Safeguarding the past, present and future of RISC OS for everyone
Account
News | Downloads | Bugs | Bounties | Forums | Library
You are currently browsing the Subversion repository.
Changesets can be listed by changeset number.
The Git repository is here.
  • Changesets
  • » Changeset 192

Changeset 192

Loads random data block fewer times - for FCGI-like execution
models, possibly only once per application instance. Better
handling of local DRb server proxies. Clarified a few comments.

  • Comitted by: rool
  • Date: Wednesday April 04 18:36:45 2007 (over 17 years ago)

Affected files:

  • Updated rool/rails/gems/hubssolib/trunk/VERSION (diff)
  • Updated rool/rails/gems/hubssolib/trunk/hubssolib.gemspec (diff)
  • Updated rool/rails/gems/hubssolib/trunk/lib/hub_sso_lib.rb (diff)

rool/rails/gems/hubssolib/trunk/VERSION:

prev.current 
1   0.2.4 (01-Jan-2007)
  1 0.2.5 (04-Apr-2007)

rool/rails/gems/hubssolib/trunk/hubssolib.gemspec:

prev.current 
s.platform = Gem::Platform::RUBY
s.name = 'hubssolib'
7   s.version = '0.2.4'
  7 s.version = '0.2.5'
s.author = 'Andrew Hodgkinson and others'
s.email = 'ahodgkin@rowing.org.uk'
s.homepage = 'http://pond.org.uk/ruby/hub/'

rool/rails/gems/hubssolib/trunk/lib/hub_sso_lib.rb:

prev.current 
HUBSSOLIB_COOKIE_NAME = 'hubapp_shared_id'
HUBSSOLIB_COOKIE_PATH = ENV['HUB_COOKIE_PATH']
  37 # Cache the random data. Assuming FCGI or similar, this code gets
  38 # executed only once per FCGI instance initialisation rather than
  39 # once per request.
  40
  41 attr_reader :HUBSSOLIB_RANDOM_DATA, :HUBSSOLIB_RANDOM_DATA_SIZE
  42
  43 HUBSSOLIB_RANDOM_DATA_SIZE = File.size(HUBSSOLIB_RND_FILE_PATH)
  44 HUBSSOLIB_RANDOM_DATA_SIZE = 16384 if (HUBSSOLIB_RANDOM_DATA_SIZE > 16384)
  45
  46 if HUBSSOLIB_RANDOM_DATA_SIZE < 1024
  47 raise "HubSsoLib needs at least 1024 bytes of random data - file '#{rnd_file}' is too small"
  48 else
  49 HUBSSOLIB_RANDOM_DATA = File.read(HUBSSOLIB_RND_FILE_PATH)
  50 end
  51
#######################################################################
# Class: Crypto #
# By Hipposoft, 2006 #
... ...
# 'Crypto' from 'HubSsoCrypto'. #
#######################################################################
50   # Encryption and decryption utility object. Once instantiated with the
51   # filename of a file that holds at least 1K of pseudo-random data, a
  65 # Encryption and decryption utility object. Once instantiated, a
# HubSsoLib::Crypto object is used to encrypt and decrypt data with the
# AES-256-CBC cipher. A single passphrase is used for both operations.
# A SHA-256 hash of that passphrase is used as the encryption key.
#
# CBC operation requires an initialization vector for the first block of
57   # data during encryption and decryption. The file of random data is used
  71 # data during encryption and decryption. A block of random data is used
# for this in conjunction with the passphrase used to generate the key. By
# so doing, the initialization vector is not revealed to third parties,
# even though the source code of the object is available. The weakness is
... ...
# callers themselves to only have to remember the passphrase. See private
# method obtain_iv() for more details.
#
  80 # The block of random data is obtained from the DRb server. It is usually
  81 # a RAM-cached near-random file. The important behaviour is that the
  82 # contents are not know to the outside world and the contents, while they
  83 # may change at any point, don't change during the duration of a user
  84 # log-in session (at least, if it changes, all current sessions will be
  85 # harmlessly invalidated).
  86 #
class Crypto
require 'openssl'
require 'digest/sha2'
require 'digest/md5'
72   # Initialize the HubSsoLib::Crypto object. Must pass a pathname to a file
73   # of effectively random data of at least 1K in length. If the data is
74   # larger than 16K in size, everything after the first 16K will be
75   # ignored. The data is cached internally when the object starts.
76   #
77   def initialize(rnd_file)
78   # Check the file size and find out how much data to read - at least 1K,
79   # no more than 16K. Store the size in @rnd_size and read the data into
80   # @rnd_data, both for use later.
  93 # # Initialize the HubSsoLib::Crypto object.
  94 # #
  95 # def initialize()
  96 # DRb.start_service()
  97 #
  98 # factory = DRbObject.new_with_uri(HUBSSOLIB_DRB_URI)
  99 # @rnd_data = factory.random_data()
  100 # @rnd_size = factory.random_data_size()
  101 #
  102 # DRb.stop_service()
  103 # end
82   @rnd_size = File.size(rnd_file)
83   @rnd_size = 16384 if (@rnd_size > 16384)
84  
85   if @rnd_size < 1024
86   raise "HubSsoLib::Crypto objects need at least 1024 bytes of random data - file '#{rnd_file}' is too small"
87   else
88   f = File.new(rnd_file, 'rb')
89   @rnd_data = f.read
90   f.close
91   end
92   end
93  
# Generate a series of pseudo-random bytes of the given length.
#
def self.random_data(size)
... ...
# be raised (failure is not expected).
#
def self.encode_object(object, passphrase)
202   crypto = HubSsoLib::Crypto.new(HUBSSOLIB_RND_FILE_PATH)
  213 crypto = HubSsoLib::Crypto.new
passphrase = crypto.scramble_passphrase(passphrase)
return crypto.encode(Marshal.dump(object), passphrase)
... ...
# this method returns 'nil' should there be any decode problems.
#
def self.decode_object(data, passphrase)
219   crypto = HubSsoLib::Crypto.new(HUBSSOLIB_RND_FILE_PATH)
  230 crypto = HubSsoLib::Crypto.new
passphrase = crypto.scramble_passphrase(passphrase)
object = nil
... ...
# 33, thus providing an offset into the file from which we can safely
# read 32 bytes of data.
257   offset = Digest::MD5.hexdigest(passphrase).hex % (@rnd_size - 32)
  268 offset = Digest::MD5.hexdigest(passphrase).hex % (HubSsoLib::HUBSSOLIB_RANDOM_DATA_SIZE - 32)
# Return 32 bytes of data from the random pool at the calculated offset.
261   return @rnd_data[offset..offset + 31]
  272 return HubSsoLib::HUBSSOLIB_RANDOM_DATA[offset..offset + 31]
end
private
... ...
}
end
  1122 # Establish a single DRb factory connection.
  1123 #
  1124 def hubssolib_factory
  1125 if !defined? @factory
  1126 DRb.start_service()
  1127 @factory = DRbObject.new_with_uri(HUBSSOLIB_DRB_URI)
  1128 end
  1129
  1130 return @factory
  1131 end
  1132
# Retrieve user data from the DRb server.
#
def hubssolib_get_user_data
... ...
hubssolib_set_secure_cookie_data(HUBSSOLIB_COOKIE_NAME, key)
end
1140   DRb.start_service()
  1162 return hubssolib_factory().get_session(key)
1142   factory = DRbObject.new_with_uri(HUBSSOLIB_DRB_URI)
1143   return factory.get_session(key)
1144  
rescue Exception => e
# At this point there tends to be no Session data, so we're
... ...
# be allowed access.
#
def hubssolib_enumerate_users
1169   DRb.start_service()
1170  
1171   factory = DRbObject.new_with_uri(HUBSSOLIB_DRB_URI)
1172   sessions = factory.enumerate_sessions()
  1188 sessions = hubssolib_factory().enumerate_sessions()
users = []
sessions.each do |key, value|

Search tickets

Social

Follow us on and

ROOL Store

Buy RISC OS Open merchandise here, including SD cards for Raspberry Pi and more.

Donate! Why?

Help ROOL make things happen – please consider donating!

RISC OS IPR

RISC OS is an Open Source operating system owned by RISC OS Developments Ltd and licensed primarily under the Apache 2.0 license.

Options

  • Tickets
  • New ticket
  • Milestones
  • Subversion: Changesets
  • Subversion: Browse
  • CVS: Revisions
  • CVS: Browse
  • Search

RSS feeds Rss

  • Changesets
  • Everything!
  • More feeds...
Contact Us  |  About Us

The RISC OS Open Collaboa theme is distantly based on the Collaboa default layout
Site design © RISC OS Open Limited 2024 except where indicated

Hosted by Arachsys

Powered by Collaboa
This site runs on Rails