Class: Protocol::ZMTP::Mechanism::Plain

Inherits:

Object

• Object
• Protocol::ZMTP::Mechanism::Plain

Defined in:

lib/protocol/zmtp/mechanism/plain.rb

Overview

PLAIN security mechanism — username/password authentication, no encryption.

Implements the ZMTP PLAIN handshake (RFC 24):

client → server:  HELLO    (username + password)
server → client:  WELCOME  (empty, credentials accepted)
client → server:  INITIATE (socket metadata)
server → client:  READY    (socket metadata)

Constant Summary

MECHANISM_NAME =

"PLAIN"

Instance Method Summary

• #encrypted? ⇒ Boolean

  False — PLAIN does not encrypt frames.

• #handshake!(io, as_server:, socket_type:, identity:, metadata: nil) ⇒ Hash

  Performs the full PLAIN handshake over io.

• #initialize(username: "", password: "", authenticator: nil) ⇒ Plain constructor

  A new instance of Plain.

Constructor Details

#initialize(username: "", password: "", authenticator: nil) ⇒ Plain

Returns a new instance of Plain.

Parameters:

• username (String) (defaults to: "") —

  client username (max 255 bytes)

• password (String) (defaults to: "") —

  client password (max 255 bytes)

• authenticator (#call, nil) (defaults to: nil) —

  server-side credential verifier; called as authenticator.call(username, password) and must return truthy to accept the connection. When nil, all credentials pass.

# File 'lib/protocol/zmtp/mechanism/plain.rb', line 24

def initialize(username: "", password: "", authenticator: nil)
  @username      = username
  @password      = password
  @authenticator = authenticator
end

Instance Method Details

#encrypted? ⇒ Boolean

Returns false — PLAIN does not encrypt frames.

Returns:

• (Boolean) —

  false — PLAIN does not encrypt frames

# File 'lib/protocol/zmtp/mechanism/plain.rb', line 59

def encrypted?
  false
end

#handshake!(io, as_server:, socket_type:, identity:, metadata: nil) ⇒ Hash

Performs the full PLAIN handshake over io.

Parameters:

• io (#read_exactly, #write, #flush) —

  transport IO

• as_server (Boolean)
• socket_type (String)
• identity (String)
• metadata (Hash{String => String}, nil) (defaults to: nil) —

  extra READY properties

Returns:

• (Hash) —

  { peer_socket_type:, peer_identity:, peer_properties: }

Raises:

• (Error)

# File 'lib/protocol/zmtp/mechanism/plain.rb', line 40

def handshake!(io, as_server:, socket_type:, identity:, metadata: nil)
  io.write(Codec::Greeting.encode(mechanism: MECHANISM_NAME, as_server: as_server))
  io.flush

  peer_greeting = Codec::Greeting.read_from(io)

  unless peer_greeting[:mechanism] == MECHANISM_NAME
    raise Error, "unsupported mechanism: #{peer_greeting[:mechanism]}"
  end

  if as_server
    server_handshake! io, socket_type: socket_type, identity: identity, metadata: metadata
  else
    client_handshake! io, socket_type: socket_type, identity: identity, metadata: metadata
  end
end