webricknio 0.6.0

data/lib/webricknio/accesslog.rb

@@ -0,0 +1,157 @@
+#--
+# accesslog.rb -- Access log handling utilities
+#
+# Author: IPR -- Internet Programming with Ruby -- writers
+# Copyright (c) 2002 keita yamaguchi
+# Copyright (c) 2002 Internet Programming with Ruby writers
+# Copyright (c) 2012 Pradeep Singh
+#
+# $IPR: accesslog.rb,v 1.1 2002/10/01 17:16:32 gotoyuzo Exp $
+
+module WEBrickNIO
+
+  ##
+  # AccessLog provides logging to various files in various formats.
+  #
+  # Multiple logs may be written to at the same time:
+  #
+  #   access_log = [
+  #     [$stderr, WEBrick::AccessLog::COMMON_LOG_FORMAT],
+  #     [$stderr, WEBrick::AccessLog::REFERER_LOG_FORMAT],
+  #   ]
+  #
+  #   server = WEBrick::HTTPServer.new :AccessLog => access_log
+  #
+  # Custom log formats may be defined.  WEBrick::AccessLog provides a subset
+  # of the formatting from Apache's mod_log_config
+  # http://httpd.apache.org/docs/mod/mod_log_config.html#formats.  See
+  # AccessLog::setup_params for a list of supported options
+  #
+  # 99% copy of WEBrick::AccessLog to avoid polluting its namespace
+  # 1% change is in method <code>setup_params</code>
+
+  module AccessLog
+
+    ##
+    # Raised if a parameter such as %e, %i, %o or %n is used without fetching
+    # a specific field.
+
+    class AccessLogError < StandardError; end
+
+    ##
+    # The Common Log Format's time format
+
+    CLF_TIME_FORMAT     = "[%d/%b/%Y:%H:%M:%S %Z]"
+
+    ##
+    # Common Log Format
+
+    COMMON_LOG_FORMAT   = "%h %l %u %t \"%r\" %s %b"
+
+    ##
+    # Short alias for Common Log Format
+
+    CLF                 = COMMON_LOG_FORMAT
+
+    ##
+    # Referer Log Format
+
+    REFERER_LOG_FORMAT  = "%{Referer}i -> %U"
+
+    ##
+    # User-Agent Log Format
+
+    AGENT_LOG_FORMAT    = "%{User-Agent}i"
+
+    ##
+    # Combined Log Format
+
+    COMBINED_LOG_FORMAT = "#{CLF} \"%{Referer}i\" \"%{User-agent}i\""
+
+    module_function
+
+    # This format specification is a subset of mod_log_config of Apache:
+    #
+    # %a:: Remote IP address
+    # %b:: Total response size
+    # %e{variable}:: Given variable in ENV
+    # %f:: Response filename
+    # %h:: Remote host name
+    # %{header}i:: Given request header
+    # %l:: Remote logname, always "-"
+    # %m:: Request method
+    # %{attr}n:: Given request attribute from <tt>req.attributes</tt>
+    # %{header}o:: Given response header
+    # %p:: Server's request port
+    # %{format}p:: The canonical port of the server serving the request or the
+    #              actual port or the client's actual port.  Valid formats are
+    #              canonical, local or remote.
+    # %q:: Request query string
+    # %r:: First line of the request
+    # %s:: Request status
+    # %t:: Time the request was recieved
+    # %T:: Time taken to process the request
+    # %u:: Remote user from auth
+    # %U:: Unparsed URI
+    # %%:: Literal %
+
+    def setup_params(config, req, res)
+      params = Hash.new("")
+      #params["a"] = req.peeraddr[3]
+      params["a"] = req.peeraddr.get_address.get_host_address
+      params["b"] = res.sent_size
+      params["e"] = ENV
+      params["f"] = res.filename || ""
+      #params["h"] = req.peeraddr[2]
+      params["h"] = req.peeraddr.get_host_name
+      params["i"] = req
+      params["l"] = "-"
+      params["m"] = req.request_method
+      params["n"] = req.attributes
+      params["o"] = res
+      params["p"] = req.port
+      params["q"] = req.query_string
+      params["r"] = req.request_line.sub(/\x0d?\x0a\z/o, '')
+      params["s"] = res.status       # won't support "%>s"
+      params["t"] = req.request_time
+      params["T"] = Time.now - req.request_time
+      params["u"] = req.user || "-"
+      params["U"] = req.unparsed_uri
+      params["v"] = config[:ServerName]
+      params
+    end
+
+    def format(format_string, params)
+      format_string.gsub(/\%(?:\{(.*?)\})?>?([a-zA-Z%])/){
+        param, spec = $1, $2
+        case spec[0]
+          when ?e, ?i, ?n, ?o
+            raise AccessLogError,
+                  "parameter is required for \"#{spec}\"" unless param
+            (param = params[spec][param]) ? escape(param) : "-"
+          when ?t
+            params[spec].strftime(param || CLF_TIME_FORMAT)
+          when ?p
+            case param
+              when 'remote'
+                escape(params["i"].peeraddr[1].to_s)
+              else
+                escape(params["p"].to_s)
+            end
+          when ?%
+            "%"
+          else
+            escape(params[spec].to_s)
+        end
+      }
+    end
+
+    def escape(data)
+      if data.tainted?
+        data.gsub(/[[:cntrl:]\\]+/) {$&.dump[1...-1]}.untaint
+      else
+        data
+      end
+    end
+  end
+end

data/lib/webricknio/block.rb

@@ -0,0 +1,271 @@
+#--
+# block.rb
+#
+# Author: Pradeep Singh
+# Copyright (c) 2012 Pradeep Singh
+# All rights reserved.
+
+require 'java'
+
+require 'yaml'
+
+module WEBrickNIO
+
+  class BaseBlock
+    def initialize(options = {})
+      @logger = options["logger"] || FakeLogger.new
+    end
+    def valid?(ip)
+      raise "valid? Not implemented"
+    end
+    def add_ip(ip)
+      raise "add_ip Not implemented"
+    end
+    def block_ip?(ip)
+      raise "block_ip? Not implemented"
+    end
+    def self.inherited(subclass)
+      subclass.instance_eval {
+        alias old_new new
+        def new
+          alias_method :matches?, :block_ip?
+          old_new
+        end
+      }
+    end
+  end
+
+  #
+  # Wrapper that chains other blockers
+  #
+
+  class ChainedBlock < BaseBlock
+
+    def initialize(options = {})
+      begin
+        load
+      rescue Exception => ex
+        puts ex
+        create_default_chain
+      end
+
+      super
+
+#      at_exit do
+#        file = File.new(File.expand_path('block.yaml', File.dirname(__FILE__)), "w")
+#        dump = YAML::dump(@chain)
+#        file.write(dump)
+#        file.close
+#      end
+    end
+
+    def load
+      file = File.new(File.expand_path('block.yaml', File.dirname(__FILE__)), "r")
+      @chain = YAML::load(file)
+      ensure_default_chain @chain
+      puts @chain
+    end
+
+    def reload
+      load
+    end
+
+    def add_ip(ip)
+      @chain.each do |blocker|
+        if blocker.valid? ip
+          blocker.add_ip ip
+          return true
+        end
+      end
+      return false
+    end
+
+    def block_ip?(ip)
+      @chain.each do |blocker|
+        if blocker.block_ip?(ip)
+          return true
+        end
+      end
+      return false
+    end
+
+    private
+
+    def create_default_chain
+      @chain = []
+      add_chain_elements @chain
+    end
+
+    def add_chain_elements(arr)
+      arr << PrefixBlock.new
+      arr << ListBlock.new
+      arr
+    end
+
+    def ensure_default_chain(chain)
+      if chain.nil? || !chain.is_a?(Array)
+        create_default_chain
+      elsif chain.length == 0
+        add_chain_elements chain
+      elsif chain.length == 1
+        if chain[0].class.name == "WEBrickNIO::PrefixBlock"
+          chain << ListBlock.new
+        elsif chain[0].class.name == "WEBrickNIO::ListBlock"
+          chain << PrefixBlock.new
+        end
+      end
+    end
+
+  end
+
+
+  #
+  # Blocks IPs with given prefix
+  #
+
+  class PrefixBlock < BaseBlock
+
+    def initialize(options = {})
+      @block_list = options["block_list"] || []
+      super
+    end
+
+    def self.from_array(arr)
+      blocker = self.new
+      block_list = []
+      arr.each do |item|
+        blocker.add_ip item.to_s
+      end unless arr.nil?
+      blocker
+    end
+
+    def block_ip?(ip)
+      @block_list.each do |item|
+        if ip.start_with? item
+          @logger.info "ip matches: PrefixBlock - #{ip}"
+          return true
+        end
+      end
+      return false
+    end
+
+    def valid?(ip)
+      ip.split(".").size <= 3
+    end
+
+    def add_ip(ip)
+      return false if ip.nil? || ip.strip.length == 0
+      if valid?(ip) && !@block_list.include?(ip)
+        @block_list << ip
+        true
+      else
+        false
+      end
+    end
+
+    def to_yaml( opts = {} )
+      YAML.quick_emit( nil, opts ) { |out|
+        out.map("!IPBlockerPrefixBlock,1234/PrefixBlock" ) { |map|
+          map.add("block_list", @block_list)
+        }
+      }
+    end
+
+    def to_s
+      "PrefixBlock<#{object_id}>:#{@block_list}"
+    end
+
+  end
+
+
+  #
+  # Blocks IPs that are exact match
+  #
+
+  class ListBlock < BaseBlock
+
+    def initialize(options = {})
+      @block_list = options["block_list"] || java.util.concurrent.ConcurrentSkipListSet.new
+      super
+    end
+
+    def self.from_array(arr)
+      blocker = self.new
+      arr.each do |item|
+        blocker.add_ip item.to_s
+      end unless arr.nil?
+      blocker
+    end
+
+    def block_ip?(ip)
+      if @block_list.include? ip
+        @logger.info "ip matches: ListBlock - #{ip}"
+        true
+      else
+        false
+      end
+    end
+
+    def valid?(ip)
+      ip.split(".").size > 3
+    end
+
+    def add_ip(ip)
+      return false if ip.nil? || ip.strip.length == 0
+      if valid? ip
+        @block_list.add ip
+        true
+      else
+        false
+      end
+    end
+
+    def to_yaml( opts = {} )
+      YAML.quick_emit( nil, opts ) { |out|
+        out.map("!IPBlockerListBlock,1234/ListBlock" ) { |map|
+          map.add("block_list", @block_list.to_a)
+        }
+      }
+    end
+
+    def to_s
+      "ListBlock<#{object_id}>:#{@block_list.to_a}"
+    end
+
+  end
+
+
+
+  YAML::add_domain_type("IPBlockerListBlock,1234", "ListBlock") do |type, val|
+    ListBlock.from_array(val["block_list"])
+  end
+
+  YAML::add_domain_type("IPBlockerPrefixBlock,1234", "PrefixBlock") do |type, val|
+    PrefixBlock.from_array(val["block_list"])
+  end
+
+
+
+  class FakeLogger
+    def method_missing(method, *args, &block)
+      puts args
+    end
+  end
+
+end
+
+#chain = WEBrickNIO::ChainedBlock.new
+
+#ip ="180.76"
+#chain.add(ip)
+
+#ip ="92.240.68.152"
+#chain.add(ip)
+#ip ="180.76"
+#chain.block_ip? ip
+
+#ip ="92.240.68.152"
+#chain.matches? ip
+
+
+

data/lib/webricknio/block.yaml

@@ -0,0 +1,7 @@
+---
+- !IPBlockerPrefixBlock,1234/PrefixBlock
+  block_list:
+  - '999.0'
+- !IPBlockerListBlock,1234/ListBlock
+  block_list:
+  - 999.0.0.1

data/lib/webricknio/config.rb

@@ -0,0 +1,125 @@
+#
+# config.rb -- Default configurations.
+#
+# Author: IPR -- Internet Programming with Ruby -- writers
+# Copyright (c) 2000, 2001 TAKAHASHI Masayoshi, GOTOU Yuuzou
+# Copyright (c) 2003 Internet Programming with Ruby writers. All rights
+# reserved.
+#
+# $IPR: config.rb,v 1.52 2003/07/22 19:20:42 gotoyuzo Exp $
+
+require 'webricknio/version'
+require 'webrick/httpversion'
+require 'webrick/httputils'
+require 'webrick/utils'
+require 'webrick/log'
+require 'webricknio/log'
+
+module WEBrickNIO
+  module Config
+    LIBDIR = File::dirname(__FILE__)
+
+    # for GenericServer
+    General = {
+      :ServerName     => ::WEBrick::Utils::getservername,
+      :BindAddress    => nil,   # "0.0.0.0" or "::" or nil
+      :Port           => nil,   # users MUST specify this!!
+      :ServerType     => nil,   # default: WEBrick::SimpleServer
+      :Logger         => nil,   # default: WEBrick::Log.new
+      #:ServerSoftware => "WEBrickNIO/#{WEBrickNIO::VERSION} " +
+      #                   "(Ruby/#{RUBY_VERSION}/#{RUBY_RELEASE_DATE})",
+      :ServerSoftware => "pks/#{WEBrickNIO::VERSION} ",
+      :TempDir        => ENV['TMPDIR']||ENV['TMP']||ENV['TEMP']||'/tmp',
+      :DoNotListen    => false,
+      :StartCallback  => nil,
+      :StopCallback   => nil,
+      :AcceptCallback => nil,
+      :DoNotReverseLookup => nil,
+      :ShutdownSocketWithoutClose => false,
+    }
+
+    # for HTTPServer, HTTPRequest, HTTPResponse ...
+    HTTP = General.dup.update(
+      :Port           => 80,
+      :RequestTimeout => 5,
+      :NumThreads     => 20,
+      :HTTPVersion    => ::WEBrick::HTTPVersion.new("1.1"),
+      :AccessLog      => nil,
+      :LogLocation    => nil, #"log/webrick.log"
+      :LogLevel       => ::WEBrick::Log::DEBUG,
+      :MimeTypes      => ::WEBrick::HTTPUtils::DefaultMimeTypes,
+      :DirectoryIndex => ["index.html","index.htm","index.cgi","index.rhtml"],
+      :DocumentRoot   => nil,
+      :DocumentRootOptions => { :FancyIndexing => true },
+      :RequestCallback => nil,
+      :ServerAlias    => nil,
+      :InputBufferSize  => 65536, # input buffer size in reading request body
+      :OutputBufferSize => 65536, # output buffer size in sending File or IO
+
+      # for HTTPProxyServer
+      :ProxyAuthProc  => nil,
+      :ProxyContentHandler => nil,
+      :ProxyVia       => true,
+      :ProxyTimeout   => true,
+      :ProxyURI       => nil,
+
+      :CGIInterpreter => nil,
+      :CGIPathEnv     => nil,
+
+      # workaround: if Request-URIs contain 8bit chars,
+      # they should be escaped before calling of URI::parse().
+      :Escape8bitURI  => false
+    )
+
+    FileHandler = {
+      :NondisclosureName => [".ht*", "*~"],
+      :FancyIndexing     => false,
+      :HandlerTable      => {},
+      :HandlerCallback   => nil,
+      :DirectoryCallback => nil,
+      :FileCallback      => nil,
+      :UserDir           => nil,  # e.g. "public_html"
+      :AcceptableLanguages => []  # ["en", "ja", ... ]
+    }
+
+    BasicAuth = {
+      :AutoReloadUserDB     => true,
+    }
+
+    ##
+    # Default configuration for WEBrick::HTTPAuth::DigestAuth.
+    #
+    # :Algorithm:: MD5, MD5-sess (default), SHA1, SHA1-sess
+    # :Domain:: An Array of URIs that define the protected space
+    # :Qop:: 'auth' for authentication, 'auth-int' for integrity protection or
+    #        both
+    # :UseOpaque:: Should the server send opaque values to the client?  This
+    #              helps prevent replay attacks.
+    # :CheckNc:: Should the server check the nonce count?  This helps the
+    #            server detect replay attacks.
+    # :UseAuthenticationInfoHeader:: Should the server send an
+    #                                AuthenticationInfo header?
+    # :AutoReloadUserDB:: Reload the user database provided by :UserDB
+    #                     automatically?
+    # :NonceExpirePeriod:: How long should we store used nonces?  Default is
+    #                      30 minutes.
+    # :NonceExpireDelta:: How long is a nonce valid?  Default is 1 minute
+    # :InternetExplorerHack:: Hack which allows Internet Explorer to work.
+    # :OperaHack:: Hack which allows Opera to work.
+
+    DigestAuth = {
+      :Algorithm            => 'MD5-sess', # or 'MD5'
+      :Domain               => nil,        # an array includes domain names.
+      :Qop                  => [ 'auth' ], # 'auth' or 'auth-int' or both.
+      :UseOpaque            => true,
+      :UseNextNonce         => false,
+      :CheckNc              => false,
+      :UseAuthenticationInfoHeader => true,
+      :AutoReloadUserDB     => true,
+      :NonceExpirePeriod    => 30*60,
+      :NonceExpireDelta     => 60,
+      :InternetExplorerHack => true,
+      :OperaHack            => true,
+    }
+  end
+end