RubyGems - sparoid - Versions diffs - 1.0.0 → 1.0.5 - Mend

sparoid 1.0.0 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 97ffed008109eb32f070fc300c536cd29f000c6ff943b67bff64658c218f70ce
-  data.tar.gz: 87fcc661eb04ee0a79b9d9cbd4ef12b5f80c8a4c1856569076f1eac57a37c41b
+  metadata.gz: 10aba94e127e9bfb74963c3e88276ef11879e16db16cb6e44fd8e01476c747b7
+  data.tar.gz: 4b64175b2dbc751bd409624f48b11fb2629268f1b42d81df8cf1b410bf579507
 SHA512:
-  metadata.gz: ded717258409725cbf49b97fd9c704dbbe550a024f4ce09b484640306079f67ccfd43f64d063326c787ed700cef4db09179b6facb98c7403304dad0a861216ea
-  data.tar.gz: 180a6a9ae33549e198130f73e3e4bd5e9ce4e63727668e6ea2124e22ade18b4e7324efb15abf00053fc22b0728a05d17f49cff353a6f68cdf6b3bf9709b5fab4
+  metadata.gz: 3218c0a291f09ac0b66ca26c0fe5f7d5675d6aacc7dab69e72e3a645ebfea828eacadd62ce477634ebb3be245ddd23b05955a439ea637af32e45ec3c5adb89f2
+  data.tar.gz: e6e7c9f967abce41da45a20066e448351279720f231af9cfb49b62e46090360093411f84537b25a5329e3792447f4a8e0305d450bc8ab210441421521bcbba0b

data/.gitignore CHANGED Viewed

@@ -6,3 +6,4 @@
 /pkg/
 /spec/reports/
 /tmp/
+Gemfile.lock

data/CHANGELOG.md CHANGED Viewed

@@ -1,4 +1,23 @@
-## [Unreleased]
+## [1.0.5] - 2021-04-12
+- Prefix all logging with `Sparoid: `
+## [1.0.4] - 2021-03-25
+- Only warn if config is missing when connecting with CLI
+## [1.0.3] - 2021-03-17
+- Nicer error handling in CLI, remove --fdpass option
+## [1.0.2] - 2021-03-15
+- `sparoid send` renamed to `sparoid auth`
+- `sparoid connect [host] [port]` added for automatic fd passing
+## [1.0.1] - 2021-03-12
+- --fdpass option to send
 ## [1.0.0] - 2021-03-11

data/README.md CHANGED Viewed

@@ -20,7 +20,15 @@ Or install it yourself as:
 ## Usage
-TODO: Write usage instructions here
+...
+Can be used with OpenSSH's ProxyCommand/ProxyUseFdpass to send the packet before connecting, open the TCP connection and that pass that connection back to the SSH client.
+```
+Host *.example.com
+  ProxyCommand sparoid send %h --passfd %p
+  ProxyUseFdpass yes
+```
 ## Development

data/lib/sparoid.rb CHANGED Viewed

@@ -7,20 +7,41 @@ require "resolv"
 # Single Packet Authorisation client
 module Sparoid
-  def self.send(key, hmac_key, host, port)
+  extend self
+  # Send an authorization packet
+  def auth(key, hmac_key, host, port)
     msg = message(public_ip)
     data = prefix_hmac(hmac_key, encrypt(key, msg))
-    udp_send(host, port, data)
+    sendmsg(host, port, data)
+  end
+  # Generate new aes and hmac keys, print to stdout
+  def keygen
+    cipher = OpenSSL::Cipher.new("aes-256-cbc")
+    key = cipher.random_key.unpack1("H*")
+    hmac_key = OpenSSL::Random.random_bytes(32).unpack1("H*")
+    puts "key = #{key}"
+    puts "hmac-key = #{hmac_key}"
+  end
+  # Connect to a TCP server and pass the FD to the parent
+  def fdpass(host, port, connect_timeout: 20)
+    tcp = Socket.tcp host, port, connect_timeout: connect_timeout
+    parent = Socket.for_fd(1)
+    parent.sendmsg "\0", 0, nil, Socket::AncillaryData.unix_rights(tcp)
   end
-  def self.udp_send(host, port, data)
-    socket = UDPSocket.new
-    socket.connect host, port
-    socket.send data, 0
-    socket.close
+  private
+  def sendmsg(host, port, data)
+    UDPSocket.open do |socket|
+      socket.connect host, port
+      socket.sendmsg data, 0
+    end
   end
-  def self.encrypt(key, data)
+  def encrypt(key, data)
     key = [key].pack("H*") # hexstring to bytes
     raise ArgumentError, "Key must be 32 bytes hex encoded" if key.bytesize != 32
@@ -34,7 +55,7 @@ module Sparoid
     output << cipher.final
   end
-  def self.prefix_hmac(hmac_key, data)
+  def prefix_hmac(hmac_key, data)
     hmac_key = [hmac_key].pack("H*") # hexstring to bytes
     raise ArgumentError, "HMAC key must be 32 bytes hex encoded" if hmac_key.bytesize != 32
@@ -42,31 +63,29 @@ module Sparoid
     hmac + data
   end
-  def self.message(ip)
+  def message(ip)
     version = 1
     ts = (Time.now.utc.to_f * 1000).floor
     nounce = OpenSSL::Random.random_bytes(16)
     [version, ts, nounce, ip.address].pack("Nq>a16a4")
   end
-  def self.public_ip
+  def public_ip
     Resolv::DNS.open(nameserver: ["resolver1.opendns.com"]) do |dns|
-      dns.each_address("myip.opendns.com") do |resolv|
-        case resolv
-        when Resolv::IPv4 then return resolv
-        end
-      end
-      raise Error, "No public IPv4 address found"
+      dns.getresource("myip.opendns.com", Resolv::DNS::Resource::IN::A).address
     end
   end
-  def self.keygen
-    cipher = OpenSSL::Cipher.new("aes-256-cbc")
-    key = cipher.random_key.unpack1("H*")
-    hmac_key = OpenSSL::Random.random_bytes(32).unpack1("H*")
-    puts "key = #{key}"
-    puts "hmac-key = #{hmac_key}"
-  end
   class Error < StandardError; end
+  # Instance of SPAroid that only resolved public_ip once
+  class Instance
+    include Sparoid
+    private
+    def public_ip
+      @public_ip ||= super
+    end
+  end
 end

data/lib/sparoid/cli.rb CHANGED Viewed

@@ -6,13 +6,27 @@ require_relative "../sparoid"
 module Sparoid
   # CLI
   class CLI < Thor
-    desc "send HOST [PORT]", "Send a packet"
-    method_option :config, default: "~/.sparoid.ini"
-    def send(host, port = 8484)
-      abort "Config not found" unless File.exist? options[:config]
+    desc "auth HOST [PORT]", "Send a authorization packet"
+    method_option :config, desc: "Path to a config file, INI format, with key and hmac-key", default: "~/.sparoid.ini"
+    def auth(host, port = 8484)
+      send_auth(host, port, options[:config])
+    rescue Errno::ENOENT
+      abort "Sparoid: Config not found"
+    rescue StandardError => e
+      abort "Sparoid: #{e.message}"
+    end
-      key, hmac_key = get_keys(parse_ini(options[:config]))
-      Sparoid.send(key, hmac_key, host, port.to_i)
+    desc "connect HOST PORT [SPA-PORT]", "Send a SPA, TCP connect, and then pass the FD back to the parent"
+    method_option :config, desc: "Path to a config file, INI format, with key and hmac-key", default: "~/.sparoid.ini"
+    def connect(host, port, spa_port = 8484)
+      begin
+        send_auth(host, spa_port, options[:config])
+      rescue Errno::ENOENT
+        warn "Sparoid: Config not found"
+      end
+      Sparoid.fdpass(host, port)
+    rescue StandardError => e
+      abort "Sparoid: #{e.message}"
     end
     desc "keygen", "Generate an encryption key and a HMAC key"
@@ -26,8 +40,13 @@ module Sparoid
     private
+    def send_auth(host, port, config)
+      key, hmac_key = get_keys(parse_ini(config))
+      Sparoid.auth(key, hmac_key, host, port.to_i)
+    end
     def parse_ini(path)
-      File.readlines(path).map! { |l| l.split("=", 2).map!(&:strip) }.to_h
+      File.readlines(File.expand_path(path)).map! { |line| line.split("=", 2).map!(&:strip) }.to_h
     end
     def get_keys(config)

data/lib/sparoid/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Sparoid
-  VERSION = "1.0.0"
+  VERSION = "1.0.5"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sparoid
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.5
 platform: ruby
 authors:
 - Carl Hörberg
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-03-11 00:00:00.000000000 Z
+date: 2021-04-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -69,7 +69,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.2.3
 signing_key:
 specification_version: 4
 summary: Single Packet Authorisation client