sensu-em 2.0.0-java

data/java/src/com/rubyeventmachine/SslBox.java

@@ -0,0 +1,310 @@
+package com.rubyeventmachine;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.SocketChannel;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLEngineResult;
+import javax.net.ssl.SSLEngineResult.HandshakeStatus;
+import javax.net.ssl.SSLEngineResult.Status;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+public class SslBox {
+
+	private final SSLContext sslContext;
+	private final SSLEngine sslEngine;
+	
+    private final ByteBuffer netInBuffer;
+    private final ByteBuffer netOutBuffer;
+    private final ByteBuffer anotherBuffer;
+
+    public static ByteBuffer emptyBuf = ByteBuffer.allocate(0);
+    private final SocketChannel channel;
+
+	private boolean handshakeComplete;
+    protected HandshakeStatus handshakeStatus; //gets set by handshake
+    
+	public SslBox(boolean isServer, SocketChannel channel, KeyStore keyStore, X509TrustManager tm, boolean verifyPeer, String host, int port) {
+		try {
+			sslContext = SSLContext.getInstance("TLS");
+			KeyManager[] keyManagers = null;
+
+			if (keyStore != null) {
+				KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+				kmf.init(keyStore, null);
+				keyManagers = kmf.getKeyManagers();
+			}
+
+			sslContext.init(keyManagers, new TrustManager[] { tm }, null);
+			sslEngine = sslContext.createSSLEngine(host, port);
+			sslEngine.setUseClientMode(!isServer);
+			sslEngine.setNeedClientAuth(verifyPeer);
+			
+			this.channel = channel;
+			
+			int netBufSize = sslEngine.getSession().getPacketBufferSize();
+			netInBuffer = ByteBuffer.allocate(netBufSize);
+			netOutBuffer = ByteBuffer.allocate(netBufSize);
+			anotherBuffer = ByteBuffer.allocate(netBufSize);
+			reset();
+		} catch (NoSuchAlgorithmException e) {
+			throw new RuntimeException("unable to start TLS: " + e.getMessage(), e);
+		} catch (UnrecoverableKeyException e) {
+			throw new RuntimeException("unable to start TLS: " + e.getMessage(), e);
+		} catch (KeyStoreException e) {
+			throw new RuntimeException("unable to start TLS: " + e.getMessage(), e);
+		} catch (KeyManagementException e) {
+			throw new RuntimeException("unable to start TLS: " + e.getMessage(), e);
+		} catch (IOException e) {
+			throw new RuntimeException("unable to start TLS: " + e.getMessage(), e);
+		}
+	}
+
+    public void reset() throws IOException {
+        netOutBuffer.position(0);
+        netOutBuffer.limit(0);
+        netInBuffer.position(0);
+        netInBuffer.limit(0);
+        handshakeComplete = false;
+        //initiate handshake
+        sslEngine.beginHandshake();
+        handshakeStatus = sslEngine.getHandshakeStatus();
+    }
+
+	public boolean handshake(SelectionKey channelKey) {
+		try {
+			int newOps = do_handshake(channelKey.isReadable(), channelKey.isWritable());
+			channelKey.interestOps(newOps);
+		} catch (IOException e) {
+			return false;
+		}
+		return true;
+	}
+
+	public boolean handshakeNeeded() {
+		return !handshakeComplete;
+	}
+	
+	private int do_handshake(boolean read, boolean write) throws IOException {
+        if (!flush(netOutBuffer)) return SelectionKey.OP_WRITE; //we still have data to write
+
+        SSLEngineResult handshake = null;
+
+        while (!handshakeComplete) {
+            switch ( handshakeStatus ) {
+                case FINISHED: {
+                    //we are complete if we have delivered the last package
+                    handshakeComplete = !netOutBuffer.hasRemaining();
+                    //return 0 if we are complete, otherwise we still have data to write
+                    return handshakeComplete?0:SelectionKey.OP_WRITE;
+                }
+                case NEED_WRAP: {
+                    //perform the wrap function
+                    handshake = handshakeWrap(write);
+                    if ( handshake.getStatus() == Status.OK ){
+                        if (handshakeStatus == HandshakeStatus.NEED_TASK)
+                            handshakeStatus = tasks();
+                    } else {
+                        //wrap should always work with our buffers
+                        throw new IOException("Unexpected status:" + handshake.getStatus() + " during handshake WRAP.");
+                    }
+                    if ( handshakeStatus != HandshakeStatus.NEED_UNWRAP || (!flush(netOutBuffer)) ) {
+                        //should actually return OP_READ if we have NEED_UNWRAP
+                        return SelectionKey.OP_WRITE;
+                    }
+                    //fall down to NEED_UNWRAP on the same call, will result in a
+                    //BUFFER_UNDERFLOW if it needs data
+                }
+                //$FALL-THROUGH$
+                case NEED_UNWRAP: {
+                    //perform the unwrap function
+                    handshake = handshakeUnwrap(read);
+                    if ( handshake.getStatus() == Status.OK ) {
+                        if (handshakeStatus == HandshakeStatus.NEED_TASK)
+                            handshakeStatus = tasks();
+                    } else if ( handshake.getStatus() == Status.BUFFER_UNDERFLOW ){
+                        //read more data, reregister for OP_READ
+                        return SelectionKey.OP_READ;
+                    } else {
+                        throw new IOException("Invalid handshake status:"+handshakeStatus+" during handshake UNWRAP.");
+                    }//switch
+                    break;
+                }
+                case NEED_TASK: {
+                    handshakeStatus = tasks();
+                    break;
+                }
+                default: throw new IllegalStateException("Invalid handshake status:"+handshakeStatus);
+            }//switch
+        }//while
+        //return 0 if we are complete, otherwise reregister for any activity that
+        //would cause this method to be called again.
+        return handshakeComplete?0:(SelectionKey.OP_WRITE|SelectionKey.OP_READ);
+	}
+	
+	
+    /**
+     * Performs the WRAP function
+     * @param doWrite boolean
+     * @return SSLEngineResult
+     * @throws IOException
+     */
+    private SSLEngineResult handshakeWrap(boolean doWrite) throws IOException {
+        //this should never be called with a network buffer that contains data
+        //so we can clear it here.
+        netOutBuffer.clear();
+        //perform the wrap
+        SSLEngineResult result = sslEngine.wrap(emptyBuf, netOutBuffer);
+        //prepare the results to be written
+        netOutBuffer.flip();
+        //set the status
+        handshakeStatus = result.getHandshakeStatus();
+        //optimization, if we do have a writable channel, write it now
+        if ( doWrite ) flush(netOutBuffer);
+        return result;
+    }
+
+    /**
+     * Perform handshake unwrap
+     * @param doread boolean
+     * @return SSLEngineResult
+     * @throws IOException
+     */
+    private SSLEngineResult handshakeUnwrap(boolean doread) throws IOException {
+
+        if (netInBuffer.position() == netInBuffer.limit()) {
+            //clear the buffer if we have emptied it out on data
+            netInBuffer.clear();
+        }
+        if ( doread )  {
+            //if we have data to read, read it
+            int read = channel.read(netInBuffer);
+            if (read == -1) throw new IOException("EOF encountered during handshake.");
+        }
+        SSLEngineResult result;
+        boolean cont = false;
+        //loop while we can perform pure SSLEngine data
+        do {
+            //prepare the buffer with the incoming data
+            netInBuffer.flip();
+            //call unwrap
+            result = sslEngine.unwrap(netInBuffer, anotherBuffer);
+            //compact the buffer, this is an optional method, wonder what would happen if we didn't
+            netInBuffer.compact();
+            //read in the status
+            handshakeStatus = result.getHandshakeStatus();
+            if ( result.getStatus() == SSLEngineResult.Status.OK &&
+                 result.getHandshakeStatus() == HandshakeStatus.NEED_TASK ) {
+                //execute tasks if we need to
+                handshakeStatus = tasks();
+            }
+            //perform another unwrap?
+            cont = result.getStatus() == SSLEngineResult.Status.OK &&
+                   handshakeStatus == HandshakeStatus.NEED_UNWRAP;
+        }while ( cont );
+        return result;
+    }
+
+    /**
+     * Executes all the tasks needed on the same thread.
+     * @return HandshakeStatus
+     */
+    private SSLEngineResult.HandshakeStatus tasks() {
+        Runnable r = null;
+        while ( (r = sslEngine.getDelegatedTask()) != null) {
+            r.run();
+        }
+        return sslEngine.getHandshakeStatus();
+    }
+    
+    protected boolean flush(ByteBuffer buf) throws IOException {
+        int remaining = buf.remaining();
+        if ( remaining > 0 ) {
+            int written = channel.write(buf);
+            return written >= remaining;
+        }else {
+            return true;
+        }
+    }
+
+	public javax.security.cert.X509Certificate getPeerCert() throws SSLPeerUnverifiedException {
+		return sslEngine.getSession().getPeerCertificateChain()[0];
+	}
+	
+    public int write(ByteBuffer src) throws IOException {
+        if (!flush(netOutBuffer)) return 0;
+
+        netOutBuffer.clear();
+
+        SSLEngineResult result = sslEngine.wrap(src, netOutBuffer);
+        int written = result.bytesConsumed();
+        netOutBuffer.flip();
+
+        if (result.getStatus() == Status.OK) {
+        	if (result.getHandshakeStatus() == HandshakeStatus.NEED_TASK)
+        		tasks();
+        } else {
+            throw new IOException("Unable to wrap data, invalid engine state: " +result.getStatus());
+        }
+
+        //force a flush
+        flush(netOutBuffer);
+
+        return written;
+    }
+    
+    public int read(ByteBuffer dst) throws IOException {
+        //did we finish our handshake?
+        if (!handshakeComplete) throw new IllegalStateException("Handshake incomplete, you must complete handshake before reading data.");
+
+        //read from the network
+        int netread = channel.read(netInBuffer);
+        //did we reach EOF? if so send EOF up one layer.
+        if (netread == -1) return -1;
+
+        //the data read
+        int read = 0;
+        //the SSL engine result
+        SSLEngineResult unwrap;
+        do {
+            //prepare the buffer
+            netInBuffer.flip();
+            //unwrap the data
+            unwrap = sslEngine.unwrap(netInBuffer, dst);
+            //compact the buffer
+            netInBuffer.compact();
+
+            if ( unwrap.getStatus()==Status.OK || unwrap.getStatus()==Status.BUFFER_UNDERFLOW ) {
+                //we did receive some data, add it to our total
+                read += unwrap.bytesProduced();
+                //perform any tasks if needed
+                if (unwrap.getHandshakeStatus() == HandshakeStatus.NEED_TASK) tasks();
+                //if we need more network data, then bail out for now.
+                if ( unwrap.getStatus() == Status.BUFFER_UNDERFLOW ) break;
+            }else if ( unwrap.getStatus()==Status.BUFFER_OVERFLOW && read>0 ) {
+                //buffer overflow can happen, if we have read data, then
+                //empty out the dst buffer before we do another read
+                break;
+            }else {
+                //here we should trap BUFFER_OVERFLOW and call expand on the buffer
+                //for now, throw an exception, as we initialized the buffers
+                //in the constructor
+                throw new IOException("Unable to unwrap data, invalid status: " + unwrap.getStatus());
+            }
+        } while ( (netInBuffer.position() != 0)); //continue to unwrapping as long as the input buffer has stuff
+        return (read);
+    }
+
+}

data/lib/em/buftok.rb

@@ -0,0 +1,110 @@
+# BufferedTokenizer takes a delimiter upon instantiation, or acts line-based
+# by default.  It allows input to be spoon-fed from some outside source which
+# receives arbitrary length datagrams which may-or-may-not contain the token
+# by which entities are delimited.
+#
+# By default, new BufferedTokenizers will operate on lines delimited by "\n" by default
+# or allow you to specify any delimiter token you so choose, which will then
+# be used by String#split to tokenize the input data
+#
+# @example Using BufferedTokernizer to parse lines out of incoming data
+#
+#   module LineBufferedConnection
+#     def receive_data(data)
+#       (@buffer ||= BufferedTokenizer.new).extract(data).each do |line|
+#         receive_line(line)
+#       end
+#     end
+#   end
+#
+# @author Tony Arcieri
+# @author Martin Emde
+class BufferedTokenizer
+  # @param [String] delimiter
+  # @param [Integer] size_limit
+  def initialize(delimiter = "\n", size_limit = nil)
+    @delimiter  = delimiter
+    @size_limit = size_limit
+
+    # The input buffer is stored as an array.  This is by far the most efficient
+    # approach given language constraints (in C a linked list would be a more
+    # appropriate data structure).  Segments of input data are stored in a list
+    # which is only joined when a token is reached, substantially reducing the
+    # number of objects required for the operation.
+    @input = []
+
+    # Size of the input buffer
+    @input_size = 0
+  end
+
+  # Extract takes an arbitrary string of input data and returns an array of
+  # tokenized entities, provided there were any available to extract.
+  #
+  # @example
+  #
+  #   tokenizer.extract(data).
+  #     map { |entity| Decode(entity) }.each { ... }
+  #
+  # @param [String] data
+  def extract(data)
+    # Extract token-delimited entities from the input string with the split command.
+    # There's a bit of craftiness here with the -1 parameter.  Normally split would
+    # behave no differently regardless of if the token lies at the very end of the
+    # input buffer or not (i.e. a literal edge case)  Specifying -1 forces split to
+    # return "" in this case, meaning that the last entry in the list represents a
+    # new segment of data where the token has not been encountered
+    entities = data.split @delimiter, -1
+
+    # Check to see if the buffer has exceeded capacity, if we're imposing a limit
+    if @size_limit
+      raise 'input buffer full' if @input_size + entities.first.size > @size_limit
+      @input_size += entities.first.size
+    end
+
+    # Move the first entry in the resulting array into the input buffer.  It represents
+    # the last segment of a token-delimited entity unless it's the only entry in the list.
+    @input << entities.shift
+
+    # If the resulting array from the split is empty, the token was not encountered
+    # (not even at the end of the buffer).  Since we've encountered no token-delimited
+    # entities this go-around, return an empty array.
+    return [] if entities.empty?
+
+    # At this point, we've hit a token, or potentially multiple tokens.  Now we can bring
+    # together all the data we've buffered from earlier calls without hitting a token,
+    # and add it to our list of discovered entities.
+    entities.unshift @input.join
+
+    # Now that we've hit a token, joined the input buffer and added it to the entities
+    # list, we can go ahead and clear the input buffer.  All of the segments that were
+    # stored before the join can now be garbage collected.
+    @input.clear
+
+    # The last entity in the list is not token delimited, however, thanks to the -1
+    # passed to split.  It represents the beginning of a new list of as-yet-untokenized
+    # data, so we add it to the start of the list.
+    @input << entities.pop
+
+    # Set the new input buffer size, provided we're keeping track
+    @input_size = @input.first.size if @size_limit
+
+    # Now we're left with the list of extracted token-delimited entities we wanted
+    # in the first place.  Hooray!
+    entities
+  end
+
+  # Flush the contents of the input buffer, i.e. return the input buffer even though
+  # a token has not yet been encountered.
+  #
+  # @return [String]
+  def flush
+    buffer = @input.join
+    @input.clear
+    buffer
+  end
+
+  # @return [Boolean]
+  def empty?
+    @input.empty?
+  end
+end

data/lib/em/callback.rb

@@ -0,0 +1,58 @@
+module EventMachine
+  # Utility method for coercing arguments to an object that responds to :call.
+  # Accepts an object and a method name to send to, or a block, or an object
+  # that responds to :call.
+  #
+  # @example EventMachine.Callback used with a block. Returns that block.
+  #
+  #  cb = EventMachine.Callback do |msg|
+  #    puts(msg)
+  #  end
+  #  # returned object is a callable
+  #  cb.call('hello world')
+  #
+  #
+  # @example EventMachine.Callback used with an object (to be more specific, class object) and a method name, returns an object that responds to #call
+  #
+  #  cb = EventMachine.Callback(Object, :puts)
+  #  # returned object is a callable that delegates to Kernel#puts (in this case Object.puts)
+  #  cb.call('hello world')
+  #
+  #
+  # @example EventMachine.Callback used with an object that responds to #call. Returns the argument.
+  #
+  #  cb = EventMachine.Callback(proc{ |msg| puts(msg) })
+  #  # returned object is a callable
+  #  cb.call('hello world')
+  #
+  #
+  # @overload Callback(object, method)
+  #   Wraps `method` invocation on `object` into an object that responds to #call that proxies all the arguments to that method
+  #   @param [Object] Object to invoke method on
+  #   @param [Symbol] Method name
+  #   @return [<#call>] An object that responds to #call that takes any number of arguments and invokes method on object with those arguments
+  #
+  # @overload Callback(object)
+  #   Returns callable object as is, without any coercion
+  #   @param [<#call>] An object that responds to #call
+  #   @return [<#call>] Its argument
+  #
+  # @overload Callback(&block)
+  #   Returns block passed to it without any coercion
+  #   @return [<#call>] Block passed to this method
+  #
+  # @raise [ArgumentError] When argument doesn't respond to #call, method name is missing or when invoked without arguments and block isn't given
+  #
+  # @return [<#call>]
+  def self.Callback(object = nil, method = nil, &blk)
+    if object && method
+      lambda { |*args| object.__send__ method, *args }
+    else
+      if object.respond_to? :call
+        object
+      else
+        blk || raise(ArgumentError)
+      end # if
+    end # if
+  end # self.Callback
+end # EventMachine

data/lib/em/channel.rb

@@ -0,0 +1,64 @@
+module EventMachine
+  # Provides a simple thread-safe way to transfer data between (typically) long running
+  # tasks in {EventMachine.defer} and event loop thread.
+  #
+  # @example
+  #
+  #  channel = EventMachine::Channel.new
+  #  sid     = channel.subscribe { |msg| p [:got, msg] }
+  #
+  #  channel.push('hello world')
+  #  channel.unsubscribe(sid)
+  #
+  #
+  class Channel
+    def initialize
+      @subs = {}
+      @uid  = 0
+    end
+
+    # Takes any arguments suitable for EM::Callback() and returns a subscriber
+    # id for use when unsubscribing.
+    #
+    # @return [Integer] Subscribe identifier
+    # @see #unsubscribe
+    def subscribe(*a, &b)
+      name = gen_id
+      EM.schedule { @subs[name] = EM::Callback(*a, &b) }
+
+      name
+    end
+
+    # Removes subscriber from the list.
+    #
+    # @param [Integer] Subscriber identifier
+    # @see #subscribe
+    def unsubscribe(name)
+      EM.schedule { @subs.delete name }
+    end
+
+    # Add items to the channel, which are pushed out to all subscribers.
+    def push(*items)
+      items = items.dup
+      EM.schedule { items.each { |i| @subs.values.each { |s| s.call i } } }
+    end
+    alias << push
+
+    # Fetches one message from the channel.
+    def pop(*a, &b)
+      EM.schedule {
+        name = subscribe do |*args|
+          unsubscribe(name)
+          EM::Callback(*a, &b).call(*args)
+        end
+      }
+    end
+
+    private
+
+    # @private
+    def gen_id
+      @uid += 1
+    end
+  end
+end