RubyGems - vines - Versions diffs - 0.1.0 - Mend

vines 0.1.0

Files changed (119) hide show

data/LICENSE +19 -0
data/README +34 -0
data/Rakefile +55 -0
data/bin/vines +95 -0
data/conf/certs/README +32 -0
data/conf/certs/ca-bundle.crt +3987 -0
data/conf/config.rb +114 -0
data/lib/vines.rb +155 -0
data/lib/vines/command/bcrypt.rb +12 -0
data/lib/vines/command/cert.rb +49 -0
data/lib/vines/command/init.rb +58 -0
data/lib/vines/command/ldap.rb +35 -0
data/lib/vines/command/restart.rb +12 -0
data/lib/vines/command/schema.rb +24 -0
data/lib/vines/command/start.rb +28 -0
data/lib/vines/command/stop.rb +18 -0
data/lib/vines/config.rb +191 -0
data/lib/vines/contact.rb +99 -0
data/lib/vines/daemon.rb +78 -0
data/lib/vines/error.rb +150 -0
data/lib/vines/jid.rb +56 -0
data/lib/vines/kit.rb +23 -0
data/lib/vines/router.rb +125 -0
data/lib/vines/stanza.rb +55 -0
data/lib/vines/stanza/iq.rb +50 -0
data/lib/vines/stanza/iq/auth.rb +18 -0
data/lib/vines/stanza/iq/disco_info.rb +25 -0
data/lib/vines/stanza/iq/disco_items.rb +23 -0
data/lib/vines/stanza/iq/error.rb +16 -0
data/lib/vines/stanza/iq/ping.rb +16 -0
data/lib/vines/stanza/iq/query.rb +10 -0
data/lib/vines/stanza/iq/result.rb +16 -0
data/lib/vines/stanza/iq/roster.rb +153 -0
data/lib/vines/stanza/iq/session.rb +22 -0
data/lib/vines/stanza/iq/vcard.rb +58 -0
data/lib/vines/stanza/message.rb +41 -0
data/lib/vines/stanza/presence.rb +119 -0
data/lib/vines/stanza/presence/error.rb +23 -0
data/lib/vines/stanza/presence/probe.rb +38 -0
data/lib/vines/stanza/presence/subscribe.rb +66 -0
data/lib/vines/stanza/presence/subscribed.rb +64 -0
data/lib/vines/stanza/presence/unavailable.rb +15 -0
data/lib/vines/stanza/presence/unsubscribe.rb +57 -0
data/lib/vines/stanza/presence/unsubscribed.rb +50 -0
data/lib/vines/storage.rb +216 -0
data/lib/vines/storage/couchdb.rb +119 -0
data/lib/vines/storage/ldap.rb +59 -0
data/lib/vines/storage/local.rb +66 -0
data/lib/vines/storage/redis.rb +108 -0
data/lib/vines/storage/sql.rb +174 -0
data/lib/vines/store.rb +51 -0
data/lib/vines/stream.rb +198 -0
data/lib/vines/stream/client.rb +131 -0
data/lib/vines/stream/client/auth.rb +94 -0
data/lib/vines/stream/client/auth_restart.rb +33 -0
data/lib/vines/stream/client/bind.rb +58 -0
data/lib/vines/stream/client/bind_restart.rb +25 -0
data/lib/vines/stream/client/closed.rb +13 -0
data/lib/vines/stream/client/ready.rb +15 -0
data/lib/vines/stream/client/start.rb +27 -0
data/lib/vines/stream/client/tls.rb +37 -0
data/lib/vines/stream/component.rb +53 -0
data/lib/vines/stream/component/handshake.rb +25 -0
data/lib/vines/stream/component/ready.rb +24 -0
data/lib/vines/stream/component/start.rb +19 -0
data/lib/vines/stream/http.rb +111 -0
data/lib/vines/stream/http/http_request.rb +22 -0
data/lib/vines/stream/http/http_state.rb +139 -0
data/lib/vines/stream/http/http_states.rb +53 -0
data/lib/vines/stream/parser.rb +78 -0
data/lib/vines/stream/server.rb +126 -0
data/lib/vines/stream/server/auth.rb +13 -0
data/lib/vines/stream/server/auth_restart.rb +19 -0
data/lib/vines/stream/server/final_restart.rb +20 -0
data/lib/vines/stream/server/outbound/auth.rb +31 -0
data/lib/vines/stream/server/outbound/auth_restart.rb +20 -0
data/lib/vines/stream/server/outbound/auth_result.rb +28 -0
data/lib/vines/stream/server/outbound/final_features.rb +27 -0
data/lib/vines/stream/server/outbound/final_restart.rb +20 -0
data/lib/vines/stream/server/outbound/start.rb +20 -0
data/lib/vines/stream/server/outbound/tls.rb +30 -0
data/lib/vines/stream/server/outbound/tls_result.rb +31 -0
data/lib/vines/stream/server/ready.rb +20 -0
data/lib/vines/stream/server/start.rb +13 -0
data/lib/vines/stream/server/tls.rb +13 -0
data/lib/vines/stream/state.rb +55 -0
data/lib/vines/token_bucket.rb +46 -0
data/lib/vines/user.rb +124 -0
data/lib/vines/version.rb +5 -0
data/lib/vines/xmpp_server.rb +25 -0
data/test/config_test.rb +396 -0
data/test/error_test.rb +59 -0
data/test/ext/nokogiri.rb +14 -0
data/test/jid_test.rb +71 -0
data/test/kit_test.rb +21 -0
data/test/router_test.rb +60 -0
data/test/stanza/iq/roster_test.rb +198 -0
data/test/stanza/iq/session_test.rb +30 -0
data/test/stanza/iq/vcard_test.rb +159 -0
data/test/stanza/message_test.rb +124 -0
data/test/stanza/presence/subscribe_test.rb +75 -0
data/test/storage/couchdb_test.rb +102 -0
data/test/storage/ldap_test.rb +207 -0
data/test/storage/local_test.rb +54 -0
data/test/storage/redis_test.rb +75 -0
data/test/storage/sql_test.rb +55 -0
data/test/storage/storage_tests.rb +134 -0
data/test/storage_test.rb +90 -0
data/test/stream/client/auth_test.rb +127 -0
data/test/stream/client/ready_test.rb +47 -0
data/test/stream/component/handshake_test.rb +46 -0
data/test/stream/component/ready_test.rb +105 -0
data/test/stream/component/start_test.rb +41 -0
data/test/stream/parser_test.rb +121 -0
data/test/stream/server/outbound/auth_test.rb +77 -0
data/test/stream/server/ready_test.rb +100 -0
data/test/token_bucket_test.rb +24 -0
data/test/user_test.rb +64 -0
metadata +318 -0

data/conf/config.rb ADDED Viewed

@@ -0,0 +1,114 @@
+# encoding: UTF-8
+# This is the Vines XMPP server configuration file. Restart the server with
+# 'vines restart' after updating this file.
+Vines::Config.configure do
+  # Set the logging level to debug, info, warn, error, or fatal. The debug
+  # level logs all XML sent and received by the server.
+  log :info
+  # Each host element below is a virtual host domain name that this server will
+  # service. Hosts can share storage configurations or use separate databases.
+  # TLS encryption is mandatory so each host must have a <domain>.crt and
+  # <domain>.key file in the conf/certs directory. A self-signed certificate can
+  # be generated for a virtual host domain with the 'vines cert <domain.tld>'
+  # command. Change the example, 'wonderland.lit', domain name to your actual
+  # domain.
+  #
+  # Shared storage example:
+  # host 'verona.lit', 'wonderland.lit' do
+  #   storage 'fs' do
+  #     dir 'conf/users'
+  #   end
+  # end
+  host 'wonderland.lit' do
+    storage 'fs' do
+      dir 'conf/users'
+    end
+  end
+  # Hosts can use LDAP authentication that overrides the authentication
+  # provided by a storage database. If LDAP is in use, passwords are not
+  # saved or validated against the storage database. However, all other user
+  # information, like rosters, is still saved in the storage database.
+  #
+  # host 'wonderland.lit' do
+  #   storage 'fs' do
+  #     dir 'conf/users'
+  #   end
+  #   ldap 'ldap.wonderland.lit', 636 do
+  #     dn 'cn=Directory Manager'
+  #     password 'secr3t'
+  #     basedn 'dc=wonderland,dc=lit'
+  #     object_class 'person'
+  #     user_attr 'uid'
+  #     name_attr 'cn'
+  #     tls true
+  #   end
+  # end
+  # Configure the client-to-server port. The max_resources_per_account attribute
+  # limits how many concurrent connections one user can have to the server.
+  client '0.0.0.0', 5222 do
+    max_stanza_size 65536
+    max_resources_per_account 5
+  end
+  # Configure the server-to-server port. The max_stanza_size attribute should be
+  # much larger than the setting for client-to-server. Add domain names to the
+  # 'hosts' white-list attribute to allow those servers to connect. Any connection
+  # attempt from a host not in this list will be denied.
+  server '0.0.0.0', 5269 do
+    max_stanza_size 131072
+    hosts []
+  end
+  # Configure the XEP-0124 BOSH port. This allows HTTP clients to connect to
+  # the XMPP server.
+  http '0.0.0.0', 5280 do
+    max_stanza_size 131072
+  end
+  # Configure the XEP-0114 external component port. Add entries for each
+  # component sub-domain allowed to connect to this server. Components must
+  # authenticate with a password.
+  component '0.0.0.0', 5347 do
+    max_stanza_size 131072
+    #components 'tea.wonderland.lit'  => 'secr3t',
+    #           'cake.wonderland.lit' => 'passw0rd'
+  end
+end
+# Available storage implementations:
+#storage 'fs' do
+#  dir 'conf/users'
+#end
+#storage 'couchdb' do
+#  host 'localhost'
+#  port 6984
+#  database 'xmpp'
+#  tls true
+#  username ''
+#  password ''
+#end
+#storage 'redis' do
+#  host 'localhost'
+#  port 6379
+#  database 0
+#  password ''
+#end
+#storage 'sql' do
+#  adapter 'postgresql'
+#  host 'localhost'
+#  port 5432
+#  database 'xmpp'
+#  username ''
+#  password ''
+#  pool 5
+#end

data/lib/vines.rb ADDED Viewed

@@ -0,0 +1,155 @@
+# encoding: UTF-8
+module Vines
+  NAMESPACES = {
+    :stream      => 'http://etherx.jabber.org/streams'.freeze,
+    :client      => 'jabber:client'.freeze,
+    :server      => 'jabber:server'.freeze,
+    :component   => 'jabber:component:accept'.freeze,
+    :roster      => 'jabber:iq:roster'.freeze,
+    :non_sasl    => 'jabber:iq:auth'.freeze,
+    :sasl        => 'urn:ietf:params:xml:ns:xmpp-sasl'.freeze,
+    :tls         => 'urn:ietf:params:xml:ns:xmpp-tls'.freeze,
+    :bind        => 'urn:ietf:params:xml:ns:xmpp-bind'.freeze,
+    :session     => 'urn:ietf:params:xml:ns:xmpp-session'.freeze,
+    :ping        => 'urn:xmpp:ping'.freeze,
+    :disco_items => 'http://jabber.org/protocol/disco#items'.freeze,
+    :disco_info  => 'http://jabber.org/protocol/disco#info'.freeze,
+    :http_bind   => 'http://jabber.org/protocol/httpbind'.freeze,
+    :bosh        => 'urn:xmpp:xbosh'.freeze,
+    :vcard       => 'vcard-temp'.freeze
+  }.freeze
+  module Log
+    @@logger = nil
+    def log
+      unless @@logger
+        @@logger = Logger.new(STDOUT)
+        @@logger.level = Logger::INFO
+        @@logger.progname = 'vines'
+        @@logger.formatter = Class.new(Logger::Formatter) do
+          def initialize
+            @time = "%Y-%m-%dT%H:%M:%SZ".freeze
+            @fmt  = "[%s] %5s -- %s: %s\n".freeze
+          end
+          def call(severity, time, program, msg)
+            @fmt % [time.utc.strftime(@time), severity, program, msg2str(msg)]
+          end
+        end.new
+      end
+      @@logger
+    end
+  end
+end
+%w[
+  resolv-replace
+  active_record
+  base64
+  bcrypt
+  digest/sha1
+  em-http
+  em-redis
+  eventmachine
+  fiber
+  logger
+  net/ldap
+  nokogiri
+  openssl
+  socket
+  thin
+  uri
+  yaml
+  vines/jid
+  vines/stanza
+  vines/stanza/iq
+  vines/stanza/iq/query
+  vines/stanza/iq/auth
+  vines/stanza/iq/disco_info
+  vines/stanza/iq/disco_items
+  vines/stanza/iq/error
+  vines/stanza/iq/ping
+  vines/stanza/iq/result
+  vines/stanza/iq/roster
+  vines/stanza/iq/session
+  vines/stanza/iq/vcard
+  vines/stanza/message
+  vines/stanza/presence
+  vines/stanza/presence/error
+  vines/stanza/presence/probe
+  vines/stanza/presence/subscribe
+  vines/stanza/presence/subscribed
+  vines/stanza/presence/unavailable
+  vines/stanza/presence/unsubscribe
+  vines/stanza/presence/unsubscribed
+  vines/storage
+  vines/storage/couchdb
+  vines/storage/ldap
+  vines/storage/local
+  vines/storage/redis
+  vines/storage/sql
+  vines/store
+  vines/contact
+  vines/config
+  vines/daemon
+  vines/error
+  vines/kit
+  vines/router
+  vines/token_bucket
+  vines/user
+  vines/version
+  vines/xmpp_server
+  vines/stream
+  vines/stream/state
+  vines/stream/parser
+  vines/stream/client
+  vines/stream/client/start
+  vines/stream/client/tls
+  vines/stream/client/auth_restart
+  vines/stream/client/auth
+  vines/stream/client/bind_restart
+  vines/stream/client/bind
+  vines/stream/client/ready
+  vines/stream/client/closed
+  vines/stream/component
+  vines/stream/component/start
+  vines/stream/component/handshake
+  vines/stream/component/ready
+  vines/stream/http
+  vines/stream/http/http_state
+  vines/stream/http/http_states
+  vines/stream/http/http_request
+  vines/stream/server
+  vines/stream/server/start
+  vines/stream/server/tls
+  vines/stream/server/auth_restart
+  vines/stream/server/auth
+  vines/stream/server/final_restart
+  vines/stream/server/ready
+  vines/stream/server/outbound/start
+  vines/stream/server/outbound/tls
+  vines/stream/server/outbound/tls_result
+  vines/stream/server/outbound/auth_restart
+  vines/stream/server/outbound/auth
+  vines/stream/server/outbound/auth_result
+  vines/stream/server/outbound/final_restart
+  vines/stream/server/outbound/final_features
+  vines/command/bcrypt
+  vines/command/cert
+  vines/command/init
+  vines/command/ldap
+  vines/command/restart
+  vines/command/schema
+  vines/command/start
+  vines/command/stop
+].each {|f| require f }

data/lib/vines/command/bcrypt.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# encoding: UTF-8
+module Vines
+  module Command
+    class Bcrypt
+      def run(opts)
+        raise 'vines bcrypt <clear text>' unless opts[:args].size == 1
+        puts BCrypt::Password.create(opts[:args].first)
+      end
+    end
+  end
+end

data/lib/vines/command/cert.rb ADDED Viewed

@@ -0,0 +1,49 @@
+# encoding: UTF-8
+module Vines
+  module Command
+    class Cert
+      def run(opts)
+        raise 'vines cert <domain>' unless opts[:args].size == 1
+        dir = File.expand_path(File.join(opts[:config], '../certs'))
+        create_cert(opts[:args].first, dir)
+      end
+      def create_cert(domain, dir)
+        domain = domain.downcase
+        key = OpenSSL::PKey::RSA.generate(2048)
+        ca = OpenSSL::X509::Name.parse("/C=US/ST=Colorado/L=Denver/O=Vines XMPP Server/CN=#{domain}")
+        cert = OpenSSL::X509::Certificate.new
+        cert.version = 2
+        cert.subject = ca
+        cert.issuer = ca
+        cert.serial = Time.now.to_i
+        cert.public_key = key.public_key
+        cert.not_before = Time.now - (24 * 60 * 60)
+        cert.not_after = Time.now + (365 * 24 * 60 * 60)
+        factory = OpenSSL::X509::ExtensionFactory.new
+        factory.subject_certificate = cert
+        factory.issuer_certificate = cert
+        cert.extensions = [
+          %w[basicConstraints CA:TRUE],
+          %w[subjectKeyIdentifier hash],
+          %w[subjectAltName] << [domain, hostname].map {|n| "DNS:#{n}" }.join(',')
+        ].map {|k, v| factory.create_ext(k, v) }
+        cert.sign(key, OpenSSL::Digest::SHA1.new)
+        {'key' => key, 'crt' => cert}.each_pair do |ext, o|
+          name = File.join(dir, "#{domain}.#{ext}")
+          File.open(name, "w") {|f| f.write(o.to_pem) }
+        end
+      end
+      private
+      def hostname
+        Socket.gethostbyname(Socket.gethostname).first.downcase
+      end
+    end
+  end
+end

data/lib/vines/command/init.rb ADDED Viewed

@@ -0,0 +1,58 @@
+# encoding: UTF-8
+module Vines
+  module Command
+    class Init
+      def run(opts)
+        raise 'vines init <domain>' unless opts[:args].size == 1
+        domain = opts[:args].first
+        dir = File.expand_path(domain)
+        raise "Directory already initialized: #{domain}" if File.exists?(dir)
+        Dir.mkdir(dir)
+        FileUtils.cp_r(File.expand_path('../../../../conf', __FILE__), dir)
+        users, log, pid = %w[conf/users log pid].map do |sub|
+          File.join(dir, sub).tap {|subdir| Dir.mkdir(subdir) }
+        end
+        create_users(domain, users)
+        update_config(domain, File.join(dir, 'conf', 'config.rb'))
+        Command::Cert.new.create_cert(domain, File.join(dir, 'conf/certs'))
+        puts "Initialized server directory: #{domain}"
+        puts "Run 'cd #{domain} && vines start' to begin"
+      end
+      private
+      def update_config(domain, config)
+        text = File.read(config)
+        File.open(config, 'w') do |f|
+          f.write(text.gsub('wonderland.lit', domain.downcase))
+        end
+      end
+      def create_users(domain, dir)
+        password = 'secr3t'
+        alice, arthur = %w[alice arthur].map do |jid|
+          User.new(:jid => [jid, domain.downcase].join('@'),
+            :password => BCrypt::Password.create(password).to_s)
+        end
+        [[alice, arthur], [arthur, alice]].each do |user, contact|
+          user.roster  << Contact.new(
+            :jid => contact.jid,
+            :name => contact.jid.node.capitalize,
+            :subscription => 'both',
+            :groups => %w[Buddies])
+        end
+        storage = Storage::Local.new { dir(dir) }
+        [alice, arthur].each do |user|
+          storage.save_user(user)
+          puts "Created example user #{user.jid} with password #{password}"
+        end
+      end
+    end
+  end
+end

data/lib/vines/command/ldap.rb ADDED Viewed

@@ -0,0 +1,35 @@
+# encoding: UTF-8
+module Vines
+  module Command
+    class Ldap
+      def run(opts)
+        raise 'vines ldap <domain>' unless opts[:args].size == 1
+        require opts[:config]
+        domain = opts[:args].first
+        unless storage = Config.instance.vhosts[domain]
+          raise "#{domain} virtual host not found in conf/config.rb"
+        end
+        unless storage.ldap?
+          raise "LDAP connector not configured for #{domain} virtual host"
+        end
+        $stdout.write('JID: ')
+        jid = $stdin.gets.chomp
+        jid = [jid, domain].join('@') unless jid.include?('@')
+        $stdout.write('Password: ')
+        `stty -echo`
+        password = $stdin.gets.chomp
+        `stty echo`
+        puts
+        begin
+          user = storage.ldap.authenticate(jid, password)
+        rescue Exception => e
+          raise "LDAP connection failed: #{e.message}"
+        end
+        raise "User not found" unless user
+        puts "Found #{user.jid} with name: #{user.name}"
+      end
+    end
+  end
+end

data/lib/vines/command/restart.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# encoding: UTF-8
+module Vines
+  module Command
+    class Restart
+      def run(opts)
+        Stop.new.run(opts)
+        Start.new.run(opts)
+      end
+    end
+  end
+end

data/lib/vines/command/schema.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# encoding: UTF-8
+module Vines
+  module Command
+    class Schema
+      def run(opts)
+        raise 'vines schema <domain>' unless opts[:args].size == 1
+        require opts[:config]
+        domain = opts[:args].first
+        unless storage = Config.instance.vhosts[domain]
+          raise "#{domain} virtual host not found in conf/config.rb"
+        end
+        unless storage.respond_to?(:create_schema)
+          raise "SQL storage not configured for #{domain} virtual host"
+        end
+        begin
+          storage.create_schema
+        rescue Exception => e
+          raise "Schema creation failed: #{e.message}"
+        end
+      end
+    end
+  end
+end