ruby-tls 1.0.3 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +100 -71
- data/lib/ruby-tls.rb +5 -7
- data/lib/ruby-tls/ssl.rb +582 -0
- data/lib/ruby-tls/version.rb +3 -3
- data/ruby-tls.gemspec +30 -32
- data/spec/client.crt +31 -31
- data/spec/client.key +51 -51
- data/spec/comms_spec.rb +110 -156
- data/spec/verify_spec.rb +155 -120
- metadata +37 -47
- data/EM-LICENSE +0 -60
- data/Rakefile +0 -19
- data/ext/Rakefile +0 -18
- data/ext/tls/page.cpp +0 -102
- data/ext/tls/page.h +0 -61
- data/ext/tls/ssl.cpp +0 -594
- data/ext/tls/ssl.h +0 -130
- data/lib/ruby-tls/connection.rb +0 -124
- data/lib/ruby-tls/ext.rb +0 -39
data/spec/verify_spec.rb
CHANGED
|
@@ -1,120 +1,155 @@
|
|
|
1
|
-
require 'ruby-tls'
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
describe RubyTls do
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
@
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
@
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
@
|
|
27
|
-
@
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
@
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
@client
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
@
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
@
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
@
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
end
|
|
120
|
-
|
|
1
|
+
require 'ruby-tls'
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
describe RubyTls do
|
|
5
|
+
|
|
6
|
+
class Client2
|
|
7
|
+
def initialize(client_data, dir)
|
|
8
|
+
@client_data = client_data
|
|
9
|
+
@ssl = RubyTls::SSL::Box.new(false, self, private_key: dir + 'client.key', cert_chain: dir + 'client.crt')
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
attr_reader :ssl
|
|
13
|
+
attr_accessor :stop
|
|
14
|
+
attr_accessor :server
|
|
15
|
+
|
|
16
|
+
def close_cb
|
|
17
|
+
@client_data << 'close'
|
|
18
|
+
@stop = true
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def dispatch_cb(data)
|
|
22
|
+
@client_data << data
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def transmit_cb(data)
|
|
26
|
+
if not @server.started
|
|
27
|
+
@server.started = true
|
|
28
|
+
@server.ssl.start
|
|
29
|
+
end
|
|
30
|
+
@server.ssl.decrypt(data) unless @stop
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def handshake_cb
|
|
34
|
+
@client_data << 'ready'
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
describe RubyTls::SSL::Box do
|
|
39
|
+
before :each do
|
|
40
|
+
@dir = File.dirname(File.expand_path(__FILE__)) + '/'
|
|
41
|
+
@cert_from_file = File.read(@dir + 'client.crt')
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
it "should verify the peer" do
|
|
45
|
+
@server_data = []
|
|
46
|
+
@client_data = []
|
|
47
|
+
|
|
48
|
+
|
|
49
|
+
class Server2
|
|
50
|
+
def initialize(client, server_data)
|
|
51
|
+
@client = client
|
|
52
|
+
@server_data = server_data
|
|
53
|
+
@ssl = RubyTls::SSL::Box.new(true, self, verify_peer: true)
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
attr_reader :ssl
|
|
57
|
+
attr_accessor :started
|
|
58
|
+
attr_accessor :stop
|
|
59
|
+
attr_accessor :cert_from_server
|
|
60
|
+
|
|
61
|
+
def close_cb
|
|
62
|
+
@server_data << 'close'
|
|
63
|
+
@stop = true
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
def dispatch_cb(data)
|
|
67
|
+
@server_data << data
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
def transmit_cb(data)
|
|
71
|
+
@client.ssl.decrypt(data) unless @stop
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def handshake_cb
|
|
75
|
+
@server_data << 'ready'
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
def verify_cb(cert)
|
|
79
|
+
@server_data << 'verify'
|
|
80
|
+
@cert_from_server = cert
|
|
81
|
+
true
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
|
|
86
|
+
@client = Client2.new(@client_data, @dir)
|
|
87
|
+
@server = Server2.new(@client, @server_data)
|
|
88
|
+
@client.server = @server
|
|
89
|
+
|
|
90
|
+
@client.ssl.start
|
|
91
|
+
@client.ssl.cleanup
|
|
92
|
+
@server.ssl.cleanup
|
|
93
|
+
|
|
94
|
+
expect(@client_data).to eq(['ready'])
|
|
95
|
+
expect(@server_data).to eq(['ready', 'verify', 'verify', 'verify'])
|
|
96
|
+
expect(@server.cert_from_server).to eq(@cert_from_file)
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
|
|
100
|
+
it "should deny the connection" do
|
|
101
|
+
@server_data = []
|
|
102
|
+
@client_data = []
|
|
103
|
+
|
|
104
|
+
class Server3
|
|
105
|
+
def initialize(client, server_data)
|
|
106
|
+
@client = client
|
|
107
|
+
@server_data = server_data
|
|
108
|
+
@ssl = RubyTls::SSL::Box.new(true, self, verify_peer: true)
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
attr_reader :ssl
|
|
112
|
+
attr_accessor :started
|
|
113
|
+
attr_accessor :stop
|
|
114
|
+
attr_accessor :cert_from_server
|
|
115
|
+
|
|
116
|
+
def close_cb
|
|
117
|
+
@server_data << 'close'
|
|
118
|
+
@stop = true
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
def dispatch_cb(data)
|
|
122
|
+
@server_data << data
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
def transmit_cb(data)
|
|
126
|
+
@client.ssl.decrypt(data) unless @stop
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
def handshake_cb
|
|
130
|
+
@server_data << 'ready'
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
def verify_cb(cert)
|
|
134
|
+
@server_data << 'verify'
|
|
135
|
+
@cert_from_server = cert
|
|
136
|
+
false
|
|
137
|
+
end
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
@client = Client2.new(@client_data, @dir)
|
|
141
|
+
@server = Server3.new(@client, @server_data)
|
|
142
|
+
@client.server = @server
|
|
143
|
+
|
|
144
|
+
@client.ssl.start
|
|
145
|
+
@client.ssl.cleanup
|
|
146
|
+
@server.ssl.cleanup
|
|
147
|
+
|
|
148
|
+
expect(@client_data).to eq(['ready'])
|
|
149
|
+
expect(@server_data).to eq(['ready', 'verify', 'close'])
|
|
150
|
+
|
|
151
|
+
expect(@server.cert_from_server).to eq(@cert_from_file)
|
|
152
|
+
end
|
|
153
|
+
end
|
|
154
|
+
end
|
|
155
|
+
|
metadata
CHANGED
|
@@ -1,121 +1,111 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby-tls
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 2.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stephen von Takach
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-03-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: ffi-compiler
|
|
15
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
16
|
-
requirements:
|
|
17
|
-
- - '>='
|
|
18
|
-
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.0.2
|
|
20
15
|
requirement: !ruby/object:Gem::Requirement
|
|
21
16
|
requirements:
|
|
22
|
-
- -
|
|
17
|
+
- - ">="
|
|
23
18
|
- !ruby/object:Gem::Version
|
|
24
19
|
version: 0.0.2
|
|
25
|
-
prerelease: false
|
|
26
20
|
type: :runtime
|
|
27
|
-
|
|
28
|
-
name: rake
|
|
21
|
+
prerelease: false
|
|
29
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
30
23
|
requirements:
|
|
31
|
-
- -
|
|
24
|
+
- - ">="
|
|
32
25
|
- !ruby/object:Gem::Version
|
|
33
|
-
version:
|
|
26
|
+
version: 0.0.2
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: thread_safe
|
|
34
29
|
requirement: !ruby/object:Gem::Requirement
|
|
35
30
|
requirements:
|
|
36
|
-
- -
|
|
31
|
+
- - ">="
|
|
37
32
|
- !ruby/object:Gem::Version
|
|
38
33
|
version: '0'
|
|
39
|
-
prerelease: false
|
|
40
34
|
type: :runtime
|
|
41
|
-
|
|
42
|
-
name: rspec
|
|
35
|
+
prerelease: false
|
|
43
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
44
37
|
requirements:
|
|
45
|
-
- -
|
|
38
|
+
- - ">="
|
|
46
39
|
- !ruby/object:Gem::Version
|
|
47
40
|
version: '0'
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: rspec
|
|
48
43
|
requirement: !ruby/object:Gem::Requirement
|
|
49
44
|
requirements:
|
|
50
|
-
- -
|
|
45
|
+
- - ">="
|
|
51
46
|
- !ruby/object:Gem::Version
|
|
52
47
|
version: '0'
|
|
53
|
-
prerelease: false
|
|
54
48
|
type: :development
|
|
55
|
-
|
|
56
|
-
name: yard
|
|
49
|
+
prerelease: false
|
|
57
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
58
51
|
requirements:
|
|
59
|
-
- -
|
|
52
|
+
- - ">="
|
|
60
53
|
- !ruby/object:Gem::Version
|
|
61
54
|
version: '0'
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: yard
|
|
62
57
|
requirement: !ruby/object:Gem::Requirement
|
|
63
58
|
requirements:
|
|
64
|
-
- -
|
|
59
|
+
- - ">="
|
|
65
60
|
- !ruby/object:Gem::Version
|
|
66
61
|
version: '0'
|
|
67
|
-
prerelease: false
|
|
68
62
|
type: :development
|
|
63
|
+
prerelease: false
|
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
+
requirements:
|
|
66
|
+
- - ">="
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: '0'
|
|
69
69
|
description: |2
|
|
70
70
|
Allows transport layers outside Ruby TCP be secured.
|
|
71
71
|
email:
|
|
72
72
|
- steve@cotag.me
|
|
73
73
|
executables: []
|
|
74
|
-
extensions:
|
|
75
|
-
- ext/Rakefile
|
|
74
|
+
extensions: []
|
|
76
75
|
extra_rdoc_files:
|
|
77
76
|
- README.md
|
|
78
77
|
files:
|
|
78
|
+
- README.md
|
|
79
79
|
- lib/ruby-tls.rb
|
|
80
|
-
- lib/ruby-tls/
|
|
81
|
-
- lib/ruby-tls/ext.rb
|
|
80
|
+
- lib/ruby-tls/ssl.rb
|
|
82
81
|
- lib/ruby-tls/version.rb
|
|
83
|
-
- Rakefile
|
|
84
82
|
- ruby-tls.gemspec
|
|
85
|
-
- README.md
|
|
86
|
-
- EM-LICENSE
|
|
87
|
-
- ext/tls/ssl.cpp
|
|
88
|
-
- ext/tls/ssl.h
|
|
89
|
-
- ext/tls/page.cpp
|
|
90
|
-
- ext/tls/page.h
|
|
91
83
|
- spec/client.crt
|
|
92
84
|
- spec/client.key
|
|
93
85
|
- spec/comms_spec.rb
|
|
94
86
|
- spec/verify_spec.rb
|
|
95
|
-
- ext/Rakefile
|
|
96
87
|
homepage: https://github.com/cotag/ruby-tls
|
|
97
88
|
licenses:
|
|
98
|
-
-
|
|
99
|
-
- GPL
|
|
89
|
+
- MIT
|
|
100
90
|
metadata: {}
|
|
101
|
-
post_install_message:
|
|
91
|
+
post_install_message:
|
|
102
92
|
rdoc_options: []
|
|
103
93
|
require_paths:
|
|
104
94
|
- lib
|
|
105
95
|
required_ruby_version: !ruby/object:Gem::Requirement
|
|
106
96
|
requirements:
|
|
107
|
-
- -
|
|
97
|
+
- - ">="
|
|
108
98
|
- !ruby/object:Gem::Version
|
|
109
99
|
version: '0'
|
|
110
100
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
111
101
|
requirements:
|
|
112
|
-
- -
|
|
102
|
+
- - ">="
|
|
113
103
|
- !ruby/object:Gem::Version
|
|
114
104
|
version: '0'
|
|
115
105
|
requirements: []
|
|
116
|
-
rubyforge_project:
|
|
117
|
-
rubygems_version: 2.
|
|
118
|
-
signing_key:
|
|
106
|
+
rubyforge_project:
|
|
107
|
+
rubygems_version: 2.4.5
|
|
108
|
+
signing_key:
|
|
119
109
|
specification_version: 4
|
|
120
110
|
summary: Abstract TLS for Ruby
|
|
121
111
|
test_files:
|
|
@@ -123,4 +113,4 @@ test_files:
|
|
|
123
113
|
- spec/client.key
|
|
124
114
|
- spec/comms_spec.rb
|
|
125
115
|
- spec/verify_spec.rb
|
|
126
|
-
has_rdoc:
|
|
116
|
+
has_rdoc:
|
data/EM-LICENSE
DELETED
|
@@ -1,60 +0,0 @@
|
|
|
1
|
-
EventMachine is copyrighted free software owned by Francis Cianfrocca
|
|
2
|
-
(blackhedd ... gmail.com). The Owner of this software permits you to
|
|
3
|
-
redistribute and/or modify the software under either the terms of the GPL
|
|
4
|
-
version 2 (see the file GPL), or the conditions below ("Ruby License"):
|
|
5
|
-
|
|
6
|
-
1. You may make and give away verbatim copies of the source form of this
|
|
7
|
-
software without restriction, provided that you retain ALL of the
|
|
8
|
-
original copyright notices and associated disclaimers.
|
|
9
|
-
|
|
10
|
-
2. You may modify your copy of the software in any way, provided that
|
|
11
|
-
you do at least ONE of the following:
|
|
12
|
-
|
|
13
|
-
a) place your modifications in the Public Domain or otherwise
|
|
14
|
-
make them Freely Available, such as by posting said
|
|
15
|
-
modifications to Usenet or an equivalent medium, or by allowing
|
|
16
|
-
the author to include your modifications in the software.
|
|
17
|
-
|
|
18
|
-
b) use the modified software only within your corporation or
|
|
19
|
-
organization.
|
|
20
|
-
|
|
21
|
-
c) give non-standard binaries non-standard names, with
|
|
22
|
-
instructions on where to get the original software distribution.
|
|
23
|
-
|
|
24
|
-
d) make other distribution arrangements with the Owner.
|
|
25
|
-
|
|
26
|
-
3. You may distribute the software in object code or binary form,
|
|
27
|
-
provided that you do at least ONE of the following:
|
|
28
|
-
|
|
29
|
-
a) distribute the binaries and library files of the software,
|
|
30
|
-
together with instructions (in a manual page or equivalent)
|
|
31
|
-
on where to get the original distribution.
|
|
32
|
-
|
|
33
|
-
b) accompany the distribution with the machine-readable source of
|
|
34
|
-
the software.
|
|
35
|
-
|
|
36
|
-
c) give non-standard binaries non-standard names, with
|
|
37
|
-
instructions on where to get the original software distribution.
|
|
38
|
-
|
|
39
|
-
d) make other distribution arrangements with the Owner.
|
|
40
|
-
|
|
41
|
-
4. You may modify and include parts of the software into any other
|
|
42
|
-
software (possibly commercial), provided you comply with the terms in
|
|
43
|
-
Sections 1, 2, and 3 above. But some files in the distribution
|
|
44
|
-
are not written by the Owner, so they may be made available to you
|
|
45
|
-
under different terms.
|
|
46
|
-
|
|
47
|
-
For the list of those files and their copying conditions, see the
|
|
48
|
-
file LEGAL.
|
|
49
|
-
|
|
50
|
-
5. The scripts and library files supplied as input to or produced as
|
|
51
|
-
output from the software do not automatically fall under the
|
|
52
|
-
copyright of the software, but belong to whoever generated them,
|
|
53
|
-
and may be sold commercially, and may be aggregated with this
|
|
54
|
-
software.
|
|
55
|
-
|
|
56
|
-
6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
|
|
57
|
-
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
|
58
|
-
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
59
|
-
PURPOSE.
|
|
60
|
-
|