vagrant-ec2-metadata 0.0.4 → 0.0.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/lib/vagrant-ec2-metadata/server.rb +33 -11
  4. data/lib/vagrant-ec2-metadata/version.rb +1 -1
  5. data/lib/vagrant-ec2-metadata.rb +5 -4
  6. data.tar.gz.sig +1 -2
  7. metadata +7 -8
  8. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 822b3d6ab4f2fc4b4f5eb512bcf398dcfec40b72dbd69de8f9280323fc10d9d4
4
- data.tar.gz: cab8260dcffeac0157ec521d8b71a90bb2d658ae2a2969b3d44ca20237cf5c9f
3
+ metadata.gz: 2e867c6d250971803534937a1a989806fb0a2e65ad650e01fa5770f77ec083f0
4
+ data.tar.gz: 343d5435d23a8a54a9f3936822cb47a3416e43b44b7f15297e1b1e5a54bfb99c
5
5
  SHA512:
6
- metadata.gz: 133835fd1741a1dfc7607f302b94b36ca0c9af234838c9b6ee5075e95c5131444b2abb773a49e987e894f29c8026e6a1757976fe0c5084ea61321dada7c366d2
7
- data.tar.gz: 80aba68130cc15c815f68c409e43ac6e0bf3e64b4d7ded6e1deee9bff8183ace8c60566a0b3bb687ee7bb7d482c228e6e3629771c3718a4334fbf79787ffe403
6
+ metadata.gz: d69d13a1f61cb0406324f3c4c90d336172df3ef3f7526a983fd14af28d2aa366ba120ebc127719849bcbc5120bfdb1654ba5870f75f1c81cb5c323f2ca4994f8
7
+ data.tar.gz: 88f574e031baa81c664e876cf73a54968eb7af388d033de0bfcefbdc78325eabe6c31d456c44af688c4f365acc6cbd4c074e94168b9ebfdba0344be866c2fab4
checksums.yaml.gz.sig CHANGED
Binary file
data/lib/vagrant-ec2-metadata/server.rb CHANGED
@@ -4,6 +4,15 @@ require "socket"
4
4
 
5
5
  ENV["AWS_DEFAULT_REGION"] ||= "us-west-2"
6
6
 
7
+ # WEBrick doesn't let us use PUT unless we apply this hack first
8
+ module WEBrick
9
+ module HTTPServlet
10
+ class ProcHandler
11
+ alias do_PUT do_GET
12
+ end
13
+ end
14
+ end
15
+
7
16
  module VagrantEc2Metadata
8
17
  class Server
9
18
  def initialize(config, port, options, env)
@@ -11,6 +20,7 @@ module VagrantEc2Metadata
11
20
  @port = port
12
21
  @options = options
13
22
  @env = env
23
+ @imdsv2_token = "supersecrettoken"
14
24
  end
15
25
 
16
26
  def start
@@ -31,6 +41,18 @@ module VagrantEc2Metadata
31
41
  next
32
42
  end
33
43
 
44
+ if req.request_method == "PUT"
45
+ if req.path == "/latest/api/token"
46
+ res.body = @imdsv2_token
47
+ end
48
+ next
49
+ end
50
+
51
+ if @config.require_tokens && (!req.header["x-aws-ec2-metadata-token"] || req.header["x-aws-ec2-metadata-token"][0] != @imdsv2_token)
52
+ res.status = 401 # Unauthorized
53
+ next
54
+ end
55
+
34
56
  # This endpoint is all we handle right now
35
57
  if !req.path.start_with?("/latest/meta-data/iam/security-credentials")
36
58
  res.status = 404
@@ -59,17 +81,17 @@ module VagrantEc2Metadata
59
81
  creds = resp.credentials
60
82
  end
61
83
 
62
- res.body = <<EOF
63
- {
64
- "Code" : "Success",
65
- "LastUpdated" : "#{Time.now.strftime("%Y-%m-%dT%H:%M:%SZ")}",
66
- "Type" : "AWS-HMAC",
67
- "AccessKeyId" : "#{creds.access_key_id}",
68
- "SecretAccessKey" : "#{creds.secret_access_key}",
69
- "Token" : "#{creds.session_token}",
70
- "Expiration" : "#{creds.expiration.strftime("%Y-%m-%dT%H:%M:%SZ")}"
71
- }
72
- EOF
84
+ res.body = <<~EOF
85
+ {
86
+ "Code" : "Success",
87
+ "LastUpdated" : "#{Time.now.strftime("%Y-%m-%dT%H:%M:%SZ")}",
88
+ "Type" : "AWS-HMAC",
89
+ "AccessKeyId" : "#{creds.access_key_id}",
90
+ "SecretAccessKey" : "#{creds.secret_access_key}",
91
+ "Token" : "#{creds.session_token}",
92
+ "Expiration" : "#{creds.expiration.strftime("%Y-%m-%dT%H:%M:%SZ")}"
93
+ }
94
+ EOF
73
95
  end
74
96
  end
75
97
 
data/lib/vagrant-ec2-metadata/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module VagrantEc2Metadata
2
- VERSION = "0.0.4"
2
+ VERSION = "0.0.5"
3
3
  end
data/lib/vagrant-ec2-metadata.rb CHANGED
@@ -7,9 +7,11 @@ module VagrantEc2Metadata
7
7
  attr_accessor :profile
8
8
  attr_accessor :role_arn
9
9
  attr_accessor :port
10
+ attr_accessor :require_tokens
10
11
 
11
12
  def initialize
12
13
  @profile = UNSET_VALUE
14
+ @require_tokens = false
13
15
  end
14
16
 
15
17
  def finalize!
@@ -40,10 +42,9 @@ module VagrantEc2Metadata
40
42
  # If you are having troubles with the iptables rule, you can flush it with:
41
43
  # sudo iptables -t nat -F
42
44
 
43
- cmd = <<EOF
44
- sudo iptables -t nat -A OUTPUT -p tcp -d 169.254.169.254 -j DNAT --to-destination #{host_ip}:#{port} || echo 'Error setting up iptables rule.'
45
- grep -q -F '169.254.169.254 instance-data' /etc/hosts || echo "# Added by vagrant-ec2-metadata:\n169.254.169.254 instance-data" | sudo tee -a /etc/hosts >/dev/null
46
- EOF
45
+ cmd = <<~EOF
46
+ sudo iptables -t nat -A OUTPUT -p tcp -d 169.254.169.254 -j DNAT --to-destination #{host_ip}:#{port} || echo 'Error setting up iptables rule.'
47
+ EOF
47
48
 
48
49
  @machine.ui.info("Setting up an iptables rule for the EC2 metadata server (port #{port}).")
49
50
  @machine.action(:ssh_run,
data.tar.gz.sig CHANGED
@@ -1,2 +1 @@
1
- �W,��>h�Ե(� �r�/�[���'-�v?9��2��=���M�]&�ղ��+�BJ��J��E�<X���xLjl<�V��߱���F��Y�Y* �nT��1�rbW?Gg�Ѡ�}��nG���l&|���%� �ua�`�\����2n�J.�:�"(JK��ID5e�/�T��L��/tS��*3(� 2����6=�`�%��(���۵ܳ��Gp+�Xnj
2
- 4�ْ�`�d�l�X����d�6s��Q
1
+ ��3$6��=V��,>s��8ه�H��c蘣
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vagrant-ec2-metadata
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.4
4
+ version: 0.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Stefan Sundin
@@ -31,7 +31,7 @@ cert_chain:
31
31
  E04BZKo2WzOTzSDymo97Yu4YFgyc98umMyeaCvPk4YmdNzqSanAXpY2bnsyu0CF5
32
32
  Td0=
33
33
  -----END CERTIFICATE-----
34
- date: 2018-06-20 00:00:00.000000000 Z
34
+ date: 2022-10-25 00:00:00.000000000 Z
35
35
  dependencies:
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: aws-sdk-core
@@ -39,28 +39,28 @@ dependencies:
39
39
  requirements:
40
40
  - - "~>"
41
41
  - !ruby/object:Gem::Version
42
- version: '3.6'
42
+ version: '3.164'
43
43
  type: :runtime
44
44
  prerelease: false
45
45
  version_requirements: !ruby/object:Gem::Requirement
46
46
  requirements:
47
47
  - - "~>"
48
48
  - !ruby/object:Gem::Version
49
- version: '3.6'
49
+ version: '3.164'
50
50
  - !ruby/object:Gem::Dependency
51
51
  name: webrick
52
52
  requirement: !ruby/object:Gem::Requirement
53
53
  requirements:
54
54
  - - "~>"
55
55
  - !ruby/object:Gem::Version
56
- version: '1.3'
56
+ version: 1.6.1
57
57
  type: :runtime
58
58
  prerelease: false
59
59
  version_requirements: !ruby/object:Gem::Requirement
60
60
  requirements:
61
61
  - - "~>"
62
62
  - !ruby/object:Gem::Version
63
- version: '1.3'
63
+ version: 1.6.1
64
64
  description: Easily provide vagrant machines with AWS credentials by faking an EC2
65
65
  metadata server.
66
66
  email:
@@ -91,8 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
91
91
  - !ruby/object:Gem::Version
92
92
  version: '0'
93
93
  requirements: []
94
- rubyforge_project:
95
- rubygems_version: 2.7.7
94
+ rubygems_version: 3.1.2
96
95
  signing_key:
97
96
  specification_version: 4
98
97
  summary: Easily provide vagrant machines with AWS credentials.
metadata.gz.sig CHANGED
Binary file