harbr 0.2.10 → 2.8.1

data/vendor/bundle/ruby/3.2.0/gems/net-ssh-7.2.1/Rakefile

@@ -0,0 +1,192 @@
+#
+# Also in your terminal environment run:
+#   $ export LANG=en_US.UTF-8
+#   $ export LANGUAGE=en_US.UTF-8
+#   $ export LC_ALL=en_US.UTF-8
+
+require "rubygems"
+require "rake"
+require "rake/clean"
+require "bundler/gem_tasks"
+
+require "rdoc/task"
+
+desc "When releasing make sure NET_SSH_BUILDGEM_SIGNED is set"
+task :check_NET_SSH_BUILDGEM_SIGNED do
+  raise "NET_SSH_BUILDGEM_SIGNED should be set to release" unless ENV['NET_SSH_BUILDGEM_SIGNED']
+end
+
+Rake::Task[:release].enhance [:check_NET_SSH_BUILDGEM_SIGNED]
+Rake::Task[:release].prerequisites.unshift(:check_NET_SSH_BUILDGEM_SIGNED)
+
+task default: ["build"]
+CLEAN.include ['pkg', 'rdoc']
+name = "net-ssh"
+
+require_relative "lib/net/ssh/version"
+version = Net::SSH::Version::CURRENT
+
+extra_files = %w[LICENSE.txt THANKS.txt CHANGES.txt]
+RDoc::Task.new do |rdoc|
+  rdoc.rdoc_dir = "rdoc"
+  rdoc.title = "#{name} #{version}"
+  rdoc.generator = 'hanna' # gem install hanna-nouveau
+  rdoc.main = 'README.md'
+  rdoc.rdoc_files.include("README*")
+  rdoc.rdoc_files.include("bin/*.rb")
+  rdoc.rdoc_files.include("lib/**/*.rb")
+  extra_files.each { |file|
+    rdoc.rdoc_files.include(file) if File.exist?(file)
+  }
+end
+
+namespace :cert do
+  desc "Update public cert from private - only run if public is expired"
+  task :update_public_when_expired do
+    require 'openssl'
+    require 'time'
+    raw = File.read "net-ssh-public_cert.pem"
+    certificate = OpenSSL::X509::Certificate.new raw
+    raise Exception, "Not yet expired: #{certificate.not_after}" unless certificate.not_after < Time.now
+
+    sh "gem cert --build netssh@solutious.com --days 365*5 --private-key /mnt/gem/net-ssh-private_key.pem"
+    sh "mv gem-public_cert.pem net-ssh-public_cert.pem"
+    sh "gem cert --add net-ssh-public_cert.pem"
+  end
+end
+
+def change_version(&block)
+  version_file = 'lib/net/ssh/version.rb'
+  require_relative version_file
+  pre = Net::SSH::Version::PRE
+  tiny = Net::SSH::Version::TINY
+  result = block[pre: pre, tiny: Net::SSH::Version::TINY]
+  raise "Version change logic should always return a pre", ArgumentError unless result.key?(:pre)
+
+  new_pre = result[:pre]
+  new_tiny = result[:tiny] || tiny
+  found = { pre: false, tiny: false }
+  File.open("#{version_file}.new", "w") do |f|
+    File.readlines(version_file).each do |line|
+      match =
+        if pre.nil?
+          /^(\s+PRE\s+=\s+)nil(\s*)$/.match(line)
+        else
+          /^(\s+PRE\s+=\s+")#{pre}("\s*)$/.match(line)
+        end
+      if match
+        prefix = match[1]
+        postfix = match[2]
+        prefix.delete_suffix!('"')
+        postfix.delete_prefix!('"')
+        new_line = "#{prefix}#{new_pre.inspect}#{postfix}"
+        puts "Changing:\n  - #{line}  + #{new_line}"
+        line = new_line
+        found[:pre] = true
+      end
+
+      if new_tiny != tiny
+        match = /^(\s+TINY\s+=\s+)#{tiny}(\s*)$/.match(line)
+        if match
+          prefix = match[1]
+          postfix = match[2]
+          new_line = "#{prefix}#{new_tiny}#{postfix}"
+          puts "Changing:\n  - #{line}  + #{new_line}"
+          line = new_line
+          found[:tiny] = true
+        end
+      end
+
+      f.write(line)
+    end
+    raise ArgumentError, "Cound not find line: PRE = \"#{pre}\" in #{version_file}" unless found[:pre]
+    raise ArgumentError, "Cound not find line: TINY = \"#{tiny}\" in #{version_file}" unless found[:tiny] || new_tiny == tiny
+  end
+
+  FileUtils.mv version_file, "#{version_file}.old"
+  FileUtils.mv "#{version_file}.new", version_file
+end
+
+namespace :vbump do
+  desc "Final release"
+  task :final do
+    change_version do |pre:, tiny:|
+      _ = tiny
+      raise ArgumentError, "Unexpected pre: #{pre}" if pre.nil?
+
+      { pre: nil }
+    end
+  end
+
+  desc "Increment prerelease"
+  task :pre, [:type] do |_t, args|
+    change_version do |pre:, tiny:|
+      puts " PRE => #{pre.inspect}"
+      match = /^([a-z]+)(\d+)/.match(pre)
+      raise ArgumentError, "Unexpected pre: #{pre}" if match.nil? && args[:type].nil?
+
+      if match.nil? || (!args[:type].nil? && args[:type] != match[1])
+        if pre.nil?
+          { pre: "#{args[:type]}1", tiny: tiny + 1 }
+        else
+          { pre: "#{args[:type]}1" }
+        end
+      else
+        { pre: "#{match[1]}#{match[2].to_i + 1}" }
+      end
+    end
+  end
+end
+
+namespace :rdoc do
+  desc "Update gh-pages branch"
+  task :publish do
+    # copy/checkout
+    rm_rf "/tmp/net-ssh-rdoc"
+    rm_rf "/tmp/net-ssh-gh-pages"
+    cp_r "./rdoc", "/tmp/net-ssh-rdoc"
+    mkdir "/tmp/net-ssh-gh-pages"
+    Dir.chdir "/tmp/net-ssh-gh-pages" do
+      sh "git clone --branch gh-pages --single-branch https://github.com/net-ssh/net-ssh"
+      rm_rf "/tmp/net-ssh-gh-pages/net-ssh/*"
+    end
+    # update
+    sh "cp -rf ./rdoc/* /tmp/net-ssh-gh-pages/net-ssh/"
+    Dir.chdir "/tmp/net-ssh-gh-pages/net-ssh" do
+      sh "git add -A ."
+      sh "git commit -m \"Update docs\""
+    end
+    # publish
+    Dir.chdir "/tmp/net-ssh-gh-pages/net-ssh" do
+      sh "git push origin gh-pages"
+    end
+  end
+end
+
+require 'rake/testtask'
+
+Rake::TestTask.new do |t|
+  t.libs = ["lib", "test"]
+  t.libs << "test/integration" if ENV['NET_SSH_RUN_INTEGRATION_TESTS']
+  t.libs << "test/win_integration" if ENV['NET_SSH_RUN_WIN_INTEGRATION_TESTS']
+  test_files = FileList['test/**/test_*.rb']
+  test_files -= FileList['test/integration/**/test_*.rb'] unless ENV['NET_SSH_RUN_INTEGRATION_TESTS']
+  test_files -= FileList['test/win_integration/**/test_*.rb'] unless ENV['NET_SSH_RUN_WIN_INTEGRATION_TESTS']
+  test_files -= FileList['test/manual/test_*.rb']
+  test_files -= FileList['test/test_pageant.rb']
+  test_files -= FileList['test/test/**/test_*.rb']
+  t.test_files = test_files
+end
+
+# We need to enable the OpenSSL 3.0 legacy providers for our test suite
+require 'openssl'
+ENV['OPENSSL_CONF'] = 'test/openssl3.conf' if OpenSSL::OPENSSL_LIBRARY_VERSION.start_with? "OpenSSL 3"
+
+desc "Run tests of Net::SSH:Test"
+Rake::TestTask.new do |t|
+  t.name = "test_test"
+  # we need to run test/test separatedly as it hacks io + other modules
+  t.libs = ["lib", "test"]
+  test_files = FileList['test/test/**/test_*.rb']
+  t.test_files = test_files
+end

data/vendor/bundle/ruby/3.2.0/gems/net-ssh-7.2.1/SECURITY.md

@@ -0,0 +1,4 @@
+## Security contact information
+
+To report a security vulnerability, please use the
+[GitHub private vulnerability reporting feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).

data/vendor/bundle/ruby/3.2.0/gems/net-ssh-7.2.1/THANKS.txt

@@ -0,0 +1,110 @@
+Net::SSH was originally written by Jamis Buck <jamis@37signals.com>. It
+is currently maintained by Delano Mandelbaum <delano@solutious.com>. In
+addition, the following individuals are gratefully acknowledged for their
+contributions:
+
+GOTOU Yuuzou <gotoyuzo@notwork.org>
+  * help and code related to OpenSSL
+
+Guillaume Marçais <guillaume.marcais@free.fr>
+  * support for communicating with the the PuTTY "pageant" process
+
+Daniel Berger <djberg96@yahoo.com>
+  * help getting unit tests in earlier Net::SSH versions to pass in Windows
+  * initial version of Net::SSH::Config provided inspiration and encouragement
+
+Chris Andrews <chris@nodnol.org> and Lee Jensen <lee@outerim.com>
+  * support for ssh agent forwarding
+
+Hiroshi Nakamura
+  * fixed errors with JRuby tests
+
+bobveznat
+therealjessesanford
+liggitt
+jarredholman
+yugui
+SFEley
+bobtfish
+carlhoerberg
+deric
+mirakui
+ecki
+Dave Sieh
+metametaclass
+fnordfish
+krishicks
+noric
+GabKlein
+Josh Kalderimis
+voxik
+Olipro
+jansegre
+priteau
+jordimassaguerpla
+Kenichi Kamiya
+Andreas Wolff
+mhuffnagle
+ohrite
+iltempo
+nagachika
+Nobuhiro IMAI
+arturaz
+dubspeed
+Andy Brody
+Marco Sandrini
+Ryosuke Yamazaki
+muffl0n
+pcn
+musybite
+Mark Imbriaco
+Joel Watson
+Woon Jung
+Edmund Haselwanter
+robbebob
+Daniel Pittman
+Markus Roberts
+Gavin Brock
+Rich Lane
+Lee Marlow
+xbaldauf
+Delano Mandelbaum
+Miklós Fazekas
+Andy Lo-A-Foe
+Jason Weathered
+Hans de Graaff
+Travis Reeder
+Akinori MUSHA
+Alex Peuchert
+Daniel Azuma
+Will Bryant
+Gerald Talton
+ckoehler
+Karl Varga
+Denis Bernard
+Steven Hazel
+Alex Holems
+Andrew Babkin
+Bob Cotton
+Yanko Ivanov
+Angel N. Sciortino
+arilerner@mac.com
+David Dollar
+Timo Gatsonides
+Matthew Todd
+Brian Candler
+Francis Sullivan
+James Rosen
+Mike Timm
+guns
+devrandom
+kachick
+Pablo Merino
+thedarkone
+czarneckid
+jbarnette
+watsonian
+Grant Hutchins
+Michael Schubert
+mtrudel
+Aurélien Derouineau

data/vendor/bundle/ruby/3.2.0/gems/net-ssh-7.2.1/appveyor.yml

@@ -0,0 +1,58 @@
+version: '{build}'
+
+skip_tags: true
+
+environment:
+  matrix:
+    - ruby_version: "jruby-9.1.2.0"
+    - ruby_version: "26-x64"
+    - ruby_version: "25-x64"
+    - ruby_version: "24-x64"
+    - ruby_version: "23"
+    - ruby_version: "23-x64"
+
+matrix:
+  allow_failures:
+    - ruby_version: "jruby-9.1.2.0"
+
+#init:
+#  - ps: iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
+
+#on_finish:
+#  - ps: $blockRdp = $true; iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1'))
+
+
+platform:
+  - x86
+
+install:
+  - SET PATH=C:\Ruby%ruby_version%\bin;%PATH%
+  - if "%ruby_version%" == "jruby-9.1.2.0" ( cinst javaruntime -i )
+  - if "%ruby_version%" == "jruby-9.1.2.0" ( cinst jruby --version 9.1.2.0 -i --allow-empty-checksums )
+  - if "%ruby_version%" == "jruby-9.1.2.0" ( SET "PATH=C:\jruby-9.1.2.0\bin\;%PATH%" )
+  - ruby --version
+  - gem install bundler --no-document --user-install -v 1.17
+  - SET BUNDLE_GEMFILE=Gemfile.noed25519
+  - bundle install --retry=3
+  - cinst freesshd
+  - cinst putty --allow-empty-checksums
+  - ps: |
+          if ($env:Processor_Architecture -eq "x86")
+          {
+            dir 'C:\Program Files\'
+            dir 'C:\Program Files\freeSSHd'
+            cp 'test\win_integration\FreeSSHDService.ini' 'C:\Program Files\freeSSHd\FreeSSHDService.ini'
+            & 'C:\Program Files\freeSSHd\FreeSSHDService.exe'
+          } else {
+            dir 'C:\Program Files (x86)\'
+            dir 'C:\Program Files (x86)\freeSSHd'
+            cp 'test\win_integration\FreeSSHDService32.ini' 'C:\Program Files (x86)\freeSSHd\FreeSSHDService.ini'
+            & 'C:\Program Files (x86)\freeSSHd\FreeSSHDService.exe'
+          }
+
+test_script:
+  - SET BUNDLE_GEMFILE=Gemfile.noed25519
+  - SET NET_SSH_RUN_WIN_INTEGRATION_TESTS=YES
+  - bundle exec rake test
+
+build: off

data/vendor/bundle/ruby/3.2.0/gems/net-ssh-7.2.1/docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3'
+
+services:
+  ruby-3.1:
+    build:
+      context: .
+      args: 
+        RUBY_VERSION: 3.1
+  ruby-3.0:
+    build:
+      context: .
+      args: 
+        RUBY_VERSION: 3.0
+  ruby-2.7:
+    build:
+      context: .
+      args: 
+        RUBY_VERSION: 2.7
+        BUNDLERV: "-v 2.2.28"
+  ruby-2.6:
+    build:
+      context: .
+      args: 
+        RUBY_VERSION: 2.6
+        BUNDLERV: "-v 2.4.22"

data/vendor/bundle/ruby/3.2.0/gems/net-ssh-7.2.1/lib/net/ssh/authentication/agent.rb

@@ -0,0 +1,284 @@
+require 'net/ssh/buffer'
+require 'net/ssh/errors'
+require 'net/ssh/loggable'
+
+require 'net/ssh/transport/server_version'
+require 'socket'
+require 'rubygems'
+
+require 'net/ssh/authentication/pageant' if Gem.win_platform? && RUBY_PLATFORM != "java"
+
+module Net
+  module SSH
+    module Authentication
+      # Class for representing agent-specific errors.
+      class AgentError < Net::SSH::Exception; end
+
+      # An exception for indicating that the SSH agent is not available.
+      class AgentNotAvailable < AgentError; end
+
+      # This class implements a simple client for the ssh-agent protocol. It
+      # does not implement any specific protocol, but instead copies the
+      # behavior of the ssh-agent functions in the OpenSSH library (3.8).
+      #
+      # This means that although it behaves like a SSH1 client, it also has
+      # some SSH2 functionality (like signing data).
+      class Agent
+        include Loggable
+
+        # A simple module for extending keys, to allow comments to be specified
+        # for them.
+        module Comment
+          attr_accessor :comment
+        end
+
+        SSH2_AGENT_REQUEST_VERSION       = 1
+        SSH2_AGENT_REQUEST_IDENTITIES    = 11
+        SSH2_AGENT_IDENTITIES_ANSWER     = 12
+        SSH2_AGENT_SIGN_REQUEST          = 13
+        SSH2_AGENT_SIGN_RESPONSE         = 14
+        SSH2_AGENT_ADD_IDENTITY          = 17
+        SSH2_AGENT_REMOVE_IDENTITY       = 18
+        SSH2_AGENT_REMOVE_ALL_IDENTITIES = 19
+        SSH2_AGENT_LOCK                  = 22
+        SSH2_AGENT_UNLOCK                = 23
+        SSH2_AGENT_ADD_ID_CONSTRAINED    = 25
+        SSH2_AGENT_FAILURE               = 30
+        SSH2_AGENT_VERSION_RESPONSE      = 103
+
+        SSH_COM_AGENT2_FAILURE = 102
+
+        SSH_AGENT_REQUEST_RSA_IDENTITIES = 1
+        SSH_AGENT_RSA_IDENTITIES_ANSWER1 = 2
+        SSH_AGENT_RSA_IDENTITIES_ANSWER2 = 5
+        SSH_AGENT_FAILURE                = 5
+        SSH_AGENT_SUCCESS                = 6
+
+        SSH_AGENT_CONSTRAIN_LIFETIME = 1
+        SSH_AGENT_CONSTRAIN_CONFIRM  = 2
+
+        SSH_AGENT_RSA_SHA2_256 = 0x02
+        SSH_AGENT_RSA_SHA2_512 = 0x04
+
+        # The underlying socket being used to communicate with the SSH agent.
+        attr_reader :socket
+
+        # Instantiates a new agent object, connects to a running SSH agent,
+        # negotiates the agent protocol version, and returns the agent object.
+        def self.connect(logger = nil, agent_socket_factory = nil, identity_agent = nil)
+          agent = new(logger)
+          agent.connect!(agent_socket_factory, identity_agent)
+          agent.negotiate!
+          agent
+        end
+
+        # Creates a new Agent object, using the optional logger instance to
+        # report status.
+        def initialize(logger = nil)
+          self.logger = logger
+        end
+
+        # Connect to the agent process using the socket factory and socket name
+        # given by the attribute writers. If the agent on the other end of the
+        # socket reports that it is an SSH2-compatible agent, this will fail
+        # (it only supports the ssh-agent distributed by OpenSSH).
+        def connect!(agent_socket_factory = nil, identity_agent = nil)
+          debug { "connecting to ssh-agent" }
+          @socket =
+            if agent_socket_factory
+              agent_socket_factory.call
+            elsif identity_agent
+              unix_socket_class.open(File.expand_path(identity_agent))
+            elsif ENV['SSH_AUTH_SOCK'] && unix_socket_class
+              unix_socket_class.open(File.expand_path(ENV['SSH_AUTH_SOCK']))
+            elsif Gem.win_platform? && RUBY_ENGINE != "jruby"
+              Pageant::Socket.open
+            else
+              raise AgentNotAvailable, "Agent not configured"
+            end
+        rescue StandardError => e
+          error { "could not connect to ssh-agent: #{e.message}" }
+          raise AgentNotAvailable, $!.message
+        end
+
+        # Attempts to negotiate the SSH agent protocol version. Raises an error
+        # if the version could not be negotiated successfully.
+        def negotiate!
+          # determine what type of agent we're communicating with
+          type, body = send_and_wait(SSH2_AGENT_REQUEST_VERSION, :string, Transport::ServerVersion::PROTO_VERSION)
+
+          raise AgentNotAvailable, "SSH2 agents are not yet supported" if type == SSH2_AGENT_VERSION_RESPONSE
+
+          if type == SSH2_AGENT_FAILURE
+            debug { "Unexpected response type==#{type}, this will be ignored" }
+          elsif type != SSH_AGENT_RSA_IDENTITIES_ANSWER1 && type != SSH_AGENT_RSA_IDENTITIES_ANSWER2
+            raise AgentNotAvailable, "unknown response from agent: #{type}, #{body.to_s.inspect}"
+          end
+        end
+
+        # Return an array of all identities (public keys) known to the agent.
+        # Each key returned is augmented with a +comment+ property which is set
+        # to the comment returned by the agent for that key.
+        def identities
+          type, body = send_and_wait(SSH2_AGENT_REQUEST_IDENTITIES)
+          raise AgentError, "could not get identity count" if agent_failed(type)
+          raise AgentError, "bad authentication reply: #{type}" if type != SSH2_AGENT_IDENTITIES_ANSWER
+
+          identities = []
+          body.read_long.times do
+            key_str = body.read_string
+            comment_str = body.read_string
+            begin
+              key = Buffer.new(key_str).read_key
+              if key.nil?
+                error { "ignoring invalid key: #{comment_str}" }
+                next
+              end
+              key.extend(Comment)
+              key.comment = comment_str
+              identities.push key
+            rescue NotImplementedError => e
+              error { "ignoring unimplemented key:#{e.message} #{comment_str}" }
+            end
+          end
+
+          return identities
+        end
+
+        # Closes this socket. This agent reference is no longer able to
+        # query the agent.
+        def close
+          @socket.close
+        end
+
+        # Using the agent and the given public key, sign the given data. The
+        # signature is returned in SSH2 format.
+        def sign(key, data, flags = 0)
+          type, reply = send_and_wait(SSH2_AGENT_SIGN_REQUEST, :string, Buffer.from(:key, key), :string, data, :long, flags)
+
+          raise AgentError, "agent could not sign data with requested identity" if agent_failed(type)
+          raise AgentError, "bad authentication response #{type}" if type != SSH2_AGENT_SIGN_RESPONSE
+
+          return reply.read_string
+        end
+
+        # Adds the private key with comment to the agent.
+        # If lifetime is given, the key will automatically be removed after lifetime
+        # seconds.
+        # If confirm is true, confirmation will be required for each agent signing
+        # operation.
+        def add_identity(priv_key, comment, lifetime: nil, confirm: false)
+          constraints = Buffer.new
+          if lifetime
+            constraints.write_byte(SSH_AGENT_CONSTRAIN_LIFETIME)
+            constraints.write_long(lifetime)
+          end
+          constraints.write_byte(SSH_AGENT_CONSTRAIN_CONFIRM) if confirm
+
+          req_type = constraints.empty? ? SSH2_AGENT_ADD_IDENTITY : SSH2_AGENT_ADD_ID_CONSTRAINED
+          type, = send_and_wait(req_type, :string, priv_key.ssh_type, :raw, blob_for_add(priv_key),
+                                :string, comment, :raw, constraints)
+          raise AgentError, "could not add identity to agent" if type != SSH_AGENT_SUCCESS
+        end
+
+        # Removes key from the agent.
+        def remove_identity(key)
+          type, = send_and_wait(SSH2_AGENT_REMOVE_IDENTITY, :string, key.to_blob)
+          raise AgentError, "could not remove identity from agent" if type != SSH_AGENT_SUCCESS
+        end
+
+        # Removes all identities from the agent.
+        def remove_all_identities
+          type, = send_and_wait(SSH2_AGENT_REMOVE_ALL_IDENTITIES)
+          raise AgentError, "could not remove all identity from agent" if type != SSH_AGENT_SUCCESS
+        end
+
+        # lock the ssh agent with password
+        def lock(password)
+          type, = send_and_wait(SSH2_AGENT_LOCK, :string, password)
+          raise AgentError, "could not lock agent" if type != SSH_AGENT_SUCCESS
+        end
+
+        # unlock the ssh agent with password
+        def unlock(password)
+          type, = send_and_wait(SSH2_AGENT_UNLOCK, :string, password)
+          raise AgentError, "could not unlock agent" if type != SSH_AGENT_SUCCESS
+        end
+
+        private
+
+        def unix_socket_class
+          defined?(UNIXSocket) && UNIXSocket
+        end
+
+        # Send a new packet of the given type, with the associated data.
+        def send_packet(type, *args)
+          buffer = Buffer.from(*args)
+          data = [buffer.length + 1, type.to_i, buffer.to_s].pack("NCA*")
+          debug { "sending agent request #{type} len #{buffer.length}" }
+          @socket.send data, 0
+        end
+
+        # Read the next packet from the agent. This will return a two-part
+        # tuple consisting of the packet type, and the packet's body (which
+        # is returned as a Net::SSH::Buffer).
+        def read_packet
+          buffer = Net::SSH::Buffer.new(@socket.read(4))
+          buffer.append(@socket.read(buffer.read_long))
+          type = buffer.read_byte
+          debug { "received agent packet #{type} len #{buffer.length - 4}" }
+          return type, buffer
+        end
+
+        # Send the given packet and return the subsequent reply from the agent.
+        # (See #send_packet and #read_packet).
+        def send_and_wait(type, *args)
+          send_packet(type, *args)
+          read_packet
+        end
+
+        # Returns +true+ if the parameter indicates a "failure" response from
+        # the agent, and +false+ otherwise.
+        def agent_failed(type)
+          type == SSH_AGENT_FAILURE ||
+            type == SSH2_AGENT_FAILURE ||
+            type == SSH_COM_AGENT2_FAILURE
+        end
+
+        def blob_for_add(priv_key)
+          # Ideally we'd have something like `to_private_blob` on the various key types, but the
+          # nuances with encoding (e.g. `n` and `e` are reversed for RSA keys) make this impractical.
+          case priv_key.ssh_type
+          when /^ssh-dss$/
+            Net::SSH::Buffer.from(:bignum, priv_key.p, :bignum, priv_key.q, :bignum, priv_key.g,
+                                  :bignum, priv_key.pub_key, :bignum, priv_key.priv_key).to_s
+          when /^ssh-dss-cert-v01@openssh\.com$/
+            Net::SSH::Buffer.from(:string, priv_key.to_blob, :bignum, priv_key.key.priv_key).to_s
+          when /^ecdsa\-sha2\-(\w*)$/
+            curve_name = OpenSSL::PKey::EC::CurveNameAliasInv[priv_key.group.curve_name]
+            Net::SSH::Buffer.from(:string, curve_name, :mstring, priv_key.public_key.to_bn.to_s(2),
+                                  :bignum, priv_key.private_key).to_s
+          when /^ecdsa\-sha2\-(\w*)-cert-v01@openssh\.com$/
+            Net::SSH::Buffer.from(:string, priv_key.to_blob, :bignum, priv_key.key.private_key).to_s
+          when /^ssh-ed25519$/
+            Net::SSH::Buffer.from(:string, priv_key.public_key.verify_key.to_bytes,
+                                  :string, priv_key.sign_key.keypair).to_s
+          when /^ssh-ed25519-cert-v01@openssh\.com$/
+            # Unlike the other certificate types, the public key is included after the certifiate.
+            Net::SSH::Buffer.from(:string, priv_key.to_blob,
+                                  :string, priv_key.key.public_key.verify_key.to_bytes,
+                                  :string, priv_key.key.sign_key.keypair).to_s
+          when /^ssh-rsa$/
+            # `n` and `e` are reversed compared to the ordering in `OpenSSL::PKey::RSA#to_blob`.
+            Net::SSH::Buffer.from(:bignum, priv_key.n, :bignum, priv_key.e, :bignum, priv_key.d,
+                                  :bignum, priv_key.iqmp, :bignum, priv_key.p, :bignum, priv_key.q).to_s
+          when /^ssh-rsa-cert-v01@openssh\.com$/
+            Net::SSH::Buffer.from(:string, priv_key.to_blob, :bignum, priv_key.key.d,
+                                  :bignum, priv_key.key.iqmp, :bignum, priv_key.key.p,
+                                  :bignum, priv_key.key.q).to_s
+          end
+        end
+      end
+    end
+  end
+end