reedb 0.11 → 0.11.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7c1963fd6fa73990571af644539840c3be811404
4
- data.tar.gz: 3683b3a01c65b2f5afeccd4b3439700281ea1ad0
3
+ metadata.gz: afb9d2df4f9599ee730410f9158f1f77f2d33563
4
+ data.tar.gz: 5ecfd9f68b28d29fd1a66b0cf67679994e957ed2
5
5
  SHA512:
6
- metadata.gz: 27ce1d42d5be4b0c9f5dece31791e0ba75a29419a20cb44d6255529c775c42614ebab2482e45b046dd1d50db641baec127e0e161a6d5d8660c63fc25298f6500
7
- data.tar.gz: c93e234433ec38740f6f45c5d0519331bb9b6d238ea3bbee1dcafc25e0b09fa1884d5c69afedc19092d38a6a1cc9215cf4b20d0ff9c9b39ff71afc7e49dde9c4
6
+ metadata.gz: 593db2a2b26de694231c17e75cb7c3f9e54a9bfff292f6da85015192e9a8d5ebe7083f78a15a91fe087087d4ed9763583800420d65ab2afe9bc190f4a931c4e1
7
+ data.tar.gz: d79c341ef3ac4dd42a5b045af456d4a774818534fe11527592e7f4542118e1986b1ec6688b4de08e6d2db56f7046cf3a2173d3c00f88e991c1922c2ea8273f0a
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- reedb (0.10.8)
4
+ reedb (0.11)
5
5
  aes (~> 0.5)
6
6
  daemons (~> 1.2)
7
7
  digest-tiger (~> 1.0)
@@ -13,7 +13,7 @@ module Reedb
13
13
  # The version of reedb. This is actually written into vaults to identify
14
14
  # breaking changes and using an older sub-set of the API to interact with
15
15
  # legacy vaults.
16
- VERSION = '0.11'
16
+ VERSION = '0.11.2'
17
17
  NET_PORT = 55736
18
18
  TOKEN_BYTE_SIZE = 8 # in bytes
19
19
  DEFAULT_PATH = '__sysmas__' # Placeholder
@@ -27,4 +27,7 @@ module Reedb
27
27
  # Debouncer markers
28
28
  DEB_ADD = :add
29
29
  DEB_REM = :remove
30
+
31
+ CERT_PATH = 'reedb.crt'
32
+ KEY_PATH = 'reedb.key'
30
33
  end
@@ -13,8 +13,16 @@
13
13
  # (unless you know what you're doing...)
14
14
 
15
15
  # System requirements (HTTP stuff)
16
- require 'optparse'
16
+ require 'sinatra/base'
17
17
  require 'sinatra'
18
+
19
+ require 'webrick/https'
20
+ require 'webrick'
21
+
22
+ require 'openssl/ssl'
23
+ require 'openssl'
24
+
25
+ require 'optparse'
18
26
  require 'rack'
19
27
 
20
28
  # Reedb requirements
@@ -25,30 +33,15 @@ rescue LoadError => e
25
33
  require_relative '../reedb'
26
34
  end
27
35
 
36
+ require_relative 'security/certificate'
28
37
  require_relative 'errors/exit_errors'
38
+ require_relative 'constants'
29
39
 
30
40
  # HTTP handler class that registers the functions
31
41
  # for the vault interface
32
42
  #
33
43
  class ReedbHandler < Sinatra::Base
34
44
 
35
- # funct url descr
36
- #
37
- # GET /vaults List of all vaults
38
- # PUT /vaults Create a new vault.
39
- # PUT /vaults/scope Scope a vault that already exists
40
-
41
- # POST /vaults/*vault-id*/request_token Auth for vault with ID
42
- # [AUTH] POST /vaults/*vault-id*/headers Return vault headers
43
- # [AUTH] POST /vaults/*vault-id*/close Close vault with ID
44
-
45
- # [AUTH] POST /vaults/*vault-id*/files/*file-id* Returns body of a file
46
- # [AUTH] POST /vaults/*vault-id*/files/*file-id*/history Returns history of a file (???)
47
-
48
- # [AUTH] PUT /vaults/*vault-id*/files Create file
49
- # [AUTH] POST /vaults/*vault-id*/files/*file-id* Update file contents
50
- # [AUTH] POST /vaults/*vault-id*/files/*file-id*/remove Removes a file
51
-
52
45
  configure :production, :development do
53
46
  enable :logging
54
47
  end
@@ -65,7 +58,7 @@ class ReedbHandler < Sinatra::Base
65
58
  # Returns a list of vaults scoped on the system
66
59
  get '/vaults' do
67
60
  payload = Reedb::Vault::available_vaults
68
- return build_response(200, "Currently scoped vaults", payload)
61
+ return build_response(200, 'Currently scoped vaults', payload)
69
62
  end
70
63
 
71
64
  # Create a new vault on the system
@@ -167,8 +160,8 @@ class ReedbHandler < Sinatra::Base
167
160
  return build_response(400, 'JSON data was malformed!')
168
161
  end
169
162
 
170
- name = data["name"] if data["name"]
171
- path = data["path"] if data["path"]
163
+ name = data['name'] if data['name']
164
+ path = data['path'] if data['path']
172
165
 
173
166
  if name == nil || path == nil
174
167
  return build_response(400, 'Required data fields are missing from JSON data body!')
@@ -181,7 +174,7 @@ class ReedbHandler < Sinatra::Base
181
174
  end
182
175
 
183
176
  # If everything went well
184
- return build_response(200, "Vault successfully unscoped and will not show up in vault lists anymore.")
177
+ return build_response(200, 'Vault successfully unscoped and will not show up in vault lists anymore.')
185
178
  end
186
179
 
187
180
  # Request a token for a vault
@@ -600,6 +593,9 @@ end
600
593
  @options[:dave] = false
601
594
  @options[:force] = false
602
595
 
596
+ # Defines the folder to put the SSL certificate
597
+ @options[:cert_path] = File.join('/home/spacekookie/.config/reedb', '.sec')
598
+
603
599
  # Create argument parsers and handle them
604
600
  opts = OptionParser.new
605
601
  opts.on('-l', '--pw-length INTEGER') { |o| @options[:pw_length] = o }
@@ -614,9 +610,45 @@ opts.parse! unless ARGV == []
614
610
  # Define what to do when that evil SIGTERM comes
615
611
  at_exit { Reedb::Core::terminate('root', true) }
616
612
 
613
+ # TODO: Move this function into the FUCKING security package.
614
+ def generate_cert(years, path)
615
+ root_key = OpenSSL::PKey::RSA.new 4096 # the CA's public/private key
616
+ root_ca = OpenSSL::X509::Certificate.new
617
+ root_ca.version = 2 # cf. RFC 5280 - to make it a "v3" certificate
618
+ root_ca.serial = 1
619
+ root_ca.subject = OpenSSL::X509::Name.parse('/DC=org/DC=ruby-lang/CN=Ruby CA')
620
+ root_ca.issuer = root_ca.subject # root CA's are "self-signed"
621
+ root_ca.public_key = root_key.public_key
622
+ root_ca.not_before = Time.now
623
+ root_ca.not_after = root_ca.not_before + years * 365 * 24 * 60 * 60 # 2 years validity
624
+
625
+ ef = OpenSSL::X509::ExtensionFactory.new
626
+ ef.subject_certificate = root_ca
627
+ ef.issuer_certificate = root_ca
628
+ root_ca.add_extension(ef.create_extension('basicConstraints', 'CA:TRUE', true))
629
+ root_ca.add_extension(ef.create_extension('keyUsage', 'keyCertSign, cRLSign', true))
630
+ root_ca.add_extension(ef.create_extension('subjectKeyIdentifier', 'hash', false))
631
+ root_ca.add_extension(ef.create_extension('authorityKeyIdentifier', 'keyid:always', false))
632
+ root_ca.sign(root_key, OpenSSL::Digest::SHA512.new)
633
+
634
+ FileUtils::mkdir_p(path) unless File.directory?(path)
635
+
636
+ File.open(File.join(path, Reedb::CERT_PATH), 'w+') { |file| file.write(root_ca) }
637
+ File.open(File.join(path, Reedb::KEY_PATH), 'w+') { |file| file.write(root_key) }
638
+ end
639
+
617
640
  # Next up we start the HTTP server and that's that. We're up and running :)
618
641
  def http_server
619
- Rack::Handler::WEBrick.run(ReedbHandler.new, { :Port => @options[:port], :BindAddress => 'localhost' })
642
+
643
+ if not Reedb::Utilities::check_port(@options[:port])
644
+ Rack::Handler::WEBrick.run(ReedbHandler.new, { :Port => @options[:port], :BindAddress => 'localhost' })
645
+ else
646
+ # This temporary
647
+ puts 'The port is closed. You should do this:'
648
+ puts '$ sudo netstat -lpn | grep 55736'
649
+ puts '$ kill -9 <pid>'
650
+ exit
651
+ end
620
652
  end
621
653
 
622
654
  # This creates the Reedb module and binds it to a variable to be interacted with in the future
@@ -0,0 +1,22 @@
1
+ # ====================================================
2
+ # Copyright 2015 Lonely Robot (see @author)
3
+ # @author: Katharina Sabel | www.lonelyrobot.io
4
+ #
5
+ # Distributed under the GNU Lesser GPL Version 3
6
+ # (See accompanying LICENSE file or get a copy at
7
+ # https://www.gnu.org/licenses/lgpl.html)
8
+ # ====================================================
9
+
10
+ require_relative '../constants'
11
+ require 'openssl/digest'
12
+ require 'openssl'
13
+ require 'digest'
14
+
15
+ module Reedb
16
+
17
+ # Class that generates SSL certificates.
18
+ #
19
+ class Certificates
20
+
21
+ end
22
+ end
@@ -8,12 +8,15 @@
8
8
  # ====================================================
9
9
 
10
10
  require 'socket'
11
+ require 'timeout'
12
+
11
13
 
12
14
  module Reedb
13
15
 
14
16
  class Timestamp
15
17
  attr_accessor :utc
16
- def initialize
18
+
19
+ def initialize
17
20
  @utc = Time.now.getutc
18
21
  end
19
22
 
@@ -76,17 +79,18 @@ module Reedb
76
79
  def is_i?(i)
77
80
  i.to_i.to_s == i
78
81
  end
82
+
79
83
  is_i?(version[0]) and is_i?(version[2]) ? true : false
80
84
  end
81
85
 
82
86
  # Fix the actual inputs (aka test on virtual machines)
83
87
  def self.parse_os
84
88
  platform = RUBY_PLATFORM
85
- if platform.end_with?("linux")
89
+ if platform.end_with?('linux')
86
90
  return :linux
87
- elsif platform.end_with?("Windows")
91
+ elsif platform.end_with?('Windows')
88
92
  return :win
89
- elsif platform.end_with?("Mac OS X")
93
+ elsif platform.end_with?('Mac OS X')
90
94
  return :osx
91
95
  end
92
96
  end
@@ -105,11 +109,27 @@ module Reedb
105
109
  end
106
110
  end
107
111
 
112
+ def self.check_port(port)
113
+ begin
114
+ Timeout::timeout(1) do
115
+ begin
116
+ s = TCPSocket.new('127.0.0.1', port)
117
+ s.close
118
+ return true
119
+ rescue Errno::ECONNREFUSED, Errno::EHOSTUNREACH
120
+ return false
121
+ end
122
+ end
123
+ rescue Timeout::Error
124
+ return false
125
+ end
126
+ end
127
+
108
128
  def self.get_time(only_date = false)
109
129
  time = Time.now
110
130
  val_h = "#{time.year}-#{'%02d' % time.month}-#{'%02d' % time.day}"
111
131
  val_t = "#{time.hour}:#{'%02d' % time.min}:#{'%02d' % time.sec}"
112
-
132
+
113
133
  # => TODO: Make this more Ruby-Like
114
134
  if only_date
115
135
  return "#{val_h}"
@@ -190,7 +190,7 @@ class RestTester:
190
190
  # self.get_headers()
191
191
 
192
192
  # Insert a new file
193
- # self.insert_file()
193
+ self.insert_file()
194
194
 
195
195
  # Then update it
196
196
  # self.update_file()
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: reedb
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.11'
4
+ version: 0.11.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Katharina Sabel
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-06-21 00:00:00.000000000 Z
11
+ date: 2015-06-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -179,6 +179,7 @@ files:
179
179
  - lib/reedb/errors/vault_errors.rb
180
180
  - lib/reedb/reevault.rb
181
181
  - lib/reedb/security/aes.rb
182
+ - lib/reedb/security/certificate.rb
182
183
  - lib/reedb/security/encryption.rb
183
184
  - lib/reedb/security/multifish.rb
184
185
  - lib/reedb/security/secure_hash.rb
@@ -230,7 +231,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
230
231
  version: '0'
231
232
  requirements: []
232
233
  rubyforge_project:
233
- rubygems_version: 2.4.6
234
+ rubygems_version: 2.4.7
234
235
  signing_key:
235
236
  specification_version: 4
236
237
  summary: Ruby database that uses completely encrypted files for maximum security