RubyGems - ruby-tls - Versions diffs - 1.0.2 → 1.0.3 - Mend

ruby-tls 1.0.2 → 1.0.3

Files changed (19) hide show

checksums.yaml +4 -4
data/EM-LICENSE +60 -60
data/README.md +71 -71
data/Rakefile +19 -19
data/ext/Rakefile +18 -18
data/ext/tls/page.cpp +102 -102
data/ext/tls/page.h +61 -61
data/ext/tls/ssl.cpp +594 -587
data/ext/tls/ssl.h +130 -129
data/lib/ruby-tls.rb +7 -7
data/lib/ruby-tls/connection.rb +124 -121
data/lib/ruby-tls/ext.rb +39 -38
data/lib/ruby-tls/version.rb +3 -3
data/ruby-tls.gemspec +32 -32
data/spec/client.crt +31 -31
data/spec/client.key +51 -51
data/spec/comms_spec.rb +156 -147
data/spec/verify_spec.rb +120 -118
metadata +34 -34

data/ext/tls/ssl.h CHANGED

@@ -1,129 +1,130 @@
-/*****************************************************************************
-$Id$
-File:     ssl.h
-Date:     30Apr06
-Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
-Gmail: blackhedd
-This program is free software; you can redistribute it and/or modify
-it under the terms of either: 1) the GNU General Public License
-as published by the Free Software Foundation; either version 2 of the
-License, or (at your option) any later version; or 2) Ruby's License.
-See the file COPYING for complete licensing information.
-*****************************************************************************/
-#ifndef __SslBox__H_
-#define __SslBox__H_
-#include <iostream>
-#include <string>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <assert.h>
-#include "page.h"
-using namespace std;
-/******************
-class SslContext_t
-******************/
-class SslContext_t
-{
-    public:
-        SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
-        virtual ~SslContext_t();
-    private:
-        bool bIsServer;
-        SSL_CTX *pCtx;
-        EVP_PKEY *PrivateKey;
-        X509 *Certificate;
-    friend class SslBox_t;
-};
-typedef struct tls_state_s tls_state_t;
-/**************
-class SslBox_t
-**************/
-class SslBox_t
-{
-    public:
-        SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
-        virtual ~SslBox_t();
-        int PutPlaintext (const char*, int);
-        int GetPlaintext (char*, int);
-        bool PutCiphertext (const char*, int);
-        bool CanGetCiphertext();
-        int GetCiphertext (char*, int);
-        bool IsHandshakeCompleted() { return bHandshakeCompleted; }
-        X509 *GetPeerCert();
-        void Shutdown();
-    protected:
-        SslContext_t *Context;
-        bool bIsServer;
-        bool bHandshakeCompleted;
-        bool bVerifyPeer;
-        SSL *pSSL;
-        BIO *pbioRead;
-        BIO *pbioWrite;
-        PageList OutboundQ;
-};
-typedef void (*ssl_close_cb)(const tls_state_t*);
-typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
-typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
-typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
-typedef void (*ssl_handshake_cb)(const tls_state_t*);
-struct tls_state_s {
-    int handshake_signaled;
-    ssl_close_cb close_cb;
-    ssl_verify_cb verify_cb;
-    ssl_dispatch_cb dispatch_cb;
-    ssl_transmit_cb transmit_cb;
-    ssl_handshake_cb handshake_cb;
-    SslBox_t* SslBox;
-};
-extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
-extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
-extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
-extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
-extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
-extern "C" void init_rubytls();
-#endif // __SslBox__H_
+/*****************************************************************************
+$Id$
+File:     ssl.h
+Date:     30Apr06
+Copyright (C) 2006-07 by Francis Cianfrocca. All Rights Reserved.
+Gmail: blackhedd
+This program is free software; you can redistribute it and/or modify
+it under the terms of either: 1) the GNU General Public License
+as published by the Free Software Foundation; either version 2 of the
+License, or (at your option) any later version; or 2) Ruby's License.
+See the file COPYING for complete licensing information.
+*****************************************************************************/
+#ifndef __SslBox__H_
+#define __SslBox__H_
+#include <iostream>
+#include <string>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include <assert.h>
+#include "page.h"
+using namespace std;
+/******************
+class SslContext_t
+******************/
+class SslContext_t
+{
+    public:
+        SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
+        virtual ~SslContext_t();
+    private:
+        bool bIsServer;
+        SSL_CTX *pCtx;
+        EVP_PKEY *PrivateKey;
+        X509 *Certificate;
+    friend class SslBox_t;
+};
+typedef struct tls_state_s tls_state_t;
+/**************
+class SslBox_t
+**************/
+class SslBox_t
+{
+    public:
+        SslBox_t (tls_state_t *tls_state, bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer);
+        virtual ~SslBox_t();
+        int PutPlaintext (const char*, int);
+        int GetPlaintext (char*, int);
+        bool PutCiphertext (const char*, int);
+        bool CanGetCiphertext();
+        int GetCiphertext (char*, int);
+        bool IsHandshakeCompleted() { return bHandshakeCompleted; }
+        X509 *GetPeerCert();
+        void Shutdown();
+    protected:
+        SslContext_t *Context;
+        bool bIsServer;
+        bool bHandshakeCompleted;
+        bool bVerifyPeer;
+        SSL *pSSL;
+        BIO *pbioRead;
+        BIO *pbioWrite;
+        PageList OutboundQ;
+};
+typedef void (*ssl_close_cb)(const tls_state_t*);
+typedef int (*ssl_verify_cb)(const tls_state_t*, const char *cert);
+typedef void (*ssl_dispatch_cb)(const tls_state_t*, const char *buffer, int size);
+typedef void (*ssl_transmit_cb)(const tls_state_t*, const char *buffer, int size);
+typedef void (*ssl_handshake_cb)(const tls_state_t*);
+struct tls_state_s {
+    int handshake_signaled;
+    ssl_close_cb close_cb;
+    ssl_verify_cb verify_cb;
+    ssl_dispatch_cb dispatch_cb;
+    ssl_transmit_cb transmit_cb;
+    ssl_handshake_cb handshake_cb;
+    SslBox_t* SslBox;
+};
+extern "C" int ssl_verify_wrapper(int preverify_ok, X509_STORE_CTX *ctx);
+extern "C" void start_tls(tls_state_t *tls_state, bool bIsServer, const char *PrivateKeyFilename, const char *CertChainFilename, bool bSslVerifyPeer);
+extern "C" void cleanup(tls_state_t *tls_state);
+extern "C" void decrypt_data(tls_state_t *tls_state, const char *buffer, int size);
+extern "C" void encrypt_data(tls_state_t *tls_state, const char *data, int length);
+extern "C" X509 *get_peer_cert(tls_state_t *tls_state);
+extern "C" void init_rubytls();
+#endif // __SslBox__H_

data/lib/ruby-tls.rb CHANGED

@@ -1,7 +1,7 @@
-require "ffi"       # Bindings to C libraries
-require "ruby-tls/ext"    # Loads the ext using FFI
-require "ruby-tls/connection"    # The ruby abstraction
-module RubyTls
-end
+require "ffi"       # Bindings to C libraries
+require "ruby-tls/ext"    # Loads the ext using FFI
+require "ruby-tls/connection"    # The ruby abstraction
+module RubyTls
+end

data/lib/ruby-tls/connection.rb CHANGED

@@ -1,121 +1,124 @@
-module RubyTls
-    class Connection
-        CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb]
-        #
-        # Initializes the State instance.
-        #
-        def initialize(callback_obj = nil)
-            @state = ::RubyTls::State.new
-            @callbacks = {} # so GC doesn't clean them up on java
-            @started = false
-            if not callback_obj.nil?
-                CALLBACKS.each do |callback|
-                    self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
-                end
-            end
-            yield self if block_given?
-        end
-        def close_cb(&block)
-            cb = Callback.new(@callbacks, &block)
-            @callbacks[:close_cb] = cb
-            @state[:close_cb] = cb
-        end
-        def verify_cb
-            cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
-                begin
-                    yield(cert) == true ? 1 : 0
-                rescue
-                    # TODO:: Provide some debugging output
-                    0
-                end
-            end
-            @callbacks[:verify_cb] = cb
-            @state[:verify_cb] = cb
-        end
-        def dispatch_cb(&block)
-            cb = DataCallback.new(@callbacks, &block)
-            @callbacks[:dispatch_cb] = cb
-            @state[:dispatch_cb] = cb
-        end
-        def transmit_cb(&block)
-            cb = DataCallback.new(@callbacks, &block)
-            @callbacks[:transmit_cb] = cb
-            @state[:transmit_cb] = cb
-        end
-        def handshake_cb(&block)
-            cb = Callback.new(@callbacks, &block)
-            @callbacks[:handshake_cb] = cb
-            @state[:handshake_cb] = cb
-        end
-        def start(args = {})
-            return if @started
-            server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
-            [priv_key, cert_chain].each do |file|
-                next if file.nil? or file.empty?
-                raise FileNotFoundException,
-                "Could not find #{file} to start tls" unless File.exists? file
-            end
-            @started = true
-            ::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
-        end
-        def encrypt(data)
-            return unless @started
-            ::RubyTls.encrypt_data(@state, data, data.length)
-        end
-        def decrypt(data)
-            return unless @started
-            ::RubyTls.decrypt_data(@state, data, data.length)
-        end
-        protected
-        class Callback < ::FFI::Function
-            #
-            # Creates a new Parser callback.
-            #
-            def self.new(callbacks)
-                super(:void, [::RubyTls::State.ptr]) do |state|
-                    begin
-                        yield
-                    rescue => e
-                        # shutdown the connection on error
-                        # TODO:: Provide some debugging output
-                        callbacks[:close_cb].call state
-                    end
-                end
-            end
-        end
-        class DataCallback < ::FFI::Function
-            def self.new(callbacks)
-                super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
-                    begin
-                        data = buffer.get_bytes(0, length)
-                        yield(data)
-                    rescue => e
-                        # shutdown the connection on error
-                        # TODO:: Provide some debugging output
-                        callbacks[:close_cb].call state
-                    end
-                end
-            end
-        end
-    end
-end
+module RubyTls
+    class Connection
+        CALLBACKS = [:close_cb, :verify_cb, :dispatch_cb, :transmit_cb, :handshake_cb].freeze
+        Callbacks = Struct.new(*CALLBACKS)
+        #
+        # Initializes the State instance.
+        #
+        def initialize(callback_obj = nil)
+            @state = ::RubyTls::State.new
+            @callbacks = Callbacks.new      # so GC doesn't clean them up on java
+            @started = false
+            # Attach callbacks if there is an object passed in to handle the callbacks
+            if not callback_obj.nil?
+                CALLBACKS.each do |callback|
+                    self.__send__(callback, &callback_obj.method(callback)) if callback_obj.respond_to? callback
+                end
+            end
+            yield self if block_given?
+        end
+        def close_cb(&block)
+            cb = Callback.new(@callbacks, &block)
+            @callbacks[:close_cb] = cb
+            @state[:close_cb] = cb
+        end
+        def verify_cb
+            cb = ::FFI::Function.new(:int, [::RubyTls::State.ptr, :string]) do |state, cert|
+                begin
+                    yield(cert) == true ? 1 : 0
+                rescue
+                    # TODO:: Provide some debugging output
+                    0
+                end
+            end
+            @callbacks[:verify_cb] = cb
+            @state[:verify_cb] = cb
+        end
+        def dispatch_cb(&block)
+            cb = DataCallback.new(@callbacks, &block)
+            @callbacks[:dispatch_cb] = cb
+            @state[:dispatch_cb] = cb
+        end
+        def transmit_cb(&block)
+            cb = DataCallback.new(@callbacks, &block)
+            @callbacks[:transmit_cb] = cb
+            @state[:transmit_cb] = cb
+        end
+        def handshake_cb(&block)
+            cb = Callback.new(@callbacks, &block)
+            @callbacks[:handshake_cb] = cb
+            @state[:handshake_cb] = cb
+        end
+        def start(args = {})
+            return if @started
+            server, priv_key, cert_chain, verify_peer = args.values_at(:server, :private_key_file, :cert_chain_file, :verify_peer)
+            [priv_key, cert_chain].each do |file|
+                next if file.nil? or file.empty?
+                raise FileNotFoundException,
+                "Could not find #{file} to start tls" unless File.exists? file
+            end
+            @started = true
+            ::RubyTls.start_tls(@state, server || false, priv_key || '', cert_chain || '', verify_peer || !!@callbacks[:verify_cb])
+        end
+        def encrypt(data)
+            ::RubyTls.encrypt_data(@state, data, data.length)
+        end
+        def decrypt(data)
+            ::RubyTls.decrypt_data(@state, data, data.length)
+        end
+        def cleanup
+            ::RubyTls.cleanup(@state)
+        end
+        protected
+        class Callback < ::FFI::Function
+            #
+            # Creates a new Parser callback.
+            #
+            def self.new(callbacks)
+                super(:void, [::RubyTls::State.ptr]) do |state|
+                    begin
+                        yield
+                    rescue => e
+                        # shutdown the connection on error
+                        # TODO:: Provide some debugging output
+                        callbacks[:close_cb].call state
+                    end
+                end
+            end
+        end
+        class DataCallback < ::FFI::Function
+            def self.new(callbacks)
+                super(:void, [::RubyTls::State.ptr, :pointer, :int]) do |state, buffer, length|
+                    begin
+                        data = buffer.get_bytes(0, length)
+                        yield(data)
+                    rescue => e
+                        # shutdown the connection on error
+                        # TODO:: Provide some debugging output
+                        callbacks[:close_cb].call state
+                    end
+                end
+            end
+        end
+    end
+end