aspera-cli 4.20.0 → 4.21.1

data/lib/aspera/oauth/factory.rb

@@ -13,6 +13,7 @@ module Aspera
       PERSIST_CATEGORY_TOKEN = 'token'
       # prefix for bearer token when in header
       BEARER_PREFIX = 'Bearer '
+      TOKEN_FIELD = 'access_token'
 
       private_constant :PERSIST_CATEGORY_TOKEN, :BEARER_PREFIX
 
@@ -87,7 +88,45 @@ module Aspera
 
       # delete all existing tokens
       def flush_tokens
-        persist_mgr.garbage_collect(PERSIST_CATEGORY_TOKEN, nil)
+        persist_mgr.garbage_collect(PERSIST_CATEGORY_TOKEN)
+      end
+
+      def persisted_tokens
+        data = persist_mgr.current_items(PERSIST_CATEGORY_TOKEN)
+        data.each.map do |k, v|
+          info = {id: k}
+          info.merge!(JSON.parse(v)) rescue nil
+          d = decode_token(info.delete(TOKEN_FIELD))
+          info.merge(d) if d
+          info
+        end
+      end
+
+      # get token information from cache
+      # @param id [String] identifier of token
+      # @return [Hash] token internal information , including Date object for `expiration_date`
+      def get_token_info(id)
+        token_raw_string = persist_mgr.get(id)
+        return nil if token_raw_string.nil?
+        token_data = JSON.parse(token_raw_string)
+        Aspera.assert_type(token_data, Hash)
+        decoded_token = decode_token(token_data[TOKEN_FIELD])
+        info = { data: token_data }
+        Log.log.debug{Log.dump('decoded_token', decoded_token)}
+        if decoded_token.is_a?(Hash)
+          info[:decoded] = decoded_token
+          # TODO: move date decoding to token decoder ?
+          expiration_date =
+            if    decoded_token['expires_at'].is_a?(String) then DateTime.parse(decoded_token['expires_at']).to_time
+            elsif decoded_token['exp'].is_a?(Integer)       then Time.at(decoded_token['exp'])
+            end
+          unless expiration_date.nil?
+            info[:expiration] = expiration_date
+            info[:ttl_sec] = expiration_date - Time.now
+            info[:expired] = info[:ttl_sec] < @parameters[:token_expiration_guard_sec]
+          end
+        end
+        return info
       end
 
       # register a bearer token decoder, mainly to inspect expiry date
@@ -125,6 +164,6 @@ module Aspera
       end
     end
     # JSON Web Signature (JWS) compact serialization: https://datatracker.ietf.org/doc/html/rfc7515
-    Factory.instance.register_decoder(lambda { |token| parts = token.split('.'); Aspera.assert(parts.length.eql?(3)){'not aoc token'}; JSON.parse(Base64.decode64(parts[1]))}) # rubocop:disable Style/Semicolon, Layout/LineLength
+    Factory.instance.register_decoder(lambda { |token| parts = token.split('.'); Aspera.assert(parts.length.eql?(3)){'not JWS token'}; JSON.parse(Base64.decode64(parts[1]))}) # rubocop:disable Style/Semicolon, Layout/LineLength
   end
 end

data/lib/aspera/oauth/jwt.rb

@@ -21,12 +21,15 @@ module Aspera
         private_key_obj:,
         payload:,
         headers: {},
+        cache_ids: [],
         **base_params
       )
         Aspera.assert_type(private_key_obj, OpenSSL::PKey::RSA){'private_key_obj'}
         Aspera.assert_type(payload, Hash){'payload'}
         Aspera.assert_type(headers, Hash){'headers'}
-        super(**base_params, cache_ids: [payload[:sub]])
+        Aspera.assert_type(cache_ids, Array){'cache ids'}
+        new_cache_ids = cache_ids.clone.push(payload[:sub])
+        super(**base_params, cache_ids: new_cache_ids)
         @private_key_obj = private_key_obj
         @additional_payload = payload
         @headers = headers

data/lib/aspera/persistency_action_once.rb

@@ -7,7 +7,7 @@ require 'aspera/assert'
 module Aspera
   # Persist data on file system
   class PersistencyActionOnce
-    DELETE_DEFAULT = lambda{|d|d.empty?}
+    DELETE_DEFAULT = lambda(&:empty?)
     PARSE_DEFAULT = lambda {|t| JSON.parse(t)}
     FORMAT_DEFAULT = lambda {|h| JSON.generate(h)}
     MERGE_DEFAULT = lambda {|current, file| current.concat(file).uniq rescue current}

data/lib/aspera/persistency_folder.rb

@@ -18,7 +18,8 @@ module Aspera
       Log.log.debug{"persistency folder: #{@folder}"}
     end
 
-    # @return String or nil string on existing persist, else nil
+    # Get value of persisted item
+    # @return [String,nil] Value of persisted id
     def get(object_id)
       Log.log.debug{"persistency get: #{object_id}"}
       if @cache.key?(object_id)
@@ -34,6 +35,10 @@ module Aspera
       return @cache[object_id]
     end
 
+    # Set value of persisted item
+    # @param object_id [String] Identifier of persisted item
+    # @param value [String] Value of persisted item
+    # @return [nil]
     def put(object_id, value)
       Aspera.assert_type(value, String)
       persist_filepath = id_to_filepath(object_id)
@@ -42,8 +47,11 @@ module Aspera
       File.write(persist_filepath, value)
       Environment.restrict_file_access(persist_filepath)
       @cache[object_id] = value
+      nil
     end
 
+    # Delete persisted item
+    # @param object_id [String] Identifier of persisted item
     def delete(object_id)
       persist_filepath = id_to_filepath(object_id)
       Log.log.debug{"persistency deleting: #{persist_filepath}"}
@@ -51,8 +59,9 @@ module Aspera
       @cache.delete(object_id)
     end
 
+    # Delete persisted items
     def garbage_collect(persist_category, max_age_seconds=nil)
-      garbage_files = Dir[File.join(@folder, persist_category + '*' + FILE_SUFFIX)]
+      garbage_files = current_files(persist_category)
       if !max_age_seconds.nil?
         current_time = Time.now
         garbage_files.select! { |filepath| (current_time - File.stat(filepath).mtime).to_i > max_age_seconds}
@@ -61,9 +70,18 @@ module Aspera
         File.delete(filepath)
         Log.log.debug{"persistency deleted expired: #{filepath}"}
       end
+      @cache.clear
       return garbage_files
     end
 
+    def current_files(persist_category)
+      Dir[File.join(@folder, persist_category + '*' + FILE_SUFFIX)]
+    end
+
+    def current_items(persist_category)
+      current_files(persist_category).each_with_object({}) {|i, h| h[File.basename(i, FILE_SUFFIX)] = File.read(i)}
+    end
+
     private
 
     # @param object_id String or Array

data/lib/aspera/preview/generator.rb

@@ -66,7 +66,7 @@ module Aspera
           result_size = File.size(@destination_file_path)
           Log.log.warn{"preview size exceeds maximum allowed #{result_size} > #{@options.max_size}"} if result_size > @options.max_size
         rescue StandardError => e
-          Log.log.error{"Ignoring: #{e.message}"}
+          Log.log.error{"Ignoring: #{e.class} #{e.message}"}
           Log.log.debug(e.backtrace.join("\n").red)
           FileUtils.cp(File.expand_path(@preview_format_sym.eql?(:mp4) ? 'video_error.png' : 'image_error.png', File.dirname(__FILE__)), @destination_file_path)
         ensure

data/lib/aspera/preview/utils.rb

@@ -42,10 +42,15 @@ module Aspera
 
         # execute external command
         # one could use "system", but we would need to redirect stdout/err
-        # @return true if su
+        # @return nil
         def external_command(command_sym, command_args)
           Aspera.assert_values(command_sym, EXTERNAL_TOOLS){'command'}
-          return Environment.secure_capture(command_sym.to_s, *command_args)
+          Environment.secure_execute(exec: command_sym.to_s, args: command_args.map(&:to_s))
+        end
+
+        def external_capture(command_sym, command_args)
+          Aspera.assert_values(command_sym, EXTERNAL_TOOLS){'command'}
+          return Environment.secure_capture(exec: command_sym.to_s, args: command_args.map(&:to_s))
         end
 
         def ffmpeg(a)
@@ -63,7 +68,7 @@ module Aspera
 
         # @return Float in seconds
         def video_get_duration(input_file)
-          return external_command(:ffprobe, [
+          return external_capture(:ffprobe, [
             '-loglevel', 'error',
             '-show_entries', 'format=duration',
             '-print_format', 'default=noprint_wrappers=1:nokey=1', # cspell:disable-line

data/lib/aspera/products/alpha.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require 'aspera/environment'
+
+module Aspera
+  module Products
+    # Aspera Desktop Alpha Client
+    class Alpha
+      APP_NAME = 'IBM Aspera for Desktop'
+      APP_IDENTIFIER = 'com.ibm.software.aspera.desktop'
+      class << self
+        # standard folder locations
+        def locations
+          case Aspera::Environment.os
+          when Aspera::Environment::OS_MACOS then [{
+            app_root: File.join('', 'Applications', 'IBM Aspera.app'),
+            log_root: File.join(Dir.home, 'Library', 'Logs', APP_IDENTIFIER),
+            sub_bin:  File.join('Contents', 'Resources', 'transferd', 'bin')
+          }]
+          else []
+          end.map { |i| i.merge({ expected: APP_NAME }) }
+        end
+
+        def log_file
+          File.join(Dir.home, 'Library', 'Logs', APP_IDENTIFIER, 'ibm-aspera-desktop.log')
+        end
+      end
+    end
+  end
+end

data/lib/aspera/products/connect.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+require 'aspera/environment'
+
+module Aspera
+  module Products
+    class Connect
+      APP_NAME = 'IBM Aspera Connect'
+      class << self
+        # standard folder locations
+        def locations
+          case Aspera::Environment.os
+          when Aspera::Environment::OS_WINDOWS then [{
+            app_root: File.join(ENV.fetch('LOCALAPPDATA', nil), 'Programs', 'Aspera', 'Aspera Connect'),
+            log_root: File.join(ENV.fetch('LOCALAPPDATA', nil), 'Aspera', 'Aspera Connect', 'var', 'log'),
+            run_root: File.join(ENV.fetch('LOCALAPPDATA', nil), 'Aspera', 'Aspera Connect')
+          }]
+          when Aspera::Environment::OS_MACOS then [{
+            app_root: File.join(Dir.home, 'Applications', 'Aspera Connect.app'),
+            log_root: File.join(Dir.home, 'Library', 'Logs', 'Aspera_Connect'),
+            run_root: File.join(Dir.home, 'Library', 'Application Support', 'Aspera', 'Aspera Connect'),
+            sub_bin:  File.join('Contents', 'Resources')
+          }, {
+            app_root: File.join('', 'Applications', 'Aspera Connect.app'),
+            log_root: File.join(Dir.home, 'Library', 'Logs', 'Aspera_Connect'),
+            run_root: File.join(Dir.home, 'Library', 'Application Support', 'Aspera', 'Aspera Connect'),
+            sub_bin:  File.join('Contents', 'Resources')
+          }, {
+            app_root: File.join(Dir.home, 'Applications', 'IBM Aspera Connect.app'),
+            log_root: File.join(Dir.home, 'Library', 'Logs', 'Aspera_Connect'),
+            run_root: File.join(Dir.home, 'Library', 'Application Support', 'Aspera', 'Aspera Connect'),
+            sub_bin:  File.join('Contents', 'Resources')
+          }, {
+            app_root: File.join('', 'Applications', 'IBM Aspera Connect.app'),
+            log_root: File.join(Dir.home, 'Library', 'Logs', 'Aspera_Connect'),
+            run_root: File.join(Dir.home, 'Library', 'Application Support', 'Aspera', 'Aspera Connect'),
+            sub_bin:  File.join('Contents', 'Resources')
+          }]
+          else [{ # other: Linux and Unix family
+            app_root: File.join(Dir.home, '.aspera', 'connect'),
+            run_root: File.join(Dir.home, '.aspera', 'connect')
+          }]
+          end.map { |i| i.merge({ expected: APP_NAME }) }
+        end
+      end
+    end
+  end
+end

data/lib/aspera/products/other.rb

@@ -0,0 +1,82 @@
+# frozen_string_literal: true
+
+# cspell:ignore LOCALAPPDATA
+require 'aspera/environment'
+
+module Aspera
+  # Location of Aspera products, for which an Agent is not proposed
+  module Products
+    # other Aspera products with ascp
+    class Other
+      CLI_V3 = 'Aspera CLI (deprecated)'
+      DRIVE = 'Aspera Drive (deprecated)'
+      HSTS = 'IBM Aspera High-Speed Transfer Server'
+
+      private_constant :CLI_V3, :DRIVE, :HSTS
+      # product information manifest: XML (part of aspera product)
+      INFO_META_FILE = 'product-info.mf'
+
+      # :expected  M app name is taken from the manifest if present, else defaults to this value
+      # :app_root  M main folder for the application
+      # :log_root  O location of log files (Linux uses syslog)
+      # :run_root  O only for Connect Client, location of http port file
+      # :sub_bin   O subfolder with executables, default : bin
+      LOCATION_ON_THIS_OS = case Aspera::Environment.os
+      when Aspera::Environment::OS_WINDOWS then [{
+        expected: CLI_V3,
+        app_root: File.join('C:', 'Program Files', 'Aspera', 'cli'),
+        log_root: File.join('C:', 'Program Files', 'Aspera', 'cli', 'var', 'log')
+      }, {
+        expected: HSTS,
+        app_root: File.join('C:', 'Program Files', 'Aspera', 'Enterprise Server'),
+        log_root: File.join('C:', 'Program Files', 'Aspera', 'Enterprise Server', 'var', 'log')
+      }]
+      when Aspera::Environment::OS_MACOS then [{
+        expected: CLI_V3,
+        app_root: File.join(Dir.home, 'Applications', 'Aspera CLI'),
+        log_root: File.join(Dir.home, 'Library', 'Logs', 'Aspera')
+      }, {
+        expected: HSTS,
+        app_root: File.join('', 'Library', 'Aspera'),
+        log_root: File.join(Dir.home, 'Library', 'Logs', 'Aspera')
+      }, {
+        expected: DRIVE,
+        app_root: File.join('', 'Applications', 'Aspera Drive.app'),
+        log_root: File.join(Dir.home, 'Library', 'Logs', 'Aspera_Drive'),
+        sub_bin:  File.join('Contents', 'Resources')
+      }]
+      else [{ # other: Linux and Unix family
+        expected: CLI_V3,
+        app_root: File.join(Dir.home, '.aspera', 'cli')
+      }, {
+        expected: HSTS,
+        app_root: File.join('', 'opt', 'aspera')
+      }]
+      end
+      class << self
+        def find(scan_locations)
+          scan_locations.select do |item|
+            # skip if not main folder
+            Log.log.trace1{"Checking #{item[:app_root]}"}
+            next false unless Dir.exist?(item[:app_root])
+            Log.log.debug{"Found #{item[:expected]}"}
+            sub_bin = item[:sub_bin] || 'bin'
+            item[:ascp_path] = File.join(item[:app_root], sub_bin, Environment.exe_file('ascp'))
+            # skip if no ascp
+            next false unless File.exist?(item[:ascp_path])
+            # read info from product info file if present
+            product_info_file = "#{item[:app_root]}/#{INFO_META_FILE}"
+            if File.exist?(product_info_file)
+              res_s = XmlSimple.xml_in(File.read(product_info_file), {'ForceArray' => false})
+              item[:name] = res_s['name']
+              item[:version] = res_s['version']
+            else
+              item[:name] = item[:expected]
+            end
+            true # select this version
+          end
+        end
+      end
+    end
+  end
+end

data/lib/aspera/products/transferd.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+module Aspera
+  module Products
+    class Transferd
+      APP_NAME = 'IBM Aspera Transfer Daemon'
+      class << self
+        # standard folder locations
+        def locations
+          [{
+            app_root: sdk_directory,
+            sub_bin:  ''
+          }].map { |i| i.merge({ expected: APP_NAME }) }
+        end
+
+        # location of SDK files
+        def sdk_directory=(v)
+          Log.log.debug{"sdk_directory=#{v}"}
+          @sdk_dir = v
+          sdk_directory
+        end
+
+        # @return the path to folder where SDK is installed
+        def sdk_directory
+          Aspera.assert(!@sdk_dir.nil?){'SDK path was not initialized'}
+          FileUtils.mkdir_p(@sdk_dir)
+          @sdk_dir
+        end
+
+        def transferd_path
+          return File.join(sdk_directory, Environment.exe_file('asperatransferd')) # cspell:disable-line
+        end
+
+        # Well, the port number is only in log file
+        def daemon_port_from_log(log_file)
+          result = nil
+          # if port is zero, a dynamic port was created, get it
+          File.open(log_file, 'r') do |file|
+            file.each_line do |line|
+              # Well, it's tricky to depend on log
+              if (m = line.match(/Info: API Server: Listening on ([^:]+):(\d+) /))
+                result = m[2].to_i
+                # no "break" , need to read last matching log line
+              end
+            end
+          end
+          raise 'Port not found in daemon logs' if result.nil?
+          Log.log.debug{"Got port #{result} from log"}
+          return result
+        end
+      end
+    end
+  end
+end

data/lib/aspera/rest.rb

@@ -10,7 +10,6 @@ require 'net/http'
 require 'net/https'
 require 'json'
 require 'base64'
-require 'cgi'
 require 'singleton'
 require 'securerandom'
 
@@ -22,11 +21,13 @@ class Net::HTTP::Cancel < Net::HTTPRequest # rubocop:disable Style/ClassAndModul
 end
 
 module Aspera
-  # Global settings
+  # Global settings for Rest object
+  # For example to remove certificate verification globally:
+  # `RestParameters.instance.session_cb = lambda{|http|http.verify_mode=OpenSSL::SSL::VERIFY_NONE}`
   # @param user_agent [String] HTTP request header: 'User-Agent'
   # @param download_partial_suffix [String] suffix for partial download
   # @param session_cb [lambda] lambda called on new HTTP session. Takes the Net::HTTP as arg. Used to change parameters on creation.
-  # @param progress_bar [Object] progress bar object
+  # @param progress_bar [Object] progress bar object called for file transfer
   class RestParameters
     include Singleton
 
@@ -200,6 +201,9 @@ module Aspera
       }
     end
 
+    # Create a REST object for API calls
+    # HTTP sessions parameters can be modified using global parameters in RestParameters
+    # For example, TLS verification can be skipped.
     # @param base_url [String] base URL of REST API
     # @param auth [Hash] authentication parameters:
     #     :type (:none, :basic, :url, :oauth2)
@@ -207,14 +211,15 @@ module Aspera
     #     :password   [:basic]
     #     :url_query  [:url]    a hash
     #     :*          [:oauth2] see OAuth::Factory class
-    # @param not_auth_codes [Array] codes that trigger a refresh/regeneration of bearer token
-    # @param redirect_max [int] max redirection allowed
+    # @param not_auth_codes [Array]   codes that trigger a refresh/regeneration of bearer token
+    # @param redirect_max   [Integer] max redirection allowed
+    # @param headers        [Hash]    default headers to include in all calls
     def initialize(
       base_url:,
-      auth: nil,
-      not_auth_codes: nil,
+      auth: {type: :none},
+      not_auth_codes: ['401'],
       redirect_max: 0,
-      headers: nil
+      headers: {}
     )
       Aspera.assert_type(base_url, String)
       # base url with no trailing slashes (note: string may be frozen)
@@ -224,20 +229,20 @@ module Aspera
       @base_url = @base_url.gsub(/:80$/, '') if @base_url.start_with?('http://')
       Log.log.debug{"Rest.new(#{@base_url})"}
       # default is no auth
-      @auth_params = auth.nil? ? {type: :none} : auth
+      @auth_params = auth
       Aspera.assert_type(@auth_params, Hash)
       Aspera.assert(@auth_params.key?(:type)){'no auth type defined'}
-      @not_auth_codes = not_auth_codes.nil? ? ['401'] : not_auth_codes
+      @not_auth_codes = not_auth_codes
       Aspera.assert_type(@not_auth_codes, Array)
       # persistent session
       @http_session = nil
-      # OAuth object (created on demand)
-      @oauth = nil
       @redirect_max = redirect_max
       Aspera.assert_type(@redirect_max, Integer)
-      @headers = headers.nil? ? {} : headers
+      @headers = headers
       Aspera.assert_type(@headers, Hash)
       @headers['User-Agent'] ||= RestParameters.instance.user_agent
+      # OAuth object (created on demand)
+      @oauth = nil
     end
 
     # @return the OAuth object (create, or cached if already created)

data/lib/aspera/secret_hider.rb

@@ -20,6 +20,8 @@ module Aspera
     KEY_FALSE_POSITIVES = [/^access_key$/, /^fallback_private_key$/].freeze
     # regex that define named captures :begin and :end
     REGEX_LOG_REPLACES = [
+      # private key values (place first)
+      /(?<begin>--+BEGIN [^-]+ KEY--+)[[:ascii:]]+?(?<end>--+?END [^-]+ KEY--+)\n*/,
       # CLI manager get/set options
       /(?<begin>[sg]et (?:#{KEY_SECRETS.join('|')})=).*(?<end>)/,
       # env var ascp exec
@@ -28,8 +30,6 @@ module Aspera
       /(?<begin>(?:(?<quote>["'])|:)[^"':=]*(?:#{ALL_SECRETS.join('|')})[^"':=]*\k<quote>?(?:=>|:) *")[^"]+(?<end>")/,
       # logged data
       /(?<begin>(?:#{ALL_SECRETS2.join('|')})[ =:]+).*(?<end>$)/,
-      # private key values
-      /(?<begin>--+BEGIN [^-]+ KEY--+)[[:ascii:]]+?(?<end>--+?END [^-]+ KEY--+)/,
       # cred in http dump
       /(?<begin>(?:#{HTTP_SECRETS.join('|')}): )[^\\]+(?<end>\\)/i
     ].freeze

data/lib/aspera/ssh.rb

@@ -1,33 +1,41 @@
 # frozen_string_literal: true
 
 require 'net/ssh'
-
-if ENV.fetch('ASCLI_ENABLE_ED25519', 'false').eql?('false')
-  # HACK: deactivate ed25519 and ecdsa private keys from SSH identities, as it usually causes problems
-  old_verbose = $VERBOSE
-  $VERBOSE = nil
-  begin
-    module Net; module SSH; module Authentication; class Session; private; def default_keys; %w[~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa]; end; end; end; end; end # rubocop:disable Layout/AccessModifierIndentation, Layout/EmptyLinesAroundAccessModifier, Layout/LineLength, Style/Semicolon
-  rescue StandardError
-    # ignore errors
-  end
-  $VERBOSE = old_verbose
-end
-
-if defined?(JRUBY_VERSION) && ENV.fetch('ASCLI_ENABLE_ECDSHA2', 'false').eql?('false')
-  Net::SSH::Transport::Algorithms::ALGORITHMS.each_value { |a| a.reject! { |a| a =~ /^ecd(sa|h)-sha2/ } }
-  Net::SSH::KnownHosts::SUPPORTED_TYPE.reject! { |t| t =~ /^ecd(sa|h)-sha2/ }
-end
+require 'aspera/assert'
+require 'aspera/log'
 
 module Aspera
   # A simple wrapper around Net::SSH
   # executes one command and get its result from stdout
   class Ssh
+    class << self
+      def disable_ed25519_keys
+        Log.log.debug('Disabling SSH ed25519 user keys')
+        old_verbose = $VERBOSE
+        $VERBOSE = nil
+        Net::SSH::Authentication::Session.class_eval do
+          define_method(:default_keys) do
+            %w[~/.ssh/id_dsa ~/.ssh/id_rsa ~/.ssh2/id_dsa ~/.ssh2/id_rsa].freeze
+          end
+          private(:default_keys)
+        end rescue nil
+        $VERBOSE = old_verbose
+      end
+
+      def disable_ecd_sha2_algorithms
+        Log.log.debug('Disabling SSH ecdsa')
+        Net::SSH::Transport::Algorithms::ALGORITHMS.each_value { |a| a.reject! { |a| a =~ /^ecd(sa|h)-sha2/ } }
+        Net::SSH::KnownHosts::SUPPORTED_TYPE.reject! { |t| t =~ /^ecd(sa|h)-sha2/ }
+      end
+    end
     # ssh_options: same as Net::SSH.start
     # see: https://net-ssh.github.io/net-ssh/classes/Net/SSH.html#method-c-start
     def initialize(host, username, ssh_options)
       Log.log.debug{"ssh:#{username}@#{host}"}
       Log.log.debug{"ssh_options:#{ssh_options}"}
+      Aspera.assert_type(host, String)
+      Aspera.assert_type(username, String)
+      Aspera.assert_type(ssh_options, Hash)
       @host = host
       @username = username
       @ssh_options = ssh_options
@@ -35,10 +43,7 @@ module Aspera
     end
 
     def execute(cmd, input=nil)
-      if cmd.is_a?(Array)
-        # concatenate arguments, enclose in double quotes
-        cmd = cmd.map{|v|%Q("#{v}")}.join(' ')
-      end
+      Aspera.assert_type(cmd, String)
       Log.log.debug{"cmd=#{cmd}"}
       response = []
       Net::SSH.start(@host, @username, @ssh_options) do |session|
@@ -49,9 +54,7 @@ module Aspera
           channel.on_extended_data do |_chan, _type, data|
             error_message = "#{cmd}: [#{data.chomp}]"
             # Happens when windows user hasn't logged in and created home account.
-            if data.include?('Could not chdir to home directory')
-              error_message += "\nHint: home not created in Windows?"
-            end
+            error_message += "\nHint: home not created in Windows?" if data.include?('Could not chdir to home directory')
             raise error_message
           end
           # send command to SSH channel (execute) cspell: disable-next-line
@@ -67,3 +70,7 @@ module Aspera
     end
   end
 end
+
+# HACK: deactivate ed25519 and ecdsa private keys from SSH identities, as it usually causes problems
+Aspera::Ssh.disable_ed25519_keys if ENV.fetch('ASCLI_ENABLE_ED25519', 'false').eql?('false')
+Aspera::Ssh.disable_ecd_sha2_algorithms if defined?(JRUBY_VERSION) && ENV.fetch('ASCLI_ENABLE_ECDSHA2', 'false').eql?('false')

data/lib/aspera/transfer/parameters.rb

@@ -8,6 +8,7 @@ require 'aspera/transfer/error'
 require 'aspera/transfer/spec'
 require 'aspera/ascp/installation'
 require 'aspera/cli/formatter'
+require 'aspera/agent/base'
 require 'aspera/rest'
 require 'securerandom'
 require 'base64'
@@ -20,7 +21,7 @@ module Aspera
     # translate transfer specification to ascp parameter list
     class Parameters
       # Agents shown in manual for parameters (sub list)
-      SUPPORTED_AGENTS = %i[direct node connect trsdk httpgw].freeze
+      SUPPORTED_AGENTS = Agent::Base.agent_list.freeze
       FILE_LIST_OPTIONS = ['--file-list', '--file-pair-list'].freeze
       # Short names of columns in manual
       SUPPORTED_AGENTS_SHORT = SUPPORTED_AGENTS.map{|agent_sym|agent_sym.to_s[0].to_sym}