RubyGems - vines - Versions diffs - 0.1.0 - Mend

vines 0.1.0

Files changed (119) hide show

data/LICENSE +19 -0
data/README +34 -0
data/Rakefile +55 -0
data/bin/vines +95 -0
data/conf/certs/README +32 -0
data/conf/certs/ca-bundle.crt +3987 -0
data/conf/config.rb +114 -0
data/lib/vines.rb +155 -0
data/lib/vines/command/bcrypt.rb +12 -0
data/lib/vines/command/cert.rb +49 -0
data/lib/vines/command/init.rb +58 -0
data/lib/vines/command/ldap.rb +35 -0
data/lib/vines/command/restart.rb +12 -0
data/lib/vines/command/schema.rb +24 -0
data/lib/vines/command/start.rb +28 -0
data/lib/vines/command/stop.rb +18 -0
data/lib/vines/config.rb +191 -0
data/lib/vines/contact.rb +99 -0
data/lib/vines/daemon.rb +78 -0
data/lib/vines/error.rb +150 -0
data/lib/vines/jid.rb +56 -0
data/lib/vines/kit.rb +23 -0
data/lib/vines/router.rb +125 -0
data/lib/vines/stanza.rb +55 -0
data/lib/vines/stanza/iq.rb +50 -0
data/lib/vines/stanza/iq/auth.rb +18 -0
data/lib/vines/stanza/iq/disco_info.rb +25 -0
data/lib/vines/stanza/iq/disco_items.rb +23 -0
data/lib/vines/stanza/iq/error.rb +16 -0
data/lib/vines/stanza/iq/ping.rb +16 -0
data/lib/vines/stanza/iq/query.rb +10 -0
data/lib/vines/stanza/iq/result.rb +16 -0
data/lib/vines/stanza/iq/roster.rb +153 -0
data/lib/vines/stanza/iq/session.rb +22 -0
data/lib/vines/stanza/iq/vcard.rb +58 -0
data/lib/vines/stanza/message.rb +41 -0
data/lib/vines/stanza/presence.rb +119 -0
data/lib/vines/stanza/presence/error.rb +23 -0
data/lib/vines/stanza/presence/probe.rb +38 -0
data/lib/vines/stanza/presence/subscribe.rb +66 -0
data/lib/vines/stanza/presence/subscribed.rb +64 -0
data/lib/vines/stanza/presence/unavailable.rb +15 -0
data/lib/vines/stanza/presence/unsubscribe.rb +57 -0
data/lib/vines/stanza/presence/unsubscribed.rb +50 -0
data/lib/vines/storage.rb +216 -0
data/lib/vines/storage/couchdb.rb +119 -0
data/lib/vines/storage/ldap.rb +59 -0
data/lib/vines/storage/local.rb +66 -0
data/lib/vines/storage/redis.rb +108 -0
data/lib/vines/storage/sql.rb +174 -0
data/lib/vines/store.rb +51 -0
data/lib/vines/stream.rb +198 -0
data/lib/vines/stream/client.rb +131 -0
data/lib/vines/stream/client/auth.rb +94 -0
data/lib/vines/stream/client/auth_restart.rb +33 -0
data/lib/vines/stream/client/bind.rb +58 -0
data/lib/vines/stream/client/bind_restart.rb +25 -0
data/lib/vines/stream/client/closed.rb +13 -0
data/lib/vines/stream/client/ready.rb +15 -0
data/lib/vines/stream/client/start.rb +27 -0
data/lib/vines/stream/client/tls.rb +37 -0
data/lib/vines/stream/component.rb +53 -0
data/lib/vines/stream/component/handshake.rb +25 -0
data/lib/vines/stream/component/ready.rb +24 -0
data/lib/vines/stream/component/start.rb +19 -0
data/lib/vines/stream/http.rb +111 -0
data/lib/vines/stream/http/http_request.rb +22 -0
data/lib/vines/stream/http/http_state.rb +139 -0
data/lib/vines/stream/http/http_states.rb +53 -0
data/lib/vines/stream/parser.rb +78 -0
data/lib/vines/stream/server.rb +126 -0
data/lib/vines/stream/server/auth.rb +13 -0
data/lib/vines/stream/server/auth_restart.rb +19 -0
data/lib/vines/stream/server/final_restart.rb +20 -0
data/lib/vines/stream/server/outbound/auth.rb +31 -0
data/lib/vines/stream/server/outbound/auth_restart.rb +20 -0
data/lib/vines/stream/server/outbound/auth_result.rb +28 -0
data/lib/vines/stream/server/outbound/final_features.rb +27 -0
data/lib/vines/stream/server/outbound/final_restart.rb +20 -0
data/lib/vines/stream/server/outbound/start.rb +20 -0
data/lib/vines/stream/server/outbound/tls.rb +30 -0
data/lib/vines/stream/server/outbound/tls_result.rb +31 -0
data/lib/vines/stream/server/ready.rb +20 -0
data/lib/vines/stream/server/start.rb +13 -0
data/lib/vines/stream/server/tls.rb +13 -0
data/lib/vines/stream/state.rb +55 -0
data/lib/vines/token_bucket.rb +46 -0
data/lib/vines/user.rb +124 -0
data/lib/vines/version.rb +5 -0
data/lib/vines/xmpp_server.rb +25 -0
data/test/config_test.rb +396 -0
data/test/error_test.rb +59 -0
data/test/ext/nokogiri.rb +14 -0
data/test/jid_test.rb +71 -0
data/test/kit_test.rb +21 -0
data/test/router_test.rb +60 -0
data/test/stanza/iq/roster_test.rb +198 -0
data/test/stanza/iq/session_test.rb +30 -0
data/test/stanza/iq/vcard_test.rb +159 -0
data/test/stanza/message_test.rb +124 -0
data/test/stanza/presence/subscribe_test.rb +75 -0
data/test/storage/couchdb_test.rb +102 -0
data/test/storage/ldap_test.rb +207 -0
data/test/storage/local_test.rb +54 -0
data/test/storage/redis_test.rb +75 -0
data/test/storage/sql_test.rb +55 -0
data/test/storage/storage_tests.rb +134 -0
data/test/storage_test.rb +90 -0
data/test/stream/client/auth_test.rb +127 -0
data/test/stream/client/ready_test.rb +47 -0
data/test/stream/component/handshake_test.rb +46 -0
data/test/stream/component/ready_test.rb +105 -0
data/test/stream/component/start_test.rb +41 -0
data/test/stream/parser_test.rb +121 -0
data/test/stream/server/outbound/auth_test.rb +77 -0
data/test/stream/server/ready_test.rb +100 -0
data/test/token_bucket_test.rb +24 -0
data/test/user_test.rb +64 -0
metadata +318 -0

data/lib/vines/stream/client/auth_restart.rb ADDED Viewed

@@ -0,0 +1,33 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Client
+      class AuthRestart < State
+        def initialize(stream, success=Auth)
+          super
+        end
+        def node(node)
+          raise StreamErrors::NotAuthorized unless stream?(node)
+          stream.start(node)
+          doc = Document.new
+          features = doc.create_element('stream:features') do |el|
+            el << doc.create_element('mechanisms') do |parent|
+              parent.default_namespace = NAMESPACES[:sasl]
+              mechanisms.each {|name| parent << doc.create_element('mechanism', name) }
+            end
+          end
+          stream.write(features)
+          advance
+        end
+        private
+        def mechanisms
+          ['EXTERNAL', 'PLAIN']
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/client/bind.rb ADDED Viewed

@@ -0,0 +1,58 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Client
+      class Bind < State
+        NS = NAMESPACES[:bind]
+        MAX_ATTEMPTS = 5
+        def initialize(stream, success=Ready)
+          super
+          @attempts = 0
+        end
+        def node(node)
+          @attempts += 1
+          raise StreamErrors::NotAuthorized unless bind?(node)
+          raise StreamErrors::PolicyViolation.new('max bind attempts reached') if @attempts > MAX_ATTEMPTS
+          raise StanzaErrors::ResourceConstraint.new(node, 'wait') if resource_limit_reached?
+          stream.user.jid.resource = resource(node)
+          doc = Document.new
+          result = doc.create_element('iq', 'id' => node['id'], 'type' => 'result') do |el|
+            el << doc.create_element('bind') do |bind|
+              bind.default_namespace = NS
+              bind << doc.create_element('jid', stream.user.jid.to_s)
+            end
+          end
+          stream.write(result)
+          stream.write('<stream:features/>')
+          advance
+        end
+        private
+        def bind?(node)
+          node.name == 'iq' && node['type'] == 'set' && node.xpath('ns:bind', 'ns' => NS).any?
+        end
+        def resource(node)
+          el = node.xpath('ns:bind/ns:resource', 'ns' => NS).first
+          resource = el ? el.text.strip : ''
+          resource.empty? || resource_used?(resource) ? Kit.uuid : resource
+        end
+        def resource_limit_reached?
+          used = stream.router.connected_resources(stream.user.jid.bare).size
+          used >= stream.max_resources_per_account
+        end
+        def resource_used?(resource)
+          stream.router.available_resources(stream.user.jid).any? do |c|
+            c.user.jid.resource == resource
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/client/bind_restart.rb ADDED Viewed

@@ -0,0 +1,25 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Client
+      class BindRestart < State
+        def initialize(stream, success=Bind)
+          super
+        end
+        def node(node)
+          raise StreamErrors::NotAuthorized unless stream?(node)
+          stream.start(node)
+          doc = Document.new
+          features = doc.create_element('stream:features') do |el|
+            el << doc.create_element('bind', 'xmlns' => NAMESPACES[:bind])
+            el << doc.create_element('session', 'xmlns' => NAMESPACES[:session])
+          end
+          stream.write(features)
+          advance
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/client/closed.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Client
+      class Closed < State
+        def node(node)
+          # ignore data received after close_connection
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/client/ready.rb ADDED Viewed

@@ -0,0 +1,15 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Client
+      class Ready < State
+        def node(node)
+          stanza = to_stanza(node)
+          raise StreamErrors::UnsupportedStanzaType unless stanza
+          stanza.process
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/client/start.rb ADDED Viewed

@@ -0,0 +1,27 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Client
+      class Start < State
+        def initialize(stream, success=TLS)
+          super
+        end
+        def node(node)
+          raise StreamErrors::NotAuthorized unless stream?(node)
+          stream.start(node)
+          doc = Document.new
+          features = doc.create_element('stream:features') do |el|
+            el << doc.create_element('starttls') do |tls|
+              tls.default_namespace = NAMESPACES[:tls]
+              tls << doc.create_element('required')
+            end
+          end
+          stream.write(features)
+          advance
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/client/tls.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Client
+      class TLS < State
+        NS = NAMESPACES[:tls]
+        PROCEED  = %Q{<proceed xmlns="#{NS}"/>}.freeze
+        FAILURE  = %Q{<failure xmlns="#{NS}"/>}.freeze
+        STARTTLS = 'starttls'.freeze
+        def initialize(stream, success=AuthRestart)
+          super
+        end
+        def node(node)
+          raise StreamErrors::NotAuthorized unless starttls?(node)
+          if stream.encrypt?
+            stream.write(PROCEED)
+            stream.encrypt
+            advance
+          else
+            stream.write(FAILURE)
+            stream.write('</stream:stream>')
+            stream.close_connection_after_writing
+          end
+        end
+        private
+        def starttls?(node)
+          node.name == STARTTLS && namespace(node) == NS
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/component.rb ADDED Viewed

@@ -0,0 +1,53 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    # Implements the XMPP protocol for trusted, external component (XEP-0114)
+    # streams. This serves connected streams using the jabber:component:accept
+    # namespace.
+    class Component < Stream
+      attr_reader :config, :remote_domain
+      def initialize(config)
+        @config = config
+        @remote_domain = nil
+        @stream_id = Kit.uuid
+        @state = Start.new(self)
+      end
+      def max_stanza_size
+        @config[:component].max_stanza_size
+      end
+      def ready?
+        @state.class == Component::Ready
+      end
+      def start(node)
+        @remote_domain = node['to']
+        send_stream_header
+        raise StreamErrors::HostUnknown unless @config[:component].password(@remote_domain)
+        raise StreamErrors::InvalidNamespace unless node.namespaces['xmlns'] == NAMESPACES[:component]
+        raise StreamErrors::InvalidNamespace unless node.namespaces['xmlns:stream'] == NAMESPACES[:stream]
+      end
+      def secret
+        password = @config[:component].password(@remote_domain)
+        Digest::SHA1.hexdigest(@stream_id + password)
+      end
+      private
+      def send_stream_header
+        attrs = {
+          'xmlns' => NAMESPACES[:component],
+          'xmlns:stream' => NAMESPACES[:stream],
+          'id' => @stream_id,
+          'from' => @remote_domain
+        }
+        write "<stream:stream %s>" % attrs.to_a.map{|k,v| "#{k}='#{v}'"}.join(' ')
+      end
+    end
+  end
+end

data/lib/vines/stream/component/handshake.rb ADDED Viewed

@@ -0,0 +1,25 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Component
+      class Handshake < State
+        def initialize(stream, success=Ready)
+          super
+        end
+        def node(node)
+          raise StreamErrors::NotAuthorized unless handshake?(node)
+          stream.write('<handshake/>')
+          advance
+        end
+        private
+        def handshake?(node)
+          node.name == 'handshake' && node.text == stream.secret
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/component/ready.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Component
+      class Ready < State
+        def node(node)
+          stanza = to_stanza(node)
+          raise StreamErrors::UnsupportedStanzaType unless stanza
+          to = (node['to'] || '').strip
+          from = JID.new(node['from'] || '')
+          raise StreamErrors::ImproperAddressing if to.empty? || from.domain != stream.remote_domain
+          if stanza.local?
+            stream.router.connected_resources(to).each do |recipient|
+              recipient.write(node)
+            end
+          else
+            stanza.route
+          end
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/component/start.rb ADDED Viewed

@@ -0,0 +1,19 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Component
+      class Start < State
+        def initialize(stream, success=Handshake)
+          super
+        end
+        def node(node)
+          raise StreamErrors::NotAuthorized unless stream?(node)
+          stream.start(node)
+          advance
+        end
+      end
+    end
+  end
+end

data/lib/vines/stream/http.rb ADDED Viewed

@@ -0,0 +1,111 @@
+# encoding: UTF-8
+module Vines
+  class Stream
+    class Http < Client
+      include Thin
+      include Vines::Log
+      attr_accessor :last_broadcast_presence, :last_activity
+      def initialize(config)
+        @config = config
+        @domain = nil
+        @requested_roster = false
+        @available = false
+        @unbound = false
+        @last_broadcast_presence = nil
+        @request = Thin::Request.new
+        @@http_states ||= HttpStates.new
+        @state = Auth.new(self)
+      end
+      def user
+        @http_state.user
+      end
+      def user=(user)
+        @http_state.user = user
+      end
+      def receive_data(data)
+        #TODO: make sure we add max stanza size enforcement
+        if @request.parse(data)
+          process_http_request(@request)
+          @request = Thin::Request.new
+        end
+      rescue InvalidRequest => e
+        error(StreamErrors::NotWellFormed.new)
+      end
+      def write(data)
+        @http_state.write(data)
+      end
+      def setup_new_client(rid, domain)
+        sid = Kit.uuid
+        log.info("Setting up a new client SID: #{sid} for RID: #{rid}.")
+        @http_state = HttpState.new(self, sid, rid, domain)
+        @@http_states[sid] = @http_state
+      end
+      def unbind
+        #router.delete(@http_state)
+        log.info("HTTP Stream disconnected:\tfrom=#{@remote_addr}\tto=#{@local_addr}")
+        log.info("Streams connected: #{router.size}")
+      end
+      def process_http_request(request)
+        if request.body.string.empty?
+          #Respond to proxy servers' status pings
+          log.info("A status request has been received.")
+          send_data("Online")
+          close_connection_after_writing
+          return
+        end
+        body = Nokogiri::XML(request.body.string).root
+        body.namespace = nil
+        #TODO: Confirm this is a valid body stanza.
+        # If it isn't a body, return proxy ping result
+        if body['sid']
+          @http_state = @@http_states[body['sid']]
+          unless @http_state
+            log.info("Client was not found #{body['sid']}")
+            send_bosh_error
+            return
+          end
+          @domain = @http_state.domain
+          @user = @http_state.user
+          @http_state.request(body['rid'])
+          if body['restart']
+            @http_state.handle_restart
+            router << @http_state
+            @state = Bind.new(self)
+          end
+          body.elements.each do |node|
+            @nodes.push(Nokogiri::XML(node.to_s.sub(' xmlns="jabber:client"', '')).root)
+          end
+        else
+          self.setup_new_client(body['rid'], body['to'])
+        end
+      end
+      def send_bosh_error
+        body = "<body type='terminate' condition='remote-connection-failed' xmlns='http://jabber.org/protocol/httpbind'/>"
+        header = [
+          "HTTP/1.1 404 OK",
+          "Content-Type: text/xml; charset=utf-8",
+          "Content-Length: #{body.bytesize}"
+        ].join("\r\n")
+        send_data([header, body].join("\r\n\r\n"))
+      end
+      def domain
+        @http_state.domain
+      end
+    end
+  end
+end