diff options
Diffstat (limited to 'lib/nickserver')
31 files changed, 258 insertions, 287 deletions
diff --git a/lib/nickserver/adapters/celluloid_http.rb b/lib/nickserver/adapters/celluloid_http.rb index 62f905f..cdcc493 100644 --- a/lib/nickserver/adapters/celluloid_http.rb +++ b/lib/nickserver/adapters/celluloid_http.rb @@ -4,6 +4,7 @@ silence_warnings do end module Nickserver::Adapters + # HTTP Adapter using Celluloid::IO class CelluloidHttp < Http silence_warnings do include Celluloid::IO @@ -14,6 +15,5 @@ module Nickserver::Adapters def default_options super.merge ssl_socket_class: Celluloid::IO::SSLSocket end - end end diff --git a/lib/nickserver/adapters/http.rb b/lib/nickserver/adapters/http.rb index eb77cc6..a759e53 100644 --- a/lib/nickserver/adapters/http.rb +++ b/lib/nickserver/adapters/http.rb @@ -2,22 +2,20 @@ require 'nickserver/adapters' require 'nickserver/config' require 'http' -# Nickserver::Adapters::Http -# -# Basic http adapter with ssl and minimal error handling. -# Only implemented get requests so far. -# -# Error Handling: -# -# Pass a string as the 'rescue' option. If a ConnectionError occures -# which includes the string passed it will be rescued and the request -# will return nil. This allows handling the error inside the adapter so -# that for the derived CelluloidHttp Adapter the actor does not get -# killed. - module Nickserver::Adapters + # Nickserver::Adapters::Http + # + # Basic http adapter with ssl and minimal error handling. + # Only implemented get requests so far. + # + # Error Handling: + # + # Pass a string as the 'rescue' option. If a ConnectionError occures + # which includes the string passed it will be rescued and the request + # will return nil. This allows handling the error inside the adapter so + # that for the derived CelluloidHttp Adapter the actor does not get + # killed. class Http - def get(url, options = {}) url = HTTP::URI.parse url.to_s response = get_with_auth url, params: options[:query] diff --git a/lib/nickserver/config.rb b/lib/nickserver/config.rb index b1def7c..62623c1 100644 --- a/lib/nickserver/config.rb +++ b/lib/nickserver/config.rb @@ -5,7 +5,7 @@ module Nickserver PATHS = [ File.expand_path('../../../config/default.yml', __FILE__), '/etc/nickserver.yml' - ] + ].freeze class << self attr_accessor :hkp_url @@ -29,22 +29,21 @@ module Nickserver def self.load self.loaded ||= begin PATHS.each do |file_path| - self.load_config(file_path) + load_config(file_path) end true end - self.validate + validate end def self.couch_url - [ 'http://', - couch_auth, - couch_host, - ':', - couch_port, - '/', - couch_database - ].join + ['http://', + couch_auth, + couch_host, + ':', + couch_port, + '/', + couch_database].join end def self.couch_auth @@ -70,22 +69,20 @@ module Nickserver end def self.load_config(file_path) - begin - YAML.load(File.read(file_path)).each do |key, value| - begin - self.send("#{key}=", value) - rescue NoMethodError - STDERR.puts "ERROR in file #{file_path}, '#{key}' is not a valid option" - exit(1) - end + YAML.safe_load(File.read(file_path)).each do |key, value| + begin + send("#{key}=", value) + rescue NoMethodError + STDERR.puts "ERROR in file #{file_path}, '#{key}' is not a valid option" + exit(1) end - puts "Loaded #{file_path}" if Config.verbose - rescue Errno::ENOENT => exc - puts "Skipping #{file_path}" if Config.verbose - rescue Exception => exc - STDERR.puts exc.inspect - exit(1) end + puts "Loaded #{file_path}" if Config.verbose + rescue Errno::ENOENT => exc + puts "Skipping #{file_path}" if Config.verbose + rescue Exception => exc + STDERR.puts exc.inspect + exit(1) end end end diff --git a/lib/nickserver/couch_db/response.rb b/lib/nickserver/couch_db/response.rb index fe482a8..eae5cc1 100644 --- a/lib/nickserver/couch_db/response.rb +++ b/lib/nickserver/couch_db/response.rb @@ -3,7 +3,6 @@ require 'json' module Nickserver::CouchDB class Response - def initialize(nick, couch_response = {}) @nick = nick @couch_status = couch_response[:status] @@ -39,7 +38,7 @@ module Nickserver::CouchDB end def key - rows.first["value"] + rows.first['value'] end def ok? @@ -51,7 +50,7 @@ module Nickserver::CouchDB end def rows - json["rows"] + json['rows'] end attr_reader :couch_status, :json, :nick diff --git a/lib/nickserver/couch_db/source.rb b/lib/nickserver/couch_db/source.rb index dd29c2a..b7531e4 100644 --- a/lib/nickserver/couch_db/source.rb +++ b/lib/nickserver/couch_db/source.rb @@ -9,9 +9,8 @@ module Nickserver::CouchDB class Error < StandardError; end class Source < Nickserver::Source - - VIEW = '/_design/Identity/_view/pgp_key_by_email' - UNEXPECTED_RESPONSE_CODES = [401, 500] + VIEW = '/_design/Identity/_view/pgp_key_by_email'.freeze + UNEXPECTED_RESPONSE_CODES = [401, 500].freeze def query(nick) status, body = adapter.get url, query: query_for(nick) @@ -23,7 +22,7 @@ module Nickserver::CouchDB def handle_unexpected_responses(status, body) if UNEXPECTED_RESPONSE_CODES.include? status - raise Error.new("Couch responded with #{status}: #{body}") + raise Error, "Couch responded with #{status}: #{body}" end end @@ -32,7 +31,7 @@ module Nickserver::CouchDB end def query_for(nick) - { reduce: "false", key: "\"#{nick}\"" } + { reduce: 'false', key: "\"#{nick}\"" } end attr_reader :config diff --git a/lib/nickserver/daemon.rb b/lib/nickserver/daemon.rb index 12ed30e..06e0720 100644 --- a/lib/nickserver/daemon.rb +++ b/lib/nickserver/daemon.rb @@ -1,5 +1,5 @@ -require "nickserver/version" -require "nickserver/config" +require 'nickserver/version' +require 'nickserver/config' require 'etc' require 'fileutils' @@ -10,9 +10,8 @@ require 'fileutils' module Nickserver class Daemon - def self.run(name, &block) - self.new.run(name, &block) + new.run(name, &block) end def run(name, &block) @@ -38,9 +37,7 @@ module Nickserver if username != 'root' if Process::Sys.getuid == 0 Process::Sys.setuid(Etc.getpwnam(username).uid) - if root? - bail "failed to drop permissions" - end + bail 'failed to drop permissions' if root? else bail "cannot change process uid to #{username}" end @@ -48,13 +45,11 @@ module Nickserver end def root? - begin - Process::Sys.setuid(0) - rescue Errno::EPERM - false - else - true - end + Process::Sys.setuid(0) + rescue Errno::EPERM + false + else + true end # @@ -62,7 +57,7 @@ module Nickserver # def daemonize - return bail("Process is already started") if daemon_running? + return bail('Process is already started') if daemon_running? _pid = fork do exit if fork Process.setsid @@ -71,7 +66,7 @@ module Nickserver catch_signals redirect_output drop_permissions_to(Config.user) if Config.user - File.umask 0000 + File.umask 0o000 yield end end @@ -99,11 +94,7 @@ module Nickserver def pid_from_file(file) pid = IO.read(file).chomp - if pid != "" - pid.to_i - else - nil - end + pid.to_i if pid != '' end def kill_pid @@ -134,10 +125,10 @@ module Nickserver # stop when we should # def catch_signals - ["SIGTERM", "SIGINT", "SIGHUP"].each do |signal| - Signal.trap(signal) { + %w[SIGTERM SIGINT SIGHUP].each do |signal| + Signal.trap(signal) do exit - } + end end end @@ -149,15 +140,15 @@ module Nickserver puts msg puts puts "Usage: #{@name} [OPTION] COMMAND" - puts "COMMAND is one of: start, stop, restart, status, version, foreground" - puts "OPTION is one of: --verbose" + puts 'COMMAND is one of: start, stop, restart, status, version, foreground' + puts 'OPTION is one of: --verbose' puts exit 1 end def bail(msg) puts "#{@name.capitalize} ERROR: #{msg}." - puts "Bailing out." + puts 'Bailing out.' exit(1) end @@ -167,9 +158,9 @@ module Nickserver # def redirect_output if log_path = Config.log_file - FileUtils.mkdir_p File.dirname(log_path), mode: 0755 + FileUtils.mkdir_p File.dirname(log_path), mode: 0o755 FileUtils.touch log_path - File.chmod(0600, log_path) + File.chmod(0o600, log_path) if Config.user && Process::Sys.getuid == 0 FileUtils.chown(Config.user, nil, log_path) end @@ -195,10 +186,10 @@ module Nickserver # Runs until the block condition is met or the timeout_seconds is exceeded # until_true(10) { ...return_condition... } # - def until_true(timeout_seconds=MAX_WAIT, &block) + def until_true(timeout_seconds = MAX_WAIT) elapsed_seconds = 0 interval = 0.5 - while elapsed_seconds < timeout_seconds && block.call != true + while elapsed_seconds < timeout_seconds && yield != true elapsed_seconds += interval sleep(interval) end @@ -208,18 +199,18 @@ module Nickserver def parse_options loop do case ARGV[0] - when 'start' then ARGV.shift; @command = :start - when 'stop' then ARGV.shift; @command = :stop - when 'restart' then ARGV.shift; @command = :restart - when 'status' then ARGV.shift; @command = :status - when 'version' then ARGV.shift; @command = :version - when 'foreground' then ARGV.shift; @command = :foreground - when '--verbose' then ARGV.shift; Config.verbose = true - when /^-/ then override_default_config(ARGV.shift, ARGV.shift) - else break + when 'start' then ARGV.shift; @command = :start + when 'stop' then ARGV.shift; @command = :stop + when 'restart' then ARGV.shift; @command = :restart + when 'status' then ARGV.shift; @command = :status + when 'version' then ARGV.shift; @command = :version + when 'foreground' then ARGV.shift; @command = :foreground + when '--verbose' then ARGV.shift; Config.verbose = true + when /^-/ then override_default_config(ARGV.shift, ARGV.shift) + else break end end - usage("Missing command") unless @command + usage('Missing command') unless @command end def override_default_config(flag, value) @@ -251,8 +242,8 @@ module Nickserver end end - def command_foreground(&block) - trap("INT") do + def command_foreground + trap('INT') do puts "\nShutting down..." exit(0) end @@ -285,6 +276,5 @@ module Nickserver exit(1) # must exit non-zero if not running end end - end end diff --git a/lib/nickserver/dispatcher.rb b/lib/nickserver/dispatcher.rb index dfd53e5..99f06c3 100644 --- a/lib/nickserver/dispatcher.rb +++ b/lib/nickserver/dispatcher.rb @@ -23,7 +23,6 @@ require 'nickserver/request_handlers/fingerprint_handler' module Nickserver class Dispatcher - def initialize(responder, adapter = nil) @responder = responder @adapter = adapter @@ -49,23 +48,22 @@ module Nickserver def init_handler_chain chain = HandlerChain.new RequestHandlers::InvalidEmailHandler, - RequestHandlers::LocalEmailHandler, - RequestHandlers::LeapEmailHandler, - RequestHandlers::HkpEmailHandler, - RequestHandlers::FingerprintHandler, - Proc.new { proxy_error_response }, - Proc.new { Nickserver::Response.new(404, "404 Not Found\n") } + RequestHandlers::LocalEmailHandler, + RequestHandlers::LeapEmailHandler, + RequestHandlers::HkpEmailHandler, + RequestHandlers::FingerprintHandler, + proc { proxy_error_response }, + proc { Nickserver::Response.new(404, "404 Not Found\n") } chain.continue_on HTTP::ConnectionError - return chain + chain end def proxy_error_response exc = handler_chain.rescued_exceptions.first if exc Nickserver::Response.new 502, - JSON.dump(error: exc.to_s) + JSON.dump(error: exc.to_s) end end - end end diff --git a/lib/nickserver/email_address.rb b/lib/nickserver/email_address.rb index 20f642c..5dfd931 100644 --- a/lib/nickserver/email_address.rb +++ b/lib/nickserver/email_address.rb @@ -1,6 +1,5 @@ module Nickserver class EmailAddress - REGEXP = begin qtext = '[^\\x0d\\x22\\x5c\\x80-\\xff]' dtext = '[^\\x0d\\x5b-\\x5d\\x80-\\xff]' @@ -48,6 +47,5 @@ module Nickserver protected attr_reader :address - end end diff --git a/lib/nickserver/handler_chain.rb b/lib/nickserver/handler_chain.rb index afc24a5..f685a2e 100644 --- a/lib/nickserver/handler_chain.rb +++ b/lib/nickserver/handler_chain.rb @@ -1,3 +1,5 @@ +require 'English' + # # Handler Chain # @@ -14,7 +16,6 @@ module Nickserver class HandlerChain - def initialize(*handlers) @handlers = handlers @exceptions_to_rescue = [] @@ -27,7 +28,7 @@ module Nickserver def handle(*args) result = nil - _handled_by = @handlers.find{|h| result = try_handler(h, *args)} + _handled_by = @handlers.find { |h| result = try_handler(h, *args) } result end @@ -41,7 +42,7 @@ module Nickserver def try_handler(handler, *args) result = handler.call(*args) rescue *exceptions_to_rescue - self.rescued_exceptions << $! + rescued_exceptions << $ERROR_INFO result = false end end diff --git a/lib/nickserver/hkp/client.rb b/lib/nickserver/hkp/client.rb index d53daad..d632a36 100644 --- a/lib/nickserver/hkp/client.rb +++ b/lib/nickserver/hkp/client.rb @@ -1,18 +1,16 @@ require 'nickserver/hkp' - -# -# Client for the HKP protocol. -# -# This is not a complete implementation - only the parts we need. -# Instantiate with an adapter that will take care of the http requests. -# -# For each request we yield http_status and the response content just -# like the adapter does. - - -module Nickserver; module Hkp +require 'nickserver/config' + +module Nickserver::Hkp + # + # Client for the HKP protocol. + # + # This is not a complete implementation - only the parts we need. + # Instantiate with an adapter that will take care of the http requests. + # + # For each request we yield http_status and the response content just + # like the adapter does. class Client - def initialize(adapter) @adapter = adapter end @@ -20,7 +18,7 @@ module Nickserver; module Hkp # # used to fetch an array of KeyInfo objects that match the given email # - def get_key_infos_by_email(email, &block) + def get_key_infos_by_email(email) get op: 'vindex', search: email.to_s, fingerprint: 'on' end @@ -28,7 +26,7 @@ module Nickserver; module Hkp # fetches ascii armored OpenPGP public key from the keyserver # def get_key_by_fingerprint(fingerprint) - get op: 'get', search: "0x" + fingerprint + get op: 'get', search: '0x' + fingerprint end protected @@ -37,9 +35,9 @@ module Nickserver; module Hkp def get(query) # in practice, exact=on seems to have no effect - query = {exact: 'on', options: 'mr'}.merge query - response = adapter.get Config.hkp_url, query: query - return response + query = { exact: 'on', options: 'mr' }.merge query + response = adapter.get Nickserver::Config.hkp_url, query: query + response end end -end; end +end diff --git a/lib/nickserver/hkp/key_info.rb b/lib/nickserver/hkp/key_info.rb index d4ecf10..e1a9500 100644 --- a/lib/nickserver/hkp/key_info.rb +++ b/lib/nickserver/hkp/key_info.rb @@ -1,70 +1,102 @@ require 'cgi' require 'nickserver/hkp' -# -# Class to represent the key information result from a query to a key server -# (but not the key itself). -# -# The initialize method parses the hkp 'machine readable' output. -# -# format definition of machine readable index output is here: -# http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-5.2 -# module Nickserver::Hkp + # + # Class to represent the key information result from a query to a key server + # (but not the key itself). + # + # The initialize method parses the hkp 'machine readable' output. + # + # format definition of machine readable index output is here: + # http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-5.2 + # class KeyInfo - attr_accessor :uids, :keyid, :algo, :flags + attr_accessor :uids def initialize(hkp_record) uid_lines = hkp_record.split("\n") pub_line = uid_lines.shift - @keyid, @algo, @keylen_s, @creationdate_s, @expirationdate_s, @flags = pub_line.split(':')[1..-1] - @uids = [] - uid_lines.each do |uid_line| - uid, _creationdate, _expirationdate, _flags = uid_line.split(':')[1..-1] - # for now, ignore the expirationdate and flags of uids. sks does return them anyway - @uids << CGI.unescape(uid.sub(/.*<(.+)>.*/, '\1')) + @properties = pub_line.split(':')[1..-1] + @uids = extract_uids(uid_lines) + end + + CHECKS = %i[too_short? expired? revoked? disabled? outdated?].freeze + + def error + CHECKS.find do |check| + msg = check.to_s.chop.tr('_', ' ') + "key is #{msg}." if send(check) end end + def keyid + properties.first + end + + def algo + properties.second + end + def keylen - @keylen ||= @keylen_s.to_i + properties[2].to_i end def creationdate - @creationdate ||= begin - if @creationdate_s - Time.at(@creationdate_s.to_i) - end - end + created = properties[3] + Time.at(created.to_i) end def expirationdate - @expirationdate ||= begin - if @expirationdate_s - Time.at(@expirationdate_s.to_i) - end - end + expires = properties[4] + Time.at(expires.to_i) + end + + def flags + properties.last end def rsa? - @algo == "1" + algo == '1' end def dsa? - @algo == "17" + algo == '17' + end + + protected + + attr_reader :properties + + def extract_uids(uid_lines) + uid_lines.map do |uid_line| + # for now, ignore the expirationdate and flags of uids. + # sks does return them anyway + uid, _creationdate, _expirationdate, _flags = uid_line.split(':')[1..-1] + CGI.unescape(uid.sub(/.*<(.+)>.*/, '\1')) + end + end + + # CHECKS + + def too_short? + keylen < 2048 + end + + def expired? + flags =~ /e/ end def revoked? - @flags =~ /r/ + flags =~ /r/ end def disabled? - @flags =~ /d/ + flags =~ /d/ end - def expired? - @flags =~ /e/ + def outdated? + expirationdate && expirationdate < Time.now end end - end diff --git a/lib/nickserver/hkp/parse_key_info.rb b/lib/nickserver/hkp/parse_key_info.rb index 2f928a0..a6f170c 100644 --- a/lib/nickserver/hkp/parse_key_info.rb +++ b/lib/nickserver/hkp/parse_key_info.rb @@ -1,13 +1,12 @@ -# -# Simple parser for Hkp KeyInfo responses. -# -# Focus is on simple here. Trying to avoid state and sideeffects. -# Parsing a response with 12 keys and validating them takes 2ms. -# So no need for memoization and making things more complex. -# -module Nickserver; module Hkp +module Nickserver::Hkp + # + # Simple parser for Hkp KeyInfo responses. + # + # Focus is on simple here. Trying to avoid state and sideeffects. + # Parsing a response with 12 keys and validating them takes 2ms. + # So no need for memoization and making things more complex. + # class ParseKeyInfo - # for this regexp to work, the source text must end in a trailing "\n", # which the output of sks does. MATCH_PUB_KEY = /(^pub:.+?\n(^uid:.+?\n)+)/m @@ -40,14 +39,14 @@ module Nickserver; module Hkp protected def keys(uid) - key_infos(uid).reject { |key| error_for_key(key) } + key_infos(uid).reject(&:error) end def msg(uid) if errors(uid).any? error_messages(uid).join "\n" else - "Could not fetch keyinfo." + 'Could not fetch keyinfo.' end end @@ -63,13 +62,12 @@ module Nickserver; module Hkp end def errors(uid) - key_infos(uid).map{|key| error_for_key(key) }.compact + key_infos(uid).map(&:error).compact end def error_messages(uid) key_infos(uid).map do |key| - err = error_for_key(key) - error_message(uid, key, err) + error_message(uid, key) end.compact end @@ -91,22 +89,8 @@ module Nickserver; module Hkp status == 200 end - def error_message(uid, key, err) - "Ignoring key #{key.keyid} for #{uid}: #{err}" if err - end - - def error_for_key(key) - if key.keylen < 2048 - "key length is too short." - elsif key.expired? - "key expired." - elsif key.revoked? - "key revoked." - elsif key.disabled? - "key disabled." - elsif key.expirationdate && key.expirationdate < Time.now - "key expired" - end + def error_message(uid, key) + "Ignoring key #{key.keyid} for #{uid}: #{key.error}" if key.error end end -end; end +end diff --git a/lib/nickserver/hkp/response.rb b/lib/nickserver/hkp/response.rb index c52e25f..2cc69d3 100644 --- a/lib/nickserver/hkp/response.rb +++ b/lib/nickserver/hkp/response.rb @@ -1,6 +1,5 @@ module Nickserver::Hkp class Response - attr_reader :status, :content def initialize(uid, key) @@ -13,6 +12,5 @@ module Nickserver::Hkp def format_response(map) map.to_json end - end end diff --git a/lib/nickserver/hkp/source.rb b/lib/nickserver/hkp/source.rb index 82c94a0..d7c86a3 100644 --- a/lib/nickserver/hkp/source.rb +++ b/lib/nickserver/hkp/source.rb @@ -2,24 +2,21 @@ require 'nickserver/source' require 'nickserver/response' require 'nickserver/hkp/response' require 'nickserver/hkp/client' -require "nickserver/hkp/parse_key_info" -require "nickserver/hkp/key_info" - - -# -# Fetch keys via HKP -# http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00 -# - -module Nickserver; module Hkp +require 'nickserver/hkp/parse_key_info' +require 'nickserver/hkp/key_info' + +module Nickserver::Hkp + # + # Fetch keys via HKP + # http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00 + # class Source < Nickserver::Source - def query(nick) status, response = search(nick) if status == 200 best = pick_best_key(response) get_key_by_fingerprint(best.keyid, nick) - elsif status != 404 # 404 means no key found and we proceed + elsif status != 404 # 404 means no key found and we proceed Nickserver::Response.new(status, response) end end @@ -27,7 +24,7 @@ module Nickserver; module Hkp def search(nick) status, response = client.get_key_infos_by_email(nick) parser = ParseKeyInfo.new status, response - return parser.status_for(nick), parser.response_for(nick) + [parser.status_for(nick), parser.response_for(nick)] end def get_key_by_fingerprint(fingerprint, nick = nil) @@ -35,7 +32,7 @@ module Nickserver; module Hkp if status == 200 Response.new nick, response else - Nickserver::Response.new status, "HKP Request failed" + Nickserver::Response.new status, 'HKP Request failed' end end @@ -48,11 +45,11 @@ module Nickserver; module Hkp # that is signed by the oldest key. # def pick_best_key(key_info_list) - key_info_list.sort {|a,b| a.creationdate <=> b.creationdate}.last + key_info_list.sort_by(&:creationdate).last end def client @client ||= Client.new(adapter) end end -end; end +end diff --git a/lib/nickserver/hkp/v_index_response.rb b/lib/nickserver/hkp/v_index_response.rb index 865d476..a44af51 100644 --- a/lib/nickserver/hkp/v_index_response.rb +++ b/lib/nickserver/hkp/v_index_response.rb @@ -9,7 +9,6 @@ require 'nickserver/hkp/key_info' # So no need for memoization and making things more complex. module Nickserver::Hkp class VIndexResponse - # for this regexp to work, the source text must end in a trailing "\n", # which the output of sks does. MATCH_PUB_KEY = /(^pub:.+?\n(^uid:.+?\n)+)/m @@ -29,14 +28,14 @@ module Nickserver::Hkp end def keys - key_infos.reject { |key| error_for_key(key) } + key_infos.reject &:error end def msg if errors.any? error_messages.join "\n" else - "Could not fetch keyinfo." + 'Could not fetch keyinfo.' end end @@ -53,13 +52,12 @@ module Nickserver::Hkp end def errors - key_infos.map{|key| error_for_key(key) }.compact + key_infos.map { |key| error_for_key(key) }.compact end def error_messages key_infos.map do |key| - err = error_for_key(key) - error_message(key, err) + error_message(key) end.compact end @@ -75,22 +73,8 @@ module Nickserver::Hkp end end - def error_message(key, err) - "Ignoring key #{key.keyid} for #{nick}: #{err}" if err - end - - def error_for_key(key) - if key.keylen < 2048 - "key length is too short." - elsif key.expired? - "key expired." - elsif key.revoked? - "key revoked." - elsif key.disabled? - "key disabled." - elsif key.expirationdate && key.expirationdate < Time.now - "key expired" - end + def error_message(key) + "Ignoring key #{key.keyid} for #{nick}: #{key.error}" if key.error end end end diff --git a/lib/nickserver/logging_responder.rb b/lib/nickserver/logging_responder.rb index 6eb756f..08a9ce7 100644 --- a/lib/nickserver/logging_responder.rb +++ b/lib/nickserver/logging_responder.rb @@ -1,6 +1,5 @@ module Nickserver class LoggingResponder - def initialize(responder, logger) @responder = responder @logger = logger diff --git a/lib/nickserver/nicknym/source.rb b/lib/nickserver/nicknym/source.rb index f49547e..9c2d8c4 100644 --- a/lib/nickserver/nicknym/source.rb +++ b/lib/nickserver/nicknym/source.rb @@ -9,13 +9,13 @@ module Nickserver def available_for?(domain) status, body = adapter.get "https://#{domain}/provider.json", - rescue: 'failed to connect: getaddrinfo' + rescue: 'failed to connect: getaddrinfo' status == 200 && provider_with_mx?(body) end def query(email) status, body = nicknym_get email.domain, address: email.to_s - return Nickserver::Response.new(status, body) + Nickserver::Response.new(status, body) end protected diff --git a/lib/nickserver/reel_server.rb b/lib/nickserver/reel_server.rb index db38e50..f7cc3b0 100644 --- a/lib/nickserver/reel_server.rb +++ b/lib/nickserver/reel_server.rb @@ -9,14 +9,13 @@ require 'nickserver/logging_responder' module Nickserver class ReelServer < Reel::Server::HTTP - DEFAULT_ADAPTER_CLASS = Nickserver::Adapters::CelluloidHttp def self.start(options = {}) new(options[:host], options[:port]) end - def initialize(host = "127.0.0.1", port = 3000) + def initialize(host = '127.0.0.1', port = 3000) Celluloid.logger = logger super(host, port, &method(:on_connection)) end @@ -33,7 +32,6 @@ module Nickserver end end - protected def handle_request(request) @@ -44,7 +42,7 @@ module Nickserver end end rescue StandardError - request.respond 500, "{}" + request.respond 500, '{}' end def logging_request(request) diff --git a/lib/nickserver/request.rb b/lib/nickserver/request.rb index c21c280..0d6dab6 100644 --- a/lib/nickserver/request.rb +++ b/lib/nickserver/request.rb @@ -6,11 +6,11 @@ module Nickserver end def email - param("address") + param('address') end def fingerprint - param("fingerprint") + param('fingerprint') end def domain diff --git a/lib/nickserver/request_handlers/base.rb b/lib/nickserver/request_handlers/base.rb index 495a6da..a33e772 100644 --- a/lib/nickserver/request_handlers/base.rb +++ b/lib/nickserver/request_handlers/base.rb @@ -1,7 +1,6 @@ module Nickserver module RequestHandlers class Base - def self.call(request, adapter = nil) new(request, adapter).handle end @@ -12,8 +11,8 @@ module Nickserver end protected + attr_reader :request, :adapter end end end - diff --git a/lib/nickserver/request_handlers/fingerprint_handler.rb b/lib/nickserver/request_handlers/fingerprint_handler.rb index ac3c3c8..4917338 100644 --- a/lib/nickserver/request_handlers/fingerprint_handler.rb +++ b/lib/nickserver/request_handlers/fingerprint_handler.rb @@ -5,7 +5,6 @@ require 'nickserver/error_response' module Nickserver module RequestHandlers class FingerprintHandler < Base - def handle return unless fingerprint if fingerprint.length == 40 && !fingerprint[/\H/] @@ -24,7 +23,6 @@ module Nickserver def source Nickserver::Hkp::Source.new adapter end - end end end diff --git a/lib/nickserver/request_handlers/hkp_email_handler.rb b/lib/nickserver/request_handlers/hkp_email_handler.rb index 393ef87..3d39a4e 100644 --- a/lib/nickserver/request_handlers/hkp_email_handler.rb +++ b/lib/nickserver/request_handlers/hkp_email_handler.rb @@ -4,7 +4,6 @@ require 'nickserver/hkp/source' module Nickserver module RequestHandlers class HkpEmailHandler < Base - def handle source.query(email) if request.email end @@ -18,7 +17,6 @@ module Nickserver def source Nickserver::Hkp::Source.new adapter end - end end end diff --git a/lib/nickserver/request_handlers/invalid_email_handler.rb b/lib/nickserver/request_handlers/invalid_email_handler.rb index bb98f65..3a6cfa0 100644 --- a/lib/nickserver/request_handlers/invalid_email_handler.rb +++ b/lib/nickserver/request_handlers/invalid_email_handler.rb @@ -5,10 +5,9 @@ require 'nickserver/error_response' module Nickserver module RequestHandlers class InvalidEmailHandler < Base - def handle return unless request.email - ErrorResponse.new("Not a valid address") if email.invalid? + ErrorResponse.new('Not a valid address') if email.invalid? end protected diff --git a/lib/nickserver/request_handlers/leap_email_handler.rb b/lib/nickserver/request_handlers/leap_email_handler.rb index bc3ddef..d202e15 100644 --- a/lib/nickserver/request_handlers/leap_email_handler.rb +++ b/lib/nickserver/request_handlers/leap_email_handler.rb @@ -5,7 +5,6 @@ require 'nickserver/nicknym/source' module Nickserver module RequestHandlers class LeapEmailHandler < Base - def handle source.query(email) if request.email && remote_email? && nicknym_email? end @@ -31,7 +30,6 @@ module Nickserver def domain Config.domain || request.domain end - end end end diff --git a/lib/nickserver/request_handlers/local_email_handler.rb b/lib/nickserver/request_handlers/local_email_handler.rb index 08147a0..bed26bd 100644 --- a/lib/nickserver/request_handlers/local_email_handler.rb +++ b/lib/nickserver/request_handlers/local_email_handler.rb @@ -5,7 +5,6 @@ require 'nickserver/couch_db/source' module Nickserver module RequestHandlers class LocalEmailHandler < Base - def handle source.query(email) if request.email && email.domain?(domain) end @@ -23,7 +22,6 @@ module Nickserver def source Nickserver::CouchDB::Source.new adapter end - end end end diff --git a/lib/nickserver/response.rb b/lib/nickserver/response.rb index 372da36..9aef3af 100644 --- a/lib/nickserver/response.rb +++ b/lib/nickserver/response.rb @@ -1,6 +1,5 @@ module Nickserver class Response - attr_reader :status, :body def initialize(status, body) diff --git a/lib/nickserver/server.rb b/lib/nickserver/server.rb index 2139029..ff1d362 100644 --- a/lib/nickserver/server.rb +++ b/lib/nickserver/server.rb @@ -10,7 +10,6 @@ require 'nickserver/reel_server' # module Nickserver class Server - # # Starts the Nickserver. # @@ -19,7 +18,7 @@ module Nickserver # * :port (default Nickserver::Config.port) # * :host (default 127.0.0.1) # - def self.start(opts={}) + def self.start(opts = {}) Nickserver::Config.load options = { host: '127.0.0.1', @@ -32,7 +31,5 @@ module Nickserver Nickserver::ReelServer.start(options) end - - end end diff --git a/lib/nickserver/source.rb b/lib/nickserver/source.rb index 934407a..d7f4d12 100644 --- a/lib/nickserver/source.rb +++ b/lib/nickserver/source.rb @@ -1,6 +1,5 @@ module Nickserver class Source - def initialize(adapter = nil) @adapter = adapter end diff --git a/lib/nickserver/version.rb b/lib/nickserver/version.rb index 9811fb5..67f2b2a 100644 --- a/lib/nickserver/version.rb +++ b/lib/nickserver/version.rb @@ -1,3 +1,3 @@ module Nickserver - VERSION = "0.10.0" + VERSION = '0.10.0'.freeze end diff --git a/lib/nickserver/wkd/source.rb b/lib/nickserver/wkd/source.rb index 01f376e..43f0b2e 100644 --- a/lib/nickserver/wkd/source.rb +++ b/lib/nickserver/wkd/source.rb @@ -1,16 +1,35 @@ require 'nickserver/source' require 'nickserver/response' +require 'nickserver/wkd/url' +require 'nickserver/hkp/response' -module Nickserver - module Wkd - class Source < Nickserver::Source - - def query(email) - url = Url.new(email) - status, body = adapter.get url - return Nickserver::Response.new(status, body) +module Nickserver::Wkd + # Query the web key directory for a given email address + class Source < Nickserver::Source + def query(email) + url = Url.new(email) + status, blob = adapter.get url + if status == 200 + Nickserver::Hkp::Response.new(email.to_s, armor_key(blob)) end + end + + protected + + def armor_key(blob) + header + encode(blob) + footer + end + + def encode(blob) + Base64.strict_encode64(blob).scan(/.{1,64}/).join "\n" + end + + def header + "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\n" + end + def footer + "\n-----END PGP PUBLIC KEY BLOCK-----\n" end end end diff --git a/lib/nickserver/wkd/url.rb b/lib/nickserver/wkd/url.rb index 965e7ec..0ccff38 100644 --- a/lib/nickserver/wkd/url.rb +++ b/lib/nickserver/wkd/url.rb @@ -1,31 +1,28 @@ require 'digest/sha1' require 'zbase32' -module Nickserver - module Wkd - class Url - - def initialize(email) - @domain = email.domain.downcase - @local_part = email.local_part.downcase - end +module Nickserver::Wkd + # The url to lookup the given email address in the web key directory. + class Url + def initialize(email) + @domain = email.domain.downcase + @local_part = email.local_part.downcase + end - def to_s - "https://#{domain}/.well-known/openpgpkey" + - "/hu/#{domain}/#{encoded_digest}" - end + def to_s + "https://#{domain}/.well-known/openpgpkey/hu/#{encoded_digest}" + end - protected + protected - attr_reader :domain, :local_part + attr_reader :domain, :local_part - def encoded_digest - ZBase32.encode32(digest.to_i(16).to_s(2)) - end + def encoded_digest + ZBase32.encode32(digest.to_i(16).to_s(2)) + end - def digest - Digest::SHA1.hexdigest local_part - end + def digest + Digest::SHA1.hexdigest local_part end end end |