vssh 3.3.0__tar.gz → 3.3.4__tar.gz

{vssh-3.3.0/vssh.egg-info → vssh-3.3.4}/PKG-INFO

@@ -1,8 +1,8 @@
 Metadata-Version: 2.4
 Name: vssh
-Version: 3.3.0
+Version: 3.3.4
 Summary: Secure SSH/SCP tool with Tailscale failover, P2P transport, and MCP server
-Author-email: MeshPOP <hello@meshpop.dev>
+Author-email: MeshPOP <mpop@mpop.dev>
 License: MIT
 Project-URL: Homepage, https://github.com/meshpop/vssh
 Project-URL: Repository, https://github.com/meshpop/vssh
@@ -41,10 +41,10 @@ pip install vssh
 
 ```bash
 # Execute remote command
-vssh exec v1 "uptime"
+vssh exec relay1 "uptime"
 
 # Transfer file at 50+ MB/s
-vssh put v1 ./deploy.tar.gz /opt/deploy.tar.gz
+vssh put relay1 ./deploy.tar.gz /opt/deploy.tar.gz
 
 # Check connection status
 vssh status

{vssh-3.3.0 → vssh-3.3.4}/README.md

@@ -18,10 +18,10 @@ pip install vssh
 
 ```bash
 # Execute remote command
-vssh exec v1 "uptime"
+vssh exec relay1 "uptime"
 
 # Transfer file at 50+ MB/s
-vssh put v1 ./deploy.tar.gz /opt/deploy.tar.gz
+vssh put relay1 ./deploy.tar.gz /opt/deploy.tar.gz
 
 # Check connection status
 vssh status

{vssh-3.3.0 → vssh-3.3.4}/pyproject.toml

@@ -4,13 +4,13 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "vssh"
-version = "3.3.0"
+version = "3.3.4"
 description = "Secure SSH/SCP tool with Tailscale failover, P2P transport, and MCP server"
 readme = "README.md"
 license = {text = "MIT"}
 requires-python = ">=3.8"
 authors = [
-    {name = "MeshPOP", email = "hello@meshpop.dev"}
+    {name = "MeshPOP", email = "mpop@mpop.dev"}
 ]
 keywords = ["ssh", "scp", "tailscale", "p2p", "vpn", "mcp", "remote"]
 classifiers = [
@@ -34,5 +34,8 @@ vssh-mcp = "vssh_mcp_server:main"
 Homepage = "https://github.com/meshpop/vssh"
 Repository = "https://github.com/meshpop/vssh"
 
+[project.entry-points."meshpop.mcp"]
+vssh = "vssh_mcp_server"
+
 [tool.setuptools]
-py-modules = ["vssh", "vssh_p2p", "vssh_p2p_fast", "vssh_quic", "vssh_mcp_server"]
+py-modules = ["vssh", "vssh_p2p", "vssh_mcp_server"]

{vssh-3.3.0 → vssh-3.3.4/vssh.egg-info}/PKG-INFO

@@ -1,8 +1,8 @@
 Metadata-Version: 2.4
 Name: vssh
-Version: 3.3.0
+Version: 3.3.4
 Summary: Secure SSH/SCP tool with Tailscale failover, P2P transport, and MCP server
-Author-email: MeshPOP <hello@meshpop.dev>
+Author-email: MeshPOP <mpop@mpop.dev>
 License: MIT
 Project-URL: Homepage, https://github.com/meshpop/vssh
 Project-URL: Repository, https://github.com/meshpop/vssh
@@ -41,10 +41,10 @@ pip install vssh
 
 ```bash
 # Execute remote command
-vssh exec v1 "uptime"
+vssh exec relay1 "uptime"
 
 # Transfer file at 50+ MB/s
-vssh put v1 ./deploy.tar.gz /opt/deploy.tar.gz
+vssh put relay1 ./deploy.tar.gz /opt/deploy.tar.gz
 
 # Check connection status
 vssh status

{vssh-3.3.0 → vssh-3.3.4}/vssh.egg-info/SOURCES.txt

@@ -4,8 +4,6 @@ pyproject.toml
 vssh.py
 vssh_mcp_server.py
 vssh_p2p.py
-vssh_p2p_fast.py
-vssh_quic.py
 vssh.egg-info/PKG-INFO
 vssh.egg-info/SOURCES.txt
 vssh.egg-info/dependency_links.txt

{vssh-3.3.0 → vssh-3.3.4}/vssh.egg-info/entry_points.txt

@@ -1,3 +1,6 @@
 [console_scripts]
 vssh = vssh:main
 vssh-mcp = vssh_mcp_server:main
+
+[meshpop.mcp]
+vssh = vssh_mcp_server

{vssh-3.3.0 → vssh-3.3.4}/vssh.egg-info/top_level.txt

@@ -1,5 +1,3 @@
 vssh
 vssh_mcp_server
 vssh_p2p
-vssh_p2p_fast
-vssh_quic

{vssh-3.3.0 → vssh-3.3.4}/vssh.py

@@ -50,7 +50,7 @@ def _load_tailscale_map() -> dict:
     """Load Wire VPN IP → Tailscale IP mapping"""
     ts_map = {}
 
-    # 1. From config: TAILSCALE.10.99.x.x = 100.x.x.x
+    # 1. From config: TAILSCALE.10.99.85.143 = 100.80.191.6
     for k, v in VSSH_CONFIG.items():
         if k.startswith('TAILSCALE.'):
             wire_ip = k[len('TAILSCALE.'):]
@@ -67,8 +67,8 @@ def _load_tailscale_map() -> dict:
                 parts = line.split()
                 if len(parts) >= 2:
                     ts_map[parts[0]] = parts[1]  # wire_ip tailscale_ip
-        except:
-            pass
+        except (OSError, ValueError) as e:
+            pass  # e silenced
 
     return ts_map
 
@@ -92,7 +92,7 @@ def vssh_connect(host: str, timeout: float = 5.0) -> socket.socket:
             sock.settimeout(timeout)
             sock.connect((ts_ip, PORT))
             return sock
-        except:
+        except (OSError, socket.error):
             # Tailscale also failed — clear cache, try Wire again
             del _FAILOVER_ACTIVE[host]
 
@@ -103,7 +103,7 @@ def vssh_connect(host: str, timeout: float = 5.0) -> socket.socket:
         sock.connect((host, PORT))
         return sock
     except (ConnectionRefusedError, ConnectionError, OSError, socket.timeout) as wire_err:
-        pass
+        pass  # wire_err silenced
 
     # Fallback: try Tailscale IP
     ts_ip = TAILSCALE_MAP.get(host)
@@ -148,7 +148,7 @@ def log_transfer(op: str, host: str, path: str, size: int, duration: float, stat
         _rotate_log(LOG_FILE)
         with open(LOG_FILE, 'a') as f:
             f.write(line)
-    except:
+    except OSError:
         pass  # Don't fail on logging errors
 
 def log_event(op: str, host: str, detail: str, status: str = 'OK'):
@@ -167,8 +167,8 @@ def log_event(op: str, host: str, detail: str, status: str = 'OK'):
         _rotate_log(HISTORY_FILE)
         with open(HISTORY_FILE, 'a') as f:
             f.write(line)
-    except:
-        pass
+    except OSError:
+        pass  # safe to ignore
 
 def get_history(count: int = 20, op_filter: str = None, host_filter: str = None) -> list:
     """Get recent history entries, optionally filtered by op or host"""
@@ -226,7 +226,7 @@ def get_transfer_stats(days: int = 7) -> dict:
                     stats['success'] += 1
                 else:
                     stats['fail'] += 1
-            except:
+            except Exception:
                 continue
 
     return stats
@@ -295,7 +295,7 @@ def verify_auth(received: str, expected_secret: str) -> bool:
         try:
             ts = int(parts[1])
             received_hmac = parts[2]
-        except:
+        except (ValueError, IndexError):
             return False
 
         # Check timestamp within window
@@ -364,8 +364,8 @@ def get_local_ips() -> list:
                     ip = parts[1].split('/')[0]
                     if not ip.startswith('10.99.'):
                         ips.append(ip)
-    except:
-        pass
+    except (OSError, subprocess.SubprocessError):
+        pass  # safe to ignore
     return ips
 
 def get_public_ip() -> str:
@@ -377,10 +377,10 @@ def get_public_ip() -> str:
             try:
                 with urllib.request.urlopen(url, timeout=3) as r:
                     return r.read().decode().strip()
-            except:
+            except (urllib.error.URLError, OSError):
                 continue
-    except:
-        pass
+    except Exception as e:
+        pass  # e silenced
     return ''
 
 def get_network_info_local() -> dict:
@@ -434,8 +434,8 @@ def is_safe_network(host: str) -> Tuple[bool, str]:
             second = int(host.split('.')[1])
             if 16 <= second <= 31:
                 return True, "lan"
-        except:
-            pass
+        except (ValueError, IndexError) as e:
+            pass  # e silenced
 
     # Everything else is public IP - UNSAFE!
     return False, "public_ip_unencrypted"
@@ -462,7 +462,7 @@ def check_transfer_safety(host: str) -> bool:
 
 
 # Wire VPN coordinator servers for name resolution
-WIRE_SERVERS = []  # Loaded from ~/.vssh/config or auto-discovered
+WIRE_SERVERS = ["10.99.85.143", "158.247.247.115", "10.99.74.131", "10.99.249.158"]
 _name_cache = {}  # name -> vpn_ip
 _name_cache_time = 0
 
@@ -499,7 +499,7 @@ def resolve_name(host: str) -> str:
                 if host in _name_cache:
                     return _name_cache[host]
                 break  # got peers, just no match
-        except:
+        except (OSError, ValueError, TimeoutError):
             continue
     return host
 
@@ -556,7 +556,7 @@ def resolve_best_ip(host: str, timeout: float = 0.5) -> str:
 
         sock.close()
     except Exception as e:
-        pass
+        pass  # safe to ignore
 
     return host
 
@@ -568,7 +568,7 @@ def try_connect(host: str, port: int, timeout: float = 0.5) -> bool:
         sock.connect((host, port))
         sock.close()
         return True
-    except:
+    except OSError:
         return False
 
 # ========== Persistent Session ==========
@@ -591,8 +591,8 @@ def cleanup_sessions():
         for sid in expired:
             try:
                 PERSISTENT_SESSIONS[sid]['conn'].close()
-            except:
-                pass
+            except OSError:
+                pass  # safe to ignore
             del PERSISTENT_SESSIONS[sid]
             print(f'[SESSION] Expired: {sid[:8]}...')
     return len(expired)
@@ -644,8 +644,10 @@ def _rpc_get_disk(payload: dict) -> dict:
     """Return disk usage"""
     import subprocess
     path = payload.get('path', '/')
+    if any(c in path for c in [';', '|', '&', '`', '$', '(', ')', '\n']):
+        return {'error': 'invalid path'}
     try:
-        r = subprocess.run(f'df -B1 {path}', shell=True, capture_output=True, text=True, timeout=10)
+        r = subprocess.run(['df', '-B1', path], capture_output=True, text=True, timeout=10)
         lines = r.stdout.strip().split('\n')
         if len(lines) >= 2:
             parts = lines[1].split()
@@ -665,7 +667,7 @@ def _rpc_get_memory(payload: dict) -> dict:
     """Return memory status"""
     import subprocess
     try:
-        r = subprocess.run('free -b', shell=True, capture_output=True, text=True, timeout=10)
+        r = subprocess.run(['free', '-b'], capture_output=True, text=True, timeout=10)
         lines = r.stdout.strip().split('\n')
         if len(lines) >= 2:
             parts = lines[1].split()
@@ -691,7 +693,7 @@ def _rpc_get_load(payload: dict) -> dict:
                 'load15': float(parts[2]),
                 'processes': parts[3]
             }
-    except:
+    except (OSError, ValueError, IndexError):
         return {'error': 'load read failed'}
 
 @rpc_method('get_processes', 'read')
@@ -741,17 +743,17 @@ def _rpc_get_logs(payload: dict) -> dict:
     if service not in log_paths:
         try:
             r = subprocess.run(
-                f'journalctl -u {service} -n {lines} --no-pager',
-                shell=True, capture_output=True, text=True, timeout=10
+                ['journalctl', '-u', service, '-n', str(lines), '--no-pager'],
+                capture_output=True, text=True, timeout=10
             )
             return {'service': service, 'lines': r.stdout.strip().split('\n')}
-        except:
-            pass
+        except (subprocess.SubprocessError, OSError) as e:
+            pass  # e silenced
 
     path = log_paths.get(service)
     if path and os.path.exists(path):
         try:
-            r = subprocess.run(f'tail -{lines} {path}', shell=True, capture_output=True, text=True, timeout=10)
+            r = subprocess.run(['tail', f'-{lines}', path], capture_output=True, text=True, timeout=10)
             return {'service': service, 'path': path, 'lines': r.stdout.strip().split('\n')}
         except Exception as e:
             return {'error': str(e)}
@@ -772,7 +774,7 @@ def _rpc_restart_service(payload: dict) -> dict:
         return {'error': f'service not allowed: {service}', 'allowed': allowed}
 
     try:
-        r = subprocess.run(f'systemctl restart {service}', shell=True, capture_output=True, text=True, timeout=30)
+        r = subprocess.run(['systemctl', 'restart', service], shell=False, capture_output=True, text=True, timeout=30)
         if r.returncode == 0:
             return {'success': True, 'service': service}
         else:
@@ -789,7 +791,7 @@ def _rpc_service_status(payload: dict) -> dict:
         return {'error': 'service required'}
 
     try:
-        r = subprocess.run(f'systemctl is-active {service}', shell=True, capture_output=True, text=True, timeout=10)
+        r = subprocess.run(['systemctl', 'is-active', service], shell=False, capture_output=True, text=True, timeout=10)
         status = r.stdout.strip()
         return {'service': service, 'status': status, 'active': status == 'active'}
     except Exception as e:
@@ -1035,8 +1037,8 @@ def setup_socket(sock, is_send=True):
     # Linux TCP_QUICKACK
     try:
         sock.setsockopt(socket.IPPROTO_TCP, 12, 1)  # TCP_QUICKACK = 12
-    except:
-        pass
+    except OSError:
+        pass  # safe to ignore
     sock.settimeout(600)
 
 def file_hash(path: Path) -> str:
@@ -1464,8 +1466,8 @@ def rsync_put(local: str, remote: str, lan: bool = True) -> bool:
     finally:
         try:
             sock.close()
-        except:
-            pass
+        except OSError:
+            pass  # safe to ignore
 
 # ========== put_fast: Auto-select best method ==========
 FAST_THRESHOLD = 500 * 1024 * 1024  # 500MB for parallel transfer
@@ -2290,7 +2292,7 @@ def rpc(host: str, method: str, payload: dict = None) -> dict:
             # Error response
             try:
                 return json.loads(resp.replace(b'__END__', b'').decode())
-            except:
+            except (json.JSONDecodeError, ValueError, UnicodeDecodeError):
                 return {'error': resp.decode().strip()}
 
         # Send payload
@@ -2346,8 +2348,8 @@ def pty_session(host: str, name: str = ''):
         import shutil
         ts = shutil.get_terminal_size()
         cols, rows = ts.columns, ts.lines
-    except:
-        pass
+    except Exception:
+        pass  # safe to ignore
     
     sock = vssh_connect(host, timeout=10)
     try:
@@ -2383,8 +2385,8 @@ def pty_session(host: str, name: str = ''):
         fd = sys.stdin.fileno()
         old_settings = _termios.tcgetattr(fd)
         _tty.setraw(fd)
-    except:
-        pass
+    except Exception:
+        pass  # safe to ignore
     
     sock.setblocking(False)
     
@@ -2397,7 +2399,7 @@ def pty_session(host: str, name: str = ''):
         while True:
             try:
                 readable, _, _ = _select.select([sys.stdin, sock], [], [], 0.1)
-            except:
+            except (OSError, ValueError):
                 break
             
             for r in readable:
@@ -2418,20 +2420,20 @@ def pty_session(host: str, name: str = ''):
                             raise EOFError
                         sys.stdout.buffer.write(data)
                         sys.stdout.buffer.flush()
-                    except (BlockingIOError):
-                        pass
+                    except (BlockingIOError) as e:
+                        pass  # e silenced
                     except (EOFError, ConnectionError):
                         raise EOFError
-    except (EOFError, KeyboardInterrupt, ConnectionError, BrokenPipeError):
-        pass
+    except (EOFError, KeyboardInterrupt, ConnectionError, BrokenPipeError) as e:
+        pass  # e silenced
     finally:
         # Restore terminal
         if old_settings:
             try:
                 import termios as _termios
                 _termios.tcsetattr(sys.stdin.fileno(), _termios.TCSADRAIN, old_settings)
-            except:
-                pass
+            except Exception:
+                pass  # safe to ignore
         sock.close()
         print()  # newline after raw mode
     
@@ -2585,8 +2587,8 @@ class VsshSession:
             try:
                 self.sock.sendall(f"CLOSE:{self.session_id}\n".encode())
                 self.sock.recv(32)  # CLOSE_OK
-            except:
-                pass
+            except OSError as e:
+                pass  # e silenced
             finally:
                 self.sock.close()
                 self.sock = None
@@ -2949,10 +2951,15 @@ def server():
 
             elif cmd == 'SSH':
                 cmdline = ':'.join(parts[2:])
-                conn.sendall(b'OK\n')
-                print(f'[SSH] {addr[0]}: {cmdline}')
-                result = subprocess.run(cmdline, shell=True, capture_output=True, timeout=60)
-                conn.sendall(result.stdout + result.stderr + b'__END__')
+                _dangerous = ['rm -rf /', 'mkfs ', 'dd if=/dev/zero']
+                if any(d in cmdline for d in _dangerous):
+                    conn.sendall(b'FAIL\n')
+                    print(f'[SSH] BLOCKED dangerous: {cmdline}')
+                else:
+                    conn.sendall(b'OK\n')
+                    print(f'[SSH] {addr[0]}: {cmdline}')
+                    result = subprocess.run(cmdline, shell=True, capture_output=True, timeout=60)
+                    conn.sendall(result.stdout + result.stderr + b'__END__')
 
             elif cmd == 'INFO':
                 conn.sendall(b'OK\n')
@@ -2961,7 +2968,7 @@ def server():
                     try:
                         r = subprocess.run(cmd, shell=True, capture_output=True, text=True, timeout=10)
                         return r.stdout.strip() or r.stderr.strip() or '-'
-                    except:
+                    except (subprocess.SubprocessError, OSError):
                         return '-'
 
                 info = {
@@ -3011,11 +3018,15 @@ def server():
                 # Pipe command output to stdout: PIPE_DOWN:auth:cmd
                 cmdline = ':'.join(parts[2:])
                 print(f'[PIPE_DOWN] {addr[0]}: {cmdline}')
-
-                result = subprocess.run(cmdline, shell=True, capture_output=True, timeout=600)
-                output = result.stdout
-                conn.sendall(f'OK:{len(output)}\n'.encode())
-                conn.sendall(output)
+                _dangerous = ['rm -rf /', 'mkfs ', 'dd if=/dev/zero']
+                if any(d in cmdline for d in _dangerous):
+                    conn.sendall(b'FAIL\n')
+                    print(f'[PIPE_DOWN] BLOCKED dangerous: {cmdline}')
+                else:
+                    result = subprocess.run(cmdline, shell=True, capture_output=True, timeout=600)
+                    output = result.stdout
+                    conn.sendall(f'OK:{len(output)}\n'.encode())
+                    conn.sendall(output)
 
             elif cmd == 'MPUT':
                 # Multiplexed put: MPUT:auth:file_count
@@ -3113,7 +3124,7 @@ def server():
                         payload_data += chunk
                     try:
                         payload = json.loads(payload_data.decode())
-                    except:
+                    except (json.JSONDecodeError, ValueError, UnicodeDecodeError):
                         payload = {}
 
                 print(f'[RPC] {addr[0]}: {method}({payload})')
@@ -3201,8 +3212,8 @@ def server():
                                     payload_data += chunk
                                 try:
                                     payload = json.loads(payload_data.decode())
-                                except:
-                                    pass
+                                except (json.JSONDecodeError, ValueError, UnicodeDecodeError) as e:
+                                    pass  # e silenced
 
                             result = handle_rpc(method, payload, sender_ip=addr[0])
                             conn.sendall(f'RPC_RESULT:{len(result)}\n'.encode())
@@ -3270,6 +3281,14 @@ def server():
 
 def main():
     args = sys.argv[1:]
+    # Handle --version and --help flags
+    if args and args[0] in ("--version", "-v", "-V"):
+        try:
+            from importlib.metadata import version as _v
+            print(f"vssh v{_v('vssh')}")
+        except Exception:
+            print("vssh v3.3.2")
+        return
     if not args:
         print('''vssh v3 - Distributed command & file transport daemon for server meshes
 
@@ -3457,8 +3476,8 @@ Env: VSSH_SECRET
         if len(args) > 1:
             try:
                 days = int(args[1])
-            except:
-                pass
+            except (ValueError, TypeError) as e:
+                pass  # e silenced
         stats = get_transfer_stats(days)
         print(f'Transfer Statistics (last {days} days)')
         print(f'  Total transfers: {stats["total"]}')
@@ -3622,11 +3641,11 @@ Env: VSSH_SECRET
                             buf += chunk
                         try:
                             result['info'] = json.loads(buf.decode())
-                        except:
-                            pass
+                        except (json.JSONDecodeError, ValueError, UnicodeDecodeError) as e:
+                            pass  # e silenced
                 s.close()
-            except:
-                pass
+            except OSError:
+                pass  # safe to ignore
             return result
 
         if full_mode:
@@ -3712,7 +3731,7 @@ Env: VSSH_SECRET
                 print(f"  {r['name']:6s} {r['ip']:18s} ○ offline")
         print(f"\nTotal: {online}/{total} online")
     else:
-        # Unknown command -> try as PTY session shortcut (vssh g3 = vssh session g3)
+        # Unknown command -> try as PTY session shortcut (vssh node3 = vssh session node3)
         host = resolve_name(cmd)
         rc = pty_session(host, cmd)
         if rc != 0: