diff options
Diffstat (limited to 'lib/nickserver')
-rw-r--r-- | lib/nickserver/adapters/celluloid_http.rb | 25 | ||||
-rw-r--r-- | lib/nickserver/adapters/em_http.rb | 24 | ||||
-rw-r--r-- | lib/nickserver/couch_db/source.rb | 5 | ||||
-rw-r--r-- | lib/nickserver/em_server.rb | 51 | ||||
-rw-r--r-- | lib/nickserver/email_address.rb | 64 | ||||
-rw-r--r-- | lib/nickserver/hkp/client.rb | 7 | ||||
-rw-r--r-- | lib/nickserver/hkp/parse_key_info.rb | 10 | ||||
-rw-r--r-- | lib/nickserver/hkp/source.rb | 36 | ||||
-rw-r--r-- | lib/nickserver/nickname.rb | 51 | ||||
-rw-r--r-- | lib/nickserver/reel_server.rb | 47 | ||||
-rw-r--r-- | lib/nickserver/request_handler.rb | 66 | ||||
-rw-r--r-- | lib/nickserver/server.rb | 10 |
12 files changed, 177 insertions, 219 deletions
diff --git a/lib/nickserver/adapters/celluloid_http.rb b/lib/nickserver/adapters/celluloid_http.rb new file mode 100644 index 0000000..d326b8a --- /dev/null +++ b/lib/nickserver/adapters/celluloid_http.rb @@ -0,0 +1,25 @@ +require 'nickserver/adapters' +silence_warnings do + require 'celluloid/io' +end +require 'http' + +module Nickserver::Adapters + class CelluloidHttp + include Celluloid::IO + + def get(url, options = {}) + response = HTTP.get url, + params: options[:query], + ssl_context: ctx, + ssl_socket_class: Celluloid::IO::SSLSocket + return response.code, response.to_s + end + + def ctx + OpenSSL::SSL::SSLContext.new.tap do |ctx| + ctx.ca_file = Nickserver::Config.hkp_ca_file + end + end + end +end diff --git a/lib/nickserver/adapters/em_http.rb b/lib/nickserver/adapters/em_http.rb deleted file mode 100644 index 16db5ae..0000000 --- a/lib/nickserver/adapters/em_http.rb +++ /dev/null @@ -1,24 +0,0 @@ -require 'nickserver/adapters' -require 'em-http' - -module Nickserver::Adapters - class EmHttp - - def initialize - @timeout = 5 - end - - def get(url, options = {}) - get_request(url, options).callback {|http| - yield http.response_header.status, http.response - }.errback {|http| - yield 0, http.error - } - end - - def get_request(url, options = {}) - @request = EventMachine::HttpRequest.new(url) - @request.get timeout: @timeout, query: options[:query] - end - end -end diff --git a/lib/nickserver/couch_db/source.rb b/lib/nickserver/couch_db/source.rb index b30fdfc..7c3ad95 100644 --- a/lib/nickserver/couch_db/source.rb +++ b/lib/nickserver/couch_db/source.rb @@ -11,9 +11,8 @@ module Nickserver::CouchDB VIEW = '/_design/Identity/_view/pgp_key_by_email' def query(nick) - adapter.get url, query: query_for(nick) do |status, body| - yield Response.new(nick, status: status, body: body) - end + status, body = adapter.get url, query: query_for(nick) + Response.new(nick, status: status, body: body) end protected diff --git a/lib/nickserver/em_server.rb b/lib/nickserver/em_server.rb deleted file mode 100644 index bcec4cd..0000000 --- a/lib/nickserver/em_server.rb +++ /dev/null @@ -1,51 +0,0 @@ -require 'eventmachine' -silence_warnings do - require 'evma_httpserver' -end -require 'nickserver/request_handler' - -module Nickserver - class EmServer < EM::Connection - include EM::HttpServer - - def self.start(options = {}) - EventMachine.run do - EM.start_server options[:host], options[:port], self - end - end - - def post_init - super - no_environment_strings - end - - def process_http_request - handler.respond_to params, @http_headers - end - - def send_response(options = {}) - response = EM::DelegatedHttpResponse.new(self) - response.status = options[:status] - response.content_type options[:content_type] - response.content = options[:content] - silence_warnings do - response.send_response - end - end - - private - - def handler - @handler ||= RequestHandler.new(self, Nickserver::Adapters::EmHttp.new) - end - - def params - if @http_query_string - CGI.parse(@http_query_string) - elsif @http_post_content - CGI.parse(@http_post_content) - end - end - - end -end diff --git a/lib/nickserver/email_address.rb b/lib/nickserver/email_address.rb index 26053a2..2b3f2c2 100644 --- a/lib/nickserver/email_address.rb +++ b/lib/nickserver/email_address.rb @@ -1,25 +1,45 @@ -# -# This rather crazy regexp is from here: http://code.iamcal.com/php/rfc822/ -# Licensed GPLv3 -# -# It is too liberal, allowing "!@x" as a valid address, for example, but it does -# follow the specification rather closely. -# - module Nickserver - EmailAddress = begin - qtext = '[^\\x0d\\x22\\x5c\\x80-\\xff]' - dtext = '[^\\x0d\\x5b-\\x5d\\x80-\\xff]' - atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+' - quoted_pair = '\\x5c[\\x00-\\x7f]' - domain_literal = "\\x5b(?:#{dtext}|#{quoted_pair})*\\x5d" - quoted_string = "\\x22(?:#{qtext}|#{quoted_pair})*\\x22" - domain_ref = atom - sub_domain = "(?:#{domain_ref}|#{domain_literal})" - word = "(?:#{atom}|#{quoted_string})" - domain = "#{sub_domain}(?:\\x2e#{sub_domain})*" - local_part = "#{word}(?:\\x2e#{word})*" - addr_spec = "#{local_part}\\x40#{domain}" - /\A#{addr_spec}\z/n + class EmailAddress + + REGEXP = begin + qtext = '[^\\x0d\\x22\\x5c\\x80-\\xff]' + dtext = '[^\\x0d\\x5b-\\x5d\\x80-\\xff]' + atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+' + quoted_pair = '\\x5c[\\x00-\\x7f]' + domain_literal = "\\x5b(?:#{dtext}|#{quoted_pair})*\\x5d" + quoted_string = "\\x22(?:#{qtext}|#{quoted_pair})*\\x22" + domain_ref = atom + sub_domain = "(?:#{domain_ref}|#{domain_literal})" + word = "(?:#{atom}|#{quoted_string})" + domain = "#{sub_domain}(?:\\x2e#{sub_domain})*" + local_part = "#{word}(?:\\x2e#{word})*" + addr_spec = "#{local_part}\\x40#{domain}" + /\A#{addr_spec}\z/n + end + + def initialize(address) + @address = address.to_s + end + + def valid? + address =~ REGEXP + end + + def invalid? + !valid? + end + + def domain?(domain) + address.end_with? "@#{domain}" + end + + def to_s + address + end + + protected + + attr_reader :address + end end diff --git a/lib/nickserver/hkp/client.rb b/lib/nickserver/hkp/client.rb index 6bd239d..1fbe7a2 100644 --- a/lib/nickserver/hkp/client.rb +++ b/lib/nickserver/hkp/client.rb @@ -21,7 +21,7 @@ module Nickserver; module Hkp # used to fetch an array of KeyInfo objects that match the given email # def get_key_infos_by_email(email, &block) - get op: 'vindex', search: email, fingerprint: 'on', &block + get op: 'vindex', search: email.to_s, fingerprint: 'on' end # @@ -35,10 +35,11 @@ module Nickserver; module Hkp attr_reader :adapter - def get(query, &block) + def get(query) # in practice, exact=on seems to have no effect query = {exact: 'on', options: 'mr'}.merge query - adapter.get Config.hkp_url, query: query, &block + response = adapter.get Config.hkp_url, query: query + return response end end end; end diff --git a/lib/nickserver/hkp/parse_key_info.rb b/lib/nickserver/hkp/parse_key_info.rb index 9d59d6b..2f928a0 100644 --- a/lib/nickserver/hkp/parse_key_info.rb +++ b/lib/nickserver/hkp/parse_key_info.rb @@ -19,7 +19,8 @@ module Nickserver; module Hkp @vindex_result = vindex_result end - def status_for(uid) + def status_for(email) + uid = email.to_s if hkp_ok? && keys(uid).empty? error_status(uid) else @@ -27,7 +28,8 @@ module Nickserver; module Hkp end end - def response_for(uid) + def response_for(email) + uid = email.to_s if keys(uid).any? keys(uid) else @@ -35,6 +37,8 @@ module Nickserver; module Hkp end end + protected + def keys(uid) key_infos(uid).reject { |key| error_for_key(key) } end @@ -47,8 +51,6 @@ module Nickserver; module Hkp end end - protected - attr_reader :status attr_reader :vindex_result diff --git a/lib/nickserver/hkp/source.rb b/lib/nickserver/hkp/source.rb index 8b2a62b..0d79856 100644 --- a/lib/nickserver/hkp/source.rb +++ b/lib/nickserver/hkp/source.rb @@ -1,3 +1,4 @@ +require 'nickserver/source' require 'nickserver/response' require 'nickserver/hkp/response' require 'nickserver/hkp/client' @@ -13,22 +14,20 @@ require "nickserver/hkp/key_info" module Nickserver; module Hkp class Source < Nickserver::Source - def query(nick, &block) - search(nick) do |status, response| - if status == 200 - best = pick_best_key(response) - get_key_by_fingerprint(nick, best.keyid, &block) - else - yield Nickserver::Response.new(status, response) - end + def query(nick) + status, response = search(nick) + if status == 200 + best = pick_best_key(response) + get_key_by_fingerprint(nick, best.keyid) + else + Nickserver::Response.new(status, response) end end - def search(nick, &block) - client.get_key_infos_by_email(nick) do |status, response| - parser = ParseKeyInfo.new status, response - yield parser.status_for(nick), parser.response_for(nick) - end + def search(nick) + status, response = client.get_key_infos_by_email(nick) + parser = ParseKeyInfo.new status, response + return parser.status_for(nick), parser.response_for(nick) end protected @@ -44,12 +43,11 @@ module Nickserver; module Hkp end def get_key_by_fingerprint(nick, fingerprint) - client.get_key_by_fingerprint fingerprint do |status, response| - if status == 200 - yield Response.new nick, response - else - yield Nickserver::Response.new status, "HKP Request failed" - end + status, response = client.get_key_by_fingerprint fingerprint + if status == 200 + Response.new nick, response + else + Nickserver::Response.new status, "HKP Request failed" end end diff --git a/lib/nickserver/nickname.rb b/lib/nickserver/nickname.rb deleted file mode 100644 index 938d4a4..0000000 --- a/lib/nickserver/nickname.rb +++ /dev/null @@ -1,51 +0,0 @@ -module Nickserver - class Nickname - - EmailAddress = begin - qtext = '[^\\x0d\\x22\\x5c\\x80-\\xff]' - dtext = '[^\\x0d\\x5b-\\x5d\\x80-\\xff]' - atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+' - quoted_pair = '\\x5c[\\x00-\\x7f]' - domain_literal = "\\x5b(?:#{dtext}|#{quoted_pair})*\\x5d" - quoted_string = "\\x22(?:#{qtext}|#{quoted_pair})*\\x22" - domain_ref = atom - sub_domain = "(?:#{domain_ref}|#{domain_literal})" - word = "(?:#{atom}|#{quoted_string})" - domain = "#{sub_domain}(?:\\x2e#{sub_domain})*" - local_part = "#{word}(?:\\x2e#{word})*" - addr_spec = "#{local_part}\\x40#{domain}" - /\A#{addr_spec}\z/n - end - - LOCAL_DOMAIN = 'test.me' - - def initialize(address) - @address = address.to_s - end - - def valid? - address =~ EmailAddress - end - - def invalid? - !valid? - end - - def local? - address.end_with? LOCAL_DOMAIN - end - - def remote? - !local? - end - - def to_s - address - end - - protected - - attr_reader :address - - end -end diff --git a/lib/nickserver/reel_server.rb b/lib/nickserver/reel_server.rb new file mode 100644 index 0000000..6f05e0b --- /dev/null +++ b/lib/nickserver/reel_server.rb @@ -0,0 +1,47 @@ +silence_warnings do + require 'reel' +end +require 'nickserver/adapters/celluloid_http' +require 'nickserver/request_handler' + +module Nickserver + class ReelServer < Reel::Server::HTTP + + def self.start(options = {}) + new(options[:host], options[:port]) + end + + def initialize(host = "127.0.0.1", port = 3000) + super(host, port, &method(:on_connection)) + end + + def handle_connection(*args) + silence_warnings do + super + end + end + + def on_connection(connection) + connection.each_request do |request| + handler = handler_for(request) + handler.respond_to params(request), request.headers + end + end + + + protected + + def handler_for(request) + RequestHandler.new(request, Nickserver::Adapters::CelluloidHttp.new) + end + + def params(request) + if request.query_string + CGI.parse request.query_string + else + CGI.parse request.body.to_s + end + end + + end +end diff --git a/lib/nickserver/request_handler.rb b/lib/nickserver/request_handler.rb index 26b6ec1..608db83 100644 --- a/lib/nickserver/request_handler.rb +++ b/lib/nickserver/request_handler.rb @@ -1,3 +1,6 @@ +require 'nickserver/hkp/source' +require 'nickserver/couch_db/source' + module Nickserver class RequestHandler @@ -7,13 +10,13 @@ module Nickserver end def respond_to(params, headers) - uid = get_uid_from_params(params) - if uid.nil? + email = get_email_from_params(params) + if email.nil? send_not_found - elsif uid !~ EmailAddress + elsif email.invalid? send_error("Not a valid address") else - send_key(uid, headers) + send_key(email, headers) end rescue RuntimeError => exc puts "Error: #{exc}" @@ -23,23 +26,22 @@ module Nickserver protected - def get_uid_from_params(params) + def get_email_from_params(params) if params && params["address"] && params["address"].any? - return params["address"].first - else - return nil + EmailAddress.new(params["address"].first) end end - def send_key(uid, headers) - if local_address?(uid, headers) + def send_key(email, headers) + if local_address?(email, headers) source = Nickserver::CouchDB::Source.new(adapter) else source = Nickserver::Hkp::Source.new(adapter) end - source.query(uid) do |response| - send_response(status: response.status, content: response.content) - end + response = source.query(email) + send_response response.status, response.content + rescue MissingHostHeader + send_error("HTTP request must include a Host header.") end # @@ -48,38 +50,32 @@ module Nickserver # # If 'domain' is not configured, we rely on the Host header of the HTTP request. # - def local_address?(uid, headers) - uid_domain = uid.sub(/^.*@(.*)$/, "\\1") - if Config.domain - return uid_domain == Config.domain - else - # no domain configured, use Host header - host_header = headers.split(/\0/).grep(/^Host: /).first - if host_header.nil? - send_error("HTTP request must include a Host header.") - else - host = host_header.split(':')[1].strip.sub(/^nicknym\./, '') - return uid_domain == host - end - end + def local_address?(email, headers) + email.domain?(Config.domain || domain_from_headers(headers)) end - def send_error(msg = "not supported") - send_response(status: 500, content: "500 #{msg}\n") + + # no domain configured, use Host header + def domain_from_headers(headers) + host_header = headers['Host'] + raise MissingHostHeader if host_header.nil? + host_header.split(':')[0].strip.sub(/^nicknym\./, '') end - def send_not_found(msg = "Not Found") - send_response(status: 404, content: "404 #{msg}\n") + def send_error(msg = "not supported") + send_response 500, "500 #{msg}\n" end - def send_response(opts = {}) - responder.send_response default_response.merge(opts) + def send_not_found(msg = "Not Found") + send_response 404, "404 #{msg}\n" end - def default_response - {status: 200, content_type: 'text/plain', content: ''} + def send_response(status = 200, content = '') + responder.respond status, content end attr_reader :responder, :adapter + class MissingHostHeader < StandardError + end end end diff --git a/lib/nickserver/server.rb b/lib/nickserver/server.rb index 174d6ac..8f4a49f 100644 --- a/lib/nickserver/server.rb +++ b/lib/nickserver/server.rb @@ -1,21 +1,17 @@ require 'kernel_ext' require 'json' -require 'nickserver/em_server' -require 'nickserver/couch_db/source' -require 'nickserver/hkp/source' -require 'nickserver/adapters/em_http' +require 'nickserver/reel_server' # # This is the main HTTP server that clients connect to in order to fetch keys # -# For info on EM::HttpServer, see https://github.com/eventmachine/evma_httpserver # module Nickserver class Server # - # Starts the Nickserver. Must be run inside an EM.run block. + # Starts the Nickserver. # # Available options: # @@ -33,7 +29,7 @@ module Nickserver puts "Starting nickserver #{options[:host]}:#{options[:port]}" end - Nickserver::EmServer.start(options) + Nickserver::ReelServer.start(options) end |