pipe2me-client 0.2.14 → 0.2.15

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7a4b518abcbe271bfd874a2368379ee307ea45bd
-  data.tar.gz: f89e443fb7f8741d923924c5852f66a20fd94769
+  metadata.gz: a9d71c8d4790ffb256420754f6da2f3883d640b4
+  data.tar.gz: d9cf6ae6b8c13975fa9e70cff666bcd0af35fd3b
 SHA512:
-  metadata.gz: 594ebe9414dc36d0b2fb82636da00f481c74c211a8e90c36b0e17353e21b63cd4c4f3976eb2df45ddad48ce37a2f15748e3c5806454af9a2c9e1a2a4e2db07b2
-  data.tar.gz: a2378307eea92fb07c01c21b409629d82b390104c9f710b3fe838b0f9e2355bb92051a2bd5e3fc8657966d07bb45d64434a5774ade2c2901633a9787f7f785f2
+  metadata.gz: dcab1a08ad5d8900dd697f2ddd0a421c3e76b814cbb1c2b9789e7f97d6d87852d20ef0a6d3f3bd9c3f6cdd22ab7834a51403dbe1ffd375e22c8a1ea340eae966
+  data.tar.gz: ec2c3cecba6b539aef79e71710cc5d7e235740aa738b738788b50d90cca8ea6ddbdfa884a12484aef7b73970ca15f0b89cbdca72d1a17862bd1803afad91bd3c

data/lib/pipe2me/cli.rb

@@ -2,10 +2,11 @@ require "thor"
 require_relative "which"
 
 class Pipe2me::CLI < Thor
-  class_option :dir, :type => :string
-  class_option :verbose, :type => :boolean, :aliases => "-v"
-  class_option :quiet, :type => :boolean, :aliases => "-q"
-  class_option :silent, :type => :boolean
+  class_option :dir,                        :type => :string
+  class_option :verbose,  :aliases => "-v", :type => :boolean
+  class_option :quiet,    :aliases => "-q", :type => :boolean
+  class_option :silent,                     :type => :boolean
+  class_option :insecure, :aliases => "-k", :type => :boolean
 
   private
 
@@ -23,6 +24,10 @@ class Pipe2me::CLI < Thor
       Dir.chdir options[:dir]
       UI.info "Changed into", options[:dir]
     end
+    
+    if options[:insecure]
+      Pipe2me::HTTP.enable_insecure_mode
+    end
   end
 
   public
@@ -37,10 +42,10 @@ class Pipe2me::CLI < Thor
   end
 
   desc "setup", "fetch a new tunnel setup"
-  option :server, :aliases => "-s", :default => "http://test.pipe2.me"
-  option :token, :required => true                    # "tunnel token"
-  option :protocols, :default => "https"              # "protocol names, e.g. 'http,https,imap'"
-  option :ports, :type => :string                     # "local ports, one per protocol"
+  option :server,     :aliases => "-s", :default => "http://test.pipe2.me"
+  option :token,      :required => true                       # "tunnel token"
+  option :protocols,  :default => "https"                     # "protocol names, e.g. 'http,https,imap'"
+  option :ports,      :type => :string                        # "local ports, one per protocol"
   def setup
     handle_global_options
 

data/lib/pipe2me/ext/http.rb

@@ -1,4 +1,5 @@
 require "net/http"
+require "net/https"
 require "ostruct"
 require "forwardable"
 
@@ -7,6 +8,15 @@ require "forwardable"
 module Pipe2me::HTTP
   extend self
 
+  def self.enable_insecure_mode
+    UI.error "Enabling insecure_mode"
+    @insecure_mode = true
+  end
+
+  def self.insecure_mode?
+    !! @insecure_mode
+  end
+  
   # Error to be raised when maximum number of redirections is reached.
   class RedirectionLimit < RuntimeError; end
 
@@ -159,8 +169,13 @@ module Pipe2me::HTTP
       do_raw_request verb, uri, headers, body, config.max_redirections, uri, Net::HTTP::Get
     end
 
+  rescue ::OpenSSL::SSL::SSLError
+    UI.error "#{uri}: SSL connection failed"
+    UI.error "#{uri}: Note: you may use the -k/--insecure flag to disable certificate validation"
+    raise $!
   rescue
-    raise "#{uri}: #{$!}"
+    UI.error "#{uri} #{$!.class} #{$!}"
+    raise $!
   end
 
   def do_raw_request(verb, uri, headers, body, max_redirections, original_url, redirection_verb = Net::HTTP::Get)
@@ -175,6 +190,11 @@ module Pipe2me::HTTP
     http = Net::HTTP.new(uri.host, uri.port || default_port)
     if uri.scheme == "https"
       http.use_ssl = true
+      
+      if insecure_mode?
+        UI.warn "Disabling certificate validation."
+        http.verify_mode = ::OpenSSL::SSL::VERIFY_NONE
+      end
     end
 
     # create request and get response

data/lib/pipe2me/tunnel/openssl.rb

@@ -3,6 +3,7 @@ module Pipe2me::Tunnel::OpenSSL
 
   SSL_KEY     = Pipe2me::Tunnel::SSL_KEY
   SSL_CERT    = Pipe2me::Tunnel::SSL_CERT
+  SSL_CACERT  = Pipe2me::Tunnel::SSL_CACERT
 
   def openssl_conf
     File.join(File.dirname(__FILE__), "openssl.conf")
@@ -19,11 +20,15 @@ module Pipe2me::Tunnel::OpenSSL
       "-days", "7300"
   end
 
-  # send cert signing request to server and receive certificate
+  # send cert signing request to server and receive certificate and root certificate.
   def ssl_certsign
     cert = HTTP.post!("#{url}/cert.pem", File.read("#{SSL_KEY}.csr"), {'Content-Type' =>'text/plain'})
     UI.debug "received certificate:\n#{cert}"
 
     File.write SSL_CERT, cert
+
+    cacert = HTTP.get! "#{Pipe2me::Config.server}/cacert"
+    UI.error "Got #{cacert.length} byte from #{Pipe2me::Config.server}/cacert"
+    File.write SSL_CACERT, cacert
   end
 end

data/lib/pipe2me/tunnel.rb

@@ -6,6 +6,7 @@ module Pipe2me::Tunnel
   # file names
   SSL_KEY     = "pipe2me.openssl.priv"
   SSL_CERT    = "pipe2me.openssl.cert"
+  SSL_CACERT  = "pipe2me.cacert"
 
   SSH_PUBKEY  = "pipe2me.id_rsa.pub"
   SSH_PRIVKEY = "pipe2me.id_rsa"

data/lib/pipe2me/version.rb

@@ -1,4 +1,4 @@
 module Pipe2me
-  VERSION = "0.2.14"
+  VERSION = "0.2.15"
   BANNER = "pipe2me command line client V#{Pipe2me::VERSION}; (c) The kinko team, 2013, 2014."
 end

data/rakelib/gem.rake

@@ -8,9 +8,13 @@ task :release => :changelog
 task :changelog do
   require "simple/ui"
   FileUtils.cp "CHANGELOG.md", "CHANGELOG.old.md"
-  last_version = `git tag -l 'v[0-9]*' | sort -n | tail -n 1`
-  last_version.chomp!
   
+  version_tags = `git tag -l 'v[0-9]*'`.split("\n")
+  version_tags = version_tags.sort_by do |tag|
+    tag.split(/\D+/).reject(&:empty?).map(&:to_i)
+  end
+  last_version = version_tags.last
+
   current_version = `bin/pipe2me version`.chomp
   UI.success "Changes from #{last_version} .. #{current_version}:"
 

data/test/ssl-test.sh

@@ -11,16 +11,16 @@ it_sets_up_ssl_certs() {
   # setup the pipe2me client. This must create a private key and a server
   # certificate, amongst other things. The certificate must contain the
   # correct name.
-  
 
   fqdn=$($pipe2me setup --server $pipe2me_server --token $pipe2me_token)
 
   # test for private key
-  test -f pipe2me.openssl.priv
   cat pipe2me.openssl.priv | grep -E "BEGIN.*PRIVATE KEY"
 
+  # test for CAcert
+  cat pipe2me.cacert | grep "BEGIN CERTIFICATE"
+
   # test for certificate
-  test -f pipe2me.openssl.cert
   cat pipe2me.openssl.cert | grep "BEGIN CERTIFICATE"
 
   # verify name in certificate

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pipe2me-client
 version: !ruby/object:Gem::Version
-  version: 0.2.14
+  version: 0.2.15
 platform: ruby
 authors:
 - radiospiel
@@ -66,7 +66,7 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: pipe2me command line client V0.2.14; (c) The kinko team, 2013, 2014.
+description: pipe2me command line client V0.2.15; (c) The kinko team, 2013, 2014.
 email: contact@kinko.me
 executables:
 - pipe2me
@@ -133,5 +133,5 @@ rubyforge_project:
 rubygems_version: 2.2.2
 signing_key: 
 specification_version: 4
-summary: pipe2me command line client V0.2.14; (c) The kinko team, 2013, 2014.
+summary: pipe2me command line client V0.2.15; (c) The kinko team, 2013, 2014.
 test_files: []