ruby-tls 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +14 -6
- data/EM-LICENSE +60 -60
- data/README.md +69 -69
- data/Rakefile +19 -19
- data/ext/Rakefile +18 -18
- data/ext/tls/page.cpp +107 -107
- data/ext/tls/page.h +61 -62
- data/ext/tls/ssl.cpp +593 -591
- data/ext/tls/ssl.h +130 -130
- data/lib/ruby-tls/connection.rb +121 -121
- data/lib/ruby-tls/ext.rb +32 -32
- data/lib/ruby-tls/version.rb +3 -3
- data/lib/ruby-tls.rb +7 -7
- data/ruby-tls.gemspec +32 -32
- data/spec/client.crt +31 -31
- data/spec/client.key +51 -51
- data/spec/comms_spec.rb +147 -147
- data/spec/verify_spec.rb +118 -118
- metadata +18 -16
data/ext/tls/ssl.h
CHANGED
@@ -1,130 +1,130 @@
|
|
1
|
-
/*****************************************************************************
|
2
|
-
|
3
|
-
$Id$
|
4
|
-
|
5
|
-
File: ssl.h
|
6
|
-
Date: 30Apr06
|
7
|
-
|
8
|
-
Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
|
9
|
-
Gmail: blackhedd
|
10
|
-
|
11
|
-
This program is free software; you can redistribute it and/or modify
|
12
|
-
it under the terms of either: 1) the GNU General Public License
|
13
|
-
as published by the Free Software Foundation; either version 2 of the
|
14
|
-
License, or (at your option) any later version; or 2) Ruby's License.
|
15
|
-
|
16
|
-
See the file COPYING for complete licensing information.
|
17
|
-
|
18
|
-
*****************************************************************************/
|
19
|
-
|
20
|
-
|
21
|
-
#ifndef __SslBox__H_
|
22
|
-
#define __SslBox__H_
|
23
|
-
|
24
|
-
#include <iostream>
|
25
|
-
#include <string>
|
26
|
-
|
27
|
-
#include <openssl/ssl.h>
|
28
|
-
#include <openssl/err.h>
|
29
|
-
|
30
|
-
#include <assert.h>
|
31
|
-
|
32
|
-
#include "page.h"
|
33
|
-
|
34
|
-
using namespace std;
|
35
|
-
|
36
|
-
|
37
|
-
/******************
|
38
|
-
class SslContext_t
|
39
|
-
******************/
|
40
|
-
|
41
|
-
class SslContext_t
|
42
|
-
{
|
43
|
-
public:
|
44
|
-
SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
|
45
|
-
virtual ~SslContext_t();
|
46
|
-
|
47
|
-
private:
|
48
|
-
static bool bLibraryInitialized;
|
49
|
-
|
50
|
-
private:
|
51
|
-
bool bIsServer;
|
52
|
-
SSL_CTX *pCtx;
|
53
|
-
|
54
|
-
EVP_PKEY *PrivateKey;
|
55
|
-
X509 *Certificate;
|
56
|
-
|
57
|
-
friend class SslBox_t;
|
58
|
-
};
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
typedef struct tls_state_s tls_state_t;
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
/**************
|
68
|
-
class SslBox_t
|
69
|
-
**************/
|
70
|
-
|
71
|
-
class SslBox_t
|
72
|
-
{
|
73
|
-
public:
|
74
|
-
SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
|
75
|
-
virtual ~SslBox_t();
|
76
|
-
|
77
|
-
int PutPlaintext (const char*, int);
|
78
|
-
int GetPlaintext (char*, int);
|
79
|
-
|
80
|
-
bool PutCiphertext (const char*, int);
|
81
|
-
bool CanGetCiphertext();
|
82
|
-
int GetCiphertext (char*, int);
|
83
|
-
bool IsHandshakeCompleted() { return bHandshakeCompleted; }
|
84
|
-
|
85
|
-
X509 *GetPeerCert();
|
86
|
-
|
87
|
-
void Shutdown();
|
88
|
-
|
89
|
-
protected:
|
90
|
-
SslContext_t *Context;
|
91
|
-
|
92
|
-
bool bIsServer;
|
93
|
-
bool bHandshakeCompleted;
|
94
|
-
bool bVerifyPeer;
|
95
|
-
SSL *pSSL;
|
96
|
-
BIO *pbioRead;
|
97
|
-
BIO *pbioWrite;
|
98
|
-
|
99
|
-
PageList OutboundQ;
|
100
|
-
};
|
101
|
-
|
102
|
-
|
103
|
-
typedef void (*ssl_close_cb)(const tls_state_t*);
|
104
|
-
typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
|
105
|
-
typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
|
106
|
-
typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
|
107
|
-
typedef void (*ssl_handshake_cb)(const tls_state_t*);
|
108
|
-
|
109
|
-
struct tls_state_s {
|
110
|
-
int handshake_signaled;
|
111
|
-
|
112
|
-
ssl_close_cb close_cb;
|
113
|
-
ssl_verify_cb verify_cb;
|
114
|
-
ssl_dispatch_cb dispatch_cb;
|
115
|
-
ssl_transmit_cb transmit_cb;
|
116
|
-
ssl_handshake_cb handshake_cb;
|
117
|
-
|
118
|
-
SslBox_t* SslBox;
|
119
|
-
};
|
120
|
-
|
121
|
-
|
122
|
-
extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
|
123
|
-
|
124
|
-
extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
|
125
|
-
extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
|
126
|
-
extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
|
127
|
-
extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
|
128
|
-
|
129
|
-
|
130
|
-
#endif // __SslBox__H_
|
1
|
+
/*****************************************************************************
|
2
|
+
|
3
|
+
$Id$
|
4
|
+
|
5
|
+
File: ssl.h
|
6
|
+
Date: 30Apr06
|
7
|
+
|
8
|
+
Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
|
9
|
+
Gmail: blackhedd
|
10
|
+
|
11
|
+
This program is free software; you can redistribute it and/or modify
|
12
|
+
it under the terms of either: 1) the GNU General Public License
|
13
|
+
as published by the Free Software Foundation; either version 2 of the
|
14
|
+
License, or (at your option) any later version; or 2) Ruby's License.
|
15
|
+
|
16
|
+
See the file COPYING for complete licensing information.
|
17
|
+
|
18
|
+
*****************************************************************************/
|
19
|
+
|
20
|
+
|
21
|
+
#ifndef __SslBox__H_
|
22
|
+
#define __SslBox__H_
|
23
|
+
|
24
|
+
#include <iostream>
|
25
|
+
#include <string>
|
26
|
+
|
27
|
+
#include <openssl/ssl.h>
|
28
|
+
#include <openssl/err.h>
|
29
|
+
|
30
|
+
#include <assert.h>
|
31
|
+
|
32
|
+
#include "page.h"
|
33
|
+
|
34
|
+
using namespace std;
|
35
|
+
|
36
|
+
|
37
|
+
/******************
|
38
|
+
class SslContext_t
|
39
|
+
******************/
|
40
|
+
|
41
|
+
class SslContext_t
|
42
|
+
{
|
43
|
+
public:
|
44
|
+
SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
|
45
|
+
virtual ~SslContext_t();
|
46
|
+
|
47
|
+
private:
|
48
|
+
static bool bLibraryInitialized;
|
49
|
+
|
50
|
+
private:
|
51
|
+
bool bIsServer;
|
52
|
+
SSL_CTX *pCtx;
|
53
|
+
|
54
|
+
EVP_PKEY *PrivateKey;
|
55
|
+
X509 *Certificate;
|
56
|
+
|
57
|
+
friend class SslBox_t;
|
58
|
+
};
|
59
|
+
|
60
|
+
|
61
|
+
|
62
|
+
|
63
|
+
typedef struct tls_state_s tls_state_t;
|
64
|
+
|
65
|
+
|
66
|
+
|
67
|
+
/**************
|
68
|
+
class SslBox_t
|
69
|
+
**************/
|
70
|
+
|
71
|
+
class SslBox_t
|
72
|
+
{
|
73
|
+
public:
|
74
|
+
SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
|
75
|
+
virtual ~SslBox_t();
|
76
|
+
|
77
|
+
int PutPlaintext (const char*, int);
|
78
|
+
int GetPlaintext (char*, int);
|
79
|
+
|
80
|
+
bool PutCiphertext (const char*, int);
|
81
|
+
bool CanGetCiphertext();
|
82
|
+
int GetCiphertext (char*, int);
|
83
|
+
bool IsHandshakeCompleted() { return bHandshakeCompleted; }
|
84
|
+
|
85
|
+
X509 *GetPeerCert();
|
86
|
+
|
87
|
+
void Shutdown();
|
88
|
+
|
89
|
+
protected:
|
90
|
+
SslContext_t *Context;
|
91
|
+
|
92
|
+
bool bIsServer;
|
93
|
+
bool bHandshakeCompleted;
|
94
|
+
bool bVerifyPeer;
|
95
|
+
SSL *pSSL;
|
96
|
+
BIO *pbioRead;
|
97
|
+
BIO *pbioWrite;
|
98
|
+
|
99
|
+
PageList OutboundQ;
|
100
|
+
};
|
101
|
+
|
102
|
+
|
103
|
+
typedef void (*ssl_close_cb)(const tls_state_t*);
|
104
|
+
typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
|
105
|
+
typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
|
106
|
+
typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
|
107
|
+
typedef void (*ssl_handshake_cb)(const tls_state_t*);
|
108
|
+
|
109
|
+
struct tls_state_s {
|
110
|
+
int handshake_signaled;
|
111
|
+
|
112
|
+
ssl_close_cb close_cb;
|
113
|
+
ssl_verify_cb verify_cb;
|
114
|
+
ssl_dispatch_cb dispatch_cb;
|
115
|
+
ssl_transmit_cb transmit_cb;
|
116
|
+
ssl_handshake_cb handshake_cb;
|
117
|
+
|
118
|
+
SslBox_t* SslBox;
|
119
|
+
};
|
120
|
+
|
121
|
+
|
122
|
+
extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
|
123
|
+
|
124
|
+
extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
|
125
|
+
extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
|
126
|
+
extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
|
127
|
+
extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
|
128
|
+
|
129
|
+
|
130
|
+
#endif // __SslBox__H_
|
data/lib/ruby-tls/connection.rb
CHANGED
@@ -1,121 +1,121 @@
|
|
1
|
-
|
2
|
-
module RubyTls
|
3
|
-
class Connection
|
4
|
-
CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
|
5
|
-
|
6
|
-
#
|
7
|
-
# Initializes the State instance.
|
8
|
-
#
|
9
|
-
def initialize(callback_obj = nil)
|
10
|
-
@state = ::RubyTls::State.new
|
11
|
-
@callbacks = {} # so GC doesn't clean them up on java
|
12
|
-
@started = false
|
13
|
-
|
14
|
-
if not callback_obj.nil?
|
15
|
-
CALLBACKS.each do |callback|
|
16
|
-
self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
20
|
-
yield self if block_given?
|
21
|
-
end
|
22
|
-
|
23
|
-
def close_cb(&block)
|
24
|
-
cb = Callback.new(@callbacks, &block)
|
25
|
-
@callbacks[:close_cb] = cb
|
26
|
-
@state[:close_cb] = cb
|
27
|
-
end
|
28
|
-
|
29
|
-
def verify_cb
|
30
|
-
cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
|
31
|
-
begin
|
32
|
-
yield(cert) == true ? 1 : 0
|
33
|
-
rescue
|
34
|
-
# TODO:: Provide some debugging output
|
35
|
-
0
|
36
|
-
end
|
37
|
-
end
|
38
|
-
@callbacks[:verify_cb] = cb
|
39
|
-
@state[:verify_cb] = cb
|
40
|
-
end
|
41
|
-
|
42
|
-
def dispatch_cb(&block)
|
43
|
-
cb = DataCallback.new(@callbacks, &block)
|
44
|
-
@callbacks[:dispatch_cb] = cb
|
45
|
-
@state[:dispatch_cb] = cb
|
46
|
-
end
|
47
|
-
|
48
|
-
def transmit_cb(&block)
|
49
|
-
cb = DataCallback.new(@callbacks, &block)
|
50
|
-
@callbacks[:transmit_cb] = cb
|
51
|
-
@state[:transmit_cb] = cb
|
52
|
-
end
|
53
|
-
|
54
|
-
def handshake_cb(&block)
|
55
|
-
cb = Callback.new(@callbacks, &block)
|
56
|
-
@callbacks[:handshake_cb] = cb
|
57
|
-
@state[:handshake_cb] = cb
|
58
|
-
end
|
59
|
-
|
60
|
-
|
61
|
-
def start(args = {})
|
62
|
-
return if @started
|
63
|
-
|
64
|
-
server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
|
65
|
-
[priv_key, cert_chain].each do |file|
|
66
|
-
next if file.nil? or file.empty?
|
67
|
-
raise FileNotFoundException,
|
68
|
-
"Could not find #{file} to start tls" unless File.exists? file
|
69
|
-
end
|
70
|
-
|
71
|
-
@started = true
|
72
|
-
::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
|
73
|
-
end
|
74
|
-
|
75
|
-
def encrypt(data)
|
76
|
-
return unless @started
|
77
|
-
::RubyTls.encrypt_data(@state, data, data.length)
|
78
|
-
end
|
79
|
-
|
80
|
-
def decrypt(data)
|
81
|
-
return unless @started
|
82
|
-
::RubyTls.decrypt_data(@state, data, data.length)
|
83
|
-
end
|
84
|
-
|
85
|
-
|
86
|
-
protected
|
87
|
-
|
88
|
-
|
89
|
-
class Callback < ::FFI::Function
|
90
|
-
#
|
91
|
-
# Creates a new Parser callback.
|
92
|
-
#
|
93
|
-
def self.new(callbacks)
|
94
|
-
super(:void, [::RubyTls::State.ptr]) do |state|
|
95
|
-
begin
|
96
|
-
yield
|
97
|
-
rescue => e
|
98
|
-
# shutdown the connection on error
|
99
|
-
# TODO:: Provide some debugging output
|
100
|
-
callbacks[:close_cb].call state
|
101
|
-
end
|
102
|
-
end
|
103
|
-
end
|
104
|
-
end
|
105
|
-
|
106
|
-
class DataCallback < ::FFI::Function
|
107
|
-
def self.new(callbacks)
|
108
|
-
super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
|
109
|
-
begin
|
110
|
-
data = buffer.get_bytes(0, length)
|
111
|
-
yield(data)
|
112
|
-
rescue => e
|
113
|
-
# shutdown the connection on error
|
114
|
-
# TODO:: Provide some debugging output
|
115
|
-
callbacks[:close_cb].call state
|
116
|
-
end
|
117
|
-
end
|
118
|
-
end
|
119
|
-
end
|
120
|
-
end
|
121
|
-
end
|
1
|
+
|
2
|
+
module RubyTls
|
3
|
+
class Connection
|
4
|
+
CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
|
5
|
+
|
6
|
+
#
|
7
|
+
# Initializes the State instance.
|
8
|
+
#
|
9
|
+
def initialize(callback_obj = nil)
|
10
|
+
@state = ::RubyTls::State.new
|
11
|
+
@callbacks = {} # so GC doesn't clean them up on java
|
12
|
+
@started = false
|
13
|
+
|
14
|
+
if not callback_obj.nil?
|
15
|
+
CALLBACKS.each do |callback|
|
16
|
+
self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
yield self if block_given?
|
21
|
+
end
|
22
|
+
|
23
|
+
def close_cb(&block)
|
24
|
+
cb = Callback.new(@callbacks, &block)
|
25
|
+
@callbacks[:close_cb] = cb
|
26
|
+
@state[:close_cb] = cb
|
27
|
+
end
|
28
|
+
|
29
|
+
def verify_cb
|
30
|
+
cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
|
31
|
+
begin
|
32
|
+
yield(cert) == true ? 1 : 0
|
33
|
+
rescue
|
34
|
+
# TODO:: Provide some debugging output
|
35
|
+
0
|
36
|
+
end
|
37
|
+
end
|
38
|
+
@callbacks[:verify_cb] = cb
|
39
|
+
@state[:verify_cb] = cb
|
40
|
+
end
|
41
|
+
|
42
|
+
def dispatch_cb(&block)
|
43
|
+
cb = DataCallback.new(@callbacks, &block)
|
44
|
+
@callbacks[:dispatch_cb] = cb
|
45
|
+
@state[:dispatch_cb] = cb
|
46
|
+
end
|
47
|
+
|
48
|
+
def transmit_cb(&block)
|
49
|
+
cb = DataCallback.new(@callbacks, &block)
|
50
|
+
@callbacks[:transmit_cb] = cb
|
51
|
+
@state[:transmit_cb] = cb
|
52
|
+
end
|
53
|
+
|
54
|
+
def handshake_cb(&block)
|
55
|
+
cb = Callback.new(@callbacks, &block)
|
56
|
+
@callbacks[:handshake_cb] = cb
|
57
|
+
@state[:handshake_cb] = cb
|
58
|
+
end
|
59
|
+
|
60
|
+
|
61
|
+
def start(args = {})
|
62
|
+
return if @started
|
63
|
+
|
64
|
+
server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
|
65
|
+
[priv_key, cert_chain].each do |file|
|
66
|
+
next if file.nil? or file.empty?
|
67
|
+
raise FileNotFoundException,
|
68
|
+
"Could not find #{file} to start tls" unless File.exists? file
|
69
|
+
end
|
70
|
+
|
71
|
+
@started = true
|
72
|
+
::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
|
73
|
+
end
|
74
|
+
|
75
|
+
def encrypt(data)
|
76
|
+
return unless @started
|
77
|
+
::RubyTls.encrypt_data(@state, data, data.length)
|
78
|
+
end
|
79
|
+
|
80
|
+
def decrypt(data)
|
81
|
+
return unless @started
|
82
|
+
::RubyTls.decrypt_data(@state, data, data.length)
|
83
|
+
end
|
84
|
+
|
85
|
+
|
86
|
+
protected
|
87
|
+
|
88
|
+
|
89
|
+
class Callback < ::FFI::Function
|
90
|
+
#
|
91
|
+
# Creates a new Parser callback.
|
92
|
+
#
|
93
|
+
def self.new(callbacks)
|
94
|
+
super(:void, [::RubyTls::State.ptr]) do |state|
|
95
|
+
begin
|
96
|
+
yield
|
97
|
+
rescue => e
|
98
|
+
# shutdown the connection on error
|
99
|
+
# TODO:: Provide some debugging output
|
100
|
+
callbacks[:close_cb].call state
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
class DataCallback < ::FFI::Function
|
107
|
+
def self.new(callbacks)
|
108
|
+
super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
|
109
|
+
begin
|
110
|
+
data = buffer.get_bytes(0, length)
|
111
|
+
yield(data)
|
112
|
+
rescue => e
|
113
|
+
# shutdown the connection on error
|
114
|
+
# TODO:: Provide some debugging output
|
115
|
+
callbacks[:close_cb].call state
|
116
|
+
end
|
117
|
+
end
|
118
|
+
end
|
119
|
+
end
|
120
|
+
end
|
121
|
+
end
|
data/lib/ruby-tls/ext.rb
CHANGED
@@ -1,32 +1,32 @@
|
|
1
|
-
require 'ffi'
|
2
|
-
require 'ffi-compiler/loader'
|
3
|
-
|
4
|
-
module RubyTls
|
5
|
-
extend FFI::Library
|
6
|
-
ffi_lib FFI::Compiler::Loader.find('ruby-tls-ext')
|
7
|
-
|
8
|
-
|
9
|
-
callback :ssl_close_cb, [:pointer], :void
|
10
|
-
callback :ssl_verify_cb, [:pointer, :string], :int
|
11
|
-
callback :ssl_dispatch_cb, [:pointer, :pointer, :int], :void
|
12
|
-
callback :ssl_transmit_cb, [:pointer, :pointer, :int], :void
|
13
|
-
callback :ssl_handshake_cb, [:pointer], :void
|
14
|
-
|
15
|
-
class State < FFI::Struct
|
16
|
-
layout :handshake_sig, :int,
|
17
|
-
|
18
|
-
:close_cb, :ssl_close_cb,
|
19
|
-
:verify_cb, :ssl_verify_cb, # Optional
|
20
|
-
:dispatch_cb, :ssl_dispatch_cb,
|
21
|
-
:transmit_cb, :ssl_transmit_cb,
|
22
|
-
:handshake_cb, :ssl_handshake_cb, # Optional unless first to send data
|
23
|
-
|
24
|
-
:ssl_box, :pointer
|
25
|
-
end
|
26
|
-
|
27
|
-
|
28
|
-
attach_function :start_tls, [State.by_ref, :bool, :string, :string, :bool], :void, :blocking => true
|
29
|
-
attach_function :decrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
|
30
|
-
attach_function :encrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
|
31
|
-
#attach_function :get_peer_cert, [], :int, :blocking => true
|
32
|
-
end
|
1
|
+
require 'ffi'
|
2
|
+
require 'ffi-compiler/loader'
|
3
|
+
|
4
|
+
module RubyTls
|
5
|
+
extend FFI::Library
|
6
|
+
ffi_lib FFI::Compiler::Loader.find('ruby-tls-ext')
|
7
|
+
|
8
|
+
|
9
|
+
callback :ssl_close_cb, [:pointer], :void
|
10
|
+
callback :ssl_verify_cb, [:pointer, :string], :int
|
11
|
+
callback :ssl_dispatch_cb, [:pointer, :pointer, :int], :void
|
12
|
+
callback :ssl_transmit_cb, [:pointer, :pointer, :int], :void
|
13
|
+
callback :ssl_handshake_cb, [:pointer], :void
|
14
|
+
|
15
|
+
class State < FFI::Struct
|
16
|
+
layout :handshake_sig, :int,
|
17
|
+
|
18
|
+
:close_cb, :ssl_close_cb,
|
19
|
+
:verify_cb, :ssl_verify_cb, # Optional
|
20
|
+
:dispatch_cb, :ssl_dispatch_cb,
|
21
|
+
:transmit_cb, :ssl_transmit_cb,
|
22
|
+
:handshake_cb, :ssl_handshake_cb, # Optional unless first to send data
|
23
|
+
|
24
|
+
:ssl_box, :pointer
|
25
|
+
end
|
26
|
+
|
27
|
+
|
28
|
+
attach_function :start_tls, [State.by_ref, :bool, :string, :string, :bool], :void, :blocking => true
|
29
|
+
attach_function :decrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
|
30
|
+
attach_function :encrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
|
31
|
+
#attach_function :get_peer_cert, [], :int, :blocking => true
|
32
|
+
end
|
data/lib/ruby-tls/version.rb
CHANGED
@@ -1,3 +1,3 @@
|
|
1
|
-
module RubyTls
|
2
|
-
VERSION = "1.0.
|
3
|
-
end
|
1
|
+
module RubyTls
|
2
|
+
VERSION = "1.0.1"
|
3
|
+
end
|
data/lib/ruby-tls.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
|
-
require "ffi" # Bindings to C libraries
|
2
|
-
|
3
|
-
require "ruby-tls/ext" # Loads the ext using FFI
|
4
|
-
require "ruby-tls/connection" # The ruby abstraction
|
5
|
-
|
6
|
-
module RubyTls
|
7
|
-
end
|
1
|
+
require "ffi" # Bindings to C libraries
|
2
|
+
|
3
|
+
require "ruby-tls/ext" # Loads the ext using FFI
|
4
|
+
require "ruby-tls/connection" # The ruby abstraction
|
5
|
+
|
6
|
+
module RubyTls
|
7
|
+
end
|
data/ruby-tls.gemspec
CHANGED
@@ -1,32 +1,32 @@
|
|
1
|
-
# -*- encoding: utf-8 -*-
|
2
|
-
$:.push File.expand_path("../lib", __FILE__)
|
3
|
-
require "ruby-tls/version"
|
4
|
-
|
5
|
-
Gem::Specification.new do |s|
|
6
|
-
s.name = "ruby-tls"
|
7
|
-
s.version = RubyTls::VERSION
|
8
|
-
s.authors = ["Stephen von Takach"]
|
9
|
-
s.email = ["steve@cotag.me"]
|
10
|
-
s.
|
11
|
-
s.homepage = "https://github.com/cotag/ruby-tls"
|
12
|
-
s.summary = "Abstract TLS for Ruby"
|
13
|
-
s.description = <<-EOF
|
14
|
-
Allows transport layers outside Ruby TCP be secured.
|
15
|
-
EOF
|
16
|
-
|
17
|
-
|
18
|
-
s.add_dependency 'ffi-compiler', '>= 0.0.2'
|
19
|
-
s.add_dependency 'rake'
|
20
|
-
|
21
|
-
s.add_development_dependency 'rspec'
|
22
|
-
s.add_development_dependency 'yard'
|
23
|
-
|
24
|
-
|
25
|
-
s.files = Dir["{lib}/**/*"] + %w(Rakefile ruby-tls.gemspec README.md EM-LICENSE)
|
26
|
-
s.files += ["ext/tls/ssl.cpp", "ext/tls/ssl.h", "ext/tls/page.cpp", "ext/tls/page.h"]
|
27
|
-
s.test_files = Dir["spec/**/*"]
|
28
|
-
s.extra_rdoc_files = ["README.md"]
|
29
|
-
|
30
|
-
s.extensions << "ext/Rakefile"
|
31
|
-
s.require_paths = ["lib"]
|
32
|
-
end
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "ruby-tls/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "ruby-tls"
|
7
|
+
s.version = RubyTls::VERSION
|
8
|
+
s.authors = ["Stephen von Takach"]
|
9
|
+
s.email = ["steve@cotag.me"]
|
10
|
+
s.licenses = ["Ruby", "GPL"]
|
11
|
+
s.homepage = "https://github.com/cotag/ruby-tls"
|
12
|
+
s.summary = "Abstract TLS for Ruby"
|
13
|
+
s.description = <<-EOF
|
14
|
+
Allows transport layers outside Ruby TCP be secured.
|
15
|
+
EOF
|
16
|
+
|
17
|
+
|
18
|
+
s.add_dependency 'ffi-compiler', '>= 0.0.2'
|
19
|
+
s.add_dependency 'rake'
|
20
|
+
|
21
|
+
s.add_development_dependency 'rspec'
|
22
|
+
s.add_development_dependency 'yard'
|
23
|
+
|
24
|
+
|
25
|
+
s.files = Dir["{lib}/**/*"] + %w(Rakefile ruby-tls.gemspec README.md EM-LICENSE)
|
26
|
+
s.files += ["ext/tls/ssl.cpp", "ext/tls/ssl.h", "ext/tls/page.cpp", "ext/tls/page.h"]
|
27
|
+
s.test_files = Dir["spec/**/*"]
|
28
|
+
s.extra_rdoc_files = ["README.md"]
|
29
|
+
|
30
|
+
s.extensions << "ext/Rakefile"
|
31
|
+
s.require_paths = ["lib"]
|
32
|
+
end
|