks[:transmit_cb] = cb
51
- @state[:transmit_cb] = cb
52
- end
53
-
54
- def handshake_cb(&block)
55
- cb = Callback.new(@callbacks, &block)
56
- @callbacks[:handshake_cb] = cb
57
- @state[:handshake_cb] = cb
58
- end
59
-
60
-
61
- def start(args = {})
62
- return if @started
63
-
64
- server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
65
- [priv_key, cert_chain].each do |file|
66
- next if file.nil? or file.empty?
67
- raise FileNotFoundException,
68
- "Could not find #{file} to start tls" unless File.exists? file
69
- end
70
-
71
- @started = true
72
- ::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
73
- end
74
-
75
- def encrypt(data)
76
- return unless @started
77
- ::RubyTls.encrypt_data(@state, data, data.length)
78
- end
79
-
80
- def decrypt(data)
81
- return unless @started
82
- ::RubyTls.decrypt_data(@state, data, data.length)
83
- end
84
-
85
-
86
- protected
87
-
88
-
89
- class Callback < ::FFI::Function
90
- #
91
- # Creates a new Parser callback.
92
- #
93
- def self.new(callbacks)
94
- super(:void, [::RubyTls::State.ptr]) do |state|
95
- begin
96
- yield
97
- rescue => e
98
- # shutdown the connection on error
99
- # TODO:: Provide some debugging output
100
- callbacks[:close_cb].call state
101
- end
102
- end
103
- end
104
- end
105
-
106
- class DataCallback < ::FFI::Function
107
- def self.new(callbacks)
108
- super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
109
- begin
110
- data = buffer.get_bytes(0, length)
111
- yield(data)
112
- rescue => e
113
- # shutdown the connection on error
114
- # TODO:: Provide some debugging output
115
- callbacks[:close_cb].call state
116
- end
117
- end
118
- end
119
- end
120
- end
121
- end
1
+
2
+ module RubyTls
3
+ class Connection
4
+ CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
5
+
6
+ #
7
+ # Initializes the State instance.
8
+ #
9
+ def initialize(callback_obj = nil)
10
+ @state = ::RubyTls::State.new
11
+ @callbacks = {} # so GC doesn't clean them up on java
12
+ @started = false
13
+
14
+ if not callback_obj.nil?
15
+ CALLBACKS.each do |callback|
16
+ self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
17
+ end
18
+ end
19
+
20
+ yield self if block_given?
21
+ end
22
+
23
+ def close_cb(&block)
24
+ cb = Callback.new(@callbacks, &block)
25
+ @callbacks[:close_cb] = cb
26
+ @state[:close_cb] = cb
27
+ end
28
+
29
+ def verify_cb
30
+ cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
31
+ begin
32
+ yield(cert) == true ? 1 : 0
33
+ rescue
34
+ # TODO:: Provide some debugging output
35
+ 0
36
+ end
37
+ end
38
+ @callbacks[:verify_cb] = cb
39
+ @state[:verify_cb] = cb
40
+ end
41
+
42
+ def dispatch_cb(&block)
43
+ cb = DataCallback.new(@callbacks, &block)
44
+ @callbacks[:dispatch_cb] = cb
45
+ @state[:dispatch_cb] = cb
46
+ end
47
+
48
+ def transmit_cb(&block)
49
+ cb = DataCallback.new(@callbacks, &block)
50
+ @callbacks[:transmit_cb] = cb
51
+ @state[:transmit_cb] = cb
52
+ end
53
+
54
+ def handshake_cb(&block)
55
+ cb = Callback.new(@callbacks, &block)
56
+ @callbacks[:handshake_cb] = cb
57
+ @state[:handshake_cb] = cb
58
+ end
59
+
60
+
61
+ def start(args = {})
62
+ return if @started
63
+
64
+ server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
65
+ [priv_key, cert_chain].each do |file|
66
+ next if file.nil? or file.empty?
67
+ raise FileNotFoundException,
68
+ "Could not find #{file} to start tls" unless File.exists? file
69
+ end
70
+
71
+ @started = true
72
+ ::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
73
+ end
74
+
75
+ def encrypt(data)
76
+ return unless @started
77
+ ::RubyTls.encrypt_data(@state, data, data.length)
78
+ end
79
+
80
+ def decrypt(data)
81
+ return unless @started
82
+ ::RubyTls.decrypt_data(@state, data, data.length)
83
+ end
84
+
85
+
86
+ protected
87
+
88
+
89
+ class Callback < ::FFI::Function
90
+ #
91
+ # Creates a new Parser callback.
92
+ #
93
+ def self.new(callbacks)
94
+ super(:void, [::RubyTls::State.ptr]) do |state|
95
+ begin
96
+ yield
97
+ rescue => e
98
+ # shutdown the connection on error
99
+ # TODO:: Provide some debugging output
100
+ callbacks[:close_cb].call state
101
+ end
102
+ end
103
+ end
104
+ end
105
+
106
+ class DataCallback < ::FFI::Function
107
+ def self.new(callbacks)
108
+ super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
109
+ begin
110
+ data = buffer.get_bytes(0, length)
111
+ yield(data)
112
+ rescue => e
113
+ # shutdown the connection on error
114
+ # TODO:: Provide some debugging output
115
+ callbacks[:close_cb].call state
116
+ end
117
+ end
118
+ end
119
+ end
120
+ end
121
+ end
data/lib/ruby-tls/ext.rb CHANGED
@@ -1,32 +1,32 @@
1
- require 'ffi'
2
- require 'ffi-compiler/loader'
3
-
4
- module RubyTls
5
- extend FFI::Library
6
- ffi_lib FFI::Compiler::Loader.find('ruby-tls-ext')
7
-
8
-
9
- callback :ssl_close_cb, [:pointer], :void
10
- callback :ssl_verify_cb, [:pointer, :string], :int
11
- callback :ssl_dispatch_cb, [:pointer, :pointer, :int], :void
12
- callback :ssl_transmit_cb, [:pointer, :pointer, :int], :void
13
- callback :ssl_handshake_cb, [:pointer], :void
14
-
15
- class State < FFI::Struct
16
- layout :handshake_sig, :int,
17
-
18
- :close_cb, :ssl_close_cb,
19
- :verify_cb, :ssl_verify_cb, # Optional
20
- :dispatch_cb, :ssl_dispatch_cb,
21
- :transmit_cb, :ssl_transmit_cb,
22
- :handshake_cb, :ssl_handshake_cb, # Optional unless first to send data
23
-
24
- :ssl_box, :pointer
25
- end
26
-
27
-
28
- attach_function :start_tls, [State.by_ref, :bool, :string, :string, :bool], :void, :blocking => true
29
- attach_function :decrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
30
- attach_function :encrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
31
- #attach_function :get_peer_cert, [], :int, :blocking => true
32
- end
1
+ require 'ffi'
2
+ require 'ffi-compiler/loader'
3
+
4
+ module RubyTls
5
+ extend FFI::Library
6
+ ffi_lib FFI::Compiler::Loader.find('ruby-tls-ext')
7
+
8
+
9
+ callback :ssl_close_cb, [:pointer], :void
10
+ callback :ssl_verify_cb, [:pointer, :string], :int
11
+ callback :ssl_dispatch_cb, [:pointer, :pointer, :int], :void
12
+ callback :ssl_transmit_cb, [:pointer, :pointer, :int], :void
13
+ callback :ssl_handshake_cb, [:pointer], :void
14
+
15
+ class State < FFI::Struct
16
+ layout :handshake_sig, :int,
17
+
18
+ :close_cb, :ssl_close_cb,
19
+ :verify_cb, :ssl_verify_cb, # Optional
20
+ :dispatch_cb, :ssl_dispatch_cb,
21
+ :transmit_cb, :ssl_transmit_cb,
22
+ :handshake_cb, :ssl_handshake_cb, # Optional unless first to send data
23
+
24
+ :ssl_box, :pointer
25
+ end
26
+
27
+
28
+ attach_function :start_tls, [State.by_ref, :bool, :string, :string, :bool], :void, :blocking => true
29
+ attach_function :decrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
30
+ attach_function :encrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
31
+ #attach_function :get_peer_cert, [], :int, :blocking => true
32
+ end
@@ -1,3 +1,3 @@
1
- module RubyTls
2
- VERSION = "1.0.0"
3
- end
1
+ module RubyTls
2
+ VERSION = "1.0.1"
3
+ end
data/lib/ruby-tls.rb CHANGED
@@ -1,7 +1,7 @@
1
- require "ffi" # Bindings to C libraries
2
-
3
- require "ruby-tls/ext" # Loads the ext using FFI
4
- require "ruby-tls/connection" # The ruby abstraction
5
-
6
- module RubyTls
7
- end
1
+ require "ffi" # Bindings to C libraries
2
+
3
+ require "ruby-tls/ext" # Loads the ext using FFI
4
+ require "ruby-tls/connection" # The ruby abstraction
5
+
6
+ module RubyTls
7
+ end
data/ruby-tls.gemspec CHANGED
@@ -1,32 +1,32 @@
1
- # -*- encoding: utf-8 -*-
2
- $:.push File.expand_path("../lib", __FILE__)
3
- require "ruby-tls/version"
4
-
5
- Gem::Specification.new do |s|
6
- s.name = "ruby-tls"
7
- s.version = RubyTls::VERSION
8
- s.authors = ["Stephen von Takach"]
9
- s.email = ["steve@cotag.me"]
10
- s.license = 'MIT'
11
- s.homepage = "https://github.com/cotag/ruby-tls"
12
- s.summary = "Abstract TLS for Ruby"
13
- s.description = <<-EOF
14
- Allows transport layers outside Ruby TCP be secured.
15
- EOF
16
-
17
-
18
- s.add_dependency 'ffi-compiler', '>= 0.0.2'
19
- s.add_dependency 'rake'
20
-
21
- s.add_development_dependency 'rspec'
22
- s.add_development_dependency 'yard'
23
-
24
-
25
- s.files = Dir["{lib}/**/*"] + %w(Rakefile ruby-tls.gemspec README.md EM-LICENSE)
26
- s.files += ["ext/tls/ssl.cpp", "ext/tls/ssl.h", "ext/tls/page.cpp", "ext/tls/page.h"]
27
- s.test_files = Dir["spec/**/*"]
28
- s.extra_rdoc_files = ["README.md"]
29
-
30
- s.extensions << "ext/Rakefile"
31
- s.require_paths = ["lib"]
32
- end
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path("../lib", __FILE__)
3
+ require "ruby-tls/version"
4
+
5
+ Gem::Specification.new do |s|
6
+ s.name = "ruby-tls"
7
+ s.version = RubyTls::VERSION
8
+ s.authors = ["Stephen von Takach"]
9
+ s.email = ["steve@cotag.me"]
10
+ s.licenses = ["Ruby", "GPL"]
11
+ s.homepage = "https://github.com/cotag/ruby-tls"
12
+ s.summary = "Abstract TLS for Ruby"
13
+ s.description = <<-EOF
14
+ Allows transport layers outside Ruby TCP be secured.
15
+ EOF
16
+
17
+
18
+ s.add_dependency 'ffi-compiler', '>= 0.0.2'
19
+ s.add_dependency 'rake'
20
+
21
+ s.add_development_dependency 'rspec'
22
+ s.add_development_dependency 'yard'
23
+
24
+
25
+ s.files = Dir["{lib}/**/*"] + %w(Rakefile ruby-tls.gemspec README.md EM-LICENSE)
26
+ s.files += ["ext/tls/ssl.cpp", "ext/tls/ssl.h", "ext/tls/page.cpp", "ext/tls/page.h"]
27
+ s.test_files = Dir["spec/**/*"]
28
+ s.extra_rdoc_files = ["README.md"]
29
+
30
+ s.extensions << "ext/Rakefile"
31
+ s.require_paths = ["lib"]
32
+ end