Class: Protocol::ZMTP::Mechanism::Plain

Inherits:

Object

• Object
• Protocol::ZMTP::Mechanism::Plain

Defined in:

lib/protocol/zmtp/mechanism/plain.rb

Overview

PLAIN security mechanism — username/password authentication, no encryption.

Implements the ZMTP PLAIN handshake (RFC 24):

client → server:  HELLO    (username + password)
server → client:  WELCOME  (empty, credentials accepted)
client → server:  INITIATE (socket metadata)
server → client:  READY    (socket metadata)

Constant Summary

MECHANISM_NAME =

"PLAIN"

Instance Attribute Summary

• #metadata ⇒ Hash{String => String}

  Extra READY/INITIATE properties an upper layer wants this side to advertise.

Instance Method Summary

• #encrypted? ⇒ Boolean

  False — PLAIN does not encrypt frames.

• #handshake!(io, as_server:, socket_type:, identity:, qos: 0, qos_hash: "") ⇒ Hash

  Performs the full PLAIN handshake over io.

• #initialize(username: "", password: "", authenticator: nil) ⇒ Plain constructor

  A new instance of Plain.

Constructor Details

#initialize(username: "", password: "", authenticator: nil) ⇒ Plain

Returns a new instance of Plain.

Parameters:

• username (String) (defaults to: "") —

  client username (max 255 bytes)

• password (String) (defaults to: "") —

  client password (max 255 bytes)

• authenticator (#call, nil) (defaults to: nil) —

  server-side credential verifier; called as authenticator.call(username, password) and must return truthy to accept the connection. When nil, all credentials pass.

# File 'lib/protocol/zmtp/mechanism/plain.rb', line 30

def initialize(username: "", password: "", authenticator: nil)
  @username         = username
  @password         = password
  @authenticator    = authenticator
  @metadata = nil
end

Instance Attribute Details

#metadata ⇒ Hash{String => String}

Extra READY/INITIATE properties an upper layer wants this side to advertise. Mutated before #handshake!.

Returns:

• (Hash{String => String})

# File 'lib/protocol/zmtp/mechanism/plain.rb', line 22

def metadata
  @metadata
end

Instance Method Details

#encrypted? ⇒ Boolean

Returns false — PLAIN does not encrypt frames.

Returns:

• (Boolean) —

  false — PLAIN does not encrypt frames

# File 'lib/protocol/zmtp/mechanism/plain.rb', line 68

def encrypted?
  false
end

#handshake!(io, as_server:, socket_type:, identity:, qos: 0, qos_hash: "") ⇒ Hash

Performs the full PLAIN handshake over io.

Parameters:

• io (#read_exactly, #write, #flush) —

  transport IO

• as_server (Boolean)
• socket_type (String)
• identity (String)

Returns:

• (Hash) —

  { peer_socket_type:, peer_identity: }

Raises:

• (Error)

# File 'lib/protocol/zmtp/mechanism/plain.rb', line 46

def handshake!(io, as_server:, socket_type:, identity:, qos: 0, qos_hash: "")
  io.write(Codec::Greeting.encode(mechanism: MECHANISM_NAME, as_server: as_server))
  io.flush

  greeting_data = io.read_exactly(Codec::Greeting::SIZE)
  peer_greeting = Codec::Greeting.decode(greeting_data)

  unless peer_greeting[:mechanism] == MECHANISM_NAME
    raise Error, "unsupported mechanism: #{peer_greeting[:mechanism]}"
  end

  if as_server
    server_handshake! io, socket_type: socket_type, identity: identity,
      qos: qos, qos_hash: qos_hash
  else
    client_handshake! io, socket_type: socket_type, identity: identity,
      qos: qos, qos_hash: qos_hash
  end
end