ddollar-net-ssh 2.0.1

data/lib/net/ssh/loggable.rb

@@ -0,0 +1,61 @@
+module Net; module SSH
+
+  # A simple module to make logging easier to deal with. It assumes that the
+  # logger instance (if not nil) quacks like a Logger object (in Ruby's
+  # standard library). Although used primarily internally by Net::SSH, it
+  # can easily be used to add Net::SSH-like logging to your own programs.
+  #
+  #   class MyClass
+  #     include Net::SSH::Loggable
+  #   end
+  #
+  #   Net::SSH.start(...) do |ssh|
+  #     obj = MyClass.new
+  #     obj.logger = ssh.logger
+  #     ...
+  #   end
+  module Loggable
+    # The logger instance that will be used to log messages. If nil, nothing
+    # will be logged.
+    attr_accessor :logger
+
+    # Displays the result of yielding if the log level is Logger::DEBUG or
+    # greater.
+    def debug
+      logger.add(Logger::DEBUG, nil, facility) { yield } if logger
+    end
+
+    # Displays the result of yielding if the log level is Logger::INFO or
+    # greater.
+    def info
+      logger.add(Logger::INFO, nil, facility) { yield } if logger
+    end
+
+    # Displays the result of yielding if the log level is Logger::WARN or
+    # greater. (Called lwarn to avoid shadowing with Kernel#warn.)
+    def lwarn
+      logger.add(Logger::WARN, nil, facility) { yield } if logger
+    end
+
+    # Displays the result of yielding if the log level is Logger:ERROR or
+    # greater.
+    def error
+      logger.add(Logger::ERROR, nil, facility) { yield } if logger
+    end
+
+    # Displays the result of yielding if the log level is Logger::FATAL or
+    # greater.
+    def fatal
+      logger.add(Logger::FATAL, nil, facility) { yield } if logger
+    end
+
+    private
+
+      # Sets the "facility" value, used for reporting where a log message
+      # originates. It defaults to the name of class with the object_id
+      # appended.
+      def facility
+        @facility ||= self.class.name.gsub(/::/, ".").gsub(/([a-z])([A-Z])/, "\\1_\\2").downcase + "[%x]" % object_id
+      end
+  end
+end; end

data/lib/net/ssh/packet.rb

@@ -0,0 +1,102 @@
+require 'net/ssh/buffer'
+require 'net/ssh/transport/constants'
+require 'net/ssh/authentication/constants'
+require 'net/ssh/connection/constants'
+
+module Net; module SSH
+
+  # A specialization of Buffer that knows the format of certain common
+  # packet types. It auto-parses those packet types, and allows them to
+  # be accessed via the #[] accessor.
+  #
+  #   data = some_channel_request_packet
+  #   packet = Net::SSH::Packet.new(data)
+  #
+  #   p packet.type #-> 98 (CHANNEL_REQUEST)
+  #   p packet[:request]
+  #   p packet[:want_reply]
+  #
+  # This is used exclusively internally by Net::SSH, and unless you're doing
+  # protocol-level manipulation or are extending Net::SSH in some way, you'll
+  # never need to use this class directly.
+  class Packet < Buffer
+    @@types = {}
+
+    # Register a new packet type that should be recognized and auto-parsed by
+    # Net::SSH::Packet. Note that any packet type that is not preregistered
+    # will not be autoparsed.
+    #
+    # The +pairs+ parameter must be either empty, or an array of two-element
+    # tuples, where the first element of each tuple is the name of the field,
+    # and the second is the type.
+    #
+    #   register DISCONNECT, [:reason_code, :long], [:description, :string], [:language, :string]
+    def self.register(type, *pairs)
+      @@types[type] = pairs
+    end
+
+    include Transport::Constants, Authentication::Constants, Connection::Constants
+
+    #--
+    # These are the recognized packet types. All other packet types will be
+    # accepted, but not auto-parsed, requiring the client to parse the
+    # fields using the methods provided by Net::SSH::Buffer.
+    #++
+
+    register DISCONNECT,                [:reason_code, :long], [:description, :string], [:language, :string]
+    register IGNORE,                    [:data, :string]
+    register UNIMPLEMENTED,             [:number, :long]
+    register DEBUG,                     [:always_display, :bool], [:message, :string], [:language, :string]
+    register SERVICE_ACCEPT,            [:service_name, :string]
+    register USERAUTH_BANNER,           [:message, :string], [:language, :string]
+    register USERAUTH_FAILURE,          [:authentications, :string], [:partial_success, :bool]
+    register GLOBAL_REQUEST,            [:request_type, :string], [:want_reply, :bool], [:request_data, :buffer]
+    register CHANNEL_OPEN,              [:channel_type, :string], [:remote_id, :long], [:window_size, :long], [:packet_size, :long]
+    register CHANNEL_OPEN_CONFIRMATION, [:local_id, :long], [:remote_id, :long], [:window_size, :long], [:packet_size, :long]
+    register CHANNEL_OPEN_FAILURE,      [:local_id, :long], [:reason_code, :long], [:description, :string], [:language, :string]
+    register CHANNEL_WINDOW_ADJUST,     [:local_id, :long], [:extra_bytes, :long]
+    register CHANNEL_DATA,              [:local_id, :long], [:data, :string]
+    register CHANNEL_EXTENDED_DATA,     [:local_id, :long], [:data_type, :long], [:data, :string]
+    register CHANNEL_EOF,               [:local_id, :long]
+    register CHANNEL_CLOSE,             [:local_id, :long]
+    register CHANNEL_REQUEST,           [:local_id, :long], [:request, :string], [:want_reply, :bool], [:request_data, :buffer]
+    register CHANNEL_SUCCESS,           [:local_id, :long]
+    register CHANNEL_FAILURE,           [:local_id, :long]
+
+    # The (integer) type of this packet.
+    attr_reader :type
+
+    # Create a new packet from the given payload. This will automatically
+    # parse the packet if it is one that has been previously registered with
+    # Packet.register; otherwise, the packet will need to be manually parsed
+    # using the methods provided in the Net::SSH::Buffer superclass.
+    def initialize(payload)
+      @named_elements = {}
+      super
+      @type = read_byte
+      instantiate!
+    end
+
+    # Access one of the auto-parsed fields by name. Raises an error if no
+    # element by the given name exists.
+    def [](name)
+      name = name.to_sym
+      raise ArgumentError, "no such element #{name}" unless @named_elements.key?(name)
+      @named_elements[name]
+    end
+
+    private
+
+      # Parse the packet's contents and assign the named elements, as described
+      # by the registered format for the packet.
+      def instantiate!
+        (@@types[type] || []).each do |name, datatype|
+          @named_elements[name.to_sym] = if datatype == :buffer
+            remainder_as_buffer
+          else
+            send("read_#{datatype}")
+          end
+        end
+      end
+  end
+end; end

data/lib/net/ssh/prompt.rb

@@ -0,0 +1,93 @@
+module Net; module SSH
+
+  # A basic prompt module that can be mixed into other objects. If HighLine is
+  # installed, it will be used to display prompts and read input from the
+  # user. Otherwise, the termios library will be used. If neither HighLine
+  # nor termios is installed, a simple prompt that echos text in the clear
+  # will be used.
+
+  module PromptMethods
+
+    # Defines the prompt method to use if the Highline library is installed.
+    module Highline
+      # Uses Highline#ask to present a prompt and accept input. If +echo+ is
+      # +false+, the characters entered by the user will not be echoed to the
+      # screen.
+      def prompt(prompt, echo=true)
+        @highline ||= ::HighLine.new
+        @highline.ask(prompt + " ") { |q| q.echo = echo }
+      end
+    end
+
+    # Defines the prompt method to use if the Termios library is installed.
+    module Termios
+      # Displays the prompt to $stdout. If +echo+ is false, the Termios
+      # library will be used to disable keystroke echoing for the duration of
+      # this method.
+      def prompt(prompt, echo=true)
+        $stdout.print(prompt)
+        $stdout.flush
+
+        set_echo(false) unless echo
+        $stdin.gets.chomp
+      ensure
+        if !echo
+          set_echo(true)
+          $stdout.puts
+        end
+      end
+
+      private
+
+        # Enables or disables keystroke echoing using the Termios library.
+        def set_echo(enable)
+          term = ::Termios.getattr($stdin)
+
+          if enable
+            term.c_lflag |= (::Termios::ECHO | ::Termios::ICANON)
+          else
+            term.c_lflag &= ~::Termios::ECHO
+          end
+
+          ::Termios.setattr($stdin, ::Termios::TCSANOW, term)
+        end
+    end
+
+    # Defines the prompt method to use when neither Highline nor Termios are
+    # installed.
+    module Clear
+      # Displays the prompt to $stdout and pulls the response from $stdin.
+      # Text is always echoed in the clear, regardless of the +echo+ setting.
+      # The first time a prompt is given and +echo+ is false, a warning will
+      # be written to $stderr recommending that either Highline or Termios
+      # be installed.
+      def prompt(prompt, echo=true)
+        @seen_warning ||= false
+        if !echo && !@seen_warning
+          $stderr.puts "Text will be echoed in the clear. Please install the HighLine or Termios libraries to suppress echoed text."
+          @seen_warning = true
+        end
+
+        $stdout.print(prompt)
+        $stdout.flush
+        $stdin.gets.chomp
+      end
+    end
+  end
+
+  # Try to load Highline and Termios in turn, selecting the corresponding
+  # PromptMethods module to use. If neither are available, choose PromptMethods::Clear.
+  Prompt = begin
+      require 'highline'
+      HighLine.track_eof = false
+      PromptMethods::Highline
+    rescue LoadError
+      begin
+        require 'termios'
+        PromptMethods::Termios
+      rescue LoadError
+        PromptMethods::Clear
+      end
+    end
+
+end; end

data/lib/net/ssh/proxy/errors.rb

@@ -0,0 +1,14 @@
+require 'net/ssh/errors'
+
+module Net; module SSH; module Proxy
+
+  # A general exception class for all Proxy errors.
+  class Error < Net::SSH::Exception; end
+
+  # Used for reporting proxy connection errors.
+  class ConnectError < Error; end
+
+  # Used when the server doesn't recognize the user's credentials.
+  class UnauthorizedError < Error; end
+
+end; end; end

data/lib/net/ssh/proxy/http.rb

@@ -0,0 +1,94 @@
+require 'socket'
+require 'net/ssh/proxy/errors'
+
+module Net; module SSH; module Proxy
+
+  # An implementation of an HTTP proxy. To use it, instantiate it, then
+  # pass the instantiated object via the :proxy key to Net::SSH.start:
+  #
+  #   require 'net/ssh/proxy/http'
+  #
+  #   proxy = Net::SSH::Proxy::HTTP.new('proxy.host', proxy_port)
+  #   Net::SSH.start('host', 'user', :proxy => proxy) do |ssh|
+  #     ...
+  #   end
+  #
+  # If the proxy requires authentication, you can pass :user and :password
+  # to the proxy's constructor:
+  #
+  #   proxy = Net::SSH::Proxy::HTTP.new('proxy.host', proxy_port,
+  #      :user => "user", :password => "password")
+  #
+  # Note that HTTP digest authentication is not supported; Basic only at
+  # this point.
+  class HTTP
+
+    # The hostname or IP address of the HTTP proxy.
+    attr_reader :proxy_host
+
+    # The port number of the proxy.
+    attr_reader :proxy_port
+
+    # The map of additional options that were given to the object at
+    # initialization.
+    attr_reader :options
+
+    # Create a new socket factory that tunnels via the given host and
+    # port. The +options+ parameter is a hash of additional settings that
+    # can be used to tweak this proxy connection. Specifically, the following
+    # options are supported:
+    #
+    # * :user => the user name to use when authenticating to the proxy
+    # * :password => the password to use when authenticating
+    def initialize(proxy_host, proxy_port=80, options={})
+      @proxy_host = proxy_host
+      @proxy_port = proxy_port
+      @options = options
+    end
+
+    # Return a new socket connected to the given host and port via the
+    # proxy that was requested when the socket factory was instantiated.
+    def open(host, port)
+      socket = TCPSocket.new(proxy_host, proxy_port)
+      socket.write "CONNECT #{host}:#{port} HTTP/1.0\r\n"
+
+      if options[:user]
+        credentials = ["#{options[:user]}:#{options[:password]}"].pack("m*").gsub(/\s/, "")
+        socket.write "Proxy-Authorization: Basic #{credentials}\r\n"
+      end
+
+      socket.write "\r\n"
+
+      resp = parse_response(socket)
+
+      return socket if resp[:code] == 200
+
+      socket.close
+      raise ConnectError, resp.inspect
+    end
+
+    private
+
+      def parse_response(socket)
+        version, code, reason = socket.gets.chomp.split(/ /, 3)
+        headers = {}
+
+        while (line = socket.gets.chomp) != ""
+          name, value = line.split(/:/, 2)
+          headers[name.strip] = value.strip
+        end
+
+        if headers["Content-Length"]
+          body = socket.read(headers["Content-Length"].to_i)
+        end
+
+        return { :version => version,
+                 :code => code.to_i,
+                 :reason => reason,
+                 :headers => headers,
+                 :body => body }
+      end
+
+  end
+
+end; end; end

data/lib/net/ssh/proxy/socks4.rb

@@ -0,0 +1,70 @@
+require 'socket'
+require 'resolv'
+require 'ipaddr'
+require 'net/ssh/proxy/errors'
+
+module Net
+  module SSH
+    module Proxy
+
+      # An implementation of a SOCKS4 proxy. To use it, instantiate it, then
+      # pass the instantiated object via the :proxy key to Net::SSH.start:
+      #
+      #   require 'net/ssh/proxy/socks4'
+      #
+      #   proxy = Net::SSH::Proxy::SOCKS4.new('proxy.host', proxy_port, :user => 'user')
+      #   Net::SSH.start('host', 'user', :proxy => proxy) do |ssh|
+      #     ...
+      #   end
+      class SOCKS4
+
+        # The SOCKS protocol version used by this class
+        VERSION = 4
+
+        # The packet type for connection requests
+        CONNECT = 1
+
+        # The status code for a successful connection
+        GRANTED = 90
+
+        # The proxy's host name or IP address, as given to the constructor.
+        attr_reader :proxy_host
+
+        # The proxy's port number.
+        attr_reader :proxy_port
+
+        # The additional options that were given to the proxy's constructor.
+        attr_reader :options
+
+        # Create a new proxy connection to the given proxy host and port.
+        # Optionally, a :user key may be given to identify the username
+        # with which to authenticate.
+        def initialize(proxy_host, proxy_port=1080, options={})
+          @proxy_host = proxy_host
+          @proxy_port = proxy_port
+          @options = options
+        end
+
+        # Return a new socket connected to the given host and port via the
+        # proxy that was requested when the socket factory was instantiated.
+        def open(host, port)
+          socket = TCPSocket.new(proxy_host, proxy_port)
+          ip_addr = IPAddr.new(Resolv.getaddress(host))
+          
+          packet = [VERSION, CONNECT, port.to_i, ip_addr.to_i, options[:user]].pack("CCnNZ*")
+          socket.send packet, 0
+
+          version, status, port, ip = socket.recv(8).unpack("CCnN")
+          if status != GRANTED
+            socket.close
+            raise ConnectError, "error connecting to proxy (#{status})"
+          end
+
+          return socket
+        end
+
+      end
+
+    end
+  end
+end

data/lib/net/ssh/proxy/socks5.rb

@@ -0,0 +1,128 @@
+require 'socket'
+require 'net/ssh/proxy/errors'
+
+module Net
+  module SSH
+    module Proxy
+
+      # An implementation of a SOCKS5 proxy. To use it, instantiate it, then
+      # pass the instantiated object via the :proxy key to Net::SSH.start:
+      #
+      #   require 'net/ssh/proxy/socks5'
+      #
+      #   proxy = Net::SSH::Proxy::SOCKS5.new('proxy.host', proxy_port,
+      #     :user => 'user', :password => "password")
+      #   Net::SSH.start('host', 'user', :proxy => proxy) do |ssh|
+      #     ...
+      #   end
+      class SOCKS5
+        # The SOCKS protocol version used by this class
+        VERSION = 5
+
+        # The SOCKS authentication type for requests without authentication
+        METHOD_NO_AUTH = 0
+
+        # The SOCKS authentication type for requests via username/password
+        METHOD_PASSWD = 2
+
+        # The SOCKS authentication type for when there are no supported
+        # authentication methods.
+        METHOD_NONE = 0xFF
+
+        # The SOCKS packet type for requesting a proxy connection.
+        CMD_CONNECT = 1
+
+        # The SOCKS address type for connections via IP address.
+        ATYP_IPV4 = 1
+
+        # The SOCKS address type for connections via domain name.
+        ATYP_DOMAIN = 3
+
+        # The SOCKS response code for a successful operation.
+        SUCCESS = 0
+
+        # The proxy's host name or IP address
+        attr_reader :proxy_host
+
+        # The proxy's port number
+        attr_reader :proxy_port
+
+        # The map of options given at initialization
+        attr_reader :options
+
+        # Create a new proxy connection to the given proxy host and port.
+        # Optionally, :user and :password options may be given to
+        # identify the username and password with which to authenticate.
+        def initialize(proxy_host, proxy_port=1080, options={})
+          @proxy_host = proxy_host
+          @proxy_port = proxy_port
+          @options = options
+        end
+
+        # Return a new socket connected to the given host and port via the
+        # proxy that was requested when the socket factory was instantiated.
+        def open(host, port)
+          socket = TCPSocket.new(proxy_host, proxy_port)
+
+          methods = [METHOD_NO_AUTH]
+          methods << METHOD_PASSWD if options[:user]
+
+          packet = [VERSION, methods.size, *methods].pack("C*")
+          socket.send packet, 0
+
+          version, method = socket.recv(2).unpack("CC")
+          if version != VERSION
+            socket.close
+            raise Net::SSH::Proxy::Error, "invalid SOCKS version (#{version})"
+          end
+
+          if method == METHOD_NONE
+            socket.close
+            raise Net::SSH::Proxy::Error, "no supported authorization methods"
+          end
+
+          negotiate_password(socket) if method == METHOD_PASSWD
+
+          packet = [VERSION, CMD_CONNECT, 0].pack("C*")
+
+          if host =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/
+            packet << [ATYP_IPV4, $1.to_i, $2.to_i, $3.to_i, $4.to_i].pack("C*")
+          else
+            packet << [ATYP_DOMAIN, host.length, host].pack("CCA*")
+          end
+
+          packet << [port].pack("n")
+          socket.send packet, 0
+
+          version, reply, = socket.recv(4).unpack("C*")
+          len = socket.recv(1)[0]
+          socket.recv(len + 2)
+
+          unless reply == SUCCESS
+            socket.close
+            raise ConnectError, "#{reply}"
+          end
+
+          return socket
+        end
+
+        private
+
+          # Simple username/password negotiation with the SOCKS5 server.
+          def negotiate_password(socket)
+            packet = [0x01, options[:user].length, options[:user],
+              options[:password].length, options[:password]].pack("CCA*CA*")
+            socket.send packet, 0
+
+            version, status = socket.recv(2).unpack("CC")
+
+            if status != SUCCESS
+              socket.close
+              raise UnauthorizedError, "could not authorize user"
+            end
+          end
+      end
+
+    end
+  end
+end