enfcli 4.0.0 → 4.1.0.pre.alpha
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/Dockerfile +2 -2
- data/.circleci/config.yml +5 -0
- data/Gemfile.lock +37 -25
- data/Makefile +7 -0
- data/README.md +52 -7
- data/enfcli.gemspec +28 -26
- data/format.sh +9 -0
- data/lib/enfapi.rb +86 -97
- data/lib/enfcli.rb +166 -94
- data/lib/enfcli/commands/captive.rb +149 -149
- data/lib/enfcli/commands/user.rb +23 -20
- data/lib/enfcli/commands/xcr.rb +95 -82
- data/lib/enfcli/commands/xdns.rb +53 -50
- data/lib/enfcli/commands/xfw.rb +37 -37
- data/lib/enfcli/commands/xiam.rb +87 -80
- data/lib/enfcli/version.rb +1 -1
- data/lib/enfthor.rb +38 -14
- metadata +62 -5
data/lib/enfcli.rb
CHANGED
|
@@ -13,26 +13,29 @@
|
|
|
13
13
|
# See the License for the specific language governing permissions and
|
|
14
14
|
# limitations under the License.
|
|
15
15
|
#
|
|
16
|
-
require
|
|
17
|
-
require
|
|
18
|
-
require
|
|
19
|
-
require
|
|
20
|
-
require
|
|
21
|
-
require
|
|
22
|
-
|
|
23
|
-
require
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
require
|
|
29
|
-
require
|
|
30
|
-
require
|
|
31
|
-
require
|
|
32
|
-
require
|
|
33
|
-
require
|
|
16
|
+
require "openssl"
|
|
17
|
+
require "enfapi"
|
|
18
|
+
require "enfthor"
|
|
19
|
+
require "readline"
|
|
20
|
+
require "singleton"
|
|
21
|
+
require "ipaddr"
|
|
22
|
+
require "clipboard"
|
|
23
|
+
require "json"
|
|
24
|
+
|
|
25
|
+
require "rubygems/commands/update_command"
|
|
26
|
+
require "rubygems/commands/search_command"
|
|
27
|
+
|
|
28
|
+
require "enfcli/version"
|
|
29
|
+
require "enfcli/commands/xcr"
|
|
30
|
+
require "enfcli/commands/xiam"
|
|
31
|
+
require "enfcli/commands/xfw"
|
|
32
|
+
require "enfcli/commands/user"
|
|
33
|
+
require "enfcli/commands/captive"
|
|
34
|
+
require "enfcli/commands/xdns"
|
|
34
35
|
|
|
35
36
|
module EnfCli
|
|
37
|
+
CONFIG_FILE = "#{Dir.home() + "/.xaptum_config.json"}"
|
|
38
|
+
|
|
36
39
|
FIREWALL_CMD = "firewall"
|
|
37
40
|
IAM_CMD = "iam"
|
|
38
41
|
NETWORK_CMD = "network"
|
|
@@ -63,13 +66,13 @@ module EnfCli
|
|
|
63
66
|
@ip.hton
|
|
64
67
|
end
|
|
65
68
|
|
|
66
|
-
def self.ntoh
|
|
67
|
-
ip = IPAddr::new_ntoh(
|
|
69
|
+
def self.ntoh(ipv6_bytes)
|
|
70
|
+
ip = IPAddr::new_ntoh(ipv6_bytes)
|
|
68
71
|
EnfCli::IPV6.new ip.to_s
|
|
69
72
|
end
|
|
70
73
|
|
|
71
74
|
private
|
|
72
|
-
|
|
75
|
+
|
|
73
76
|
attr_accessor :ip
|
|
74
77
|
end
|
|
75
78
|
|
|
@@ -84,10 +87,9 @@ module EnfCli
|
|
|
84
87
|
# store in prefix/len
|
|
85
88
|
@prefix = EnfCli::IPV6.new tokens[0]
|
|
86
89
|
@len = tokens[1].to_i
|
|
87
|
-
|
|
90
|
+
|
|
88
91
|
# raise if len is not 0
|
|
89
92
|
raise EnfCli::ERROR, "#{ipv6cidr} is not a valid CIDR notation." unless len > 2
|
|
90
|
-
|
|
91
93
|
end
|
|
92
94
|
|
|
93
95
|
def prefix_bytes
|
|
@@ -101,47 +103,47 @@ module EnfCli
|
|
|
101
103
|
def to_s
|
|
102
104
|
"#{@prefix.to_s}/#{@len}"
|
|
103
105
|
end
|
|
104
|
-
|
|
106
|
+
|
|
105
107
|
private
|
|
108
|
+
|
|
106
109
|
attr_accessor :prefix, :len
|
|
107
110
|
end
|
|
108
|
-
|
|
111
|
+
|
|
109
112
|
def self.ask_password(prompt = nil)
|
|
110
113
|
begin
|
|
111
|
-
prompt =
|
|
114
|
+
prompt = "Enter Password:" unless prompt
|
|
112
115
|
print prompt
|
|
113
116
|
# We hide the entered characters before to ask for the password
|
|
114
|
-
system
|
|
117
|
+
system "stty -echo"
|
|
115
118
|
password = $stdin.gets.chomp
|
|
116
|
-
system
|
|
119
|
+
system "stty echo"
|
|
117
120
|
puts ""
|
|
118
121
|
return password
|
|
119
|
-
|
|
120
122
|
rescue NoMethodError, Interrupt
|
|
121
123
|
# When the process is exited, we display the characters again
|
|
122
124
|
# And we exit
|
|
123
|
-
system
|
|
125
|
+
system "stty echo"
|
|
124
126
|
exit
|
|
125
127
|
end
|
|
126
128
|
end
|
|
127
129
|
|
|
128
130
|
def self.generate_ec_cert(key, ipv6)
|
|
129
|
-
# monkey patch
|
|
131
|
+
# monkey patch
|
|
130
132
|
OpenSSL::PKey::EC.send(:alias_method, :private?, :private_key?)
|
|
131
|
-
|
|
133
|
+
|
|
132
134
|
# Generate cert
|
|
133
135
|
cert = OpenSSL::X509::Certificate.new
|
|
134
|
-
cert.subject = cert.issuer = OpenSSL::X509::Name.new([[
|
|
136
|
+
cert.subject = cert.issuer = OpenSSL::X509::Name.new([["CN", "#{ipv6}"]])
|
|
135
137
|
cert.not_before = Time.now
|
|
136
138
|
cert.not_after = Time.now + 365 * 24 * 60 * 60
|
|
137
139
|
cert.public_key = key
|
|
138
140
|
cert.serial = 0x0
|
|
139
141
|
cert.version = 2
|
|
140
|
-
|
|
142
|
+
|
|
141
143
|
cert.sign key, OpenSSL::Digest::SHA1.new
|
|
142
144
|
cert
|
|
143
|
-
end
|
|
144
|
-
|
|
145
|
+
end
|
|
146
|
+
|
|
145
147
|
def self.expand_path(file)
|
|
146
148
|
new_file = File.expand_path(EnfCli::expand_env(file))
|
|
147
149
|
end
|
|
@@ -154,7 +156,7 @@ module EnfCli
|
|
|
154
156
|
ip = EnfCli::IPV6.new ipv6
|
|
155
157
|
ip.to_s
|
|
156
158
|
end
|
|
157
|
-
|
|
159
|
+
|
|
158
160
|
##
|
|
159
161
|
# EnfCli error
|
|
160
162
|
#
|
|
@@ -174,7 +176,16 @@ module EnfCli
|
|
|
174
176
|
|
|
175
177
|
def initialize
|
|
176
178
|
@prompt = "enfcli"
|
|
177
|
-
@host =
|
|
179
|
+
@host = ""
|
|
180
|
+
@user = ""
|
|
181
|
+
@session = nil
|
|
182
|
+
end
|
|
183
|
+
|
|
184
|
+
def init(host, user, session)
|
|
185
|
+
@host = host
|
|
186
|
+
@user = user
|
|
187
|
+
@session = session
|
|
188
|
+
@prompt = "enfcli-#{user}" if user
|
|
178
189
|
end
|
|
179
190
|
|
|
180
191
|
def xaptum_admin?
|
|
@@ -189,23 +200,17 @@ module EnfCli
|
|
|
189
200
|
"#{@host}"
|
|
190
201
|
end
|
|
191
202
|
|
|
192
|
-
def
|
|
193
|
-
@
|
|
203
|
+
def auth_token
|
|
204
|
+
@session[:token]
|
|
194
205
|
end
|
|
195
206
|
|
|
196
|
-
def
|
|
197
|
-
|
|
207
|
+
def user
|
|
208
|
+
@user
|
|
198
209
|
end
|
|
199
210
|
|
|
200
|
-
def prompt
|
|
201
|
-
|
|
202
|
-
@prompt = "enfcli-#{value}"
|
|
203
|
-
else
|
|
204
|
-
@prompt= "enfcli"
|
|
205
|
-
end
|
|
206
|
-
|
|
211
|
+
def prompt
|
|
212
|
+
"\001\033[1;32m\002#{@prompt}>\001\033[0m\002 "
|
|
207
213
|
end
|
|
208
|
-
|
|
209
214
|
end
|
|
210
215
|
|
|
211
216
|
##
|
|
@@ -213,75 +218,112 @@ module EnfCli
|
|
|
213
218
|
#
|
|
214
219
|
class CLI < EnfThor
|
|
215
220
|
no_commands {
|
|
216
|
-
def execute_gem_cmd
|
|
217
|
-
begin
|
|
221
|
+
def execute_gem_cmd(cmd)
|
|
222
|
+
begin
|
|
218
223
|
cmd.execute
|
|
219
224
|
rescue Gem::SystemExitException => e
|
|
220
225
|
say "Unable to execute commnad. Please try again!", :red
|
|
221
226
|
end
|
|
222
227
|
end
|
|
223
228
|
}
|
|
224
|
-
|
|
229
|
+
|
|
225
230
|
desc "connect", "Connect to ENF Controller"
|
|
226
|
-
method_option :host, :type => :string
|
|
227
|
-
method_option :user, :type => :string
|
|
228
|
-
|
|
231
|
+
method_option :host, :type => :string
|
|
232
|
+
method_option :user, :type => :string
|
|
233
|
+
|
|
229
234
|
def connect(*names)
|
|
230
|
-
host =
|
|
231
|
-
user =
|
|
235
|
+
host = ""
|
|
236
|
+
user = ""
|
|
232
237
|
|
|
233
238
|
try_with_rescue do
|
|
239
|
+
## first check for command options
|
|
240
|
+
if options[:host] && options[:user]
|
|
241
|
+
host = options[:host]
|
|
242
|
+
user = options[:user]
|
|
243
|
+
elsif File.file?(CONFIG_FILE) # then check for config file
|
|
244
|
+
config_json = JSON.load(File.open(CONFIG_FILE))
|
|
245
|
+
host = config_json["host"]
|
|
246
|
+
user = config_json["user"]
|
|
247
|
+
else
|
|
248
|
+
raise EnfCli::ERROR, "You must either specify the --host and --user parameters or create a Xaptum config file to connect."
|
|
249
|
+
end
|
|
250
|
+
|
|
234
251
|
# Make sure to use https as default
|
|
235
252
|
host = "https://#{host}" unless host =~ /^(http|https):\/\//
|
|
236
|
-
|
|
253
|
+
|
|
237
254
|
# Ask for password
|
|
238
255
|
say "Connecting to '#{host}'.....", :bold
|
|
239
256
|
password = EnfCli::ask_password()
|
|
240
|
-
|
|
257
|
+
|
|
241
258
|
# Authenticate
|
|
242
259
|
resp = EnfApi::API.instance.authenticate(host, user, password)
|
|
243
260
|
|
|
244
|
-
#
|
|
245
|
-
EnfCli::CTX.instance.
|
|
261
|
+
# initialize CTX
|
|
262
|
+
EnfCli::CTX.instance.init host, user, resp[:data][0]
|
|
246
263
|
|
|
247
264
|
# launch shell/exec cmd
|
|
248
265
|
if names.empty?
|
|
249
|
-
EnfCli::Shell::Console::start
|
|
266
|
+
EnfCli::Shell::Console::start
|
|
250
267
|
else
|
|
251
268
|
EnfCli::Shell::CLI.start names
|
|
252
269
|
end
|
|
253
270
|
end
|
|
254
|
-
end
|
|
271
|
+
end
|
|
255
272
|
|
|
256
273
|
map %w[--version -v] => :__print_version
|
|
257
274
|
desc "--version, -v", "print the version"
|
|
275
|
+
|
|
258
276
|
def __print_version
|
|
259
277
|
puts EnfCli::VERSION
|
|
260
278
|
end
|
|
261
279
|
|
|
262
280
|
desc "update", "", :hide => true
|
|
281
|
+
|
|
263
282
|
def update
|
|
264
283
|
cmd = Gem::Commands::UpdateCommand.new
|
|
265
|
-
cmd.handle_options [
|
|
284
|
+
cmd.handle_options ["enfcli"]
|
|
266
285
|
execute_gem_cmd cmd
|
|
267
286
|
end
|
|
268
287
|
|
|
269
288
|
desc "search", "", :hide => true
|
|
289
|
+
|
|
270
290
|
def search
|
|
271
291
|
cmd = Gem::Commands::SearchCommand.new
|
|
272
292
|
cmd.handle_options ["enfcli"]
|
|
273
293
|
execute_gem_cmd cmd
|
|
274
294
|
end
|
|
275
295
|
|
|
296
|
+
desc "create-config-file", "Create a Xaptum configuration file in your home directory"
|
|
297
|
+
method_option :host, :type => :string, :required => true
|
|
298
|
+
method_option :user, :type => :string, :required => true
|
|
299
|
+
|
|
300
|
+
def create_config_file
|
|
301
|
+
host = options[:host]
|
|
302
|
+
user = options[:user]
|
|
303
|
+
config_file = File.new(CONFIG_FILE, "w+")
|
|
304
|
+
config_file.puts({ :host => host, :user => user }.to_json)
|
|
305
|
+
config_file.close
|
|
306
|
+
say "Config file created successfully at #{CONFIG_FILE}!", :green
|
|
307
|
+
end
|
|
308
|
+
|
|
309
|
+
desc "display-config-file", "Displays your Xaptum configuraton file, if it exists"
|
|
310
|
+
|
|
311
|
+
def display_config_file
|
|
312
|
+
file = CONFIG_FILE
|
|
313
|
+
|
|
314
|
+
## return if file not found
|
|
315
|
+
raise EnfCli::ERROR, "#{file} not found!" unless File.exists?(file)
|
|
316
|
+
|
|
317
|
+
say File.readlines(file).join
|
|
318
|
+
end
|
|
319
|
+
|
|
276
320
|
default_task :connect
|
|
277
|
-
|
|
278
321
|
end
|
|
279
322
|
|
|
280
323
|
##
|
|
281
324
|
# Shell Module
|
|
282
325
|
#
|
|
283
326
|
module Shell
|
|
284
|
-
|
|
285
327
|
class Console
|
|
286
328
|
class << self
|
|
287
329
|
def execute(input)
|
|
@@ -289,61 +331,57 @@ module EnfCli
|
|
|
289
331
|
argv = input.split(/[\s=](?=(?:[^"]|"[^"]*")*$)/)
|
|
290
332
|
# now remove quotes.
|
|
291
333
|
argv.each do |arg|
|
|
292
|
-
arg.gsub!(/\A"|"\Z/,
|
|
334
|
+
arg.gsub!(/\A"|"\Z/, "")
|
|
293
335
|
end
|
|
294
336
|
EnfCli::Shell::CLI.start(argv)
|
|
295
337
|
end
|
|
296
338
|
|
|
297
|
-
def start
|
|
339
|
+
def start
|
|
298
340
|
$stdout.sync = true
|
|
299
|
-
# Set prompt
|
|
300
|
-
EnfCli::CTX.instance.prompt = user
|
|
301
341
|
|
|
302
|
-
# Set host
|
|
303
|
-
EnfCli::CTX.instance.host = host
|
|
304
|
-
|
|
305
342
|
# Read each line
|
|
306
|
-
comp = proc { |s| Readline::HISTORY.grep(/^#{Regexp.escape(s)}/) }
|
|
343
|
+
comp = proc { |s| Readline::HISTORY.grep(/^#{Regexp.escape(s)}/) }
|
|
307
344
|
Readline.completion_append_character = " "
|
|
308
345
|
Readline.completion_proc = comp
|
|
309
346
|
|
|
310
347
|
stty_save = `stty -g`.chomp
|
|
311
|
-
trap(
|
|
312
|
-
|
|
348
|
+
trap("INT") { system("stty", stty_save); exit }
|
|
349
|
+
|
|
313
350
|
while input = Readline.readline(EnfCli::CTX.instance.prompt, true)
|
|
314
351
|
break if input == "exit" or input == "\\q" or input == "quit"
|
|
315
|
-
|
|
352
|
+
|
|
316
353
|
# Remove blank lines from history
|
|
317
354
|
Readline::HISTORY.pop if input == ""
|
|
318
|
-
|
|
355
|
+
|
|
319
356
|
execute(input) unless input == ""
|
|
320
357
|
end
|
|
321
|
-
end
|
|
322
|
-
end
|
|
358
|
+
end
|
|
359
|
+
end
|
|
323
360
|
end
|
|
324
361
|
|
|
325
362
|
# Shell CLI class
|
|
326
|
-
class CLI < EnfThor
|
|
327
|
-
|
|
363
|
+
class CLI < EnfCli::EnfThor
|
|
328
364
|
desc "ls [<dir>]", "List files in a directory", :hide => true
|
|
329
365
|
method_option :dir, :type => :string, :required => false
|
|
366
|
+
|
|
330
367
|
def ls(dir = nil)
|
|
331
368
|
try_with_rescue do
|
|
332
369
|
dir = "." unless dir
|
|
333
|
-
dir = EnfCli::expand_path(
|
|
334
|
-
|
|
335
|
-
Dir.entries(
|
|
336
|
-
puts f unless f.start_with?(
|
|
370
|
+
dir = EnfCli::expand_path(dir)
|
|
371
|
+
|
|
372
|
+
Dir.entries(dir).each { |f|
|
|
373
|
+
puts f unless f.start_with?(".")
|
|
337
374
|
}
|
|
338
375
|
end
|
|
339
376
|
end
|
|
340
377
|
|
|
341
378
|
desc "cat <file>", "Display contents of a file", :hide => true
|
|
379
|
+
|
|
342
380
|
def cat(file)
|
|
343
381
|
try_with_rescue do
|
|
344
382
|
# expand path
|
|
345
383
|
file = EnfCli::expand_path(file)
|
|
346
|
-
|
|
384
|
+
|
|
347
385
|
## return if keyfile not found
|
|
348
386
|
raise EnfCli::ERROR, "#{file} not found!" unless File.exists?(file)
|
|
349
387
|
|
|
@@ -352,6 +390,7 @@ module EnfCli
|
|
|
352
390
|
end
|
|
353
391
|
|
|
354
392
|
desc "pwd", "Current Working Directory", :hide => true
|
|
393
|
+
|
|
355
394
|
def pwd
|
|
356
395
|
try_with_rescue do
|
|
357
396
|
say Dir.pwd
|
|
@@ -359,35 +398,69 @@ module EnfCli
|
|
|
359
398
|
end
|
|
360
399
|
|
|
361
400
|
desc "cd [<dir>]", "Change working directory", :hide => true
|
|
401
|
+
|
|
362
402
|
def cd(dir = "~")
|
|
363
403
|
try_with_rescue do
|
|
364
|
-
dir = EnfCli::expand_path(
|
|
404
|
+
dir = EnfCli::expand_path(dir)
|
|
365
405
|
raise EnfCli::ERROR, "No such directory #{dir}" unless Dir.exist?(dir)
|
|
366
406
|
Dir.chdir(dir)
|
|
367
407
|
end
|
|
368
408
|
end
|
|
369
409
|
|
|
370
410
|
desc "host", "Display ENF Controller host", :hide => true
|
|
411
|
+
|
|
371
412
|
def host
|
|
372
413
|
try_with_rescue do
|
|
373
414
|
say EnfCli::CTX.instance.host, :bold
|
|
374
415
|
end
|
|
375
416
|
end
|
|
376
|
-
|
|
417
|
+
|
|
377
418
|
desc "clear", "Clear Terminal Screen", :hide => true
|
|
419
|
+
|
|
378
420
|
def clear
|
|
379
421
|
try_with_rescue do
|
|
380
422
|
clear_code = %x{clear}
|
|
381
423
|
print clear_code or system("cls")
|
|
382
424
|
end
|
|
383
425
|
end
|
|
384
|
-
|
|
426
|
+
|
|
427
|
+
desc "display-session-token", "Gets the current session token"
|
|
428
|
+
|
|
429
|
+
def display_session_token
|
|
430
|
+
try_with_rescue_in_session do
|
|
431
|
+
say "#{EnfCli::CTX.instance.auth_token}"
|
|
432
|
+
end
|
|
433
|
+
end
|
|
434
|
+
|
|
435
|
+
desc "refresh-session-token", "Refreshes the current session token"
|
|
436
|
+
|
|
437
|
+
def refresh_session_token
|
|
438
|
+
try_with_rescue_in_session do
|
|
439
|
+
# Get user and host
|
|
440
|
+
host = EnfCli::CTX.instance.host
|
|
441
|
+
user = EnfCli::CTX.instance.user
|
|
442
|
+
|
|
443
|
+
# Ask for password
|
|
444
|
+
say "Refreshing session token.....", :bold
|
|
445
|
+
password = EnfCli::ask_password()
|
|
446
|
+
|
|
447
|
+
# Authenticate
|
|
448
|
+
resp = EnfApi::API.instance.authenticate(host, user, password)
|
|
449
|
+
|
|
450
|
+
# update session
|
|
451
|
+
EnfCli::CTX.instance.session = resp[:data][0]
|
|
452
|
+
|
|
453
|
+
# display success
|
|
454
|
+
say "Refreshed session token!", :green
|
|
455
|
+
end
|
|
456
|
+
end
|
|
457
|
+
|
|
385
458
|
desc "#{EnfCli::NETWORK_CMD} COMMANDS", "#{EnfCli::NETWORK_CMD} commands"
|
|
386
459
|
subcommand EnfCli::NETWORK_CMD, EnfCli::Cmd::Xcr
|
|
387
|
-
|
|
460
|
+
|
|
388
461
|
desc "#{EnfCli::IAM_CMD} COMMANDS", "#{EnfCli::IAM_CMD} commands"
|
|
389
462
|
subcommand EnfCli::IAM_CMD, EnfCli::Cmd::Xiam
|
|
390
|
-
|
|
463
|
+
|
|
391
464
|
desc "#{EnfCli::FIREWALL_CMD} COMMANDS", "#{EnfCli::FIREWALL_CMD} commands"
|
|
392
465
|
subcommand EnfCli::FIREWALL_CMD, EnfCli::Cmd::Xfw
|
|
393
466
|
|
|
@@ -401,5 +474,4 @@ module EnfCli
|
|
|
401
474
|
subcommand EnfCli::DNS_CMD, EnfCli::Cmd::Xdns
|
|
402
475
|
end
|
|
403
476
|
end
|
|
404
|
-
|
|
405
477
|
end
|