Exemple #1
0
func loadTunnel(name string, local bool) *conf.Config {
	var err error
	var tun string

	cl := NewClient(serverAddress(), moleIni.Get("server", "fingerprint"))

	if local {
		fd, err := os.Open(name)
		fatalErr(err)
		bs, err := ioutil.ReadAll(fd)
		fatalErr(err)
		tuni, err := authenticated(cl, func() (interface{}, error) { return cl.Deobfuscate(string(bs)) })
		fatalErr(err)
		tun = tuni.(string)
	} else {
		tuni, err := authenticated(cl, func() (interface{}, error) { return cl.Get(name) })
		fatalErr(err)
		tun = tuni.(string)
		tun, err = cl.Deobfuscate(tun)
		fatalErr(err)
	}

	cfg, err := conf.Load(bytes.NewBufferString(tun))
	fatalErr(err)
	return cfg
}
Exemple #2
0
func loadFile(f string) (*conf.Config, error) {
	fd, err := os.Open(f)
	if err != nil {
		panic(err)
	}
	return conf.Load(fd)
}
Exemple #3
0
func showCommand(args []string) {
	fs := flag.NewFlagSet("show", flag.ExitOnError)
	raw := fs.Bool("r", false, "Show raw tunnel file")
	fs.Usage = usageFor(fs, msgShowUsage)
	fs.Parse(args)
	args = fs.Args()

	if len(args) != 1 {
		fs.Usage()
		exit(3)
	}

	cl := NewClient(serverAddress(), moleIni.Get("server", "fingerprint"))
	res, err := authenticated(cl, func() (interface{}, error) { return cl.Get(args[0]) })
	fatalErr(err)
	tun := res.(string)

	if *raw {
		// No log function, since it must be possible to pipe to a valid file
		fmt.Printf(tun)
	} else {
		cfg, err := conf.Load(bytes.NewBufferString(tun))
		fatalErr(err)

		if remapIntfs {
			cfg.Remap()
		}

		for _, cmt := range cfg.Comments {
			infoln("; " + cmt)
		}
		for _, cmt := range cfg.General.Comments {
			infoln("; " + cmt)
		}
		for _, host := range cfg.Hosts {
			infof("Host %q", host.Name)
			infof("  %s@%s:%d", host.User, host.Addr, host.Port)
			if host.Pass != "" {
				infoln("  Password authentication")
			}
			if host.Key != "" {
				infoln("  Key authentication")
			}
		}
		for _, fwd := range cfg.Forwards {
			infof("Forward %q", fwd.Name)
			for _, cmt := range fwd.Comments {
				infoln("  ; " + cmt)
			}
			for _, line := range fwd.Lines {
				infoln("  " + line.String())
			}
		}
	}
}
Exemple #4
0
func storeList(rw http.ResponseWriter, req *http.Request) {
	defer listCacheLock.Unlock()
	listCacheLock.Lock()

	if listCache == nil {
		files, err := filepath.Glob(storeDir + "/data/*.ini")
		if err != nil {
			rw.WriteHeader(500)
			rw.Write([]byte(err.Error()))
			return
		}

		for _, file := range files {
			item := listItem{
				Name: path.Base(file[:len(file)-4]),
			}

			f, err := os.Open(file)
			if err != nil {
				log.Printf("Warning: %q: %s", file, err)
				item.Features = conf.FeatureError
				item.Description = "- unreadable -"
				listCache = append(listCache, item)
				continue
			}

			cfg, err := conf.Load(f)
			f.Close()
			if err != nil {
				log.Printf("Warning: %q: %s", file, err)
				item.Features = conf.FeatureError
				item.Description = "- parse error -"
				listCache = append(listCache, item)
				continue
			}

			var hosts []string
			for _, h := range cfg.Hosts {
				hosts = append(hosts, h.Name)
			}

			item.Features = cfg.FeatureFlags()
			item.Description = cfg.General.Description
			item.Hosts = hosts
			item.Version = float64(cfg.General.Version) / 100
			listCache = append(listCache, item)
		}
	}

	rw.Header().Set("Content-Type", "application/json")
	json.NewEncoder(rw).Encode(listCache)
}
Exemple #5
0
func pushCommand(args []string) {
	fs := flag.NewFlagSet("push", flag.ExitOnError)
	fs.Usage = usageFor(fs, msgPushUsage)
	fs.Parse(args)
	args = fs.Args()

	if len(args) != 1 {
		fs.Usage()
		exit(3)
	}

	filename := filepath.Base(args[0])
	if ext := filepath.Ext(filename); ext != ".ini" {
		fatalf(msgFileNotInit, filename)
	}

	// Read
	file, err := os.Open(args[0])
	fatalErr(err)
	bs, err := ioutil.ReadAll(file)
	fatalErr(err)
	_ = file.Close()

	// Verify
	_, err = conf.Load(bytes.NewBuffer(bs))
	fatalErr(err)

	// Push
	tunnelname := filename[:len(filename)-4]
	cl := NewClient(serverAddress(), moleIni.Get("server", "fingerprint"))
	_, err = authenticated(cl, func() (interface{}, error) {
		return nil, cl.Put(tunnelname, bytes.NewBuffer(bs))
	})
	fatalErr(err)

	okf(msgOkPushed, tunnelname)
}
Exemple #6
0
func putFile(rw http.ResponseWriter, req *http.Request) {
	defer func() {
		defer listCacheLock.Unlock()
		listCacheLock.Lock()
		listCache = nil
	}()

	tun := req.URL.Path[7:]
	if !filenamePattern.MatchString(tun) {
		rw.WriteHeader(403)
		rw.Write([]byte("filename not conformant to " + filenamePattern.String()))
		return
	}

	iniFile := path.Join(storeDir, "data", tun)
	// Read pushed data
	data, err := ioutil.ReadAll(req.Body)
	req.Body.Close()
	if err != nil {
		rw.WriteHeader(500)
		rw.Write([]byte(err.Error()))
		return
	}

	// Verify the configuration
	_, err = conf.Load(bytes.NewBuffer(data))
	if err != nil {
		rw.WriteHeader(500)
		rw.Write([]byte(err.Error()))
		return
	}

	// Get the raw INI
	inf := ini.Parse(bytes.NewBuffer(data))

	// Obfuscate
	shouldSaveKeys := false
	for _, section := range inf.Sections() {
		for _, option := range inf.Options(section) {
			for i := range obfuscateKeys {
				if option == obfuscateKeys[i] {
					val := inf.Get(section, option)
					if oval := obfuscate(val); oval != val {
						inf.Set(section, option, oval)
						shouldSaveKeys = true
					}
					break
				}
			}
		}
	}
	if shouldSaveKeys {
		saveKeys()
	}

	// Save
	outf, err := os.Create(iniFile)
	if err != nil {
		rw.WriteHeader(500)
		rw.Write([]byte(err.Error()))
		return
	}
	inf.Write(outf)
	outf.Close()

	if !disableGit {
		// Commit
		dir := path.Join(storeDir, "data")
		user := req.Header.Get("X-Mole-Authenticated")
		gitCommit(dir, "push "+tun, user)
	}
}