socketry 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ca5c2f89cca095c9a9512b02c3dff7d7af615af2
-  data.tar.gz: 5d4ccc55cb34dcea0bb63986882c52195a1dabc3
+  metadata.gz: 294dcb634b53400b9dbf5d7ea235dc90edac0112
+  data.tar.gz: cda272965c718f2e3bbf40d53b8f2e24f5fd817a
 SHA512:
-  metadata.gz: c7cfa8860c9e4aa4f0685d8d707f433d1d98ecdf56bad86146d8347b5480492ad51ac03e1d18035899e1ac2457f64b77f0822b91a7ca8e24af85a0262ffe1a27
-  data.tar.gz: b63f66204999a96fe018d168d9448de66d1ad97b1793c145af5b41cd4a04e806fce9cf1d84901d99872ffbf0ec9cbbd0cafded0777db4ca14e9a5ea904fff3d9
+  metadata.gz: fc8b7123299b7044881fa4164f586bac63da56d85605ff0cb1b1402ba41d1d5dc5fd163379410f5ffcbe48e4fcd4a5b64695ce095ef2b38aa4e23732afa7a2a5
+  data.tar.gz: 82278d2ed2b89ede744d2c257473a1284d5c4505d356102cb799d02b08ff741771d22092c53e8234ae6ff76d67d03b589fdde2f2e2dec68c9d3dfdebcfb65c0f

data/.rubocop.yml

@@ -37,7 +37,7 @@ Metrics/ClassLength:
   Max: 200
 
 Metrics/CyclomaticComplexity:
-  Max: 10
+  Max: 15
 
 Metrics/MethodLength:
   Max: 50
@@ -46,7 +46,7 @@ Metrics/ParameterLists:
   Enabled: false
 
 Metrics/PerceivedComplexity:
-  Max: 10
+  Max: 15
 
 #
 # Lint

data/.travis.yml

@@ -4,7 +4,7 @@ sudo: false
 bundler_args: --without development doc
 
 rvm:
-  - 2.2
+  - 2.2.6
   - 2.3.3
   - jruby-9.1.6.0
 

data/CHANGES.md

@@ -1,3 +1,13 @@
+## 0.5.0 (2016-11-26)
+
+* Require Ruby 2.2.6+ (earlier 2.2 versions had async I/O bugs)
+* Extract Socketry::SSL::Socket#accept into its own method
+* Simplify Socketry::SSL::Socket#from_socket API
+* Raise Socketry::SSL::CertificateVerifyError for certificate verification errors
+* Specs and bugfixes for Socketry::SSL::Server
+* Rename Socketry::UDP::Datagram accessors to `remote_host`, `remote_addr`, and `remote_port`
+* Update to RuboCop 0.45.0
+
 ## 0.4.0 (2016-11-25)
 
 * Specs and bugfixes for SSL sockets

data/Gemfile

@@ -11,7 +11,7 @@ end
 
 group :test do
   gem "rspec", "~> 3", require: false
-  gem "rubocop", "0.42.0", require: false
+  gem "rubocop", "0.45.0", require: false
   gem "coveralls", require: false
 end
 

data/README.md

@@ -25,12 +25,8 @@ While Socketry provides a synchronous, blocking API similar to Ruby's own
 `TCPSocket` and `UDPSocket` classes, behind the scenes it uses non-blocking I/O
 to implement thread-safe timeouts.
 
-Highly modular and pluggable, Socketry also provides the flexibility to
-seamlessly leverage [Celluloid::IO] for event-driven I/O.
-
 [timeout.rb]: http://ruby-doc.org/stdlib-2.3.1/libdoc/timeout/rdoc/Timeout.html
 [unsafe multithreaded behaviors]: http://blog.headius.com/2008/02/ruby-threadraise-threadkill-timeoutrb.html
-[Celluloid::IO]: https://github.com/celluloid/celluloid-io
 
 ## Installation
 
@@ -74,6 +70,30 @@ for more detailed documentation and usage notes.
 [YARD API documentation](http://www.rubydoc.info/gems/socketry/)
 is also available.
 
+## Supported Ruby Versions
+
+This library aims to support and is [tested against][travis] the following Ruby
+versions:
+
+* Ruby 2.2.6+
+* Ruby 2.3.x
+* JRuby 9.1.6.0+
+
+If something doesn't work on one of these versions, it's a bug.
+
+This library may inadvertently work (or seem to work) on other Ruby versions,
+however support will only be provided for the versions listed above.
+
+If you would like this library to support another Ruby version or
+implementation, you may volunteer to be a maintainer. Being a maintainer
+entails making sure all tests run and pass on that implementation. When
+something breaks on your implementation, you will be responsible for providing
+patches in a timely fashion. If critical issues for a particular implementation
+exist at the time of a major release, support for that Ruby version may be
+dropped.
+
+[travis]: http://travis-ci.org/socketry/socketry
+
 ## Contributing
 
 * Fork this repository on github

data/lib/socketry/exceptions.rb

@@ -31,7 +31,10 @@ module Socketry
     # Errors related to SSL
     Error = Class.new(Socketry::Error)
 
+    # Certificate could not be verified
+    CertificateVerifyError = Class.new(Socketry::SSL::Error)
+
     # Hostname verification error
-    HostnameError = Class.new(Socketry::SSL::Error)
+    HostnameError = Class.new(CertificateVerifyError)
   end
 end

data/lib/socketry/resolver/resolv.rb

@@ -45,7 +45,7 @@ module Socketry
         when Integer, Float
           @resolver.timeouts = timeout
         when NilClass
-          # no timeout
+          nil # no timeout
         else raise TypeError, "expected Numeric, got #{timeout.class}"
         end
 

data/lib/socketry/ssl/server.rb

@@ -12,17 +12,13 @@ module Socketry
         hostname_or_port,
         port = nil,
         ssl_socket_class: OpenSSL::SSL::SSLSocket,
-        ssl_context: OpenSSL::SSL::SSLContext.new,
         ssl_params: nil,
         **args
       )
-        raise TypeError, "invalid SSL context (#{ssl_context.class})" unless ssl_context.is_a?(OpenSSL::SSL::SSLContext)
         raise TypeError, "expected Hash, got #{ssl_params.class}" if ssl_params && !ssl_params.is_a?(Hash)
 
         @ssl_socket_class = ssl_socket_class
-        @ssl_context = ssl_context
-        @ssl_context.set_params(ssl_params) if ssl_params && !ssl_params.empty?
-        @ssl_context.freeze
+        @ssl_params = ssl_params
 
         super(hostname_or_port, port, **args)
       end
@@ -36,28 +32,21 @@ module Socketry
       # to ensure a slow/malicious connection can't cause a denial-of-service
       # attack against the server.
       #
-      # @param timeout [Numeric, NilClass] seconds to wait before aborting the accept
+      # @param timeout [Numeric, NilClass] (default nil, unlimited) seconds to wait before aborting the accept
+      #
       # @return [Socketry::SSL::Socket]
       def accept(timeout: nil, **args)
-        ruby_socket = super(timeout: timeout, **args).to_io
-        ssl_socket  = @ssl_socket_class.new(ruby_socket, @ssl_context)
+        tcp_socket = super(timeout: timeout, **args)
 
-        begin
-          ssl_socket.accept_nonblock
-        rescue IO::WaitReadable
-          retry if IO.select([ruby_socket], nil, nil, timeout)
-          raise Socketry::TimeoutError, "failed to complete handshake after #{timeout} seconds"
-        rescue IO::WaitWritable
-          retry if IO.select(nil, [ruby_socket], nil, timeout)
-          raise Socketry::TimeoutError, "failed to complete handshake after #{timeout} seconds"
-        end
+        ssl_socket = Socketry::SSL::Socket.new(
+          read_timeout:     @read_timeout,
+          write_timeout:    @write_timeout,
+          resolver:         @resolver,
+          ssl_socket_class: @ssl_socket_class,
+          ssl_params:       @ssl_params
+        )
 
-        Socketry::SSL::Socket.new(
-          read_timeout:  @read_timeout,
-          write_timeout: @write_timeout,
-          resolver:      @resolver,
-          socket_class:  @socket_class
-        ).from_socket(ruby_socket)
+        ssl_socket.accept(tcp_socket, timeout: timeout)
       end
     end
   end

data/lib/socketry/ssl/socket.rb

@@ -15,6 +15,7 @@ module Socketry
       # @param ssl_socket_class [Object] Class which provides the underlying SSL implementation
       # @param ssl_context [OpenSSL::SSL::SSLContext] SSL configuration object
       # @param ssL_params [Hash] Parameter hash to set on the given SSL context
+      #
       # @return [Socketry::SSL::Socket]
       def initialize(
         ssl_socket_class: OpenSSL::SSL::SSLSocket,
@@ -44,6 +45,7 @@ module Socketry
       # @param timeout [Numeric] Number of seconds to wait before aborting connect
       # @param enable_sni [true, false] (default: true) Enables Server Name Indication (SNI)
       # @param verify_hostname [true, false] (default: true) Ensure server's hostname matches cert
+      #
       # @raise [Socketry::AddressError] an invalid address was given
       # @raise [Socketry::TimeoutError] connect operation timed out
       # @raise [Socketry::SSL::Error] an error occurred negotiating an SSL connection
@@ -59,8 +61,9 @@ module Socketry
       )
         super(remote_addr, remote_port, local_addr: local_addr, local_port: local_port, timeout: timeout)
 
-        @ssl_socket = OpenSSL::SSL::SSLSocket.new(@socket, @ssl_context)
+        @ssl_socket = @ssl_socket_class.new(@socket, @ssl_context)
         @ssl_socket.hostname = remote_addr if enable_sni
+        @ssl_socket.sync_close = true
 
         begin
           @ssl_socket.connect_nonblock
@@ -71,6 +74,7 @@ module Socketry
           retry if @socket.wait_writable(timeout)
           raise Socketry::TimeoutError, "connection to #{remote_addr}:#{remote_port} timed out"
         rescue OpenSSL::SSL::SSLError => ex
+          raise Socketry::SSL::CertificateVerifyError, ex.message if ex.message.include?("certificate verify failed")
           raise Socketry::SSL::Error, ex.message, ex.backtrace
         end
 
@@ -89,17 +93,39 @@ module Socketry
         raise ex
       end
 
+      # Accept an SSL connection from a Socketry or Ruby socket
+      #
+      # @param tcp_socket [TCPSocket, Socketry::TCP::Socket] raw TCP socket to begin SSL handshake with
+      # @param timeout [Numeric, NilClass] (default nil, unlimited) seconds to wait before aborting the accept
+      #
+      # @return [self]
+      def accept(tcp_socket, timeout: nil)
+        tcp_socket = IO.try_convert(tcp_socket) || raise(TypeError, "couldn't convert #{tcp_socket.class} to IO")
+        ssl_socket = @ssl_socket_class.new(tcp_socket, @ssl_context)
+
+        begin
+          ssl_socket.accept_nonblock
+        rescue IO::WaitReadable
+          retry if IO.select([tcp_socket], nil, nil, timeout)
+          raise Socketry::TimeoutError, "failed to complete handshake after #{timeout} seconds"
+        rescue IO::WaitWritable
+          retry if IO.select(nil, [tcp_socket], nil, timeout)
+          raise Socketry::TimeoutError, "failed to complete handshake after #{timeout} seconds"
+        end
+
+        from_socket(ssl_socket)
+      end
+
       # Wrap a Ruby OpenSSL::SSL::SSLSocket (or other low-level SSL socket)
       #
-      # @param socket [::Socket] (or specified socket_class) low-level socket to wrap
       # @param ssl_socket [OpenSSL::SSL::SSLSocket] SSL socket class associated with this socket
+      #
       # @return [self]
-      def from_socket(socket, ssl_socket)
-        raise TypeError, "expected #{@socket_class}, got #{socket.class}" unless socket.is_a?(@socket_class)
+      def from_socket(ssl_socket)
         raise TypeError, "expected #{@ssl_socket_class}, got #{ssl_socket.class}" unless ssl_socket.is_a?(@ssl_socket_class)
-        raise StateError, "already connected" if @socket && @socket != socket
+        raise StateError, "already connected" if @socket
 
-        @socket = socket
+        @socket = ssl_socket.to_io
         @ssl_socket = ssl_socket
         @ssl_socket.sync_close = true
 
@@ -110,6 +136,7 @@ module Socketry
       #
       # @param size [Fixnum] number of bytes to attempt to read
       # @param outbuf [String, NilClass] an optional buffer into which data should be read
+      #
       # @raise [Socketry::Error] an I/O operation failed
       # @return [String, :wait_readable] data read, or :wait_readable if operation would block
       def read_nonblock(size, outbuf: nil)
@@ -125,6 +152,7 @@ module Socketry
       # Perform a non-blocking write operation
       #
       # @param data [String] number of bytes to attempt to read
+      #
       # @raise [Socketry::Error] an I/O operation failed
       # @return [Fixnum, :wait_writable] number of bytes written, or :wait_writable if op would block
       def write_nonblock(data)

data/lib/socketry/udp/datagram.rb

@@ -5,14 +5,14 @@ module Socketry
   module UDP
     # Represents a received UDP message
     class Datagram
-      attr_reader :message, :sockaddr, :host, :addr, :port
+      attr_reader :message, :sockaddr, :remote_host, :remote_addr, :remote_port
 
       def initialize(message, sockaddr)
         @message  = message
         @sockaddr = sockaddr
-        @port     = sockaddr[1]
-        @host     = sockaddr[2]
-        @addr     = sockaddr[3]
+        @remote_port = sockaddr[1]
+        @remote_host = sockaddr[2]
+        @remote_addr = sockaddr[3]
       end
 
       def addrinfo

data/lib/socketry/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Socketry
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

data/socketry.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.required_ruby_version = ">= 2.2.2"
+  spec.required_ruby_version = ">= 2.2.6"
 
   spec.add_runtime_dependency "hitimes", ">= 1.2"
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: socketry
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Tony Arcieri
@@ -82,7 +82,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.2.2
+      version: 2.2.6
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -90,7 +90,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: High-level wrappers for Ruby sockets with advanced thread-safe timeout support