stomp 1.4.0 → 1.4.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: d2b75bd10087d8cb1789c73298bad9b9d9451128
+  data.tar.gz: 627b99bc57543821f249e888580658d9b738784a
+SHA512:
+  metadata.gz: 317386822ea243835a726e445e374146e72e467006af12d15c937d458fa219d8d77140cd08b7a112afa995cdb72c98b953476d06d5790f068346c72bbfef4ef6
+  data.tar.gz: 38d759077e04d9b0f8a35cd9af485692770a98d87b14930f582d71bfdd02a44fdd14813b46b62b5a7cdf03264c4dcd62b08271cc58cf56061c839edda3b7c080

data/CHANGELOG.md

@@ -1,5 +1,14 @@
 # Stomp Gem Change Log
 
+## 1.4.1 20160623
+
+* Add call to #post_connection_check to normal SSL processing.  This change
+  further validates the name of the broker connected to.  This change adds to
+  the current SSL connection processing logic, and is **highly recommended**.  In the
+  case a client cannot tolerate this logic, it can be disabled by adding
+  :ssl_post_conn_check => false to the connection hash.
+* Fix typo in SSL failure recovery processing.
+
 ## 1.4.0 20160608
 
 * Connection parameter :parse_timeout now means IO:select wait time for socket

data/README.md

@@ -44,6 +44,7 @@ An implementation of the Stomp protocol for Ruby. See:
         :tcp_nodelay => true,               # Turns on the TCP_NODELAY socket option; disables Nagle's algorithm
         :start_timeout => 0,                # Timeout around Stomp::Client initialization
         :sslctx_newparm => nil,             # Param for SSLContext.new
+        :ssl_post_conn_check => true,       # Further verify broker identity
       }
 
       # for a client
@@ -92,6 +93,7 @@ A Stomp URL must begin with 'stomp://' and can be in one of the following forms:
 
 See _CHANGELOG.rdoc_ for details.
 
+* Gem version 1.4.1. Important SSL changes !: see CHANGELOG.md for details.
 * Gem version 1.4.0. Note: Change sementics of :parse_timeout, see CHANGELOG.md for details.
 * Gem version 1.3.5. Miscellaneous fixes, see CHANGELOG.rdoc for details.
 * Gem version 1.3.4. Miscellaneous fixes, see CHANGELOG.rdoc for details.
@@ -289,7 +291,7 @@ Thiago Morello
 2009-12-25
 </td>
 <td style="border: 1px solid black;padding-left: 10px;" >
-(0344)
+(0362)
 </td>
 <td style="border: 1px solid black;padding-left: 10px;" >
 <span style="font-weight: bold;" >

data/examples/ssl_uc1.rb

@@ -21,12 +21,15 @@ require "stomp"
 class ExampleSSL1
   # Initialize.
   def initialize
+		@host = ENV['STOMP_HOST'] ? ENV['STOMP_HOST'] : "localhost"
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61612
   end
   # Run example.
   def run
+		puts "Connect host: #{@host}, port: #{@port}"
     ssl_opts = Stomp::SSLParams.new
     hash = { :hosts => [
-        {:login => 'guest', :passcode => 'guest', :host => 'localhost', :port => 61612, :ssl => ssl_opts},
+        {:login => 'guest', :passcode => 'guest', :host => @host, :port => @port, :ssl => ssl_opts},
       ],
       :reliable => false, # YMMV, to test this in a sane manner
     }

data/examples/ssl_uc2.rb

@@ -21,19 +21,25 @@ require "stomp"
 class ExampleSSL2
   # Initialize.
   def initialize
+		# Change the following to the location of the cert file(s).
+		@cert_loc = "/ad3/gma/sslwork/2013"
+		@host = ENV['STOMP_HOST'] ? ENV['STOMP_HOST'] : "localhost"
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61612
   end
   # Run example.
   def run
+		puts "Connect host: #{@host}, port: #{@port}"
+
     ts_flist = []
 
-    # Change the following to the location of the server's CA signed certificate.
-    ts_flist << "/home/gmallard/sslwork/2013/TestCA.crt"
+    # Possibly change the cert file(s) name(s) here.
+		ts_flist << "#{@cert_loc}/TestCA.crt"
 
     ssl_opts = Stomp::SSLParams.new(:ts_files => ts_flist.join(","), 
       :fsck => true)
     #
     hash = { :hosts => [
-        {:login => 'guest', :passcode => 'guest', :host => 'localhost', :port => 61612, :ssl => ssl_opts},
+        {:login => 'guest', :passcode => 'guest', :host => @host, :port => @port, :ssl => ssl_opts},
       ],
       :reliable => false, # YMMV, to test this in a sane manner
     }

data/examples/ssl_uc3.rb

@@ -23,21 +23,25 @@ require "stomp"
 class ExampleSSL3
   # Initialize.
   def initialize
+		# Change the following to the location of the cert file(s).
+		@cert_loc = "/ad3/gma/sslwork/2013"
+		@host = ENV['STOMP_HOST'] ? ENV['STOMP_HOST'] : "localhost"
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61612
   end
   # Run example.
   def run
-    # Change the following:
-    # * location of the client's signed certificate
-    # * location of the client's private key.
+		puts "Connect host: #{@host}, port: #{@port}"
+
+    # Possibly change the cert file(s) name(s) here.    
     ssl_opts = Stomp::SSLParams.new(
-      :key_file => "/home/gmallard/sslwork/2013/client.key", # the client's private key
-      :cert_file => "/home/gmallard/sslwork/2013/client.crt", # the client's signed certificate
+      :key_file => "#{@cert_loc}/client.key", # the client's private key
+      :cert_file => "#{@cert_loc}/client.crt", # the client's signed certificate
       :fsck => true # Check that the files exist first
     )
 
     #
     hash = { :hosts => [
-        {:login => 'guest', :passcode => 'guest', :host => 'localhost', :port => 61612, :ssl => ssl_opts},
+        {:login => 'guest', :passcode => 'guest', :host => @host, :port => @port, :ssl => ssl_opts},
       ],
       :reliable => false, # YMMV, to test this in a sane manner
     }

data/examples/ssl_uc4.rb

@@ -23,22 +23,25 @@ require "stomp"
 class ExampleSSL4
   # Initialize.
   def initialize
+		# Change the following to the location of the cert file(s).
+		@cert_loc = "/ad3/gma/sslwork/2013"
+		@host = ENV['STOMP_HOST'] ? ENV['STOMP_HOST'] : "localhost"
+		@port = ENV['STOMP_PORT'] ? ENV['STOMP_PORT'].to_i : 61612
   end
   # Run example.
   def run
-    # Change the following:
-    # * location of the client's private key
-    # * location of the client's signed certificate
-    # * location of the server's CA signed certificate
+		puts "Connect host: #{@host}, port: #{@port}"
+
+    # Possibly change the cert file(s) name(s) here.    
     ssl_opts = Stomp::SSLParams.new(
-      :key_file => "/home/gmallard/sslwork/2013/client.key", # The client's private key
-      :cert_file => "/home/gmallard/sslwork/2013/client.crt", # The client's signed certificate
-      :ts_files => "/home/gmallard/sslwork/2013/TestCA.crt", # The CA's signed sertificate
+      :key_file => "#{@cert_loc}/client.key", # The client's private key
+      :cert_file => "#{@cert_loc}/client.crt", # The client's signed certificate
+      :ts_files => "#{@cert_loc}/TestCA.crt", # The CA's signed sertificate
       :fsck => true # Check that files exist first
     )
     #
     hash = { :hosts => [
-        {:login => 'guest', :passcode => 'guest', :host => 'localhost', :port => 61612, :ssl => ssl_opts},
+        {:login => 'guest', :passcode => 'guest', :host => @host, :port => @port, :ssl => ssl_opts},
       ],
       :reliable => false, # YMMV, to test this in a sane manner
     }

data/lib/connection/netio.rb

@@ -347,6 +347,9 @@ module Stomp
             ssl.hostname = @host if ssl.respond_to? :hostname=
             ssl.sync_close = true # Sync ssl close with underlying TCP socket
             ssl.connect
+            if (ssl.context.verify_mode != OpenSSL::SSL::VERIFY_NONE) && @ssl_post_conn_check
+              ssl.post_connection_check(@host)
+            end
           end
           def ssl.ready?
             ! @rbuffer.empty? || @io.ready?
@@ -372,7 +375,7 @@ module Stomp
           end
           #
           puts ex.backtrace
-          $sdtout.flush
+          $stdout.flush
           raise # Reraise
         end
       end

data/lib/connection/utils.rb

@@ -180,6 +180,7 @@ module Stomp
         :tcp_nodelay => true,
         :start_timeout => 0,
         :sslctx_newparm => nil,
+        :ssl_post_conn_check => true,
       }
 
       res_params = default_params.merge(params)

data/lib/stomp/client.rb

@@ -56,6 +56,7 @@ module Stomp
     #     :tcp_nodelay => true,               # Turns on the TCP_NODELAY socket option; disables Nagle's algorithm
     #     :start_timeout => 0,                # Timeout around Stomp::Client initialization
     #     :sslctx_newparm => nil,             # Param for SSLContext.new
+    #     :ssl_post_conn_check => true,       # Further verify broker identity
     #   }
     #
     #   e.g. c = Stomp::Client.new(hash)

data/lib/stomp/connection.rb

@@ -93,6 +93,7 @@ module Stomp
     #     :tcp_nodelay => true,               # Turns on the TCP_NODELAY socket option; disables Nagle's algorithm
     #     :start_timeout => 0,                # Timeout around Stomp::Client initialization
     #     :sslctx_newparm => nil,             # Param for SSLContext.new
+    #     :ssl_post_conn_check => true,       # Further verify broker identity
     #   }
     #
     #   e.g. c = Stomp::Connection.new(hash)
@@ -146,6 +147,7 @@ module Stomp
         @tcp_nodelay = true # Disable Nagle
         @start_timeout = 0 # Client only, startup timeout
         @sslctx_newparm = nil # SSLContext.new paramater
+        @ssl_post_conn_check = true # Additional broker verification
         warn "login looks like a URL, do you have the correct parameters?" if @login =~ /:\/\//
       end
 
@@ -183,6 +185,7 @@ module Stomp
       @fast_hbs_adjust = @parameters[:fast_hbs_adjust]
       @connread_timeout = @parameters[:connread_timeout]
       @sslctx_newparm = @parameters[:sslctx_newparm]
+      @ssl_post_conn_check = @parameters[:ssl_post_conn_check]
       #
       # Try to support Ruby 1.9.x and 2.x ssl.
       unless defined?(RSpec)

data/lib/stomp/version.rb

@@ -6,7 +6,7 @@ module Stomp
   module Version  #:nodoc: all
     MAJOR = 1
     MINOR = 4
-    PATCH = 0
+    PATCH = 1
     STRING = "#{MAJOR}.#{MINOR}.#{PATCH}"
   end
 end

data/spec/connection_spec.rb

@@ -32,6 +32,7 @@ describe Stomp::Connection do
       :tcp_nodelay => true,
       :start_timeout => 0,
       :sslctx_newparm => nil,
+      :ssl_post_conn_check => true,
    }
         
     #POG:
@@ -272,6 +273,7 @@ describe Stomp::Connection do
       module ::OpenSSL
         module SSL
           VERIFY_NONE = 0
+          VERIFY_PEER = 1
           
           class SSLSocket
           end
@@ -283,14 +285,16 @@ describe Stomp::Connection do
       end
       
       before(:each) do
+        ssl_context = double(:verify_mode => OpenSSL::SSL::VERIFY_PEER)
         ssl_parameters = {:hosts => [{:login => "login2", :passcode => "passcode2", :host => "remotehost", :ssl => true}]}
         @ssl_socket = double(:ssl_socket, :puts => nil, :write => nil, 
-          :setsockopt => nil, :flush => true)
+          :setsockopt => nil, :flush => true, :context => ssl_context)
         allow(@ssl_socket).to receive(:sync_close=)
         
         expect(TCPSocket).to receive(:open).and_return @tcp_socket
         expect(OpenSSL::SSL::SSLSocket).to receive(:new).and_return(@ssl_socket)
         expect(@ssl_socket).to receive(:connect)
+        expect(@ssl_socket).to receive(:post_connection_check)
         
         @connection = Stomp::Connection.new ssl_parameters
       end
@@ -363,6 +367,7 @@ describe Stomp::Connection do
           :tcp_nodelay => true,
           :start_timeout => 0,
           :sslctx_newparm => nil,
+          :ssl_post_conn_check => true,
         }
         
         used_hash =  {
@@ -406,6 +411,7 @@ describe Stomp::Connection do
           :tcp_nodelay => false,
           :start_timeout => 6,
           :sslctx_newparm=>:TLSv1,
+          :ssl_post_conn_check =>false,
         }
         
         @connection = Stomp::Connection.new(used_hash)

data/stomp.gemspec

@@ -2,17 +2,19 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
+# stub: stomp 1.4.1 ruby lib
 
 Gem::Specification.new do |s|
-  s.name = %q{stomp}
-  s.version = "1.4.0"
+  s.name = "stomp"
+  s.version = "1.4.1"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.require_paths = ["lib"]
   s.authors = ["Brian McCallister", "Marius Mathiesen", "Thiago Morello", "Guy M. Allard"]
-  s.date = %q{2016-06-08}
-  s.description = %q{Ruby client for the Stomp messaging protocol.  Note that this gem is no longer supported on rubyforge.}
+  s.date = "2016-06-23"
+  s.description = "Ruby client for the Stomp messaging protocol.  Note that this gem is no longer supported on rubyforge."
   s.email = ["brianm@apache.org", "marius@stones.com", "morellon@gmail.com", "allard.guy.m@gmail.com"]
-  s.executables = ["stompcat", "catstomp"]
+  s.executables = ["catstomp", "stompcat"]
   s.extra_rdoc_files = [
     "LICENSE",
     "README.md"
@@ -104,15 +106,13 @@ Gem::Specification.new do |s|
     "test/test_urlogin.rb",
     "test/tlogger.rb"
   ]
-  s.homepage = %q{https://github.com/stompgem/stomp}
+  s.homepage = "https://github.com/stompgem/stomp"
   s.licenses = ["Apache-2.0"]
-  s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.7}
-  s.summary = %q{Ruby client for the Stomp messaging protocol}
+  s.rubygems_version = "2.2.5"
+  s.summary = "Ruby client for the Stomp messaging protocol"
 
   if s.respond_to? :specification_version then
-    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
-    s.specification_version = 3
+    s.specification_version = 4
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
       s.add_development_dependency(%q<rspec>, [">= 2.14.1"])

metadata

@@ -1,15 +1,9 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: stomp
-version: !ruby/object:Gem::Version 
-  hash: 7
-  prerelease: false
-  segments: 
-  - 1
-  - 4
-  - 0
-  version: 1.4.0
+version: !ruby/object:Gem::Version
+  version: 1.4.1
 platform: ruby
-authors: 
+authors:
 - Brian McCallister
 - Marius Mathiesen
 - Thiago Morello
@@ -17,41 +11,37 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2016-06-08 00:00:00 -04:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2016-06-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: rspec
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
     - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 53
-        segments: 
-        - 2
-        - 14
-        - 1
+      - !ruby/object:Gem::Version
         version: 2.14.1
   type: :development
-  version_requirements: *id001
-description: Ruby client for the Stomp messaging protocol.  Note that this gem is no longer supported on rubyforge.
-email: 
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.14.1
+description: Ruby client for the Stomp messaging protocol.  Note that this gem is
+  no longer supported on rubyforge.
+email:
 - brianm@apache.org
 - marius@stones.com
 - morellon@gmail.com
 - allard.guy.m@gmail.com
-executables: 
-- stompcat
+executables:
 - catstomp
+- stompcat
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - LICENSE
 - README.md
-files: 
+files:
 - CHANGELOG.md
 - LICENSE
 - README.md
@@ -137,39 +127,28 @@ files:
 - test/test_ssl.rb
 - test/test_urlogin.rb
 - test/tlogger.rb
-has_rdoc: true
 homepage: https://github.com/stompgem/stomp
-licenses: 
+licenses:
 - Apache-2.0
+metadata: {}
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.3.7
+rubygems_version: 2.2.5
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Ruby client for the Stomp messaging protocol
 test_files: []
-