ovpnmcgen.rb 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 510af3c4d73274fe91dff739fe77f883e3f5b79e
-  data.tar.gz: 39b381a40aadc97c26ee22500246be3b0e101879
+  metadata.gz: 46fbf55958e663b0d989719e018d03c02e09a5ba
+  data.tar.gz: c8c37d5b2ed29586c50e35fbf4de216ec2a72d77
 SHA512:
-  metadata.gz: d38b4b00261d0593db63a8539c5fa65b2bd5d28e3a3f9b833d64a08cb332ec5a5ef4862f610372e4e6d991cbf63d954f05628b6f871dd141087def94e272cc52
-  data.tar.gz: 18d9405965ffc38ebd3676cc4e3e210ee3cc9be161ffd93c2bcfadb8082be88e2d3a57247f8fb7b8d6fd51c05b6fdc90c289a6620644d708aa3b136247facf9b
+  metadata.gz: 1590088cd9aee76d9334e554d68aae6daafd97b0eb4d109403af03dbbf40972690c82fac0b30b15f7ed2942d382cf117f970b43f49622e00136ab5b5e6ae963e
+  data.tar.gz: a611b7db6ed827eca83605df6087bbcf1754b87865fbdd4eda0bf012ab42f5a7fe6c8b10e451e7c16873d699e1f04c7efb3687036ff26bb80d8082458709988c

data/.gitignore

@@ -18,3 +18,4 @@ test/version_tmp
 tmp
 .ruby-version
 .ruby-gemset
+.ovpnmcgen.rb.yml

data/.travis.yml

@@ -5,7 +5,7 @@ before_install:
 rvm:
   - 1.9.3
   - 2.0.0
-  - 2.1-head
+  - 2.1
   - ruby-head
   - jruby-19mode
 

data/ChangeLog

@@ -1,3 +1,7 @@
+= 0.4.0 / 2014-05-04
+	* VoD rules in `--[un]trusted-ssids` to also use `InterfaceTypeMatch`.
+	* Added support for configuration persistance, via ENV or ~/.ovpnmcgen.rb.yml or `--config` flag.
+
 = 0.3.0 / 2014-05-04
 	* Documentation updates.
 	* Added support for `URLStringProbe`, via `--url-probe`.

data/README.md

@@ -44,6 +44,7 @@ Build and install the gem:
 Usage: ovpnmcgen.rb generate [options] <user> <device>
 
   Options:
+    -c, --config FILE    Specify path to config file. [Default: .ovpnmcgen.rb.yml]
     --cafile FILE        Path to OpenVPN CA file. (Required)
     --tafile FILE        Path to TLS-Auth Key file.
     --host HOSTNAME      Hostname of OpenVPN server. (Required)
@@ -63,6 +64,12 @@ Usage: ovpnmcgen.rb generate [options] <user> <device>
     -o, --output FILE    Output to file. [Default: stdout]
 ```
 
+### Configuration
+
+Option flags can be set using environment variables or placed into a YAML formatted file. The default filename `.ovpnmcgen.rb.yml` will be searched for in `./`, and then `~/`.
+
+Note: Only for YAML configuration files and environment variables, flags with hyphens (-) are replaced with underscores (_), i.e. `--trusted-ssids safe` should be `trusted_ssids: safe`.
+
 ### Security Levels
 
 There are three different security levels to choose from, 'paranoid', 'high' (default), and 'medium'. The algorithm illustrated above is for 'high'.

data/bin/ovpnmcgen.rb

@@ -2,6 +2,7 @@
 
 require 'ovpnmcgen'
 require 'commander/import'
+require 'ovpnmcgen/config'
 
 program :version, Ovpnmcgen::VERSION
 program :description, Ovpnmcgen::SUMMARY
@@ -9,7 +10,7 @@ program :help, 'Usage', 'ovpnmcgen.rb <command> [options] <args...>'
 program :help_formatter, :compact
 default_command :help
 never_trace!
-#global_option '-c', '--config FILE', 'Specify path to config file' #not implemented yet
+global_option '-c', '--config FILE', 'Specify path to config file. [Default: .ovpnmcgen.rb.yml]'
  
 command :generate do |c|
   c.syntax = 'ovpnmcgen.rb generate [options] <user> <device>'
@@ -37,31 +38,53 @@ command :generate do |c|
   c.option '-o', '--output FILE', 'Output to file. [Default: stdout]'
   c.action do |args, options|
     raise ArgumentError.new "Invalid arguments. Run '#{File.basename(__FILE__)} help generate' for guidance" if args.nil? or args.length < 2
-    raise ArgumentError.new "Host is required" unless options.host
-    raise ArgumentError.new "cafile is required" unless options.cafile
-    raise ArgumentError.new "PKCS#12 file is required" unless options.p12file
-    options.default :vod => true, :proto => 'udp', :port => 1194, :security_level => 'high'
-    user, device, p12file, p12pass = args
+
+    # Set up configuration environment.
+    if options.config
+      Ovpnmcgen.configure(options.config)
+    else
+      Ovpnmcgen.configure
+    end
+    config = Ovpnmcgen.config
+
+    raise ArgumentError.new "Host is required" unless options.host or config.host
+    raise ArgumentError.new "cafile is required" unless options.cafile or config.cafile
+    raise ArgumentError.new "PKCS#12 file is required" unless options.p12file or config.p12file
+
+    options.default :vod => case
+      when config.vod == true || config.no_vod == false
+        true
+      when config.vod == false || config.no_vod == true
+        false
+      else # enabled by default
+        true
+      end,
+      :proto => (config.proto)? config.proto : 'udp',
+      :port => (config.port)? config.port : 1194,
+      :security_level => (config.security_level)? config.security_level : 'high'
+
+    user, device = args
+
     inputs = {
       :user => user,
       :device => device,
-      :p12file => options.p12file,
-      :p12pass => options.p12pass,
-      :cafile => options.cafile,
-      :host => options.host,
+      :p12file => options.p12file || config.p12file,
+      :p12pass => options.p12pass || config.p12pass,
+      :cafile => options.cafile || config.cafile,
+      :host => options.host || config.host,
       :proto => options.proto,
       :port => options.port,
       :enableVOD => options.vod,
-      :trusted_ssids => options.trusted_ssids,
-      :untrusted_ssids => options.untrusted_ssids,
-      :profile_uuid => options.profile_uuid,
-      :vpn_uuid => options.vpn_uuid,
-      :cert_uuid => options.cert_uuid,
+      :trusted_ssids => options.trusted_ssids || config.trusted_ssids,
+      :untrusted_ssids => options.untrusted_ssids || config.untrusted_ssids,
+      :profile_uuid => options.profile_uuid || config.profile_uuid,
+      :vpn_uuid => options.vpn_uuid || config.vpn_uuid,
+      :cert_uuid => options.cert_uuid || config.cert_uuid,
       :security_level => options.security_level
     }
-    inputs[:ovpnconfigfile] = options.ovpnconfigfile if options.ovpnconfigfile
-    inputs[:tafile] = options.tafile if options.tafile
-    inputs[:url_probe] = options.url_probe if options.url_probe
+    inputs[:ovpnconfigfile] = options.ovpnconfigfile || config.ovpnconfigfile if options.ovpnconfigfile or config.ovpnconfigfile
+    inputs[:tafile] = options.tafile || config.tafile if options.tafile or config.tafile
+    inputs[:url_probe] = options.url_probe || config.url_probe if options.url_probe or config.url_probe
 
     unless options.output
       puts Ovpnmcgen.generate(inputs)

data/features/gen_basic.feature

@@ -156,6 +156,8 @@ Feature: Basic Generate Functionality
 		Then the output should match:
 			"""
 			<string>Disconnect</string>
+			\s*<key>InterfaceTypeMatch</key>
+			\s*<string>WiFi</string>
 			\s*<key>SSIDMatch</key>
 			\s*<array>
 			\s*<string>trusted1</string>
@@ -165,6 +167,8 @@ Feature: Basic Generate Functionality
 		And the output should match:
 			"""
 			<string>Connect</string>
+			\s*<key>InterfaceTypeMatch</key>
+			\s*<string>WiFi</string>
 			\s*<key>SSIDMatch</key>
 			\s*<array>
 			\s*<string>evil3</string>

data/features/gen_configfile.feature

@@ -0,0 +1,129 @@
+Feature: Generate Functionality with Configuration File
+	In order to generate a properly formatted plist mobileconfig with less typing
+	As a CLI
+	Some basic inputs are taken from a config file, if available
+
+	Background:
+		Given a file named "ca.crt" with:
+			"""
+			Contents of CA file
+			With newlines
+			And more newlines
+			That should appear as one line
+			"""
+		And a file named "p12file.p12" with:
+			"""
+			p12file that should appear
+			In base64 encoding as <data/>
+			"""
+
+	Scenario: A configuration file supplied should be read, without the need for required flags.
+		Given a file named ".ovpnmcgen.rb.yml" with:
+			"""
+			host: aruba.cucumber.org
+			"""
+		When I run `ovpnmcgen.rb g cucumber aruba`
+		Then the output should contain "error: "
+		And the output should not contain "error: Host"
+
+	Scenario: A custom configuration file supplied should be read, without the need for required flags.
+		Given a file named ".custom.yml" with:
+			"""
+			host: aruba.cucumber.org
+			"""
+		When I run `ovpnmcgen.rb g --config .custom.yml cucumber aruba`
+		Then the output should contain "error: "
+		And the output should not contain "error: Host"
+
+	Scenario: Flags should override configuration file options.
+		Given a file named ".ovpnmcgen.rb.yml" with:
+			"""
+			host: file.org
+			no_vod: true
+			"""
+		When I run `ovpnmcgen.rb g --host aruba.cucumber.org --cafile ca.crt --vod --p12file p12file.p12 cucumber aruba`
+		Then the output should match:
+			"""
+			<key>remote</key>
+			\s*<string>aruba.cucumber.org 1194 udp</string>
+			"""
+		And the output should match:
+			"""
+			<key>OnDemandEnabled</key>
+			\s*<integer>1</integer>
+			"""
+		And the output should not match:
+			"""
+			<key>remote</key>
+			\s*<string>file.org 1194 udp</string>
+			"""
+
+	Scenario: Battle between no-vod in the configuration file and the vod flag default.
+		Given a file named ".ovpnmcgen.rb.yml" with:
+			"""
+			no_vod: false
+			"""
+		When I run `ovpnmcgen.rb g --host aruba.cucumber.org --cafile ca.crt --p12file p12file.p12 cucumber aruba`
+		Then the output should match:
+			"""
+			<key>OnDemandEnabled</key>
+			\s*<integer>1</integer>
+			"""
+
+	Scenario: no_vod true in the configuration file.
+		Given a file named ".ovpnmcgen.rb.yml" with:
+			"""
+			no_vod: true
+			"""
+		When I run `ovpnmcgen.rb g --host aruba.cucumber.org --cafile ca.crt --p12file p12file.p12 cucumber aruba`
+		Then the output should match:
+			"""
+			<key>OnDemandEnabled</key>
+			\s*<integer>0</integer>
+			"""
+
+	Scenario: ENV variables set here should work.
+		Given I set the environment variable "OG_HOST" to "env.org"
+		When I run `/usr/bin/env`
+		Then the output should contain "OG_HOST=env.org"
+
+	Scenario: ENV variables should override configuration file options.
+		Given a file named ".ovpnmcgen.rb.yml" with:
+			"""
+			host: file.org
+			"""
+		And I set the environment variable "OG_HOST" to "env.org"
+		When I run `ovpnmcgen.rb g --cafile ca.crt --p12file p12file.p12 cucumber aruba`
+		Then the output should match:
+			"""
+			<key>remote</key>
+			\s*<string>env.org 1194 udp</string>
+			"""
+		And the output should not match:
+			"""
+			<key>remote</key>
+			\s*<string>file.org 1194 udp</string>
+			"""
+
+	Scenario: Flags should overrride ENV variables, and should also override configuration file options.
+		Given a file named ".ovpnmcgen.rb.yml" with:
+			"""
+			host: file.org
+			"""
+		And I set the environment variable "OG_HOST" to "env.org"
+		When I run `ovpnmcgen.rb g --host aruba.cucumber.org --cafile ca.crt --p12file p12file.p12 cucumber aruba`
+		Then the output should match:
+			"""
+			<key>remote</key>
+			\s*<string>aruba.cucumber.org 1194 udp</string>
+			"""
+		And the output should not match:
+			"""
+			<key>remote</key>
+			\s*<string>env.org 1194 udp</string>
+			"""
+		And the output should not match:
+			"""
+			<key>remote</key>
+			\s*<string>file.org 1194 udp</string>
+			"""

data/features/step_definitions/env.rb

@@ -0,0 +1,3 @@
+Given /^I set the environment variable "(\w+)" to "([^"]*)"$/ do |var, value|
+  ENV[var] = value
+end

data/lib/ovpnmcgen.rb

@@ -56,10 +56,12 @@ module Ovpnmcgen
 
     vpnOnDemandRules = Array.new
     vodTrusted = { # Trust only Wifi SSID
+      'InterfaceTypeMatch' => 'WiFi',
       'SSIDMatch' => trusted_ssids,
       'Action' => 'Disconnect'
     }
     vodUntrusted = { # Untrust Wifi
+      'InterfaceTypeMatch' => 'WiFi',
       'SSIDMatch' => untrusted_ssids,
       'Action' => 'Connect'
     }
@@ -88,7 +90,12 @@ module Ovpnmcgen
     }
 
     # Insert URLStringProbe conditions when enabled with --url-probe
-    vodTrusted['URLStringProbe'] = vodUntrusted['URLStringProbe'] = vodWifiOnly['URLStringProbe'] = vodCellularOnly['URLStringProbe'] = vodDefault['URLStringProbe'] = inputs[:url_probe] if inputs[:url_probe]
+    vodTrusted['URLStringProbe'] =
+      vodUntrusted['URLStringProbe'] =
+      vodWifiOnly['URLStringProbe'] =
+      vodCellularOnly['URLStringProbe'] =
+      vodDefault['URLStringProbe'] =
+      inputs[:url_probe] if inputs[:url_probe]
 
     vpnOnDemandRules << vodTrusted if trusted_ssids
     vpnOnDemandRules << vodUntrusted if untrusted_ssids

data/lib/ovpnmcgen/config.rb

@@ -0,0 +1,22 @@
+require 'app_configuration'
+
+module Ovpnmcgen
+  @@config_file_name = '.ovpnmcgen.rb.yml'
+
+  # attr_accessor :config, :config_file_name
+
+  def configure(filename = @@config_file_name)
+
+    @@config = AppConfiguration.new filename do
+      prefix 'og'
+    end
+
+    # @@config = AppConfiguration[:ovpnmcgen]
+  end
+
+  def config
+    @@config
+  end
+
+  module_function :configure, :config
+end

data/lib/ovpnmcgen/version.rb

@@ -1,4 +1,4 @@
 module Ovpnmcgen
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
   SUMMARY = "An OpenVPN iOS Configuration Profile (.mobileconfig) Utility"
 end

data/ovpnmcgen.rb.gemspec

@@ -25,4 +25,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "aruba", "~> 0.5", ">= 0.5.4"
   spec.add_runtime_dependency     "plist", "~> 3.1", ">= 3.1.0"
   spec.add_runtime_dependency     "commander", "~> 4.1", ">= 4.1.6"
+  spec.add_runtime_dependency     "app_configuration", "~> 0.0", ">= 0.0.2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ovpnmcgen.rb
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Ronald Ip
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-05-04 00:00:00.000000000 Z
+date: 2014-05-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -98,6 +98,26 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 4.1.6
+- !ruby/object:Gem::Dependency
+  name: app_configuration
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.2
 description: Generates iOS configuration profiles (.mobileconfig) that configures
   OpenVPN for use with VPN-on-Demand that are not accessible through the Apple Configurator
   or the iPhone Configuration Utility.
@@ -117,9 +137,12 @@ files:
 - Rakefile
 - bin/ovpnmcgen.rb
 - features/gen_basic.feature
+- features/gen_configfile.feature
 - features/gen_ovpnconfigfile_input.feature
+- features/step_definitions/env.rb
 - features/support/setup.rb
 - lib/ovpnmcgen.rb
+- lib/ovpnmcgen/config.rb
 - lib/ovpnmcgen/ovpnconfig.rb
 - lib/ovpnmcgen/stringdata.rb
 - lib/ovpnmcgen/version.rb
@@ -150,5 +173,7 @@ specification_version: 4
 summary: An OpenVPN iOS Configuration Profile (.mobileconfig) Utility
 test_files:
 - features/gen_basic.feature
+- features/gen_configfile.feature
 - features/gen_ovpnconfigfile_input.feature
+- features/step_definitions/env.rb
 - features/support/setup.rb