sensu-em 2.2.0-java → 2.3.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/eventmachine.gemspec +1 -1
- data/ext/cmain.cpp +2 -2
- data/ext/ed.cpp +4 -2
- data/ext/ed.h +3 -2
- data/ext/eventmachine.h +1 -1
- data/ext/rubymain.cpp +3 -3
- data/ext/ssl.cpp +9 -4
- data/ext/ssl.h +3 -2
- data/lib/em/connection.rb +5 -3
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f09205f6fba5d147db5b27cfdfa77d645dd1228e
|
4
|
+
data.tar.gz: 51a553a57bfc42b954a683618cc9831f4ed2149e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e1018edb1761ff8cc28bebcbac3f09c336501cca74ab0134aaac552e1ab7429ec4c0ee0f8cf3532a3c45d6a68efb66d4b0b8d9877be86d6a6a65bdd2b6f1840c
|
7
|
+
data.tar.gz: 6bec10ce68ff077ae80474bf260a0fccf0187bd21a6c285199b45eeabe0768e66912e41595d2ab5234db20e6c13bd4f4283fe889f831d94538a457b6510552d6
|
data/eventmachine.gemspec
CHANGED
data/ext/cmain.cpp
CHANGED
@@ -443,12 +443,12 @@ extern "C" void evma_start_tls (const unsigned long binding)
|
|
443
443
|
evma_set_tls_parms
|
444
444
|
******************/
|
445
445
|
|
446
|
-
extern "C" void evma_set_tls_parms (const unsigned long binding, const char *privatekey_filename, const char *certchain_filename, int verify_peer)
|
446
|
+
extern "C" void evma_set_tls_parms (const unsigned long binding, const char *privatekey_filename, const char *certchain_filename, int verify_peer, int use_tls)
|
447
447
|
{
|
448
448
|
ensure_eventmachine("evma_set_tls_parms");
|
449
449
|
EventableDescriptor *ed = dynamic_cast <EventableDescriptor*> (Bindable_t::GetObject (binding));
|
450
450
|
if (ed)
|
451
|
-
ed->SetTlsParms (privatekey_filename, certchain_filename, (verify_peer == 1 ? true : false));
|
451
|
+
ed->SetTlsParms (privatekey_filename, certchain_filename, (verify_peer == 1 ? true : false), (use_tls == 1 ? true : false));
|
452
452
|
}
|
453
453
|
|
454
454
|
/******************
|
data/ext/ed.cpp
CHANGED
@@ -383,6 +383,7 @@ ConnectionDescriptor::ConnectionDescriptor (int sd, EventMachine_t *em):
|
|
383
383
|
SslBox (NULL),
|
384
384
|
bHandshakeSignaled (false),
|
385
385
|
bSslVerifyPeer (false),
|
386
|
+
bSslUseTls (false),
|
386
387
|
bSslPeerAccepted(false),
|
387
388
|
#endif
|
388
389
|
#ifdef HAVE_KQUEUE
|
@@ -1141,7 +1142,7 @@ void ConnectionDescriptor::StartTls()
|
|
1141
1142
|
if (SslBox)
|
1142
1143
|
throw std::runtime_error ("SSL/TLS already running on connection");
|
1143
1144
|
|
1144
|
-
SslBox = new SslBox_t (bIsServer, PrivateKeyFilename, CertChainFilename, bSslVerifyPeer, GetBinding());
|
1145
|
+
SslBox = new SslBox_t (bIsServer, PrivateKeyFilename, CertChainFilename, bSslVerifyPeer, bSslUseTls, GetBinding());
|
1145
1146
|
_DispatchCiphertext();
|
1146
1147
|
#endif
|
1147
1148
|
|
@@ -1155,7 +1156,7 @@ void ConnectionDescriptor::StartTls()
|
|
1155
1156
|
ConnectionDescriptor::SetTlsParms
|
1156
1157
|
*********************************/
|
1157
1158
|
|
1158
|
-
void ConnectionDescriptor::SetTlsParms (const char *privkey_filename, const char *certchain_filename, bool verify_peer)
|
1159
|
+
void ConnectionDescriptor::SetTlsParms (const char *privkey_filename, const char *certchain_filename, bool verify_peer, bool use_tls)
|
1159
1160
|
{
|
1160
1161
|
#ifdef WITH_SSL
|
1161
1162
|
if (SslBox)
|
@@ -1165,6 +1166,7 @@ void ConnectionDescriptor::SetTlsParms (const char *privkey_filename, const char
|
|
1165
1166
|
if (certchain_filename && *certchain_filename)
|
1166
1167
|
CertChainFilename = certchain_filename;
|
1167
1168
|
bSslVerifyPeer = verify_peer;
|
1169
|
+
bSslUseTls = use_tls;
|
1168
1170
|
#endif
|
1169
1171
|
|
1170
1172
|
#ifdef WITHOUT_SSL
|
data/ext/ed.h
CHANGED
@@ -69,7 +69,7 @@ class EventableDescriptor: public Bindable_t
|
|
69
69
|
virtual bool GetSubprocessPid (pid_t*) {return false;}
|
70
70
|
|
71
71
|
virtual void StartTls() {}
|
72
|
-
virtual void SetTlsParms (const char
|
72
|
+
virtual void SetTlsParms (const char *privkey_filename, const char *certchain_filename, bool verify_peer, bool use_tls) {}
|
73
73
|
|
74
74
|
#ifdef WITH_SSL
|
75
75
|
virtual X509 *GetPeerCert() {return NULL;}
|
@@ -193,7 +193,7 @@ class ConnectionDescriptor: public EventableDescriptor
|
|
193
193
|
virtual int GetOutboundDataSize() {return OutboundDataSize;}
|
194
194
|
|
195
195
|
virtual void StartTls();
|
196
|
-
virtual void SetTlsParms (const char *privkey_filename, const char *certchain_filename, bool verify_peer);
|
196
|
+
virtual void SetTlsParms (const char *privkey_filename, const char *certchain_filename, bool verify_peer, bool use_tls);
|
197
197
|
|
198
198
|
#ifdef WITH_SSL
|
199
199
|
virtual X509 *GetPeerCert();
|
@@ -239,6 +239,7 @@ class ConnectionDescriptor: public EventableDescriptor
|
|
239
239
|
std::string PrivateKeyFilename;
|
240
240
|
bool bHandshakeSignaled;
|
241
241
|
bool bSslVerifyPeer;
|
242
|
+
bool bSslUseTls;
|
242
243
|
bool bSslPeerAccepted;
|
243
244
|
#endif
|
244
245
|
|
data/ext/eventmachine.h
CHANGED
@@ -67,7 +67,7 @@ extern "C" {
|
|
67
67
|
const unsigned long evma_attach_sd (int sd);
|
68
68
|
const unsigned long evma_open_datagram_socket (const char *server, int port);
|
69
69
|
const unsigned long evma_open_keyboard();
|
70
|
-
void evma_set_tls_parms (const unsigned long binding, const char *privatekey_filename, const char *certchain_filenane, int verify_peer);
|
70
|
+
void evma_set_tls_parms (const unsigned long binding, const char *privatekey_filename, const char *certchain_filenane, int verify_peer, int use_tls);
|
71
71
|
void evma_start_tls (const unsigned long binding);
|
72
72
|
|
73
73
|
#ifdef WITH_SSL
|
data/ext/rubymain.cpp
CHANGED
@@ -311,14 +311,14 @@ static VALUE t_start_tls (VALUE self, VALUE signature)
|
|
311
311
|
t_set_tls_parms
|
312
312
|
***************/
|
313
313
|
|
314
|
-
static VALUE t_set_tls_parms (VALUE self, VALUE signature, VALUE privkeyfile, VALUE certchainfile, VALUE verify_peer)
|
314
|
+
static VALUE t_set_tls_parms (VALUE self, VALUE signature, VALUE privkeyfile, VALUE certchainfile, VALUE verify_peer, VALUE use_tls)
|
315
315
|
{
|
316
316
|
/* set_tls_parms takes a series of positional arguments for specifying such things
|
317
317
|
* as private keys and certificate chains.
|
318
318
|
* It's expected that the parameter list will grow as we add more supported features.
|
319
319
|
* ALL of these parameters are optional, and can be specified as empty or NULL strings.
|
320
320
|
*/
|
321
|
-
evma_set_tls_parms (NUM2ULONG (signature), StringValuePtr (privkeyfile), StringValuePtr (certchainfile), (verify_peer == Qtrue ? 1 : 0));
|
321
|
+
evma_set_tls_parms (NUM2ULONG (signature), StringValuePtr (privkeyfile), StringValuePtr (certchainfile), (verify_peer == Qtrue ? 1 : 0), (use_tls == Qtrue ? 1 : 0));
|
322
322
|
return Qnil;
|
323
323
|
}
|
324
324
|
|
@@ -1224,7 +1224,7 @@ extern "C" void Init_rubyeventmachine()
|
|
1224
1224
|
rb_define_module_function (EmModule, "stop_tcp_server", (VALUE(*)(...))t_stop_server, 1);
|
1225
1225
|
rb_define_module_function (EmModule, "start_unix_server", (VALUE(*)(...))t_start_unix_server, 1);
|
1226
1226
|
rb_define_module_function (EmModule, "attach_sd", (VALUE(*)(...))t_attach_sd, 1);
|
1227
|
-
rb_define_module_function (EmModule, "set_tls_parms", (VALUE(*)(...))t_set_tls_parms,
|
1227
|
+
rb_define_module_function (EmModule, "set_tls_parms", (VALUE(*)(...))t_set_tls_parms, 5);
|
1228
1228
|
rb_define_module_function (EmModule, "start_tls", (VALUE(*)(...))t_start_tls, 1);
|
1229
1229
|
rb_define_module_function (EmModule, "get_peer_cert", (VALUE(*)(...))t_get_peer_cert, 1);
|
1230
1230
|
rb_define_module_function (EmModule, "send_data", (VALUE(*)(...))t_send_data, 3);
|
data/ext/ssl.cpp
CHANGED
@@ -120,7 +120,7 @@ static void InitializeDefaultCredentials()
|
|
120
120
|
SslContext_t::SslContext_t
|
121
121
|
**************************/
|
122
122
|
|
123
|
-
SslContext_t::SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile):
|
123
|
+
SslContext_t::SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile, bool use_tls):
|
124
124
|
pCtx (NULL),
|
125
125
|
PrivateKey (NULL),
|
126
126
|
Certificate (NULL)
|
@@ -145,7 +145,11 @@ SslContext_t::SslContext_t (bool is_server, const string &privkeyfile, const str
|
|
145
145
|
}
|
146
146
|
|
147
147
|
bIsServer = is_server;
|
148
|
-
|
148
|
+
if (use_tls)
|
149
|
+
pCtx = SSL_CTX_new (is_server ? TLSv1_server_method() : TLSv1_client_method());
|
150
|
+
else
|
151
|
+
pCtx = SSL_CTX_new (is_server ? SSLv23_server_method() : SSLv23_client_method());
|
152
|
+
|
149
153
|
if (!pCtx)
|
150
154
|
throw std::runtime_error ("no SSL context");
|
151
155
|
|
@@ -216,10 +220,11 @@ SslContext_t::~SslContext_t()
|
|
216
220
|
SslBox_t::SslBox_t
|
217
221
|
******************/
|
218
222
|
|
219
|
-
SslBox_t::SslBox_t (bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer, const unsigned long binding):
|
223
|
+
SslBox_t::SslBox_t (bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer, bool use_tls, const unsigned long binding):
|
220
224
|
bIsServer (is_server),
|
221
225
|
bHandshakeCompleted (false),
|
222
226
|
bVerifyPeer (verify_peer),
|
227
|
+
bUseTls (use_tls),
|
223
228
|
pSSL (NULL),
|
224
229
|
pbioRead (NULL),
|
225
230
|
pbioWrite (NULL)
|
@@ -228,7 +233,7 @@ SslBox_t::SslBox_t (bool is_server, const string &privkeyfile, const string &cer
|
|
228
233
|
* a new one every time we come here.
|
229
234
|
*/
|
230
235
|
|
231
|
-
Context = new SslContext_t (bIsServer, privkeyfile, certchainfile);
|
236
|
+
Context = new SslContext_t (bIsServer, privkeyfile, certchainfile, use_tls);
|
232
237
|
assert (Context);
|
233
238
|
|
234
239
|
pbioRead = BIO_new (BIO_s_mem());
|
data/ext/ssl.h
CHANGED
@@ -33,7 +33,7 @@ class SslContext_t
|
|
33
33
|
class SslContext_t
|
34
34
|
{
|
35
35
|
public:
|
36
|
-
SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile);
|
36
|
+
SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile, bool use_tls);
|
37
37
|
virtual ~SslContext_t();
|
38
38
|
|
39
39
|
private:
|
@@ -57,7 +57,7 @@ class SslBox_t
|
|
57
57
|
class SslBox_t
|
58
58
|
{
|
59
59
|
public:
|
60
|
-
SslBox_t (bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer, const unsigned long binding);
|
60
|
+
SslBox_t (bool is_server, const string &privkeyfile, const string &certchainfile, bool verify_peer, bool use_tls, const unsigned long binding);
|
61
61
|
virtual ~SslBox_t();
|
62
62
|
|
63
63
|
int PutPlaintext (const char*, int);
|
@@ -78,6 +78,7 @@ class SslBox_t
|
|
78
78
|
bool bIsServer;
|
79
79
|
bool bHandshakeCompleted;
|
80
80
|
bool bVerifyPeer;
|
81
|
+
bool bUseTls;
|
81
82
|
SSL *pSSL;
|
82
83
|
BIO *pbioRead;
|
83
84
|
BIO *pbioWrite;
|
data/lib/em/connection.rb
CHANGED
@@ -376,10 +376,12 @@ module EventMachine
|
|
376
376
|
#
|
377
377
|
# @option args [String] :private_key_file (nil) local path of a readable file that must contain a private key in the [PEM format](http://en.wikipedia.org/wiki/Privacy_Enhanced_Mail).
|
378
378
|
#
|
379
|
-
# @option args [
|
379
|
+
# @option args [Boolean] :verify_peer (false) indicates whether a server should request a certificate from a peer, to be verified by user code.
|
380
380
|
# If true, the {#ssl_verify_peer} callback on the {EventMachine::Connection} object is called with each certificate
|
381
381
|
# in the certificate chain provided by the peer. See documentation on {#ssl_verify_peer} for how to use this.
|
382
382
|
#
|
383
|
+
# @option args [Boolean] :use_tls (false) indicates whether TLS or SSL must be offered to the peer. If true TLS is used, SSL otherwise.
|
384
|
+
#
|
383
385
|
# @example Using TLS with EventMachine
|
384
386
|
#
|
385
387
|
# require 'rubygems'
|
@@ -404,7 +406,7 @@ module EventMachine
|
|
404
406
|
#
|
405
407
|
# @see #ssl_verify_peer
|
406
408
|
def start_tls args={}
|
407
|
-
priv_key, cert_chain, verify_peer = args.values_at(:private_key_file, :cert_chain_file, :verify_peer)
|
409
|
+
priv_key, cert_chain, verify_peer, use_tls = args.values_at(:private_key_file, :cert_chain_file, :verify_peer, :use_tls)
|
408
410
|
|
409
411
|
[priv_key, cert_chain].each do |file|
|
410
412
|
next if file.nil? or file.empty?
|
@@ -412,7 +414,7 @@ module EventMachine
|
|
412
414
|
"Could not find #{file} for start_tls" unless File.exists? file
|
413
415
|
end
|
414
416
|
|
415
|
-
EventMachine::set_tls_parms(@signature, priv_key || '', cert_chain || '', verify_peer)
|
417
|
+
EventMachine::set_tls_parms(@signature, priv_key || '', cert_chain || '', verify_peer, (use_tls ? true : false))
|
416
418
|
EventMachine::start_tls @signature
|
417
419
|
end
|
418
420
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sensu-em
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.3.0
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Francis Cianfrocca
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2014-06-
|
12
|
+
date: 2014-06-08 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rake-compiler
|