trocla 0.5.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0c97189ff5ad5fa72b1bd544184e6f6d7908f5a2c4bb2a7e26354e8752f0896d
-  data.tar.gz: 98dce1e963a7e1be22e74fe5664cd1e691af5ed7feed97e87f43f584991d433f
+  metadata.gz: 4f7a0780a994967b2822530c7f6d0d705b76e35200e7829056d7d5ba1d78c754
+  data.tar.gz: ac7ca45af328553379edc3c4fe5e9f77c455a48078d9b4dec3c9499620ed855f
 SHA512:
-  metadata.gz: b860303d450b55006d09ec67af5827b5d5f4421d00ec37a83258a6be04f0b5689af23edba371839650d196f95b2d2a9563fc836743888554fbafcc777a4f00a5
-  data.tar.gz: 3d3aec51b897e5236e0936f791bc100c00524fb16dd1524b23766ac8716b5ad93b439b86cf2a31ab7cf547b5b0834701fb76b3332c100aa83076f590a3276d6b
+  metadata.gz: 650c500e320f1b67171e54efff85f6b519c7d577f6fd4f08ea9ea5eb06228a59430db544307f74846c7a9050f09d6a942a8c427aa7564c095432edfe85e40319
+  data.tar.gz: 8acc3a03116b77adbc13534a4d25ecd06d3eef9f6a6e8142ffcdd9bcb5cefce034936c0cfd149a6172cc2eeed80a88a3fac02300175e1c4abfd74b3b7d2ca1ef

data/.github/workflows/ruby.yml

@@ -21,4 +21,4 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        ruby: ['2.5','2.7', '3.0', '3.1','head','jruby','jruby-head']
+        ruby: ['2.5','2.7', '3.0', '3.1','3.2','3.3','head','jruby','jruby-head']

data/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+## to 0.6.0
+
+* move away from sha1 since they are not supported anymore on all distributions
+* fix tests on various platforms and newer ruby versions
+* introduce hooks for set and delete actions
+
 ## to 0.5.1
 
 * support more moneta versions (#78) - Thank you [jcharaoui](https://github.com/jcharaoui)

data/README.md

@@ -1,5 +1,5 @@
 # trocla
-[![Build Status](https://travis-ci.org/duritong/trocla.png)](https://travis-ci.org/duritong/trocla)
+[![Ruby](https://github.com/duritong/trocla/actions/workflows/ruby.yml/badge.svg)](https://github.com/duritong/trocla/actions/workflows/ruby.yml)
 
 Trocla provides you a simple way to create and store (random) passwords on a
 central server, which can be retrieved by other applications. An example for
@@ -373,6 +373,37 @@ encryption_options:
     :public_key: '/var/lib/puppet/ssl/public_keys/trocla.pem'
 ```
 
+## Hooks
+
+You can specify hooks to be called whenever trocla sets or deletes a password. The idea is that this allows you to run custom code that can trigger further actions based on deleting or setting a password.
+
+Enabling hooks is done through the following configuration:
+
+```YAML
+hooks:
+  set:
+    my_hook: /path/to/my_hook_file.rb
+  delete:
+    other_hook: /path/to/my_other_hook_file.rb
+```
+
+A hook must have the following implementation based on the above config:
+
+```Ruby
+class Trocla
+  module Hooks
+    def self.my_hook(trocla, key, format, options)
+      # [... your code ...]
+    end
+  end
+end
+```
+You can specify only either one or both kinds of hooks.
+
+Hooks must not raise any exceptions or interrupt the flow itself. They can also not change the value that was set or revert a deletion.
+
+However, they have Trocla itself available (through `trocla`) and you must ensure to not create infinite loops.
+
 ## Update & Changes
 
 See [Changelog](CHANGELOG.md)

data/lib/VERSION

@@ -1,4 +1,4 @@
 major:0
-minor:5
-patch:1
+minor:6
+patch:0
 build:

data/lib/trocla/hooks.rb

@@ -0,0 +1,33 @@
+class Trocla
+  module Hooks
+    class Runner
+      attr_reader :trocla
+      def initialize(trocla)
+        @trocla = trocla
+      end
+
+      def run(action, key, format, options)
+        return unless hooks[action]
+        hooks[action].each do |cmd|
+          Trocla::Hooks.send(cmd, trocla, key, format, options)
+        end
+      end
+
+      private
+
+      def hooks
+        @hooks ||= begin
+          res = {}
+          (trocla.config['hooks'] || {}).each do |action,action_hooks|
+            res[action] ||= []
+            action_hooks.each do |cmd,file|
+              require File.join(file)
+              res[action] << cmd
+            end
+          end
+          res
+        end
+      end
+    end
+  end
+end

data/lib/trocla.rb

@@ -3,6 +3,7 @@ require 'trocla/util'
 require 'trocla/formats'
 require 'trocla/encryptions'
 require 'trocla/stores'
+require 'trocla/hooks'
 
 # Trocla class
 class Trocla
@@ -67,6 +68,7 @@ class Trocla
 
   def delete_password(key, format = nil, options = {})
     v = store.delete(key, format)
+    hooks_runner.run('delete', key, format, options)
     if v.is_a?(Hash)
       Hash[*v.map do |f, encrypted_value|
         [f, render(format, decrypt(encrypted_value), options)]
@@ -78,6 +80,7 @@ class Trocla
 
   def set_password(key, format, password, options = {})
     store.set(key, format, encrypt(password), options)
+    hooks_runner.run('set', key, format, options)
     render(format, password, options)
   end
 
@@ -122,6 +125,12 @@ class Trocla
     clazz.new(config['store_options'], self)
   end
 
+  def hooks_runner
+    @hooks_runner ||= begin
+      Trocla::Hooks::Runner.new(self)
+    end
+  end
+
   def read_config
     if @config_file.nil?
       default_config

data/spec/fixtures/delete_test_hook.rb

@@ -0,0 +1,12 @@
+class Trocla
+  module Hooks
+
+    def self.delete_test_hook(trocla, key, format, options)
+      self.delete_messages << "#{key}_#{format}"
+    end
+
+    def self.delete_messages
+      @delete_messages ||= []
+    end
+  end
+end

data/spec/fixtures/set_test_hook.rb

@@ -0,0 +1,12 @@
+class Trocla
+  module Hooks
+
+    def self.set_test_hook(trocla, key, format, options)
+      self.set_messages << "#{key}_#{format}"
+    end
+
+    def self.set_messages
+      @set_messages ||= []
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -241,13 +241,13 @@ def default_config
 end
 
 def test_config
-  @config ||= default_config.merge({
+  @test_config ||= default_config.merge({
     'store' => :memory,
   })
 end
 
 def test_config_persistent
-  @config ||= default_config.merge({
+  @test_config_persistent ||= default_config.merge({
     'store_options' => {
       'adapter'         => :YAML,
       'adapter_options' => {
@@ -267,6 +267,19 @@ def ssl_test_config
   })
 end
 
+def hooks_config
+  @hooks_config ||= test_config.merge({
+    'hooks' => {
+      'set' => {
+        'set_test_hook' => File.expand_path(File.join(base_dir,'spec/fixtures/set_test_hook.rb'))
+      },
+      'delete' => {
+        'delete_test_hook' => File.expand_path(File.join(base_dir,'spec/fixtures/delete_test_hook.rb'))
+      }
+    }
+  })
+end
+
 def base_dir
   File.dirname(__FILE__)+'/../'
 end

data/spec/trocla/formats/x509_spec.rb

@@ -45,7 +45,7 @@ describe "Trocla::Format::X509" do
       expect((Date.parse(cert.not_after.localtime.to_s) - Date.today).to_i).to eq(365)
       # it's a self signed cert and NOT a CA
       # Change of behavior on openssl side: https://github.com/openssl/openssl/issues/15146
-      validates_self_even_if_no_ca = Gem::Version.new(%x{openssl version}.split(' ')[1]) > Gem::Version.new('1.1.1g')
+      validates_self_even_if_no_ca = RUBY_ENGINE == 'jruby' ? true : Gem::Version.new(%x{openssl version}.split(' ')[1]) > Gem::Version.new('1.1.1g')
       expect(verify(cert,cert)).to be validates_self_even_if_no_ca
 
       v = cert.extensions.find{|e| e.oid == 'basicConstraints' }.value
@@ -291,7 +291,7 @@ describe "Trocla::Format::X509" do
 
     it 'respects all options' do
       co = cert_options.merge({
-        'hash'         => 'sha1',
+        'hash'         => 'sha512',
         'keysize'      => 2048,
         'days'         => 3650,
         'subject'      => nil,
@@ -311,8 +311,7 @@ describe "Trocla::Format::X509" do
         expect(cert.subject.to_s).to match(/#{field}=#{co[field]}/)
       end
       expect(cert.subject.to_s).to match(/(Email|emailAddress)=#{co['emailAddress']}/)
-      hash_match = (defined?(RUBY_ENGINE) &&RUBY_ENGINE == 'jruby') ? 'RSA-SHA1' : 'sha1WithRSAEncryption'
-      expect(cert.signature_algorithm).to eq(hash_match)
+      expect(cert.signature_algorithm).to eq('sha512WithRSAEncryption')
       expect(cert.not_before).to be < Time.now
       expect((Date.parse(cert.not_after.localtime.to_s) - Date.today).to_i).to eq(3650)
       # https://stackoverflow.com/questions/13747212/determine-key-size-from-public-key-pem-format

data/spec/trocla/hooks_spec.rb

@@ -0,0 +1,42 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+
+describe "Trocla::Hooks::Runner" do
+
+  before(:each) do
+    expect_any_instance_of(Trocla).to receive(:read_config).and_return(hooks_config)
+    @trocla = Trocla.new
+  end
+
+  after(:each) do
+    Trocla::Hooks.set_messages.clear
+    Trocla::Hooks.delete_messages.clear
+  end
+
+  describe 'running hooks' do
+    describe 'setting password' do
+      it "calls the set hook" do
+        @trocla.password('random1', 'plain')
+        expect(Trocla::Hooks.set_messages.length).to eql(1)
+        expect(Trocla::Hooks.delete_messages.length).to eql(0)
+        expect(Trocla::Hooks.set_messages.first).to eql("random1_plain")
+      end
+    end
+    describe 'deleting password' do
+      it "calls the delete hook" do
+        @trocla.delete_password('random1', 'plain')
+        expect(Trocla::Hooks.delete_messages.length).to eql(1)
+        expect(Trocla::Hooks.set_messages.length).to eql(0)
+        expect(Trocla::Hooks.delete_messages.first).to eql("random1_plain")
+      end
+    end
+    describe 'reset password' do
+      it "calls the delete and set hook" do
+        @trocla.reset_password('random1', 'plain')
+        expect(Trocla::Hooks.set_messages.length).to eql(1)
+        expect(Trocla::Hooks.set_messages.first).to eql("random1_plain")
+        expect(Trocla::Hooks.delete_messages.length).to eql(1)
+        expect(Trocla::Hooks.delete_messages.first).to eql("random1_plain")
+      end
+    end
+  end
+end

data/spec/trocla_spec.rb

@@ -22,6 +22,13 @@ describe "Trocla" do
       end
 
       Trocla::Formats.all.each do |format|
+        if format == 'wireguard'
+          require 'open3'
+          before(:each) do
+            allow(Open3).to receive(:popen3).with('wg genkey').and_yield(nil, StringIO.new('key'), nil, nil)
+            allow(Open3).to receive(:popen3).with('wg pubkey').and_yield(StringIO.new, StringIO.new('key'), nil, nil)
+          end
+        end
         describe "#{format} password format" do
           it "retursn a password hashed in the #{format} format" do
             expect(@trocla.password('some_test',format,format_options[format])).not_to be_empty

data/trocla.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: trocla 0.5.1 ruby lib
+# stub: trocla 0.6.0 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "trocla".freeze
-  s.version = "0.5.1"
+  s.version = "0.6.0".freeze
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["mh".freeze]
-  s.date = "2023-02-17"
+  s.date = "2024-12-30"
   s.description = "Trocla helps you to generate random passwords and to store them in various formats (plain, MD5, bcrypt) for later retrival.".freeze
   s.email = "mh+trocla@immerda.ch".freeze
   s.executables = ["trocla".freeze]
@@ -49,6 +49,7 @@ Gem::Specification.new do |s|
     "lib/trocla/formats/sshkey.rb",
     "lib/trocla/formats/wireguard.rb",
     "lib/trocla/formats/x509.rb",
+    "lib/trocla/hooks.rb",
     "lib/trocla/store.rb",
     "lib/trocla/stores.rb",
     "lib/trocla/stores/memory.rb",
@@ -57,12 +58,15 @@ Gem::Specification.new do |s|
     "lib/trocla/util.rb",
     "lib/trocla/version.rb",
     "spec/data/.keep",
+    "spec/fixtures/delete_test_hook.rb",
+    "spec/fixtures/set_test_hook.rb",
     "spec/spec_helper.rb",
     "spec/trocla/encryptions/none_spec.rb",
     "spec/trocla/encryptions/ssl_spec.rb",
     "spec/trocla/formats/pgsql_spec.rb",
     "spec/trocla/formats/sshkey_spec.rb",
     "spec/trocla/formats/x509_spec.rb",
+    "spec/trocla/hooks_spec.rb",
     "spec/trocla/store/memory_spec.rb",
     "spec/trocla/store/moneta_spec.rb",
     "spec/trocla/util_spec.rb",
@@ -71,35 +75,20 @@ Gem::Specification.new do |s|
   ]
   s.homepage = "https://tech.immerda.ch/2011/12/trocla-get-hashed-passwords-out-of-puppet-manifests/".freeze
   s.licenses = ["GPLv3".freeze]
-  s.rubygems_version = "3.3.26".freeze
+  s.rubygems_version = "3.5.22".freeze
   s.summary = "Trocla a simple password generator and storage".freeze
 
-  if s.respond_to? :specification_version then
-    s.specification_version = 4
-  end
+  s.specification_version = 4
 
-  if s.respond_to? :add_runtime_dependency then
-    s.add_runtime_dependency(%q<highline>.freeze, ["~> 2.0.0"])
-    s.add_runtime_dependency(%q<moneta>.freeze, ["~> 1.0"])
-    s.add_runtime_dependency(%q<bcrypt>.freeze, [">= 0"])
-    s.add_runtime_dependency(%q<sshkey>.freeze, [">= 0"])
-    s.add_development_dependency(%q<rake>.freeze, [">= 0"])
-    s.add_development_dependency(%q<addressable>.freeze, [">= 0"])
-    s.add_development_dependency(%q<jeweler>.freeze, ["~> 2.0"])
-    s.add_development_dependency(%q<rdoc>.freeze, [">= 0"])
-    s.add_development_dependency(%q<rspec>.freeze, [">= 0"])
-    s.add_development_dependency(%q<rspec-pending_for>.freeze, [">= 0"])
-  else
-    s.add_dependency(%q<highline>.freeze, ["~> 2.0.0"])
-    s.add_dependency(%q<moneta>.freeze, ["~> 1.0"])
-    s.add_dependency(%q<bcrypt>.freeze, [">= 0"])
-    s.add_dependency(%q<sshkey>.freeze, [">= 0"])
-    s.add_dependency(%q<rake>.freeze, [">= 0"])
-    s.add_dependency(%q<addressable>.freeze, [">= 0"])
-    s.add_dependency(%q<jeweler>.freeze, ["~> 2.0"])
-    s.add_dependency(%q<rdoc>.freeze, [">= 0"])
-    s.add_dependency(%q<rspec>.freeze, [">= 0"])
-    s.add_dependency(%q<rspec-pending_for>.freeze, [">= 0"])
-  end
+  s.add_runtime_dependency(%q<highline>.freeze, ["~> 2.0.0".freeze])
+  s.add_runtime_dependency(%q<moneta>.freeze, ["~> 1.0".freeze])
+  s.add_runtime_dependency(%q<bcrypt>.freeze, [">= 0".freeze])
+  s.add_runtime_dependency(%q<sshkey>.freeze, [">= 0".freeze])
+  s.add_development_dependency(%q<rake>.freeze, [">= 0".freeze])
+  s.add_development_dependency(%q<addressable>.freeze, [">= 0".freeze])
+  s.add_development_dependency(%q<jeweler>.freeze, ["~> 2.0".freeze])
+  s.add_development_dependency(%q<rdoc>.freeze, [">= 0".freeze])
+  s.add_development_dependency(%q<rspec>.freeze, [">= 0".freeze])
+  s.add_development_dependency(%q<rspec-pending_for>.freeze, [">= 0".freeze])
 end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: trocla
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.6.0
 platform: ruby
 authors:
 - mh
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-02-17 00:00:00.000000000 Z
+date: 2024-12-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: highline
@@ -189,6 +189,7 @@ files:
 - lib/trocla/formats/sshkey.rb
 - lib/trocla/formats/wireguard.rb
 - lib/trocla/formats/x509.rb
+- lib/trocla/hooks.rb
 - lib/trocla/store.rb
 - lib/trocla/stores.rb
 - lib/trocla/stores/memory.rb
@@ -197,12 +198,15 @@ files:
 - lib/trocla/util.rb
 - lib/trocla/version.rb
 - spec/data/.keep
+- spec/fixtures/delete_test_hook.rb
+- spec/fixtures/set_test_hook.rb
 - spec/spec_helper.rb
 - spec/trocla/encryptions/none_spec.rb
 - spec/trocla/encryptions/ssl_spec.rb
 - spec/trocla/formats/pgsql_spec.rb
 - spec/trocla/formats/sshkey_spec.rb
 - spec/trocla/formats/x509_spec.rb
+- spec/trocla/hooks_spec.rb
 - spec/trocla/store/memory_spec.rb
 - spec/trocla/store/moneta_spec.rb
 - spec/trocla/util_spec.rb
@@ -227,7 +231,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.26
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: Trocla a simple password generator and storage