incubator/coffer
1
0
Fork 0
Code Issues Pull requests Releases 2 Wiki Activity
coffer/coffer-client/src/main.rs

93 lines
2.5 KiB
Rust
Raw Normal View History

First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
#[allow(unused_imports)]
use log::{debug, error, info, trace, warn};
use env_logger;
use structopt::StructOpt;
use std::fs::File;
use std::error::Error;
use std::net::TcpStream;
use std::net::SocketAddr;
use std::net::IpAddr;
use std::path::PathBuf;
use std::io::BufRead;
use std::io::BufReader;
use std::io::Write;
#[derive(StructOpt, Debug)]
struct Args {
/// The port secsrv is listening on
#[structopt(short, long, env = "SECSRV_PORT", default_value = "9187")]
port: u16,
/// The address secsrv binds to
#[structopt(short, long, env = "SECSRV_IP", default_value = "127.0.0.1")]
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
ip: IpAddr,
/// Path to the keys file
#[structopt(parse(from_os_str), env = "SECSRV_SECRETS", hide_env_values = true)]
secrets: PathBuf,
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
/// The subcommand spawned by coffer-client
cmd: String,
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
/// Arguments to the subcommand spawned by coffer-client
cmd_args: Vec<String>
}
fn main() -> Result<(), Box<dyn Error>> {
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
env_logger::init();
let args = Args::from_args();
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
info!{"Connecting to coffer server"}
let addr = SocketAddr::from((args.ip, args.port));
let stream: TcpStream = TcpStream::connect(addr)?;
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
info!{"Parsing key requests"}
let keys = parse_from_path(&args.secrets)?;
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
info!{"Reading secrets"}
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
retrieve_secrets(&keys, stream)?;
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
info!{"Spawning coffer'ed command, reaping coffer"}
reap_coffer(&args.cmd, &args.cmd_args);
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
Err("Could not spawn sub-command".into())
}
fn retrieve_secrets(keys: &Vec<String>, mut stream: TcpStream) -> Result<(), Box<dyn Error>>{
for k in keys {
let buf = serde_cbor::to_vec(&k)?;
info!{"Sending key request {} as {:?}", k, buf}
stream.write_all(&buf.len().to_be_bytes())?;
stream.write_all(&buf)?;
info!{"Reading response"}
let mut reader = BufReader::new(&stream); // get buffered reader for line-wise reading from stream
// read line
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
let mut resp = String::new();
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
reader.read_line(&mut resp)?;
info!{"Retrieved secret. Setting environment"}
std::env::set_var(k.trim(), resp.trim());
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
}
Ok(())
}
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
fn reap_coffer(cmd: &str, args: &Vec<String>) {
let mut cmd = exec::Command::new(cmd);
// TODO Push cmd as first arg if not already set?
cmd.args(args);
let err = cmd.exec();
error!{"Could not execute sub-command {}", err};
}
fn parse_from_path(path: &PathBuf) -> Result<Vec<String>, Box<dyn Error>> {
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
let sec_file = File::open(path)?;
[client] Set up environment, spawn subprocess - Coffer client sets up the environment from the keys and secrets read - Coffer client spawns a subprocess and reaps itself Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-27 22:00:18 +00:00
Ok(serde_yaml::from_reader::<_, Vec<String>>(sec_file)?)
First version - secsrv handling out secrets - secsrv-companion helping in generating input - secsrv-client retrieving secrets Signed-off-by: Armin Friedl <dev@friedl.net>
2019-11-23 21:42:07 +00:00
}
Reference in a new issue Copy permalink