cryptcheck/lib/cryptcheck/tls/xmpp/server.rb

require 'nokogiri'

module CryptCheck
	module Tls
		module Xmpp
			TLS_NAMESPACE = 'urn:ietf:params:xml:ns:xmpp-tls'

			class Server < Tls::TcpServer
				attr_reader :domain

				def initialize(hostname, family, ip, port=nil, domain: nil, type: :s2s)
					domain         ||= hostname
					@type, @domain = type, domain
					port           = case type
										 when :s2s
											 5269
										 when :c2s
											 5222
									 end unless port
					super hostname, family, ip, port
					Logger.info { '' }
					Logger.info { self.required? ? 'Required'.colorize(:green) : 'Not required'.colorize(:yellow) }
				end

				def ssl_connect(socket, context, method, &block)
					type = case @type
							   when :s2s then
								   'jabber:server'
							   when :c2s then
								   'jabber:client'
						   end
					socket.puts "<?xml version='1.0' ?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='#{type}' to='#{@domain}' version='1.0'>"
					response = ''
					loop do
						response += socket.recv 1024
						xml      = ::Nokogiri::XML response
						error    = xml.xpath '//stream:error'
						raise ConnectionError, error.first.child.to_s unless error.empty?
						unless xml.xpath('//stream:features').empty?
							response = xml
							break
						end
					end
					starttls = response.xpath '//tls:starttls', tls: TLS_NAMESPACE
					raise TLSNotAvailableException unless starttls
					@required = !starttls.xpath('//tls:required', tls: TLS_NAMESPACE).empty?
					socket.write "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls' />\r\n"
					response = ::Nokogiri::XML socket.recv 4096
					raise TLSNotAvailableException unless response.xpath '//tls:proceed', tls: TLS_NAMESPACE
					super
				end

				def required?
					@required
				end
			end
		end
	end
end
XMPP TLS check 2015-02-12 00:48:30 +00:00			`require 'nokogiri'`

			`module CryptCheck`
			`module Tls`
			`module Xmpp`
			`TLS_NAMESPACE = 'urn:ietf:params:xml:ns:xmpp-tls'`

TCP/UDP client 2015-02-25 19:42:51 +00:00			`class Server < Tls::TcpServer`
XMPP TLS check 2015-02-12 00:48:30 +00:00			`attr_reader :domain`

Unit tests 2016-05-03 17:57:34 +00:00			`def initialize(hostname, family, ip, port=nil, domain: nil, type: :s2s)`
Move up host resolving for speed ehanchement 2016-02-21 23:01:39 +00:00			`domain \|\|= hostname`
Fix XMPP 2015-02-25 19:41:17 +00:00			`@type, @domain = type, domain`
Move up host resolving for speed ehanchement 2016-02-21 23:01:39 +00:00			`port = case type`
			`when :s2s`
			`5269`
			`when :c2s`
			`5222`
			`end unless port`
More unit tests (XMPP) 2016-05-06 19:27:02 +00:00			`super hostname, family, ip, port`
Refactor logging 2015-08-12 23:51:14 +00:00			`Logger.info { '' }`
			`Logger.info { self.required? ? 'Required'.colorize(:green) : 'Not required'.colorize(:yellow) }`
XMPP TLS check 2015-02-12 00:48:30 +00:00			`end`

			`def ssl_connect(socket, context, method, &block)`
Fix XMPP 2015-02-25 19:41:17 +00:00			`type = case @type`
Move up host resolving for speed ehanchement 2016-02-21 23:01:39 +00:00			`when :s2s then`
			`'jabber:server'`
			`when :c2s then`
			`'jabber:client'`
			`end`
More unit tests (XMPP) 2016-05-06 19:27:02 +00:00			`socket.puts "<?xml version='1.0' ?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='#{type}' to='#{@domain}' version='1.0'>"`
Fix XMPP 2015-02-25 19:41:17 +00:00			`response = ''`
			`loop do`
			`response += socket.recv 1024`
Move up host resolving for speed ehanchement 2016-02-21 23:01:39 +00:00			`xml = ::Nokogiri::XML response`
			`error = xml.xpath '//stream:error'`
More unit tests (XMPP) 2016-05-06 19:27:02 +00:00			`raise ConnectionError, error.first.child.to_s unless error.empty?`
Fix XMPP 2015-02-25 19:41:17 +00:00			`unless xml.xpath('//stream:features').empty?`
			`response = xml`
			`break`
			`end`
			`end`
XMPP TLS check 2015-02-12 00:48:30 +00:00			`starttls = response.xpath '//tls:starttls', tls: TLS_NAMESPACE`
			`raise TLSNotAvailableException unless starttls`
More unit tests (XMPP) 2016-05-06 19:27:02 +00:00			`@required = !starttls.xpath('//tls:required', tls: TLS_NAMESPACE).empty?`
XMPP TLS check 2015-02-12 00:48:30 +00:00			`socket.write "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls' />\r\n"`
			`response = ::Nokogiri::XML socket.recv 4096`
			`raise TLSNotAvailableException unless response.xpath '//tls:proceed', tls: TLS_NAMESPACE`
			`super`
			`end`

			`def required?`
			`@required`
			`end`
			`end`
			`end`
			`end`
			`end`