RubyGems - spior - Versions diffs - 0.1.6 → 0.2.8 - Mend

spior 0.1.6 → 0.2.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +3 -3
data/.github/workflows/rubocop-analysis.yml +47 -0
data/.gitignore +1 -0
data/CHANGELOG.md +14 -0
data/Gemfile +5 -0
data/README.md +13 -3
data/Rakefile +20 -9
data/lib/spior/dep.rb +45 -23
data/lib/spior/helpers.rb +19 -19
data/lib/spior/iptables/default.rb +19 -13
data/lib/spior/iptables/root.rb +35 -36
data/lib/spior/iptables/rules.rb +103 -0
data/lib/spior/iptables/tor.rb +23 -20
data/lib/spior/iptables.rb +3 -0
data/lib/spior/menu.rb +16 -23
data/lib/spior/msg.rb +22 -8
data/lib/spior/options.rb +16 -19
data/lib/spior/service/enable.rb +63 -0
data/lib/spior/service/restart.rb +4 -12
data/lib/spior/service/start.rb +5 -17
data/lib/spior/service/stop.rb +12 -0
data/lib/spior/service.rb +5 -0
data/lib/spior/status.rb +32 -24
data/lib/spior/tor/config.rb +100 -0
data/lib/spior/tor/data.rb +53 -0
data/lib/spior/tor/start.rb +59 -0
data/lib/spior/tor/stop.rb +32 -0
data/lib/spior/tor.rb +8 -1
data/lib/spior/version.rb +3 -1
data/lib/spior.rb +16 -23
data/spior.gemspec +24 -21
data/test/test_install.rb +2 -2
data/test/test_options.rb +2 -0
data.tar.gz.sig +0 -0
metadata +57 -51
metadata.gz.sig +0 -0
data/lib/spior/clear.rb +0 -35
data/lib/spior/copy.rb +0 -84
data/lib/spior/persist.rb +0 -51
data/lib/spior/tor/info.rb +0 -96

data/lib/spior/iptables/tor.rb CHANGED Viewed

@@ -1,58 +1,61 @@
+# frozen_string_literal: true
 module Spior
   module Iptables
+    # Make Local Redirection Through Tor.
     class Tor < Iptables::Root
       def initialize
         super
-        @tor     = Spior::Tor::Info.new
-        @non_tor = ["#{@lo_addr}/8", "192.168.0.0/16", "172.16.0.0/12", "10.0.0.0/8"]
-        @tables  = ["nat", "filter"]
+        @non_tor = %W[#{@lo_addr}/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8]
+        @tables  = %w[nat filter]
       end
       private
       def redirect
-        @tables.each { |table|
-          target = "ACCEPT"
-          target = "RETURN" if table == "nat"
+        Msg.p 'Redirecting local traffic though Tor...'
+        @tables.map do |table|
+          target = 'ACCEPT'
+          target = 'RETURN' if table == 'nat'
           ipt "-t #{table} -F OUTPUT"
           ipt "-t #{table} -A OUTPUT -m state --state ESTABLISHED -j #{target}"
-          ipt "-t #{table} -A OUTPUT -m owner --uid #{@tor.uid} -j #{target}"
+          ipt "-t #{table} -A OUTPUT -m owner --uid #{CONFIG.uid} -j #{target}"
-          match_dns_port = @tor.dns
-          if table == "nat"
-            target = "REDIRECT --to-ports #{@tor.dns}"
-            match_dns_port = "53"
+          match_dns_port = CONFIG.dns_port
+          if table == 'nat'
+            target = "REDIRECT --to-ports #{CONFIG.dns_port}"
+            match_dns_port = '53'
           end
           ipt "-t #{table} -A OUTPUT -p udp --dport #{match_dns_port} -j #{target}"
           ipt "-t #{table} -A OUTPUT -p tcp --dport #{match_dns_port} -j #{target}"
-          target = "REDIRECT --to-ports #{@tor.trans_port}" if table == "nat"
-          ipt "-t #{table} -A OUTPUT -d #{@tor.virt_addr} -p tcp -j #{target}"
+          target = "REDIRECT --to-ports #{CONFIG.trans_port}" if table == 'nat'
+          ipt "-t #{table} -A OUTPUT -d #{CONFIG.virt_addr} -p tcp -j #{target}"
-          target = "RETURN" if table == "nat"
+          target = 'RETURN' if table == 'nat'
           @non_tor.each { |ip|
             ipt "-t #{table} -A OUTPUT -d #{ip} -j #{target}"
           }
-          target = "REDIRECT --to-ports #{@tor.trans_port}" if table == "nat"
+          target = "REDIRECT --to-ports #{CONFIG.trans_port}" if table == 'nat'
           ipt "-t #{table} -A OUTPUT -p tcp -j #{target}"
-        }
+        end
       end
       def input
         # SSH
-        ipt "-A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT"
+        ipt '-A INPUT -p tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT'
         # Allow loopback
         ipt "-A INPUT -i #{@lo} -j ACCEPT"
         # Accept related
-        ipt "-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT"
+        ipt '-A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT'
       end
       def all
-        ipt "-t filter -A OUTPUT -p udp -j REJECT"
-        ipt "-t filter -A OUTPUT -p icmp -j REJECT"
+        ipt '-t filter -A OUTPUT -p udp -j REJECT'
+        ipt '-t filter -A OUTPUT -p icmp -j REJECT'
       end
     end
   end

data/lib/spior/iptables.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module Spior
   module Iptables
   end
@@ -6,3 +8,4 @@ end
 require_relative 'iptables/root'
 require_relative 'iptables/tor'
 require_relative 'iptables/default'
+require_relative 'iptables/rules'

data/lib/spior/menu.rb CHANGED Viewed

@@ -1,43 +1,36 @@
+# frozen_string_literal: true
 module Spior
   module Menu
-    extend self
-    def run
-      banner
+    def self.run
       loop do
         Msg.head
-        puts %q{Please select an option:
+        puts 'Please select an option:
-  1. Redirect traffic through tor
-  2. Reload tor and change your ip
-  3. Clear and restore your files
-  4. Check info on your current ip
-  5. Quit}
+  1. Redirect traffic through Tor
+  2. Reload Spior and change your IP
+  3. Stop Tor and use a clearnet navigation
+  4. Check info on your current IP
+  5. Install all the dependencies
+  6. Quit'
         puts
-        print ">> "
+        print '>> '
         case gets.chomp
         when '1'
-          Spior::Iptables::Tor.new.run!
+          Spior::Service.start
         when '2'
-          Spior::Serice.restart
+          Spior::Service.restart
         when '3'
-          Spior::Clear.all
+          Spior::Service.stop
         when '4'
           Spior::Status.info
         when '5'
+          Spior::Dep.looking
+        else
           exit
         end
       end
     end
-    private
-    def banner
-      puts "┏━┓┏━┓╻┏━┓┏━┓"
-      puts "┗━┓┣━┛┃┃ ┃┣┳┛"
-      puts "┗━┛╹  ╹┗━┛╹┗╸"
-      # generated with toilet -F crop -f future spior
-    end
   end
 end

data/lib/spior/msg.rb CHANGED Viewed

@@ -1,28 +1,42 @@
+# frozen_string_literal: true
 require 'rainbow'
 module Msg
-  extend self
+  module_function
+  def banner
+    puts
+    puts '┏━┓┏━┓╻┏━┓┏━┓'
+    puts '┗━┓┣━┛┃┃ ┃┣┳┛'
+    puts '┗━┛╹  ╹┗━┛╹┗╸'
+    puts
+    # generated with toilet -F crop -f future spior
+  end
   def head
-    puts Rainbow("------------------------------------------------").cyan
+    puts Rainbow('------------------------------------------------').cyan
   end
   def p(text)
-    puts Rainbow("[").cyan + Rainbow("+").white + Rainbow("]").cyan + " " + text
+    puts Rainbow('[').cyan + Rainbow('+').white + Rainbow(']').cyan + ' ' + text
   end
   def err(text)
-    puts Rainbow("[").red + Rainbow("-").white + Rainbow("]").red + " " + text
+    puts Rainbow('[').red + Rainbow('-').white + Rainbow(']').red + ' ' + text
   end
   def info(text)
-    puts Rainbow("-").blue + Rainbow("-").white + Rainbow("-").blue + " " + text + " " + Rainbow("-").blue + Rainbow("-").white + Rainbow("-").blue
+    print Rainbow('-').blue + Rainbow('-').white + Rainbow('-').blue
+    print " #{text} "
+    print Rainbow('-').blue + Rainbow('-').white + Rainbow('-').blue + "\n"
   end
   def report(text)
-    puts ""
+    puts
     info text
-    puts "Please, report this issue at https://github.com/szorfein/spior/issues"
-    puts ""
+    puts 'Please, report this issue at https://github.com/szorfein/spior/issues'
+    puts
+    exit 1
   end
 end

data/lib/spior/options.rb CHANGED Viewed

@@ -1,13 +1,10 @@
+# frozen_string_literal: true
 require 'optparse'
 module Spior
   class Options
-    attr_reader :install , :tor , :persist
     def initialize(argv)
-      @install = false
-      @tor = false
-      @persist = false
       parse(argv)
     end
@@ -15,46 +12,46 @@ module Spior
     def parse(argv)
       OptionParser.new do |opts|
-        opts.on("-i", "--install", "Install the dependencies") do
-          @install = true
+        opts.on('-i', '--install', 'Install the dependencies.') do
+          Spior::Dep.looking
         end
-        opts.on("-t", "--tor", "Redirect traffic through TOR") do
-          @tor = true
+        opts.on('-t', '--tor', 'Redirect traffic through TOR.') do
+          Spior::Service.start
         end
-        opts.on("-r", "--reload", "Reload TOR to change your ip") do
+        opts.on('-r', '--reload', 'Reload TOR to change your IP.') do
           Spior::Service.restart
           exit
         end
-        opts.on("-c", "--clearnet", "Reset iptables and return to clearnet navigation") do
-          Spior::Clear.all
+        opts.on('-c', '--clearnet', 'Reset iptables and return to clearnet navigation.') do
+          Spior::Service.stop
         end
-        opts.on("-s", "--status", "Look infos about your current ip") do
+        opts.on('-s', '--status', 'Look infos about your current IP.') do
           Spior::Status.info
           exit
         end
-        opts.on("-p", "--persist", "Active Spior at every boot.") do
-          @persist = true
+        opts.on('-p', '--persist', 'Active Spior at every boot.') do
+          Spior::Service.enable
         end
-        opts.on("-m", "--menu", "Display an interactive menu") do
+        opts.on('-m', '--menu', 'Display an interactive menu.') do
           Spior::Menu.run
         end
-        opts.on("-h", "--help", "Show this message") do
+        opts.on('-h', '--help', 'Show this message.') do
           puts opts
           exit
         end
         begin
-          argv = ["-m"] if argv.empty?
+          argv = ['-m'] if argv.empty?
           opts.parse!(argv)
         rescue OptionParser::ParseError => e
-          STDERR.puts e.message, "\n", opts
+          warn e.message, "\n", opts
           exit(-1)
         end
       end

data/lib/spior/service/enable.rb ADDED Viewed

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+require 'nomansland'
+module Spior
+  module Service
+    extend self
+    # enable the Tor redirection when you boot your system
+    #
+    # It should use and enable the services:
+    # + tor
+    # + iptables
+    def enable
+      case Nomansland.distro?
+      when :gentoo
+        for_gentoo
+      when :archlinux
+        Iptables::Rules.new.backup
+        Tor::Config.new(Tempfile.new('torrc')).backup
+        Helpers::Exec.new('systemctl').run('enable iptables tor')
+        Msg.p 'Services enabled for Archlinux...'
+      else
+        Msg.report 'Your distro is not yet supported.'
+      end
+    end
+    private
+    def for_gentoo
+      case Nomansland.init?
+      when :systemd
+        systemd_start('iptables-store')
+        systemd_enable('iptables-restore')
+        systemd_enable('tor')
+      when :openrc
+        system('sudo /etc/init.d/iptables save')
+        rc_upd = Helpers::Exec.new('rc-update')
+        rc_upd.run('rc-update add iptables boot')
+        rc_upd.run('rc-update add tor')
+        rc_upd.run('rc-update add tor default')
+      else
+        Msg.report 'Init no yet supported for start Iptables at boot'
+      end
+    end
+    def systemd_enable(service)
+      systemctl = Helpers::Exec.new('systemctl')
+      Msg.p "Search for service #{service}..."
+      unless system("systemctl is-enabled #{service}")
+        systemctl.run("enable #{service}")
+      end
+    end
+    def systemd_start(service)
+      systemctl = Helpers::Exec.new('systemctl')
+      Msg.p "Search for service #{service}..."
+      unless system("systemctl is-active #{service}")
+        systemctl.run("start #{service}")
+      end
+    end
+  end
+end

data/lib/spior/service/restart.rb CHANGED Viewed

@@ -1,21 +1,13 @@
-require 'tty-which'
+# frozen_string_literal: true
 module Spior
   module Service
     module_function
     def restart
-      if TTY::Which.exist?('systemctl')
-        Helpers::Exec.new("systemctl").run("restart tor")
-        Msg.p "ip changed."
-      elsif TTY::Which.exist? 'sv'
-        Helpers::Exec.new('sv').run('restart tor')
-        Msg.p 'ip changed.'
-      elsif File.exist? '/etc/init.d/tor'
-        Helpers::Exec.new('/etc/init.d/tor').run('restart')
-      else
-        Msg.report "Don't known yet how to restart Tor for your system."
-      end
+      Service.stop
+      Service.start
+      Msg.p 'ip changed.'
     end
   end
 end

data/lib/spior/service/start.rb CHANGED Viewed

@@ -1,26 +1,14 @@
-require 'tty-which'
+# frozen_string_literal: true
 module Spior
   module Service
     module_function
+    # Service.start should start Tor if not alrealy running
+    # And start to redirect the local traffic with Iptables
     def start
-      if TTY::Which.exist?('systemctl')
-        state = `systemctl is-active tor`.chomp
-        unless state == 'active'
-          Helpers::Exec.new("systemctl").run("start tor")
-          Msg.p "TOR started."
-        end
-      elsif TTY::Which.exist? 'sv'
-        unless File.exist? '/var/service/tor'
-          Helpers::Exec.new('ln').run('-s /etc/sv/tor /var/service/tor')
-          Msg.p "TOR started."
-        end
-      elsif File.exist? '/etc/init.d/tor'
-        Helpers::Exec.new('/etc/init.d/tor').run('start')
-      else
-        Msg.report "Don't known yet how to start Tor for your system."
-      end
+      Tor.start
+      Iptables::Tor.new.run!
     end
   end
 end

data/lib/spior/service/stop.rb ADDED Viewed

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+module Spior
+  module Service
+    module_function
+    def stop
+      Tor.stop
+      Iptables::Rules.new.restore
+    end
+  end
+end

data/lib/spior/service.rb CHANGED Viewed

@@ -1,7 +1,12 @@
+# frozen_string_literal: true
 module Spior
+  # Service should start/stop/restart Tor and Iptable.
   module Service
   end
 end
 require_relative 'service/start'
+require_relative 'service/stop'
 require_relative 'service/restart'
+require_relative 'service/enable'

data/lib/spior/status.rb CHANGED Viewed

@@ -1,38 +1,46 @@
+# frozen_string_literal: true
 require 'open-uri'
 require 'json'
 module Spior
+  # Status display information on your current IP addresse
+  #
+  # If you use an IPV6 address, it should fail to display a Tor IP...
   module Status
+    # Check on https://check.torproject.org/api/ip if Tor is enable or not
+    # and display the result.
     def self.enable
-      begin
-        status = "Disable"
-        api_check = "https://check.torproject.org/api/ip"
-        URI.open(api_check) do |l|
-          hash = JSON.parse l.read
-          status = "Enable" if hash["IsTor"] == true
-        end
-        status
-      rescue OpenURI::HTTPError => error
-        res = error.io
-        puts "Fail to join server #{res.status}"
+      status = 'Disable'
+      URI.open('https://check.torproject.org/api/ip') do |l|
+        hash = JSON.parse l.read
+        status = 'Enable' if hash['IsTor'] == true
       end
+      status
+    rescue OpenURI::HTTPError => error
+      res = error.io
+      puts "Fail to join server #{res.status}"
     end
+    # info check and display information from https://ipleak.net/json
+    #
+    # Check for:
+    # * +ip+
+    # * +continent_name+
+    # * +time_zone+
+    #
+    # We can add later info on City/Region or other things.
     def self.info
-      begin
-        api_check = "https://ipleak.net/json"
-        URI.open(api_check) do |l|
-          hash = JSON.parse l.read
-          puts
-          puts " Current ip  ===>  #{hash["ip"]}"
-          puts " Continent   ===>  #{hash["continent_name"]}"
-          puts " Timezone    ===>  #{hash["time_zone"]}"
-        end
-        puts " Status      ===>  #{enable}"
-      rescue OpenURI::HTTPError => error
-        res = error.io
-        puts "Fail to join server #{res.status}"
+      URI.open('https://ipleak.net/json') do |l|
+        hash = JSON.parse l.read
+        puts "  Current ip  ===>  #{hash['ip']}"
+        puts "  Continent   ===>  #{hash['continent_name']}"
+        puts "  Timezone    ===>  #{hash['time_zone']}"
       end
+      puts "  Status      ===>  #{enable}"
+    rescue OpenURI::HTTPError => error
+      res = error.io
+      puts "Fail to join server #{res.status}"
     end
   end
 end

data/lib/spior/tor/config.rb ADDED Viewed

@@ -0,0 +1,100 @@
+# frozen_string_literal: true
+require 'digest'
+module Spior
+  module Tor
+    # Generate a config file (torrc) for Spior
+    class Config
+      # ==== Attributes
+      #
+      # * +filename+ - A reference to a tempfile like filename=Tempfile.new('foo')
+      #
+      def initialize(filename)
+        @filename = filename
+        @content = ['# Generated by Spior, don\'t edit.', 'RunAsDaemon 1',
+                    'ClientOnly 1', 'SocksPort 0']
+        @content_torrc = []
+      end
+      # Generate a `torrc` compatible file for Spior
+      # Use value from Spior::CONFIG
+      def generate
+        generate_content(@content)
+        return if @content.length == 4
+        File.write @filename.path, @content.join("\n") + "\n"
+        Msg.p 'Generating Tor config...'
+      end
+      # Save current Tor options (Spior::CONFIG) in /etc/tor/torrc
+      # Only if theses options are not alrealy present
+      def backup
+        generate_content(@content_torrc)
+        outfile = File.open(@filename.path, 'w')
+        outfile.puts(File.read('/etc/tor/torrc'))
+        outfile.puts(@content_torrc.join("\n")) if @content_torrc != []
+        outfile.chmod(0644)
+        outfile.close
+        Msg.p 'Saving Tor options...'
+        move(@filename.path, '/etc/tor/torrc')
+      end
+      protected
+      def generate_content(content)
+        adding content, 'AutomapHostsOnResolve 1'
+        adding content, "DNSPort #{CONFIG.dns_port}"
+        adding content, "VirtualAddrNetworkIpv4 #{CONFIG.virt_addr}"
+        adding content, "TransPort #{CONFIG.trans_port} IsolateClientAddr
+               IsolateClientProtocol IsolateDestAddr IsolateDestPort"
+      end
+      private
+      def search(option_name)
+        File.open('/etc/tor/torrc') do |f|
+          f.each do |line|
+            return Regexp.last_match(1) if line.match(/#{option_name} ([a-z0-9]*)/i)
+          end
+        end
+        false
+      end
+      def adding(content, option)
+        o = option.split(' ')
+        all = o[1..o.length].join(' ')
+        unless search(o[0])
+          content << "#{o[0]} #{all}"
+        end
+      end
+      def digest_match?(src, dest)
+        md5_src = Digest::MD5.file src
+        md5_dest = Digest::MD5.file dest
+        md5_src == md5_dest
+      end
+      # Permission for Archlinux on a torrc are chmod 644, chown root:root
+      def fix_perm(file)
+        if Process::Sys.getuid == '0'
+          file.chown(0, 0)
+        else
+          Helpers::Exec.new('chown').run("root:root #{file}")
+        end
+      end
+      def move(src, dest)
+        return if digest_match? src, dest
+        fix_perm(@filename.path)
+        if Process::Sys.getuid == '0'
+          FileUtils.mv(src, dest)
+        else
+          Helpers::Exec.new('mv').run("#{src} #{dest}")
+        end
+      end
+    end
+  end
+end

data/lib/spior/tor/data.rb ADDED Viewed

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+require 'nomansland'
+module Spior
+  module Tor
+    ##
+    # Data
+    # Fill Spior::CONFIG with data found on `/etc/tor/torrc` or set default.
+    #
+    # ==== Attributes
+    #
+    # * +user+ - Username used by Tor on your distro, e.g 'tor' on Archlinux
+    # * +dns_port+ - Open this port to listen for UDP DNS requests, and resolve them anonymously
+    # * +uid+ - The uid value from the user attribute.
+    # * +trans_port+ - Port to open to listen for transparent proxy connections.
+    # * +virt_addr+ - Default use '10.192.0.0/10'.
+    #
+    class Data
+      attr_accessor :user, :dns_port, :trans_port, :virt_addr, :uid
+      def initialize
+        @user = search('User') || 'tor'
+        @dns_port = search('DNSPort') || '9061'
+        @trans_port = search('TransPort') || '9040'
+        @virt_addr = search('VirtualAddrNetworkIPv4') || '10.192.0.0/10'
+        @uid = search_uid || 0
+      end
+      private
+      # Search value of option_name in the /etc/tor/torrc
+      # Return false by default
+      def search(option_name)
+        File.open('/etc/tor/torrc') do |f|
+          f.each do |line|
+            return Regexp.last_match(1) if line.match(/#{option_name} ([a-z0-9.\/]*)/i)
+          end
+        end
+        false
+      end
+      def search_uid
+        case Nomansland.distro?
+        when :debian || :ubuntu
+          `id -u debian-tor`.chomp
+        else
+          `id -u #{@user}`.chomp
+        end
+      end
+    end
+  end
+end