RubyGems - vagrant-ec2-metadata - Versions diffs - 0.0.4 → 0.0.5 - Mend

vagrant-ec2-metadata 0.0.4 → 0.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/lib/vagrant-ec2-metadata/server.rb +33 -11
data/lib/vagrant-ec2-metadata/version.rb +1 -1
data/lib/vagrant-ec2-metadata.rb +5 -4
data.tar.gz.sig +1 -2
metadata +7 -8
metadata.gz.sig +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 822b3d6ab4f2fc4b4f5eb512bcf398dcfec40b72dbd69de8f9280323fc10d9d4
-  data.tar.gz: cab8260dcffeac0157ec521d8b71a90bb2d658ae2a2969b3d44ca20237cf5c9f
+  metadata.gz: 2e867c6d250971803534937a1a989806fb0a2e65ad650e01fa5770f77ec083f0
+  data.tar.gz: 343d5435d23a8a54a9f3936822cb47a3416e43b44b7f15297e1b1e5a54bfb99c
 SHA512:
-  metadata.gz: 133835fd1741a1dfc7607f302b94b36ca0c9af234838c9b6ee5075e95c5131444b2abb773a49e987e894f29c8026e6a1757976fe0c5084ea61321dada7c366d2
-  data.tar.gz: 80aba68130cc15c815f68c409e43ac6e0bf3e64b4d7ded6e1deee9bff8183ace8c60566a0b3bb687ee7bb7d482c228e6e3629771c3718a4334fbf79787ffe403
+  metadata.gz: d69d13a1f61cb0406324f3c4c90d336172df3ef3f7526a983fd14af28d2aa366ba120ebc127719849bcbc5120bfdb1654ba5870f75f1c81cb5c323f2ca4994f8
+  data.tar.gz: 88f574e031baa81c664e876cf73a54968eb7af388d033de0bfcefbdc78325eabe6c31d456c44af688c4f365acc6cbd4c074e94168b9ebfdba0344be866c2fab4

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/lib/vagrant-ec2-metadata/server.rb CHANGED Viewed

@@ -4,6 +4,15 @@ require "socket"
 ENV["AWS_DEFAULT_REGION"] ||= "us-west-2"
+# WEBrick doesn't let us use PUT unless we apply this hack first
+module WEBrick
+  module HTTPServlet
+    class ProcHandler
+      alias do_PUT do_GET
+    end
+  end
+end
 module VagrantEc2Metadata
   class Server
     def initialize(config, port, options, env)
@@ -11,6 +20,7 @@ module VagrantEc2Metadata
       @port = port
       @options = options
       @env = env
+      @imdsv2_token = "supersecrettoken"
     end
     def start
@@ -31,6 +41,18 @@ module VagrantEc2Metadata
           next
         end
+        if req.request_method == "PUT"
+          if req.path == "/latest/api/token"
+            res.body = @imdsv2_token
+          end
+          next
+        end
+        if @config.require_tokens && (!req.header["x-aws-ec2-metadata-token"] || req.header["x-aws-ec2-metadata-token"][0] != @imdsv2_token)
+          res.status = 401 # Unauthorized
+          next
+        end
         # This endpoint is all we handle right now
         if !req.path.start_with?("/latest/meta-data/iam/security-credentials")
           res.status = 404
@@ -59,17 +81,17 @@ module VagrantEc2Metadata
             creds = resp.credentials
           end
-          res.body = <<EOF
-{
-  "Code" : "Success",
-  "LastUpdated" : "#{Time.now.strftime("%Y-%m-%dT%H:%M:%SZ")}",
-  "Type" : "AWS-HMAC",
-  "AccessKeyId" : "#{creds.access_key_id}",
-  "SecretAccessKey" : "#{creds.secret_access_key}",
-  "Token" : "#{creds.session_token}",
-  "Expiration" : "#{creds.expiration.strftime("%Y-%m-%dT%H:%M:%SZ")}"
-}
-EOF
+          res.body = <<~EOF
+            {
+              "Code" : "Success",
+              "LastUpdated" : "#{Time.now.strftime("%Y-%m-%dT%H:%M:%SZ")}",
+              "Type" : "AWS-HMAC",
+              "AccessKeyId" : "#{creds.access_key_id}",
+              "SecretAccessKey" : "#{creds.secret_access_key}",
+              "Token" : "#{creds.session_token}",
+              "Expiration" : "#{creds.expiration.strftime("%Y-%m-%dT%H:%M:%SZ")}"
+            }
+          EOF
         end
       end

data/lib/vagrant-ec2-metadata/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module VagrantEc2Metadata
-  VERSION = "0.0.4"
+  VERSION = "0.0.5"
 end

data/lib/vagrant-ec2-metadata.rb CHANGED Viewed

@@ -7,9 +7,11 @@ module VagrantEc2Metadata
     attr_accessor :profile
     attr_accessor :role_arn
     attr_accessor :port
+    attr_accessor :require_tokens
     def initialize
       @profile = UNSET_VALUE
+      @require_tokens = false
     end
     def finalize!
@@ -40,10 +42,9 @@ module VagrantEc2Metadata
       # If you are having troubles with the iptables rule, you can flush it with:
       # sudo iptables -t nat -F
-      cmd = <<EOF
-sudo iptables -t nat -A OUTPUT -p tcp -d 169.254.169.254 -j DNAT --to-destination #{host_ip}:#{port} || echo 'Error setting up iptables rule.'
-grep -q -F '169.254.169.254 instance-data' /etc/hosts || echo "# Added by vagrant-ec2-metadata:\n169.254.169.254 instance-data" | sudo tee -a /etc/hosts >/dev/null
-EOF
+      cmd = <<~EOF
+        sudo iptables -t nat -A OUTPUT -p tcp -d 169.254.169.254 -j DNAT --to-destination #{host_ip}:#{port} || echo 'Error setting up iptables rule.'
+      EOF
       @machine.ui.info("Setting up an iptables rule for the EC2 metadata server (port #{port}).")
       @machine.action(:ssh_run,

data.tar.gz.sig CHANGED Viewed

@@ -1,2 +1 @@
-�W,��>h�Ե(�	�r�/�[���'-�v?9��2��=���M�]&�ղ��+�BJ��J��E�<X���xLjl<�V��߱���F��Y�Y*�nT��1�rbW?Gg�Ѡ�}��nG���l&|���%��ua�`�\����2n�J.�:�"(JK��ID5e�/�T��L��/tS��*3(�2����6=�`�%��(���۵ܳ��Gp+�Xǌ
-4�ْ�`�d�l�X����d�6s��Q
+��3$6��=V��,>s��8ه�H��c蘣

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: vagrant-ec2-metadata
 version: !ruby/object:Gem::Version
-  version: 0.0.4
+  version: 0.0.5
 platform: ruby
 authors:
 - Stefan Sundin
@@ -31,7 +31,7 @@ cert_chain:
   E04BZKo2WzOTzSDymo97Yu4YFgyc98umMyeaCvPk4YmdNzqSanAXpY2bnsyu0CF5
   Td0=
   -----END CERTIFICATE-----
-date: 2018-06-20 00:00:00.000000000 Z
+date: 2022-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -39,28 +39,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.6'
+        version: '3.164'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.6'
+        version: '3.164'
 - !ruby/object:Gem::Dependency
   name: webrick
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.6.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 1.6.1
 description: Easily provide vagrant machines with AWS credentials by faking an EC2
   metadata server.
 email:
@@ -91,8 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.7.7
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
 summary: Easily provide vagrant machines with AWS credentials.

metadata.gz.sig CHANGED Viewed

Binary file