From f40ccf4a1567851547114731b4819c986aa093df Mon Sep 17 00:00:00 2001 From: Eduardo Julian Date: Fri, 11 Jan 2019 21:44:36 -0400 Subject: Re-named "lux/control/security/taint" to "lux/control/security/integrity". --- stdlib/source/lux/control/security/integrity.lux | 51 ++++++++++++++++++++++++ stdlib/source/lux/control/security/taint.lux | 51 ------------------------ stdlib/source/lux/world/console.lux | 6 +-- stdlib/source/lux/world/environment.jvm.lux | 4 +- stdlib/source/lux/world/file.lux | 4 +- stdlib/source/lux/world/net/http.lux | 2 +- stdlib/source/lux/world/net/http/request.lux | 24 +++++------ stdlib/source/lux/world/net/http/route.lux | 22 +++++----- stdlib/source/lux/world/net/tcp.jvm.lux | 4 +- stdlib/source/lux/world/net/udp.jvm.lux | 4 +- 10 files changed, 86 insertions(+), 86 deletions(-) create mode 100644 stdlib/source/lux/control/security/integrity.lux delete mode 100644 stdlib/source/lux/control/security/taint.lux (limited to 'stdlib/source') diff --git a/stdlib/source/lux/control/security/integrity.lux b/stdlib/source/lux/control/security/integrity.lux new file mode 100644 index 000000000..b78351b38 --- /dev/null +++ b/stdlib/source/lux/control/security/integrity.lux @@ -0,0 +1,51 @@ +(.module: + [lux #* + [control + [functor (#+ Functor)] + [apply (#+ Apply)] + [monad (#+ Monad)]] + [data + [error (#+ Error)]] + [type + abstract]]) + +(abstract: #export (Dirty a) + {#.doc (doc "A value which is considered untrustworthy due to its origin.")} + + a + + (def: #export taint + {#.doc (doc "Mark a value as dirty/untrustworthy.")} + (All [a] (-> a (Dirty a))) + (|>> :abstraction)) + + (def: #export (validate validator dirty) + {#.doc (doc "Test a dirty/untrustworthy value." + "Potentially produces a 'clean' value.")} + (All [a b] (-> (-> a (Error b)) (Dirty a) (Error b))) + (validator (:representation dirty))) + + (def: #export trust + {#.doc (doc "Trusts a (previously thought as) dirty/untrustworthy value." + "Only use this function if you know what you are doing." + "Trusting a value that hasn't been validated opens a security vulnerability.")} + (All [a] (-> (Dirty a) a)) + (|>> :representation)) + + (structure: #export _ (Functor Dirty) + (def: (map f fa) + (|> fa :representation f :abstraction))) + + (structure: #export _ (Apply Dirty) + (def: functor Functor) + + (def: (apply ff fa) + (:abstraction ((:representation ff) (:representation fa))))) + + (structure: #export _ (Monad Dirty) + (def: functor Functor) + + (def: wrap (|>> :abstraction)) + + (def: join (|>> :representation))) + ) diff --git a/stdlib/source/lux/control/security/taint.lux b/stdlib/source/lux/control/security/taint.lux deleted file mode 100644 index b78351b38..000000000 --- a/stdlib/source/lux/control/security/taint.lux +++ /dev/null @@ -1,51 +0,0 @@ -(.module: - [lux #* - [control - [functor (#+ Functor)] - [apply (#+ Apply)] - [monad (#+ Monad)]] - [data - [error (#+ Error)]] - [type - abstract]]) - -(abstract: #export (Dirty a) - {#.doc (doc "A value which is considered untrustworthy due to its origin.")} - - a - - (def: #export taint - {#.doc (doc "Mark a value as dirty/untrustworthy.")} - (All [a] (-> a (Dirty a))) - (|>> :abstraction)) - - (def: #export (validate validator dirty) - {#.doc (doc "Test a dirty/untrustworthy value." - "Potentially produces a 'clean' value.")} - (All [a b] (-> (-> a (Error b)) (Dirty a) (Error b))) - (validator (:representation dirty))) - - (def: #export trust - {#.doc (doc "Trusts a (previously thought as) dirty/untrustworthy value." - "Only use this function if you know what you are doing." - "Trusting a value that hasn't been validated opens a security vulnerability.")} - (All [a] (-> (Dirty a) a)) - (|>> :representation)) - - (structure: #export _ (Functor Dirty) - (def: (map f fa) - (|> fa :representation f :abstraction))) - - (structure: #export _ (Apply Dirty) - (def: functor Functor) - - (def: (apply ff fa) - (:abstraction ((:representation ff) (:representation fa))))) - - (structure: #export _ (Monad Dirty) - (def: functor Functor) - - (def: wrap (|>> :abstraction)) - - (def: join (|>> :representation))) - ) diff --git a/stdlib/source/lux/world/console.lux b/stdlib/source/lux/world/console.lux index 5c0aff910..b02f0f69d 100644 --- a/stdlib/source/lux/world/console.lux +++ b/stdlib/source/lux/world/console.lux @@ -6,7 +6,7 @@ [concurrency ["." promise (#+ Promise)]] [security - ["." taint (#+ Dirty taint)] + ["." integrity (#+ Dirty)] [capability (#+ Capability)]]] [data ["." error (#+ Error)] @@ -87,12 +87,12 @@ (def: (read _) (|> jvm-input InputStream::read - (:: io.Functor map (|>> .nat taint)))) + (:: io.Functor map (|>> .nat integrity.taint)))) (def: (read-line _) (|> jvm-console java/io/Console::readLine - (:: io.Functor map taint))) + (:: io.Functor map integrity.taint))) (def: (write message) (PrintStream::print message jvm-output)) diff --git a/stdlib/source/lux/world/environment.jvm.lux b/stdlib/source/lux/world/environment.jvm.lux index 57ffcd465..1a373ba8c 100644 --- a/stdlib/source/lux/world/environment.jvm.lux +++ b/stdlib/source/lux/world/environment.jvm.lux @@ -2,7 +2,7 @@ [lux #* [control [security - ["." taint (#+ Dirty taint)]]] + ["." integrity (#+ Dirty)]]] [data ["." text] [format @@ -53,4 +53,4 @@ Set::iterator (consume-iterator entry-to-kv) (dictionary.from-list text.Hash) - taint))) + integrity.taint))) diff --git a/stdlib/source/lux/world/file.lux b/stdlib/source/lux/world/file.lux index f0269e52c..4793f2fa2 100644 --- a/stdlib/source/lux/world/file.lux +++ b/stdlib/source/lux/world/file.lux @@ -6,7 +6,7 @@ [concurrency ["." promise (#+ Promise)]] [security - ["." taint (#+ Dirty taint)] + ["." integrity (#+ Dirty)] ["." capability (#+ Capability)]]] [data ["." maybe] @@ -246,7 +246,7 @@ bytes-read (InputStream::read data stream) _ (AutoCloseable::close stream)] (if (i/= size bytes-read) - (wrap (taint data)) + (wrap (integrity.taint data)) (io.io (ex.throw cannot-read-all-data path))))) (def: (size _) diff --git a/stdlib/source/lux/world/net/http.lux b/stdlib/source/lux/world/net/http.lux index 7fcdb5244..d063d75ac 100644 --- a/stdlib/source/lux/world/net/http.lux +++ b/stdlib/source/lux/world/net/http.lux @@ -5,7 +5,7 @@ [promise (#+ Promise)] [frp (#+ Channel)]] [security - [taint (#+ Dirty)]]] + [integrity (#+ Dirty)]]] [data [format [context (#+ Context)]]] diff --git a/stdlib/source/lux/world/net/http/request.lux b/stdlib/source/lux/world/net/http/request.lux index 9db7e6973..03c78fca8 100644 --- a/stdlib/source/lux/world/net/http/request.lux +++ b/stdlib/source/lux/world/net/http/request.lux @@ -7,7 +7,7 @@ ["." promise (#+ Promise)] ["." frp]] [security - ["." taint (#+ Dirty)]]] + ["." integrity (#+ Dirty)]]] [data ["." maybe] ["." error (#+ Error)] @@ -54,14 +54,14 @@ (def: #export (json server) (-> (-> (Dirty JSON) Server) Server) (function (_ request) - (let [[identification protocol resource message] (taint.trust request)] + (let [[identification protocol resource message] (integrity.trust request)] (do promise.Monad [?raw (read-text-body (get@ #//.body message))] (case (do error.Monad [raw ?raw] (:: json.Codec decode raw)) (#error.Success content) - (server (taint.taint content) request) + (server (integrity.taint content) request) (#error.Failure error) (promise.resolved ..failure)))))) @@ -69,12 +69,12 @@ (def: #export (text server) (-> (-> (Dirty Text) Server) Server) (function (_ request) - (let [[identification protocol resource message] (taint.trust request)] + (let [[identification protocol resource message] (integrity.trust request)] (do promise.Monad [?raw (read-text-body (get@ #//.body message))] (case ?raw (#error.Success content) - (server (taint.taint content) request) + (server (integrity.taint content) request) (#error.Failure error) (promise.resolved ..failure)))))) @@ -82,7 +82,7 @@ (def: #export (query property server) (All [a] (-> (Property a) (-> (Dirty a) Server) Server)) (function (_ request) - (let [[identification protocol resource message] (taint.trust request) + (let [[identification protocol resource message] (integrity.trust request) full (get@ #//.uri resource) [uri query] (|> full (text.split-with "?") @@ -90,10 +90,10 @@ (case (do error.Monad [query (//query.parameters query) input (context.run query property)] - (wrap [(taint.taint [identification protocol (set@ #//.uri uri resource) message]) + (wrap [(integrity.taint [identification protocol (set@ #//.uri uri resource) message]) input])) (#error.Success [request input]) - (server (taint.taint input) request) + (server (integrity.taint input) request) (#error.Failure error) (promise.resolved ..failure))))) @@ -101,7 +101,7 @@ (def: #export (form property server) (All [a] (-> (Property a) (-> (Dirty a) Server) Server)) (function (_ request) - (let [[identification protocol resource message] (taint.trust request)] + (let [[identification protocol resource message] (integrity.trust request)] (do promise.Monad [?body (read-text-body (get@ #//.body message))] (case (do error.Monad @@ -109,7 +109,7 @@ form (//query.parameters body)] (context.run form property)) (#error.Success input) - (server (taint.taint input) request) + (server (integrity.taint input) request) (#error.Failure error) (promise.resolved ..failure)))))) @@ -117,7 +117,7 @@ (def: #export (cookies property server) (All [a] (-> (Property a) (-> (Dirty a) Server) Server)) (function (_ request) - (let [[identification protocol resource message] (taint.trust request)] + (let [[identification protocol resource message] (integrity.trust request)] (case (do error.Monad [cookies (|> (get@ #//.headers message) (dictionary.get "Cookie") @@ -125,7 +125,7 @@ //cookie.get)] (context.run cookies property)) (#error.Success input) - (server (taint.taint input) request) + (server (integrity.taint input) request) (#error.Failure error) (promise.resolved ..failure))))) diff --git a/stdlib/source/lux/world/net/http/route.lux b/stdlib/source/lux/world/net/http/route.lux index e430b9739..1825b2795 100644 --- a/stdlib/source/lux/world/net/http/route.lux +++ b/stdlib/source/lux/world/net/http/route.lux @@ -5,7 +5,7 @@ [concurrency ["." promise]] [security - ["." taint]]] + ["." integrity]]] [data ["." maybe] ["." text ("text/." Equivalence)]]] @@ -17,7 +17,7 @@ [(def: #export ( server) (-> Server Server) (function (_ request) - (let [[identification protocol resource message] (taint.trust request)] + (let [[identification protocol resource message] (integrity.trust request)] (case (get@ #//.scheme protocol) (server request) @@ -33,7 +33,7 @@ [(def: #export ( server) (-> Server Server) (function (_ request) - (let [[identification protocol resource message] (taint.trust request)] + (let [[identification protocol resource message] (integrity.trust request)] (case (get@ #//.method resource) (server request) @@ -55,7 +55,7 @@ (def: #export (uri path server) (-> URI Server Server) (function (_ request) - (let [[identification protocol resource message] (taint.trust request)] + (let [[identification protocol resource message] (integrity.trust request)] (if (text/= path (get@ #//.uri resource)) (server request) (promise.resolved //response.not-found))))) @@ -63,14 +63,14 @@ (def: #export (sub path server) (-> URI Server Server) (function (_ request) - (let [[identification protocol resource message] (taint.trust request)] + (let [[identification protocol resource message] (integrity.trust request)] (if (text.starts-with? path (get@ #//.uri resource)) - (server (taint.taint [identification - protocol - (update@ #//.uri - (|>> (text.clip' (text.size path)) maybe.assume) - resource) - message])) + (server (integrity.taint [identification + protocol + (update@ #//.uri + (|>> (text.clip' (text.size path)) maybe.assume) + resource) + message])) (promise.resolved //response.not-found))))) (def: #export (or primary alternative) diff --git a/stdlib/source/lux/world/net/tcp.jvm.lux b/stdlib/source/lux/world/net/tcp.jvm.lux index cd8543f3a..de1d9ffef 100644 --- a/stdlib/source/lux/world/net/tcp.jvm.lux +++ b/stdlib/source/lux/world/net/tcp.jvm.lux @@ -7,7 +7,7 @@ [task (#+ Task)] ["." frp]] [security - ["." taint (#+ Dirty taint)]]] + ["." integrity (#+ Dirty)]]] [data ["." error (#+ Error)]] [world @@ -73,7 +73,7 @@ [#let [data (binary.create size)] bytes-read (InputStream::read data +0 (.int size) input)] (wrap [(.nat bytes-read) - (taint data)]))) + (integrity.taint data)]))) (def: (write data) (do io.Monad diff --git a/stdlib/source/lux/world/net/udp.jvm.lux b/stdlib/source/lux/world/net/udp.jvm.lux index 3e9015b56..c474c5c79 100644 --- a/stdlib/source/lux/world/net/udp.jvm.lux +++ b/stdlib/source/lux/world/net/udp.jvm.lux @@ -7,7 +7,7 @@ ["." promise (#+ Promise)] [task (#+ Task)]] [security - ["." taint (#+ Dirty taint)]]] + ["." integrity (#+ Dirty)]]] [data ["." error (#+ Error)] ["." maybe] @@ -94,7 +94,7 @@ (wrap [bytes-read {#//.address (|> packet DatagramPacket::getAddress InetAddress::getHostAddress) #//.port (.nat (DatagramPacket::getPort packet))} - (taint data)])))) + (integrity.taint data)])))) (def: (write [location data]) (do io.Monad -- cgit v1.2.3