websocket-driver 0.6.2-java → 0.6.3-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/ext/websocket-driver/websocket_mask.c +1 -1
  4. data/lib/websocket/driver.rb +1 -0
  5. data/lib/websocket/driver/client.rb +7 -1
  6. data/lib/websocket/driver/draft76.rb +20 -8
  7. data/lib/websocket/driver/server.rb +1 -0
  8. data/lib/websocket_mask.jar +0 -0
  9. metadata +16 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c901112b6c0a993b2d8ef9aefb403a35f48ece9a
4
- data.tar.gz: 4a2060e078501b09e32e25ce468572cc8510573d
3
+ metadata.gz: 7a9a3b19bd45673c1f7802c01d1108331f2c49bf
4
+ data.tar.gz: 5db37f196e48222a6544aa8313b86c276a8d7df6
5
5
  SHA512:
6
- metadata.gz: ec00c1ae96b5c0e6ffdcb3511a142e53426bbdbee00c91ce1832b77259026bf029d62cbcdbf735e2b3b955bdaefc6b0ae4bf2144438bb004ba3322ac159216a1
7
- data.tar.gz: b56f747f1de4c2876e6929a23fcea02621cb5e24679442f0623d7a0ae414da4dcc2b491ecc58c10dd955be88e77b3599649594534e144357a317c6fdea8f34da
6
+ metadata.gz: af8a11bc2a93a6863d888ae590c2114fa85851bc3fe1cd2a7449cafdb1a8c4207bf45f3879df92d08c84a2b6fc8e11705ae59bf7b4c93d717755577a1c51b052
7
+ data.tar.gz: 42bbe9765306e54553d9dc717def5f0308e04910b49fcaafa696c82a599d0b4a2edbb2bdf16cd3667f8c53935aa4f927f76a4d0fe926052b6b3f96eb83edd025
data/CHANGELOG.md CHANGED
@@ -1,3 +1,8 @@
1
+ ### 0.6.3 / 2015-11-06
2
+
3
+ * Reject draft-76 handshakes if their Sec-WebSocket-Key headers are invalid
4
+ * Throw a more helpful error if a client is created with an invalid URL
5
+
1
6
  ### 0.6.2 / 2015-07-18
2
7
 
3
8
  * When the peer sends a close frame with no error code, emit 1000
data/ext/websocket-driver/websocket_mask.c CHANGED
@@ -20,7 +20,7 @@ method_websocket_mask(VALUE self,
20
20
  VALUE mask)
21
21
  {
22
22
  char *payload_s, *mask_s, *unmasked_s;
23
- int i, n;
23
+ long i, n;
24
24
  VALUE unmasked;
25
25
 
26
26
  if (mask == Qnil || RSTRING_LEN(mask) != 4) {
data/lib/websocket/driver.rb CHANGED
@@ -46,6 +46,7 @@ module WebSocket
46
46
  CloseEvent = Struct.new(:code, :reason)
47
47
 
48
48
  ProtocolError = Class.new(StandardError)
49
+ URIError = Class.new(ArgumentError)
49
50
  ConfigurationError = Class.new(ArgumentError)
50
51
 
51
52
  autoload :Client, root + '/client'
data/lib/websocket/driver/client.rb CHANGED
@@ -2,6 +2,8 @@ module WebSocket
2
2
  class Driver
3
3
 
4
4
  class Client < Hybi
5
+ VALID_SCHEMES = %w[ws wss]
6
+
5
7
  def self.generate_key
6
8
  Base64.strict_encode64(SecureRandom.random_bytes(16))
7
9
  end
@@ -16,7 +18,11 @@ module WebSocket
16
18
  @accept = Hybi.generate_accept(@key)
17
19
  @http = HTTP::Response.new
18
20
 
19
- uri = URI.parse(@socket.url)
21
+ uri = URI.parse(@socket.url)
22
+ unless VALID_SCHEMES.include?(uri.scheme)
23
+ raise URIError, "#{socket.url} is not a valid WebSocket URL"
24
+ end
25
+
20
26
  host = uri.host + (uri.port ? ":#{uri.port}" : '')
21
27
  path = (uri.path == '') ? '/' : uri.path
22
28
  @pathname = path + (uri.query ? '?' + uri.query : '')
data/lib/websocket/driver/draft76.rb CHANGED
@@ -38,6 +38,24 @@ module WebSocket
38
38
  private
39
39
 
40
40
  def handshake_response
41
+ env = @socket.env
42
+
43
+ key1 = env['HTTP_SEC_WEBSOCKET_KEY1']
44
+ number1 = number_from_key(key1)
45
+ spaces1 = spaces_in_key(key1)
46
+
47
+ key2 = env['HTTP_SEC_WEBSOCKET_KEY2']
48
+ number2 = number_from_key(key2)
49
+ spaces2 = spaces_in_key(key2)
50
+
51
+ if number1 % spaces1 != 0 or number2 % spaces2 != 0
52
+ emit(:error, ProtocolError.new('Client sent invalid Sec-WebSocket-Key headers'))
53
+ close
54
+ return nil
55
+ end
56
+
57
+ @key_values = [number1 / spaces1, number2 / spaces2]
58
+
41
59
  start = 'HTTP/1.1 101 WebSocket Protocol Handshake'
42
60
  headers = [start, @headers.to_s, '']
43
61
  headers.join("\r\n")
@@ -46,14 +64,8 @@ module WebSocket
46
64
  def handshake_signature
47
65
  return nil unless @body.bytesize >= BODY_SIZE
48
66
 
49
- head = @body[0...BODY_SIZE]
50
- env = @socket.env
51
- key1 = env['HTTP_SEC_WEBSOCKET_KEY1']
52
- value1 = number_from_key(key1) / spaces_in_key(key1)
53
- key2 = env['HTTP_SEC_WEBSOCKET_KEY2']
54
- value2 = number_from_key(key2) / spaces_in_key(key2)
55
-
56
- Digest::MD5.digest([value1, value2, head].pack('N2A*'))
67
+ head = @body[0...BODY_SIZE]
68
+ Digest::MD5.digest((@key_values + [head]).pack('N2A*'))
57
69
  end
58
70
 
59
71
  def send_handshake_body
data/lib/websocket/driver/server.rb CHANGED
@@ -7,6 +7,7 @@ module WebSocket
7
7
  def initialize(socket, options = {})
8
8
  super
9
9
  @http = HTTP::Request.new
10
+ @delegate = nil
10
11
  end
11
12
 
12
13
  def env
data/lib/websocket_mask.jar CHANGED
Binary file
metadata CHANGED
@@ -1,25 +1,25 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: websocket-driver
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.2
4
+ version: 0.6.3
5
5
  platform: java
6
6
  authors:
7
7
  - James Coglan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-07-18 00:00:00.000000000 Z
11
+ date: 2015-11-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: websocket-extensions
15
15
  version_requirements: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '>='
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
19
  version: 0.1.0
20
20
  requirement: !ruby/object:Gem::Requirement
21
21
  requirements:
22
- - - '>='
22
+ - - ">="
23
23
  - !ruby/object:Gem::Version
24
24
  version: 0.1.0
25
25
  prerelease: false
@@ -28,12 +28,12 @@ dependencies:
28
28
  name: eventmachine
29
29
  version_requirements: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '>='
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
34
  requirement: !ruby/object:Gem::Requirement
35
35
  requirements:
36
- - - '>='
36
+ - - ">="
37
37
  - !ruby/object:Gem::Version
38
38
  version: '0'
39
39
  prerelease: false
@@ -42,12 +42,12 @@ dependencies:
42
42
  name: permessage_deflate
43
43
  version_requirements: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - '>='
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
47
  version: '0'
48
48
  requirement: !ruby/object:Gem::Requirement
49
49
  requirements:
50
- - - '>='
50
+ - - ">="
51
51
  - !ruby/object:Gem::Version
52
52
  version: '0'
53
53
  prerelease: false
@@ -56,12 +56,12 @@ dependencies:
56
56
  name: rake-compiler
57
57
  version_requirements: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - ~>
59
+ - - "~>"
60
60
  - !ruby/object:Gem::Version
61
61
  version: 0.8.0
62
62
  requirement: !ruby/object:Gem::Requirement
63
63
  requirements:
64
- - - ~>
64
+ - - "~>"
65
65
  - !ruby/object:Gem::Version
66
66
  version: 0.8.0
67
67
  prerelease: false
@@ -70,12 +70,12 @@ dependencies:
70
70
  name: rspec
71
71
  version_requirements: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - '>='
73
+ - - ">="
74
74
  - !ruby/object:Gem::Version
75
75
  version: '0'
76
76
  requirement: !ruby/object:Gem::Requirement
77
77
  requirements:
78
- - - '>='
78
+ - - ">="
79
79
  - !ruby/object:Gem::Version
80
80
  version: '0'
81
81
  prerelease: false
@@ -118,20 +118,20 @@ licenses:
118
118
  metadata: {}
119
119
  post_install_message:
120
120
  rdoc_options:
121
- - --main
121
+ - "--main"
122
122
  - README.md
123
- - --markup
123
+ - "--markup"
124
124
  - markdown
125
125
  require_paths:
126
126
  - lib
127
127
  required_ruby_version: !ruby/object:Gem::Requirement
128
128
  requirements:
129
- - - '>='
129
+ - - ">="
130
130
  - !ruby/object:Gem::Version
131
131
  version: '0'
132
132
  required_rubygems_version: !ruby/object:Gem::Requirement
133
133
  requirements:
134
- - - '>='
134
+ - - ">="
135
135
  - !ruby/object:Gem::Version
136
136
  version: '0'
137
137
  requirements: []