ruby-tls 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/ext/tls/ssl.h CHANGED
@@ -1,130 +1,130 @@
1
- /*****************************************************************************
2
-
3
- $Id$
4
-
5
- File: ssl.h
6
- Date: 30Apr06
7
-
8
- Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
9
- Gmail: blackhedd
10
-
11
- This program is free software; you can redistribute it and/or modify
12
- it under the terms of either: 1) the GNU General Public License
13
- as published by the Free Software Foundation; either version 2 of the
14
- License, or (at your option) any later version; or 2) Ruby's License.
15
-
16
- See the file COPYING for complete licensing information.
17
-
18
- *****************************************************************************/
19
-
20
-
21
- #ifndef __SslBox__H_
22
- #define __SslBox__H_
23
-
24
- #include <iostream>
25
- #include <string>
26
-
27
- #include <openssl/ssl.h>
28
- #include <openssl/err.h>
29
-
30
- #include <assert.h>
31
-
32
- #include "page.h"
33
-
34
- using namespace std;
35
-
36
-
37
- /******************
38
- class SslContext_t
39
- ******************/
40
-
41
- class SslContext_t
42
- {
43
- public:
44
- SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
45
- virtual ~SslContext_t();
46
-
47
- private:
48
- static bool bLibraryInitialized;
49
-
50
- private:
51
- bool bIsServer;
52
- SSL_CTX *pCtx;
53
-
54
- EVP_PKEY *PrivateKey;
55
- X509 *Certificate;
56
-
57
- friend class SslBox_t;
58
- };
59
-
60
-
61
-
62
-
63
- typedef struct tls_state_s tls_state_t;
64
-
65
-
66
-
67
- /**************
68
- class SslBox_t
69
- **************/
70
-
71
- class SslBox_t
72
- {
73
- public:
74
- SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
75
- virtual ~SslBox_t();
76
-
77
- int PutPlaintext (const char*, int);
78
- int GetPlaintext (char*, int);
79
-
80
- bool PutCiphertext (const char*, int);
81
- bool CanGetCiphertext();
82
- int GetCiphertext (char*, int);
83
- bool IsHandshakeCompleted() { return bHandshakeCompleted; }
84
-
85
- X509 *GetPeerCert();
86
-
87
- void Shutdown();
88
-
89
- protected:
90
- SslContext_t *Context;
91
-
92
- bool bIsServer;
93
- bool bHandshakeCompleted;
94
- bool bVerifyPeer;
95
- SSL *pSSL;
96
- BIO *pbioRead;
97
- BIO *pbioWrite;
98
-
99
- PageList OutboundQ;
100
- };
101
-
102
-
103
- typedef void (*ssl_close_cb)(const tls_state_t*);
104
- typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
105
- typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
106
- typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
107
- typedef void (*ssl_handshake_cb)(const tls_state_t*);
108
-
109
- struct tls_state_s {
110
- int handshake_signaled;
111
-
112
- ssl_close_cb close_cb;
113
- ssl_verify_cb verify_cb;
114
- ssl_dispatch_cb dispatch_cb;
115
- ssl_transmit_cb transmit_cb;
116
- ssl_handshake_cb handshake_cb;
117
-
118
- SslBox_t* SslBox;
119
- };
120
-
121
-
122
- extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
123
-
124
- extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
125
- extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
126
- extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
127
- extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
128
-
129
-
130
- #endif // __SslBox__H_
1
+ /*****************************************************************************
2
+
3
+ $Id$
4
+
5
+ File: ssl.h
6
+ Date: 30Apr06
7
+
8
+ Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
9
+ Gmail: blackhedd
10
+
11
+ This program is free software; you can redistribute it and/or modify
12
+ it under the terms of either: 1) the GNU General Public License
13
+ as published by the Free Software Foundation; either version 2 of the
14
+ License, or (at your option) any later version; or 2) Ruby's License.
15
+
16
+ See the file COPYING for complete licensing information.
17
+
18
+ *****************************************************************************/
19
+
20
+
21
+ #ifndef __SslBox__H_
22
+ #define __SslBox__H_
23
+
24
+ #include <iostream>
25
+ #include <string>
26
+
27
+ #include <openssl/ssl.h>
28
+ #include <openssl/err.h>
29
+
30
+ #include <assert.h>
31
+
32
+ #include "page.h"
33
+
34
+ using namespace std;
35
+
36
+
37
+ /******************
38
+ class SslContext_t
39
+ ******************/
40
+
41
+ class SslContext_t
42
+ {
43
+ public:
44
+ SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
45
+ virtual ~SslContext_t();
46
+
47
+ private:
48
+ static bool bLibraryInitialized;
49
+
50
+ private:
51
+ bool bIsServer;
52
+ SSL_CTX *pCtx;
53
+
54
+ EVP_PKEY *PrivateKey;
55
+ X509 *Certificate;
56
+
57
+ friend class SslBox_t;
58
+ };
59
+
60
+
61
+
62
+
63
+ typedef struct tls_state_s tls_state_t;
64
+
65
+
66
+
67
+ /**************
68
+ class SslBox_t
69
+ **************/
70
+
71
+ class SslBox_t
72
+ {
73
+ public:
74
+ SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
75
+ virtual ~SslBox_t();
76
+
77
+ int PutPlaintext (const char*, int);
78
+ int GetPlaintext (char*, int);
79
+
80
+ bool PutCiphertext (const char*, int);
81
+ bool CanGetCiphertext();
82
+ int GetCiphertext (char*, int);
83
+ bool IsHandshakeCompleted() { return bHandshakeCompleted; }
84
+
85
+ X509 *GetPeerCert();
86
+
87
+ void Shutdown();
88
+
89
+ protected:
90
+ SslContext_t *Context;
91
+
92
+ bool bIsServer;
93
+ bool bHandshakeCompleted;
94
+ bool bVerifyPeer;
95
+ SSL *pSSL;
96
+ BIO *pbioRead;
97
+ BIO *pbioWrite;
98
+
99
+ PageList OutboundQ;
100
+ };
101
+
102
+
103
+ typedef void (*ssl_close_cb)(const tls_state_t*);
104
+ typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
105
+ typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
106
+ typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
107
+ typedef void (*ssl_handshake_cb)(const tls_state_t*);
108
+
109
+ struct tls_state_s {
110
+ int handshake_signaled;
111
+
112
+ ssl_close_cb close_cb;
113
+ ssl_verify_cb verify_cb;
114
+ ssl_dispatch_cb dispatch_cb;
115
+ ssl_transmit_cb transmit_cb;
116
+ ssl_handshake_cb handshake_cb;
117
+
118
+ SslBox_t* SslBox;
119
+ };
120
+
121
+
122
+ extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
123
+
124
+ extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
125
+ extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
126
+ extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
127
+ extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
128
+
129
+
130
+ #endif // __SslBox__H_
@@ -1,121 +1,121 @@
1
-
2
- module RubyTls
3
- class Connection
4
- CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
5
-
6
- #
7
- # Initializes the State instance.
8
- #
9
- def initialize(callback_obj = nil)
10
- @state = ::RubyTls::State.new
11
- @callbacks = {} # so GC doesn't clean them up on java
12
- @started = false
13
-
14
- if not callback_obj.nil?
15
- CALLBACKS.each do |callback|
16
- self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
17
- end
18
- end
19
-
20
- yield self if block_given?
21
- end
22
-
23
- def close_cb(&block)
24
- cb = Callback.new(@callbacks, &block)
25
- @callbacks[:close_cb] = cb
26
- @state[:close_cb] = cb
27
- end
28
-
29
- def verify_cb
30
- cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
31
- begin
32
- yield(cert) == true ? 1 : 0
33
- rescue
34
- # TODO:: Provide some debugging output
35
- 0
36
- end
37
- end
38
- @callbacks[:verify_cb] = cb
39
- @state[:verify_cb] = cb
40
- end
41
-
42
- def dispatch_cb(&block)
43
- cb = DataCallback.new(@callbacks, &block)
44
- @callbacks[:dispatch_cb] = cb
45
- @state[:dispatch_cb] = cb
46
- end
47
-
48
- def transmit_cb(&block)
49
- cb = DataCallback.new(@callbacks, &block)
50
- @callbacks[:transmit_cb] = cb
51
- @state[:transmit_cb] = cb
52
- end
53
-
54
- def handshake_cb(&block)
55
- cb = Callback.new(@callbacks, &block)
56
- @callbacks[:handshake_cb] = cb
57
- @state[:handshake_cb] = cb
58
- end
59
-
60
-
61
- def start(args = {})
62
- return if @started
63
-
64
- server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
65
- [priv_key, cert_chain].each do |file|
66
- next if file.nil? or file.empty?
67
- raise FileNotFoundException,
68
- "Could not find #{file} to start tls" unless File.exists? file
69
- end
70
-
71
- @started = true
72
- ::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
73
- end
74
-
75
- def encrypt(data)
76
- return unless @started
77
- ::RubyTls.encrypt_data(@state, data, data.length)
78
- end
79
-
80
- def decrypt(data)
81
- return unless @started
82
- ::RubyTls.decrypt_data(@state, data, data.length)
83
- end
84
-
85
-
86
- protected
87
-
88
-
89
- class Callback < ::FFI::Function
90
- #
91
- # Creates a new Parser callback.
92
- #
93
- def self.new(callbacks)
94
- super(:void, [::RubyTls::State.ptr]) do |state|
95
- begin
96
- yield
97
- rescue => e
98
- # shutdown the connection on error
99
- # TODO:: Provide some debugging output
100
- callbacks[:close_cb].call state
101
- end
102
- end
103
- end
104
- end
105
-
106
- class DataCallback < ::FFI::Function
107
- def self.new(callbacks)
108
- super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
109
- begin
110
- data = buffer.get_bytes(0, length)
111
- yield(data)
112
- rescue => e
113
- # shutdown the connection on error
114
- # TODO:: Provide some debugging output
115
- callbacks[:close_cb].call state
116
- end
117
- end
118
- end
119
- end
120
- end
121
- end
1
+
2
+ module RubyTls
3
+ class Connection
4
+ CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
5
+
6
+ #
7
+ # Initializes the State instance.
8
+ #
9
+ def initialize(callback_obj = nil)
10
+ @state = ::RubyTls::State.new
11
+ @callbacks = {} # so GC doesn't clean them up on java
12
+ @started = false
13
+
14
+ if not callback_obj.nil?
15
+ CALLBACKS.each do |callback|
16
+ self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
17
+ end
18
+ end
19
+
20
+ yield self if block_given?
21
+ end
22
+
23
+ def close_cb(&block)
24
+ cb = Callback.new(@callbacks, &block)
25
+ @callbacks[:close_cb] = cb
26
+ @state[:close_cb] = cb
27
+ end
28
+
29
+ def verify_cb
30
+ cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
31
+ begin
32
+ yield(cert) == true ? 1 : 0
33
+ rescue
34
+ # TODO:: Provide some debugging output
35
+ 0
36
+ end
37
+ end
38
+ @callbacks[:verify_cb] = cb
39
+ @state[:verify_cb] = cb
40
+ end
41
+
42
+ def dispatch_cb(&block)
43
+ cb = DataCallback.new(@callbacks, &block)
44
+ @callbacks[:dispatch_cb] = cb
45
+ @state[:dispatch_cb] = cb
46
+ end
47
+
48
+ def transmit_cb(&block)
49
+ cb = DataCallback.new(@callbacks, &block)
50
+ @callbacks[:transmit_cb] = cb
51
+ @state[:transmit_cb] = cb
52
+ end
53
+
54
+ def handshake_cb(&block)
55
+ cb = Callback.new(@callbacks, &block)
56
+ @callbacks[:handshake_cb] = cb
57
+ @state[:handshake_cb] = cb
58
+ end
59
+
60
+
61
+ def start(args = {})
62
+ return if @started
63
+
64
+ server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
65
+ [priv_key, cert_chain].each do |file|
66
+ next if file.nil? or file.empty?
67
+ raise FileNotFoundException,
68
+ "Could not find #{file} to start tls" unless File.exists? file
69
+ end
70
+
71
+ @started = true
72
+ ::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
73
+ end
74
+
75
+ def encrypt(data)
76
+ return unless @started
77
+ ::RubyTls.encrypt_data(@state, data, data.length)
78
+ end
79
+
80
+ def decrypt(data)
81
+ return unless @started
82
+ ::RubyTls.decrypt_data(@state, data, data.length)
83
+ end
84
+
85
+
86
+ protected
87
+
88
+
89
+ class Callback < ::FFI::Function
90
+ #
91
+ # Creates a new Parser callback.
92
+ #
93
+ def self.new(callbacks)
94
+ super(:void, [::RubyTls::State.ptr]) do |state|
95
+ begin
96
+ yield
97
+ rescue => e
98
+ # shutdown the connection on error
99
+ # TODO:: Provide some debugging output
100
+ callbacks[:close_cb].call state
101
+ end
102
+ end
103
+ end
104
+ end
105
+
106
+ class DataCallback < ::FFI::Function
107
+ def self.new(callbacks)
108
+ super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
109
+ begin
110
+ data = buffer.get_bytes(0, length)
111
+ yield(data)
112
+ rescue => e
113
+ # shutdown the connection on error
114
+ # TODO:: Provide some debugging output
115
+ callbacks[:close_cb].call state
116
+ end
117
+ end
118
+ end
119
+ end
120
+ end
121
+ end
data/lib/ruby-tls/ext.rb CHANGED
@@ -1,32 +1,32 @@
1
- require 'ffi'
2
- require 'ffi-compiler/loader'
3
-
4
- module RubyTls
5
- extend FFI::Library
6
- ffi_lib FFI::Compiler::Loader.find('ruby-tls-ext')
7
-
8
-
9
- callback :ssl_close_cb, [:pointer], :void
10
- callback :ssl_verify_cb, [:pointer, :string], :int
11
- callback :ssl_dispatch_cb, [:pointer, :pointer, :int], :void
12
- callback :ssl_transmit_cb, [:pointer, :pointer, :int], :void
13
- callback :ssl_handshake_cb, [:pointer], :void
14
-
15
- class State < FFI::Struct
16
- layout :handshake_sig, :int,
17
-
18
- :close_cb, :ssl_close_cb,
19
- :verify_cb, :ssl_verify_cb, # Optional
20
- :dispatch_cb, :ssl_dispatch_cb,
21
- :transmit_cb, :ssl_transmit_cb,
22
- :handshake_cb, :ssl_handshake_cb, # Optional unless first to send data
23
-
24
- :ssl_box, :pointer
25
- end
26
-
27
-
28
- attach_function :start_tls, [State.by_ref, :bool, :string, :string, :bool], :void, :blocking => true
29
- attach_function :decrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
30
- attach_function :encrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
31
- #attach_function :get_peer_cert, [], :int, :blocking => true
32
- end
1
+ require 'ffi'
2
+ require 'ffi-compiler/loader'
3
+
4
+ module RubyTls
5
+ extend FFI::Library
6
+ ffi_lib FFI::Compiler::Loader.find('ruby-tls-ext')
7
+
8
+
9
+ callback :ssl_close_cb, [:pointer], :void
10
+ callback :ssl_verify_cb, [:pointer, :string], :int
11
+ callback :ssl_dispatch_cb, [:pointer, :pointer, :int], :void
12
+ callback :ssl_transmit_cb, [:pointer, :pointer, :int], :void
13
+ callback :ssl_handshake_cb, [:pointer], :void
14
+
15
+ class State < FFI::Struct
16
+ layout :handshake_sig, :int,
17
+
18
+ :close_cb, :ssl_close_cb,
19
+ :verify_cb, :ssl_verify_cb, # Optional
20
+ :dispatch_cb, :ssl_dispatch_cb,
21
+ :transmit_cb, :ssl_transmit_cb,
22
+ :handshake_cb, :ssl_handshake_cb, # Optional unless first to send data
23
+
24
+ :ssl_box, :pointer
25
+ end
26
+
27
+
28
+ attach_function :start_tls, [State.by_ref, :bool, :string, :string, :bool], :void, :blocking => true
29
+ attach_function :decrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
30
+ attach_function :encrypt_data, [State.by_ref, :pointer, :int], :void, :blocking => true
31
+ #attach_function :get_peer_cert, [], :int, :blocking => true
32
+ end
@@ -1,3 +1,3 @@
1
- module RubyTls
2
- VERSION = "1.0.0"
3
- end
1
+ module RubyTls
2
+ VERSION = "1.0.1"
3
+ end
data/lib/ruby-tls.rb CHANGED
@@ -1,7 +1,7 @@
1
- require "ffi" # Bindings to C libraries
2
-
3
- require "ruby-tls/ext" # Loads the ext using FFI
4
- require "ruby-tls/connection" # The ruby abstraction
5
-
6
- module RubyTls
7
- end
1
+ require "ffi" # Bindings to C libraries
2
+
3
+ require "ruby-tls/ext" # Loads the ext using FFI
4
+ require "ruby-tls/connection" # The ruby abstraction
5
+
6
+ module RubyTls
7
+ end
data/ruby-tls.gemspec CHANGED
@@ -1,32 +1,32 @@
1
- # -*- encoding: utf-8 -*-
2
- $:.push File.expand_path("../lib", __FILE__)
3
- require "ruby-tls/version"
4
-
5
- Gem::Specification.new do |s|
6
- s.name = "ruby-tls"
7
- s.version = RubyTls::VERSION
8
- s.authors = ["Stephen von Takach"]
9
- s.email = ["steve@cotag.me"]
10
- s.license = 'MIT'
11
- s.homepage = "https://github.com/cotag/ruby-tls"
12
- s.summary = "Abstract TLS for Ruby"
13
- s.description = <<-EOF
14
- Allows transport layers outside Ruby TCP be secured.
15
- EOF
16
-
17
-
18
- s.add_dependency 'ffi-compiler', '>= 0.0.2'
19
- s.add_dependency 'rake'
20
-
21
- s.add_development_dependency 'rspec'
22
- s.add_development_dependency 'yard'
23
-
24
-
25
- s.files = Dir["{lib}/**/*"] + %w(Rakefile ruby-tls.gemspec README.md EM-LICENSE)
26
- s.files += ["ext/tls/ssl.cpp", "ext/tls/ssl.h", "ext/tls/page.cpp", "ext/tls/page.h"]
27
- s.test_files = Dir["spec/**/*"]
28
- s.extra_rdoc_files = ["README.md"]
29
-
30
- s.extensions << "ext/Rakefile"
31
- s.require_paths = ["lib"]
32
- end
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path("../lib", __FILE__)
3
+ require "ruby-tls/version"
4
+
5
+ Gem::Specification.new do |s|
6
+ s.name = "ruby-tls"
7
+ s.version = RubyTls::VERSION
8
+ s.authors = ["Stephen von Takach"]
9
+ s.email = ["steve@cotag.me"]
10
+ s.licenses = ["Ruby", "GPL"]
11
+ s.homepage = "https://github.com/cotag/ruby-tls"
12
+ s.summary = "Abstract TLS for Ruby"
13
+ s.description = <<-EOF
14
+ Allows transport layers outside Ruby TCP be secured.
15
+ EOF
16
+
17
+
18
+ s.add_dependency 'ffi-compiler', '>= 0.0.2'
19
+ s.add_dependency 'rake'
20
+
21
+ s.add_development_dependency 'rspec'
22
+ s.add_development_dependency 'yard'
23
+
24
+
25
+ s.files = Dir["{lib}/**/*"] + %w(Rakefile ruby-tls.gemspec README.md EM-LICENSE)
26
+ s.files += ["ext/tls/ssl.cpp", "ext/tls/ssl.h", "ext/tls/page.cpp", "ext/tls/page.h"]
27
+ s.test_files = Dir["spec/**/*"]
28
+ s.extra_rdoc_files = ["README.md"]
29
+
30
+ s.extensions << "ext/Rakefile"
31
+ s.require_paths = ["lib"]
32
+ end