RubyGems - reedb - Versions diffs - 0.10.rc1 - Mend

reedb 0.10.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

checksums.yaml +7 -0
data/.ruby-gemset +1 -0
data/.ruby-version +1 -0
data/Gemfile +15 -0
data/Gemfile.lock +38 -0
data/Rakefile +2 -0
data/bin/reedbd +62 -0
data/lib/reedb.rb +739 -0
data/lib/reedb/config.rb +24 -0
data/lib/reedb/constants.rb +42 -0
data/lib/reedb/daemon_wrapper.rb +617 -0
data/lib/reedb/datafile.rb +268 -0
data/lib/reedb/errors/daemon_errors.rb +34 -0
data/lib/reedb/errors/encryption_errors.rb +29 -0
data/lib/reedb/errors/vault_errors.rb +39 -0
data/lib/reedb/reevault.rb +547 -0
data/lib/reedb/security/aes.rb +94 -0
data/lib/reedb/security/encryption.rb +64 -0
data/lib/reedb/security/multifish.rb +15 -0
data/lib/reedb/security/secure_hash.rb +131 -0
data/lib/reedb/security/twofish.rb +14 -0
data/lib/reedb/utils/logger.rb +97 -0
data/lib/reedb/utils/meta_vault.rb +28 -0
data/lib/reedb/utils/sorting.rb +49 -0
data/lib/reedb/utils/utilities.rb +121 -0
data/lib/reedb/utils/uuids.rb +375 -0
data/lib/reedb/utils/version.rb +101 -0
data/reedb.gemspec +31 -0
data/tests/daemons/reedb.rb +27 -0
data/tests/layout.rb +24 -0
data/tests/networking/client.rb +14 -0
data/tests/networking/server.rb +14 -0
data/tests/play.rb +5 -0
data/tests/serialisation.rb +49 -0
data/tests/tests.rb +64 -0
metadata +209 -0

data/lib/reedb/config.rb ADDED Viewed

@@ -0,0 +1,24 @@
+# ====================================================
+# Copyright 2015 Lonely Robot (see @author)
+# @author: Katharina Sabel | www.2rsoftworks.de
+#
+# Distributed under the GNU Lesser GPL Version 3
+# (See accompanying LICENSE file or get a copy at
+# 	https://www.gnu.org/licenses/lgpl.html)
+# ====================================================
+module Reedb
+	class VaultConfig
+		# Takes the containing vault as a parameter
+		#
+		def initialize(master)
+			@secure_cypher = ""
+			@head = {}
+			@body = {}
+		end
+	end
+end

data/lib/reedb/constants.rb ADDED Viewed

@@ -0,0 +1,42 @@
+# ====================================================
+# Copyright 2015 Lonely Robot (see @author)
+# @author: Katharina Sabel | www.2rsoftworks.de
+#
+# Distributed under the GNU Lesser GPL Version 3
+# (See accompanying LICENSE file or get a copy at
+# 	https://www.gnu.org/licenses/lgpl.html)
+# ====================================================
+# A bunch of constants
+module Reedb
+	# The version of reedb. This is actually written into vaults to identify
+	# breaking changes and using an older sub-set of the API to interact with
+	# legacy vaults.
+	VERSION = "0.10.rc1"
+	NET_PORT = 55736
+	TOKEN_BYTE_SIZE = 16 # in bytes
+	DEF_MASTER_PATH = "__sysmas__" # Placeholder
+	FILE_CACHE_TIME = 2500 # Time in ms
+ 	KEY_CACHE_TIME = (15 * 60) * 1000 # (30 minutes in ms)
+ 	#
+ 	# THIS SECTION WILL BE RESERVED FOR ERROR CODES AS RETURN VALUES
+ 	#
+ 	FILE_MALFORMED_DATA_ERROR = 0x11
+ 	#
+ 	# VAULT ERROR CODES
+ 	#
+ 	VAULT_FILE_NOT_FOUND_ERROR = 0x12
+ 	#
+ 	# RETURN ERROR CODES
+ 	#
+ 	DAEMON_UNKNOWN_TOKEN_ERROR = 0x31
+ 	DAEMON_UNAUTHORISED_TOKEN_ERROR = 0x32
+ 	DAEMON_INACTIVE_VAULT_ERROR = 0x33
+end

data/lib/reedb/daemon_wrapper.rb ADDED Viewed

@@ -0,0 +1,617 @@
+# ====================================================
+# Copyright 2015 Lonely Robot (see @author)
+# @author: Katharina Sabel | www.2rsoftworks.de
+#
+# Distributed under the GNU Lesser GPL Version 3
+# (See accompanying LICENSE file or get a copy at
+# 	https://www.gnu.org/licenses/lgpl.html)
+# ====================================================
+# This is a wrapper script that gets called by the reedb daemon to init the
+# HTTP stack and Reedb modules.
+# DO NOT USE THIS FILE WHEN USING REEDB AS A GEM DEPENDENCY!
+# (unless you know what you're doing...)
+# System requirements (HTTP stuff)
+require 'optparse'
+require 'sinatra'
+require 'rack'
+# Reedb requirements
+require 'reedb'
+# HTTP handler class that registers the functions
+# for the vault interface
+#
+class ReedbHandler < Sinatra::Base
+	# 	funct 	url 										descr
+	#
+	# 	 GET 	/vaults 									List of all vaults
+	# 	 PUT 	/vaults 									Create a new vault.
+	# 	 PUT 	/vaults/scope 								Scope a vault that already exists
+	# 	 POST 	/vaults/*vault-id*/request_token			Auth for vault with ID
+# [AUTH] POST 	/vaults/*vault-id*/headers					Return vault headers
+# [AUTH] POST 	/vaults/*vault-id*/close					Close vault with ID
+# [AUTH] POST 	/vaults/*vault-id*/files/*file-id*			Returns body of a file
+# [AUTH] POST 	/vaults/*vault-id*/files/*file-id*/history	Returns history of a file (???)
+# [AUTH] PUT 	/vaults/*vault-id*/files					Create file
+# [AUTH] POST 	/vaults/*vault-id*/files/*file-id*			Update file contents
+# [AUTH] POST 	/vaults/*vault-id*/files/*file-id*/remove	Removes a file
+	configure :production, :development do
+		enable :logging
+	end
+	def build_response(status_code, message, payload = nil)
+		status status_code # Set http status code
+		content_type 'application/json'
+		response = { 'success' => (status_code >= 400 ? false : true),
+					 'message' => message,
+					 'payload' => payload }
+		return response.to_json
+	end
+	# Returns a list of vaults scoped on the system
+	get '/vaults' do
+		payload = Reedb::Vault::available_vaults
+		return build_response(200, "Currently scoped vaults", payload)
+	end
+	# Create a new vault on the system
+	put '/vaults' do
+		# If request was garbage
+		unless request.content_type == 'application/json'
+	   		return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		name = data["name"] if data["name"]
+		path = data["path"] if data["path"]
+		passphrase = data["passphrase"] if data["passphrase"]
+		encryption = :auto # TODO: Handle this better!
+		# This gets fired if not all neccesary information was provided.
+		if name == nil && path == nil && passphrase == nil
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		# Now deal with the actual stuff
+		token = nil
+		# Catches ALL possible errors that can occur during this operation!
+		begin
+			token = Reedb::Vault::create_vault(name, path, passphrase, encryption)
+		rescue InsecureUserPasswordError => e
+			return build_response(400, e.message)
+		rescue VaultExistsAtLocationError => e
+			return build_response(409, e.message)
+		rescue VaultWritePermissionsError,
+			   VaultMissingConfigurationError,
+			   VaultLoggerError,
+			   BadCacheError,
+			   EncryptionFailedError,
+			   DecryptionFailedError => e
+			# Bundled error return
+			return build_response(500, e.message)
+		end
+		return build_response(201, "Vault was successfully crated at location", token)
+	end
+	# Scope a new vault on the system.
+	put '/vaults/scope' do
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		name = data["name"] if data["name"]
+		path = data["path"] if data["path"]
+		if name == nil && path == nil
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		begin
+			Reedb::Vault::scope_vault(name, path)
+		rescue VaultAlreadyScopedError, VaultDoesNotExistError => e
+			return build_response(400, e.message)
+		end
+		# If everything went well
+		return build_response(200, "Vault successfully scoped. It is now available to load.")
+	end
+	put '/vaults/unscope' do
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		name = data["name"] if data["name"]
+		path = data["path"] if data["path"]
+		if name == nil && path == nil
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		begin
+			Reedb::Vault::scope_vault(name, path)
+		rescue VaultNotScopedError => e
+			return build_response(400, e.message)
+		end
+		# If everything went well
+		return build_response(200, "Vault successfully unscoped and will not show up in vault lists anymore.")
+	end
+	#  Request a token for a vault
+	post '/vaults/*/request_token' do
+		vault_uuid = params[:splat][0]
+		puts vault_uuid
+		if vault_uuid == nil
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		passphrase = data["passphrase"] if data["passphrase"]
+		permanent = false # TODO: Implement this!
+		if passphrase == nil && permanent == nil
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		token = nil
+		begin
+			token = Reedb::Daemon::request_token(vault_uuid, passphrase)
+		rescue VaultNotScopedError, VaultDoesNotExistError => e
+			return build_response(404, e.message)
+		rescue WrongUserPasswordError => e
+			return build_response(401, e.message)
+		end
+		return build_response(200, "Access successfully granted for vault", token)
+	end
+	post '/vaults/*/free_token' do
+		vault_uuid = params[:splat][0]
+		unless vault_uuid
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		token = data["token"] if data["token"]
+		if token == nil
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		begin
+			Reedb::Daemon::free_token(token)
+		rescue
+			return build_response(400, 'Token unknown to Reedb. Can not free it!')
+		end
+		return build_response(200, "Token successfully freed")
+	end
+	# [AUTH] Close vault with id + token
+	post '/vaults/*/close' do
+		vault_uuid = params[:splat][0]
+		unless vault_uuid
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		token = data["token"] if data["token"]
+		unless token
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		begin
+			Reedb::Vault::close_vault(vault_uuid, token)
+		rescue VaultNotAvailableError => e
+			return build_response(404, e.message)
+		rescue UnknownTokenError => e
+			return build_response(401, e.message)
+		rescue UnautherisedTokenError => e
+			return build_response(403, e.message)
+		rescue Exception => e
+			return build_response(500, "An errror occured. #{e.message}")
+		end
+		return build_response(200, "Vault #{vault_uuid} successfully closed.")
+	end
+	# [AUTH] Request headers for a vault with token/ id
+	post '/vaults/*/headers' do
+		vault_uuid = params[:splat][0]
+		if vault_uuid == nil
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		token = data["token"] if data["token"]
+		search = data["search"] if data["search"]
+		if token == nil
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		headers = nil
+		begin
+			headers = Reedb::Vault::access_headers(vault_uuid, token, search)
+		rescue VaultNotAvailableError => e
+			return build_response(404, e.message)
+		rescue UnknownTokenError => e
+			return build_response(401, e.message)
+		rescue UnautherisedTokenError => e
+			return build_response(403, e.message)
+		rescue Exception => e
+			return build_response(500, "An errror occured. #{e.message}")
+		end
+		return build_response(200, "Headers for vault #{vault_uuid}", headers)
+	end
+	# [AUTH] Return body of a file
+	post '/vaults/*/files/*' do
+		vault_uuid = params[:splat][0]
+		file_id = params[:splat][1]
+		unless vault_uuid
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		token = data["token"].delete!("\n") if data["token"]
+		puts "#{token}\n"
+		puts "#{Reedb::Config::Master::dump_config}\n"
+		unless token
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		file = nil
+		begin
+			file = Reedb::Vault::access_file(vault_uuid, file_id, token, false)
+		rescue FileNotFoundError => e
+			return build_response(404, e.message)
+		rescue VaultNotAvailableError => e
+			return build_response(404, e.message)
+		rescue UnknownTokenError => e
+			return build_response(401, e.message)
+		rescue UnautherisedTokenError => e
+			return build_response(403, e.message)
+		end
+		return build_response(200, "File read without version history", file)
+	end
+	# [AUTH] Return history of a file
+	post '/vaults/*/files/*/history' do
+		vault_uuid = params[:splat][0]
+		file_id = params[:splat][1]
+		unless vault_uuid
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		token = data["token"].delete!("\n") if data["token"]
+		puts "#{token}\n"
+		puts "#{Reedb::Config::Master::dump_config}\n"
+		unless token
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		file = nil
+		begin
+			file = Reedb::Vault::access_file(vault_uuid, file_id, token, true)
+		rescue FileNotFoundError => e
+			return build_response(404, e.message)
+		rescue VaultNotAvailableError => e
+			return build_response(404, e.message)
+		rescue UnknownTokenError => e
+			return build_response(401, e.message)
+		rescue UnautherisedTokenError => e
+			return build_response(403, e.message)
+		end
+		return build_response(200, "File read with version history", file)
+	end
+	# [AUTH] Creates a new file with data
+	put '/vaults/*/files' do
+		vault_uuid = params[:splat][0]
+		unless vault_uuid
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		token = data["token"] if data["token"]
+		name = data["name"] if data["name"]
+		file_data = data["data"] if data["data"]
+		unless token && name && file_data
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		headers = Reedb::Vault::access_headers(vault_uuid, token, nil)
+		unless headers.include?(name)
+			return build_response(400, "File already exists. Use update POST instead.")
+		end
+		response = nil
+		begin
+			response = Reedb::Vault::insert(vault_uuid, token, name, file_data)
+		rescue VaultNotAvailableError => e
+			return build_response(404, e.message)
+		rescue UnknownTokenError => e
+			return build_response(401, e.message)
+		rescue UnautherisedTokenError => e
+			return build_response(403, e.message)
+		rescue FileBusyError => e
+			return build_response(418, "Dont take this error code too seriously: #{e.message}")
+		end
+		return build_response(200, "File successfully created!")
+	end
+	# [AUTH] Update file contents
+	post '/vaults/*/files/*' do
+		vault_uuid = params[:splat][0]
+		file_name = params[:splat][1]
+		unless vault_uuid
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		token = data["token"] if data["token"]
+		file_data = data["data"] if data["data"]
+		unless token && file_data
+			return build_response(400, 'Required data fields are missing from JSON data body!')
+		end
+		begin
+			Reedb::Vault::insert(vault_uuid, token, file_name, file_data)
+		rescue VaultNotAvailableError => e
+			return build_response(404, e.message)
+		rescue UnknownTokenError => e
+			return build_response(401, e.message)
+		rescue UnautherisedTokenError => e
+			return build_response(403, e.message)
+		rescue FileBusyError => e
+			return build_response(418, "Dont take this error code too seriously: #{e.message}")
+		end
+		return build_response(200, "File successfully updated!")
+	end
+	# [AUTH] Removes a file
+	post '/vaults/*/files/*/remove' do
+		vault_uuid = params[:splat][0]
+		file_name = params[:splat][1]
+		unless vault_uuid
+			return build_response(400, 'Missing vault access id.')
+		end
+		# If request was garbage
+		unless request.content_type == 'application/json'
+			return build_response(400, 'Data was malformed. Expects JSON!')
+		end
+		# Check if the JSON data
+		data = nil
+		begin
+			data = JSON.parse(request.body.read)
+		rescue
+			return build_response(400, 'JSON data was malformed!')
+		end
+		token = data["token"] if data["token"]
+		begin
+			Reedb::Vault::remove(vault_uuid, token, file_name)
+		rescue FileNotFoundError, VaultNotAvailableError => e
+			return build_response(404, e.message)
+		rescue UnknownTokenError => e
+			return build_response(401, e.message)
+		rescue UnautherisedTokenError => e
+			return build_response(403, e.message)
+		end
+		return build_response(200, "File successfully deleted.")
+	end
+end
+options = {}
+# Setting default options
+options[:pw_length] = 12
+options[:verbose] = false
+options[:daemon] = true
+options[:port] = Reedb::NET_PORT
+options[:os] = Reedb::Utilities::parse_os
+options[:path] = Reedb::DEF_MASTER_PATH
+#create parsers
+opts = OptionParser.new
+opts.on('-l', '--pw-length INTEGER') { |o| options[:pw_length] = o }
+opts.on('-p', '--port INTEGER') { |o| options[:port] = o }
+opts.on('-v', '--verbose') { options[:verbose] = true }
+opts.on('-d', '--no-daemon') { options[:daemon] = false }
+opts.on('-a', '--app-path STRING') { |o| options[:path] = o }
+opts.parse! unless ARGV == []
+# This creates the Reedb module and binds it to a variable to be interacted with in the future
+Reedb::Core::init({:os => options[:os], :pw_length => options[:pw_length],
+	:daemon => options[:daemon], :verbose => options[:verbose], :path => options[:path]})
+# Next up we start the HTTP server and that's that. We're up and running :)
+Rack::Handler::WEBrick.run(ReedbHandler.new, {:Port => options[:port], :BindAddress => "localhost"})