Verified Commit 88fa8e73 authored by Katharina Fey's avatar Katharina Fey 🏴
Browse files

Updating dependencies to blake 0.8 and actix 1.0 beta

parent ee142e1c
This diff is collapsed.
......@@ -7,11 +7,11 @@ edition = "2018"
[dependencies]
serde = { version = "1.0", features = ["derive"] }
serde_yaml = "0.8"
actix-web = "0.7"
actix-web = { git = "https://github.com/actix/actix-web" }
clap = "2.33"
miscreant = { version = "0.4", features = ["soft-aes"] }
blake2 = "0.7"
blake2 = "0.8"
keybob = "0.3"
base64 = "0.10"
textwrap = "0.11"
\ No newline at end of file
......@@ -73,7 +73,7 @@ Don't forget to generate a `$FORGE_SALT`
```
echo $FORGE_TOKEN | forgectl hash --salt $FORGE_SALT
0qG98Nw81zaF68ft70nv4w===0w0=aaJi5id1ooleeboh
amEDe7/DpJKuJN5nwC77rUsDZ1Vkam0bQadcosseHi8==0w0=aaJi5id1ooleeboh
```
At this point you can also setup deploy secrets. This could be used
......
use crate::PrettyHash;
use clap::ArgMatches;
use std::io::{stdin, Read};
use crate::PrettyHash;
mod utils {
pub use crate::*;
......
pub mod config;
pub mod hash;
pub mod setup;
pub mod secret;
pub mod config;
pub mod setup;
pub mod server;
use blake2::digest::{Input, VariableOutput};
use blake2::Blake2s;
// use blake2::digest::{Input, VariableOutput};
use blake2::{Blake2s, Digest};
use keybob::{Key, KeyType};
use miscreant::siv::Aes256Siv;
......@@ -14,7 +16,7 @@ use serde::{Deserialize, Serialize};
use serde_yaml;
use textwrap::fill;
const BLAKE_16_LENGTH: usize = 16;
const BLAKE_16_LENGTH: usize = 32;
const SALT_DIVIDER: &'static str = "=0w0=";
/// A blake16 hash, consisting of a byte array and salt
......@@ -62,19 +64,18 @@ fn log_fatal(msg: &str) -> ! {
/// Hash a salted value with blake2
pub fn blake2<'salt>(data: &str, salt: &'salt str) -> Hash<'salt> {
let mut hasher = match Blake2s::new(BLAKE_16_LENGTH) {
Ok(res) => res,
Err(some) => panic!(some),
};
let mut hasher = Blake2s::new();
let to_hash = format!("{}{}{}", data, SALT_DIVIDER, salt);
hasher.process(to_hash.as_bytes());
let mut buffer = [0u8; BLAKE_16_LENGTH];
match hasher.variable_result(&mut buffer) {
Ok(res) => res,
Err(e) => panic!(e),
};
hasher.input(to_hash.as_bytes());
let buffer = hasher.result().as_slice().iter().zip(0..).fold(
[0; BLAKE_16_LENGTH],
|mut slice, (x, i)| {
slice[i] = *x;
slice
},
);
Hash(buffer, salt)
}
......
use actix_web::{http, server, App, HttpMessage, HttpRequest, Json, Responder};
use clap::{App as ClapApp, Arg, ArgMatches};
use std::convert::From;
use std::env;
use forge;
#[derive(Clone, Debug)]
struct Params {
bind: String,
port: u16,
route: String,
token: String,
}
impl<'a> From<ArgMatches<'a>> for Params {
fn from(m: ArgMatches<'a>) -> Self {
Self {
bind: m
.value_of("BIND")
.unwrap_or(&env::var("FORGE_BIND").unwrap_or("0.0.0.0".into()))
.into(),
port: m
.value_of("PORT")
.unwrap_or(&env::var("FORGE_PORT").unwrap_or("12220".into()))
.parse::<u16>()
.unwrap(),
route: m
.value_of("ROUTE")
.unwrap_or(&env::var("FORGE_ROUTE").unwrap_or("/rebuild".into()))
.into(),
token: m.value_of("TOKEN").unwrap().into(),
}
}
}
fn handle_token(req: &HttpRequest) -> impl Responder {
let h = req.headers();
let event = h.get("x-gitlab-event").expect("Request didn't include `x-gitlab-event`");
let token = h.get("x-gitlab-token").expect("Request didn't include `x-gitlab-event`");
let token_hash = forge::blake2("<data>", "<salt>");
format!("")
}
fn main() {
let app = ClapApp::new("forge-server")
.version("0.1.0")
.about("The `forge` deployment server")
.arg(
Arg::with_name("BIND")
.long("bind")
.short("b")
.takes_value(true)
.help("Address to bind to (default 0.0.0.0)"),
).arg(
Arg::with_name("PORT")
.long("port")
.short("p")
.takes_value(true)
.help("Port to bind to (default 12220)"),
).arg(
Arg::with_name("ROUTE")
.long("route")
.short("r")
.takes_value(true)
.help("Route to bind to (default \"/rebuild\")"),
).arg(
Arg::with_name("TOKEN")
.long("token")
.short("t")
.takes_value(true)
.required(true)
.help("Token to accept (required)"),
);
// Get parameters from CLI, env vars or default values
let params: Params = app.get_matches().into();
let route = params.route.clone();
server::new(move || {
App::new().resource(&route, |r| r.method(http::Method::POST).f(handle_token))
}).bind(&format!("{}:{}", params.bind, params.port))
.unwrap()
.run();
}
// use actix_web::{middleware, web, App, HttpRequest, HttpResponse, Json};
// use std::env;
// mod utils {
// pub use crate::*;
// }
// struct Params {
// bind: String,
// port: u16,
// token: String,
// salt: String,
// }
// impl Params {
// pub fn new() -> Self {
// Self {
// bind: env::var("FORGE_BIND").unwrap_or("0.0.0.0".into()).into(),
// port: env::var("FORGE_PORT")
// .unwrap_or("12220".into())
// .parse::<u16>()
// .unwrap(),
// token: env::var("FORGE_TOKEN").unwrap().into(),
// salt: env::var("FORGE_TOKEN_SALT").unwrap().into(),
// }
// }
// }
// fn handle_token(state: &Params, req: &HttpRequest) -> impl Responder {
// let h = req.headers();
// let event = h
// .get("x-gitlab-event")
// .expect("Request didn't include `x-gitlab-event`");
// let token = h
// .get("x-gitlab-token")
// .expect("Request didn't include `x-gitlab-event`");
// // utils::blake2_verify("hash: Hash", token);
// format!("")
// }
// pub fn run() {
// let params = Params::new();
// server::new(move || {
// App::new()
// .data(&params)
// .wrap(middleware::Logger::default())
// .service(web::resource("/").to(handle_token(state: &Params, req: &HttpRequest)))
// })
// .bind("127.0.0.1:8080").unwrap()
// .run();
// // server::new(move || App::new().data(&params).resource("/", |r| r.method(http::Method::POST).f(handle_token)))
// // .bind(&format!("{}:{}", params.bind, params.port))
// // .unwrap()
// // .run();
// }
// use actix_web::{middleware, web, App, HttpRequest, HttpResponse, HttpServer};
// /// simple handle
// fn index(state: web::Data<Arc<Mutex<usize>>>, req: HttpRequest) -> HttpResponse {
// println!("{:?}", req);
// *(state.lock().unwrap()) += 1;
// HttpResponse::Ok().body(format!("Num of requests: {}", state.lock().unwrap()))
// }
// pub fn run() {
// let counter = Arc::new(Mutex::new(0));
// HttpServer::new(move || {
// App::new()
// .data(counter.clone())
// // register simple handler, handle all methods
// .service(web::resource("/").to(index))
// })
// .bind("127.0.0.1:8080").unwrap()
// .run();
// }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment