tcat 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +7 -0
- data/lib/tcat/encryption_service.rb +3 -0
- data/lib/tcat/query.rb +3 -1
- data/lib/tcat/version.rb +1 -1
- data/lib/tcat/worker_client.rb +14 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 588b8dd9b49b05b35d28384cb85c3bc4e87b38852a04c3da8ce5b35ce59739bc
|
|
4
|
+
data.tar.gz: cd704ade306674058f6fd4c8de240d7570f54dba29ad7e1dfe30afb3b0119d40
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8617ad7c2b5bec16c3d7c94fd39175b45417a869feb6a74f0a1fab3590860c44d4a7e61a49b908982ae65f4b856504de3e61c9f96ba082c0ef0736cf936a59ca
|
|
7
|
+
data.tar.gz: '059ea7b7711cae4a2d146a23470016048edfb6e5c5d8951822ba17be8bd792355b1f9d29a73cc1b40e604884b332ac1548e453fb66f3cc22cff6c43198c510c7'
|
data/README.md
CHANGED
|
@@ -270,6 +270,13 @@ This gem is available as open source under the terms of the [MIT License](https:
|
|
|
270
270
|
|
|
271
271
|
## Changelog
|
|
272
272
|
|
|
273
|
+
### 0.4.1
|
|
274
|
+
|
|
275
|
+
- Security hardening: `Tcat::Query` now uses `SecureRandom` (CSPRNG) instead of `rand` for the per-request freshness component embedded in the encrypted `secret` payload
|
|
276
|
+
- Encryption: `Tcat::EncryptionService` explicitly disables OpenSSL's built-in cipher padding so the manually applied PKCS#7 padding cannot be double-applied if the cipher pipeline ever changes
|
|
277
|
+
- `Tcat::WorkerClient` warns when `worker_url` uses `http://` against a non-localhost host so a misconfigured deployment cannot silently leak the Bearer token over plaintext
|
|
278
|
+
- Worker: added `[observability.logs]` (`enabled = false`, `invocation_logs = true`) to `wrangler.toml`
|
|
279
|
+
|
|
273
280
|
### 0.4.0
|
|
274
281
|
|
|
275
282
|
- `Tcat::Query#status_code`, `#history`, `#latest_status` now accept an optional tracking-number argument, mirroring `Tcat::WorkerClient`'s shape
|
|
@@ -34,6 +34,9 @@ module Tcat
|
|
|
34
34
|
def setup_cipher
|
|
35
35
|
cipher = OpenSSL::Cipher.new(CIPHER_ALGORITHM)
|
|
36
36
|
cipher.encrypt
|
|
37
|
+
# PKCS#7 padding is applied manually in #pad_message; turn off OpenSSL's
|
|
38
|
+
# built-in padding so a future cipher.final call cannot double-pad.
|
|
39
|
+
cipher.padding = 0
|
|
37
40
|
cipher.key = @secret_key
|
|
38
41
|
cipher
|
|
39
42
|
end
|
data/lib/tcat/query.rb
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require 'net/http'
|
|
4
4
|
require 'base64'
|
|
5
|
+
require 'securerandom'
|
|
5
6
|
require 'ox'
|
|
6
7
|
require_relative 'http_client'
|
|
7
8
|
require_relative 'encryption_service'
|
|
@@ -108,7 +109,8 @@ module Tcat
|
|
|
108
109
|
end
|
|
109
110
|
|
|
110
111
|
def random
|
|
111
|
-
|
|
112
|
+
# CSPRNG so the per-request freshness component is unpredictable.
|
|
113
|
+
(SecureRandom.random_number(90_000) + 10_000).to_s
|
|
112
114
|
end
|
|
113
115
|
|
|
114
116
|
def source_string
|
data/lib/tcat/version.rb
CHANGED
data/lib/tcat/worker_client.rb
CHANGED
|
@@ -99,15 +99,29 @@ module Tcat
|
|
|
99
99
|
|
|
100
100
|
private
|
|
101
101
|
|
|
102
|
+
LOCAL_HOSTS = %w[localhost 127.0.0.1 ::1].freeze
|
|
103
|
+
private_constant :LOCAL_HOSTS
|
|
104
|
+
|
|
102
105
|
def validate_url!
|
|
103
106
|
uri = URI.parse(@worker_url)
|
|
104
107
|
unless %w[http https].include?(uri.scheme)
|
|
105
108
|
raise ArgumentError, 'Invalid Worker URL: must be http or https'
|
|
106
109
|
end
|
|
110
|
+
|
|
111
|
+
warn_if_insecure(uri)
|
|
107
112
|
rescue URI::InvalidURIError => e
|
|
108
113
|
raise ArgumentError, "Invalid Worker URL: #{e.message}"
|
|
109
114
|
end
|
|
110
115
|
|
|
116
|
+
def warn_if_insecure(uri)
|
|
117
|
+
return if uri.scheme == 'https'
|
|
118
|
+
return if LOCAL_HOSTS.include?(uri.host)
|
|
119
|
+
|
|
120
|
+
warn '[Tcat::WorkerClient] WARNING: worker_url uses http://; ' \
|
|
121
|
+
'requests and any Authorization token will be sent in plaintext. ' \
|
|
122
|
+
'Use https:// in production.'
|
|
123
|
+
end
|
|
124
|
+
|
|
111
125
|
def make_request(uri)
|
|
112
126
|
response = setup_http(uri).request(build_request(uri))
|
|
113
127
|
raise APIError, "HTTP #{response.code}: #{response.message}" unless response.is_a?(Net::HTTPSuccess)
|