toycol 0.0.1 → 0.2.2

data/lib/toycol/helper.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Toycol
+  module Helper
+    private
+
+    def safe_execution!(&block)
+      safe_executionable_tp.enable(&block)
+    end
+
+    def safe_executionable_tp
+      @safe_executionable_tp ||= TracePoint.new(:script_compiled) do |tp|
+        if tp.binding.receiver == Toycol::Protocol && tp.method_id.to_s.match?(unauthorized_methods_regex)
+          raise Toycol::UnauthorizedMethodError, <<~ERROR
+            - Unauthorized method was called!
+            You can't use methods that may cause injections in your protocol.
+            Ex. Kernel.#eval, Kernel.#exec, Kernel.#require and so on.
+          ERROR
+        end
+      end
+    end
+
+    def unauthorized_methods_regex
+      /(.*eval|.*exec|`.+|%x\(|system|open|require|load)/
+    end
+  end
+end

data/lib/toycol/protocol.rb

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+
+module Toycol
+  # This class is for protocol definition and parsing request messages
+  class Protocol
+    @definements          = {}
+    @protocol_name        = nil
+    @http_status_codes    = Toycol::DEFAULT_HTTP_STATUS_CODES.dup
+    @http_request_methods = Toycol::DEFAULT_HTTP_REQUEST_METHODS.dup
+    @custom_status_codes  = nil
+    @additional_request_methods = nil
+
+    class << self
+      # For protocol definition
+      def define(protocol_name = nil, &block)
+        @definements[protocol_name] = block
+      end
+
+      # For application which use the protocol
+      def use(protocol_name)
+        @protocol_name = protocol_name
+      end
+
+      # For server which use the protocol
+      def run!(message)
+        @request_message = message.chomp
+
+        return unless (block = @definements[@protocol_name])
+
+        instance_exec(@request_message, &block)
+      end
+
+      # For protocol definition: Define custom status codes
+      if RUBY_VERSION >= "2.7"
+        def custom_status_codes(**custom_status_codes)
+          @custom_status_codes = custom_status_codes
+        end
+      else
+        def custom_status_codes(custom_status_codes)
+          @custom_status_codes = custom_status_codes
+        end
+      end
+
+      # For protocol definition: Define adding request methods
+      def additional_request_methods(*additional_request_methods)
+        @additional_request_methods = additional_request_methods
+      end
+
+      # For protocol definition: Define how to parse the request message
+      def request
+        @request ||= Class.new do
+          def self.path(&block)
+            @path = block
+          end
+
+          def self.query(&block)
+            @query = block
+          end
+
+          def self.http_method(&block)
+            @http_method = block
+          end
+
+          def self.input(&block)
+            @input = block
+          end
+        end
+      end
+
+      # For server: Get the request path
+      def request_path
+        request_path = request.instance_variable_get("@path").call(request_message)
+
+        raise UnauthorizedRequestError, "This request path is too long" if request_path.size >= 2048
+
+        if request_path.scan(%r{[/\w\d\-_]}).size < request_path.size
+          raise UnauthorizedRequestError,
+                "This request path contains unauthorized character"
+        end
+
+        request_path
+      end
+
+      # For server: Get the request method
+      def request_method
+        @http_request_methods.concat @additional_request_methods if @additional_request_methods
+        request_method = request.instance_variable_get("@http_method").call(request_message)
+
+        unless @http_request_methods.include? request_method
+          raise UndefinedRequestMethodError, "This request method is undefined"
+        end
+
+        request_method
+      end
+
+      # For server: Get the query string
+      def query
+        return unless (parse_query_block = request.instance_variable_get("@query"))
+
+        parse_query_block.call(request_message)
+      end
+
+      # For server: Get the input body
+      def input
+        return unless (parsed_input_block = request.instance_variable_get("@input"))
+
+        parsed_input_block.call(request_message)
+      end
+
+      # For server: Get the message of status code
+      def status_message(status)
+        @http_status_codes.merge!(@custom_status_codes) if @custom_status_codes
+
+        unless (message = @http_status_codes[status])
+          raise UnknownStatusCodeError, "Application returns unknown status code"
+        end
+
+        message
+      end
+
+      private
+
+      attr_reader :request_message
+    end
+  end
+end

data/lib/toycol/proxy.rb

@@ -0,0 +1,116 @@
+# frozen_string_literal: true
+
+require "socket"
+
+module Toycol
+  class Proxy
+    include Helper
+
+    def initialize(host, port)
+      @host           = host
+      @port           = port
+      @request_method = nil
+      @path           = nil
+      @query          = nil
+      @input          = nil
+      @protocol       = ::Toycol::Protocol
+      @proxy          = TCPServer.new(@host, @port)
+    end
+
+    CHUNK_SIZE = 1024 * 16
+
+    def start
+      puts <<~MESSAGE
+        Toycol is running on #{@host}:#{@port}
+        => Use Ctrl-C to stop
+      MESSAGE
+
+      loop do
+        trap(:INT) { shutdown }
+
+        @client = @proxy.accept
+
+        while !@client.closed? && !@client.eof?
+          begin
+            request = @client.readpartial(CHUNK_SIZE)
+            puts "[Toycol] Received message: #{request.inspect.chomp}"
+
+            safe_execution! { @protocol.run!(request) }
+            assign_parsed_attributes!
+
+            http_request_message = build_http_request_message
+            puts "[Toycol] Message has been translated to HTTP request message: #{http_request_message.inspect}"
+            transfer_to_server(http_request_message)
+          rescue StandardError => e
+            puts "#{e.class} #{e.message} - closing socket."
+            e.backtrace.each { |l| puts "\t#{l}" }
+            @proxy.close
+            @client.close
+          end
+        end
+        @client.close
+      end
+    end
+
+    private
+
+    def assign_parsed_attributes!
+      @request_method = @protocol.request_method
+      @path  = @protocol.request_path
+      @query = @protocol.query
+      @input = @protocol.input
+    end
+
+    def build_http_request_message
+      request_message = "#{request_line}#{request_header}\r\n"
+      request_message += @input if @input
+      request_message
+    end
+
+    def request_line
+      "#{@request_method} #{request_path} HTTP/1.1\r\n"
+    end
+
+    def request_path
+      return @path unless @request_method == "GET"
+
+      "#{@path}#{"?#{@query}" if @query && !@query.empty?}"
+    end
+
+    def request_header
+      "Content-Length: #{@input&.bytesize || 0}\r\n"
+    end
+
+    def transfer_to_server(request_message)
+      UNIXSocket.open(Toycol::UNIX_SOCKET_PATH) do |server|
+        server.write request_message
+        server.close_write
+        puts "[Toycol] Successed to Send HTTP request message to server"
+
+        response_message = []
+        response_message << server.readpartial(CHUNK_SIZE) until server.eof?
+        response_message = response_message.join
+        puts "[Toycol] Received response message from server: #{response_message.lines.first}"
+
+        response_line  = response_message.lines.first
+        status_number  = response_line[9..11]
+        status_message = response_line[12..].strip
+
+        if (custom_message = @protocol.status_message(status_number.to_i)) != status_message
+          response_message = response_message.sub(status_message, custom_message)
+          puts "[Toycol] Status message has been translated to custom status message: #{custom_message}"
+        end
+
+        @client.write response_message
+        @client.close_write
+        puts "[Toycol] Finished to response to client"
+        server.close
+      end
+    end
+
+    def shutdown
+      puts "[Toycol] Catched SIGINT -> Stop to server"
+      exit
+    end
+  end
+end

data/lib/toycol/server.rb

@@ -0,0 +1,124 @@
+# frozen_string_literal: true
+
+require "stringio"
+
+module Toycol
+  class Server
+    BACKLOG    = 1024
+    CHUNK_SIZE = 1024 * 16
+
+    class << self
+      def run(app, **options)
+        new(app, **options).run
+      end
+    end
+
+    def initialize(app, **options)
+      @app  = app
+      @path = options[:Path]
+      @port = options[:Port]
+      @env  = default_env
+      @returned_status  = nil
+      @returned_headers = nil
+      @returned_body    = nil
+    end
+
+    def run
+      verify_file_path!
+      server = UNIXServer.new @path
+      server.listen BACKLOG
+
+      loop do
+        trap(:INT) { exit }
+
+        socket = server.accept
+
+        request_message = []
+        request_message << socket.readpartial(CHUNK_SIZE) until socket.eof?
+        request_message = request_message.join
+        assign_parsed_attributes!(request_message)
+
+        @returned_status, @returned_headers, @returned_body = @app.call(@env)
+
+        socket.puts response_message
+        socket.close_write
+        socket.close
+      end
+    end
+
+    private
+
+    def default_env
+      {
+        ::Toycol::PATH_INFO         => "",
+        ::Toycol::QUERY_STRING      => "",
+        ::Toycol::REQUEST_METHOD    => "",
+        ::Toycol::SERVER_NAME       => "toycol_server",
+        ::Toycol::SERVER_PORT       => @port.to_s,
+        ::Toycol::CONTENT_LENGTH    => "0",
+        ::Toycol::RACK_VERSION      => Rack::VERSION,
+        ::Toycol::RACK_INPUT        => stringio(""),
+        ::Toycol::RACK_ERRORS       => $stderr,
+        ::Toycol::RACK_MULTITHREAD  => false,
+        ::Toycol::RACK_MULTIPROCESS => false,
+        ::Toycol::RACK_RUN_ONCE     => false,
+        ::Toycol::RACK_URL_SCHEME   => "http"
+      }
+    end
+
+    def response_message
+      "#{response_status_code}#{response_headers}\r\n#{response_body}"
+    end
+
+    def response_status_code
+      "HTTP/1.1 #{@returned_status} #{::Toycol::DEFAULT_HTTP_STATUS_CODES[@returned_status.to_i] || "CUSTOM"}\r\n"
+    end
+
+    def response_headers
+      @returned_headers["Content-Length"] = response_body.size unless @returned_headers["Content-Length"]
+
+      @returned_headers.map { |k, v| "#{k}: #{v}" }.join("\r\n") + "\r\n"
+    end
+
+    def response_body
+      res = []
+      @returned_body.each { |body| res << body }
+      res.join
+    end
+
+    def stringio(body = "")
+      StringIO.new(body).set_encoding("ASCII-8BIT")
+    end
+
+    def verify_file_path!
+      return unless File.exist? @path
+
+      begin
+        bound_file = UNIXSocket.new @path
+      rescue SystemCallError, IOError
+        File.unlink @path
+      else
+        bound_file.close
+        raise "[Toycol] Address already in use: #{@path}"
+      end
+    end
+
+    def assign_parsed_attributes!(request_message)
+      request_line, *request_headers, request_body = request_message.split("\r\n").reject(&:empty?)
+      request_method, request_path, = request_line.split
+      request_path, query_string    = request_path.split("?")
+
+      @env[::Toycol::REQUEST_METHOD] = request_method
+      @env[::Toycol::PATH_INFO]      = request_path
+      @env[::Toycol::QUERY_STRING]   = query_string || ""
+      @env[::Toycol::CONTENT_LENGTH]
+
+      request_headers.each do |request_header|
+        k, v = request_header.split(":").map(&:strip)
+        @env["::Toycol::#{k.tr("-", "_").upcase}"] = v
+      end
+
+      @env[::Toycol::RACK_INPUT] = stringio(request_body)
+    end
+  end
+end

data/lib/toycol/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Toycol
-  VERSION = "0.0.1"
+  VERSION = "0.2.2"
 end

data/toycol.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.description   = "Toy Application Protocol framework"
   spec.homepage      = "https://github.com/shioimm/toycol"
   spec.license       = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 3.0.0")
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.6.0")
 
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = "https://github.com/shioimm/toycol"
@@ -24,12 +24,8 @@ Gem::Specification.new do |spec|
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{\A(?:test|spec|features)/}) }
   end
   spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.executables   << "toycol"
   spec.require_paths = ["lib"]
 
-  # Uncomment to register a new dependency of your gem
-  # spec.add_dependency "example-gem", "~> 1.0"
-
-  # For more information and examples about making a new gem, checkout our
-  # guide at: https://bundler.io/guides/creating_gem.html
+  spec.add_dependency "rack", "~> 2.0"
 end

metadata

@@ -1,22 +1,39 @@
 --- !ruby/object:Gem::Specification
 name: toycol
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Misaki Shioi
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-07-12 00:00:00.000000000 Z
-dependencies: []
+date: 2021-07-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 description: Toy Application Protocol framework
 email:
 - shioi.mm@gmail.com
-executables: []
+executables:
+- toycol
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/ISSUE_TEMPLATE/bug_report.md"
+- ".github/dependabot.yml"
 - ".github/workflows/main.yml"
 - ".gitignore"
 - ".rubocop.yml"
@@ -28,7 +45,33 @@ files:
 - Rakefile
 - bin/console
 - bin/setup
+- examples/duck/Gemfile
+- examples/duck/Protocolfile.duck
+- examples/duck/config_duck.ru
+- examples/rubylike/Gemfile
+- examples/rubylike/Protocolfile.rubylike
+- examples/rubylike/config_rubylike.ru
+- examples/safe_ruby/Gemfile
+- examples/safe_ruby/Protocolfile.safe_ruby
+- examples/safe_ruby/config_safe_ruby.ru
+- examples/safe_ruby_with_sinatra/Gemfile
+- examples/safe_ruby_with_sinatra/Protocolfile.safe_ruby_with_sinatra
+- examples/safe_ruby_with_sinatra/app.rb
+- examples/safe_ruby_with_sinatra/post.rb
+- examples/safe_ruby_with_sinatra/views/index.erb
+- examples/unsafe_ruby/Gemfile
+- examples/unsafe_ruby/Protocolfile.unsafe_ruby
+- examples/unsafe_ruby/config_unsafe_ruby.ru
+- exe/toycol
+- lib/rack/handler/toycol.rb
 - lib/toycol.rb
+- lib/toycol/client.rb
+- lib/toycol/command.rb
+- lib/toycol/const.rb
+- lib/toycol/helper.rb
+- lib/toycol/protocol.rb
+- lib/toycol/proxy.rb
+- lib/toycol/server.rb
 - lib/toycol/version.rb
 - toycol.gemspec
 homepage: https://github.com/shioimm/toycol
@@ -46,7 +89,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 3.0.0
+      version: 2.6.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="