simplerpc 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/simplerpc/server.rb +12 -6
  3. data/lib/simplerpc.rb +1 -1
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 521bfa515c7830eb4eca67649e054da956972994
4
- data.tar.gz: 7d31d733d09bc81671c773eb0019c1facc392a0c
3
+ metadata.gz: 52022e8918debc2f49826eece8e11e9574e2f95d
4
+ data.tar.gz: 2f0e477006ea17a446215935cc3e7c87269a0a66
5
5
  SHA512:
6
- metadata.gz: 2f94ccd55a711885d245a67c173b3433fadc8463679c2ff1170f7c0e9a8cb50ca62f25b3071e43dc24fa77df4f1cb25b43030456bcc18e6f4a9b0d1a4d298db8
7
- data.tar.gz: b4edb70aa87f803b57c08a38dd8e13db1c817916f6d3fdc82337a16e40dbffef26122eb056adcc17b67053688b73a064b8776b73c2a8b6487b58f140deb110bb
6
+ metadata.gz: c593b4f3e3214db8d174f24acff198434ec9239b226baa8fa34ac11a49c6cb85c3c52c49facdad515d9c84a78cde459893d78de60af956bbb03e28f653dd37f9
7
+ data.tar.gz: 3805c2bea6266ef4312f4984358d47ad003562ddb60cdc1cb0024dcf2689f5f9c8f9dc26345e65500e0f0ece2c1e7518c7d73e4c7295f5aac75b6047e11e0e48
data/lib/simplerpc/server.rb CHANGED
@@ -125,6 +125,7 @@ module SimpleRPC
125
125
 
126
126
  # Auth
127
127
  if opts[:password] && opts[:secret]
128
+ require 'securerandom'
128
129
  require 'simplerpc/encryption'
129
130
  @password = opts[:password]
130
131
  @secret = opts[:secret]
@@ -156,7 +157,7 @@ module SimpleRPC
156
157
 
157
158
  # Handle clients
158
159
  loop do
159
-
160
+
160
161
  # Accept in an interruptable manner
161
162
  if (c = interruptable_accept(s))
162
163
  # Threaded
@@ -256,10 +257,15 @@ module SimpleRPC
256
257
  # Encrypted password auth
257
258
  if @password && @secret
258
259
  begin
259
- # Send challenge
260
- # XXX: this is notably not crytographically random,
261
- # but it's better than nothing against replay attacks
262
- salt = Random.new.bytes(@salt_size)
260
+ # Send challenge,
261
+ # try secure random data, but fall back to insecure.
262
+ # TODO: also alert the user, or make this fallback optional.
263
+ salt = ''
264
+ begin
265
+ salt = SecureRandom.random_bytes(@salt_size)
266
+ rescue NotImplementedError
267
+ salt = Random.new.bytes(@salt_size)
268
+ end
263
269
  SocketProtocol::Simple.send(c, salt, @timeout)
264
270
 
265
271
  # Receive encrypted challenge
@@ -349,7 +355,7 @@ module SimpleRPC
349
355
  end
350
356
  @port = s.addr[1]
351
357
 
352
- s.setsockopt(Socket::SOL_SOCKET,Socket::SO_REUSEADDR, true)
358
+ s.setsockopt(Socket::SOL_SOCKET, Socket::SO_REUSEADDR, true)
353
359
 
354
360
  return s
355
361
  end
data/lib/simplerpc.rb CHANGED
@@ -15,6 +15,6 @@ require 'simplerpc/client'
15
15
  # and including it includes all other project files
16
16
  module SimpleRPC
17
17
 
18
- VERSION = '0.2.1'
18
+ VERSION = '0.2.3'
19
19
 
20
20
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: simplerpc
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.2
4
+ version: 0.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Stephen Wattam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-05-30 00:00:00.000000000 Z
11
+ date: 2013-08-15 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: A very simple and fast RPC library
14
14
  email: stephenwattam@gmail.com
@@ -42,7 +42,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
42
42
  version: '0'
43
43
  requirements: []
44
44
  rubyforge_project:
45
- rubygems_version: 2.0.2
45
+ rubygems_version: 2.0.3
46
46
  signing_key:
47
47
  specification_version: 4
48
48
  summary: Simple RPC library