Merge branch 'master' into release

.circleci/config.yml

@@ -104,7 +104,7 @@ jobs:
           command: mkdir -p ~/.ssh/ && echo -e "Host github.com\n\tStrictHostKeyChecking no\n" >> ~/.ssh/config
       - run:
           name: Install system dependencies
-          command: brew upgrade python@2 python; brew install cmake; brew install protobuf libsodium gflags
+          command: brew remove python@2; brew upgrade python; brew install cmake; brew install protobuf libsodium gflags
       - checkout
       - run:
           name: Init submodules

.github/FUNDING.yml

@@ -0,0 +1,3 @@
+# These are supported funding model platforms
+
+github: MisterTea

CMakeLists.txt

@@ -1,5 +1,5 @@
 cmake_minimum_required (VERSION 3.0.2)
-project (EternalTCP VERSION 6.0.5)
+project (EternalTCP VERSION 6.0.6)
 
 SET(CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/external_imported/sanitizers-cmake/cmake" ${CMAKE_MODULE_PATH})
 FIND_PACKAGE(Sanitizers)

README.md

@@ -53,7 +53,7 @@ Install dependencies:
 sudo yum -y install epel-release
 sudo yum install cmake3
 sudo yum install boost-devel libsodium-devel ncurses-devel protobuf-devel \
-protobuf-compiler cmake gflags-devel
+protobuf-compiler cmake gflags-devel protobuf-lite-devel
 ```
 
 Download and install from source:

deployment/arch.Dockerfile

@@ -2,7 +2,7 @@ FROM archlinux:latest
 LABEL maintainer="Jason Gauci ([email protected])"
 
 RUN pacman -Syu --noconfirm
-RUN pacman -Syu --noconfirm jq git base-devel sudo go openssh
+RUN pacman -Syu --noconfirm jq git base-devel sudo go openssh emacs
 RUN useradd builduser
 RUN passwd -d builduser
 RUN printf 'builduser ALL=(ALL) ALL\n' | tee -a /etc/sudoers # Allow the builduser passwordless sudo
@@ -25,9 +25,9 @@ RUN git config --global user.email "[email protected]" # Not needed for github
 RUN git config --global user.name "Foo Bar"
 
 WORKDIR /home/builduser
-RUN git clone https://aur.archlinux.org/eternalterminal.git arch_et
+RUN git clone ssh://aur@aur.archlinux.org/eternalterminal.git arch_et
 
-RUN git clone --branch release [email protected]:MisterTea/EternalTerminal.git
+RUN git clone --branch `curl https://api.github.com/repos/mistertea/EternalTerminal/releases/latest | jq '.tag_name' | sed 's/"//g'` [email protected]:MisterTea/EternalTerminal.git
 RUN mkdir -p EternalTerminal/build
 WORKDIR /home/builduser/EternalTerminal/build
 RUN cmake ..

deployment/debian/Vagrantfile

@@ -12,12 +12,12 @@ Vagrant.configure("2") do |config|
 
   # Every Vagrant development environment requires a box. You can search for
   # boxes at https://vagrantcloud.com/search.
-  config.vm.box = "debian/stretch64"
+  config.vm.box = "debian/buster64"
   config.ssh.shell = "sh"
 
   config.vm.provider "virtualbox" do |v|
     v.memory = 2048
-    v.cpus = 4
+    v.cpus = 8
   end
 
   # Disable automatic box update checking. If you disable this, then
@@ -75,7 +75,9 @@ Vagrant.configure("2") do |config|
   # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
   # documentation for more information about their specific syntax and use.
   config.vm.provision "shell", privileged: true, inline: <<-SHELL
-  apt update && apt install -y build-essential git curl devscripts aptly dput jq libsodium-dev libprotobuf-dev protobuf-compiler cmake libutempter-dev debhelper dh-systemd pbuilder ubuntu-dev-tools openssh-server qemu qemu-user-static debootstrap binfmt-support
+  apt update
+  DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -q -y -o "Dpkg::Options::=--force-confdef" -o "Dpkg::Options::=--force-confold" upgrade
+  apt install -y build-essential git curl devscripts aptly dput jq libsodium-dev libprotobuf-dev protobuf-compiler cmake libutempter-dev debhelper git-lfs dh-systemd pbuilder ubuntu-dev-tools openssh-server qemu qemu-user-static debootstrap binfmt-support
 SHELL
 
   config.vm.provision "shell", privileged: false, inline: <<-SHELL
@@ -84,8 +86,11 @@ SHELL
   git config --global user.name "Jason Gauci"
 
   sudo chmod -R 0700 ~/.gnupg ~/.ssh
+  git lfs install
   
   echo "PBUILDERSATISFYDEPENDSCMD=/usr/lib/pbuilder/pbuilder-satisfydepends-apt" > ~/.pbuilderrc
+  echo "default-cache-ttl 34560000
+max-cache-ttl 34560000" > ~/.gnupg/gpg-agent.conf
   
   ssh-keyscan github.com >> ~/.ssh/known_hosts
   git clone --branch release [email protected]:MisterTea/EternalTerminal.git

deployment/debian/build_all_deb.sh

@@ -3,7 +3,7 @@ set -x
 
 wget `curl https://api.github.com/repos/mistertea/EternalTerminal/releases/latest | jq '.tarball_url' | sed 's/"//g'` -O `curl https://api.github.com/repos/mistertea/EternalTerminal/releases/latest | jq '.tag_name' | sed 's/"//g' | sed 's/et-v/et_/g' | sed 's/$/.orig.tar.gz/g'`
 
-for distro in `distro-info --supported | grep -v experimental`; do
+for distro in `distro-info --supported | grep -v experimental | grep -v sid`; do
     rm -Rf EternalTerminal/debian
     cp -Rf debian_SOURCE EternalTerminal/debian
     sed -i "s/##DISTRO##/${distro}/g" EternalTerminal/debian/changelog
@@ -23,11 +23,11 @@ for distro in `distro-info --supported | grep -v experimental`; do
     pbuilder-dist ${distro} arm64 update
     pbuilder-dist ${distro} arm64 build *.dsc
 
-    aptly repo add et-${distro} ~/pbuilder/${distro}*_result/*.deb
+    aptly repo add -force-replace=true et-${distro} ~/pbuilder/${distro}*_result/*.deb
     aptly publish drop ${distro} || true
     aptly publish repo et-${distro}
 done
 
-rsync -raz --delete --progress ~/.aptly/public/* ~/github/debian-et/debian-source/
+rsync -raz --delete --progress ~/.aptly/public/* ~/debian-et/debian-source/
 
 echo "Go to ~/debian-et/ and push the new packages."

deployment/debian/debian_SOURCE/changelog

@@ -1,3 +1,15 @@
+et (6.0.5-##DISTRO##2) ##DISTRO##; urgency=medium
+
+  * Add arm64 build on Ubuntu
+
+ -- Jason Gauci <[email protected]>  Sat, 25 Jan 2020 16:36:51 -0800
+
+et (6.0.5-##DISTRO##1) ##DISTRO##; urgency=medium
+
+  * Various compatibility fixes
+
+ -- Jason Gauci <[email protected]>  Mon, 14 Oct 2019 16:36:51 -0800
+
 et (6.0.4-##DISTRO##2) ##DISTRO##; urgency=medium
 
   * Fix bug in et.service

deployment/fedora.Dockerfile

@@ -5,7 +5,7 @@ WORKDIR /root
 RUN mkdir .ssh
 COPY id_rsa .ssh/
 COPY id_rsa.pub .ssh/
-RUN chmod 0400 .ssh/id_rsa
+RUN chmod -R 0700 ~/.ssh
 
 ENV KRB5_TRACE="/dev/stdout kinit [email protected]"
 

src/base/Headers.hpp

@@ -78,6 +78,8 @@ inline std::ostream& operator<<(std::ostream& os,
 
 #include "ThreadPool.h"
 
+#include <sodium.h>
+
 using namespace std;
 
 namespace google {}
@@ -199,6 +201,20 @@ inline bool waitOnSocketData(int fd) {
   return FD_ISSET(fd, &fdset);
 }
 
+inline string genRandomAlphaNum(int len) {
+  static const char alphanum[] =
+      "0123456789"
+      "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+      "abcdefghijklmnopqrstuvwxyz";
+  string s(len, '\0');
+
+  for (int i = 0; i < len; ++i) {
+    s[i] = alphanum[randombytes_uniform(sizeof(alphanum) - 1)];
+  }
+
+  return s;
+}
+
 }  // namespace et
 
 inline bool operator==(const google::protobuf::MessageLite& msg_a,

src/terminal/SshSetupHandler.cpp

@@ -4,20 +4,6 @@
 #include <sys/wait.h>
 
 namespace et {
-string genRandom(int len) {
-  static const char alphanum[] =
-      "0123456789"
-      "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-      "abcdefghijklmnopqrstuvwxyz";
-  string s(len, '\0');
-
-  for (int i = 0; i < len; ++i) {
-    s[i] = alphanum[randombytes_uniform(sizeof(alphanum) - 1)];
-  }
-
-  return s;
-}
-
 string genCommand(const string &passkey, const string &id,
                   const string &clientTerm, const string &user, bool kill,
                   const string &command_prefix, const string &options) {
@@ -46,8 +32,12 @@ string SshSetupHandler::SetupSsh(const string &user, const string &host,
     // Default to xterm-256color
     clientTerm = envString;
   }
-  string passkey = genRandom(32);
-  string id = genRandom(16);
+  string passkey = genRandomAlphaNum(32);
+  string id = genRandomAlphaNum(16);
+
+  id[0] = id[1] = id[2] = 'X';  // For compatibility with old servers that do
+                                // not generate their own keys
+
   string cmdoptions{"--verbose=" + std::to_string(vlevel)};
   if (!serverFifo.empty()) {
     cmdoptions += " --serverfifo=" + serverFifo;
@@ -112,15 +102,9 @@ string SshSetupHandler::SetupSsh(const string &user, const string &host,
       }
       auto idpasskey = sshBuffer.substr(passKeyIndex + 10, 16 + 1 + 32);
       auto idpasskey_splited = split(idpasskey, '/');
-      string returned_id = idpasskey_splited[0];
-      string returned_passkey = idpasskey_splited[1];
-      if (returned_id == id && returned_passkey == passkey) {
-        LOG(INFO) << "etserver started";
-      } else {
-        LOG(FATAL) << "client/server idpasskey doesn't match: " << id
-                   << " != " << returned_id << " or " << passkey
-                   << " != " << returned_passkey;
-      }
+      id = idpasskey_splited[0];
+      passkey = idpasskey_splited[1];
+      LOG(INFO) << "etserver started";
     } catch (const runtime_error &err) {
       cout << "Error initializing connection" << err.what() << endl;
     }
@@ -163,21 +147,19 @@ string SshSetupHandler::SetupSsh(const string &user, const string &host,
           idpasskey.erase(idpasskey.find_last_not_of(" \n\r\t") + 1);
           idpasskey = idpasskey.substr(0, 16 + 1 + 32);
           auto idpasskey_splited = split(idpasskey, '/');
-          string returned_id = idpasskey_splited[0];
-          string returned_passkey = idpasskey_splited[1];
-          if (returned_id == id && returned_passkey == passkey) {
-            LOG(INFO) << "jump client started.";
-          } else {
-            LOG(FATAL) << "client/server idpasskey doesn't match: " << id
-                       << " != " << returned_id << " or " << passkey
-                       << " != " << returned_passkey;
-          }
+          id = idpasskey_splited[0];
+          passkey = idpasskey_splited[1];
         } catch (const runtime_error &err) {
           cout << "Error initializing connection" << err.what() << endl;
         }
       }
     }
   }
+
+  if (id.length() == 0 || passkey.length() == 0) {
+    LOG(FATAL) << "Somehow missing id or passkey: " << id.length() << " "
+               << passkey.length();
+  }
   return id + "/" + passkey;
 }
 }  // namespace et

src/terminal/TerminalMain.cpp

@@ -103,8 +103,20 @@ int main(int argc, char** argv) {
         exit(1);
       }
       auto tokens = split(stdinData, '_');
-      idpasskey = tokens[0];
-      FATAL_FAIL(setenv("TERM", tokens[1].c_str(), 1));
+      if (tokens.size() == 2) {
+        idpasskey = tokens[0];
+        if (idpasskey.substr(0, 3) == std::string("XXX")) {
+          // New client connecting to new server, throw away passkey and
+          // regenerate
+          string passkey = genRandomAlphaNum(32);
+          string id = genRandomAlphaNum(16);
+          idpasskey = id + string("/") + passkey;
+        }
+
+        FATAL_FAIL(setenv("TERM", tokens[1].c_str(), 1));
+      } else {
+        LOG(FATAL) << "Invalid number of tokens: " << tokens.size();
+      }
     } else {
       string idpasskey = result["idpasskey"].as<string>();
       if (result.count("idpasskeyfile")) {

src/terminal/TerminalServerMain.cpp

@@ -116,6 +116,10 @@ int main(int argc, char **argv) {
       serverFifo = result["serverfifo"].as<string>();
     }
 
+    if (result.count("port")) {
+      port = result["port"].as<int>();
+    }
+
     GOOGLE_PROTOBUF_VERIFY_VERSION;
     srand(1);
 

src/terminal/UserTerminalRouter.cpp

@@ -36,7 +36,6 @@ IdKeyPair UserTerminalRouter::acceptNewConnection() {
       LOG(FATAL) << "Got an invalid packet header: " << int(packet.getHeader());
     }
     TerminalUserInfo tui = stringToProto<TerminalUserInfo>(packet.getPayload());
-    VLOG(1) << "Got id/passkey: " << tui.id() << "/" << tui.passkey();
     tui.set_fd(terminalFd);
     idInfoMap[tui.id()] = tui;
     return IdKeyPair({tui.id(), tui.passkey()});