lanet 0.1.0 → 0.2.1

data/lib/lanet/scanner.rb

@@ -25,55 +25,54 @@ module Lanet
       8443 => "HTTPS-ALT"
     }.freeze
 
-    # Ports to check during scan
     QUICK_CHECK_PORTS = [80, 443, 22, 445, 139, 8080].freeze
 
     def initialize
       @hosts = []
       @mutex = Mutex.new
+      @arp_cache = {}
     end
 
-    # Scan network and return active hosts
     def scan(cidr, timeout = 1, max_threads = 32, verbose = false)
       @verbose = verbose
       @timeout = timeout
-
-      # Clear previous scan results
       @hosts = []
-
-      # Get the range of IP addresses to scan
       range = IPAddr.new(cidr).to_range
-
-      # Create a queue of IPs to scan
       queue = Queue.new
       range.each { |ip| queue << ip.to_s }
-
       total_ips = queue.size
       completed = 0
 
-      # Pre-populate ARP table to improve MAC address resolution
-      update_arp_table(cidr, max_threads)
+      # Initial ARP cache population
+      @arp_cache = parse_arp_table
 
-      # Create worker threads to process the queue
       threads = Array.new([max_threads, total_ips].min) do
         Thread.new do
-          while (ip = begin
-            queue.pop(true)
-          rescue ThreadError
-            nil
-          end)
+          loop do
+            begin
+              ip = queue.pop(true)
+            rescue ThreadError
+              break
+            end
             scan_host(ip)
             @mutex.synchronize do
               completed += 1
               if total_ips < 100 || (completed % 10).zero? || completed == total_ips
-                print_progress(completed,
-                               total_ips)
+                print_progress(completed, total_ips)
               end
             end
           end
         end
       end
 
+      # Periodically update ARP cache
+      arp_updater = Thread.new do
+        while threads.any?(&:alive?)
+          sleep 5
+          @mutex.synchronize { @arp_cache = parse_arp_table }
+        end
+      end
+
       begin
         threads.each(&:join)
         print_progress(total_ips, total_ips)
@@ -82,6 +81,8 @@ module Lanet
       rescue Interrupt
         puts "\nScan interrupted. Returning partial results..."
         @verbose ? @hosts : @hosts.map { |h| h[:ip] }
+      ensure
+        arp_updater.kill if arp_updater.alive?
       end
     end
 
@@ -92,47 +93,62 @@ module Lanet
       print "\rScanning network: #{percent}% complete (#{completed}/#{total})"
     end
 
-    def update_arp_table(cidr, max_threads = 10)
-      # Use fast ping method to update ARP table
-      range = IPAddr.new(cidr).to_range
-      queue = Queue.new
-      range.each { |ip| queue << ip.to_s }
+    def parse_arp_table
+      cmd = RbConfig::CONFIG["host_os"] =~ /mswin|mingw|cygwin/ ? "arp -a" : "arp -a"
+      output = `#{cmd}`
+      arp_cache = {}
 
-      total = queue.size
-      processed = 0
+      case RbConfig::CONFIG["host_os"]
+      when /darwin/
+        output.each_line do |line|
+          next unless line =~ /\((\d+\.\d+\.\d+\.\d+)\) at ([0-9a-f:]+) on/
 
-      threads = Array.new([max_threads, total].min) do
-        Thread.new do
-          while (ip = begin
-            queue.pop(true)
-          rescue ThreadError
-            nil
-          end)
-            # Use system ping to update ARP table
-            system("ping -c 1 -W 1 #{ip} > /dev/null 2>&1 &")
-            sleep 0.01 # Small delay to prevent overwhelming the system
-            processed += 1
-          end
+          ip = ::Regexp.last_match(1)
+          mac = ::Regexp.last_match(2).downcase
+          arp_cache[ip] = mac unless mac == "(incomplete)"
         end
-      end
+      when /linux/
+        output.each_line do |line|
+          next unless line =~ /^(\d+\.\d+\.\d+\.\d+)\s+\w+\s+([0-9a-f:]+)\s+/
+
+          ip = ::Regexp.last_match(1)
+          mac = ::Regexp.last_match(2).downcase
+          arp_cache[ip] = mac unless mac == "00:00:00:00:00:00"
+        end
+      when /mswin|mingw|cygwin/
+        output.each_line do |line|
+          next unless line =~ /^\s*(\d+\.\d+\.\d+\.\d+)\s+([0-9a-f-]+)\s+/
 
-      # Wait for ping operations to complete
-      threads.each(&:join)
-      sleep 1 # Give the system time to update ARP table
+          ip = ::Regexp.last_match(1)
+          mac = ::Regexp.last_match(2).gsub("-", ":").downcase
+          arp_cache[ip] = mac
+        end
+      end
+      arp_cache
     end
 
     def scan_host(ip)
-      # Skip special addresses to save time
-      return if ip.end_with?(".0") && !ip.end_with?(".0.0") # Skip network addresses except 0.0.0.0
+      # Handle broadcast addresses immediately
+      if ip.end_with?(".255") || ip == "255.255.255.255"
+        host_info = { ip: ip, mac: "ff:ff:ff:ff:ff:ff", response_time: 0, detection_method: "Broadcast" }
+        if @verbose
+          host_info[:hostname] = "Broadcast"
+          host_info[:ports] = {}
+        end
+        @mutex.synchronize { @hosts << host_info }
+        return
+      end
+
+      # Skip network addresses
+      return if ip.end_with?(".0") && !ip.end_with?(".0.0")
 
-      # Use multiple methods to detect if a host is alive
       is_active = false
       detection_method = nil
       response_time = nil
       start_time = Time.now
       open_ports = []
 
-      # Method 1: Try TCP port scan (most reliable)
+      # TCP port scan
       tcp_result = tcp_port_scan(ip, QUICK_CHECK_PORTS)
       if tcp_result[:active]
         is_active = true
@@ -140,116 +156,86 @@ module Lanet
         open_ports = tcp_result[:open_ports]
       end
 
-      # Method 2: Try ICMP ping if TCP didn't work
-      unless is_active
-        ping_result = ping_check(ip)
-        if ping_result
-          is_active = true
-          detection_method = "ICMP"
-        end
+      # ICMP ping
+      if !is_active && ping_check(ip)
+        is_active = true
+        detection_method = "ICMP"
       end
 
-      # Method 3: If host is a common network device (e.g., router), check with UDP
-      if !is_active && (ip.end_with?(".1") || ip.end_with?(".254") || ip.end_with?(".255"))
-        udp_result = udp_check(ip)
-        if udp_result
-          is_active = true
-          detection_method = "UDP"
-        end
+      # UDP check for common network devices
+      if !is_active && (ip.end_with?(".1") || ip.end_with?(".254")) && udp_check(ip)
+        is_active = true
+        detection_method = "UDP"
       end
 
-      # Method 4: ARP Check - if we have a MAC, the host is likely active
+      # ARP check
       unless is_active
-        mac_address = get_mac_address(ip)
-        if mac_address && mac_address != "(incomplete)"
+        mac = get_mac_address(ip)
+        if mac && mac != "(incomplete)"
           is_active = true
           detection_method = "ARP"
         end
       end
 
-      # For broadcast addresses, always consider them active
-      if ip.end_with?(".255") || ip == "255.255.255.255"
-        is_active = true
-        detection_method = "Broadcast"
-      end
-
-      # Calculate response time
       response_time = ((Time.now - start_time) * 1000).round(2) if is_active
-
       return unless is_active
 
-      # For active hosts, collect more information if in verbose mode
-      host_info = {
-        ip: ip,
-        mac: get_mac_address(ip),
-        response_time: response_time,
-        detection_method: detection_method
-      }
+      host_info = { ip: ip, mac: get_mac_address(ip), response_time: response_time, detection_method: detection_method }
 
       if @verbose
-        # For verbose mode, try to resolve hostname
-        begin
-          Timeout.timeout(1) do
-            host_info[:hostname] = Resolv.getname(ip)
-          end
-        rescue Resolv::ResolvError, Timeout::Error
-          host_info[:hostname] = "Unknown"
+        host_info[:hostname] = begin
+          Timeout.timeout(1) { Resolv.getname(ip) }
+        rescue StandardError
+          "Unknown"
         end
-
-        # For verbose mode, scan more ports if TCP detection method was successful
         if detection_method == "TCP"
           extra_ports = tcp_port_scan(ip, COMMON_PORTS.keys - QUICK_CHECK_PORTS)[:open_ports]
           open_ports += extra_ports
         end
-
         host_info[:ports] = open_ports.map { |port| [port, COMMON_PORTS[port] || "Unknown"] }.to_h
       end
 
       @mutex.synchronize { @hosts << host_info }
-    rescue StandardError => e
-      puts "\nError scanning host #{ip}: #{e.message}" if $DEBUG
     end
 
     def tcp_port_scan(ip, ports)
       open_ports = []
       is_active = false
+      threads = ports.map do |port|
+        Thread.new(port) do |p|
+          Timeout.timeout(@timeout) do
+            socket = TCPSocket.new(ip, p)
+            Thread.current[:open] = p
+            socket.close
+          end
+        rescue Errno::ECONNREFUSED
+          Thread.current[:active] = true
+        rescue StandardError
+          # Port closed or filtered
+        end
+      end
 
-      ports.each do |port|
-        Timeout.timeout(@timeout) do
-          socket = TCPSocket.new(ip, port)
+      threads.each do |thread|
+        thread.join
+        if thread[:open]
+          open_ports << thread[:open]
+          is_active = true
+        elsif thread[:active]
           is_active = true
-          open_ports << port
-          socket.close
         end
-      rescue Errno::ECONNREFUSED
-        # Connection refused means host is up but port is closed
-        is_active = true
-      rescue StandardError
-        # Other errors mean port is probably closed or filtered
       end
 
       { active: is_active, open_ports: open_ports }
     end
 
     def ping_check(ip)
-      cmd = case RbConfig::CONFIG["host_os"]
-            when /darwin/
-              "ping -c 1 -W 1 #{ip}"
-            when /linux/
-              "ping -c 1 -W 1 #{ip}"
-            when /mswin|mingw|cygwin/
-              "ping -n 1 -w 1000 #{ip}"
-            else
-              "ping -c 1 -W 1 #{ip}"
-            end
-
+      cmd = RbConfig::CONFIG["host_os"] =~ /mswin|mingw|cygwin/ ? "ping -n 1 -w 1000 #{ip}" : "ping -c 1 -W 1 #{ip}"
       system("#{cmd} > /dev/null 2>&1")
       $CHILD_STATUS.exitstatus.zero?
     end
 
     def udp_check(ip)
       common_udp_ports = [53, 67, 68, 123, 137, 138, 1900, 5353]
-
       common_udp_ports.each do |port|
         Timeout.timeout(0.5) do
           socket = UDPSocket.new
@@ -259,35 +245,15 @@ module Lanet
           return true
         end
       rescue Errno::ECONNREFUSED
-        return true # Connection refused means host is up
+        return true
       rescue StandardError
-        # Try next port
+        next
       end
       false
     end
 
     def get_mac_address(ip)
-      return "ff:ff:ff:ff:ff:ff" if ip.end_with?(".255") # Special case for broadcast
-
-      # Get MAC from ARP table
-      cmd = case RbConfig::CONFIG["host_os"]
-            when /darwin/
-              "arp -n #{ip}"
-            when /linux/
-              "arp -n #{ip}"
-            when /mswin|mingw|cygwin/
-              "arp -a #{ip}"
-            else
-              "arp -n #{ip}"
-            end
-
-      output = `#{cmd}`
-
-      if output =~ /([0-9a-fA-F]{1,2}[:-][0-9a-fA-F]{1,2}[:-][0-9a-fA-F]{1,2}[:-][0-9a-fA-F]{1,2}[:-][0-9a-fA-F]{1,2}[:-][0-9a-fA-F]{1,2})/
-        ::Regexp.last_match(1).downcase
-      else
-        "(incomplete)"
-      end
+      @mutex.synchronize { @arp_cache[ip] || "(incomplete)" }
     end
   end
 end

data/lib/lanet/signer.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "base64"
+
+module Lanet
+  class Signer
+    # Error class for signature failures
+    class Error < StandardError; end
+
+    # Signs a message using the provided private key
+    # @param message [String] the message to sign
+    # @param private_key_pem [String] the PEM-encoded private key
+    # @return [String] Base64-encoded signature
+    def self.sign(message, private_key_pem)
+      private_key = OpenSSL::PKey::RSA.new(private_key_pem)
+      signature = private_key.sign(OpenSSL::Digest.new("SHA256"), message.to_s)
+      Base64.strict_encode64(signature)
+    rescue StandardError => e
+      raise Error, "Signing failed: #{e.message}"
+    end
+
+    # Verifies a signature using the provided public key
+    # @param message [String] the original message
+    # @param signature_base64 [String] the Base64-encoded signature
+    # @param public_key_pem [String] the PEM-encoded public key
+    # @return [Boolean] true if signature is valid
+    def self.verify(message, signature_base64, public_key_pem)
+      public_key = OpenSSL::PKey::RSA.new(public_key_pem)
+      signature = Base64.strict_decode64(signature_base64)
+      public_key.verify(OpenSSL::Digest.new("SHA256"), signature, message.to_s)
+    rescue StandardError => e
+      raise Error, "Verification failed: #{e.message}"
+    end
+
+    # Generates a new RSA key pair
+    # @param bits [Integer] key size in bits
+    # @return [Hash] containing :private_key and :public_key as PEM strings
+    def self.generate_key_pair(bits = 2048)
+      key = OpenSSL::PKey::RSA.new(bits)
+      {
+        private_key: key.to_pem,
+        public_key: key.public_key.to_pem
+      }
+    end
+  end
+end

data/lib/lanet/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Lanet
-  VERSION = "0.1.0"
+  VERSION = "0.2.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: lanet
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Davide Santangelo
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-06 00:00:00.000000000 Z
+date: 2025-03-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -97,6 +97,7 @@ files:
 - lib/lanet/receiver.rb
 - lib/lanet/scanner.rb
 - lib/lanet/sender.rb
+- lib/lanet/signer.rb
 - lib/lanet/version.rb
 - sig/lanet.rbs
 homepage: https://github.com/davidesantangelo/lanet