Move to opensource

Author: smartvpn

.rspec

@@ -0,0 +1 @@
+--color

Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

Gemfile.lock

@@ -0,0 +1,36 @@
+PATH
+  remote: .
+  specs:
+    openvpn-http-hooks (1.0.4)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.3.5)
+    crack (0.4.2)
+      safe_yaml (~> 1.0.0)
+    diff-lcs (1.2.5)
+    metaclass (0.0.4)
+    mocha (1.0.0)
+      metaclass (~> 0.0.1)
+    rspec (2.14.1)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    rspec-core (2.14.8)
+    rspec-expectations (2.14.5)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.14.6)
+    safe_yaml (1.0.1)
+    webmock (1.17.4)
+      addressable (>= 2.2.7)
+      crack (>= 0.3.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  mocha
+  openvpn-http-hooks!
+  rspec
+  webmock

LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2015 SmartVPN.biz
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

README.md

@@ -0,0 +1,22 @@
+#### openvpn-http-hooks
+
+This ruby gem is wrapper for OpenVPN server daemon.
+
+The main purpose of this gem - is to interact with remote API, located at billing system.
+
+This allows to authenticate user, track his connects/disconnects, apply hooks on connect/disconnect.
+
+### Hooks
+
+Built-in hooks allow to implement following features for specific user:
+
+* Automatic routing of I2P sites through I2P router
+* Automatic routing of TOR sites through TOR router
+* Applying selected proxy for all HTTP traffic of specific user
+
+### Disclaimer
+
+This is OpenSource, Free software. You may use it anyway you want. It is provided AS IS.
+
+Check out LICENSE file for more info.
+

bin/openvpn-activate

@@ -0,0 +1,6 @@
+#!/usr/bin/ruby
+
+require 'openvpn-http-hooks'
+
+api = Api::Activation.new
+api.activate

bin/openvpn-authenticate

@@ -0,0 +1,8 @@
+#!/usr/bin/ruby
+
+require 'openvpn-http-hooks'
+
+api_adapter_class = Api::Authentication
+
+authenticator = OpenvpnPasswordAuthenticator.new(ARGV, api_adapter_class)
+authenticator.authenticate

bin/openvpn-connect

@@ -0,0 +1,6 @@
+#!/usr/bin/ruby
+
+require 'openvpn-http-hooks'
+
+connection = Api::Connect.new
+connection.invoke

bin/openvpn-disconnect

@@ -0,0 +1,7 @@
+#!/usr/bin/ruby
+
+require 'openvpn-http-hooks'
+
+connection = Api::Disconnect.new
+connection.invoke
+

lib/api/activation.rb

@@ -0,0 +1,39 @@
+require File.expand_path('../billing', __FILE__)
+
+module Api
+  class Activation < Billing
+
+    def activate
+      if activated_successfully?
+        save_auth_key
+      else
+        raise "Can't activate server at billing"
+      end
+    end
+
+    private
+
+    def activated_successfully?
+      success_api_call?
+    end
+
+    def save_auth_key
+      key = JSON.parse(api_call_result.body)["auth_key"]
+      File.open('/etc/openvpn/auth_key', 'w') { |file| file.write(key) }
+    end
+
+    def signed_data
+      data
+    end
+
+    def data
+      {
+        hostname: hostname
+      }
+    end
+
+    def action
+      "activate"
+    end
+  end
+end

lib/api/authentication.rb

@@ -0,0 +1,27 @@
+require File.expand_path('../billing', __FILE__)
+
+module Api
+  class Authentication < Billing
+    def initialize(login, password)
+      @login, @password = login, password
+    end
+
+    def valid_credentials?
+      success_api_call?
+    end
+
+    private
+
+    def data
+      {
+        login: @login,
+        password: @password,
+        hostname: hostname
+      }
+    end
+
+    def action
+      "auth"
+    end
+  end
+end

lib/api/billing.rb

@@ -0,0 +1,43 @@
+require "socket"
+require 'net/http'
+require 'json'
+require File.expand_path('../../signer', __FILE__)
+
+module Api
+  class Billing
+    API_HOST = "api.smartvpn.biz"
+    KEY_PATH = "/etc/openvpn/auth_key"
+
+    def host_with_port
+      "http://#{API_HOST}"
+    end
+
+    def auth_key
+      File.read(KEY_PATH)
+    end
+
+    def hostname
+      Socket.gethostname
+    end
+
+    def success_api_call?
+      api_call_result.code == '200'
+    end
+
+    def response
+      JSON.parse(api_call_result.body)
+    end
+
+    def api_call_result
+      @api_result ||= Net::HTTP.post_form(uri, signed_data)
+    end
+
+    def uri
+      URI("#{host_with_port}/api/#{action}")
+    end
+
+    def signed_data
+      data.merge!({ signature: Signer.sign_hash(data, auth_key) })
+    end
+  end
+end

lib/api/connect.rb

@@ -0,0 +1,21 @@
+module Api
+  class Connect < Connection
+    def invoke
+      invoke_if_valid_api_call do
+        activate_options
+      end
+    end
+
+    def action
+      'connect'
+    end
+
+    private
+
+    def activate_options
+      options.each do |code, data|
+        data[:option_class].activate(common_name, data[:attributes])
+      end
+    end
+  end
+end

lib/api/connection.rb

@@ -0,0 +1,66 @@
+require File.expand_path('../billing', __FILE__)
+
+module Api
+  class Connection < Billing
+    def invoke_if_valid_api_call(&block)
+      yield if success_api_call?
+      trigger_script_return
+    end
+
+    def trigger_script_return
+      if success_api_call?
+        exit 0
+      else
+        exit 1
+      end
+    end
+
+    def common_name
+      response["common_name"]
+    end
+
+    def options
+      result = {}
+      option_codes.reduce(result) do |options_with_codes, option_code|
+        options_with_codes[option_code] =
+          {
+            option_class: Option::Repository.find_by_code(option_code),
+            attributes: attributes_for_option(option_code)
+          }
+        options_with_codes
+      end
+      result
+    end
+
+    private
+
+    def data
+      {
+        hostname: hostname,
+        traffic_in: traffic_in,
+        traffic_out: traffic_out,
+        login: ENV['common_name']
+      }
+    end
+
+    def option_codes
+      response["options"]
+    end
+
+    def option_attributes
+      response["option_attributes"]
+    end
+
+    def attributes_for_option(code)
+      option_attributes[code]
+    end
+
+    def traffic_in
+      ENV['bytes_received'] || "0"
+    end
+
+    def traffic_out
+      ENV['bytes_sent'] || "0"
+    end
+  end
+end

lib/api/disconnect.rb

@@ -0,0 +1,21 @@
+module Api
+  class Disconnect < Connection
+    def invoke
+      invoke_if_valid_api_call do
+        deactivate_options
+      end
+    end
+
+    def action
+      'disconnect'
+    end
+
+    private
+
+    def deactivate_options
+      options.each do |code, data|
+        data[:option_class].deactivate(common_name, data[:attributes])
+      end
+    end
+  end
+end

lib/exceptions/option_not_found.rb

@@ -0,0 +1,2 @@
+class OptionNotFound < StandardError
+end

lib/openvpn-http-hooks.rb

@@ -0,0 +1,19 @@
+require 'api/activation'
+require 'api/authentication'
+require 'api/connection'
+require 'api/connect'
+require 'api/disconnect'
+
+require 'option/base'
+require 'option/i2p'
+require 'option/proxy'
+require 'option/repository'
+
+require 'system/openvpn_status'
+require 'system/openvpn_status_log_reader'
+require 'system/openvpn_status_log_parser'
+
+require 'exceptions/option_not_found'
+
+require 'openvpn_password_authenticator'
+require 'signer'

lib/openvpn_password_authenticator.rb

@@ -0,0 +1,18 @@
+class OpenvpnPasswordAuthenticator
+  attr_accessor :api
+
+  def initialize(args, api_adapter_class)
+    content = File.read(args[0])
+    @login, @password = content.split("\n")
+    @api = api_adapter_class.new(@login, @password)
+  end
+
+  def authenticate
+    if @api.valid_credentials?
+      exit 0
+    else
+      exit 1
+    end
+  end
+
+end