├── .clippy.toml
├── .deepsource.toml
├── .github
    ├── dependabot.yml
    └── workflows
    │   ├── main.yml
    │   └── release.yml
├── .gitignore
├── .prettierrc.toml
├── CHANGELOG.md
├── Cargo.lock
├── Cargo.toml
├── LICENSE.md
├── Makefile
├── README.md
├── ansible
    ├── roles
    │   └── sectora
    │   │   ├── handlers
    │   │       └── main.yml
    │   │   └── tasks
    │   │       └── main.yml
    ├── sectora.service
    ├── sectora.sh
    ├── site.yml
    └── templates
    │   └── sectora.conf
├── assets
    ├── conf-files
    │   └── sectora.conf
    ├── scripts
    │   ├── config
    │   ├── postinst
    │   ├── postrm
    │   └── templates
    ├── sectora.service
    └── sectora.sh
├── build.rs
├── how-it-works.svg
├── rustfmt.toml
├── src
    ├── applog.rs
    ├── buffer.rs
    ├── connection.rs
    ├── cstructs.rs
    ├── daemon.rs
    ├── error.rs
    ├── ghclient.rs
    ├── lib.rs
    ├── main.rs
    ├── message.rs
    ├── statics.rs
    └── structs.rs
└── test
    ├── .gitignore
    ├── Makefile
    ├── client
        ├── Dockerfile
        ├── hosts
        ├── localtest.yml
        └── sshconfig
    ├── json-server
        ├── Dockerfile
        ├── db.json
        └── routes.json
    └── keys
        ├── root
            ├── id_rsa
            └── id_rsa.pub
        └── user
            ├── id_rsa
            └── id_rsa.pub


/.clippy.toml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/yasuyuky/sectora/186e976d0f01be2e877d6c5f2409b314456f10a4/.clippy.toml


--------------------------------------------------------------------------------
/.deepsource.toml:
--------------------------------------------------------------------------------
 1 | version = 1
 2 | 
 3 | [[analyzers]]
 4 | name = "rust"
 5 | 
 6 |   [analyzers.meta]
 7 |   msrv = "stable"
 8 | 
 9 | [[analyzers]]
10 | name = "shell"


--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
 1 | version: 2
 2 | updates:
 3 |   - package-ecosystem: cargo
 4 |     directory: '/'
 5 |     schedule:
 6 |       interval: daily
 7 |       time: '09:00'
 8 |       timezone: Asia/Tokyo
 9 |     open-pull-requests-limit: 10
10 |     reviewers:
11 |       - yasuyuky
12 |   - package-ecosystem: docker
13 |     directory: '/test/client'
14 |     schedule:
15 |       interval: daily
16 |       time: '09:00'
17 |       timezone: Asia/Tokyo
18 |     open-pull-requests-limit: 10
19 |     reviewers:
20 |       - yasuyuky
21 |   - package-ecosystem: docker
22 |     directory: '/test/json-server'
23 |     schedule:
24 |       interval: daily
25 |       time: '09:00'
26 |       timezone: Asia/Tokyo
27 |     open-pull-requests-limit: 10
28 |     reviewers:
29 |       - yasuyuky
30 |   - package-ecosystem: github-actions
31 |     directory: '/'
32 |     schedule:
33 |       interval: daily
34 |       time: '09:00'
35 |       timezone: Asia/Tokyo
36 | 


--------------------------------------------------------------------------------
/.github/workflows/main.yml:
--------------------------------------------------------------------------------
 1 | name: ci
 2 | 
 3 | on:
 4 |   push:
 5 |     branches:
 6 |       - main
 7 |   pull_request:
 8 |     branches:
 9 |       - main
10 | 
11 | jobs:
12 |   build:
13 |     runs-on: ubuntu-latest
14 |     timeout-minutes: 30
15 |     strategy:
16 |       matrix:
17 |         arch: [amd64, arm64, armhf]
18 |         target: [lib, exe, daemon, deb]
19 |       fail-fast: false
20 |     steps:
21 |       - uses: actions/checkout@v4
22 |       - uses: actions/cache@v4
23 |         with:
24 |           path: ${{ github.workspace }}/.sccache-${{ matrix.arch }}
25 |           key: ${{ runner.os }}-${{ matrix.arch }}-${{ matrix.target }}-sccache
26 |       - name: Set up QEMU
27 |         uses: docker/setup-qemu-action@v3
28 |       - name: Build
29 |         run: make TARGET=${{ matrix.arch }} ${{ matrix.target }}
30 |       - name: Fix cache permission
31 |         run: sudo chown -R $USER .sccache-${{ matrix.arch }}
32 |       - uses: actions/upload-artifact@v4
33 |         if: matrix.target == 'deb'
34 |         with:
35 |           name: sectora-${{ matrix.arch }}
36 |           path: ${{ github.workspace }}/target/*/debian/*.deb
37 | 
38 |   set-dists:
39 |     runs-on: ubuntu-latest
40 |     outputs:
41 |       dists: ${{ steps.set-matrix.outputs.matrix }}
42 |     steps:
43 |       - id: set-matrix
44 |         run: |
45 |           content=$(curl -L https://raw.githubusercontent.com/yasuyuky/docker-ssh-test/main/dist.json | jq -c .)
46 |           echo matrix=${content} >>$GITHUB_OUTPUT
47 |           echo ${content}
48 | 
49 |   test:
50 |     needs: [build, set-dists]
51 |     runs-on: ubuntu-latest
52 |     strategy:
53 |       matrix: ${{ fromJson(needs.set-dists.outputs.dists) }}
54 |       fail-fast: false
55 |     steps:
56 |       - uses: actions/checkout@v4
57 |       - uses: actions/download-artifact@v4
58 |         with:
59 |           name: sectora-amd64
60 |           path: target
61 |       - name: Run tests
62 |         run: make test-deb-stub dist=${{ matrix.dist }} ver=${{ matrix.ver }}
63 |         working-directory: test
64 |         env:
65 |           TERM: xterm-256color
66 | 


--------------------------------------------------------------------------------
/.github/workflows/release.yml:
--------------------------------------------------------------------------------
 1 | name: release
 2 | 
 3 | on:
 4 |   push:
 5 |     tags:
 6 |       - v*
 7 | 
 8 | jobs:
 9 |   release:
10 |     runs-on: ubuntu-latest
11 |     outputs:
12 |       version: ${{ steps.cargo_ver.outputs.version }}
13 |       upload: ${{ steps.create_release.outputs.upload_url }}
14 |     steps:
15 |       - uses: actions/checkout@v4
16 | 
17 |       - name: Get Date
18 |         id: get_date
19 |         run: |
20 |           date +'%Y.%m.%d'
21 |           echo date=$(date +'%Y.%m.%d') >>$GITHUB_OUTPUT
22 | 
23 |       - name: Get the version in cargo
24 |         id: cargo_ver
25 |         run: |
26 |           VERSION=$(grep '^version' Cargo.toml | cut -d '"' -f 2)
27 |           echo ${VERSION}
28 |           echo version=${VERSION} >>$GITHUB_OUTPUT
29 |           echo v=v${VERSION} >>$GITHUB_OUTPUT
30 |           test ${GITHUB_REF/refs\/tags\//} = v${VERSION}
31 | 
32 |       - name: Create Release
33 |         id: create_release
34 |         uses: actions/create-release@v1
35 |         env:
36 |           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
37 |         with:
38 |           tag_name: ${{ steps.cargo_ver.outputs.v }}
39 |           release_name: Release ${{ steps.cargo_ver.outputs.v }} (${{ steps.get_date.outputs.date }})
40 |           body: Automated release
41 |           draft: false
42 |           prerelease: false
43 | 
44 |   build-and-upload:
45 |     needs: release
46 |     strategy:
47 |       matrix:
48 |         arch: [amd64, arm64, armhf]
49 |     runs-on: ubuntu-latest
50 |     steps:
51 |       - name: Checkout
52 |         uses: actions/checkout@v4
53 |       - name: Set up QEMU
54 |         uses: docker/setup-qemu-action@v3
55 |       - name: Build deb
56 |         run: make TARGET=${{ matrix.arch }} deb
57 |       - name: Get Path of Artifact
58 |         id: getpath
59 |         run: |
60 |           ASSET_PATH=$(ls target/*/debian/sectora_${{ needs.release.outputs.version }}*_${{ matrix.arch }}.deb | head -n 1)
61 |           echo "asset_path=$ASSET_PATH" >> $GITHUB_OUTPUT
62 |       - name: Upload Release Asset
63 |         uses: actions/upload-release-asset@v1
64 |         env:
65 |           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
66 |         with:
67 |           upload_url: ${{ needs.release.outputs.upload }}
68 |           asset_path: ${{ steps.getpath.outputs.asset_path }}
69 |           asset_name: basename(${{ steps.getpath.outputs.asset_path }})
70 |           asset_content_type: application/vnd.debian.binary-package
71 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | target
2 | .cargo*
3 | *.retry
4 | hosts-*
5 | *.local.yml
6 | .sccache*
7 | 


--------------------------------------------------------------------------------
/.prettierrc.toml:
--------------------------------------------------------------------------------
1 | singleQuote = true
2 | 


--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
 1 | # Changelog
 2 | 
 3 | All notable changes to this project will be documented in this file.
 4 | 
 5 | The format is based on [Keep a Changelog][keep a changelog] and this project adheres to [Semantic Versioning][semantic versioning].
 6 | 
 7 | ## [Unreleased]
 8 | 
 9 | ---
10 | 
11 | ## [Released]
12 | 
13 | ## [0.4.0] - 2021-01-22
14 | 
15 | ### Changed
16 | 
17 | - Update dependencies
18 | - Use tokio 1.0
19 | - Allow long messages
20 | 
21 | ### Fixed
22 | 
23 | - fix unknown key name issue #356
24 | 
25 | ## [0.3.2] - 2020-09-12
26 | 
27 | ### Changed
28 | 
29 | - Update dependencies
30 | 
31 | ## [0.3.1] - 2020-08-12
32 | 
33 | ### Changed
34 | 
35 | - Tweak PAM settings
36 | - Update depnedencies
37 | 
38 | ### Fixed
39 | 
40 | - Use the abusolute path for conffiles
41 | 
42 | ## [0.3.0] - 2020-06-16
43 | 
44 | ### Added
45 | 
46 | - Notify Systemd
47 | 
48 | ### Changed
49 | 
50 | - Update the rust version
51 | - Handle the send-back error
52 | - Update default AuthorizedKeysCommand style
53 | - Update depnedencies
54 | 
55 | ## [0.2.0] - 2020.05.30
56 | 
57 | ### Added
58 | 
59 | - Enhance rate limit information
60 | 
61 | ### Fixed
62 | 
63 | - Rewrite all hyper-related methods to asynchronous ones
64 | 
65 | ### Changed
66 | 
67 | - Make http client reusable
68 | - Update some depnedencies
69 | 
70 | ## [0.1.0] - 2020.05.16
71 | 
72 | ### Added
73 | 
74 | - Initial release
75 | 
76 | ---
77 | 
78 | <!-- Links -->
79 | 
80 | [keep a changelog]: https://keepachangelog.com/
81 | [semantic versioning]: https://semver.org/
82 | 
83 | <!-- Versions -->
84 | 
85 | [unreleased]: https://github.com/yasuyuky/sectora/compare/v0.4.0...HEAD
86 | [released]: https://github.com/yasuyuky/sectora/releases
87 | [0.4.0]: https://github.com/yasuyuky/sectora/compare/v0.3.2...v0.4.0
88 | [0.3.2]: https://github.com/yasuyuky/sectora/compare/v0.3.1...v0.3.2
89 | [0.3.1]: https://github.com/yasuyuky/sectora/compare/v0.3.0...v0.3.1
90 | [0.3.0]: https://github.com/yasuyuky/sectora/compare/v0.2.0...v0.3.0
91 | [0.2.0]: https://github.com/yasuyuky/sectora/compare/v0.1.0...v0.2.0
92 | [0.1.0]: https://github.com/yasuyuky/sectora/releases/v0.1.0
93 | 


--------------------------------------------------------------------------------
/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "sectora"
 3 | version = "0.5.0"
 4 | authors = ["Yasuyuki YAMADA <yasuyuki.ymd@gmail.com>"]
 5 | build = "build.rs"
 6 | description = "SSH authentication with the GitHub team and repo"
 7 | edition = "2024"
 8 | license = "MIT"
 9 | readme = "README.md"
10 | rust-version = "1.86.0"
11 | 
12 | [dependencies]
13 | futures = "0.3"
14 | toml = "0.8"
15 | serde = { version = "1.0", features = ["derive"] }
16 | serde_json = "1.0"
17 | glob = "0.3"
18 | libc = "0.2"
19 | nix = "0.30"
20 | hyper = { version = "0.14.27", features = ["http1", "client", "tcp"] }
21 | hyper-tls = "0.6.0"
22 | log = "0.4.27"
23 | syslog = "7.0"
24 | tokio = { version = "1.45", features = ["macros", "rt", "rt-multi-thread"] }
25 | sd-notify = "0.4.5"
26 | clap = { version = "4.5.39", features = ["derive"] }
27 | clap_complete = "4.5.52"
28 | once_cell = "1.21.3"
29 | reqwest = { version = "0.12.19", features = ["json"] }
30 | 
31 | [[bin]]
32 | name = "sectora"
33 | path = "src/main.rs"
34 | 
35 | [[bin]]
36 | name = "sectorad"
37 | path = "src/daemon.rs"
38 | 
39 | [lib]
40 | name = "nss_sectora"
41 | path = "src/lib.rs"
42 | crate-type = ["cdylib"]
43 | 
44 | [package.metadata.deb]
45 | maintainer = "Yasuyuki YAMADA <yasuyuki.ymd@gmail.com>"
46 | copyright = "2017-2020 Yasuyuki YAMADA <yasuyuki.ymd@gmail.com>"
47 | depends = "$auto, systemd, openssh-server"
48 | extended-description = """\
49 | **Sector A**uthentication
50 | (formerly named as **ghteam-auth**)
51 | Using this program, you can grant login privileges on your servers to GitHub team members or outside collaborators of your repository.
52 | Implemented with Rust."""
53 | section = "admin"
54 | priority = "optional"
55 | assets = [
56 |     ["target/release/sectora", "usr/sbin/", "755"],
57 |     ["target/release/sectorad", "usr/sbin/", "755"],
58 |     ["target/release/libnss_sectora.so", "usr/lib/libnss_sectora.so", "644"],
59 |     ["target/release/libnss_sectora.so", "usr/lib/libnss_sectora.so.2", "644"],
60 |     ["assets/conf-files/sectora.conf", "etc/sectora.conf", "644"],
61 |     ["assets/sectora.sh", "usr/sbin/", "755"],
62 |     ["assets/sectora.service", "etc/systemd/system/", "644"],
63 | ]
64 | conf-files = ["/etc/sectora.conf"]
65 | maintainer-scripts = "assets/scripts"
66 | 


--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
 1 | Copyright (c) 2017-2020 Yasuyuki YAMADA
 2 | 
 3 | Permission is hereby granted, free of charge, to any person obtaining
 4 | a copy of this software and associated documentation files (the
 5 | "Software"), to deal in the Software without restriction, including
 6 | without limitation the rights to use, copy, modify, merge, publish,
 7 | distribute, sublicense, and/or sell copies of the Software, and to
 8 | permit persons to whom the Software is furnished to do so, subject to
 9 | the following conditions:
10 | 
11 | The above copyright notice and this permission notice shall be
12 | included in all copies or substantial portions of the Software.
13 | 
14 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
21 | 


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
 1 | RUST_VER=$(shell grep "^rust-version" Cargo.toml | cut -f 2 -d '"')
 2 | VERSION=$(shell grep "^version" Cargo.toml | cut -f 2 -d '"')
 3 | TARGET:=amd64
 4 | LOG_LEVEL:=OFF
 5 | BUILD_IMG=ghcr.io/yasuyuky/rust-ubuntu:${RUST_VER}
 6 | PLATFORM_OPT=--platform=linux/$(TARGET)
 7 | ifeq ($(TARGET),amd64)
 8 | RSTARGET=x86_64-unknown-linux-gnu
 9 | else ifeq ($(TARGET),arm64)
10 | RSTARGET=aarch64-unknown-linux-gnu
11 | else ifeq ($(TARGET),armhf)
12 | RSTARGET=armv7-unknown-linux-gnueabihf
13 | LIBTARGET=arm-linux-gnueabihf
14 | endif
15 | LIBTARGET?=$(subst unknown-,,$(RSTARGET))
16 | RELEASE_DIR=target/$(RSTARGET)/release
17 | DEBIAN_DIR=target/$(RSTARGET)/debian
18 | COMMON_BUILD_OPT= -v ${PWD}:/source -w /source -e RUSTC_WRAPPER=/usr/local/cargo/bin/sccache -e SCCACHE_DIR=/source/.sccache
19 | # BUILD_VOL= -v ${PWD}/.cargo-$(TARGET)/registry:/usr/local/cargo/registry -v ${PWD}/.cargo-$(TARGET)/bin:/source/.cargo/bin
20 | # BUILD_VOL= -v ${PWD}/.cargo-$(TARGET):/source/.cargo
21 | BUILD_VOL= -v ${PWD}/.sccache-$(TARGET):/source/.sccache
22 | OPENSSL_STATIC_OPT= -e OPENSSL_STATIC=yes -e OPENSSL_LIB_DIR=/usr/lib/$(LIBTARGET)/ -e OPENSSL_INCLUDE_DIR=/usr/include -e LOG_LEVEL=$(LOG_LEVEL)
23 | MEM_OPT= -m 4g --memory-swap 16g
24 | BUILD_OPT= $(MEM_OPT) $(BUILD_VOL) $(COMMON_BUILD_OPT) $(OPENSSL_STATIC_OPT)
25 | DEPLOY_TEST_IMG=yasuyuky/ubuntu-ssh
26 | ENTRIY_POINTS := src/main.rs src/daemon.rs src/lib.rs
27 | SRCS := $(filter-out $(ENTRIY_POINTS),$(wildcard src/*.rs))
28 | ASSETS := $(wildcard assets/*) $(wildcard assets/*/*)
29 | CARGO_FILES := Cargo.toml Cargo.lock
30 | DOCKER_RUN=docker run --rm $(PLATFORM_OPT)
31 | 
32 | all:
33 | 
34 | deb: $(DEBIAN_DIR)/sectora_$(VERSION)_$(TARGET).deb
35 | 
36 | exe: $(RELEASE_DIR)/sectora
37 | 
38 | daemon: $(RELEASE_DIR)/sectorad
39 | 
40 | lib: $(RELEASE_DIR)/libnss_sectora.so
41 | 
42 | amd64:
43 | 	make TARGET=amd64 exe daemon lib deb
44 | 
45 | armhf:
46 | 	make TARGET=armhf exe daemon lib deb
47 | 
48 | arm64:
49 | 	make TARGET=arm64 exe daemon lib deb
50 | 
51 | enter-build-image:
52 | 	$(DOCKER_RUN) -it $(BUILD_OPT) $(BUILD_IMG) bash
53 | 
54 | $(RELEASE_DIR)/sectora: src/main.rs $(SRCS) $(CARGO_FILES)
55 | 	$(DOCKER_RUN) $(BUILD_OPT) $(BUILD_IMG) cargo build --bin sectora --release --target=$(RSTARGET)
56 | 
57 | $(RELEASE_DIR)/sectorad: src/daemon.rs $(SRCS) $(CARGO_FILES)
58 | 	$(DOCKER_RUN) $(BUILD_OPT) $(BUILD_IMG) cargo build --bin sectorad --release --target=$(RSTARGET)
59 | 
60 | $(RELEASE_DIR)/libnss_sectora.so: src/lib.rs $(SRCS) $(CARGO_FILES)
61 | 	$(DOCKER_RUN) $(BUILD_OPT) $(BUILD_IMG) cargo build --lib --release --target=$(RSTARGET)
62 | 
63 | $(DEBIAN_DIR)/sectora_$(VERSION)_$(TARGET).deb: src/main.rs src/daemon.rs src/lib.rs $(SRCS) $(CARGO_FILES) $(ASSETS)
64 | 	$(DOCKER_RUN) $(BUILD_OPT) $(BUILD_IMG) sh -c "cargo deb --target=$(RSTARGET) && sccache -s"
65 | 
66 | .PHONY: clean clean-cargo clean-exe clean-lib clean-deb
67 | 
68 | clean-cargo:
69 | 	$(DOCKER_RUN) $(BUILD_OPT) $(BUILD_IMG) cargo clean
70 | 
71 | clean-exe:
72 | 	rm -f target/$(RSTARGET)/release/sectora
73 | 
74 | clean-daemon:
75 | 	rm -f target/$(RSTARGET)/release/sectorad
76 | 
77 | clean-lib:
78 | 	rm -f target/$(RSTARGET)/release/libnss_sectora.so
79 | 
80 | clean-deb:
81 | 	rm -f target/$(RSTARGET)/debian/sectora_$(VERSION)_*.deb
82 | 
83 | clean:
84 | 	make clean-exe
85 | 	make clean-daemon
86 | 	make clean-lib
87 | 	make clean-deb
88 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Sectora
  2 | 
  3 | **Sector A**uthentication
  4 | 
  5 | (formerly named as **ghteam-auth**)
  6 | 
  7 | Using this program, you can grant login privileges on your servers to GitHub team members or outside collaborators of your repository.
  8 | 
  9 | Implemented with Rust.
 10 | 
 11 | [![Github Actions](https://github.com/yasuyuky/sectora/workflows/ci/badge.svg)](https://github.com/yasuyuky/sectora/actions)
 12 | 
 13 | # How it works
 14 | 
 15 | ![how it works](how-it-works.svg)
 16 | 
 17 | # How to use
 18 | 
 19 | 1. Generate the ssh key pair and [upload the public key to GitHub](https://help.github.com/en/github/authenticating-to-github/adding-a-new-ssh-key-to-your-github-account)
 20 | 
 21 | 2. Use [the deb file](https://github.com/yasuyuky/sectora/releases) to setup sectora to the server
 22 | 
 23 |    - You need a developer token with the following scope
 24 |      - read:org
 25 |      - repo (optional)
 26 | 
 27 | 3. Log in to the server with your private key
 28 | 
 29 | # Manual Setup
 30 | 
 31 | ## How to build manually
 32 | 
 33 | See [Makefile](https://github.com/yasuyuky/sectora/blob/main/Makefile) for details
 34 | 
 35 | ## How to install and setup manually
 36 | 
 37 | 1. Copy executable and shared object to each path
 38 | 2. Put config file for this program
 39 | 3. Register sectora daemon to systemd and enable it
 40 | 4. Configure name service switch
 41 | 5. Configure sshd
 42 | 6. Configure PAM (Optional)
 43 | 
 44 | [A setting example of ansible is available](https://github.com/yasuyuky/sectora/blob/main/ansible/)
 45 | 
 46 | ### Copy the executable file and shared object to each path
 47 | 
 48 | #### Copy executable file
 49 | 
 50 | Put `sectora` & `sectorad` to `/usr/sbin/`.
 51 | 
 52 | #### Copy shared object
 53 | 
 54 | Put `libnss_sectora.so` to `/usr/lib/`.
 55 | 
 56 | #### Create link of shared object
 57 | 
 58 | `ln -s /usr/lib/libnss_sectora.so /usr/lib/libnss_sectora.so.2`
 59 | 
 60 | ### Put config file for this program
 61 | 
 62 | The minimal setting is like as follows.
 63 | 
 64 | ```toml
 65 | token = "YOUR_PERSONAL_TOKEN_STRING"
 66 | org = "YOUR_ORGANIZATION"
 67 | 
 68 | [[team]]
 69 | name = "YOUR_TEAM1"
 70 | gid = 2019  # gid for YOUR_TEAM1
 71 | 
 72 | [[team]]
 73 | name = "YOUR_TEAM2"
 74 | gid = 2020  # gid for YOUR_TEAM2
 75 | group = "YOUR_GROUP_NAME"
 76 | 
 77 | [[repo]]
 78 | name = "YOUR_REPO_NAME"
 79 | ```
 80 | 
 81 | See `struct Config` on `structs.rs` for details.
 82 | 
 83 | ### Register sectora daemon to systemd
 84 | 
 85 | Put `/etc/systemd/system/sectora.service`
 86 | 
 87 | ```
 88 | [Unit]
 89 | Description=Sectora Daemon
 90 | After=network.target
 91 | 
 92 | [Service]
 93 | ExecStart=/usr/sbin/sectorad
 94 | Restart=always
 95 | StandardOutput=journal
 96 | StandardError=journal
 97 | 
 98 | [Install]
 99 | WantedBy=multi-user.target
100 | ```
101 | 
102 | then execute `systemctl enable sectora && systemctl start sectora`
103 | 
104 | ### Configure name service switch
105 | 
106 | Add the following lines to `/etc/nsswitch.conf`
107 | 
108 | ```
109 | passwd: files sectora
110 | shadow: files sectora
111 | group:  files sectora
112 | ```
113 | 
114 | ### Configure sshd
115 | 
116 | Add the following lines to `/etc/ssh/sshd_config`.
117 | 
118 | ```
119 | AuthorizedKeysCommandUser root
120 | AuthorizedKeysCommand /usr/sbin/sectora key %u
121 | UsePAM yes
122 | ```
123 | 
124 | #### In the case of old sshd
125 | 
126 | In the case of old sshd, you need to create the following shell script and put it in your PATH.
127 | 
128 | ```sectora.sh
129 | #!/bin/bash
130 | /usr/sbin/sectora key $1
131 | ```
132 | 
133 | Also, sshd_config should look like this.
134 | 
135 | ```
136 | AuthorizedKeysCommandUser root
137 | AuthorizedKeysCommand /usr/sbin/sectora.sh
138 | UsePAM yes
139 | ```
140 | 
141 | ### Configure PAM (Optional)
142 | 
143 | Add the following lines to `/etc/pam.d/sshd`.
144 | 
145 | ```
146 | account requisite pam_exec.so quiet /usr/sbin/sectora pam
147 | auth optional pam_unix.so not_set_pass use_first_pass nodelay
148 | session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
149 | ```
150 | 
151 | Also, comment out the following line.
152 | 
153 | ```
154 | # @include common-auth
155 | ```
156 | 
157 | ## Personal settings
158 | 
159 | To set personal settings, use `$HOME/.config/sectora.toml` like this.
160 | 
161 | ```toml
162 | sh = "/path/to/login/shell"
163 | pass = "PASSWORD_HASH_STRING"
164 | ```
165 | 
166 | Use `mkpasswd` command to create your `PASSWORD_HASH_STRING`
167 | 
168 | ```
169 | mkpasswd -S $(head -c 4 /dev/urandom|xxd -p) -m sha-512
170 | ```
171 | 
172 | ## LICENSE
173 | 
174 | MIT
175 | 
176 | ## Special thanks
177 | 
178 | This program is inspired by [Octopass](https://github.com/linyows/octopass).
179 | Thank you.
180 | 


--------------------------------------------------------------------------------
/ansible/roles/sectora/handlers/main.yml:
--------------------------------------------------------------------------------
 1 | - name: restart sshd
 2 |   service:
 3 |     name: ssh
 4 |     state: restarted
 5 | 
 6 | - name: start sectorad
 7 |   service:
 8 |     name: sectora
 9 |     state: started
10 | 


--------------------------------------------------------------------------------
/ansible/roles/sectora/tasks/main.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | - name: copy sectora binary executable
 3 |   copy:
 4 |     src: "{{ target_dir }}/sectora"
 5 |     dest: /usr/sbin/sectora
 6 |     mode: 0755
 7 | 
 8 | - name: copy sectora key script executable
 9 |   copy:
10 |     src: ./sectora.sh
11 |     dest: /usr/sbin/sectora.sh
12 |     mode: 0700
13 | 
14 | - name: copy sectorad binary executable
15 |   copy:
16 |     src: "{{ target_dir }}/sectorad"
17 |     dest: /usr/sbin/sectorad
18 |     mode: 0755
19 | 
20 | - name: create sectorad config
21 |   template:
22 |     src: sectora.service
23 |     dest: /etc/systemd/system/sectora.service
24 |   notify:
25 |     - start sectorad
26 | 
27 | - name: Enable service sectora
28 |   systemd:
29 |     name: sectora
30 |     enabled: yes
31 | 
32 | - name: copy libnss_sectora shared object
33 |   copy:
34 |     src: "{{ target_dir }}/libnss_sectora.so"
35 |     dest: /usr/lib/libnss_sectora.so
36 | 
37 | - name: create link for shared object
38 |   file:
39 |     src: /usr/lib/libnss_sectora.so
40 |     dest: /usr/lib/libnss_sectora.so.2
41 |     state: link
42 | 
43 | - name: create config
44 |   template:
45 |     src: sectora.conf
46 |     dest: /etc/sectora.conf
47 |     mode: 0600
48 | 
49 | - name: configure sudoers
50 |   lineinfile:
51 |     path: /etc/sudoers
52 |     state: present
53 |     regexp: '^%{{ (item.group is defined and item.group) or item.name }} ALL='
54 |     line: '%{{ (item.group is defined and item.group) or item.name }}  ALL=(ALL) NOPASSWD: ALL'
55 |     validate: 'visudo -cf %s'
56 |   when: (item.sudoers is defined) and (item.sudoers == true)
57 |   with_items:
58 |     '{{ gh_teams }}'
59 | 
60 | - name: configure sshd_config
61 |   lineinfile:
62 |     path: /etc/ssh/sshd_config
63 |     regexp: '{{ item.regexp }}'
64 |     line: '{{ item.line }}'
65 |     validate: '/usr/sbin/sshd -t -f %s'
66 |   with_items:
67 |     - regexp: '^AuthorizedKeysCommandUser\s'
68 |       line: 'AuthorizedKeysCommandUser root'
69 |     - regexp: '^AuthorizedKeysCommand\s'
70 |       line: 'AuthorizedKeysCommand /usr/sbin/sectora.sh'
71 |       # line: 'AuthorizedKeysCommand /usr/sbin/sectora key %u'
72 |     - regexp: '^UsePAM\s'
73 |       line: 'UsePAM yes'
74 |   notify:
75 |     - restart sshd
76 | 
77 | - name: configure nss switch
78 |   lineinfile:
79 |     path: /etc/nsswitch.conf
80 |     regexp: '{{ item.regexp }}'
81 |     line: '{{ item.line }}'
82 |     backrefs: yes
83 |   with_items:
84 |     - {regexp: '^passwd:\s+(.*)$', line: 'passwd: files sectora'}
85 |     - {regexp: '^shadow:\s+(.*)$', line: 'shadow: files sectora'}
86 |     - {regexp: '^group:\s+(.*)$',  line: 'group:  files sectora'}
87 | 
88 | - name: pam configuration
89 |   lineinfile:
90 |     path: /etc/pam.d/sshd
91 |     line: '{{ item.line }}'
92 |     state: '{{ item.state }}'
93 |   with_items:
94 |     - {line: 'account sufficient pam_exec.so quiet /usr/sbin/sectora pam', state: 'present'}
95 |     - {line: 'auth optional pam_unix.so not_set_pass use_first_pass nodelay', state: 'present'}
96 |     - {line: 'session required pam_mkhomedir.so skel: /etc/skel/ umask: 0022', state: 'present'}
97 | 


--------------------------------------------------------------------------------
/ansible/sectora.service:
--------------------------------------------------------------------------------
1 | ../assets/sectora.service


--------------------------------------------------------------------------------
/ansible/sectora.sh:
--------------------------------------------------------------------------------
1 | ../assets/sectora.sh


--------------------------------------------------------------------------------
/ansible/site.yml:
--------------------------------------------------------------------------------
 1 | - hosts: all
 2 |   become: yes
 3 |   become_method: sudo
 4 |   become_user: root
 5 |   vars:
 6 |     target_dir: "../target/YOUR_TARGET_TRIPLE/release"
 7 |     gh_token: "YOUR_TOKEN"
 8 |     gh_org: "YOUR_ORGANIZATION"
 9 |     # gh_home: "/path/to/home/{}"
10 |     # gh_cache_duration: 7200
11 |     # gh_user_conf_path: "path/to/relative/path/of/user/conf/from/home"
12 |     gh_teams:
13 |       - name: "YOUR_TEAM1"
14 |         group: "YOUR_GROUP1"
15 |         gid: YOUR_GID1
16 |         sudoers: true # or false
17 |     gh_repo:
18 |       - name: "YOUR_REPO1"
19 |         group: "YOUR_GROUP1"
20 |         gid: YOUR_GID2
21 |         sudoers: false # or true
22 |   roles:
23 |     - sectora
24 | 


--------------------------------------------------------------------------------
/ansible/templates/sectora.conf:
--------------------------------------------------------------------------------
 1 | token = "{{ gh_token }}"
 2 | org = "{{ gh_org }}"
 3 | {% if gh_endpoint is defined %}
 4 | endpoint = "{{ gh_endpoint }}"
 5 | {% endif %}
 6 | {% if gh_home is defined %}
 7 | home = "{{ gh_home }}"
 8 | {% endif %}
 9 | {% if gh_sh is defined %}
10 | sh = "{{ gh_sh }}"
11 | {% endif %}
12 | {% if gh_cache_duration is defined %}
13 | cache_duration = {{ gh_cache_duration }}
14 | {% endif %}
15 | {% if gh_cert_path is defined %}
16 | cert_path = "{{ gh_cert_path }}"
17 | {% endif %}
18 | {% if gh_user_conf_path is defined %}
19 | user_conf_path = "{{ gh_user_conf_path }}"
20 | {% endif %}
21 | 
22 | {% if gh_teams is defined %}
23 | {% for team in gh_teams %}
24 | 
25 | [[team]]
26 | name = "{{ team.name }}"
27 | {% if team.gid is defined %}
28 | gid = {{ team.gid }}
29 | {% endif %}
30 | {% if team.group is defined %}
31 | group = "{{ team.group }}"
32 | {% endif %}
33 | {% endfor %}
34 | {% endif %}
35 | 
36 | {% if gh_repo is defined %}
37 | {% for repo in gh_repos %}
38 | 
39 | [[repo]]
40 | name = "{{ repo.name }}"
41 | {% if repo.gid is defined %}
42 | gid = {{ repo.gid }}
43 | {% endif %}
44 | {% if repo.group is defined %}
45 | group = "{{ repo.group }}"
46 | {% endif %}
47 | {% endfor %}
48 | {% endif %}
49 | 


--------------------------------------------------------------------------------
/assets/conf-files/sectora.conf:
--------------------------------------------------------------------------------
 1 | # this config file is toml format
 2 | 
 3 | token = "YOUR_PERSONAL_TOKEN_STRING"
 4 | org = "YOUR_ORGANIZATION"
 5 | 
 6 | [[team]]
 7 | name = "YOUR_TEAM1"
 8 | gid = YOUR_GID1
 9 | 
10 | [[team]]
11 | name = "YOUR_TEAM2"
12 | gid = YOUR_GID1
13 | group = "YOUR_GROUP_NAME"
14 | 
15 | [[repo]]
16 | name = "YOUR_REPO_NAME"


--------------------------------------------------------------------------------
/assets/scripts/config:
--------------------------------------------------------------------------------
 1 | #!/bin/sh -e
 2 | 
 3 | # Source debconf library.
 4 | . /usr/share/debconf/confmodule
 5 | 
 6 | db_beginblock
 7 | db_input high sectora/init_config || true
 8 | db_endblock
 9 | db_go
10 | 


--------------------------------------------------------------------------------
/assets/scripts/postinst:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | 
 3 | settings_start="### DO NOT REMOVE! SECTORA SETTINGS START ###"
 4 | settings_end="### DO NOT REMOVE! SECTORA SETTINGS END ###"
 5 | 
 6 | function check_config() {
 7 |     conf_file=$(echo $1)
 8 | 
 9 |     set +e
10 |     start_line=$(grep -n "^${settings_start}" ${conf_file})
11 |     end_line=$(grep -n "^${settings_end}" ${conf_file})
12 |     set -e
13 | 
14 |     if [ "$start_line" = "" -a "$end_line" = "" ]; then
15 |         # Success (No settings found)
16 |         return 0
17 |     fi
18 |     echo "Found sectora settings in $conf_file"
19 |     return 1
20 | }
21 | 
22 | if [ "$1" = "configure" ] && [ -e /usr/share/debconf/confmodule ]; then
23 |     # Source debconf library.
24 |     . /usr/share/debconf/confmodule
25 | 
26 |     systemctl daemon-reload
27 | 
28 |     db_get sectora/init_config
29 |     init_config=$RET
30 |     db_stop
31 |     if [ "$init_config" = "true" ]; then
32 |         echo "Appending settings...(Please restore configs from *.backup files when you get some error)"
33 | 
34 |         # setup nssswitch
35 |         if check_config /etc/nsswitch.conf; then
36 |             cp /etc/nsswitch.conf /etc/nsswitch.conf.backup
37 |             cat <<EOS >>/etc/nsswitch.conf
38 | 
39 | ${settings_start}
40 | passwd: files sectora
41 | shadow: files sectora
42 | group:  files sectora
43 | ${settings_end}
44 | 
45 | EOS
46 |         fi
47 | 
48 |         # setup sshd_config
49 |         if check_config /etc/ssh/sshd_config; then
50 |             cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
51 |             sed -i -e "s/^UsePAM/#UsePAM/" /etc/ssh/sshd_config
52 |             cat <<EOS >>/etc/ssh/sshd_config
53 | 
54 | ${settings_start}
55 | AuthorizedKeysCommandUser root
56 | AuthorizedKeysCommand /usr/sbin/sectora key %u
57 | UsePAM yes
58 | ${settings_end}
59 | 
60 | EOS
61 |         fi
62 | 
63 |         # setup pam
64 |         if check_config /etc/pam.d/sshd; then
65 |             if [ -e /etc/pam.d/sshd ]; then
66 |                 cp /etc/pam.d/sshd /etc/pam.d/sshd.backup
67 |             fi
68 |             cat <<EOS >>/etc/pam.d/sshd
69 | 
70 | ${settings_start}
71 | auth requisite pam_exec.so quiet /usr/sbin/sectora pam
72 | auth optional pam_unix.so not_set_pass use_first_pass nodelay
73 | session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
74 | ${settings_end}
75 | 
76 | EOS
77 |         fi
78 | 
79 |         # restart sshd
80 |         service ssh restart
81 | 
82 |     fi
83 | 
84 |     echo "Please setup github personal token to /etc/sectora.conf"
85 | fi
86 | 


--------------------------------------------------------------------------------
/assets/scripts/postrm:
--------------------------------------------------------------------------------
 1 | #!/bin/bash -e
 2 | 
 3 | settings_start="### DO NOT REMOVE! SECTORA SETTINGS START ###"
 4 | settings_end="### DO NOT REMOVE! SECTORA SETTINGS END ###"
 5 | 
 6 | function delete_sectora_setting() {
 7 |     conf_file=$(echo $1)
 8 | 
 9 |     start_line=$(grep -n "^${settings_start}" ${conf_file} | cut -d: -f1)
10 |     end_line=$(grep -n "^${settings_end}" ${conf_file} | cut -d: -f1)
11 |     if [ "$start_line" = "" -o "$end_line" = "" ]; then
12 |         echo "Could not find sectora setting in ${conf_file}"
13 |         return 0
14 |     fi
15 | 
16 |     echo "Removed sectora settings in ${conf_file}"
17 |     sed -i -e "${start_line},${end_line}d" $conf_file
18 |     return 0
19 | }
20 | 
21 | if [ "$1" = purge ] && [ -e /usr/share/debconf/confmodule ]; then
22 |     # Source debconf library.
23 |     . /usr/share/debconf/confmodule
24 |     # Remove my changes to the db.
25 |     db_purge
26 | 
27 |     # remove configures if available
28 |     delete_sectora_setting /etc/nsswitch.conf
29 |     delete_sectora_setting /etc/ssh/sshd_config
30 |     delete_sectora_setting /etc/pam.d/sshd
31 | 
32 |     # remove configures
33 |     rm -rf /etc/sectora.conf
34 | 
35 |     systemctl daemon-reload
36 | fi
37 | 


--------------------------------------------------------------------------------
/assets/scripts/templates:
--------------------------------------------------------------------------------
1 | Template: sectora/init_config
2 | Type: boolean
3 | Default: true
4 | Description: Do you want to append the sectora settings?
5 | 


--------------------------------------------------------------------------------
/assets/sectora.service:
--------------------------------------------------------------------------------
 1 | [Unit]
 2 | Description=Sectora Daemon
 3 | After=network-online.target
 4 | Requires=network-online.target
 5 | 
 6 | [Service]
 7 | Type=notify
 8 | ExecStart=/usr/sbin/sectorad
 9 | # Environment=LOG_LEVEL=DEBUG
10 | # Environment=RUST_BACKTRACE=1
11 | Restart=always
12 | StandardOutput=journal
13 | StandardError=journal
14 | 
15 | [Install]
16 | WantedBy=multi-user.target
17 | 


--------------------------------------------------------------------------------
/assets/sectora.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | sectora key $1
3 | 


--------------------------------------------------------------------------------
/build.rs:
--------------------------------------------------------------------------------
 1 | use std::env;
 2 | use std::error::Error;
 3 | use std::fs::File;
 4 | use std::io::Write;
 5 | use std::path::PathBuf;
 6 | use std::process::Command;
 7 | 
 8 | struct Ignore;
 9 | 
10 | impl<E> From<E> for Ignore where E: Error
11 | {
12 |     fn from(_: E) -> Ignore { Ignore }
13 | }
14 | 
15 | fn main() -> Result<(), std::io::Error> {
16 |     let out_dir = PathBuf::from(env::var_os("OUT_DIR").unwrap());
17 |     File::create(out_dir.join("commit-info.txt"))?.write_all(commit_info().as_bytes())?;
18 |     let log_level = env::var("LOG_LEVEL").unwrap_or_else(|_| "OFF".to_string());
19 |     File::create(out_dir.join("log-level.txt"))?.write_all(log_level.as_bytes())?;
20 |     println!("cargo:rerun-if-changed=build.rs");
21 |     Ok(())
22 | }
23 | 
24 | fn commit_info() -> String {
25 |     match (commit_date(), commit_hash()) {
26 |         (Ok(date), Ok(hash)) => format!(" {} {}", date.trim_end(), hash.trim_end(),),
27 |         _ => String::default(),
28 |     }
29 | }
30 | 
31 | fn commit_hash() -> Result<String, Ignore> {
32 |     let args = &["rev-parse", "--short=10", "HEAD"];
33 |     Ok(String::from_utf8(Command::new("git").args(args).output()?.stdout)?)
34 | }
35 | 
36 | fn commit_date() -> Result<String, Ignore> {
37 |     let args = &["log", "-1", "--date=short", "--pretty=format:%cd"];
38 |     Ok(String::from_utf8(Command::new("git").args(args).output()?.stdout)?)
39 | }
40 | 


--------------------------------------------------------------------------------
/how-it-works.svg:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8" standalone="no"?>
 2 | <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
 3 | <svg width="100%" height="100%" viewBox="0 0 800 300" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" xmlns:serif="http://www.serif.com/" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:1.5;">
 4 |     <rect x="0" y="0" width="800" height="300" style="fill:white;fill-opacity:0.49;"/>
 5 |     <g>
 6 |         <g>
 7 |             <path d="M152.67,212.454C152.67,206.84 148.112,202.282 142.499,202.282L68.841,202.282C63.228,202.282 58.67,206.84 58.67,212.454L58.67,259.006C58.67,264.62 63.228,269.177 68.841,269.177L142.499,269.177C148.112,269.177 152.67,264.62 152.67,259.006L152.67,212.454ZM94.658,217.525C94.332,217.324 93.991,217.172 93.633,217.071C93.275,216.97 92.9,216.92 92.51,216.92C91.735,216.92 91.12,217.047 90.664,217.301C90.462,217.411 90.361,217.532 90.361,217.662C90.361,217.812 90.498,217.958 90.771,218.102C90.98,218.206 91.445,218.307 92.168,218.404C93.496,218.587 94.42,218.769 94.941,218.951C95.625,219.192 96.152,219.55 96.523,220.025C96.894,220.501 97.08,221.002 97.08,221.529C97.08,222.245 96.764,222.844 96.133,223.326C95.228,224.023 94.052,224.371 92.607,224.371C92.028,224.371 91.492,224.321 91.001,224.22C90.509,224.119 90.058,223.971 89.648,223.775C89.551,223.86 89.446,223.925 89.336,223.971C89.225,224.016 89.111,224.039 88.994,224.039C88.681,224.039 88.432,223.936 88.247,223.731C88.061,223.526 87.969,223.183 87.969,222.701L87.969,222.027C87.969,221.546 88.061,221.202 88.247,220.997C88.432,220.792 88.675,220.689 88.974,220.689C89.215,220.689 89.417,220.756 89.58,220.89C89.743,221.023 89.87,221.253 89.961,221.578C90.267,221.838 90.635,222.035 91.064,222.169C91.494,222.302 91.989,222.369 92.549,222.369C93.467,222.369 94.179,222.226 94.687,221.939C94.928,221.796 95.049,221.646 95.049,221.49C95.049,221.23 94.876,221.015 94.531,220.846C94.186,220.676 93.473,220.533 92.392,220.416C90.784,220.247 89.71,219.921 89.17,219.439C88.629,218.964 88.359,218.378 88.359,217.682C88.359,216.965 88.662,216.37 89.267,215.894C90.088,215.243 91.162,214.918 92.49,214.918C92.952,214.918 93.397,214.962 93.823,215.05C94.249,215.138 94.658,215.273 95.049,215.455C95.172,215.364 95.288,215.296 95.395,215.25C95.503,215.204 95.602,215.182 95.693,215.182C95.967,215.182 96.194,215.284 96.377,215.489C96.559,215.694 96.65,216.038 96.65,216.519L96.65,217.008C96.65,217.444 96.598,217.74 96.494,217.896C96.286,218.196 96.002,218.346 95.644,218.346C95.403,218.346 95.192,218.271 95.01,218.121C94.827,217.971 94.71,217.773 94.658,217.525ZM106.66,217.525C106.334,217.324 105.993,217.172 105.635,217.071C105.276,216.97 104.902,216.92 104.511,216.92C103.737,216.92 103.122,217.047 102.666,217.301C102.464,217.411 102.363,217.532 102.363,217.662C102.363,217.812 102.5,217.958 102.773,218.102C102.982,218.206 103.447,218.307 104.17,218.404C105.498,218.587 106.422,218.769 106.943,218.951C107.627,219.192 108.154,219.55 108.525,220.025C108.896,220.501 109.082,221.002 109.082,221.529C109.082,222.245 108.766,222.844 108.135,223.326C107.23,224.023 106.054,224.371 104.609,224.371C104.03,224.371 103.494,224.321 103.003,224.22C102.511,224.119 102.06,223.971 101.65,223.775C101.552,223.86 101.448,223.925 101.338,223.971C101.227,224.016 101.113,224.039 100.996,224.039C100.683,224.039 100.434,223.936 100.249,223.731C100.063,223.526 99.97,223.183 99.97,222.701L99.97,222.027C99.97,221.546 100.063,221.202 100.249,220.997C100.434,220.792 100.677,220.689 100.976,220.689C101.217,220.689 101.419,220.756 101.582,220.89C101.745,221.023 101.872,221.253 101.963,221.578C102.269,221.838 102.636,222.035 103.066,222.169C103.496,222.302 103.991,222.369 104.551,222.369C105.469,222.369 106.181,222.226 106.689,221.939C106.93,221.796 107.051,221.646 107.051,221.49C107.051,221.23 106.878,221.015 106.533,220.846C106.188,220.676 105.475,220.533 104.394,220.416C102.786,220.247 101.712,219.921 101.172,219.439C100.631,218.964 100.361,218.378 100.361,217.682C100.361,216.965 100.664,216.37 101.269,215.894C102.09,215.243 103.164,214.918 104.492,214.918C104.954,214.918 105.399,214.962 105.825,215.05C106.251,215.138 106.66,215.273 107.051,215.455C107.174,215.364 107.29,215.296 107.397,215.25C107.505,215.204 107.604,215.182 107.695,215.182C107.969,215.182 108.196,215.284 108.379,215.489C108.561,215.694 108.652,216.038 108.652,216.519L108.652,217.008C108.652,217.444 108.6,217.74 108.496,217.896C108.288,218.196 108.004,218.346 107.646,218.346C107.405,218.346 107.194,218.271 107.011,218.121C106.829,217.971 106.712,217.773 106.66,217.525ZM114.433,211.383L114.433,215.65C114.85,215.403 115.272,215.219 115.698,215.099C116.124,214.978 116.556,214.918 116.992,214.918C117.682,214.918 118.297,215.035 118.838,215.269C119.378,215.504 119.826,215.873 120.18,216.378C120.535,216.882 120.713,217.519 120.713,218.287L120.713,222.047C121.22,222.047 121.552,222.096 121.709,222.193C122.021,222.395 122.177,222.682 122.177,223.053C122.177,223.346 122.077,223.585 121.875,223.77C121.673,223.956 121.331,224.049 120.849,224.049L118.564,224.049C118.089,224.049 117.749,223.956 117.544,223.77C117.339,223.585 117.236,223.342 117.236,223.043C117.236,222.678 117.392,222.395 117.705,222.193C117.868,222.089 118.2,222.04 118.701,222.047L118.701,218.424C118.701,217.909 118.584,217.548 118.349,217.34C118.043,217.06 117.591,216.92 116.992,216.92C116.549,216.92 116.157,217.006 115.815,217.179C115.473,217.351 115.013,217.724 114.433,218.297L114.433,222.047C114.948,222.047 115.28,222.096 115.429,222.193C115.748,222.395 115.908,222.682 115.908,223.053C115.908,223.346 115.805,223.585 115.6,223.77C115.395,223.956 115.052,224.049 114.57,224.049L112.295,224.049C111.813,224.049 111.469,223.956 111.264,223.77C111.059,223.585 110.957,223.342 110.957,223.043C110.957,222.678 111.116,222.395 111.435,222.193C111.592,222.089 111.924,222.04 112.431,222.047L112.431,213.385L112.09,213.385C111.608,213.385 111.264,213.292 111.059,213.106C110.854,212.921 110.752,212.678 110.752,212.379C110.752,212.086 110.854,211.847 111.059,211.661C111.264,211.476 111.608,211.383 112.09,211.383L114.433,211.383ZM70.605,218.346L64.121,214.752C63.795,214.57 63.579,214.407 63.471,214.264C63.364,214.12 63.31,213.938 63.31,213.717C63.31,213.437 63.411,213.196 63.613,212.994C63.815,212.792 64.052,212.691 64.326,212.691C64.495,212.691 64.756,212.786 65.107,212.975L74.765,218.346L65.107,223.717C64.756,223.912 64.495,224.01 64.326,224.01C64.052,224.01 63.815,223.909 63.613,223.707C63.411,223.505 63.31,223.261 63.31,222.975C63.31,222.753 63.364,222.571 63.471,222.428C63.579,222.284 63.795,222.122 64.121,221.939L70.605,218.346Z"/>
 8 |         </g>
 9 |     </g>
10 |     <g transform="matrix(1.91279,0,0,1,-309.965,-8.86688)">
11 |         <path d="M310,72.867L310,61.954L473.85,61.954L473.85,51.821L482,67.41L473.85,83L473.85,72.867L310,72.867Z"/>
12 |     </g>
13 |     <g transform="matrix(2.69288e-17,-0.439781,1,6.12323e-17,604.59,320.48)">
14 |         <path d="M310,72.867L310,61.954L446.551,61.954L446.551,51.821L482,67.41L446.551,83L446.551,72.867L310,72.867Z"/>
15 |     </g>
16 |     <g transform="matrix(0.632814,0,0,1,-19.1723,168.32)">
17 |         <path d="M310,72.867L310,61.954L457.364,61.954L457.364,51.821L482,67.41L457.364,83L457.364,72.867L310,72.867Z"/>
18 |     </g>
19 |     <g transform="matrix(0.820513,0,0,0.820513,-14.0299,-18.0172)">
20 |         <g transform="matrix(1.66667,0,0,1.66667,-131.333,-99.3333)">
21 |             <circle cx="236" cy="119" r="12" style="stroke:black;stroke-width:2.56px;"/>
22 |         </g>
23 |         <g transform="matrix(1,0,0,1,-5,-25)">
24 |             <rect x="287" y="118" width="53" height="12" style="stroke:black;stroke-width:4.27px;"/>
25 |         </g>
26 |         <g transform="matrix(0.188679,0,0,1.41667,257.349,-64.1667)">
27 |             <rect x="287" y="118" width="53" height="12" style="stroke:black;stroke-width:4.22px;"/>
28 |         </g>
29 |         <g transform="matrix(0.188679,0,0,0.708333,266.849,19.4167)">
30 |             <rect x="287" y="118" width="53" height="12" style="stroke:black;stroke-width:8.23px;"/>
31 |         </g>
32 |     </g>
33 |     <g transform="matrix(0.820513,0,0,0.820513,-14.0299,65.3406)">
34 |         <g transform="matrix(1.66667,0,0,1.66667,-131.333,-99.3333)">
35 |             <circle cx="236" cy="119" r="12" style="stroke:black;stroke-width:2.56px;"/>
36 |         </g>
37 |         <g transform="matrix(1,0,0,1,-5,-25)">
38 |             <rect x="287" y="118" width="53" height="12" style="stroke:black;stroke-width:4.27px;"/>
39 |         </g>
40 |         <g transform="matrix(0.169811,0,0,1.41667,250.764,-91.1667)">
41 |             <rect x="287" y="118" width="53" height="12" style="stroke:black;stroke-width:4.23px;"/>
42 |         </g>
43 |         <g transform="matrix(0.169811,0,0,0.916667,272.764,-26.1667)">
44 |             <rect x="287" y="118" width="53" height="12" style="stroke:black;stroke-width:6.47px;"/>
45 |         </g>
46 |     </g>
47 |     <g>
48 |         <g>
49 |             <path d="M400,200L300,200L300,272L400,272L400,200ZM335.69,236.58C335.25,236.033 334.67,235.76 333.95,235.76C333.697,235.76 333.45,235.82 333.21,235.94C332.97,236.06 332.85,236.267 332.85,236.56C332.85,236.8 332.973,236.977 333.22,237.09C333.467,237.203 333.78,237.303 334.16,237.39C334.54,237.477 334.947,237.57 335.38,237.67C335.813,237.77 336.22,237.927 336.6,238.14C336.98,238.353 337.293,238.643 337.54,239.01C337.787,239.377 337.91,239.867 337.91,240.48C337.91,241.107 337.773,241.623 337.5,242.03C337.227,242.437 336.877,242.763 336.45,243.01C336.023,243.257 335.543,243.43 335.01,243.53C334.477,243.63 333.95,243.68 333.43,243.68C332.75,243.68 332.063,243.583 331.37,243.39C330.677,243.197 330.09,242.853 329.61,242.36L331.43,240.34C331.71,240.687 332.02,240.95 332.36,241.13C332.7,241.31 333.097,241.4 333.55,241.4C333.897,241.4 334.21,241.35 334.49,241.25C334.77,241.15 334.91,240.967 334.91,240.7C334.91,240.447 334.787,240.257 334.54,240.13C334.293,240.003 333.98,239.897 333.6,239.81C333.22,239.723 332.813,239.63 332.38,239.53C331.947,239.43 331.54,239.28 331.16,239.08C330.78,238.88 330.467,238.597 330.22,238.23C329.973,237.863 329.85,237.373 329.85,236.76C329.85,236.187 329.967,235.693 330.2,235.28C330.433,234.867 330.74,234.527 331.12,234.26C331.5,233.993 331.937,233.797 332.43,233.67C332.923,233.543 333.423,233.48 333.93,233.48C334.57,233.48 335.217,233.573 335.87,233.76C336.523,233.947 337.077,234.28 337.53,234.76L335.69,236.58ZM344.95,236.58C344.51,236.033 343.93,235.76 343.21,235.76C342.957,235.76 342.71,235.82 342.47,235.94C342.23,236.06 342.11,236.267 342.11,236.56C342.11,236.8 342.233,236.977 342.48,237.09C342.727,237.203 343.04,237.303 343.42,237.39C343.8,237.477 344.207,237.57 344.64,237.67C345.073,237.77 345.48,237.927 345.86,238.14C346.24,238.353 346.553,238.643 346.8,239.01C347.047,239.377 347.17,239.867 347.17,240.48C347.17,241.107 347.033,241.623 346.76,242.03C346.487,242.437 346.137,242.763 345.71,243.01C345.283,243.257 344.803,243.43 344.27,243.53C343.737,243.63 343.21,243.68 342.69,243.68C342.01,243.68 341.323,243.583 340.63,243.39C339.937,243.197 339.35,242.853 338.87,242.36L340.69,240.34C340.97,240.687 341.28,240.95 341.62,241.13C341.96,241.31 342.357,241.4 342.81,241.4C343.157,241.4 343.47,241.35 343.75,241.25C344.03,241.15 344.17,240.967 344.17,240.7C344.17,240.447 344.047,240.257 343.8,240.13C343.553,240.003 343.24,239.897 342.86,239.81C342.48,239.723 342.073,239.63 341.64,239.53C341.207,239.43 340.8,239.28 340.42,239.08C340.04,238.88 339.727,238.597 339.48,238.23C339.233,237.863 339.11,237.373 339.11,236.76C339.11,236.187 339.227,235.693 339.46,235.28C339.693,234.867 340,234.527 340.38,234.26C340.76,233.993 341.197,233.797 341.69,233.67C342.183,233.543 342.683,233.48 343.19,233.48C343.83,233.48 344.477,233.573 345.13,233.76C345.783,233.947 346.337,234.28 346.79,234.76L344.95,236.58ZM370.39,243.44L367.63,243.44L367.63,242.16L367.59,242.16C367.47,242.333 367.313,242.51 367.12,242.69C366.927,242.87 366.7,243.033 366.44,243.18C366.18,243.327 365.893,243.447 365.58,243.54C365.267,243.633 364.943,243.68 364.61,243.68C363.89,243.68 363.237,243.557 362.65,243.31C362.063,243.063 361.56,242.717 361.14,242.27C360.72,241.823 360.397,241.293 360.17,240.68C359.943,240.067 359.83,239.393 359.83,238.66C359.83,237.98 359.933,237.33 360.14,236.71C360.347,236.09 360.64,235.54 361.02,235.06C361.4,234.58 361.863,234.197 362.41,233.91C362.957,233.623 363.577,233.48 364.27,233.48C364.897,233.48 365.48,233.577 366.02,233.77C366.56,233.963 367.003,234.293 367.35,234.76L367.39,234.76L367.39,228.32L370.39,228.32L370.39,243.44ZM351.71,228.32L351.71,235.04L351.75,235.04C351.817,234.853 351.93,234.667 352.09,234.48C352.25,234.293 352.443,234.127 352.67,233.98C352.897,233.833 353.163,233.713 353.47,233.62C353.777,233.527 354.11,233.48 354.47,233.48C355.23,233.48 355.843,233.597 356.31,233.83C356.777,234.063 357.14,234.387 357.4,234.8C357.66,235.213 357.837,235.7 357.93,236.26C358.023,236.82 358.07,237.427 358.07,238.08L358.07,243.44L355.07,243.44L355.07,238.68C355.07,238.4 355.06,238.11 355.04,237.81C355.02,237.51 354.96,237.233 354.86,236.98C354.76,236.727 354.607,236.52 354.4,236.36C354.193,236.2 353.897,236.12 353.51,236.12C353.123,236.12 352.81,236.19 352.57,236.33C352.33,236.47 352.147,236.657 352.02,236.89C351.893,237.123 351.81,237.387 351.77,237.68C351.73,237.973 351.71,238.28 351.71,238.6L351.71,243.44L348.71,243.44L348.71,228.32L351.71,228.32ZM367.63,238.58C367.63,237.847 367.42,237.253 367,236.8C366.58,236.347 365.99,236.12 365.23,236.12C364.47,236.12 363.88,236.347 363.46,236.8C363.04,237.253 362.83,237.847 362.83,238.58C362.83,239.313 363.04,239.907 363.46,240.36C363.88,240.813 364.47,241.04 365.23,241.04C365.99,241.04 366.58,240.813 367,240.36C367.42,239.907 367.63,239.313 367.63,238.58Z"/>
50 |         </g>
51 |     </g>
52 |     <g>
53 |         <g>
54 |             <path d="M720,200L620,200L620,272L720,272L720,200ZM635.89,236.58C635.45,236.033 634.87,235.76 634.15,235.76C633.897,235.76 633.65,235.82 633.41,235.94C633.17,236.06 633.05,236.267 633.05,236.56C633.05,236.8 633.173,236.977 633.42,237.09C633.667,237.203 633.98,237.303 634.36,237.39C634.74,237.477 635.147,237.57 635.58,237.67C636.013,237.77 636.42,237.927 636.8,238.14C637.18,238.353 637.493,238.643 637.74,239.01C637.987,239.377 638.11,239.867 638.11,240.48C638.11,241.107 637.973,241.623 637.7,242.03C637.427,242.437 637.077,242.763 636.65,243.01C636.223,243.257 635.743,243.43 635.21,243.53C634.677,243.63 634.15,243.68 633.63,243.68C632.95,243.68 632.263,243.583 631.57,243.39C630.877,243.197 630.29,242.853 629.81,242.36L631.63,240.34C631.91,240.687 632.22,240.95 632.56,241.13C632.9,241.31 633.297,241.4 633.75,241.4C634.097,241.4 634.41,241.35 634.69,241.25C634.97,241.15 635.11,240.967 635.11,240.7C635.11,240.447 634.987,240.257 634.74,240.13C634.493,240.003 634.18,239.897 633.8,239.81C633.42,239.723 633.013,239.63 632.58,239.53C632.147,239.43 631.74,239.28 631.36,239.08C630.98,238.88 630.667,238.597 630.42,238.23C630.173,237.863 630.05,237.373 630.05,236.76C630.05,236.187 630.167,235.693 630.4,235.28C630.633,234.867 630.94,234.527 631.32,234.26C631.7,233.993 632.137,233.797 632.63,233.67C633.123,233.543 633.623,233.48 634.13,233.48C634.77,233.48 635.417,233.573 636.07,233.76C636.723,233.947 637.277,234.28 637.73,234.76L635.89,236.58ZM657.71,236.86C657.563,236.647 657.357,236.47 657.09,236.33C656.823,236.19 656.537,236.12 656.23,236.12C655.47,236.12 654.88,236.347 654.46,236.8C654.04,237.253 653.83,237.847 653.83,238.58C653.83,239.313 654.04,239.907 654.46,240.36C654.88,240.813 655.47,241.04 656.23,241.04C656.563,241.04 656.85,240.967 657.09,240.82C657.33,240.673 657.537,240.5 657.71,240.3L659.69,242.38C659.223,242.86 658.673,243.197 658.04,243.39C657.407,243.583 656.803,243.68 656.23,243.68C655.483,243.68 654.78,243.56 654.12,243.32C653.46,243.08 652.887,242.737 652.4,242.29C651.913,241.843 651.53,241.307 651.25,240.68C650.97,240.053 650.83,239.353 650.83,238.58C650.83,237.807 650.97,237.107 651.25,236.48C651.53,235.853 651.913,235.317 652.4,234.87C652.887,234.423 653.46,234.08 654.12,233.84C654.78,233.6 655.483,233.48 656.23,233.48C656.803,233.48 657.407,233.577 658.04,233.77C658.673,233.963 659.223,234.3 659.69,234.78L657.71,236.86ZM695.35,242.22L695.31,242.22C694.977,242.74 694.533,243.113 693.98,243.34C693.427,243.567 692.843,243.68 692.23,243.68C691.777,243.68 691.34,243.617 690.92,243.49C690.5,243.363 690.13,243.173 689.81,242.92C689.49,242.667 689.237,242.353 689.05,241.98C688.863,241.607 688.77,241.173 688.77,240.68C688.77,240.12 688.873,239.647 689.08,239.26C689.287,238.873 689.567,238.553 689.92,238.3C690.273,238.047 690.677,237.85 691.13,237.71C691.583,237.57 692.053,237.467 692.54,237.4C693.027,237.333 693.513,237.293 694,237.28C694.487,237.267 694.937,237.26 695.35,237.26C695.35,236.727 695.16,236.303 694.78,235.99C694.4,235.677 693.95,235.52 693.43,235.52C692.937,235.52 692.487,235.623 692.08,235.83C691.673,236.037 691.31,236.32 690.99,236.68L689.39,235.04C689.95,234.52 690.603,234.13 691.35,233.87C692.097,233.61 692.87,233.48 693.67,233.48C694.55,233.48 695.273,233.59 695.84,233.81C696.407,234.03 696.86,234.353 697.2,234.78C697.54,235.207 697.777,235.73 697.91,236.35C698.043,236.97 698.11,237.687 698.11,238.5L698.11,243.44L695.35,243.44L695.35,242.22ZM667.39,236.12L664.75,236.12L664.75,239.36C664.75,239.627 664.763,239.87 664.79,240.09C664.817,240.31 664.877,240.5 664.97,240.66C665.063,240.82 665.207,240.943 665.4,241.03C665.593,241.117 665.85,241.16 666.17,241.16C666.33,241.16 666.54,241.143 666.8,241.11C667.06,241.077 667.257,241 667.39,240.88L667.39,243.38C667.057,243.5 666.71,243.58 666.35,243.62C665.99,243.66 665.637,243.68 665.29,243.68C664.783,243.68 664.317,243.627 663.89,243.52C663.463,243.413 663.09,243.243 662.77,243.01C662.45,242.777 662.2,242.473 662.02,242.1C661.84,241.727 661.75,241.273 661.75,240.74L661.75,236.12L659.83,236.12L659.83,233.72L661.75,233.72L661.75,230.84L664.75,230.84L664.75,233.72L667.39,233.72L667.39,236.12ZM648.85,241.76C648.37,242.373 647.763,242.847 647.03,243.18C646.297,243.513 645.537,243.68 644.75,243.68C644.003,243.68 643.3,243.56 642.64,243.32C641.98,243.08 641.407,242.737 640.92,242.29C640.433,241.843 640.05,241.307 639.77,240.68C639.49,240.053 639.35,239.353 639.35,238.58C639.35,237.807 639.49,237.107 639.77,236.48C640.05,235.853 640.433,235.317 640.92,234.87C641.407,234.423 641.98,234.08 642.64,233.84C643.3,233.6 644.003,233.48 644.75,233.48C645.443,233.48 646.073,233.6 646.64,233.84C647.207,234.08 647.687,234.423 648.08,234.87C648.473,235.317 648.777,235.853 648.99,236.48C649.203,237.107 649.31,237.807 649.31,238.58L649.31,239.52L642.35,239.52C642.47,240.093 642.73,240.55 643.13,240.89C643.53,241.23 644.023,241.4 644.61,241.4C645.103,241.4 645.52,241.29 645.86,241.07C646.2,240.85 646.497,240.567 646.75,240.22L648.85,241.76ZM668.55,238.58C668.55,237.807 668.69,237.107 668.97,236.48C669.25,235.853 669.633,235.317 670.12,234.87C670.607,234.423 671.18,234.08 671.84,233.84C672.5,233.6 673.203,233.48 673.95,233.48C674.697,233.48 675.4,233.6 676.06,233.84C676.72,234.08 677.293,234.423 677.78,234.87C678.267,235.317 678.65,235.853 678.93,236.48C679.21,237.107 679.35,237.807 679.35,238.58C679.35,239.353 679.21,240.053 678.93,240.68C678.65,241.307 678.267,241.843 677.78,242.29C677.293,242.737 676.72,243.08 676.06,243.32C675.4,243.56 674.697,243.68 673.95,243.68C673.203,243.68 672.5,243.56 671.84,243.32C671.18,243.08 670.607,242.737 670.12,242.29C669.633,241.843 669.25,241.307 668.97,240.68C668.69,240.053 668.55,239.353 668.55,238.58ZM710.19,243.44L707.43,243.44L707.43,242.16L707.39,242.16C707.27,242.333 707.113,242.51 706.92,242.69C706.727,242.87 706.5,243.033 706.24,243.18C705.98,243.327 705.693,243.447 705.38,243.54C705.067,243.633 704.743,243.68 704.41,243.68C703.69,243.68 703.037,243.557 702.45,243.31C701.863,243.063 701.36,242.717 700.94,242.27C700.52,241.823 700.197,241.293 699.97,240.68C699.743,240.067 699.63,239.393 699.63,238.66C699.63,237.98 699.733,237.33 699.94,236.71C700.147,236.09 700.44,235.54 700.82,235.06C701.2,234.58 701.663,234.197 702.21,233.91C702.757,233.623 703.377,233.48 704.07,233.48C704.697,233.48 705.28,233.577 705.82,233.77C706.36,233.963 706.803,234.293 707.15,234.76L707.19,234.76L707.19,228.32L710.19,228.32L710.19,243.44ZM681.11,233.72L684.11,233.72L684.11,235.28L684.15,235.28C684.47,234.68 684.85,234.23 685.29,233.93C685.73,233.63 686.283,233.48 686.95,233.48C687.123,233.48 687.297,233.487 687.47,233.5C687.643,233.513 687.803,233.54 687.95,233.58L687.95,236.32C687.737,236.253 687.527,236.203 687.32,236.17C687.113,236.137 686.897,236.12 686.67,236.12C686.097,236.12 685.643,236.2 685.31,236.36C684.977,236.52 684.72,236.743 684.54,237.03C684.36,237.317 684.243,237.66 684.19,238.06C684.137,238.46 684.11,238.9 684.11,239.38L684.11,243.44L681.11,243.44L681.11,233.72ZM694.61,239.18C694.383,239.18 694.1,239.19 693.76,239.21C693.42,239.23 693.093,239.287 692.78,239.38C692.467,239.473 692.2,239.613 691.98,239.8C691.76,239.987 691.65,240.247 691.65,240.58C691.65,240.94 691.803,241.207 692.11,241.38C692.417,241.553 692.737,241.64 693.07,241.64C693.363,241.64 693.647,241.6 693.92,241.52C694.193,241.44 694.437,241.327 694.65,241.18C694.863,241.033 695.033,240.847 695.16,240.62C695.287,240.393 695.35,240.127 695.35,239.82L695.35,239.18L694.61,239.18ZM671.55,238.58C671.55,239.313 671.76,239.907 672.18,240.36C672.6,240.813 673.19,241.04 673.95,241.04C674.71,241.04 675.3,240.813 675.72,240.36C676.14,239.907 676.35,239.313 676.35,238.58C676.35,237.847 676.14,237.253 675.72,236.8C675.3,236.347 674.71,236.12 673.95,236.12C673.19,236.12 672.6,236.347 672.18,236.8C671.76,237.253 671.55,237.847 671.55,238.58ZM707.43,238.58C707.43,237.847 707.22,237.253 706.8,236.8C706.38,236.347 705.79,236.12 705.03,236.12C704.27,236.12 703.68,236.347 703.26,236.8C702.84,237.253 702.63,237.847 702.63,238.58C702.63,239.313 702.84,239.907 703.26,240.36C703.68,240.813 704.27,241.04 705.03,241.04C705.79,241.04 706.38,240.813 706.8,240.36C707.22,239.907 707.43,239.313 707.43,238.58ZM646.31,237.48C646.323,236.973 646.157,236.54 645.81,236.18C645.463,235.82 645.017,235.64 644.47,235.64C644.137,235.64 643.843,235.693 643.59,235.8C643.337,235.907 643.12,236.043 642.94,236.21C642.76,236.377 642.62,236.57 642.52,236.79C642.42,237.01 642.363,237.24 642.35,237.48L646.31,237.48Z"/>
55 |         </g>
56 |     </g>
57 |     <g transform="matrix(1,0,0,1,106.266,-30.2369)">
58 |         <text x="76.358px" y="69.351px" style="font-family:'AvenirNext-Bold', 'Avenir Next', sans-serif;font-weight:700;font-size:16px;">P<tspan x="85.91px 95.734px " y="69.351px 69.351px ">ub</tspan>lic K<tspan x="138.726px 148.262px " y="69.351px 69.351px ">ey</tspan></text>
59 |     </g>
60 |     <g transform="matrix(1,0,0,1,105.162,113.685)">
61 |         <text x="76.358px" y="69.351px" style="font-family:'AvenirNext-Bold', 'Avenir Next', sans-serif;font-weight:700;font-size:16px;">Secr<tspan x="109.446px 118.982px " y="69.351px 69.351px ">et</tspan> K<tspan x="139.83px 149.366px " y="69.351px 69.351px ">ey</tspan></text>
62 |     </g>
63 |     <g transform="matrix(0.171875,0,0,0.171875,628,13.4789)">
64 |         <path d="M192,368.004C192,359.16 199.156,352.004 208,352.004C216.844,352.004 224,359.16 224,368.004C224,376.848 216.844,384.004 208,384.004C199.156,384.004 192,376.848 192,368.004ZM349.328,494.16C345.062,495.379 340.656,496.254 336,496.254C309.484,496.254 288,474.77 288,448.254L288,390.066C288,369.972 300.898,352.91 318.797,346.628C353.164,335.082 384,306.082 384,272.004L384,240C384,224.836 377.812,210.715 368,198.633L368,162.5C368,144.832 353.672,138.781 336,149.004L311.484,163.18C303.633,161.145 295.703,160 288,160L224,160C216.301,160 208.367,161.145 200.516,163.18L176,149.004C158.332,138.781 144,144.832 144,162.5L144,198.633C134.188,210.715 128,224.836 128,240L128,272.004C128,295.285 142.488,316.192 162.578,330.816L162.558,330.847C166.73,333.706 169.503,338.535 169.503,344.003C169.503,352.831 162.327,360.003 153.503,360.003C148.983,360.003 144.929,358.112 142.023,355.097C115.004,334.629 96,305.035 96,272.004L96,240C96,221.477 102.012,204.023 112,188.625L112,140.992C112,105.656 140.645,93.554 176,113.996L203.461,129.883C210.309,128.719 217.172,128 224,128L288,128C294.828,128 301.688,128.719 308.539,129.883L336,113.996C371.359,93.555 400,105.656 400,140.992L400,188.625C409.984,204.023 416,221.477 416,240L416,272.004C416,319.613 376.75,360.145 330.469,376.363C330.414,376.41 330.36,376.535 330.281,376.551C324.265,378.863 320,384.676 320,391.504L320,448.254C320,457.098 327.156,464.254 336,464.254C337.336,464.254 338.562,463.879 339.797,463.566C421.969,430.41 480,350.066 480,256C480,132.285 379.719,32 256,32C132.285,32 32,132.285 32,256C32,353.41 94.254,436.066 181.121,466.895C181.566,466.942 181.973,467.129 182.437,467.129C187.714,467.129 191.999,462.832 191.999,457.567C191.999,452.286 187.714,448.005 182.437,448.005C182.324,448.005 182.324,447.911 182.246,447.864C129.086,446.442 129.027,384.005 112,384.005C103.156,384.005 96,376.849 96,368.005C96,359.161 103.156,352.005 112,352.005L119.988,352.005C152.008,352.005 147.433,416.005 192,416.005C209.668,416.005 224,430.333 224,448.005L224,476.005C224,491.458 211.473,504.005 195.996,504.005C194.308,504.005 192.719,503.661 191.109,503.349C81.203,474.613 0,374.926 0,256C0,114.617 114.617,0 256,0C397.383,0 512,114.617 512,256C512,364.41 444.508,456.848 349.328,494.16Z" style="fill:rgb(23,21,21);"/>
65 |     </g>
66 |     <g transform="matrix(1,0,0,1,-3,0)">
67 |         <g transform="matrix(1,0,0,1,-7.9075,26.845)">
68 |             <text x="426.104px" y="183.249px" style="font-family:'AvenirNext-Bold', 'Avenir Next', sans-serif;font-weight:700;font-size:14px;">AuthorizedK<tspan x="511.546px 519.89px " y="183.249px 183.249px ">ey</tspan>sC<tspan x="544.012px " y="183.249px ">o</tspan>mmand</text>
69 |         </g>
70 |         <g transform="matrix(1,0,0,1,95.3885,46.9965)">
71 |             <text x="426.104px" y="183.249px" style="font-family:'AvenirNext-Bold', 'Avenir Next', sans-serif;font-weight:700;font-size:14px;">sector<tspan x="467.474px 475.398px 478.898px 486.976px 495.32px " y="183.249px 183.249px 183.249px 183.249px 183.249px ">a key</tspan></text>
72 |         </g>
73 |         <path d="M489.652,211.091L601.41,211.091L601.41,201.364L616,215.954L601.41,230.544L601.41,220.817L508.384,220.817L510.806,214.594L508.37,214.594L506.984,219.074L506.942,219.074L505.388,214.594L502.84,214.594L505.482,220.817L501.621,220.817C501.783,220.664 501.927,220.494 502.056,220.306L500.46,219.298C500.301,219.513 500.096,219.688 499.844,219.823C499.592,219.959 499.284,220.026 498.92,220.026C498.715,220.026 498.516,219.994 498.325,219.928C498.134,219.863 497.961,219.772 497.807,219.655C497.653,219.539 497.527,219.401 497.429,219.242C497.331,219.084 497.273,218.906 497.254,218.71L502.308,218.71C502.317,218.626 502.322,218.538 502.322,218.444L502.322,218.164C502.322,217.567 502.236,217.035 502.063,216.568C501.89,216.102 501.65,215.705 501.342,215.378C501.034,215.052 500.665,214.802 500.236,214.629C499.807,214.457 499.335,214.37 498.822,214.37C498.29,214.37 497.795,214.459 497.338,214.636C496.881,214.814 496.484,215.063 496.148,215.385C495.812,215.707 495.546,216.099 495.35,216.561C495.154,217.023 495.056,217.539 495.056,218.108C495.056,218.696 495.156,219.219 495.357,219.676C495.555,220.127 495.825,220.507 496.168,220.817L494.269,220.817L492.018,217.744L494.706,214.594L491.92,214.594L489.694,217.422L489.652,217.422L489.652,211.091ZM491.465,220.817L489.652,220.817L489.652,218.22L489.694,218.22L491.465,220.817ZM469.17,211.091L487.342,211.091L487.342,220.817L481.699,220.817C481.861,220.664 482.005,220.494 482.134,220.306L480.538,219.298C480.379,219.513 480.174,219.688 479.922,219.823C479.67,219.959 479.362,220.026 478.998,220.026C478.793,220.026 478.594,219.994 478.403,219.928C478.212,219.863 478.039,219.772 477.885,219.655C477.731,219.539 477.605,219.401 477.507,219.242C477.409,219.084 477.351,218.906 477.332,218.71L482.386,218.71C482.395,218.626 482.4,218.538 482.4,218.444L482.4,218.164C482.4,217.567 482.314,217.035 482.141,216.568C481.968,216.102 481.728,215.705 481.42,215.378C481.112,215.052 480.743,214.802 480.314,214.629C479.885,214.457 479.413,214.37 478.9,214.37C478.368,214.37 477.873,214.459 477.416,214.636C476.959,214.814 476.562,215.063 476.226,215.385C475.89,215.707 475.624,216.099 475.428,216.561C475.232,217.023 475.134,217.539 475.134,218.108C475.134,218.696 475.234,219.219 475.435,219.676C475.633,220.127 475.903,220.507 476.246,220.817L473.748,220.817L473.748,217.254C473.748,216.909 473.704,216.564 473.615,216.218C473.526,215.873 473.382,215.567 473.181,215.301C472.98,215.035 472.719,214.818 472.397,214.65C472.075,214.482 471.676,214.398 471.2,214.398C470.715,214.398 470.299,214.508 469.954,214.727C469.609,214.947 469.357,215.196 469.198,215.476L469.17,215.476L469.17,211.091ZM469.17,220.817L469.17,217.8C469.17,217.38 469.277,217.028 469.492,216.743C469.707,216.459 470.015,216.316 470.416,216.316C470.621,216.316 470.789,216.356 470.92,216.435C471.051,216.515 471.156,216.622 471.235,216.757C471.314,216.893 471.368,217.049 471.396,217.226C471.424,217.404 471.438,217.59 471.438,217.786L471.438,220.817L469.17,220.817ZM452.132,211.091L466.874,211.091L466.874,220.817L465.686,220.817L465.67,219.844C465.586,219.882 465.481,219.91 465.355,219.928C465.229,219.947 465.11,219.956 464.998,219.956C464.671,219.956 464.445,219.875 464.319,219.711C464.193,219.548 464.13,219.303 464.13,218.976L464.13,216.316L465.768,216.316L465.768,214.594L464.13,214.594L464.13,212.76L461.876,212.76L461.876,214.594L460.77,214.594L460.77,216.316L461.89,216.316L461.89,219.256C461.89,219.63 461.932,219.968 462.016,220.271C462.071,220.472 462.15,220.654 462.253,220.817L456.749,220.817L454.498,217.744L457.186,214.594L454.4,214.594L452.174,217.422L452.132,217.422L452.132,211.091ZM453.945,220.817L452.132,220.817L452.132,218.22L452.174,218.22L453.945,220.817ZM428.108,211.091L449.822,211.091L449.822,220.817L448.835,220.817L447.624,219.34C447.484,219.508 447.3,219.637 447.071,219.725C446.842,219.814 446.611,219.858 446.378,219.858C446.126,219.858 445.9,219.812 445.699,219.718C445.498,219.625 445.326,219.497 445.181,219.333C445.036,219.17 444.927,218.981 444.852,218.766C444.777,218.552 444.74,218.323 444.74,218.08C444.74,217.838 444.78,217.609 444.859,217.394C444.938,217.18 445.048,216.991 445.188,216.827C445.328,216.664 445.496,216.533 445.692,216.435C445.888,216.337 446.107,216.288 446.35,216.288C446.583,216.288 446.812,216.34 447.036,216.442C447.26,216.545 447.437,216.68 447.568,216.848L448.898,215.308C448.758,215.168 448.592,215.04 448.401,214.923C448.21,214.807 448,214.709 447.771,214.629C447.542,214.55 447.304,214.487 447.057,214.44C446.81,214.394 446.56,214.37 446.308,214.37C445.767,214.37 445.258,214.457 444.782,214.629C444.306,214.802 443.893,215.049 443.543,215.371C443.193,215.693 442.918,216.083 442.717,216.54C442.516,216.998 442.416,217.511 442.416,218.08C442.416,218.659 442.516,219.177 442.717,219.634C442.918,220.092 443.193,220.481 443.543,220.803L443.559,220.817L440.637,220.817C440.799,220.664 440.943,220.494 441.072,220.306L439.476,219.298C439.317,219.513 439.112,219.688 438.86,219.823C438.608,219.959 438.3,220.026 437.936,220.026C437.731,220.026 437.532,219.994 437.341,219.928C437.15,219.863 436.977,219.772 436.823,219.655C436.669,219.539 436.543,219.401 436.445,219.242C436.347,219.084 436.289,218.906 436.27,218.71L441.324,218.71C441.333,218.626 441.338,218.538 441.338,218.444L441.338,218.164C441.338,217.567 441.252,217.035 441.079,216.568C440.906,216.102 440.666,215.705 440.358,215.378C440.05,215.052 439.681,214.802 439.252,214.629C438.823,214.457 438.351,214.37 437.838,214.37C437.306,214.37 436.811,214.459 436.354,214.636C435.897,214.814 435.5,215.063 435.164,215.385C434.828,215.707 434.562,216.099 434.366,216.561C434.17,217.023 434.072,217.539 434.072,218.108C434.072,218.696 434.172,219.219 434.373,219.676C434.571,220.127 434.841,220.507 435.184,220.817L432.686,220.817L432.686,217.254C432.686,216.909 432.642,216.564 432.553,216.218C432.464,215.873 432.32,215.567 432.119,215.301C431.918,215.035 431.657,214.818 431.335,214.65C431.013,214.482 430.614,214.398 430.138,214.398C429.653,214.398 429.237,214.508 428.892,214.727C428.547,214.947 428.295,215.196 428.136,215.476L428.108,215.476L428.108,211.091ZM428.108,220.817L428.108,217.8C428.108,217.38 428.215,217.028 428.43,216.743C428.645,216.459 428.953,216.316 429.354,216.316C429.559,216.316 429.727,216.356 429.858,216.435C429.989,216.515 430.094,216.622 430.173,216.757C430.252,216.893 430.306,217.049 430.334,217.226C430.362,217.404 430.376,217.59 430.376,217.786L430.376,220.817L428.108,220.817ZM425.812,211.091L425.812,220.817L424.811,220.817L423.6,219.34C423.46,219.508 423.276,219.637 423.047,219.725C422.818,219.814 422.587,219.858 422.354,219.858C422.102,219.858 421.876,219.812 421.675,219.718C421.474,219.625 421.302,219.497 421.157,219.333C421.012,219.17 420.903,218.981 420.828,218.766C420.753,218.552 420.716,218.323 420.716,218.08C420.716,217.838 420.756,217.609 420.835,217.394C420.914,217.18 421.024,216.991 421.164,216.827C421.304,216.664 421.472,216.533 421.668,216.435C421.864,216.337 422.083,216.288 422.326,216.288C422.559,216.288 422.788,216.34 423.012,216.442C423.236,216.545 423.413,216.68 423.544,216.848L424.874,215.308C424.734,215.168 424.568,215.04 424.377,214.923C424.186,214.807 423.976,214.709 423.747,214.629C423.518,214.55 423.28,214.487 423.033,214.44C422.786,214.394 422.536,214.37 422.284,214.37C421.743,214.37 421.234,214.457 420.758,214.629C420.282,214.802 419.869,215.049 419.519,215.371C419.169,215.693 418.894,216.083 418.693,216.54C418.492,216.998 418.392,217.511 418.392,218.08C418.392,218.659 418.492,219.177 418.693,219.634C418.894,220.092 419.169,220.481 419.519,220.803L419.535,220.817L418,220.817L418,211.091L425.812,211.091ZM500.208,217.282C500.208,216.918 500.094,216.606 499.865,216.344C499.636,216.083 499.293,215.952 498.836,215.952C498.612,215.952 498.407,215.987 498.22,216.057C498.033,216.127 497.87,216.223 497.73,216.344C497.59,216.466 497.478,216.608 497.394,216.771C497.31,216.935 497.263,217.105 497.254,217.282L500.208,217.282ZM480.286,217.282C480.286,216.918 480.172,216.606 479.943,216.344C479.714,216.083 479.371,215.952 478.914,215.952C478.69,215.952 478.485,215.987 478.298,216.057C478.111,216.127 477.948,216.223 477.808,216.344C477.668,216.466 477.556,216.608 477.472,216.771C477.388,216.935 477.341,217.105 477.332,217.282L480.286,217.282ZM439.224,217.282C439.224,216.918 439.11,216.606 438.881,216.344C438.652,216.083 438.309,215.952 437.852,215.952C437.628,215.952 437.423,215.987 437.236,216.057C437.049,216.127 436.886,216.223 436.746,216.344C436.606,216.466 436.494,216.608 436.41,216.771C436.326,216.935 436.279,217.105 436.27,217.282L439.224,217.282Z"/>
74 |     </g>
75 |     <g transform="matrix(1,0,0,1,-3,0)">
76 |         <path d="M552.596,252.21L601.41,252.21L601.41,242.484L616,257.073L601.41,271.663L601.41,261.937L596.576,261.937C596.855,261.751 597.081,261.509 597.256,261.21C597.433,260.907 597.522,260.536 597.522,260.097C597.522,259.761 597.457,259.472 597.326,259.229C597.195,258.987 597.023,258.781 596.808,258.613C596.593,258.445 596.353,258.31 596.087,258.207C595.821,258.105 595.557,258.025 595.296,257.969C594.848,257.867 594.524,257.773 594.323,257.689C594.122,257.605 594.022,257.465 594.022,257.269C594.022,257.064 594.113,256.919 594.295,256.835C594.477,256.751 594.675,256.709 594.89,256.709C595.17,256.709 595.436,256.77 595.688,256.891C595.94,257.013 596.159,257.162 596.346,257.339L597.606,256.037C597.261,255.711 596.838,255.466 596.339,255.302C595.84,255.139 595.329,255.057 594.806,255.057C594.47,255.057 594.132,255.102 593.791,255.19C593.45,255.279 593.14,255.417 592.86,255.603C592.58,255.79 592.351,256.03 592.174,256.324C591.997,256.618 591.908,256.975 591.908,257.395C591.908,257.722 591.969,258.002 592.09,258.235C592.211,258.469 592.368,258.665 592.559,258.823C592.75,258.982 592.967,259.108 593.21,259.201C593.453,259.295 593.695,259.369 593.938,259.425C594.414,259.537 594.764,259.645 594.988,259.747C595.212,259.85 595.324,260.009 595.324,260.223C595.324,260.447 595.233,260.604 595.051,260.692C594.869,260.781 594.685,260.825 594.498,260.825C594.162,260.825 593.845,260.751 593.546,260.601C593.247,260.452 592.995,260.265 592.79,260.041L591.502,261.399C591.717,261.608 591.963,261.788 592.241,261.937L590.508,261.937L590.508,257.941C590.508,257.615 590.464,257.281 590.375,256.94C590.286,256.6 590.144,256.292 589.948,256.016C589.752,255.741 589.493,255.517 589.171,255.344C588.849,255.172 588.45,255.085 587.974,255.085C587.451,255.085 587.008,255.193 586.644,255.407C586.28,255.622 585.981,255.911 585.748,256.275C585.552,255.893 585.279,255.599 584.929,255.393C584.579,255.188 584.152,255.085 583.648,255.085C583.387,255.085 583.146,255.118 582.927,255.183C582.708,255.249 582.509,255.335 582.332,255.442C582.155,255.55 582.003,255.673 581.877,255.813C581.751,255.953 581.646,256.098 581.562,256.247L581.534,256.247L581.534,255.281L579.308,255.281L579.308,261.937L577.6,261.937L577.6,258.739C577.6,258.105 577.542,257.556 577.425,257.094C577.308,256.632 577.124,256.25 576.872,255.946C576.62,255.643 576.291,255.419 575.885,255.274C575.479,255.13 574.982,255.057 574.394,255.057C573.825,255.057 573.267,255.155 572.721,255.351C572.175,255.547 571.697,255.841 571.286,256.233L572.448,257.479C572.663,257.283 572.922,257.115 573.225,256.975C573.528,256.835 573.843,256.765 574.17,256.765C574.525,256.765 574.823,256.847 575.066,257.01C575.309,257.174 575.43,257.428 575.43,257.773L575.43,257.885C574.926,257.885 574.408,257.913 573.876,257.969C573.344,258.025 572.861,258.137 572.427,258.305C571.993,258.473 571.638,258.711 571.363,259.019C571.088,259.327 570.95,259.733 570.95,260.237C570.95,260.648 571.029,260.993 571.188,261.273C571.344,261.549 571.543,261.77 571.784,261.937L568.769,261.937C569.174,261.695 569.509,261.38 569.774,260.993L568.178,259.985C568.019,260.2 567.814,260.375 567.562,260.51C567.31,260.646 567.002,260.713 566.638,260.713C566.433,260.713 566.234,260.681 566.043,260.615C565.852,260.55 565.679,260.459 565.525,260.342C565.371,260.226 565.245,260.088 565.147,259.929C565.049,259.771 564.991,259.593 564.972,259.397L570.026,259.397C570.035,259.313 570.04,259.225 570.04,259.131L570.04,258.851C570.04,258.254 569.954,257.722 569.781,257.255C569.608,256.789 569.368,256.392 569.06,256.065C568.752,255.739 568.383,255.489 567.954,255.316C567.525,255.144 567.053,255.057 566.54,255.057C566.008,255.057 565.513,255.146 565.056,255.323C564.599,255.501 564.202,255.75 563.866,256.072C563.53,256.394 563.264,256.786 563.068,257.248C562.872,257.71 562.774,258.226 562.774,258.795C562.774,259.383 562.874,259.906 563.075,260.363C563.276,260.821 563.551,261.206 563.901,261.518C564.079,261.677 564.271,261.816 564.479,261.937L561.971,261.937L561.948,260.531C561.864,260.569 561.759,260.597 561.633,260.615C561.507,260.634 561.388,260.643 561.276,260.643C560.949,260.643 560.723,260.562 560.597,260.398C560.471,260.235 560.408,259.99 560.408,259.663L560.408,257.003L562.046,257.003L562.046,255.281L560.408,255.281L560.408,253.447L558.154,253.447L558.154,255.281L557.048,255.281L557.048,257.003L558.168,257.003L558.168,259.943C558.168,260.317 558.21,260.655 558.294,260.958C558.378,261.262 558.516,261.523 558.707,261.742C558.768,261.812 558.836,261.877 558.909,261.937L552.596,261.937L552.596,252.21ZM586.056,261.937L586.056,258.487C586.056,258.291 586.079,258.102 586.126,257.92C586.173,257.738 586.245,257.577 586.343,257.437C586.441,257.297 586.562,257.185 586.707,257.101C586.852,257.017 587.022,256.975 587.218,256.975C587.423,256.975 587.589,257.015 587.715,257.094C587.841,257.174 587.941,257.279 588.016,257.409C588.091,257.54 588.142,257.696 588.17,257.878C588.198,258.06 588.212,258.249 588.212,258.445L588.212,261.937L586.056,261.937ZM581.618,261.937L581.618,258.473C581.618,258.053 581.718,257.699 581.919,257.409C582.12,257.12 582.402,256.975 582.766,256.975C583.111,256.975 583.363,257.092 583.522,257.325C583.681,257.559 583.76,257.876 583.76,258.277L583.76,261.937L581.618,261.937ZM575.5,261.937L575.074,261.937C575.23,261.815 575.359,261.674 575.458,261.511L575.5,261.511L575.5,261.937ZM550.482,261.937L549.889,261.937C550.118,261.774 550.307,261.576 550.454,261.343L550.482,261.343L550.482,261.937ZM550.3,252.21L550.3,256.023L550.272,256.023C550.076,255.79 549.801,255.575 549.446,255.379C549.091,255.183 548.657,255.085 548.144,255.085C547.64,255.085 547.185,255.183 546.779,255.379C546.373,255.575 546.028,255.841 545.743,256.177C545.458,256.513 545.239,256.903 545.085,257.346C544.931,257.79 544.854,258.254 544.854,258.739C544.854,259.225 544.929,259.691 545.078,260.139C545.227,260.587 545.444,260.982 545.729,261.322C545.928,261.56 546.157,261.765 546.417,261.937L543.468,261.937L543.468,257.941C543.468,257.596 543.424,257.251 543.335,256.905C543.246,256.56 543.102,256.254 542.901,255.988C542.7,255.722 542.437,255.505 542.11,255.337C541.783,255.169 541.387,255.085 540.92,255.085C540.677,255.085 540.449,255.118 540.234,255.183C540.019,255.249 539.821,255.333 539.639,255.435C539.457,255.538 539.298,255.662 539.163,255.806C539.028,255.951 538.918,256.098 538.834,256.247L538.806,256.247L538.806,255.281L536.58,255.281L536.58,261.937L534.872,261.937L534.872,258.739C534.872,258.105 534.814,257.556 534.697,257.094C534.58,256.632 534.396,256.25 534.144,255.946C533.892,255.643 533.563,255.419 533.157,255.274C532.751,255.13 532.254,255.057 531.666,255.057C531.097,255.057 530.539,255.155 529.993,255.351C529.447,255.547 528.969,255.841 528.558,256.233L529.72,257.479C529.935,257.283 530.194,257.115 530.497,256.975C530.8,256.835 531.115,256.765 531.442,256.765C531.797,256.765 532.095,256.847 532.338,257.01C532.581,257.174 532.702,257.428 532.702,257.773L532.702,257.885C532.198,257.885 531.68,257.913 531.148,257.969C530.616,258.025 530.133,258.137 529.699,258.305C529.265,258.473 528.91,258.711 528.635,259.019C528.36,259.327 528.222,259.733 528.222,260.237C528.222,260.648 528.301,260.993 528.46,261.273C528.616,261.549 528.815,261.77 529.056,261.937L522.457,261.937C522.862,261.695 523.197,261.38 523.462,260.993L521.866,259.985C521.707,260.2 521.502,260.375 521.25,260.51C520.998,260.646 520.69,260.713 520.326,260.713C520.121,260.713 519.922,260.681 519.731,260.615C519.54,260.55 519.367,260.459 519.213,260.342C519.059,260.226 518.933,260.088 518.835,259.929C518.737,259.771 518.679,259.593 518.66,259.397L523.714,259.397C523.723,259.313 523.728,259.225 523.728,259.131L523.728,258.851C523.728,258.254 523.642,257.722 523.469,257.255C523.296,256.789 523.056,256.392 522.748,256.065C522.44,255.739 522.071,255.489 521.642,255.316C521.213,255.144 520.741,255.057 520.228,255.057C519.696,255.057 519.201,255.146 518.744,255.323C518.287,255.501 517.89,255.75 517.554,256.072C517.218,256.394 516.952,256.786 516.756,257.248C516.56,257.71 516.462,258.226 516.462,258.795C516.462,259.383 516.562,259.906 516.763,260.363C516.964,260.821 517.239,261.206 517.589,261.518C517.767,261.677 517.959,261.816 518.167,261.937L515.076,261.937L515.076,257.941C515.076,257.615 515.032,257.281 514.943,256.94C514.854,256.6 514.712,256.292 514.516,256.016C514.32,255.741 514.061,255.517 513.739,255.344C513.417,255.172 513.018,255.085 512.542,255.085C512.019,255.085 511.576,255.193 511.212,255.407C510.848,255.622 510.549,255.911 510.316,256.275C510.12,255.893 509.847,255.599 509.497,255.393C509.147,255.188 508.72,255.085 508.216,255.085C507.955,255.085 507.714,255.118 507.495,255.183C507.276,255.249 507.077,255.335 506.9,255.442C506.723,255.55 506.571,255.673 506.445,255.813C506.319,255.953 506.214,256.098 506.13,256.247L506.102,256.247L506.102,255.281L503.876,255.281L503.876,261.937L502.168,261.937L502.168,258.739C502.168,258.105 502.11,257.556 501.993,257.094C501.876,256.632 501.692,256.25 501.44,255.946C501.188,255.643 500.859,255.419 500.453,255.274C500.047,255.13 499.55,255.057 498.962,255.057C498.393,255.057 497.835,255.155 497.289,255.351C496.743,255.547 496.265,255.841 495.854,256.233L497.016,257.479C497.231,257.283 497.49,257.115 497.793,256.975C498.096,256.835 498.411,256.765 498.738,256.765C499.093,256.765 499.391,256.847 499.634,257.01C499.877,257.174 499.998,257.428 499.998,257.773L499.998,257.885C499.494,257.885 498.976,257.913 498.444,257.969C497.912,258.025 497.429,258.137 496.995,258.305C496.561,258.473 496.206,258.711 495.931,259.019C495.656,259.327 495.518,259.733 495.518,260.237C495.518,260.648 495.597,260.993 495.756,261.273C495.912,261.549 496.111,261.77 496.352,261.937L494.216,261.937L494.216,257.941C494.216,257.596 494.172,257.251 494.083,256.905C493.994,256.56 493.85,256.254 493.649,255.988C493.448,255.722 493.185,255.505 492.858,255.337C492.531,255.169 492.135,255.085 491.668,255.085C491.425,255.085 491.197,255.118 490.982,255.183C490.767,255.249 490.569,255.333 490.387,255.435C490.205,255.538 490.046,255.662 489.911,255.806C489.776,255.951 489.666,256.098 489.582,256.247L489.554,256.247L489.554,255.281L487.328,255.281L487.328,261.937L481.129,261.937C481.534,261.695 481.869,261.38 482.134,260.993L480.538,259.985C480.379,260.2 480.174,260.375 479.922,260.51C479.67,260.646 479.362,260.713 478.998,260.713C478.793,260.713 478.594,260.681 478.403,260.615C478.212,260.55 478.039,260.459 477.885,260.342C477.731,260.226 477.605,260.088 477.507,259.929C477.409,259.771 477.351,259.593 477.332,259.397L482.386,259.397C482.395,259.313 482.4,259.225 482.4,259.131L482.4,258.851C482.4,258.254 482.314,257.722 482.141,257.255C481.968,256.789 481.728,256.392 481.42,256.065C481.112,255.739 480.743,255.489 480.314,255.316C479.885,255.144 479.413,255.057 478.9,255.057C478.368,255.057 477.873,255.146 477.416,255.323C476.959,255.501 476.562,255.75 476.226,256.072C475.89,256.394 475.624,256.786 475.428,257.248C475.232,257.71 475.134,258.226 475.134,258.795C475.134,259.383 475.234,259.906 475.435,260.363C475.636,260.821 475.911,261.206 476.261,261.518C476.439,261.677 476.631,261.816 476.839,261.937L473.748,261.937L473.748,257.941C473.748,257.596 473.704,257.251 473.615,256.905C473.526,256.56 473.382,256.254 473.181,255.988C472.98,255.722 472.719,255.505 472.397,255.337C472.075,255.169 471.676,255.085 471.2,255.085C470.715,255.085 470.299,255.195 469.954,255.414C469.609,255.634 469.357,255.883 469.198,256.163L469.17,256.163L469.17,252.21L550.3,252.21ZM538.89,261.937L538.89,258.473C538.89,258.277 538.916,258.088 538.967,257.906C539.018,257.724 539.095,257.563 539.198,257.423C539.301,257.283 539.429,257.174 539.583,257.094C539.737,257.015 539.917,256.975 540.122,256.975C540.327,256.975 540.498,257.015 540.633,257.094C540.768,257.174 540.873,257.281 540.948,257.416C541.023,257.552 541.076,257.708 541.109,257.885C541.142,258.063 541.158,258.249 541.158,258.445L541.158,261.937L538.89,261.937ZM532.772,261.937L532.346,261.937C532.502,261.815 532.631,261.674 532.73,261.511L532.772,261.511L532.772,261.937ZM510.624,261.937L510.624,258.487C510.624,258.291 510.647,258.102 510.694,257.92C510.741,257.738 510.813,257.577 510.911,257.437C511.009,257.297 511.13,257.185 511.275,257.101C511.42,257.017 511.59,256.975 511.786,256.975C511.991,256.975 512.157,257.015 512.283,257.094C512.409,257.174 512.509,257.279 512.584,257.409C512.659,257.54 512.71,257.696 512.738,257.878C512.766,258.06 512.78,258.249 512.78,258.445L512.78,261.937L510.624,261.937ZM506.186,261.937L506.186,258.473C506.186,258.053 506.286,257.699 506.487,257.409C506.688,257.12 506.97,256.975 507.334,256.975C507.679,256.975 507.931,257.092 508.09,257.325C508.249,257.559 508.328,257.876 508.328,258.277L508.328,261.937L506.186,261.937ZM500.068,261.937L499.642,261.937C499.798,261.815 499.927,261.674 500.026,261.511L500.068,261.511L500.068,261.937ZM489.638,261.937L489.638,258.473C489.638,258.277 489.664,258.088 489.715,257.906C489.766,257.724 489.843,257.563 489.946,257.423C490.049,257.283 490.177,257.174 490.331,257.094C490.485,257.015 490.665,256.975 490.87,256.975C491.075,256.975 491.246,257.015 491.381,257.094C491.516,257.174 491.621,257.281 491.696,257.416C491.771,257.552 491.824,257.708 491.857,257.885C491.89,258.063 491.906,258.249 491.906,258.445L491.906,261.937L489.638,261.937ZM469.17,261.937L469.17,258.487C469.17,258.067 469.277,257.715 469.492,257.43C469.707,257.146 470.015,257.003 470.416,257.003C470.621,257.003 470.789,257.043 470.92,257.122C471.051,257.202 471.156,257.309 471.235,257.444C471.314,257.58 471.368,257.736 471.396,257.913C471.424,258.091 471.438,258.277 471.438,258.473L471.438,261.937L469.17,261.937ZM452.132,252.21L466.874,252.21L466.874,261.937L465.693,261.937L465.67,260.531C465.586,260.569 465.481,260.597 465.355,260.615C465.229,260.634 465.11,260.643 464.998,260.643C464.671,260.643 464.445,260.562 464.319,260.398C464.193,260.235 464.13,259.99 464.13,259.663L464.13,257.003L465.768,257.003L465.768,255.281L464.13,255.281L464.13,253.447L461.876,253.447L461.876,255.281L460.77,255.281L460.77,257.003L461.89,257.003L461.89,259.943C461.89,260.317 461.932,260.655 462.016,260.958C462.1,261.262 462.238,261.523 462.429,261.742C462.49,261.812 462.558,261.877 462.631,261.937L457.066,261.937L454.498,258.431L457.186,255.281L454.4,255.281L452.174,258.109L452.132,258.109L452.132,252.21ZM454.24,261.937L452.132,261.937L452.132,258.907L452.174,258.907L454.24,261.937ZM428.108,252.21L449.822,252.21L449.822,261.937L448.433,261.937C448.607,261.832 448.762,261.713 448.898,261.581L447.624,260.027C447.484,260.195 447.3,260.324 447.071,260.412C446.842,260.501 446.611,260.545 446.378,260.545C446.126,260.545 445.9,260.499 445.699,260.405C445.498,260.312 445.326,260.184 445.181,260.02C445.036,259.857 444.927,259.668 444.852,259.453C444.777,259.239 444.74,259.01 444.74,258.767C444.74,258.525 444.78,258.296 444.859,258.081C444.938,257.867 445.048,257.678 445.188,257.514C445.328,257.351 445.496,257.22 445.692,257.122C445.888,257.024 446.107,256.975 446.35,256.975C446.583,256.975 446.812,257.027 447.036,257.129C447.26,257.232 447.437,257.367 447.568,257.535L448.898,255.995C448.758,255.855 448.592,255.727 448.401,255.61C448.21,255.494 448,255.396 447.771,255.316C447.542,255.237 447.304,255.174 447.057,255.127C446.81,255.081 446.56,255.057 446.308,255.057C445.767,255.057 445.258,255.144 444.782,255.316C444.306,255.489 443.893,255.736 443.543,256.058C443.193,256.38 442.918,256.77 442.717,257.227C442.516,257.685 442.416,258.198 442.416,258.767C442.416,259.346 442.516,259.864 442.717,260.321C442.918,260.779 443.193,261.168 443.543,261.49C443.728,261.661 443.931,261.809 444.151,261.937L440.067,261.937C440.472,261.695 440.807,261.38 441.072,260.993L439.476,259.985C439.317,260.2 439.112,260.375 438.86,260.51C438.608,260.646 438.3,260.713 437.936,260.713C437.731,260.713 437.532,260.681 437.341,260.615C437.15,260.55 436.977,260.459 436.823,260.342C436.669,260.226 436.543,260.088 436.445,259.929C436.347,259.771 436.289,259.593 436.27,259.397L441.324,259.397C441.333,259.313 441.338,259.225 441.338,259.131L441.338,258.851C441.338,258.254 441.252,257.722 441.079,257.255C440.906,256.789 440.666,256.392 440.358,256.065C440.05,255.739 439.681,255.489 439.252,255.316C438.823,255.144 438.351,255.057 437.838,255.057C437.306,255.057 436.811,255.146 436.354,255.323C435.897,255.501 435.5,255.75 435.164,256.072C434.828,256.394 434.562,256.786 434.366,257.248C434.17,257.71 434.072,258.226 434.072,258.795C434.072,259.383 434.172,259.906 434.373,260.363C434.574,260.821 434.849,261.206 435.199,261.518C435.377,261.677 435.569,261.816 435.777,261.937L432.686,261.937L432.686,257.941C432.686,257.596 432.642,257.251 432.553,256.905C432.464,256.56 432.32,256.254 432.119,255.988C431.918,255.722 431.657,255.505 431.335,255.337C431.013,255.169 430.614,255.085 430.138,255.085C429.653,255.085 429.237,255.195 428.892,255.414C428.547,255.634 428.295,255.883 428.136,256.163L428.108,256.163L428.108,252.21ZM428.108,261.937L428.108,258.487C428.108,258.067 428.215,257.715 428.43,257.43C428.645,257.146 428.953,257.003 429.354,257.003C429.559,257.003 429.727,257.043 429.858,257.122C429.989,257.202 430.094,257.309 430.173,257.444C430.252,257.58 430.306,257.736 430.334,257.913C430.362,258.091 430.376,258.277 430.376,258.473L430.376,261.937L428.108,261.937ZM425.812,252.21L425.812,261.937L424.409,261.937C424.583,261.832 424.738,261.713 424.874,261.581L423.6,260.027C423.46,260.195 423.276,260.324 423.047,260.412C422.818,260.501 422.587,260.545 422.354,260.545C422.102,260.545 421.876,260.499 421.675,260.405C421.474,260.312 421.302,260.184 421.157,260.02C421.012,259.857 420.903,259.668 420.828,259.453C420.753,259.239 420.716,259.01 420.716,258.767C420.716,258.525 420.756,258.296 420.835,258.081C420.914,257.867 421.024,257.678 421.164,257.514C421.304,257.351 421.472,257.22 421.668,257.122C421.864,257.024 422.083,256.975 422.326,256.975C422.559,256.975 422.788,257.027 423.012,257.129C423.236,257.232 423.413,257.367 423.544,257.535L424.874,255.995C424.734,255.855 424.568,255.727 424.377,255.61C424.186,255.494 423.976,255.396 423.747,255.316C423.518,255.237 423.28,255.174 423.033,255.127C422.786,255.081 422.536,255.057 422.284,255.057C421.743,255.057 421.234,255.144 420.758,255.316C420.282,255.489 419.869,255.736 419.519,256.058C419.169,256.38 418.894,256.77 418.693,257.227C418.492,257.685 418.392,258.198 418.392,258.767C418.392,259.346 418.492,259.864 418.693,260.321C418.894,260.779 419.169,261.168 419.519,261.49C419.704,261.661 419.907,261.809 420.127,261.937L418,261.937L418,252.21L425.812,252.21ZM532.772,259.215L532.478,259.215C532.226,259.215 531.972,259.227 531.715,259.25C531.458,259.274 531.23,259.318 531.029,259.383C530.828,259.449 530.663,259.544 530.532,259.67C530.401,259.796 530.336,259.962 530.336,260.167C530.336,260.298 530.366,260.41 530.427,260.503C530.488,260.597 530.565,260.671 530.658,260.727C530.751,260.783 530.859,260.823 530.98,260.846C531.101,260.87 531.218,260.881 531.33,260.881C531.797,260.881 532.154,260.753 532.401,260.496C532.648,260.24 532.772,259.892 532.772,259.453L532.772,259.215ZM500.068,259.215L499.774,259.215C499.522,259.215 499.268,259.227 499.011,259.25C498.754,259.274 498.526,259.318 498.325,259.383C498.124,259.449 497.959,259.544 497.828,259.67C497.697,259.796 497.632,259.962 497.632,260.167C497.632,260.298 497.662,260.41 497.723,260.503C497.784,260.597 497.861,260.671 497.954,260.727C498.047,260.783 498.155,260.823 498.276,260.846C498.397,260.87 498.514,260.881 498.626,260.881C499.093,260.881 499.45,260.753 499.697,260.496C499.944,260.24 500.068,259.892 500.068,259.453L500.068,259.215ZM575.5,259.215L575.206,259.215C574.954,259.215 574.7,259.227 574.443,259.25C574.186,259.274 573.958,259.318 573.757,259.383C573.556,259.449 573.391,259.544 573.26,259.67C573.129,259.796 573.064,259.962 573.064,260.167C573.064,260.298 573.094,260.41 573.155,260.503C573.216,260.597 573.293,260.671 573.386,260.727C573.479,260.783 573.587,260.823 573.708,260.846C573.829,260.87 573.946,260.881 574.058,260.881C574.525,260.881 574.882,260.753 575.129,260.496C575.376,260.24 575.5,259.892 575.5,259.453L575.5,259.215ZM550.398,258.753C550.398,258.529 550.358,258.31 550.279,258.095C550.2,257.881 550.088,257.689 549.943,257.521C549.798,257.353 549.623,257.218 549.418,257.115C549.213,257.013 548.979,256.961 548.718,256.961C548.447,256.961 548.209,257.013 548.004,257.115C547.799,257.218 547.626,257.351 547.486,257.514C547.346,257.678 547.241,257.867 547.171,258.081C547.101,258.296 547.066,258.515 547.066,258.739C547.066,258.963 547.101,259.185 547.171,259.404C547.241,259.624 547.346,259.817 547.486,259.985C547.626,260.153 547.799,260.289 548.004,260.391C548.209,260.494 548.447,260.545 548.718,260.545C548.979,260.545 549.213,260.494 549.418,260.391C549.623,260.289 549.798,260.153 549.943,259.985C550.088,259.817 550.2,259.626 550.279,259.411C550.358,259.197 550.398,258.977 550.398,258.753ZM521.614,257.969C521.614,257.605 521.5,257.293 521.271,257.031C521.042,256.77 520.699,256.639 520.242,256.639C520.018,256.639 519.813,256.674 519.626,256.744C519.439,256.814 519.276,256.91 519.136,257.031C518.996,257.153 518.884,257.295 518.8,257.458C518.716,257.622 518.669,257.792 518.66,257.969L521.614,257.969ZM439.224,257.969C439.224,257.605 439.11,257.293 438.881,257.031C438.652,256.77 438.309,256.639 437.852,256.639C437.628,256.639 437.423,256.674 437.236,256.744C437.049,256.814 436.886,256.91 436.746,257.031C436.606,257.153 436.494,257.295 436.41,257.458C436.326,257.622 436.279,257.792 436.27,257.969L439.224,257.969ZM567.926,257.969C567.926,257.605 567.812,257.293 567.583,257.031C567.354,256.77 567.011,256.639 566.554,256.639C566.33,256.639 566.125,256.674 565.938,256.744C565.751,256.814 565.588,256.91 565.448,257.031C565.308,257.153 565.196,257.295 565.112,257.458C565.028,257.622 564.981,257.792 564.972,257.969L567.926,257.969ZM480.286,257.969C480.286,257.605 480.172,257.293 479.943,257.031C479.714,256.77 479.371,256.639 478.914,256.639C478.69,256.639 478.485,256.674 478.298,256.744C478.111,256.814 477.948,256.91 477.808,257.031C477.668,257.153 477.556,257.295 477.472,257.458C477.388,257.622 477.341,257.792 477.332,257.969L480.286,257.969Z"/>
77 |         <g transform="matrix(1,0,0,1,-9.1255,67.8183)">
78 |             <text x="426.104px" y="183.249px" style="font-family:'AvenirNext-Bold', 'Avenir Next', sans-serif;font-weight:700;font-size:14px;">Name Service Switch</text>
79 |         </g>
80 |         <g transform="matrix(1,0,0,1,57.7845,88.9758)">
81 |             <text x="426.104px" y="183.249px" style="font-family:'AvenirNext-Bold', 'Avenir Next', sans-serif;font-weight:700;font-size:14px;">libnss_sector<tspan x="513.856px 521.78px " y="183.249px 183.249px ">a.</tspan>so</text>
82 |         </g>
83 |     </g>
84 |     <g transform="matrix(0.726213,0,0,0.771474,10.6338,46.2566)">
85 |         <path d="M292,188.899L292,237.033" style="fill:none;stroke:black;stroke-width:4px;stroke-linejoin:miter;stroke-miterlimit:1;stroke-dasharray:4,8.01,4,8.01;"/>
86 |     </g>
87 |     <g transform="matrix(1,0,0,1,119.816,-23.8056)">
88 |         <text x="426.104px" y="183.249px" style="font-family:'AvenirNext-Bold', 'Avenir Next', sans-serif;font-weight:700;font-size:14px;">Get da<tspan x="470.918px " y="183.249px ">t</tspan>a via <tspan x="510.804px 521.01px " y="183.249px 183.249px ">AP</tspan>I</text>
89 |     </g>
90 |     <g transform="matrix(1,0,0,1,-59.0275,-136.684)">
91 |         <text x="426.104px" y="183.249px" style="font-family:'AvenirNext-Bold', 'Avenir Next', sans-serif;font-weight:700;font-size:14px;">Upload to GitHub</text>
92 |     </g>
93 | </svg>
94 | 


--------------------------------------------------------------------------------
/rustfmt.toml:
--------------------------------------------------------------------------------
1 | max_width = 120
2 | indent_style = "Visual"
3 | reorder_imports = true
4 | match_block_trailing_comma = false
5 | trailing_comma = "Vertical"
6 | fn_single_line = true
7 | struct_lit_single_line = true
8 | fn_args_layout = "Compressed"
9 | 


--------------------------------------------------------------------------------
/src/applog.rs:
--------------------------------------------------------------------------------
 1 | use std::env;
 2 | use std::str::FromStr;
 3 | 
 4 | pub fn init(appname: Option<&str>) {
 5 |     let log_level_text = include_str!(concat!(env!("OUT_DIR"), "/log-level.txt"));
 6 |     let log_level_env = env::var("LOG_LEVEL").unwrap_or(log_level_text.to_string());
 7 |     let log_level = log::LevelFilter::from_str(&log_level_env).unwrap_or(log::LevelFilter::Off);
 8 |     syslog::init(syslog::Facility::LOG_AUTH, log_level, appname).unwrap_or_default();
 9 | }
10 | 


--------------------------------------------------------------------------------
/src/buffer.rs:
--------------------------------------------------------------------------------
 1 | use std::ffi::CString;
 2 | use std::io::{Error, ErrorKind};
 3 | 
 4 | #[derive(Debug)]
 5 | pub struct Buffer {
 6 |     buf: *mut libc::c_char,
 7 |     offset: isize,
 8 |     buflen: libc::size_t,
 9 | }
10 | 
11 | impl Buffer {
12 |     pub fn new(buf: *mut libc::c_char, buflen: libc::size_t) -> Self { Self { buf, offset: 0, buflen } }
13 | 
14 |     fn write(&mut self, data: *const libc::c_char, len: usize) -> Result<*mut libc::c_char, Error> {
15 |         if self.buflen < len + self.offset as libc::size_t {
16 |             return Err(Error::new(ErrorKind::AddrNotAvailable, "ERANGE"));
17 |         }
18 |         unsafe {
19 |             let pos = self.buf.offset(self.offset);
20 |             #[allow(clippy::unnecessary_cast)]
21 |             std::ptr::copy(data as *mut i8, pos as *mut i8, len);
22 |             self.offset += len as isize;
23 |             self.buflen -= len as libc::size_t;
24 |             Ok(pos)
25 |         }
26 |     }
27 | 
28 |     #[allow(clippy::cast_ptr_alignment)] // NOTE: waiting for align_offset https://github.com/rust-lang/rust/issues/44488
29 |     fn add_pointers(&mut self, ptrs: &[*mut libc::c_char]) -> Result<*mut *mut libc::c_char, Error> {
30 |         use std::mem::size_of;
31 |         let step = std::cmp::max(size_of::<*mut libc::c_char>() / size_of::<libc::c_char>(), 1);
32 |         let align_offset = self.offset % step as isize;
33 |         self.offset += align_offset; // NOTE: remove after stabilization of align_offset
34 |         if self.buflen < (((ptrs.len() + 1) * step) as isize + self.offset) as libc::size_t {
35 |             return Err(Error::new(ErrorKind::AddrNotAvailable, "ERANGE"));
36 |         }
37 |         unsafe {
38 |             let mem = self.buf.offset(self.offset) as *mut *mut libc::c_char;
39 |             for (i, p) in ptrs.iter().enumerate() {
40 |                 *(mem.add(i)) = *p;
41 |                 self.offset += step as isize;
42 |                 self.buflen -= step as libc::size_t;
43 |             }
44 |             *(mem.add(ptrs.len())) = std::ptr::null_mut::<libc::c_char>();
45 |             self.offset += step as isize;
46 |             self.buflen -= step as libc::size_t;
47 |             Ok(mem)
48 |         }
49 |     }
50 | 
51 |     pub fn write_string(&mut self, s: &str) -> Result<*mut libc::c_char, Error> {
52 |         let cs = CString::new(s).unwrap();
53 |         self.write(cs.as_ptr(), s.len() + 1)
54 |     }
55 | 
56 |     pub fn write_vecstr(&mut self, ss: &[&str]) -> Result<*mut *mut libc::c_char, Error> {
57 |         let mut ptrs = Vec::<*mut libc::c_char>::new();
58 |         for s in ss {
59 |             ptrs.push(self.write_string(s)?);
60 |         }
61 |         self.add_pointers(&ptrs)
62 |     }
63 | }
64 | 


--------------------------------------------------------------------------------
/src/connection.rs:
--------------------------------------------------------------------------------
 1 | use crate::applog;
 2 | use crate::error;
 3 | use crate::message::*;
 4 | use crate::structs::SocketConfig as Config;
 5 | use std::os::unix::net::UnixDatagram;
 6 | use std::time::Duration;
 7 | 
 8 | #[derive(Debug)]
 9 | pub struct Connection {
10 |     conf: Config,
11 |     conn: UnixDatagram,
12 | }
13 | 
14 | impl Connection {
15 |     pub fn new(logid: &str) -> Result<Self, error::Error> {
16 |         applog::init(Some("sectora"));
17 |         log::debug!("{}", logid);
18 |         let conf = Config::new();
19 |         let conn = Self::connect_daemon(&conf)?;
20 |         Ok(Self { conf, conn })
21 |     }
22 | 
23 |     fn socket_path(conf: &Config) -> String { format!("{}/{}", &conf.socket_dir, std::process::id()) }
24 | 
25 |     fn connect_daemon(conf: &Config) -> Result<UnixDatagram, error::Error> {
26 |         let socket = UnixDatagram::bind(Self::socket_path(conf))?;
27 |         log::debug!("{:?}", socket);
28 |         socket.set_read_timeout(Some(Duration::from_secs(5)))?;
29 |         socket.connect(&conf.socket_path)?;
30 |         Ok(socket)
31 |     }
32 | 
33 |     pub fn communicate(&self, msg: ClientMessage) -> Result<DaemonMessage, error::Error> {
34 |         self.conn.send(msg.to_string().as_bytes())?;
35 |         let mut msgstr = String::default();
36 |         let mut buf = [0u8; 4096];
37 |         while let Ok(cnt) = self.conn.recv(&mut buf) {
38 |             log::debug!("msg cnt, {}", cnt);
39 |             let msg = String::from_utf8(buf[..cnt].to_vec()).unwrap()
40 |                                                             .parse::<DividedMessage>()?;
41 |             msgstr.push_str(&msg.message);
42 |             if msg.cont {
43 |                 let _ = self.conn.send(ClientMessage::Cont.to_string().as_bytes())?;
44 |             } else {
45 |                 break;
46 |             }
47 |         }
48 |         log::debug!("recieved: {}", msgstr);
49 |         Ok(msgstr.parse::<DaemonMessage>()?)
50 |     }
51 | }
52 | 
53 | impl Drop for Connection {
54 |     fn drop(&mut self) { let _ = std::fs::remove_file(Self::socket_path(&self.conf)); }
55 | }
56 | 


--------------------------------------------------------------------------------
/src/cstructs.rs:
--------------------------------------------------------------------------------
 1 | use crate::buffer::Buffer;
 2 | use std::io::Error;
 3 | 
 4 | #[repr(C)]
 5 | pub struct Passwd {
 6 |     name: *mut libc::c_char,
 7 |     passwd: *mut libc::c_char,
 8 |     uid: libc::uid_t,
 9 |     gid: libc::gid_t,
10 |     gecos: *mut libc::c_char,
11 |     dir: *mut libc::c_char,
12 |     shell: *mut libc::c_char,
13 | }
14 | 
15 | impl Passwd {
16 |     #[allow(clippy::too_many_arguments)]
17 |     fn pack(&mut self, buf: &mut Buffer, name: &str, passwd: &str, uid: libc::uid_t, gid: libc::gid_t, gecos: &str,
18 |             dir: &str, shell: &str)
19 |             -> Result<(), Error> {
20 |         self.name = buf.write_string(name)?;
21 |         self.passwd = buf.write_string(passwd)?;
22 |         self.dir = buf.write_string(dir)?;
23 |         self.shell = buf.write_string(shell)?;
24 |         self.gecos = buf.write_string(gecos)?;
25 |         self.uid = uid;
26 |         self.gid = gid;
27 |         Ok(())
28 |     }
29 | 
30 |     pub fn pack_args(&mut self, buf: &mut Buffer, name: &str, id: u64, gid: u64, home: &str, sh: &str)
31 |                      -> Result<(), Error> {
32 |         self.pack(buf, name, "x", id as libc::uid_t, gid as libc::gid_t, "", home, sh)
33 |     }
34 | }
35 | 
36 | #[repr(C)]
37 | pub struct Spwd {
38 |     namp: *mut libc::c_char,
39 |     pwdp: *mut libc::c_char,
40 |     lstchg: libc::c_long,
41 |     min: libc::c_long,
42 |     max: libc::c_long,
43 |     warn: libc::c_long,
44 |     inact: libc::c_long,
45 |     expire: libc::c_long,
46 |     flag: libc::c_ulong,
47 | }
48 | 
49 | impl Spwd {
50 |     #[allow(clippy::too_many_arguments)]
51 |     fn pack(&mut self, buf: &mut Buffer, namp: &str, pwdp: &str, lstchg: libc::c_long, min: libc::c_long,
52 |             max: libc::c_long, warn: libc::c_long, inact: libc::c_long, expire: libc::c_long, flag: libc::c_ulong)
53 |             -> Result<(), Error> {
54 |         self.namp = buf.write_string(namp)?;
55 |         self.pwdp = buf.write_string(pwdp)?;
56 |         self.lstchg = lstchg;
57 |         self.min = min;
58 |         self.max = max;
59 |         self.warn = warn;
60 |         self.inact = inact;
61 |         self.expire = expire;
62 |         self.flag = flag;
63 |         Ok(())
64 |     }
65 | 
66 |     pub fn pack_args(&mut self, buf: &mut Buffer, name: &str, pass: &str) -> Result<(), Error> {
67 |         self.pack(buf, name, pass, -1, -1, -1, -1, -1, -1, 0)
68 |     }
69 | }
70 | 
71 | #[repr(C)]
72 | pub struct Group {
73 |     name: *mut libc::c_char,
74 |     passwd: *mut libc::c_char,
75 |     gid: libc::gid_t,
76 |     mem: *mut *mut libc::c_char,
77 | }
78 | 
79 | impl Group {
80 |     fn pack(&mut self, buf: &mut Buffer, name: &str, passwd: &str, gid: libc::gid_t, mem: &[&str])
81 |             -> Result<(), Error> {
82 |         self.name = buf.write_string(name)?;
83 |         self.passwd = buf.write_string(passwd)?;
84 |         self.gid = gid;
85 |         self.mem = buf.write_vecstr(mem)?;
86 |         Ok(())
87 |     }
88 | 
89 |     pub fn pack_args(&mut self, buf: &mut Buffer, name: &str, id: u64, members: &[&str]) -> Result<(), Error> {
90 |         self.pack(buf, name, "x", id as libc::gid_t, members)
91 |     }
92 | }
93 | 


--------------------------------------------------------------------------------
/src/daemon.rs:
--------------------------------------------------------------------------------
  1 | mod applog;
  2 | mod error;
  3 | mod ghclient;
  4 | mod message;
  5 | mod statics;
  6 | mod structs;
  7 | 
  8 | use error::Error;
  9 | use ghclient::GithubClient;
 10 | use message::*;
 11 | use statics::CONF_PATH;
 12 | use std::collections::hash_map::Entry;
 13 | use std::collections::{HashMap, VecDeque};
 14 | use std::fs;
 15 | use std::os::unix;
 16 | use std::path::Path;
 17 | use structs::{Config, SocketConfig, UserConfig};
 18 | 
 19 | #[tokio::main]
 20 | async fn main() {
 21 |     applog::init(Some("sectorad"));
 22 |     let mut d = Daemon::new();
 23 |     d.run().await.expect("run");
 24 |     log::debug!("Run stopped");
 25 | }
 26 | 
 27 | struct Daemon {
 28 |     client: GithubClient,
 29 |     socket_conf: SocketConfig,
 30 |     socket: unix::net::UnixDatagram,
 31 |     msg_cache: HashMap<u32, VecDeque<DaemonMessage>>,
 32 | }
 33 | 
 34 | impl Drop for Daemon {
 35 |     fn drop(&mut self) {
 36 |         log::debug!("Drop daemon");
 37 |         let _ = fs::remove_file(&self.socket_conf.socket_path);
 38 |     }
 39 | }
 40 | 
 41 | impl Daemon {
 42 |     fn new() -> Self {
 43 |         let config = Config::from_path(&CONF_PATH).expect("valid config");
 44 |         let socket_conf = SocketConfig::new();
 45 |         fs::create_dir_all(&socket_conf.socket_dir).expect("create socket dir");
 46 |         fs::set_permissions(&socket_conf.socket_dir, unix::fs::PermissionsExt::from_mode(0o777)).unwrap_or_default();
 47 |         if fs::metadata(&socket_conf.socket_path).is_ok() {
 48 |             std::fs::remove_file(&socket_conf.socket_path).expect("remove socket before bind");
 49 |         }
 50 |         let socket = unix::net::UnixDatagram::bind(&socket_conf.socket_path).expect("bind socket");
 51 |         fs::set_permissions(&socket_conf.socket_path, unix::fs::PermissionsExt::from_mode(0o666)).unwrap_or_default();
 52 |         let client = GithubClient::new(&config);
 53 |         log::debug!("Initialised");
 54 |         Daemon { client,
 55 |                  socket_conf,
 56 |                  socket,
 57 |                  msg_cache: HashMap::new() }
 58 |     }
 59 | 
 60 |     async fn run(&mut self) -> Result<(), Error> {
 61 |         let rl = self.client.get_rate_limit().await.expect("get rate limit");
 62 |         log::info!("Rate Limit: {:?}", rl);
 63 |         let sectors = self.client.get_sectors().await.expect("get sectors");
 64 |         log::info!("{} sector[s] loaded", sectors.len());
 65 |         let _ = sd_notify::notify(true, &[sd_notify::NotifyState::Ready]);
 66 |         log::info!("Start running @ {}", &self.socket_conf.socket_path);
 67 |         loop {
 68 |             let mut buf = [0u8; 4096];
 69 |             let (recv_cnt, src) = self.socket.recv_from(&mut buf)?;
 70 |             let msgstr = String::from_utf8(buf[..recv_cnt].to_vec()).expect("decode msg str");
 71 |             log::debug!("recv: {}, src:{:?}", msgstr, src);
 72 |             let response = self.handle(&msgstr.parse::<ClientMessage>().expect("parse ClientMessage"))
 73 |                                .await;
 74 |             log::debug!("-> response: {}", response);
 75 | 
 76 |             let msg = response.to_string();
 77 |             let msgs = message::DividedMessage::new(&msg, 1024);
 78 |             let src_path = src.as_pathname().expect("src");
 79 |             for (i, dividedmsg) in msgs.iter().enumerate() {
 80 |                 match self.socket.send_to(dividedmsg.to_string().as_bytes(), src_path) {
 81 |                     Ok(sendsize) => log::debug!("send: {}", sendsize),
 82 |                     Err(err) => log::warn!("failed to send back to the client {:?}:{}", src, err),
 83 |                 }
 84 |                 if i != msgs.len() - 1 {
 85 |                     let mut buf = [0u8; 4096];
 86 |                     let (recv_cnt, _) = self.socket.recv_from(&mut buf)?;
 87 |                     let msgstr = String::from_utf8(buf[..recv_cnt].to_vec()).expect("decode msg str");
 88 |                     match self.handle(&msgstr.parse::<ClientMessage>().expect("parse ClientMessage"))
 89 |                               .await
 90 |                     {
 91 |                         DaemonMessage::Success => continue,
 92 |                         _ => break,
 93 |                     }
 94 |                 }
 95 |             }
 96 |         }
 97 |     }
 98 | 
 99 |     async fn handle(&mut self, msg: &ClientMessage) -> DaemonMessage {
100 |         match msg {
101 |             ClientMessage::Key { user } => match self.client.get_user_public_keys(user).await {
102 |                 Ok(keys) => DaemonMessage::Key { keys: keys.join("\n") },
103 |                 Err(_) => DaemonMessage::Error { message: String::from("get key failed") },
104 |             },
105 |             ClientMessage::Pam { user } => match self.client.check_pam(user).await {
106 |                 Ok(result) => DaemonMessage::Pam { result },
107 |                 Err(_) => DaemonMessage::Error { message: String::from("check pam failed") },
108 |             },
109 |             ClientMessage::CleanUp => match self.client.clear_all_caches().await {
110 |                 Ok(_) => DaemonMessage::Success,
111 |                 Err(_) => DaemonMessage::Error { message: String::from("clean up failed") },
112 |             },
113 |             ClientMessage::RateLimit => match self.client.get_rate_limit().await {
114 |                 Ok(rl) => DaemonMessage::RateLimit { limit: rl.rate.limit,
115 |                                                      remaining: rl.rate.remaining,
116 |                                                      reset: rl.rate.reset },
117 |                 Err(_) => DaemonMessage::Error { message: String::from("clean up failed") },
118 |             },
119 |             ClientMessage::SectorGroups => match self.client.get_sectors().await {
120 |                 Ok(sectors) => DaemonMessage::SectorGroups { sectors },
121 |                 Err(_) => DaemonMessage::Error { message: String::from("get sectors failed") },
122 |             },
123 |             ClientMessage::Pw(pw) => self.handle_pw(pw).await,
124 |             ClientMessage::Sp(sp) => self.handle_sp(sp).await,
125 |             ClientMessage::Gr(gr) => self.handle_gr(gr).await,
126 |             ClientMessage::Cont => DaemonMessage::Success,
127 |         }
128 |     }
129 | 
130 |     fn get_msg(&mut self, pid: u32) -> DaemonMessage {
131 |         match self.msg_cache.entry(pid) {
132 |             Entry::Occupied(mut o) => match o.get_mut().pop_front() {
133 |                 Some(msg) => msg,
134 |                 None => DaemonMessage::Error { message: String::from("not found") },
135 |             },
136 |             Entry::Vacant(_) => DaemonMessage::Error { message: String::from("not found") },
137 |         }
138 |     }
139 | 
140 |     fn clear_cache(&mut self, pid: u32) -> DaemonMessage {
141 |         self.msg_cache.remove(&pid).unwrap_or_default();
142 |         DaemonMessage::Success
143 |     }
144 | 
145 |     fn get_home_sh(&self, login: &str) -> (String, String) {
146 |         let conf = &self.client.conf;
147 |         let home = conf.home.replace("{}", login);
148 |         let sh: String = match UserConfig::from_path(&Path::new(&home).join(&conf.user_conf_path)) {
149 |             Ok(personal) => match personal.sh {
150 |                 Some(sh) => {
151 |                     if Path::new(&sh).exists() {
152 |                         sh
153 |                     } else {
154 |                         conf.sh.clone()
155 |                     }
156 |                 }
157 |                 None => conf.sh.clone(),
158 |             },
159 |             Err(_) => conf.sh.clone(),
160 |         };
161 |         (home, sh)
162 |     }
163 | 
164 |     fn get_pass(&self, login: &str) -> String {
165 |         let home = self.client.conf.home.replace("{}", login);
166 |         let pass: String = match UserConfig::from_path(&Path::new(&home).join(&self.client.conf.user_conf_path)) {
167 |             Ok(personal) => match personal.pass {
168 |                 Some(pass) => pass,
169 |                 None => String::from("*"),
170 |             },
171 |             Err(_) => String::from("*"),
172 |         };
173 |         pass
174 |     }
175 | 
176 |     async fn handle_pw(&mut self, pw: &Pw) -> DaemonMessage {
177 |         match pw {
178 |             Pw::Uid(uid) => {
179 |                 for sector in self.client.get_sectors().await.unwrap_or_default() {
180 |                     for member in sector.members.values() {
181 |                         if uid == &member.id {
182 |                             let (home, sh) = self.get_home_sh(&member.login);
183 |                             return DaemonMessage::Pw { login: member.login.clone(),
184 |                                                        uid: *uid,
185 |                                                        gid: sector.get_gid(),
186 |                                                        home,
187 |                                                        sh };
188 |                         }
189 |                     }
190 |                 }
191 |             }
192 |             Pw::Nam(name) => {
193 |                 for sector in self.client.get_sectors().await.unwrap_or_default() {
194 |                     for member in sector.members.values() {
195 |                         if name == &member.login {
196 |                             let (home, sh) = self.get_home_sh(&member.login);
197 |                             return DaemonMessage::Pw { login: member.login.clone(),
198 |                                                        uid: member.id,
199 |                                                        gid: sector.get_gid(),
200 |                                                        home,
201 |                                                        sh };
202 |                         }
203 |                     }
204 |                 }
205 |             }
206 |             Pw::Ent(Ent::Set(pid)) => {
207 |                 let mut ents = VecDeque::new();
208 |                 for sector in self.client.get_sectors().await.unwrap_or_default() {
209 |                     for member in sector.members.values() {
210 |                         let (home, sh) = self.get_home_sh(&member.login);
211 |                         let pw = DaemonMessage::Pw { login: member.login.clone(),
212 |                                                      uid: member.id,
213 |                                                      gid: sector.get_gid(),
214 |                                                      home,
215 |                                                      sh };
216 |                         ents.push_back(pw);
217 |                     }
218 |                 }
219 |                 self.msg_cache.insert(*pid, ents).unwrap_or_default();
220 |                 return DaemonMessage::Success;
221 |             }
222 |             Pw::Ent(Ent::Get(pid)) => return self.get_msg(*pid),
223 |             Pw::Ent(Ent::End(pid)) => return self.clear_cache(*pid),
224 |         }
225 |         DaemonMessage::Error { message: String::from("not found") }
226 |     }
227 | 
228 |     async fn handle_sp(&mut self, sp: &Sp) -> DaemonMessage {
229 |         match sp {
230 |             Sp::Nam(name) => {
231 |                 for sector in self.client.get_sectors().await.unwrap_or_default() {
232 |                     if let Some(member) = sector.members.get(name) {
233 |                         let pass = self.get_pass(name);
234 |                         return DaemonMessage::Sp { login: member.login.clone(),
235 |                                                    pass };
236 |                     }
237 |                 }
238 |             }
239 |             Sp::Ent(Ent::Set(pid)) => {
240 |                 let mut ents = VecDeque::new();
241 |                 for sector in self.client.get_sectors().await.unwrap_or_default() {
242 |                     for member in sector.members.values() {
243 |                         let pass = self.get_pass(&member.login);
244 |                         let sp = DaemonMessage::Sp { login: member.login.clone(),
245 |                                                      pass };
246 |                         ents.push_back(sp);
247 |                     }
248 |                 }
249 |                 self.msg_cache.insert(*pid, ents).unwrap_or_default();
250 |                 return DaemonMessage::Success;
251 |             }
252 |             Sp::Ent(Ent::Get(pid)) => return self.get_msg(*pid),
253 |             Sp::Ent(Ent::End(pid)) => return self.clear_cache(*pid),
254 |         }
255 |         DaemonMessage::Error { message: String::from("not found") }
256 |     }
257 | 
258 |     async fn handle_gr(&mut self, gr: &Gr) -> DaemonMessage {
259 |         match gr {
260 |             Gr::Gid(gid) => {
261 |                 for sector in self.client.get_sectors().await.unwrap_or_default() {
262 |                     if gid == &sector.get_gid() {
263 |                         return DaemonMessage::Gr { sector };
264 |                     }
265 |                 }
266 |             }
267 |             Gr::Nam(name) => {
268 |                 for sector in self.client.get_sectors().await.unwrap_or_default() {
269 |                     if name == &sector.get_group() {
270 |                         return DaemonMessage::Gr { sector };
271 |                     }
272 |                 }
273 |             }
274 |             Gr::Ent(Ent::Set(pid)) => {
275 |                 let mut ents = VecDeque::new();
276 |                 for sector in self.client.get_sectors().await.unwrap_or_default() {
277 |                     ents.push_back(DaemonMessage::Gr { sector });
278 |                 }
279 |                 self.msg_cache.insert(*pid, ents).unwrap_or_default();
280 |                 return DaemonMessage::Success;
281 |             }
282 |             Gr::Ent(Ent::Get(pid)) => return self.get_msg(*pid),
283 |             Gr::Ent(Ent::End(pid)) => return self.clear_cache(*pid),
284 |         }
285 |         DaemonMessage::Error { message: String::from("not found") }
286 |     }
287 | }
288 | 


--------------------------------------------------------------------------------
/src/error.rs:
--------------------------------------------------------------------------------
 1 | #[derive(Debug)]
 2 | pub enum Error {
 3 |     Serde(serde_json::Error),
 4 |     Io(std::io::Error),
 5 |     Toml(toml::de::Error),
 6 |     ParseMsg(ParseMessageError),
 7 | }
 8 | 
 9 | impl From<serde_json::Error> for Error {
10 |     fn from(err: serde_json::Error) -> Error { Error::Serde(err) }
11 | }
12 | impl From<std::io::Error> for Error {
13 |     fn from(err: std::io::Error) -> Error { Error::Io(err) }
14 | }
15 | impl From<toml::de::Error> for Error {
16 |     fn from(err: toml::de::Error) -> Error { Error::Toml(err) }
17 | }
18 | 
19 | #[derive(Debug)]
20 | pub enum ParseSectorTypeError {
21 |     UnknownType,
22 | }
23 | 
24 | #[derive(Debug)]
25 | pub enum ParseSectorError {
26 |     Id(std::num::ParseIntError),
27 |     Type(ParseSectorTypeError),
28 |     BadFormat,
29 | }
30 | 
31 | #[derive(Debug)]
32 | pub enum ParseSectorGroupError {
33 |     Sector(ParseSectorError),
34 |     Gid(std::num::ParseIntError),
35 |     Member(std::num::ParseIntError),
36 | }
37 | 
38 | #[derive(Debug)]
39 | pub enum ParseMessageError {
40 |     ParseClientMessageError,
41 |     ParseDaemonMessageError,
42 | }
43 | 
44 | impl From<ParseMessageError> for Error {
45 |     fn from(err: ParseMessageError) -> Error { Error::ParseMsg(err) }
46 | }
47 | 


--------------------------------------------------------------------------------
/src/ghclient.rs:
--------------------------------------------------------------------------------
  1 | use crate::error::Error;
  2 | use crate::structs::{Config, Member, PublicKey, RateLimit, Repo, Sector, SectorGroup, Team};
  3 | use glob::glob;
  4 | use reqwest::{Client, Method, Request, Url, header};
  5 | use std::collections::HashMap;
  6 | use std::fs::File;
  7 | use std::io::prelude::*;
  8 | 
  9 | pub struct GithubClient {
 10 |     client: Client,
 11 |     pub conf: Config,
 12 | }
 13 | 
 14 | impl GithubClient {
 15 |     pub fn new(config: &Config) -> GithubClient {
 16 |         if std::env::var("SSL_CERT_FILE").is_err() {
 17 |             unsafe {
 18 |                 std::env::set_var("SSL_CERT_FILE", &config.cert_path);
 19 |             }
 20 |         }
 21 |         let client = Client::builder();
 22 |         let token = String::from("token ") + &config.token;
 23 |         let mut hmap = header::HeaderMap::new();
 24 |         hmap.insert(header::AUTHORIZATION, header::HeaderValue::from_str(&token).unwrap());
 25 |         hmap.insert(header::USER_AGENT, header::HeaderValue::from_str("sectora").unwrap());
 26 |         let client = client.default_headers(hmap).build().unwrap();
 27 |         GithubClient { client,
 28 |                        conf: config.clone() }
 29 |     }
 30 | 
 31 |     fn get_cache_path(&self, url: &str) -> std::path::PathBuf {
 32 |         let mut path = std::path::PathBuf::default();
 33 |         path.push(&self.conf.cache_dir);
 34 |         path.push(url);
 35 |         path
 36 |     }
 37 | 
 38 |     fn load_contents_from_cache(&self, url: &str) -> Result<(std::fs::Metadata, String), Error> {
 39 |         let path = self.get_cache_path(url);
 40 |         let metadata = std::fs::metadata(path.to_str().unwrap())?;
 41 |         let mut f = File::open(path.to_str().unwrap())?;
 42 |         let mut contents = String::default();
 43 |         f.read_to_string(&mut contents)?;
 44 |         Ok((metadata, contents))
 45 |     }
 46 | 
 47 |     fn store_contents_to_cache(&self, url: &str, contents: &str) -> Result<(), Error> {
 48 |         let path = self.get_cache_path(url);
 49 |         std::fs::create_dir_all(path.parent().unwrap_or(std::path::Path::new("/")))?;
 50 |         let mut f = File::create(path.to_str().unwrap())?;
 51 |         f.write_all(contents.as_bytes())?;
 52 |         Ok(())
 53 |     }
 54 | 
 55 |     async fn get_contents_from_url(&self, url: &str) -> Result<String, Error> {
 56 |         let mut all_contents: Vec<serde_json::value::Value> = Vec::new();
 57 |         let mut page = 1;
 58 |         loop {
 59 |             let mut new_array = self.get_contents_from_url_page(url, page).await?;
 60 |             if new_array.is_empty() {
 61 |                 break;
 62 |             }
 63 |             all_contents.append(&mut new_array);
 64 |             page += 1;
 65 |         }
 66 |         let contents = serde_json::ser::to_string(&all_contents)?;
 67 |         self.store_contents_to_cache(url, &contents)?;
 68 |         Ok(contents)
 69 |     }
 70 | 
 71 |     fn build_request(&self, url: &str) -> Result<Request, Error> {
 72 |         Ok(Request::new(Method::GET, Url::parse(url).unwrap()))
 73 |     }
 74 | 
 75 |     fn build_page_request(&self, url: &str, page: u64) -> Result<Request, Error> {
 76 |         let sep = if url.contains('?') { '&' } else { '?' };
 77 |         let url_p = format!("{}{}page={}", url, sep, page);
 78 |         self.build_request(&url_p)
 79 |     }
 80 | 
 81 |     async fn get_contents_from_url_page(&self, url: &str, page: u64) -> Result<Vec<serde_json::Value>, Error> {
 82 |         let req = self.build_page_request(url, page)?;
 83 |         let resp = self.client.execute(req).await.unwrap();
 84 |         let json = resp.json::<Vec<serde_json::Value>>().await.unwrap();
 85 |         Ok(json)
 86 |     }
 87 | 
 88 |     async fn get_contents(&self, url: &str) -> Result<String, Error> {
 89 |         match self.load_contents_from_cache(url) {
 90 |             Ok((metadata, cache_contents)) => match std::time::SystemTime::now().duration_since(metadata.modified()?) {
 91 |                 Ok(caching_duration) => {
 92 |                     if caching_duration.as_secs() > self.conf.cache_duration {
 93 |                         match self.get_contents_from_url(url).await {
 94 |                             Ok(contents_from_url) => Ok(contents_from_url),
 95 |                             Err(_) => Ok(cache_contents),
 96 |                         }
 97 |                     } else {
 98 |                         Ok(cache_contents)
 99 |                     }
100 |                 }
101 |                 Err(_) => Ok(cache_contents),
102 |             },
103 |             Err(_) => self.get_contents_from_url(url).await,
104 |         }
105 |     }
106 | 
107 |     pub async fn get_user_public_keys(&self, user: &str) -> Result<Vec<String>, Error> {
108 |         let url = format!("{}/users/{}/keys", self.conf.endpoint, user);
109 |         let contents = self.get_contents(&url).await?;
110 |         let keys = serde_json::from_str::<Vec<PublicKey>>(&contents)?;
111 |         Ok(keys.iter().map(|k| k.key.clone()).collect())
112 |     }
113 | 
114 |     pub async fn check_pam(&self, user: &str) -> Result<bool, Error> {
115 |         let sectors = self.get_sectors().await?;
116 |         Ok(sectors.iter().any(|team| team.members.contains_key(user)))
117 |     }
118 | 
119 |     pub async fn get_sectors(&self) -> Result<Vec<SectorGroup>, Error> {
120 |         let mut sectors: Vec<SectorGroup> = self.get_teams_result().await?;
121 |         sectors.append(&mut self.get_repos_result().await?);
122 |         Ok(sectors)
123 |     }
124 | 
125 |     async fn get_teams_result(&self) -> Result<Vec<SectorGroup>, Error> {
126 |         let gh_teams = self.get_team_map(&self.conf.org).await?;
127 |         let mut teams = Vec::new();
128 |         for team_conf in &self.conf.team {
129 |             if let Some(gh_team) = gh_teams.get(&team_conf.name) {
130 |                 teams.push(SectorGroup { sector: Sector::from(gh_team.clone()),
131 |                                          gid: team_conf.gid,
132 |                                          group: team_conf.group.clone(),
133 |                                          members: self.get_team_members(gh_team.id).await? });
134 |             }
135 |         }
136 |         Ok(teams)
137 |     }
138 | 
139 |     async fn get_team_map(&self, org: &str) -> Result<HashMap<String, Team>, Error> {
140 |         let url = format!("{}/orgs/{}/teams", self.conf.endpoint, org);
141 |         let contents = self.get_contents(&url).await?;
142 |         let teams = serde_json::from_str::<Vec<Team>>(&contents)?;
143 |         Ok(teams.iter().map(|t| (t.name.clone(), t.clone())).collect())
144 |     }
145 | 
146 |     async fn get_team_members(&self, mid: u64) -> Result<HashMap<String, Member>, Error> {
147 |         let url = format!("{}/teams/{}/members", self.conf.endpoint, mid);
148 |         let contents = self.get_contents(&url).await?;
149 |         let members = serde_json::from_str::<Vec<Member>>(&contents)?;
150 |         Ok(members.iter().map(|m| (m.login.clone(), m.clone())).collect())
151 |     }
152 | 
153 |     async fn get_repos_result(&self) -> Result<Vec<SectorGroup>, Error> {
154 |         let gh_repos = self.get_repo_map(&self.conf.org).await?;
155 |         let mut repos = Vec::new();
156 |         for repo_conf in &self.conf.repo {
157 |             if let Some(gh_repo) = gh_repos.get(&repo_conf.name) {
158 |                 repos.push(SectorGroup { sector: Sector::from(gh_repo.clone()),
159 |                                          gid: repo_conf.gid,
160 |                                          group: repo_conf.group.clone(),
161 |                                          members: self.get_repo_collaborators(&self.conf.org, &gh_repo.name)
162 |                                                       .await? });
163 |             }
164 |         }
165 |         Ok(repos)
166 |     }
167 | 
168 |     async fn get_repo_map(&self, org: &str) -> Result<HashMap<String, Repo>, Error> {
169 |         let url = format!("{}/orgs/{}/repos", self.conf.endpoint, org);
170 |         let contents = self.get_contents(&url).await?;
171 |         let repos = serde_json::from_str::<Vec<Repo>>(&contents)?;
172 |         Ok(repos.iter().map(|t| (t.name.clone(), t.clone())).collect())
173 |     }
174 | 
175 |     async fn get_repo_collaborators(&self, org: &str, repo_name: &str) -> Result<HashMap<String, Member>, Error> {
176 |         let url = format!("{}/repos/{}/{}/collaborators?affiliation=outside",
177 |                           self.conf.endpoint, org, repo_name);
178 |         let contents = self.get_contents(&url).await?;
179 |         let members = serde_json::from_str::<Vec<Member>>(&contents)?;
180 |         Ok(members.iter().map(|m| (m.login.clone(), m.clone())).collect())
181 |     }
182 | 
183 |     pub async fn get_rate_limit(&self) -> Result<RateLimit, Error> {
184 |         let url = format!("{}/rate_limit", self.conf.endpoint);
185 |         let req = self.build_request(&url)?;
186 |         let resp = self.client.execute(req).await.unwrap();
187 |         Ok(resp.json().await.unwrap())
188 |     }
189 | 
190 |     pub async fn clear_all_caches(&self) -> Result<(), Error> {
191 |         let mut path = self.get_cache_path("");
192 |         path.push("**/*");
193 |         for entry in glob(path.to_str().unwrap()).unwrap() {
194 |             match entry {
195 |                 Ok(path) => {
196 |                     if path.is_file() {
197 |                         std::fs::remove_file(path)?
198 |                     }
199 |                 }
200 |                 Err(e) => println!("{:?}", e),
201 |             }
202 |         }
203 |         Ok(())
204 |     }
205 | }
206 | 


--------------------------------------------------------------------------------
/src/lib.rs:
--------------------------------------------------------------------------------
  1 | mod applog;
  2 | mod buffer;
  3 | mod connection;
  4 | mod cstructs;
  5 | mod error;
  6 | mod message;
  7 | mod structs;
  8 | 
  9 | use buffer::Buffer;
 10 | use connection::Connection;
 11 | use cstructs::{Group, Passwd, Spwd};
 12 | use message::{ClientMessage as CMsg, DaemonMessage as DMsg, Ent, Gr, Pw, Sp};
 13 | use nix::errno::Errno;
 14 | use std::ffi::CStr;
 15 | use std::process;
 16 | use std::string::String;
 17 | 
 18 | #[allow(dead_code)]
 19 | enum NssStatus {
 20 |     TryAgain,
 21 |     Unavail,
 22 |     NotFound,
 23 |     Success,
 24 | }
 25 | 
 26 | impl From<NssStatus> for libc::c_int {
 27 |     fn from(status: NssStatus) -> libc::c_int {
 28 |         match status {
 29 |             NssStatus::TryAgain => -2,
 30 |             NssStatus::Unavail => -1,
 31 |             NssStatus::NotFound => 0,
 32 |             NssStatus::Success => 1,
 33 |         }
 34 |     }
 35 | }
 36 | 
 37 | fn string_from(cstrptr: *const libc::c_char) -> String {
 38 |     let cstr: &CStr = unsafe { CStr::from_ptr(cstrptr) };
 39 |     String::from(cstr.to_str().unwrap_or(""))
 40 | }
 41 | 
 42 | macro_rules! succeed {
 43 |     () => {{
 44 |         log::debug!("Success!");
 45 |         return libc::c_int::from(NssStatus::Success);
 46 |     }};
 47 | }
 48 | 
 49 | macro_rules! fail {
 50 |     ($err_no_p:ident, $err_no:expr, $return_val:expr) => {{
 51 |         *$err_no_p = $err_no as libc::c_int;
 52 |         log::debug!("Faill!");
 53 |         return libc::c_int::from($return_val);
 54 |     }};
 55 | }
 56 | 
 57 | macro_rules! try_unwrap {
 58 |     ($getter:expr) => {{
 59 |         match $getter {
 60 |             Ok(ret) => {
 61 |                 log::debug!("Ok: {:?}", ret);
 62 |                 ret
 63 |             }
 64 |             Err(e) => {
 65 |                 log::debug!("failed (will retry): {:?}", e);
 66 |                 return libc::c_int::from(NssStatus::TryAgain);
 67 |             }
 68 |         }
 69 |     }};
 70 |     ($getter:expr, $err_no_p:ident) => {{
 71 |         match $getter {
 72 |             Ok(ret) => ret,
 73 |             Err(e) => {
 74 |                 log::debug!("failed (will retry): {:?}", e);
 75 |                 *$err_no_p = Errno::EAGAIN as libc::c_int;
 76 |                 return libc::c_int::from(NssStatus::TryAgain);
 77 |             }
 78 |         }
 79 |     }};
 80 | }
 81 | 
 82 | /// # Safety
 83 | ///
 84 | /// This function intended to be called from nss
 85 | #[unsafe(no_mangle)]
 86 | pub unsafe extern "C" fn _nss_sectora_getpwnam_r(cnameptr: *const libc::c_char, pwptr: *mut Passwd,
 87 |                                                  buf: *mut libc::c_char, buflen: libc::size_t,
 88 |                                                  errnop: *mut libc::c_int)
 89 |                                                  -> libc::c_int {
 90 |     let mut buffer = Buffer::new(buf, buflen);
 91 |     let conn = try_unwrap!(Connection::new("_nss_sectora_getpwnam_r"), errnop);
 92 |     let msg = try_unwrap!(conn.communicate(CMsg::Pw(Pw::Nam(string_from(cnameptr)))), errnop);
 93 |     if let DMsg::Pw { login,
 94 |                       uid,
 95 |                       gid,
 96 |                       home,
 97 |                       sh, } = msg
 98 |     {
 99 |         match { (*pwptr).pack_args(&mut buffer, &login, uid, gid, &home, &sh) } {
100 |             Ok(_) => succeed!(),
101 |             Err(_) => fail!(errnop, Errno::ERANGE, NssStatus::TryAgain),
102 |         }
103 |     }
104 |     fail!(errnop, Errno::ENOENT, NssStatus::NotFound)
105 | }
106 | 
107 | /// # Safety
108 | ///
109 | /// This function intended to be called from nss
110 | #[unsafe(no_mangle)]
111 | pub unsafe extern "C" fn _nss_sectora_getpwuid_r(uid: libc::uid_t, pwptr: *mut Passwd, buf: *mut libc::c_char,
112 |                                                  buflen: libc::size_t, errnop: *mut libc::c_int)
113 |                                                  -> libc::c_int {
114 |     let mut buffer = Buffer::new(buf, buflen);
115 |     let conn = try_unwrap!(Connection::new("_nss_sectora_getpwuid_r"), errnop);
116 |     let msg = try_unwrap!(conn.communicate(CMsg::Pw(Pw::Uid(uid as u64))), errnop);
117 |     if let DMsg::Pw { login,
118 |                       uid,
119 |                       gid,
120 |                       home,
121 |                       sh, } = msg
122 |     {
123 |         match { (*pwptr).pack_args(&mut buffer, &login, uid, gid, &home, &sh) } {
124 |             Ok(_) => succeed!(),
125 |             Err(_) => fail!(errnop, Errno::ERANGE, NssStatus::TryAgain),
126 |         }
127 |     }
128 |     fail!(errnop, Errno::ENOENT, NssStatus::NotFound)
129 | }
130 | 
131 | /// # Safety
132 | ///
133 | /// This function intended to be called from nss
134 | #[unsafe(no_mangle)]
135 | pub unsafe extern "C" fn _nss_sectora_setpwent() -> libc::c_int {
136 |     let conn = try_unwrap!(Connection::new("_nss_sectora_setpwent"));
137 |     let msg = try_unwrap!(conn.communicate(CMsg::Pw(Pw::Ent(Ent::Set(process::id())))));
138 |     if let DMsg::Success = msg {
139 |         return libc::c_int::from(NssStatus::Success);
140 |     }
141 |     libc::c_int::from(NssStatus::TryAgain)
142 | }
143 | 
144 | /// # Safety
145 | ///
146 | /// This function intended to be called from nss
147 | #[unsafe(no_mangle)]
148 | pub unsafe extern "C" fn _nss_sectora_getpwent_r(pwptr: *mut Passwd, buf: *mut libc::c_char, buflen: libc::size_t,
149 |                                                  errnop: *mut libc::c_int)
150 |                                                  -> libc::c_int {
151 |     let mut buffer = Buffer::new(buf, buflen);
152 |     let conn = try_unwrap!(Connection::new("_nss_sectora_getpwent_r"), errnop);
153 |     let msg = try_unwrap!(conn.communicate(CMsg::Pw(Pw::Ent(Ent::Get(process::id())))), errnop);
154 |     if let DMsg::Pw { login,
155 |                       uid,
156 |                       gid,
157 |                       home,
158 |                       sh, } = msg
159 |     {
160 |         match { (*pwptr).pack_args(&mut buffer, &login, uid, gid, &home, &sh) } {
161 |             Ok(_) => succeed!(),
162 |             Err(_) => fail!(errnop, Errno::ERANGE, NssStatus::TryAgain),
163 |         }
164 |     }
165 |     fail!(errnop, Errno::ENOENT, NssStatus::NotFound)
166 | }
167 | 
168 | /// # Safety
169 | ///
170 | /// This function intended to be called from nss
171 | #[unsafe(no_mangle)]
172 | pub unsafe extern "C" fn _nss_sectora_endpwent() -> libc::c_int {
173 |     let conn = try_unwrap!(Connection::new("_nss_sectora_endpwent"));
174 |     let msg = try_unwrap!(conn.communicate(CMsg::Pw(Pw::Ent(Ent::End(process::id())))));
175 |     if let DMsg::Success = msg {
176 |         return libc::c_int::from(NssStatus::Success);
177 |     }
178 |     libc::c_int::from(NssStatus::TryAgain)
179 | }
180 | 
181 | /// # Safety
182 | ///
183 | /// This function intended to be called from nss
184 | #[unsafe(no_mangle)]
185 | pub unsafe extern "C" fn _nss_sectora_getspnam_r(cnameptr: *const libc::c_char, spptr: *mut Spwd,
186 |                                                  buf: *mut libc::c_char, buflen: libc::size_t,
187 |                                                  errnop: *mut libc::c_int)
188 |                                                  -> libc::c_int {
189 |     let mut buffer = Buffer::new(buf, buflen);
190 |     let conn = try_unwrap!(Connection::new("_nss_sectora_getspnam_r"), errnop);
191 |     let msg = try_unwrap!(conn.communicate(CMsg::Sp(Sp::Nam(string_from(cnameptr)))), errnop);
192 |     if let DMsg::Sp { login, pass } = msg {
193 |         match { (*spptr).pack_args(&mut buffer, &login, &pass) } {
194 |             Ok(_) => succeed!(),
195 |             Err(_) => fail!(errnop, Errno::ERANGE, NssStatus::TryAgain),
196 |         }
197 |     }
198 |     fail!(errnop, Errno::ENOENT, NssStatus::NotFound)
199 | }
200 | 
201 | /// # Safety
202 | ///
203 | /// This function intended to be called from nss
204 | #[unsafe(no_mangle)]
205 | pub unsafe extern "C" fn _nss_sectora_setspent() -> libc::c_int {
206 |     let conn = try_unwrap!(Connection::new("_nss_sectora_setspent"));
207 |     let msg = try_unwrap!(conn.communicate(CMsg::Sp(Sp::Ent(Ent::Set(process::id())))));
208 |     if let DMsg::Success = msg {
209 |         return libc::c_int::from(NssStatus::Success);
210 |     }
211 |     libc::c_int::from(NssStatus::Success)
212 | }
213 | 
214 | /// # Safety
215 | ///
216 | /// This function intended to be called from nss
217 | #[unsafe(no_mangle)]
218 | pub unsafe extern "C" fn _nss_sectora_getspent_r(spptr: *mut Spwd, buf: *mut libc::c_char, buflen: libc::size_t,
219 |                                                  errnop: *mut libc::c_int)
220 |                                                  -> libc::c_int {
221 |     let mut buffer = Buffer::new(buf, buflen);
222 |     let conn = try_unwrap!(Connection::new("_nss_sectora_getspent_r"), errnop);
223 |     let msg = try_unwrap!(conn.communicate(CMsg::Sp(Sp::Ent(Ent::Get(process::id())))), errnop);
224 |     if let DMsg::Sp { login, pass } = msg {
225 |         match { (*spptr).pack_args(&mut buffer, &login, &pass) } {
226 |             Ok(_) => succeed!(),
227 |             Err(_) => fail!(errnop, Errno::ERANGE, NssStatus::TryAgain),
228 |         }
229 |     }
230 |     fail!(errnop, Errno::ENOENT, NssStatus::NotFound)
231 | }
232 | 
233 | /// # Safety
234 | ///
235 | /// This function intended to be called from nss
236 | #[unsafe(no_mangle)]
237 | pub unsafe extern "C" fn _nss_sectora_endspent() -> libc::c_int {
238 |     let conn = try_unwrap!(Connection::new("_nss_sectora_endspent"));
239 |     let msg = try_unwrap!(conn.communicate(CMsg::Sp(Sp::Ent(Ent::End(process::id())))));
240 |     if let DMsg::Success = msg {
241 |         return libc::c_int::from(NssStatus::Success);
242 |     }
243 |     libc::c_int::from(NssStatus::TryAgain)
244 | }
245 | 
246 | /// # Safety
247 | ///
248 | /// This function intended to be called from nss
249 | #[unsafe(no_mangle)]
250 | pub unsafe extern "C" fn _nss_sectora_getgrgid_r(gid: libc::gid_t, grptr: *mut Group, buf: *mut libc::c_char,
251 |                                                  buflen: libc::size_t, errnop: *mut libc::c_int)
252 |                                                  -> libc::c_int {
253 |     let mut buffer = Buffer::new(buf, buflen);
254 |     let conn = try_unwrap!(Connection::new("_nss_sectora_getgrgid_r"), errnop);
255 |     let msg = try_unwrap!(conn.communicate(CMsg::Gr(Gr::Gid(gid as u64))), errnop);
256 |     if let DMsg::Gr { sector } = msg {
257 |         let members: Vec<&str> = sector.members.values().map(|m| m.login.as_str()).collect();
258 |         match { (*grptr).pack_args(&mut buffer, &sector.get_group(), u64::from(gid), &members) } {
259 |             Ok(_) => succeed!(),
260 |             Err(_) => fail!(errnop, Errno::ERANGE, NssStatus::TryAgain),
261 |         }
262 |     }
263 |     fail!(errnop, Errno::ENOENT, NssStatus::NotFound)
264 | }
265 | 
266 | /// # Safety
267 | ///
268 | /// This function intended to be called from nss
269 | #[unsafe(no_mangle)]
270 | pub unsafe extern "C" fn _nss_sectora_getgrnam_r(cnameptr: *const libc::c_char, grptr: *mut Group,
271 |                                                  buf: *mut libc::c_char, buflen: libc::size_t,
272 |                                                  errnop: *mut libc::c_int)
273 |                                                  -> libc::c_int {
274 |     let mut buffer = Buffer::new(buf, buflen);
275 |     let conn = try_unwrap!(Connection::new("_nss_sectora_getgrnam_r"), errnop);
276 |     let msg = try_unwrap!(conn.communicate(CMsg::Gr(Gr::Nam(string_from(cnameptr)))), errnop);
277 |     if let DMsg::Gr { sector } = msg {
278 |         let members: Vec<&str> = sector.members.values().map(|m| m.login.as_str()).collect();
279 |         match { (*grptr).pack_args(&mut buffer, &sector.get_group(), sector.get_gid(), &members) } {
280 |             Ok(_) => succeed!(),
281 |             Err(_) => fail!(errnop, Errno::ERANGE, NssStatus::TryAgain),
282 |         }
283 |     }
284 |     fail!(errnop, Errno::ENOENT, NssStatus::NotFound)
285 | }
286 | 
287 | /// # Safety
288 | ///
289 | /// This function intended to be called from nss
290 | #[unsafe(no_mangle)]
291 | pub unsafe extern "C" fn _nss_sectora_setgrent() -> libc::c_int {
292 |     let conn = try_unwrap!(Connection::new("_nss_sectora_setgrent"));
293 |     let msg = try_unwrap!(conn.communicate(CMsg::Gr(Gr::Ent(Ent::Set(process::id())))));
294 |     if let DMsg::Success = msg {
295 |         return libc::c_int::from(NssStatus::Success);
296 |     }
297 |     libc::c_int::from(NssStatus::Success)
298 | }
299 | 
300 | /// # Safety
301 | ///
302 | /// This function intended to be called from nss
303 | #[unsafe(no_mangle)]
304 | pub unsafe extern "C" fn _nss_sectora_getgrent_r(grptr: *mut Group, buf: *mut libc::c_char, buflen: libc::size_t,
305 |                                                  errnop: *mut libc::c_int)
306 |                                                  -> libc::c_int {
307 |     let mut buffer = Buffer::new(buf, buflen);
308 |     let conn = try_unwrap!(Connection::new("_nss_sectora_getgrent_r"), errnop);
309 |     let msg = try_unwrap!(conn.communicate(CMsg::Gr(Gr::Ent(Ent::Get(process::id())))), errnop);
310 |     if let DMsg::Gr { sector } = msg {
311 |         let members: Vec<&str> = sector.members.values().map(|m| m.login.as_str()).collect();
312 |         match { (*grptr).pack_args(&mut buffer, &sector.get_group(), sector.get_gid(), &members) } {
313 |             Ok(_) => succeed!(),
314 |             Err(_) => fail!(errnop, Errno::ERANGE, NssStatus::TryAgain),
315 |         }
316 |     }
317 |     fail!(errnop, Errno::ENOENT, NssStatus::NotFound)
318 | }
319 | 
320 | /// # Safety
321 | ///
322 | /// This function intended to be called from nss
323 | #[unsafe(no_mangle)]
324 | pub unsafe extern "C" fn _nss_sectora_endgrent() -> libc::c_int {
325 |     let conn = try_unwrap!(Connection::new("_nss_sectora_endgrent"));
326 |     let msg = try_unwrap!(conn.communicate(CMsg::Gr(Gr::Ent(Ent::End(process::id())))));
327 |     if let DMsg::Success = msg {
328 |         return libc::c_int::from(NssStatus::Success);
329 |     }
330 |     libc::c_int::from(NssStatus::TryAgain)
331 | }
332 | 


--------------------------------------------------------------------------------
/src/main.rs:
--------------------------------------------------------------------------------
  1 | mod applog;
  2 | mod connection;
  3 | mod error;
  4 | mod message;
  5 | mod structs;
  6 | 
  7 | use clap::{CommandFactory, Parser};
  8 | use clap_complete::{generate, shells};
  9 | use log::debug;
 10 | use message::*;
 11 | use std::env;
 12 | use std::io::{Error, ErrorKind};
 13 | use structs::Config;
 14 | 
 15 | #[derive(Debug, Parser)]
 16 | #[clap(rename_all = "kebab-case")]
 17 | enum Command {
 18 |     /// Gets user public key
 19 |     Key { user: String },
 20 |     /// Executes pam check
 21 |     Pam,
 22 |     /// Check configuration
 23 |     Check { confpath: std::path::PathBuf },
 24 |     /// Cleans caches up
 25 |     #[clap(alias = "cleanup")]
 26 |     CleanUp,
 27 |     /// Get rate limit for github api
 28 |     #[clap(alias = "ratelimit")]
 29 |     RateLimit,
 30 |     /// Displays version details
 31 |     Version,
 32 |     /// Displays completion
 33 |     Completion {
 34 |         #[clap(subcommand)]
 35 |         shell: Shell,
 36 |     },
 37 | }
 38 | 
 39 | #[allow(clippy::enum_variant_names)]
 40 | #[derive(Debug, Parser)]
 41 | #[clap(rename_all = "kebab-case")]
 42 | enum Shell {
 43 |     Bash,
 44 |     Fish,
 45 |     Zsh,
 46 |     PowerShell,
 47 |     Elvish,
 48 | }
 49 | 
 50 | fn show_keys(conn: &connection::Connection, user: &str) -> Result<(), Error> {
 51 |     match conn.communicate(ClientMessage::Key { user: user.to_owned() }) {
 52 |         Ok(DaemonMessage::Key { keys }) => {
 53 |             println!("{}", keys);
 54 |             Ok(())
 55 |         }
 56 |         _ => Err(Error::new(ErrorKind::PermissionDenied, "key check failed")),
 57 |     }
 58 | }
 59 | 
 60 | fn main() -> Result<(), Error> {
 61 |     let command = Command::parse();
 62 |     let conn = match connection::Connection::new(&format!("{:?}", command)) {
 63 |         Ok(conn) => conn,
 64 |         Err(err) => return Err(Error::new(ErrorKind::Other, format!("{:?}", err))),
 65 |     };
 66 |     debug!("connected to socket: {:?}", conn);
 67 | 
 68 |     match command {
 69 |         Command::Check { confpath } => match Config::from_path(&confpath) {
 70 |             Ok(_) => return Ok(()),
 71 |             Err(_) => return Err(Error::new(ErrorKind::Other, "check failed")),
 72 |         },
 73 |         Command::Key { user } => show_keys(&conn, &user)?,
 74 |         Command::Pam => match env::var("PAM_USER") {
 75 |             Ok(user) => match conn.communicate(ClientMessage::Pam { user }) {
 76 |                 Ok(DaemonMessage::Pam { result }) => {
 77 |                     if result {
 78 |                         return Ok(());
 79 |                     } else {
 80 |                         return Err(Error::new(ErrorKind::NotFound, "user not found"));
 81 |                     }
 82 |                 }
 83 |                 _ => return Err(Error::new(ErrorKind::Other, "faild")),
 84 |             },
 85 |             Err(_) => return Err(Error::new(ErrorKind::ConnectionRefused, "failed")),
 86 |         },
 87 |         Command::CleanUp => match conn.communicate(ClientMessage::CleanUp) {
 88 |             Ok(_) => return Ok(()),
 89 |             Err(_) => return Err(Error::new(ErrorKind::Other, "failed")),
 90 |         },
 91 |         Command::RateLimit => match conn.communicate(ClientMessage::RateLimit) {
 92 |             Ok(DaemonMessage::RateLimit { limit,
 93 |                                           remaining,
 94 |                                           reset, }) => {
 95 |                 println!("remaining: {}/{}, reset:{}", remaining, limit, reset);
 96 |             }
 97 |             _ => return Err(Error::new(ErrorKind::Other, "failed")),
 98 |         },
 99 |         Command::Version => {
100 |             println!("{}",
101 |                      concat!(env!("CARGO_PKG_VERSION"),
102 |                              include_str!(concat!(env!("OUT_DIR"), "/commit-info.txt"))));
103 |         }
104 |         Command::Completion { shell } => {
105 |             let shell = match shell {
106 |                 Shell::Bash => shells::Shell::Bash,
107 |                 Shell::Fish => shells::Shell::Fish,
108 |                 Shell::Zsh => shells::Shell::Zsh,
109 |                 Shell::PowerShell => shells::Shell::PowerShell,
110 |                 Shell::Elvish => shells::Shell::Elvish,
111 |             };
112 |             let mut cmd = Command::command();
113 |             generate(shell, &mut cmd, "wagon", &mut std::io::stdout());
114 |         }
115 |     };
116 |     Ok(())
117 | }
118 | 


--------------------------------------------------------------------------------
/src/message.rs:
--------------------------------------------------------------------------------
  1 | use crate::error::ParseMessageError;
  2 | use crate::structs;
  3 | use std::fmt;
  4 | use std::str::FromStr;
  5 | 
  6 | #[derive(Debug)]
  7 | pub enum Pw {
  8 |     Uid(u64),
  9 |     Nam(String),
 10 |     Ent(Ent),
 11 | }
 12 | 
 13 | #[derive(Debug)]
 14 | pub enum Sp {
 15 |     Nam(String),
 16 |     Ent(Ent),
 17 | }
 18 | 
 19 | #[derive(Debug)]
 20 | pub enum Gr {
 21 |     Gid(u64),
 22 |     Nam(String),
 23 |     Ent(Ent),
 24 | }
 25 | 
 26 | #[derive(Debug)]
 27 | pub enum Ent {
 28 |     Set(u32),
 29 |     Get(u32),
 30 |     End(u32),
 31 | }
 32 | 
 33 | pub struct DividedMessage {
 34 |     pub cont: bool,
 35 |     pub message: String,
 36 | }
 37 | 
 38 | impl DividedMessage {
 39 |     #[allow(dead_code)]
 40 |     pub fn new(msg: &str, size: usize) -> Vec<Self> {
 41 |         let mut msgs = vec![];
 42 |         let mut idx = 0;
 43 |         while idx + size < msg.len() {
 44 |             msgs.push(Self { cont: true,
 45 |                              message: msg[idx..idx + size].to_owned() });
 46 |             idx += size
 47 |         }
 48 |         msgs.push(Self { cont: false,
 49 |                          message: msg[idx..msg.len()].to_owned() });
 50 |         msgs
 51 |     }
 52 | }
 53 | 
 54 | impl fmt::Display for DividedMessage {
 55 |     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!(f, "{}:{}", i32::from(self.cont), self.message) }
 56 | }
 57 | 
 58 | impl FromStr for DividedMessage {
 59 |     type Err = ParseMessageError;
 60 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
 61 |         if let Some(msg) = s.strip_prefix("0:") {
 62 |             Ok(Self { cont: false,
 63 |                       message: msg.to_owned() })
 64 |         } else if let Some(msg) = s.strip_prefix("1:") {
 65 |             Ok(Self { cont: true,
 66 |                       message: msg.to_owned() })
 67 |         } else {
 68 |             Err(ParseMessageError::ParseClientMessageError)
 69 |         }
 70 |     }
 71 | }
 72 | 
 73 | #[derive(Debug)]
 74 | pub enum ClientMessage {
 75 |     Cont,
 76 |     Key { user: String },
 77 |     Pam { user: String },
 78 |     CleanUp,
 79 |     RateLimit,
 80 |     SectorGroups,
 81 |     Pw(Pw),
 82 |     Sp(Sp),
 83 |     Gr(Gr),
 84 | }
 85 | 
 86 | #[allow(dead_code)]
 87 | #[derive(Debug)]
 88 | pub enum DaemonMessage {
 89 |     Success,
 90 |     Error {
 91 |         message: String,
 92 |     },
 93 |     Key {
 94 |         keys: String,
 95 |     },
 96 |     Pam {
 97 |         result: bool,
 98 |     },
 99 |     RateLimit {
100 |         limit: usize,
101 |         remaining: usize,
102 |         reset: usize,
103 |     },
104 |     SectorGroups {
105 |         sectors: Vec<structs::SectorGroup>,
106 |     },
107 |     Pw {
108 |         login: String,
109 |         uid: u64,
110 |         gid: u64,
111 |         home: String,
112 |         sh: String,
113 |     },
114 |     Sp {
115 |         login: String,
116 |         pass: String,
117 |     },
118 |     Gr {
119 |         sector: structs::SectorGroup,
120 |     },
121 | }
122 | 
123 | impl fmt::Display for Ent {
124 |     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
125 |         match self {
126 |             Ent::Set(pid) => write!(f, "set|{}", pid),
127 |             Ent::Get(pid) => write!(f, "get|{}", pid),
128 |             Ent::End(pid) => write!(f, "end|{}", pid),
129 |         }
130 |     }
131 | }
132 | 
133 | impl fmt::Display for Pw {
134 |     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
135 |         match self {
136 |             Pw::Uid(uid) => write!(f, "uid={}", uid),
137 |             Pw::Nam(name) => write!(f, "name={}", name),
138 |             Pw::Ent(ent) => write!(f, "ent={}", ent),
139 |         }
140 |     }
141 | }
142 | 
143 | impl fmt::Display for Sp {
144 |     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
145 |         match self {
146 |             Sp::Nam(name) => write!(f, "name={}", name),
147 |             Sp::Ent(ent) => write!(f, "ent={}", ent),
148 |         }
149 |     }
150 | }
151 | 
152 | impl fmt::Display for Gr {
153 |     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
154 |         match self {
155 |             Gr::Gid(gid) => write!(f, "gid={}", gid),
156 |             Gr::Nam(name) => write!(f, "name={}", name),
157 |             Gr::Ent(ent) => write!(f, "ent={}", ent),
158 |         }
159 |     }
160 | }
161 | 
162 | impl fmt::Display for ClientMessage {
163 |     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
164 |         match self {
165 |             ClientMessage::Cont => write!(f, "c:cont"),
166 |             ClientMessage::Key { user } => write!(f, "c:key:{}", user),
167 |             ClientMessage::Pam { user } => write!(f, "c:pam:{}", user),
168 |             ClientMessage::CleanUp => write!(f, "c:cleanup"),
169 |             ClientMessage::RateLimit => write!(f, "c:ratelimit"),
170 |             ClientMessage::SectorGroups => write!(f, "c:sectors"),
171 |             ClientMessage::Pw(pw) => write!(f, "c:pw:{}", pw),
172 |             ClientMessage::Sp(sp) => write!(f, "c:sp:{}", sp),
173 |             ClientMessage::Gr(gr) => write!(f, "c:gr:{}", gr),
174 |         }
175 |     }
176 | }
177 | 
178 | impl fmt::Display for DaemonMessage {
179 |     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
180 |         match self {
181 |             DaemonMessage::Error { message } => write!(f, "d:error:{}", message),
182 |             DaemonMessage::Success => write!(f, "d:success"),
183 |             DaemonMessage::Key { keys } => write!(f, "d:key:{}", keys),
184 |             DaemonMessage::Pam { result } => write!(f, "d:pam:{}", result),
185 |             DaemonMessage::RateLimit { limit,
186 |                                        remaining,
187 |                                        reset, } => write!(f, "d:ratelimit:{}:{}:{}", limit, remaining, reset),
188 |             DaemonMessage::SectorGroups { sectors } => {
189 |                 let ss: Vec<String> = sectors.iter().map(|s| s.to_string()).collect();
190 |                 write!(f, "d:sectors:{}", ss.join("\n"))
191 |             }
192 |             DaemonMessage::Pw { login,
193 |                                 uid,
194 |                                 gid,
195 |                                 home,
196 |                                 sh, } => write!(f, "d:pw:{}:{}:{}:{}:{}", login, uid, gid, home, sh),
197 |             DaemonMessage::Sp { login, pass } => write!(f, "d:sp:{}:{}", login, pass),
198 |             DaemonMessage::Gr { sector } => write!(f, "d:gr:{}", sector),
199 |         }
200 |     }
201 | }
202 | 
203 | impl FromStr for Ent {
204 |     type Err = ParseMessageError;
205 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
206 |         if let Some(msg) = s.strip_prefix("set|") {
207 |             Ok(Ent::Set(msg.parse::<u32>().unwrap()))
208 |         } else if let Some(msg) = s.strip_prefix("get|") {
209 |             Ok(Ent::Get(msg.parse::<u32>().unwrap()))
210 |         } else if let Some(msg) = s.strip_prefix("end|") {
211 |             Ok(Ent::End(msg.parse::<u32>().unwrap()))
212 |         } else {
213 |             Err(ParseMessageError::ParseClientMessageError)
214 |         }
215 |     }
216 | }
217 | 
218 | impl FromStr for Pw {
219 |     type Err = ParseMessageError;
220 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
221 |         if let Some(msg) = s.strip_prefix("uid=") {
222 |             Ok(Pw::Uid(msg.parse::<u64>().unwrap()))
223 |         } else if let Some(msg) = s.strip_prefix("name=") {
224 |             Ok(Pw::Nam(String::from(msg)))
225 |         } else if let Some(msg) = s.strip_prefix("ent=") {
226 |             Ok(Pw::Ent(msg.parse::<Ent>().unwrap()))
227 |         } else {
228 |             Err(ParseMessageError::ParseClientMessageError)
229 |         }
230 |     }
231 | }
232 | 
233 | impl FromStr for Sp {
234 |     type Err = ParseMessageError;
235 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
236 |         if let Some(msg) = s.strip_prefix("name=") {
237 |             Ok(Sp::Nam(String::from(msg)))
238 |         } else if let Some(msg) = s.strip_prefix("ent=") {
239 |             Ok(Sp::Ent(msg.parse::<Ent>().unwrap()))
240 |         } else {
241 |             Err(ParseMessageError::ParseClientMessageError)
242 |         }
243 |     }
244 | }
245 | 
246 | impl FromStr for Gr {
247 |     type Err = ParseMessageError;
248 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
249 |         if let Some(msg) = s.strip_prefix("gid=") {
250 |             Ok(Gr::Gid(msg.parse::<u64>().unwrap()))
251 |         } else if let Some(msg) = s.strip_prefix("name=") {
252 |             Ok(Gr::Nam(String::from(msg)))
253 |         } else if let Some(msg) = s.strip_prefix("ent=") {
254 |             Ok(Gr::Ent(msg.parse::<Ent>().unwrap()))
255 |         } else {
256 |             Err(ParseMessageError::ParseClientMessageError)
257 |         }
258 |     }
259 | }
260 | 
261 | impl FromStr for ClientMessage {
262 |     type Err = ParseMessageError;
263 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
264 |         if s == "c:cont" {
265 |             Ok(ClientMessage::Cont)
266 |         } else if let Some(msg) = s.strip_prefix("c:key:") {
267 |             Ok(ClientMessage::Key { user: String::from(msg) })
268 |         } else if let Some(msg) = s.strip_prefix("c:pam:") {
269 |             Ok(ClientMessage::Pam { user: String::from(msg) })
270 |         } else if s == "c:cleanup" {
271 |             Ok(ClientMessage::CleanUp)
272 |         } else if s == "c:ratelimit" {
273 |             Ok(ClientMessage::RateLimit)
274 |         } else if s == "c:sectors" {
275 |             Ok(ClientMessage::SectorGroups)
276 |         } else if let Some(msg) = s.strip_prefix("c:pw:") {
277 |             Ok(ClientMessage::Pw(msg.parse::<Pw>()?))
278 |         } else if let Some(msg) = s.strip_prefix("c:sp:") {
279 |             Ok(ClientMessage::Sp(msg.parse::<Sp>()?))
280 |         } else if let Some(msg) = s.strip_prefix("c:gr:") {
281 |             Ok(ClientMessage::Gr(msg.parse::<Gr>()?))
282 |         } else {
283 |             Err(ParseMessageError::ParseClientMessageError)
284 |         }
285 |     }
286 | }
287 | 
288 | impl FromStr for DaemonMessage {
289 |     type Err = ParseMessageError;
290 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
291 |         if let Some(msg) = s.strip_prefix("d:key:") {
292 |             Ok(DaemonMessage::Key { keys: String::from(msg) })
293 |         } else if let Some(msg) = s.strip_prefix("d:pam:") {
294 |             Ok(DaemonMessage::Pam { result: FromStr::from_str(msg).unwrap_or(false) })
295 |         } else if s == "d:success" {
296 |             Ok(DaemonMessage::Success)
297 |         } else if let Some(msg) = s.strip_prefix("d:ratelimit:") {
298 |             let fields: Vec<String> = msg.split(':').map(|s| s.to_string()).collect();
299 |             if fields.len() < 3 {
300 |                 return Err(ParseMessageError::ParseDaemonMessageError);
301 |             }
302 |             let limit = fields[0].clone().parse().unwrap_or(0);
303 |             let remaining = fields[1].clone().parse().unwrap_or(0);
304 |             let reset = fields[2].clone().parse().unwrap_or(0);
305 |             Ok(DaemonMessage::RateLimit { limit,
306 |                                           remaining,
307 |                                           reset })
308 |         } else if let Some(msg) = s.strip_prefix("d:sectors:") {
309 |             let sectors = msg.lines()
310 |                              .filter_map(|l| l.parse::<structs::SectorGroup>().ok())
311 |                              .collect();
312 |             Ok(DaemonMessage::SectorGroups { sectors })
313 |         } else if let Some(msg) = s.strip_prefix("d:pw:") {
314 |             let fields: Vec<String> = msg.split(':').map(|s| s.to_string()).collect();
315 |             if fields.len() < 5 {
316 |                 return Err(ParseMessageError::ParseDaemonMessageError);
317 |             }
318 |             let login: String = fields[0].clone();
319 |             let home: String = fields[3].clone();
320 |             let sh: String = fields[4].clone();
321 |             match (fields[1].parse::<u64>(), fields[2].parse::<u64>()) {
322 |                 (Ok(uid), Ok(gid)) => Ok(DaemonMessage::Pw { login,
323 |                                                              uid,
324 |                                                              gid,
325 |                                                              home,
326 |                                                              sh }),
327 |                 _ => Err(ParseMessageError::ParseDaemonMessageError),
328 |             }
329 |         } else if let Some(msg) = s.strip_prefix("d:sp:") {
330 |             let fields: Vec<String> = msg.split(':').map(|s| s.to_string()).collect();
331 |             if fields.len() < 2 {
332 |                 return Err(ParseMessageError::ParseDaemonMessageError);
333 |             }
334 |             Ok(DaemonMessage::Sp { login: fields[0].clone(),
335 |                                    pass: fields[1].clone() })
336 |         } else if let Some(msg) = s.strip_prefix("d:gr:") {
337 |             match msg.parse::<structs::SectorGroup>() {
338 |                 Ok(sector) => Ok(DaemonMessage::Gr { sector }),
339 |                 _ => Err(ParseMessageError::ParseDaemonMessageError),
340 |             }
341 |         } else {
342 |             Err(ParseMessageError::ParseDaemonMessageError)
343 |         }
344 |     }
345 | }
346 | 


--------------------------------------------------------------------------------
/src/statics.rs:
--------------------------------------------------------------------------------
 1 | use once_cell::sync::Lazy;
 2 | use std::env;
 3 | use std::path::PathBuf;
 4 | use std::string::String;
 5 | 
 6 | const DEFAULT_CONF_PATH_STR: &str = "/etc/sectora.conf";
 7 | 
 8 | static CONF_PATH_STR: Lazy<String> =
 9 |     Lazy::new(|| env::var("SECTORA_CONFIG").unwrap_or(String::from(DEFAULT_CONF_PATH_STR)));
10 | pub static CONF_PATH: Lazy<PathBuf> = Lazy::new(|| PathBuf::from((*CONF_PATH_STR).clone()));
11 | 


--------------------------------------------------------------------------------
/src/structs.rs:
--------------------------------------------------------------------------------
  1 | use crate::error::{Error, ParseSectorError, ParseSectorGroupError, ParseSectorTypeError};
  2 | use serde::{Deserialize, Serialize};
  3 | use std::collections::HashMap;
  4 | use std::fmt;
  5 | use std::fs::File;
  6 | use std::io::Read;
  7 | use std::str::FromStr;
  8 | use std::string::ToString;
  9 | 
 10 | #[derive(Deserialize, Debug, Clone)]
 11 | pub struct Config {
 12 |     pub token: String,
 13 |     pub org: String,
 14 |     #[serde(default = "default_team")]
 15 |     pub team: Vec<TeamConfig>,
 16 |     #[serde(default = "default_repo")]
 17 |     pub repo: Vec<RepoConfig>,
 18 |     #[serde(default = "default_endpoint")]
 19 |     pub endpoint: String,
 20 |     #[serde(default = "default_home")]
 21 |     pub home: String,
 22 |     #[serde(default = "default_sh")]
 23 |     pub sh: String,
 24 |     #[serde(default = "default_cache_duration")]
 25 |     pub cache_duration: u64,
 26 |     #[serde(default = "default_cert_path")]
 27 |     pub cert_path: String,
 28 |     #[serde(default = "default_user_conf_path")]
 29 |     pub user_conf_path: String,
 30 |     #[serde(default = "default_cache_dir")]
 31 |     pub cache_dir: String,
 32 |     pub proxy_url: Option<String>,
 33 | }
 34 | 
 35 | fn default_team() -> Vec<TeamConfig> { Vec::new() }
 36 | fn default_repo() -> Vec<RepoConfig> { Vec::new() }
 37 | fn default_endpoint() -> String { String::from("https://api.github.com") }
 38 | fn default_home() -> String { String::from("/home/{}") }
 39 | fn default_sh() -> String { String::from("/bin/bash") }
 40 | fn default_cache_duration() -> u64 { 3600 }
 41 | fn default_cert_path() -> String { String::from("/etc/ssl/certs/ca-certificates.crt") }
 42 | fn default_user_conf_path() -> String { String::from(".config/sectora.toml") }
 43 | fn default_cache_dir() -> String {
 44 |     let mut path = std::env::temp_dir();
 45 |     path.push("sectora/cache");
 46 |     String::from(path.as_os_str().to_str().unwrap_or_default())
 47 | }
 48 | 
 49 | fn get_socket_path() -> String {
 50 |     let mut path = std::env::temp_dir();
 51 |     path.push("sectorad");
 52 |     String::from(path.as_os_str().to_str().unwrap_or_default())
 53 | }
 54 | 
 55 | fn get_socket_dir() -> String {
 56 |     let mut path = std::env::temp_dir();
 57 |     path.push("sectora");
 58 |     String::from(path.as_os_str().to_str().unwrap_or_default())
 59 | }
 60 | 
 61 | impl Config {
 62 |     #[allow(dead_code)]
 63 |     pub fn from_path(configpath: &std::path::Path) -> Result<Self, Error> {
 64 |         let mut file = File::open(configpath)?;
 65 |         let mut contents = String::default();
 66 |         file.read_to_string(&mut contents)?;
 67 |         Ok(toml::from_str::<Config>(&contents)?)
 68 |     }
 69 | }
 70 | 
 71 | #[derive(Debug, Clone)]
 72 | pub struct SocketConfig {
 73 |     pub socket_path: String,
 74 |     pub socket_dir: String,
 75 | }
 76 | 
 77 | impl SocketConfig {
 78 |     pub fn new() -> Self {
 79 |         SocketConfig { socket_path: get_socket_path(),
 80 |                        socket_dir: get_socket_dir() }
 81 |     }
 82 | }
 83 | 
 84 | #[derive(Serialize, Deserialize, Debug, Clone)]
 85 | pub struct UserConfig {
 86 |     pub sh: Option<String>,
 87 |     pub pass: Option<String>,
 88 | }
 89 | 
 90 | impl UserConfig {
 91 |     #[allow(dead_code)]
 92 |     pub fn from_path(configpath: &std::path::Path) -> Result<Self, Error> {
 93 |         let mut file = File::open(configpath)?;
 94 |         let mut contents = String::default();
 95 |         file.read_to_string(&mut contents)?;
 96 |         Ok(toml::from_str::<UserConfig>(&contents)?)
 97 |     }
 98 | }
 99 | 
100 | #[derive(Serialize, Deserialize, Debug, Clone)]
101 | pub struct Team {
102 |     pub id: u64,
103 |     pub name: String,
104 | }
105 | 
106 | #[derive(Serialize, Deserialize, Debug, Clone)]
107 | pub struct TeamConfig {
108 |     pub name: String,
109 |     pub gid: Option<u64>,
110 |     pub group: Option<String>,
111 | }
112 | 
113 | #[derive(Serialize, Deserialize, Debug, Clone)]
114 | pub struct Repo {
115 |     pub id: u64,
116 |     pub name: String,
117 | }
118 | 
119 | #[derive(Serialize, Deserialize, Debug, Clone)]
120 | pub struct RepoConfig {
121 |     pub name: String,
122 |     pub gid: Option<u64>,
123 |     pub group: Option<String>,
124 | }
125 | 
126 | #[derive(Serialize, Deserialize, Debug, Clone)]
127 | pub enum SectorType {
128 |     Team,
129 |     Repo,
130 | }
131 | 
132 | impl fmt::Display for SectorType {
133 |     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
134 |         match self {
135 |             SectorType::Team => write!(f, "T"),
136 |             SectorType::Repo => write!(f, "R"),
137 |         }
138 |     }
139 | }
140 | 
141 | impl FromStr for SectorType {
142 |     type Err = ParseSectorTypeError;
143 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
144 |         match s {
145 |             "T" => Ok(SectorType::Team),
146 |             "R" => Ok(SectorType::Repo),
147 |             _ => Err(ParseSectorTypeError::UnknownType),
148 |         }
149 |     }
150 | }
151 | 
152 | #[derive(Serialize, Deserialize, Debug, Clone)]
153 | pub struct Sector {
154 |     pub id: u64,
155 |     pub name: String,
156 |     pub sector_type: SectorType,
157 | }
158 | 
159 | impl From<Team> for Sector {
160 |     fn from(team: Team) -> Self {
161 |         Self { id: team.id,
162 |                name: team.name,
163 |                sector_type: SectorType::Team }
164 |     }
165 | }
166 | 
167 | impl From<Repo> for Sector {
168 |     fn from(repo: Repo) -> Self {
169 |         Self { id: repo.id,
170 |                name: repo.name,
171 |                sector_type: SectorType::Repo }
172 |     }
173 | }
174 | 
175 | impl fmt::Display for Sector {
176 |     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { write!(f, "{}:{}:{}", self.id, self.name, self.sector_type) }
177 | }
178 | 
179 | impl FromStr for Sector {
180 |     type Err = ParseSectorError;
181 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
182 |         let parts = s.split(':').collect::<Vec<&str>>();
183 |         if parts.len() == 3 {
184 |             Ok(Self { id: parts[0].parse().map_err(ParseSectorError::Id)?,
185 |                       name: String::from(parts[1]),
186 |                       sector_type: parts[2].parse().map_err(ParseSectorError::Type)? })
187 |         } else {
188 |             Err(ParseSectorError::BadFormat)
189 |         }
190 |     }
191 | }
192 | 
193 | #[derive(Debug, Clone)]
194 | pub struct SectorGroup {
195 |     pub sector: Sector,
196 |     pub gid: Option<u64>,
197 |     pub group: Option<String>,
198 |     pub members: HashMap<String, Member>,
199 | }
200 | 
201 | impl SectorGroup {
202 |     #[allow(dead_code)]
203 |     pub fn get_gid(&self) -> u64 { self.gid.unwrap_or(self.sector.id) }
204 |     #[allow(dead_code)]
205 |     pub fn get_group(&self) -> String { self.group.clone().unwrap_or(self.sector.name.clone()) }
206 | }
207 | 
208 | impl fmt::Display for SectorGroup {
209 |     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
210 |         let members_str = self.members
211 |                               .values()
212 |                               .map(ToString::to_string)
213 |                               .collect::<Vec<_>>()
214 |                               .join(" ");
215 |         writeln!(f,
216 |                  "{}\t{}\t{}\t{}",
217 |                  self.sector,
218 |                  self.gid.map(|i| i.to_string()).unwrap_or_default(),
219 |                  self.group.clone().unwrap_or_default(),
220 |                  members_str)
221 |     }
222 | }
223 | 
224 | impl FromStr for SectorGroup {
225 |     type Err = ParseSectorGroupError;
226 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
227 |         let parts = s.split('\t').collect::<Vec<&str>>();
228 |         let sector = parts[0].parse().map_err(ParseSectorGroupError::Sector)?;
229 |         let gid: Option<u64> = match parts[1] {
230 |             "" => None,
231 |             s => Some(s.parse().map_err(ParseSectorGroupError::Gid)?),
232 |         };
233 |         let group: Option<String> = match parts[2] {
234 |             "" => None,
235 |             s => Some(String::from(s)),
236 |         };
237 |         let members = parts[3].split(' ')
238 |                               .map(|s| s.parse::<Member>().map_err(ParseSectorGroupError::Member))
239 |                               .collect::<Result<Vec<Member>, _>>()?
240 |                               .into_iter()
241 |                               .map(|m| (m.login.clone(), m))
242 |                               .collect::<HashMap<_, _>>();
243 |         Ok(Self { sector,
244 |                   gid,
245 |                   group,
246 |                   members })
247 |     }
248 | }
249 | 
250 | #[derive(Serialize, Deserialize, Debug, Clone)]
251 | pub struct Member {
252 |     pub id: u64,
253 |     pub login: String,
254 | }
255 | 
256 | impl fmt::Display for Member {
257 |     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { write!(f, "{}:{}", self.id, self.login) }
258 | }
259 | 
260 | impl FromStr for Member {
261 |     type Err = std::num::ParseIntError;
262 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
263 |         let parts = s.split(':').collect::<Vec<&str>>();
264 |         Ok(Self { id: parts[0].parse()?,
265 |                   login: String::from(parts[1]) })
266 |     }
267 | }
268 | 
269 | #[allow(dead_code)]
270 | pub struct MemberGid {
271 |     pub member: Member,
272 |     pub gid: u64,
273 | }
274 | 
275 | impl fmt::Display for MemberGid {
276 |     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { write!(f, "{}|{}", self.member, self.gid) }
277 | }
278 | 
279 | impl FromStr for MemberGid {
280 |     type Err = std::num::ParseIntError;
281 |     fn from_str(s: &str) -> Result<Self, Self::Err> {
282 |         let parts = s.split('|').collect::<Vec<&str>>();
283 |         Ok(Self { member: parts[0].parse()?,
284 |                   gid: parts[1].parse()? })
285 |     }
286 | }
287 | 
288 | #[derive(Serialize, Deserialize, Debug)]
289 | pub struct PublicKey {
290 |     pub id: u64,
291 |     pub key: String,
292 | }
293 | 
294 | #[derive(Serialize, Deserialize, Debug)]
295 | pub struct Rate {
296 |     pub limit: usize,
297 |     pub remaining: usize,
298 |     pub reset: usize,
299 | }
300 | 
301 | #[derive(Serialize, Deserialize, Debug)]
302 | pub struct RateLimit {
303 |     pub rate: Rate,
304 | }
305 | 


--------------------------------------------------------------------------------
/test/.gitignore:
--------------------------------------------------------------------------------
1 | testconf.toml
2 | 


--------------------------------------------------------------------------------
/test/Makefile:
--------------------------------------------------------------------------------
  1 | VERSION=$(shell grep "^version" ../Cargo.toml | cut -f 2 -d '"')
  2 | dist:=ubuntu
  3 | ver:=bionic
  4 | user:=hunter
  5 | keyfile:=id_rsa
  6 | target:=x86_64-unknown-linux-gnu
  7 | 
  8 | .PHONY: test-ansible test-deb up down reset
  9 | 
 10 | test-ansible-stub:
 11 | 	make up
 12 | 	make setup-ansible
 13 | 	make exec-login
 14 | 	make down
 15 | 
 16 | test-deb-stub:
 17 | 	make up
 18 | 	make create-test-conf-stub
 19 | 	make setup-deb
 20 | 	make exec-login
 21 | 	make down
 22 | 
 23 | test-deb:
 24 | 	make up
 25 | 	make create-test-conf-env
 26 | 	make setup-deb
 27 | 	make setup-client-key-env
 28 | 	make user=${TEST_USER} exec-login
 29 | 	make down
 30 | 
 31 | setup-deb:
 32 | 	@echo '::group::Installing deb packages'
 33 | 	make -j 2 setup-host-deb setup-client-key
 34 | 	@echo '::endgroup::'
 35 | 
 36 | setup-ansible:
 37 | 	@echo '::group::Installing ansible packages'
 38 | 	make -j 2 setup-host-root setup-client-ansible
 39 | 	docker exec client ansible-playbook -i hosts localtest.yml
 40 | 	sleep 1
 41 | 	@echo '::endgroup::'
 42 | 
 43 | setup-host-root:
 44 | 	docker cp ./keys/root/id_rsa.pub host:/root/.ssh/authorized_keys
 45 | 	docker exec host chown -R root:root /root/.ssh/
 46 | 	docker exec host chmod -R 600 /root/.ssh/
 47 | 
 48 | enter-host:
 49 | 	docker exec -it host bash
 50 | 
 51 | setup-client-key:
 52 | 	docker cp ./keys client:/work/keys
 53 | 
 54 | setup-client-key-env:
 55 | 	@echo "$${TEST_PRIVATE_KEY}" > $(keyfile)
 56 | 	chmod 600 $(keyfile)
 57 | 	docker exec client rm -rf /work/keys
 58 | 	docker exec client mkdir -p /work/keys/user/
 59 | 	docker cp $(keyfile) client:/work/keys/user/$(keyfile)
 60 | 	rm $(keyfile)
 61 | 
 62 | create-test-conf-stub:
 63 | 	@echo 'token = "TESTTOKEN"'                   > testconf.toml
 64 | 	@echo 'org = "soundtribe"'                   >> testconf.toml
 65 | 	@echo 'endpoint = "http://json-server:3000"' >> testconf.toml
 66 | 	@echo                                        >> testconf.toml
 67 | 	@echo '[[team]]'                             >> testconf.toml
 68 | 	@echo 'name = "sector9"'                     >> testconf.toml
 69 | 	@echo 'gid = 2019'                           >> testconf.toml
 70 | 
 71 | create-test-conf-env:
 72 | 	@echo "token = \"${TEST_GITHUB_TOKEN}\""  > testconf.toml
 73 | 	@echo "org = \"${TEST_GITHUB_ORG}\""     >> testconf.toml
 74 | 	@echo                                    >> testconf.toml
 75 | 	@echo '[[team]]'                         >> testconf.toml
 76 | 	@echo "name = \"${TEST_GITHUB_TEAM}\""   >> testconf.toml
 77 | 	@echo "gid = 2022"                       >> testconf.toml
 78 | 
 79 | setup-host-deb:
 80 | 	docker cp ../target/$(target)/debian/sectora_$(VERSION)*.deb host:/tmp/
 81 | 	docker exec host sh -c "DEBIAN_FRONTEND=noninteractive apt-get install -y /tmp/sectora_$(VERSION)*.deb"
 82 | 	docker cp ./testconf.toml host:/etc/sectora.conf
 83 | 	time docker exec host systemctl start sectora
 84 | 	time docker exec host systemctl restart ssh
 85 | 
 86 | setup-client-ansible:
 87 | 	make setup-client-key
 88 | 	docker cp ./client/hosts client:/work/
 89 | 	docker cp ./client/localtest.yml client:/work/
 90 | 	docker cp ../ansible/roles client:/work/roles
 91 | 	docker cp ../ansible/templates client:/work/templates
 92 | 	docker cp ../assets/sectora.service client:/work/
 93 | 	docker cp ../assets/sectora.sh client:/work/
 94 | 	docker cp ../target/$(target)/release client:/work/release
 95 | 
 96 | up:
 97 | 	@echo '::group::Starting containers'
 98 | 	@echo '$(shell tput setaf 6)$(dist) $(shell tput setaf 3)$(ver)$(shell tput sgr 0)'
 99 | 	docker network create -d bridge testnw
100 | 	docker build -t json-server ./json-server
101 | 	docker run -d --network testnw --name json-server json-server json-server --watch db.json --host 0.0.0.0 --routes routes.json
102 | 	docker run -d --network testnw --name host --privileged --cgroupns=host -v /sys/fs/cgroup:/sys/fs/cgroup:rw yasuyuky/ssh-test:$(dist).$(ver)
103 | 	docker build -t client client
104 | 	docker run -d --network testnw --name client -w /work client sh -c 'while true; do sleep 1; done'
105 | 	@echo '::endgroup::'
106 | 
107 | exec-login:
108 | 	@echo '$(shell tput setaf 6)LOGIN TEST START$(shell tput sgr 0)'
109 | 	@echo '$(shell tput setab 7)$(shell tput setaf 0) SSH $(shell tput sgr 0)'
110 | 	@docker exec client ssh $(user)@host -i keys/user/$(keyfile) \
111 | 		echo '"$(shell tput setaf 2)SUCCESS$(shell tput sgr 0)"'
112 | 	@docker exec client ssh $(user)@host -i keys/user/$(keyfile) \
113 | 		echo '::notice title=$(dist)/$(ver)::success'
114 | 	@echo '$(shell tput setab 7)$(shell tput setaf 0) ID $(shell tput sgr 0)'
115 | 	@docker exec client ssh $(user)@host -i keys/user/$(keyfile) id
116 | 	@echo '$(shell tput setab 7)$(shell tput setaf 0) VERSION $(shell tput sgr 0)'
117 | 	@docker exec client ssh $(user)@host -i keys/user/$(keyfile) /usr/sbin/sectora version
118 | 	@echo '$(shell tput setaf 6)LOGIN TEST END$(shell tput sgr 0)'
119 | 
120 | down:
121 | 	@echo '::group::Stopping containers'
122 | 	docker rm -f json-server
123 | 	docker rm -f host
124 | 	docker rm -f client
125 | 	docker network rm testnw
126 | 	@echo '::endgroup::'
127 | 
128 | reset:
129 | 	cd .. && make TARGET=$(target) deb LOG_LEVEL=DEBUG
130 | 	make down
131 | 	make up
132 | 	make setup
133 | 
134 | restart:
135 | 	docker restart host
136 | 


--------------------------------------------------------------------------------
/test/client/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM alpine:3.22.0
2 | 
3 | RUN apk add openssh ansible
4 | COPY sshconfig /root/.ssh/config
5 | RUN chmod -R 600 /root/.ssh
6 | 


--------------------------------------------------------------------------------
/test/client/hosts:
--------------------------------------------------------------------------------
1 | [localhost]
2 | host ansible_user=root ansible_port=22 ansible_ssh_private_key_file=keys/root/id_rsa
3 | 


--------------------------------------------------------------------------------
/test/client/localtest.yml:
--------------------------------------------------------------------------------
 1 | - hosts: localhost
 2 |   become: yes
 3 |   become_method: sudo
 4 |   become_user: root
 5 |   vars:
 6 |     target_dir: ../../release
 7 |     gh_endpoint: http://json-server:3000
 8 |     gh_token: TESTTOKEN
 9 |     gh_org: soundtribe
10 |     gh_teams:
11 |       - name: sector9
12 |         gid: 2019
13 |         sudoers: true
14 |   roles:
15 |     - sectora
16 | 


--------------------------------------------------------------------------------
/test/client/sshconfig:
--------------------------------------------------------------------------------
1 | Host host
2 |   StrictHostKeyChecking no
3 |   UserKnownHostsFile=/dev/null
4 |   LogLevel ERROR
5 | 


--------------------------------------------------------------------------------
/test/json-server/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM node:24-alpine
 2 | 
 3 | RUN npm install -g json-server@0.17.4
 4 | 
 5 | WORKDIR /data
 6 | 
 7 | COPY db.json /data/db.json
 8 | COPY routes.json /data/routes.json
 9 | 
10 | EXPOSE 3000
11 | 


--------------------------------------------------------------------------------
/test/json-server/db.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "rate_limit": {
 3 |     "resources": {
 4 |       "core": {
 5 |         "limit": 5000,
 6 |         "remaining": 4999,
 7 |         "reset": 1372700873
 8 |       },
 9 |       "search": {
10 |         "limit": 30,
11 |         "remaining": 18,
12 |         "reset": 1372697452
13 |       },
14 |       "graphql": {
15 |         "limit": 5000,
16 |         "remaining": 4993,
17 |         "reset": 1372700389
18 |       },
19 |       "integration_manifest": {
20 |         "limit": 5000,
21 |         "remaining": 4999,
22 |         "reset": 1551806725
23 |       }
24 |     },
25 |     "rate": {
26 |       "limit": 5000,
27 |       "remaining": 4999,
28 |       "reset": 1372700873
29 |     }
30 |   },
31 |   "orgs.teams.soundtribe": [
32 |     {
33 |       "id": 9,
34 |       "node_id": "MDQ6VGVhbTE=",
35 |       "url": "https://api.github.com/teams/1",
36 |       "name": "sector9",
37 |       "slug": "sector9",
38 |       "description": "A great team.",
39 |       "privacy": "closed",
40 |       "permission": "admin",
41 |       "members_url": "https://api.github.com/teams/1/members{/member}",
42 |       "repositories_url": "https://api.github.com/teams/1/repos",
43 |       "parent": null
44 |     }
45 |   ],
46 |   "orgs.repos.soundtribe": [],
47 |   "teams.members.9": [
48 |     {
49 |       "login": "hunter",
50 |       "id": 2001,
51 |       "node_id": "MDQ6VXNlcjE=",
52 |       "avatar_url": "https://github.com/images/error/hunter_happy.gif",
53 |       "gravatar_id": "",
54 |       "url": "https://api.github.com/users/hunter",
55 |       "html_url": "https://github.com/hunter",
56 |       "followers_url": "https://api.github.com/users/hunter/followers",
57 |       "following_url": "https://api.github.com/users/hunter/following{/other_user}",
58 |       "gists_url": "https://api.github.com/users/hunter/gists{/gist_id}",
59 |       "starred_url": "https://api.github.com/users/hunter/starred{/owner}{/repo}",
60 |       "subscriptions_url": "https://api.github.com/users/hunter/subscriptions",
61 |       "organizations_url": "https://api.github.com/users/hunter/orgs",
62 |       "repos_url": "https://api.github.com/users/hunter/repos",
63 |       "events_url": "https://api.github.com/users/hunter/events{/privacy}",
64 |       "received_events_url": "https://api.github.com/users/hunter/received_events",
65 |       "type": "User",
66 |       "site_admin": false
67 |     }
68 |   ],
69 |   "users.keys.hunter": [
70 |     {
71 |       "id": 1,
72 |       "key": "ssh-rsa AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA dummy"
73 |     },
74 |     {
75 |       "id": 9,
76 |       "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzu+O14D9UPxq0BsE3iQuNu0z1z96JcqWAic91VPsz4FlFY+lZxih9O/tmuRxBgkKEf4WlpqlKosQYAqXaWLH+3IXH9NdS2EocSHSVBCSLsxd5TEox6cTRMd/mXXolW6PtcMpM/tQiHO3IVhHCX0N7G0MOolw3AdmIGop+mpTNhy+aBkeNLKn6hs/I9MhAr8xoTVJgiHfclGfPUIDzWtwErJD4tcvgY2RF2zFuAauRorz1tbrA5+nnVdTcb+wzV4bycyd+91kkBfhzzrybxlu/ZtVR92gVwAcjATvUtI8oW+wobRWmHPLMs2aZbtCdUbDmAOgjYCu3V/gnxZ3VbGAV hunter@local"
77 |     }
78 |   ]
79 | }
80 | 


--------------------------------------------------------------------------------
/test/json-server/routes.json:
--------------------------------------------------------------------------------
1 | {
2 |   "/rate_limit?page=:page": "/rate_limit",
3 |   "/orgs/:org/teams?page=:page": "/orgs.teams.:org?_page=:page",
4 |   "/orgs/:org/repos?page=:page": "/orgs.repos.:org?_page=:page",
5 |   "/teams/:id/members?page=:page": "/teams.members.:id?_page=:page",
6 |   "/users/:login/keys?page=:page": "/users.keys.:login?_page=:page"
7 | }
8 | 


--------------------------------------------------------------------------------
/test/keys/root/id_rsa:
--------------------------------------------------------------------------------
 1 | -----BEGIN OPENSSH PRIVATE KEY-----
 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
 3 | NhAAAAAwEAAQAAAQEAwl6r0sjwYwcEXa8WhInNxGdYc+IXlA3swpyt8dFJ8vugT0ICuxVS
 4 | ETgJXyj8xEh+hMD/wVuSvNbUt1VsKvx9FwHDwVkR/iRcgrwhx674gWssgR/83H8ATxnfqg
 5 | Ajb7sb5Vt48EF7vVFPdiR3IlTMYLYbPidBpZd3V8RTsLSHZmm9wbQx9PxSgJBMYVbdr2zm
 6 | xEuoIDpN0h04dS/uJdcvaA8LvS3496xfaUqmCRXE1prlAfeGN7qrY5Qetorv2Z/CvCefIJ
 7 | uNPBDVLlGBzbD0FW1lby0UBvpkj/6LJt0tKvLwnrp/t8E6ITjo/qE8ei69ses4a8IgY8r7
 8 | AFA1OdrEewAAA9AtDZtYLQ2bWAAAAAdzc2gtcnNhAAABAQDCXqvSyPBjBwRdrxaEic3EZ1
 9 | hz4heUDezCnK3x0Uny+6BPQgK7FVIROAlfKPzESH6EwP/BW5K81tS3VWwq/H0XAcPBWRH+
10 | JFyCvCHHrviBayyBH/zcfwBPGd+qACNvuxvlW3jwQXu9UU92JHciVMxgths+J0Gll3dXxF
11 | OwtIdmab3BtDH0/FKAkExhVt2vbObES6ggOk3SHTh1L+4l1y9oDwu9Lfj3rF9pSqYJFcTW
12 | muUB94Y3uqtjlB62iu/Zn8K8J58gm408ENUuUYHNsPQVbWVvLRQG+mSP/osm3S0q8vCeun
13 | +3wTohOOj+oTx6Lr2x6zhrwiBjyvsAUDU52sR7AAAAAwEAAQAAAQAI+jxvcO6BdGqENTkS
14 | CBdj8e4I9DFomjgMSRZTq/oBahPedUsQ/wwaVX9BUPBT1JFbalqlwKgHZtjOWvizB5Rzgp
15 | ZbENUe6ukG9M+OnItH1v5oPGT+fjMydBx7iqQYXgkMz+vHFQ81EFNePpLuGAKUmPSrKz8B
16 | +fv+JshCyiPS3AyqCwqTLKet82sxcdYDx1x2/8NWOEDEthbfQ5BQumDltLEl2bINKexfwi
17 | wnurgkUyRv0nOH9UV18lNy7ApwQLM1t55H6S9mH/olXKj9swwkB5vicX0tkC1DTdgjkl/s
18 | FV7cy5Bgi+6ygWjKh+m53tOaBytQLVNYbymAz3QfVZDpAAAAgC1CQlg82xW2xbv607mQpt
19 | wjbySJTyE1X1dDIZ+rms6ESs5WP6ZFKimg6rRyjR4ZSOqVF5xdAjI+nsn+CDRxJgscAnrx
20 | PptKxKRtZyUffTNmesSFwpUFxxBn/WYpJ7EWecxGeOoUrZT0YcZXEjcr+nJK3ITvobdwH/
21 | lQysecCObCAAAAgQD+Vfc7R44C+ix5MKCltVg4XdzCzvpsH9QkLQhiVX6lzlbrvtHmuqUr
22 | GC98+ISRolXkIGQmeJujspyzXgRnJ9+3SG0rYGgcvM+2JEpKs5bYduiDY7yKui8oGZxE9I
23 | z66JfvE0VxfbWTVgtOmw5RocyCRIkrMLMN5F5gYrLiZZ3ORQAAAIEAw6RB29mO4h80HTPW
24 | p9Ba2wYWEQrrkGzyxCmAouCcDstl2T7RIKCoA+JFMzi/5Q5FyOW6q5K8zmrfykyk3Wks70
25 | EViVtEU+Kt8VdtmjCt9B4TOag0cAIr1RMWSnl6x2fhevn0/6vE2A/tIk0v8jiqKcOU2cgS
26 | PedSDbiDHKLf078AAAAXeWFzdXl1a3lAZmV2ZXJmZXcubG9jYWwBAgME
27 | -----END OPENSSH PRIVATE KEY-----
28 | 


--------------------------------------------------------------------------------
/test/keys/root/id_rsa.pub:
--------------------------------------------------------------------------------
1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCXqvSyPBjBwRdrxaEic3EZ1hz4heUDezCnK3x0Uny+6BPQgK7FVIROAlfKPzESH6EwP/BW5K81tS3VWwq/H0XAcPBWRH+JFyCvCHHrviBayyBH/zcfwBPGd+qACNvuxvlW3jwQXu9UU92JHciVMxgths+J0Gll3dXxFOwtIdmab3BtDH0/FKAkExhVt2vbObES6ggOk3SHTh1L+4l1y9oDwu9Lfj3rF9pSqYJFcTWmuUB94Y3uqtjlB62iu/Zn8K8J58gm408ENUuUYHNsPQVbWVvLRQG+mSP/osm3S0q8vCeun+3wTohOOj+oTx6Lr2x6zhrwiBjyvsAUDU52sR7 yasuyuky@feverfew.local
2 | 


--------------------------------------------------------------------------------
/test/keys/user/id_rsa:
--------------------------------------------------------------------------------
 1 | -----BEGIN OPENSSH PRIVATE KEY-----
 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
 3 | NhAAAAAwEAAQAAAQEAs7vjteA/VD8atAbBN4kLjbtM9c/eiXKlgInPdVT7M+BZRWPpWcYo
 4 | fTv7ZrkcQYJChH+FpaapSqLEGAKl2lix/tyFx/TXUthKHEh0lQQki7MXeUxKMenE0THf5l
 5 | 16JVuj7XDKTP7UIhztyFYRwl9DextDDqJcNwHZiBqKfpqUzYcvmgZHjSyp+obPyPTIQK/M
 6 | aE1SYIh33JRnz1CA81rcBKyQ+LXL4GNkRdsxbgGrkaK89bW6wOfp51XU3G/sM1eG8nMnfv
 7 | dZJAX4c868m8Zbv2bVUfdoFcAHIwE71LSPKFvsKG0VphzyzLNmmW7QnVGw5gDoI2Art1f4
 8 | J8Wd1WxgFQAAA9DQzZ460M2eOgAAAAdzc2gtcnNhAAABAQCzu+O14D9UPxq0BsE3iQuNu0
 9 | z1z96JcqWAic91VPsz4FlFY+lZxih9O/tmuRxBgkKEf4WlpqlKosQYAqXaWLH+3IXH9NdS
10 | 2EocSHSVBCSLsxd5TEox6cTRMd/mXXolW6PtcMpM/tQiHO3IVhHCX0N7G0MOolw3AdmIGo
11 | p+mpTNhy+aBkeNLKn6hs/I9MhAr8xoTVJgiHfclGfPUIDzWtwErJD4tcvgY2RF2zFuAauR
12 | orz1tbrA5+nnVdTcb+wzV4bycyd+91kkBfhzzrybxlu/ZtVR92gVwAcjATvUtI8oW+wobR
13 | WmHPLMs2aZbtCdUbDmAOgjYCu3V/gnxZ3VbGAVAAAAAwEAAQAAAQAQUKTp9JIrFpNY9igB
14 | 34nR8seYpKbhuSt20Iupbe5jliDkYJ5lDMzOGWzHtVPwSl+5YU4DbG5/nOjJ+SuO93Ao32
15 | GxdfM5zPJlQNp8UGT03WvrEdbGUx8PkkRtx9x3mar2ub9TX+pnslKPVejEyRr6CM58fJZ8
16 | U8moRih+N4/8W/sU4DqEZsOY0CmJ80UVjmUdWN4ak0Qo8d2rYkdqk/JtHJDl/o2aCWVY/A
17 | lzDs4boPe/C9hPsm0DUJjCc++SSOV46IoVa0BqvezUDrov26vYf4kvdCiJhb8htNMUQTtN
18 | WCRsnNjSnMkR/cv4PUYmILWj6WaYjlTxQHkh6zdd/dTdAAAAgQDZxQoieivpUAXrrTu0Bl
19 | wOa4cK1VGh8MD85HtJ6IPfdDWAxF2LsatpvQmTQDPs49WwyWSCZ+B5sPFQWxFglRtcdpne
20 | ElcPSPD/pmTUW2uBIv1bHmLGEewXYGG5hjQvxLnjGRAJITcaiiTuq4NCPmD3TpX9xbUuRF
21 | dU3CsxNooudgAAAIEA5tu+prpwSKf3LVJoOpYyNcf+cPprLKo2VQj3ZSBJ2uRb6IUVOe3L
22 | XBJY72UkSuKzFXaDL1v5+yuQ870v+/LRqSlo3zhDwDGofk+WuZKFVTlkKf2coyWoNOT8Uo
23 | OaWt90UN6jOC3yNvlwiQdDZgiBfPoQRpr64pBHVTc62iIhuYcAAACBAMdOz/sqCV2CxIyk
24 | CuUojhV/N4mX+R1msZ2sOseHs3OiDudtUzcUrPjoh55Kx42XLdHtHrDwMZePl28Vfpe5jZ
25 | RhX9/LkkEeKE649UINsURPjtbr/HFL6X197Jt3u2w+xeEN6zJPQotWV/8BcOWjBSSIRmp0
26 | AFptMKLWMPGFXhCDAAAAF3lhc3V5dWt5QGZldmVyZmV3LmxvY2FsAQID
27 | -----END OPENSSH PRIVATE KEY-----
28 | 


--------------------------------------------------------------------------------
/test/keys/user/id_rsa.pub:
--------------------------------------------------------------------------------
1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzu+O14D9UPxq0BsE3iQuNu0z1z96JcqWAic91VPsz4FlFY+lZxih9O/tmuRxBgkKEf4WlpqlKosQYAqXaWLH+3IXH9NdS2EocSHSVBCSLsxd5TEox6cTRMd/mXXolW6PtcMpM/tQiHO3IVhHCX0N7G0MOolw3AdmIGop+mpTNhy+aBkeNLKn6hs/I9MhAr8xoTVJgiHfclGfPUIDzWtwErJD4tcvgY2RF2zFuAauRorz1tbrA5+nnVdTcb+wzV4bycyd+91kkBfhzzrybxlu/ZtVR92gVwAcjATvUtI8oW+wobRWmHPLMs2aZbtCdUbDmAOgjYCu3V/gnxZ3VbGAV yasuyuky@feverfew.local
2 | 


--------------------------------------------------------------------------------