ruby-tls 1.0.3 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +100 -71
- data/lib/ruby-tls.rb +5 -7
- data/lib/ruby-tls/ssl.rb +582 -0
- data/lib/ruby-tls/version.rb +3 -3
- data/ruby-tls.gemspec +30 -32
- data/spec/client.crt +31 -31
- data/spec/client.key +51 -51
- data/spec/comms_spec.rb +110 -156
- data/spec/verify_spec.rb +155 -120
- metadata +37 -47
- data/EM-LICENSE +0 -60
- data/Rakefile +0 -19
- data/ext/Rakefile +0 -18
- data/ext/tls/page.cpp +0 -102
- data/ext/tls/page.h +0 -61
- data/ext/tls/ssl.cpp +0 -594
- data/ext/tls/ssl.h +0 -130
- data/lib/ruby-tls/connection.rb +0 -124
- data/lib/ruby-tls/ext.rb +0 -39
data/spec/verify_spec.rb
CHANGED
@@ -1,120 +1,155 @@
|
|
1
|
-
require 'ruby-tls'
|
2
|
-
|
3
|
-
|
4
|
-
describe RubyTls do
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
@
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
@
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
@
|
27
|
-
@
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
@
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
@client
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
@
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
@
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
@
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
end
|
120
|
-
|
1
|
+
require 'ruby-tls'
|
2
|
+
|
3
|
+
|
4
|
+
describe RubyTls do
|
5
|
+
|
6
|
+
class Client2
|
7
|
+
def initialize(client_data, dir)
|
8
|
+
@client_data = client_data
|
9
|
+
@ssl = RubyTls::SSL::Box.new(false, self, private_key: dir + 'client.key', cert_chain: dir + 'client.crt')
|
10
|
+
end
|
11
|
+
|
12
|
+
attr_reader :ssl
|
13
|
+
attr_accessor :stop
|
14
|
+
attr_accessor :server
|
15
|
+
|
16
|
+
def close_cb
|
17
|
+
@client_data << 'close'
|
18
|
+
@stop = true
|
19
|
+
end
|
20
|
+
|
21
|
+
def dispatch_cb(data)
|
22
|
+
@client_data << data
|
23
|
+
end
|
24
|
+
|
25
|
+
def transmit_cb(data)
|
26
|
+
if not @server.started
|
27
|
+
@server.started = true
|
28
|
+
@server.ssl.start
|
29
|
+
end
|
30
|
+
@server.ssl.decrypt(data) unless @stop
|
31
|
+
end
|
32
|
+
|
33
|
+
def handshake_cb
|
34
|
+
@client_data << 'ready'
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
describe RubyTls::SSL::Box do
|
39
|
+
before :each do
|
40
|
+
@dir = File.dirname(File.expand_path(__FILE__)) + '/'
|
41
|
+
@cert_from_file = File.read(@dir + 'client.crt')
|
42
|
+
end
|
43
|
+
|
44
|
+
it "should verify the peer" do
|
45
|
+
@server_data = []
|
46
|
+
@client_data = []
|
47
|
+
|
48
|
+
|
49
|
+
class Server2
|
50
|
+
def initialize(client, server_data)
|
51
|
+
@client = client
|
52
|
+
@server_data = server_data
|
53
|
+
@ssl = RubyTls::SSL::Box.new(true, self, verify_peer: true)
|
54
|
+
end
|
55
|
+
|
56
|
+
attr_reader :ssl
|
57
|
+
attr_accessor :started
|
58
|
+
attr_accessor :stop
|
59
|
+
attr_accessor :cert_from_server
|
60
|
+
|
61
|
+
def close_cb
|
62
|
+
@server_data << 'close'
|
63
|
+
@stop = true
|
64
|
+
end
|
65
|
+
|
66
|
+
def dispatch_cb(data)
|
67
|
+
@server_data << data
|
68
|
+
end
|
69
|
+
|
70
|
+
def transmit_cb(data)
|
71
|
+
@client.ssl.decrypt(data) unless @stop
|
72
|
+
end
|
73
|
+
|
74
|
+
def handshake_cb
|
75
|
+
@server_data << 'ready'
|
76
|
+
end
|
77
|
+
|
78
|
+
def verify_cb(cert)
|
79
|
+
@server_data << 'verify'
|
80
|
+
@cert_from_server = cert
|
81
|
+
true
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
85
|
+
|
86
|
+
@client = Client2.new(@client_data, @dir)
|
87
|
+
@server = Server2.new(@client, @server_data)
|
88
|
+
@client.server = @server
|
89
|
+
|
90
|
+
@client.ssl.start
|
91
|
+
@client.ssl.cleanup
|
92
|
+
@server.ssl.cleanup
|
93
|
+
|
94
|
+
expect(@client_data).to eq(['ready'])
|
95
|
+
expect(@server_data).to eq(['ready', 'verify', 'verify', 'verify'])
|
96
|
+
expect(@server.cert_from_server).to eq(@cert_from_file)
|
97
|
+
end
|
98
|
+
|
99
|
+
|
100
|
+
it "should deny the connection" do
|
101
|
+
@server_data = []
|
102
|
+
@client_data = []
|
103
|
+
|
104
|
+
class Server3
|
105
|
+
def initialize(client, server_data)
|
106
|
+
@client = client
|
107
|
+
@server_data = server_data
|
108
|
+
@ssl = RubyTls::SSL::Box.new(true, self, verify_peer: true)
|
109
|
+
end
|
110
|
+
|
111
|
+
attr_reader :ssl
|
112
|
+
attr_accessor :started
|
113
|
+
attr_accessor :stop
|
114
|
+
attr_accessor :cert_from_server
|
115
|
+
|
116
|
+
def close_cb
|
117
|
+
@server_data << 'close'
|
118
|
+
@stop = true
|
119
|
+
end
|
120
|
+
|
121
|
+
def dispatch_cb(data)
|
122
|
+
@server_data << data
|
123
|
+
end
|
124
|
+
|
125
|
+
def transmit_cb(data)
|
126
|
+
@client.ssl.decrypt(data) unless @stop
|
127
|
+
end
|
128
|
+
|
129
|
+
def handshake_cb
|
130
|
+
@server_data << 'ready'
|
131
|
+
end
|
132
|
+
|
133
|
+
def verify_cb(cert)
|
134
|
+
@server_data << 'verify'
|
135
|
+
@cert_from_server = cert
|
136
|
+
false
|
137
|
+
end
|
138
|
+
end
|
139
|
+
|
140
|
+
@client = Client2.new(@client_data, @dir)
|
141
|
+
@server = Server3.new(@client, @server_data)
|
142
|
+
@client.server = @server
|
143
|
+
|
144
|
+
@client.ssl.start
|
145
|
+
@client.ssl.cleanup
|
146
|
+
@server.ssl.cleanup
|
147
|
+
|
148
|
+
expect(@client_data).to eq(['ready'])
|
149
|
+
expect(@server_data).to eq(['ready', 'verify', 'close'])
|
150
|
+
|
151
|
+
expect(@server.cert_from_server).to eq(@cert_from_file)
|
152
|
+
end
|
153
|
+
end
|
154
|
+
end
|
155
|
+
|
metadata
CHANGED
@@ -1,121 +1,111 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ruby-tls
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 2.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Stephen von Takach
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2015-03-06 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ffi-compiler
|
15
|
-
version_requirements: !ruby/object:Gem::Requirement
|
16
|
-
requirements:
|
17
|
-
- - '>='
|
18
|
-
- !ruby/object:Gem::Version
|
19
|
-
version: 0.0.2
|
20
15
|
requirement: !ruby/object:Gem::Requirement
|
21
16
|
requirements:
|
22
|
-
- -
|
17
|
+
- - ">="
|
23
18
|
- !ruby/object:Gem::Version
|
24
19
|
version: 0.0.2
|
25
|
-
prerelease: false
|
26
20
|
type: :runtime
|
27
|
-
|
28
|
-
name: rake
|
21
|
+
prerelease: false
|
29
22
|
version_requirements: !ruby/object:Gem::Requirement
|
30
23
|
requirements:
|
31
|
-
- -
|
24
|
+
- - ">="
|
32
25
|
- !ruby/object:Gem::Version
|
33
|
-
version:
|
26
|
+
version: 0.0.2
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: thread_safe
|
34
29
|
requirement: !ruby/object:Gem::Requirement
|
35
30
|
requirements:
|
36
|
-
- -
|
31
|
+
- - ">="
|
37
32
|
- !ruby/object:Gem::Version
|
38
33
|
version: '0'
|
39
|
-
prerelease: false
|
40
34
|
type: :runtime
|
41
|
-
|
42
|
-
name: rspec
|
35
|
+
prerelease: false
|
43
36
|
version_requirements: !ruby/object:Gem::Requirement
|
44
37
|
requirements:
|
45
|
-
- -
|
38
|
+
- - ">="
|
46
39
|
- !ruby/object:Gem::Version
|
47
40
|
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
48
43
|
requirement: !ruby/object:Gem::Requirement
|
49
44
|
requirements:
|
50
|
-
- -
|
45
|
+
- - ">="
|
51
46
|
- !ruby/object:Gem::Version
|
52
47
|
version: '0'
|
53
|
-
prerelease: false
|
54
48
|
type: :development
|
55
|
-
|
56
|
-
name: yard
|
49
|
+
prerelease: false
|
57
50
|
version_requirements: !ruby/object:Gem::Requirement
|
58
51
|
requirements:
|
59
|
-
- -
|
52
|
+
- - ">="
|
60
53
|
- !ruby/object:Gem::Version
|
61
54
|
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: yard
|
62
57
|
requirement: !ruby/object:Gem::Requirement
|
63
58
|
requirements:
|
64
|
-
- -
|
59
|
+
- - ">="
|
65
60
|
- !ruby/object:Gem::Version
|
66
61
|
version: '0'
|
67
|
-
prerelease: false
|
68
62
|
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
69
|
description: |2
|
70
70
|
Allows transport layers outside Ruby TCP be secured.
|
71
71
|
email:
|
72
72
|
- steve@cotag.me
|
73
73
|
executables: []
|
74
|
-
extensions:
|
75
|
-
- ext/Rakefile
|
74
|
+
extensions: []
|
76
75
|
extra_rdoc_files:
|
77
76
|
- README.md
|
78
77
|
files:
|
78
|
+
- README.md
|
79
79
|
- lib/ruby-tls.rb
|
80
|
-
- lib/ruby-tls/
|
81
|
-
- lib/ruby-tls/ext.rb
|
80
|
+
- lib/ruby-tls/ssl.rb
|
82
81
|
- lib/ruby-tls/version.rb
|
83
|
-
- Rakefile
|
84
82
|
- ruby-tls.gemspec
|
85
|
-
- README.md
|
86
|
-
- EM-LICENSE
|
87
|
-
- ext/tls/ssl.cpp
|
88
|
-
- ext/tls/ssl.h
|
89
|
-
- ext/tls/page.cpp
|
90
|
-
- ext/tls/page.h
|
91
83
|
- spec/client.crt
|
92
84
|
- spec/client.key
|
93
85
|
- spec/comms_spec.rb
|
94
86
|
- spec/verify_spec.rb
|
95
|
-
- ext/Rakefile
|
96
87
|
homepage: https://github.com/cotag/ruby-tls
|
97
88
|
licenses:
|
98
|
-
-
|
99
|
-
- GPL
|
89
|
+
- MIT
|
100
90
|
metadata: {}
|
101
|
-
post_install_message:
|
91
|
+
post_install_message:
|
102
92
|
rdoc_options: []
|
103
93
|
require_paths:
|
104
94
|
- lib
|
105
95
|
required_ruby_version: !ruby/object:Gem::Requirement
|
106
96
|
requirements:
|
107
|
-
- -
|
97
|
+
- - ">="
|
108
98
|
- !ruby/object:Gem::Version
|
109
99
|
version: '0'
|
110
100
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
111
101
|
requirements:
|
112
|
-
- -
|
102
|
+
- - ">="
|
113
103
|
- !ruby/object:Gem::Version
|
114
104
|
version: '0'
|
115
105
|
requirements: []
|
116
|
-
rubyforge_project:
|
117
|
-
rubygems_version: 2.
|
118
|
-
signing_key:
|
106
|
+
rubyforge_project:
|
107
|
+
rubygems_version: 2.4.5
|
108
|
+
signing_key:
|
119
109
|
specification_version: 4
|
120
110
|
summary: Abstract TLS for Ruby
|
121
111
|
test_files:
|
@@ -123,4 +113,4 @@ test_files:
|
|
123
113
|
- spec/client.key
|
124
114
|
- spec/comms_spec.rb
|
125
115
|
- spec/verify_spec.rb
|
126
|
-
has_rdoc:
|
116
|
+
has_rdoc:
|
data/EM-LICENSE
DELETED
@@ -1,60 +0,0 @@
|
|
1
|
-
EventMachine is copyrighted free software owned by Francis Cianfrocca
|
2
|
-
(blackhedd ... gmail.com). The Owner of this software permits you to
|
3
|
-
redistribute and/or modify the software under either the terms of the GPL
|
4
|
-
version 2 (see the file GPL), or the conditions below ("Ruby License"):
|
5
|
-
|
6
|
-
1. You may make and give away verbatim copies of the source form of this
|
7
|
-
software without restriction, provided that you retain ALL of the
|
8
|
-
original copyright notices and associated disclaimers.
|
9
|
-
|
10
|
-
2. You may modify your copy of the software in any way, provided that
|
11
|
-
you do at least ONE of the following:
|
12
|
-
|
13
|
-
a) place your modifications in the Public Domain or otherwise
|
14
|
-
make them Freely Available, such as by posting said
|
15
|
-
modifications to Usenet or an equivalent medium, or by allowing
|
16
|
-
the author to include your modifications in the software.
|
17
|
-
|
18
|
-
b) use the modified software only within your corporation or
|
19
|
-
organization.
|
20
|
-
|
21
|
-
c) give non-standard binaries non-standard names, with
|
22
|
-
instructions on where to get the original software distribution.
|
23
|
-
|
24
|
-
d) make other distribution arrangements with the Owner.
|
25
|
-
|
26
|
-
3. You may distribute the software in object code or binary form,
|
27
|
-
provided that you do at least ONE of the following:
|
28
|
-
|
29
|
-
a) distribute the binaries and library files of the software,
|
30
|
-
together with instructions (in a manual page or equivalent)
|
31
|
-
on where to get the original distribution.
|
32
|
-
|
33
|
-
b) accompany the distribution with the machine-readable source of
|
34
|
-
the software.
|
35
|
-
|
36
|
-
c) give non-standard binaries non-standard names, with
|
37
|
-
instructions on where to get the original software distribution.
|
38
|
-
|
39
|
-
d) make other distribution arrangements with the Owner.
|
40
|
-
|
41
|
-
4. You may modify and include parts of the software into any other
|
42
|
-
software (possibly commercial), provided you comply with the terms in
|
43
|
-
Sections 1, 2, and 3 above. But some files in the distribution
|
44
|
-
are not written by the Owner, so they may be made available to you
|
45
|
-
under different terms.
|
46
|
-
|
47
|
-
For the list of those files and their copying conditions, see the
|
48
|
-
file LEGAL.
|
49
|
-
|
50
|
-
5. The scripts and library files supplied as input to or produced as
|
51
|
-
output from the software do not automatically fall under the
|
52
|
-
copyright of the software, but belong to whoever generated them,
|
53
|
-
and may be sold commercially, and may be aggregated with this
|
54
|
-
software.
|
55
|
-
|
56
|
-
6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
|
57
|
-
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
58
|
-
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
59
|
-
PURPOSE.
|
60
|
-
|