Replace all the crypto with Noise/Snow (#130)

oxy-secure · Jun 28, 2018 · a900330 · a900330
1 parent 225381b
commit a900330
Show file tree

Hide file tree

Showing 19 changed files with 1,056 additions and 782 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -2,7 +2,7 @@ cargo-features = ["edition"]
 
 [package]
 name = "oxy"
-version = "2.0.2"
+version = "3.0.0-dev1"
 authors = ["Jenna Magius <pyrosim@gmail.com>"]
 license = "BSD-2-Clause"
 description = "A security focused remote access tool."
@@ -16,21 +16,21 @@ clap = "2.31"
 toml = "0.4"
 serde = "1.0"
 serde_derive = "1.0"
+serde_cbor = "0.8"
+libflate = "0.1"
 byteorder = "1.2"
 log = "0.4"
 env_logger = "0.5"
 shlex = "0.1"
-transportation = { version = "2", features = ["protocol", "encrypt"] }
+transportation = { git = "https://github.com/oxy-secure/transportation.git", branch = "dev", features = ["encrypt"] }
 lazy_static = "1.0"
 num = "0.1"
-rustyline = "1.0"
-rmp = "0.8"
-rmp-serde = "0.13"
 nix = "0.11"
 libc = "0.2.40"
 data-encoding = "2.1.1"
 textwrap = { version = "0.10", features = ["term_size"] }
 parking_lot = { version = "0.6", features = ["nightly"] }
+snow = "0.2.1"
 
 [target.'cfg(unix)'.dependencies]
 termion = "1.5.1"

diff --git a/protocol.txt b/protocol.txt
diff --git a/src/arg.rs b/src/arg.rs
@@ -24,7 +24,7 @@ crate fn create_app() -> App<'static, 'static> {
         .takes_value(true)
         .help("Use [identity] as authentication information for connecting to the remote server.")
         .env("OXY_IDENTITY");
-    let command = Arg::with_name("command").index(2);
+    let command = Arg::with_name("command").index(2).multiple(true);
     let l_portfwd = Arg::with_name("local port forward")
         .multiple(true)
         .short("L")
@@ -53,10 +53,6 @@ crate fn create_app() -> App<'static, 'static> {
         .help("The port used for TCP")
         .takes_value(true)
         .default_value("2600");
-    let user = Arg::with_name("user")
-        .long("user")
-        .takes_value(true)
-        .help("The remote username to log in with. Only applicable for servers using --su-mode");
     let via = Arg::with_name("via")
         .long("via")
         .takes_value(true)
@@ -92,6 +88,17 @@ crate fn create_app() -> App<'static, 'static> {
         .short("C")
         .long("compress")
         .help("Enable ZLIB format compression of all transmitted data");
+    let no_tmux = Arg::with_name("no tmux")
+        .long("no-tmux")
+        .help("Do not use a terminal multiplexer as the default pty command");
+    let multiplexer = Arg::with_name("multiplexer")
+        .long("multiplexer")
+        .default_value("/usr/bin/tmux new-session -A -s oxy")
+        .help(
+            "The command to attach to a terminal multiplexer. Ignored if the first component is not an existent file, or if --no-tmux is supplied.",
+        );
+    let tun = Arg::with_name("tun").long("tun").help("Connect two tunnel devices together. This will work if either: both sides of the connection have root privileges (not recommended), or if the devices have been previously created with appropriate permissions (e.g. 'ip tuntap add tun0 mode tun user [youruser]')").takes_value(true).value_name("local[:remote]");
+    let tap = Arg::with_name("tap").long("tap").help("Connect two tap devices together. This will work if either: both sides of the connection have root privileges (not recommended), or if the devices have been previously created with appropriate permissions (e.g. 'ip tuntap add tap0 mode tap user [youruser]')").takes_value(true).value_name("local[:remote]");
     let client_args = vec![
         metacommand.clone(),
         identity.clone(),
@@ -103,10 +110,11 @@ crate fn create_app() -> App<'static, 'static> {
         trusted_xforward,
         server_config.clone(),
         client_config.clone(),
-        user,
         via,
         compression.clone(),
         verbose.clone(),
+        tun,
+        tap,
         command,
     ];
     let server_args = vec![
@@ -116,6 +124,8 @@ crate fn create_app() -> App<'static, 'static> {
         identity.clone(),
         port.clone(),
         verbose.clone(),
+        no_tmux.clone(),
+        multiplexer.clone(),
     ];
 
     let subcommands = vec![
@@ -134,8 +144,7 @@ crate fn create_app() -> App<'static, 'static> {
             .arg(unsafe_reexec),
         SubCommand::with_name("serve-one")
             .about("Accept a single TCP connection, then service it in the same process.")
-            .args(&server_args)
-            .arg(Arg::with_name("bind-address").index(1).default_value("::0")),
+            .args(&server_args),
         SubCommand::with_name("reverse-server")
             .about("Connect out to a listening client. Then, be a server.")
             .args(&server_args)
@@ -150,8 +159,8 @@ crate fn create_app() -> App<'static, 'static> {
             .arg(server_config)
             .arg(compression)
             .arg(Arg::with_name("location").index(1).multiple(true).number_of_values(1))
-            .arg(identity.clone())
-            .arg(verbose.clone()),
+            .arg(&identity)
+            .arg(&verbose),
         SubCommand::with_name("guide").about("Print information to help a new user get the most out of Oxy."),
         SubCommand::with_name("keygen").about("Generate keys"),
     ];