hrr_rb_ssh 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 37c84d4e09c166287d993d9a671989ef81f4bb4b0e4973b02fcec278c1b88baf
-  data.tar.gz: 727a7cc746ae65a3080108ff2a30cac51204f2d8883f9639d296b537180d4e05
+  metadata.gz: af60a04fe1efba55f720ee23fd252e624d3c2ba955f36462e5ef766f6ad8acaa
+  data.tar.gz: 5be5463dbc89b27652abd85ad6e4ef5d87f0639f8a32df370b0677d20dcbb39b
 SHA512:
-  metadata.gz: 95c4301166e4bf46944ed1bb61ba5e994972a9853b3a0fa68d7ce76689c7b8717afaa460ae0a9a65a4af8461de4b512bfd7f87bef961e7db28b89165b43d3a44
-  data.tar.gz: e2ae2edc15ceabe5b1ed36d8b4f3d4efab7f62a950a7e9962483446587be33da7a494aa1ce53bf62f2a7142f213c25a57ec6defd75656d08e7a4e1ba463def29
+  metadata.gz: 500b7e3562f9d413c9698cc167e51e3c2635b4658a6667ddfbf0d717aec68711aa81f51df85b203d7a26e42f62b9d5bc4e11a2c86b2f81594f5458b6b64f5790
+  data.tar.gz: cc7bcc38e495f362dec7bbfe7fdae03c743945e1093b09ae1122f0cd27a43c4ba274935cd390120b6a845307d3340d033e04ab94722cd79a66985687ae5f0b28

data/README.md

@@ -3,6 +3,7 @@
 [![Build Status](https://travis-ci.org/hirura/hrr_rb_ssh.svg?branch=master)](https://travis-ci.org/hirura/hrr_rb_ssh)
 [![Maintainability](https://api.codeclimate.com/v1/badges/f5dfdb97d72f24ca5939/maintainability)](https://codeclimate.com/github/hirura/hrr_rb_ssh/maintainability)
 [![Test Coverage](https://api.codeclimate.com/v1/badges/f5dfdb97d72f24ca5939/test_coverage)](https://codeclimate.com/github/hirura/hrr_rb_ssh/test_coverage)
+[![Gem Version](https://badge.fury.io/rb/hrr_rb_ssh.svg)](https://badge.fury.io/rb/hrr_rb_ssh)
 
 hrr_rb_ssh is a pure Ruby SSH2 server implementation.
 

data/demo/echo_server.rb

@@ -0,0 +1,67 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'logger'
+require 'pty'
+require 'socket'
+
+begin
+  require 'hrr_rb_ssh'
+rescue LoadError
+  $:.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+  require 'hrr_rb_ssh'
+end
+
+
+logger = Logger.new STDOUT
+logger.level = Logger::INFO
+HrrRbSsh::Logger.initialize logger
+
+
+auth_password = HrrRbSsh::Authentication::Authenticator.new { |context|
+  user_and_pass = [
+    ['user1',  'password1'],
+    ['user2',  'password2'],
+  ]
+  user_and_pass.any? { |user, pass|
+    context.verify user, pass
+  }
+}
+
+conn_echo = HrrRbSsh::Connection::RequestHandler.new { |context|
+  context.chain_proc { |chain|
+    begin
+      loop do
+        buf = context.io.readpartial(10240)
+        break if buf.include?(0x04.chr) # break if ^D
+        context.io.write buf
+      end
+      exitstatus = 0
+    rescue => e
+      logger.error([e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join)
+      exitstatus = 1
+    end
+    exitstatus
+  }
+}
+
+options = {}
+options['authentication_password_authenticator'] = auth_password
+options['connection_channel_request_shell']      = conn_echo
+
+
+server = TCPServer.new 10022
+while true
+  t = Thread.new(server.accept) do |io|
+    begin
+      tran = HrrRbSsh::Transport.new      io, HrrRbSsh::Transport::Mode::SERVER
+      auth = HrrRbSsh::Authentication.new tran, options
+      conn = HrrRbSsh::Connection.new     auth, options
+      conn.start
+    rescue => e
+      logger.error([e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join)
+    ensure
+      io.close
+    end
+  end
+end

data/demo/server.rb

@@ -18,11 +18,25 @@ logger.level = Logger::INFO
 HrrRbSsh::Logger.initialize logger
 
 
-options = {}
-
 auth_none = HrrRbSsh::Authentication::Authenticator.new { |context|
   false
 }
+auth_publickey = HrrRbSsh::Authentication::Authenticator.new { |context|
+  username = 'user1'
+  public_key_algorithm_name = 'ssh-rsa'
+  public_key = <<-'EOB'
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OnIQcRTdeTZFjhGcx8f
+ssCgeqzY47p5KhT/gKMz2nOANNLCBr9e6IGaRePew03St3Cn0ApikuGzPnWxSlBT
+H6OpR/EnUmBttlvcL28CGOsZIwYJtAdVsGXpIXtiPLl2eEzaM9aBsS/LGWKgQNo3
+86UGa5j20yGJfsL9WIMCVoGvsA06+4VX1/zlWXwVJSNep674bmSWPcVtXWWZIk19
+T6b+xuqhfiUpbc/stfdmgDc3B/ZgpFsQh5oWBoAfkL6kAEa4oQBFhqF0QM5ej6h5
+wqbQt4paM0aEuypWE+CaizA0I+El7f0y+59sUqTAN/7F9UlXaOBdd9SZkhACBrAR
+nQIDAQAB
+-----END PUBLIC KEY-----
+  EOB
+  context.verify username, public_key_algorithm_name, public_key
+}
 auth_password = HrrRbSsh::Authentication::Authenticator.new { |context|
   user_and_pass = [
     ['user1',  'password1'],
@@ -114,12 +128,29 @@ conn_shell = HrrRbSsh::Connection::RequestHandler.new { |context|
     status.exitstatus
   }
 }
+conn_exec = HrrRbSsh::Connection::RequestHandler.new { |context|
+  context.chain_proc { |chain|
+    pid = fork do
+      Process.setsid
+      context.vars[:env] ||= Hash.new
+      exec context.vars[:env], context.command, in: context.io, out: context.io, err: context.io
+    end
+    pid, status = Process.waitpid2 pid
+    status.exitstatus
+  }
+}
+
+
+options = {}
+
+options['authentication_none_authenticator']      = auth_none
+options['authentication_publickey_authenticator'] = auth_publickey
+options['authentication_password_authenticator']  = auth_password
 
-options['authentication_none_authenticator']     = auth_none
-options['authentication_password_authenticator'] = auth_password
-options['connection_channel_request_pty_req']    = conn_pty
-options['connection_channel_request_env']        = conn_env
-options['connection_channel_request_shell']      = conn_shell
+options['connection_channel_request_pty_req'] = conn_pty
+options['connection_channel_request_env']     = conn_env
+options['connection_channel_request_shell']   = conn_shell
+options['connection_channel_request_exec']    = conn_exec
 
 
 server = TCPServer.new 10022

data/hrr_rb_ssh.gemspec

@@ -6,20 +6,20 @@ require "hrr_rb_ssh/version"
 Gem::Specification.new do |spec|
   spec.name          = "hrr_rb_ssh"
   spec.version       = HrrRbSsh::VERSION
+  spec.license       = 'Apache-2.0'
+  spec.summary       = %q{Pure Ruby SSH2 server implementation}
+  spec.description   = %q{Pure Ruby SSH2 server implementation}
   spec.authors       = ["hirura"]
   spec.email         = ["hirura@gmail.com"]
-
-  spec.summary       = %q{SSH2 protocol implementation}
-  spec.description   = %q{SSH2 protocol implementation}
   spec.homepage      = "https://github.com/hirura/hrr_rb_ssh"
 
   spec.files         = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
+  spec.required_ruby_version = '>= 2.0.0'
+
   spec.add_development_dependency "bundler", "~> 1.16"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "rspec", "~> 3.0"

data/lib/hrr_rb_ssh/authentication/method/publickey/context.rb

@@ -0,0 +1,63 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/logger'
+
+module HrrRbSsh
+  class Authentication
+    module Method
+      class Publickey
+        class Context
+          attr_reader \
+            :username,
+            :session_id,
+            :message_number,
+            :service_name,
+            :method_name,
+            :with_signature,
+            :public_key_algorithm_name,
+            :public_key_blob,
+            :signature
+
+          def initialize username, algorithm, session_id, message
+            @username   = username
+            @algorithm  = algorithm
+            @session_id = session_id
+            @message    = message
+
+            @message_number            = message['message number']
+            @service_name              = message['service name']
+            @method_name               = message['method name']
+            @with_signature            = message['with signature']
+            @public_key_algorithm_name = message['public key algorithm name']
+            @public_key_blob           = message['public key blob']
+            @signature                 = message['signature']
+          end
+
+          def verify username, public_key_algorithm_name, public_key
+              verify_username(username) \
+              && verify_public_key_algorithm_name(public_key_algorithm_name) \
+              && verify_public_key(public_key_algorithm_name, public_key) \
+              && verify_signature
+          end
+
+          def verify_username username
+            username == @username
+          end
+
+          def verify_public_key_algorithm_name public_key_algorithm_name
+            public_key_algorithm_name == @public_key_algorithm_name
+          end
+
+          def verify_public_key public_key_algorithm_name, public_key
+            @algorithm.verify_public_key(public_key_algorithm_name, public_key, @public_key_blob)
+          end
+
+          def verify_signature
+            @algorithm.verify_signature(@session_id, @message)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/authentication/method/publickey/ssh_rsa.rb

@@ -0,0 +1,116 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/transport/data_type'
+
+module HrrRbSsh
+  class Authentication
+    module Method
+      class Publickey
+        name_list = [
+          'ssh-rsa'
+        ]
+
+        class SshRsa
+          NAME   = 'ssh-rsa'
+          DIGEST = 'sha1'
+
+          PUBLIC_KEY_BLOB_DEFINITION = [
+            ['string', 'public key algorithm name'],
+            ['mpint',  'e'],
+            ['mpint',  'n'],
+          ]
+
+          SIGNATURE_DEFINITION = [
+            ['string', 'public key algorithm name'],
+            ['string', 'signature blob'],
+          ]
+
+          SIGNATURE_BLOB_DEFINITION = [
+            ['string',  'session identifier'],
+            ['byte',    'message number'],
+            ['string',  'user name'],
+            ['string',  'service name'],
+            ['string',  'method name'],
+            ['boolean', 'with signature'],
+            ['string',  'public key algorithm name'],
+            ['string',  'public key blob'],
+          ]
+
+          def initialize
+            @logger = HrrRbSsh::Logger.new self.class.name
+          end
+
+          def encode definition, payload
+            definition.map{ |data_type, field_name|
+              field_value = if payload[field_name].instance_of? ::Proc then payload[field_name].call else payload[field_name] end
+              HrrRbSsh::Transport::DataType[data_type].encode(field_value)
+            }.join
+          end
+
+          def decode definition, payload
+            payload_io = StringIO.new payload, 'r'
+            definition.map{ |data_type, field_name|
+              [
+                field_name,
+                HrrRbSsh::Transport::DataType[data_type].decode(payload_io)
+              ]
+            }.to_h
+          end
+
+          def verify_public_key public_key_algorithm_name, public_key, public_key_blob
+            public_key = case public_key
+                         when String
+                           OpenSSL::PKey::RSA.new(public_key)
+                         when OpenSSL::PKey::RSA
+                           public_key
+                         else
+                           return false
+                         end
+            public_key_message = {
+              'public key algorithm name' => public_key_algorithm_name,
+              'e'                         => public_key.e.to_i,
+              'n'                         => public_key.n.to_i,
+            }
+            public_key_blob == encode(PUBLIC_KEY_BLOB_DEFINITION, public_key_message)
+          end
+
+          def verify_signature session_id, message
+            signature_message   = decode SIGNATURE_DEFINITION, message['signature']
+            signature_algorithm = signature_message['public key algorithm name']
+            signature_blob      = signature_message['signature blob']
+
+            public_key = decode PUBLIC_KEY_BLOB_DEFINITION, message['public key blob']
+            algorithm = OpenSSL::PKey::RSA.new
+            if algorithm.respond_to?(:set_key)
+              algorithm.set_key public_key['n'], public_key['e'], nil
+            else
+              algorithm.e = public_key['e']
+              algorithm.n = public_key['n']
+            end
+
+            data_message = {
+              'session identifier'        => session_id,
+              'message number'            => message['message number'],
+              'user name'                 => message['user name'],
+              'service name'              => message['service name'],
+              'method name'               => message['method name'],
+              'with signature'            => message['with signature'],
+              'public key algorithm name' => message['public key algorithm name'],
+              'public key blob'           => message['public key blob'],
+            }
+            data_blob = encode SIGNATURE_BLOB_DEFINITION, data_message
+
+            (signature_algorithm == message['public key algorithm name']) && algorithm.verify(DIGEST, signature_blob, data_blob)
+          end
+        end
+
+        @@algorithm_list ||= Hash.new
+        name_list.each do |name|
+          @@algorithm_list[name] = SshRsa
+        end
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/authentication/method/publickey.rb

@@ -0,0 +1,68 @@
+# coding: utf-8
+# vim: et ts=2 sw=2
+
+require 'hrr_rb_ssh/logger'
+require 'hrr_rb_ssh/authentication/method/publickey/context'
+require 'hrr_rb_ssh/authentication/method/publickey/ssh_rsa'
+
+module HrrRbSsh
+  class Authentication
+    module Method
+      name_list = [
+        'publickey'
+      ]
+
+      class Publickey
+        @@algorithm_list ||= Hash.new
+
+        def self.[] key
+          @@algorithm_list[key]
+        end
+
+        def self.algorithm_name_list
+          @@algorithm_list.keys
+        end
+
+        def initialize options
+          @logger = HrrRbSsh::Logger.new self.class.name
+
+          @session_id = options['session id']
+          @authenticator = options.fetch( 'authentication_publickey_authenticator', Authenticator.new { false } )
+        end
+
+        def authenticate userauth_request_message
+          public_key_algorithm_name = userauth_request_message['public key algorithm name']
+          unless @@algorithm_list.has_key?(public_key_algorithm_name)
+            @logger.info("unsupported public key algorithm: #{public_key_algorithm_name}")
+            return false
+          end
+          unless userauth_request_message['with signature']
+            @logger.info("public key algorithm is ok, require signature")
+            public_key_blob = userauth_request_message['public key blob']
+            userauth_pk_ok_message public_key_algorithm_name, public_key_blob
+          else
+            @logger.info("verify signature")
+            username = userauth_request_message['user name']
+            algorithm = @@algorithm_list[public_key_algorithm_name].new
+            context = Context.new(username, algorithm, @session_id, userauth_request_message)
+            @authenticator.authenticate context
+          end
+        end
+
+        def userauth_pk_ok_message public_key_algorithm_name, public_key_blob
+          message = {
+            'message number'                             => HrrRbSsh::Message::SSH_MSG_USERAUTH_PK_OK::VALUE,
+            'public key algorithm name from the request' => public_key_algorithm_name,
+            'public key blob from the request'           => public_key_blob,
+          }
+          payload = HrrRbSsh::Message::SSH_MSG_USERAUTH_PK_OK.encode message
+        end
+      end
+
+      @@list ||= Hash.new
+      name_list.each do |name|
+        @@list[name] = Publickey
+      end
+    end
+  end
+end

data/lib/hrr_rb_ssh/authentication/method.rb

@@ -3,6 +3,7 @@
 
 require 'hrr_rb_ssh/authentication/method/none'
 require 'hrr_rb_ssh/authentication/method/password'
+require 'hrr_rb_ssh/authentication/method/publickey'
 
 module HrrRbSsh
   class Authentication

data/lib/hrr_rb_ssh/authentication.rb

@@ -69,15 +69,21 @@ module HrrRbSsh
         when HrrRbSsh::Message::SSH_MSG_USERAUTH_REQUEST::VALUE
           userauth_request_message = HrrRbSsh::Message::SSH_MSG_USERAUTH_REQUEST.decode payload
           method_name = userauth_request_message['method name']
-          method = Method[method_name].new(@options)
-          if method.authenticate(userauth_request_message)
+          method = Method[method_name].new({'session id' => @transport.session_id}.merge(@options))
+          result = method.authenticate(userauth_request_message)
+          case result
+          when TrueClass
+            @logger.info("verified")
             send_userauth_success
             @username = userauth_request_message['user name']
             @closed = false
             break
-          else
+          when FalseClass
+            @logger.info("verify failed")
             send_userauth_failure
-            @closed = true
+          when String
+            @logger.info("send method specific message to continue")
+            send_method_specific_message result
           end
         else
           @closed = true
@@ -88,7 +94,7 @@ module HrrRbSsh
 
     def send_userauth_failure
       message = {
-        'SSH_MSG_USERAUTH_FAILURE'          => HrrRbSsh::Message::SSH_MSG_USERAUTH_FAILURE::VALUE,
+        'message number'                    => HrrRbSsh::Message::SSH_MSG_USERAUTH_FAILURE::VALUE,
         'authentications that can continue' => Method.name_list,
         'partial success'                   => false,
       }
@@ -98,10 +104,14 @@ module HrrRbSsh
 
     def send_userauth_success
       message = {
-        'SSH_MSG_USERAUTH_SUCCESS' => HrrRbSsh::Message::SSH_MSG_USERAUTH_SUCCESS::VALUE,
+        'message number' => HrrRbSsh::Message::SSH_MSG_USERAUTH_SUCCESS::VALUE,
       }
       payload = HrrRbSsh::Message::SSH_MSG_USERAUTH_SUCCESS.encode message
       @transport.send payload
     end
+
+    def send_method_specific_message payload
+      @transport.send payload
+    end
   end
 end

data/lib/hrr_rb_ssh/connection/channel.rb

@@ -104,20 +104,22 @@ module HrrRbSsh
             begin
               message = @receive_payload_queue.deq
               if message.nil? && @receive_payload_queue.closed?
+                @receive_data_queue.close
                 @logger.info("closing channel loop thread")
                 break
               end
-              if message.has_key?(HrrRbSsh::Message::SSH_MSG_CHANNEL_REQUEST::ID)
+              case message['message number']
+              when HrrRbSsh::Message::SSH_MSG_CHANNEL_REQUEST::VALUE
                 @logger.info("received channel request: #{message['request type']}")
                 request message, variables
                 if message['want reply']
                   send_channel_success
                 end
-              elsif message.has_key?(HrrRbSsh::Message::SSH_MSG_CHANNEL_DATA::ID)
+              when HrrRbSsh::Message::SSH_MSG_CHANNEL_DATA::VALUE
                 @logger.info("received channel data")
                 local_channel = message['recipient channel']
                 @receive_data_queue.enq message['data']
-              elsif message.has_key?(HrrRbSsh::Message::SSH_MSG_CHANNEL_WINDOW_ADJUST::ID)
+              when HrrRbSsh::Message::SSH_MSG_CHANNEL_WINDOW_ADJUST::VALUE
                 @logger.debug("received channel window adjust")
                 @remote_window_size = [@remote_window_size + message['bytes to add'], 0xffff_ffff].min
               else
@@ -125,10 +127,10 @@ module HrrRbSsh
               end
             rescue => e
               @logger.error([e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join)
+              close from=:channel_loop_thread
               break
             end
           end
-          close from=:channel_loop_thread
           @logger.info("channel loop thread closed")
         end
       end
@@ -173,6 +175,9 @@ module HrrRbSsh
               data = @receive_data_queue.deq
               if data.nil? && @receive_data_queue.closed?
                 @logger.info("closing receiver thread")
+                @logger.info("closing channel IO write")
+                @channel_io.close_write
+                @logger.info("channel IO write closed")
                 break
               end
               @channel_io.write data
@@ -185,9 +190,11 @@ module HrrRbSsh
             rescue IOError => e
               @logger.warn("channel IO is closed")
               close
+              break
             rescue => e
               @logger.error([e.backtrace[0], ": ", e.message, " (", e.class.to_s, ")\n\t", e.backtrace[1..-1].join("\n\t")].join)
               close
+              break
             end
           end
           @logger.info("receiver thread closed")
@@ -217,8 +224,8 @@ module HrrRbSsh
 
       def send_channel_success
         message = {
-          'SSH_MSG_CHANNEL_SUCCESS' => HrrRbSsh::Message::SSH_MSG_CHANNEL_SUCCESS::VALUE,
-          'recipient channel'       => @remote_channel,
+          'message number'    => HrrRbSsh::Message::SSH_MSG_CHANNEL_SUCCESS::VALUE,
+          'recipient channel' => @remote_channel,
         }
         payload = HrrRbSsh::Message::SSH_MSG_CHANNEL_SUCCESS.encode message
         @connection.send payload
@@ -226,9 +233,9 @@ module HrrRbSsh
 
       def send_channel_window_adjust
         message = {
-          'SSH_MSG_CHANNEL_WINDOW_ADJUST' => HrrRbSsh::Message::SSH_MSG_CHANNEL_WINDOW_ADJUST::VALUE,
-          'recipient channel'             => @remote_channel,
-          'bytes to add'                  => INITIAL_WINDOW_SIZE,
+          'message number'    => HrrRbSsh::Message::SSH_MSG_CHANNEL_WINDOW_ADJUST::VALUE,
+          'recipient channel' => @remote_channel,
+          'bytes to add'      => INITIAL_WINDOW_SIZE,
         }
         payload = HrrRbSsh::Message::SSH_MSG_CHANNEL_WINDOW_ADJUST.encode message
         @connection.send payload
@@ -236,9 +243,9 @@ module HrrRbSsh
 
       def send_channel_data data
         message = {
-          'SSH_MSG_CHANNEL_DATA' => HrrRbSsh::Message::SSH_MSG_CHANNEL_DATA::VALUE,
-          'recipient channel'    => @remote_channel,
-          'data'                 => data,
+          'message number'    => HrrRbSsh::Message::SSH_MSG_CHANNEL_DATA::VALUE,
+          'recipient channel' => @remote_channel,
+          'data'              => data,
         }
         payload = HrrRbSsh::Message::SSH_MSG_CHANNEL_DATA.encode message
         @connection.send payload
@@ -246,11 +253,11 @@ module HrrRbSsh
 
       def send_channel_request_exit_status exitstatus
         message = {
-          'SSH_MSG_CHANNEL_REQUEST' => HrrRbSsh::Message::SSH_MSG_CHANNEL_REQUEST::VALUE,
-          'recipient channel'       => @remote_channel,
-          'request type'            => 'exit-status',
-          'want reply'              => false,
-          'exit status'             => exitstatus,
+          'message number'    => HrrRbSsh::Message::SSH_MSG_CHANNEL_REQUEST::VALUE,
+          'recipient channel' => @remote_channel,
+          'request type'      => 'exit-status',
+          'want reply'        => false,
+          'exit status'       => exitstatus,
         }
         payload = HrrRbSsh::Message::SSH_MSG_CHANNEL_REQUEST.encode message
         @connection.send payload
@@ -258,8 +265,8 @@ module HrrRbSsh
 
       def send_channel_eof
         message = {
-          'SSH_MSG_CHANNEL_EOF' => HrrRbSsh::Message::SSH_MSG_CHANNEL_EOF::VALUE,
-          'recipient channel'   => @remote_channel,
+          'message number'    => HrrRbSsh::Message::SSH_MSG_CHANNEL_EOF::VALUE,
+          'recipient channel' => @remote_channel,
         }
         payload = HrrRbSsh::Message::SSH_MSG_CHANNEL_EOF.encode message
         @connection.send payload
@@ -267,8 +274,8 @@ module HrrRbSsh
 
       def send_channel_close
         message = {
-          'SSH_MSG_CHANNEL_CLOSE' => HrrRbSsh::Message::SSH_MSG_CHANNEL_CLOSE::VALUE,
-          'recipient channel'     => @remote_channel,
+          'message number'    => HrrRbSsh::Message::SSH_MSG_CHANNEL_CLOSE::VALUE,
+          'recipient channel' => @remote_channel,
         }
         payload = HrrRbSsh::Message::SSH_MSG_CHANNEL_CLOSE.encode message
         @connection.send payload

data/lib/hrr_rb_ssh/connection.rb

@@ -74,6 +74,8 @@ module HrrRbSsh
           channel_window_adjust payload
         when HrrRbSsh::Message::SSH_MSG_CHANNEL_DATA::VALUE
           channel_data payload
+        when HrrRbSsh::Message::SSH_MSG_CHANNEL_EOF::VALUE
+          channel_eof payload
         when HrrRbSsh::Message::SSH_MSG_CHANNEL_CLOSE::VALUE
           channel_close payload
         else
@@ -129,18 +131,28 @@ module HrrRbSsh
       @channels[local_channel].receive_payload_queue.enq message
     end
 
+    def channel_eof payload
+      @logger.info('received ' + HrrRbSsh::Message::SSH_MSG_CHANNEL_EOF::ID)
+      message = HrrRbSsh::Message::SSH_MSG_CHANNEL_EOF.decode payload
+      local_channel = message['recipient channel']
+      channel = @channels[local_channel]
+      channel.receive_payload_queue.close
+    end
+
     def channel_close payload
       @logger.info('received ' + HrrRbSsh::Message::SSH_MSG_CHANNEL_CLOSE::ID)
       message = HrrRbSsh::Message::SSH_MSG_CHANNEL_CLOSE.decode payload
       local_channel = message['recipient channel']
       channel = @channels[local_channel]
       channel.close
+      @logger.info("deleting channel")
       @channels.delete local_channel
+      @logger.info("channel deleted")
     end
 
     def send_request_success
       message = {
-        'SSH_MSG_REQUEST_SUCCESS' => HrrRbSsh::Message::SSH_MSG_REQUEST_SUCCESS::VALUE,
+        'message number' => HrrRbSsh::Message::SSH_MSG_REQUEST_SUCCESS::VALUE,
       }
       payload = HrrRbSsh::Message::SSH_MSG_REQUEST_SUCCESS.encode message
       @authentication.send payload
@@ -148,7 +160,7 @@ module HrrRbSsh
 
     def send_request_failure
       message = {
-        'SSH_MSG_REQUEST_FAILURE' => HrrRbSsh::Message::SSH_MSG_REQUEST_FAILURE::VALUE,
+        'message number' => HrrRbSsh::Message::SSH_MSG_REQUEST_FAILURE::VALUE,
       }
       payload = HrrRbSsh::Message::SSH_MSG_REQUEST_FAILURE.encode message
       @authentication.send payload
@@ -156,12 +168,12 @@ module HrrRbSsh
 
     def send_channel_open_confirmation channel_type, local_channel, remote_channel, initial_window_size, maximum_packet_size
       message = {
-        'SSH_MSG_CHANNEL_OPEN_CONFIRMATION' => HrrRbSsh::Message::SSH_MSG_CHANNEL_OPEN_CONFIRMATION::VALUE,
-        'channel type'                      => channel_type,
-        'recipient channel'                 => remote_channel,
-        'sender channel'                    => local_channel,
-        'initial window size'               => initial_window_size,
-        'maximum packet size'               => maximum_packet_size,
+        'message number'      => HrrRbSsh::Message::SSH_MSG_CHANNEL_OPEN_CONFIRMATION::VALUE,
+        'channel type'        => channel_type,
+        'recipient channel'   => remote_channel,
+        'sender channel'      => local_channel,
+        'initial window size' => initial_window_size,
+        'maximum packet size' => maximum_packet_size,
       }
       payload = HrrRbSsh::Message::SSH_MSG_CHANNEL_OPEN_CONFIRMATION.encode message
       @authentication.send payload

data/lib/hrr_rb_ssh/message/001_ssh_msg_disconnect.rb

@@ -34,7 +34,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_DISCONNECT'],
+        ['byte',      'message number'],
         ['uint32',    'reason code'],
         ['string',    'description'],
         ['string',    'language tag'],

data/lib/hrr_rb_ssh/message/002_ssh_msg_ignore.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_IGNORE'],
+        ['byte',      'message number'],
         ['string',    'data'],
       ]
     end

data/lib/hrr_rb_ssh/message/003_ssh_msg_unimplemented.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_UNIMPLEMENTED'],
+        ['byte',      'message number'],
         ['uint32',    'packet sequence number of rejected message'],
       ]
     end

data/lib/hrr_rb_ssh/message/004_ssh_msg_debug.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_DEBUG'],
+        ['byte',      'message number'],
         ['boolean',   'always_display'],
         ['string',    'message'],
         ['string',    'language tag'],

data/lib/hrr_rb_ssh/message/005_ssh_msg_service_request.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_SERVICE_REQUEST'],
+        ['byte',      'message number'],
         ['string',    'service name'],
       ]
     end

data/lib/hrr_rb_ssh/message/006_ssh_msg_service_accept.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_SERVICE_ACCEPT'],
+        ['byte',      'message number'],
         ['string',    'service name'],
       ]
     end

data/lib/hrr_rb_ssh/message/020_ssh_msg_kexinit.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_KEXINIT'],
+        ['byte',      'message number'],
         ['byte',      'cookie (random byte)'],
         ['byte',      'cookie (random byte)'],
         ['byte',      'cookie (random byte)'],

data/lib/hrr_rb_ssh/message/021_ssh_msg_newkeys.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_NEWKEYS'],
+        ['byte',      'message number'],
       ]
     end
   end

data/lib/hrr_rb_ssh/message/030_ssh_msg_kexdh_init.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_KEXDH_INIT'],
+        ['byte',      'message number'],
         ['mpint',     'e'],
       ]
     end

data/lib/hrr_rb_ssh/message/031_ssh_msg_kexdh_reply.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_KEXDH_REPLY'],
+        ['byte',      'message number'],
         ['string',    'server public host key and certificates (K_S)'],
         ['mpint',     'f'],
         ['string',    'signature of H'],

data/lib/hrr_rb_ssh/message/050_ssh_msg_userauth_request.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_USERAUTH_REQUEST'],
+        ['byte',      'message number'],
         ['string',    'user name'],
         ['string',    'service name'],
         ['string',    'method name'],

data/lib/hrr_rb_ssh/message/051_ssh_msg_userauth_failure.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_USERAUTH_FAILURE'],
+        ['byte',      'message number'],
         ['name-list', 'authentications that can continue'],
         ['boolean',   'partial success'],
       ]

data/lib/hrr_rb_ssh/message/052_ssh_msg_userauth_success.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_USERAUTH_SUCCESS'],
+        ['byte',      'message number'],
       ]
     end
   end

data/lib/hrr_rb_ssh/message/060_ssh_msg_userauth_pk_ok.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_USERAUTH_PK_OK'],
+        ['byte',      'message number'],
         ['string',    'public key algorithm name from the request'],
         ['string',    'public key blob from the request'],
       ]

data/lib/hrr_rb_ssh/message/080_ssh_msg_global_request.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_GLOBAL_REQUEST'],
+        ['byte',      'message number'],
         ['string',    'request name'],
         ['boolean',   'want reply'],
       ]

data/lib/hrr_rb_ssh/message/081_ssh_msg_request_success.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_REQUEST_SUCCESS'],
+        ['byte',      'message number'],
       ]
 
       TCPIP_FORWARD_DEFINITION = [

data/lib/hrr_rb_ssh/message/082_ssh_msg_request_failure.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_REQUEST_FAILURE'],
+        ['byte',      'message number'],
       ]
     end
   end

data/lib/hrr_rb_ssh/message/090_ssh_msg_channel_open.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_OPEN'],
+        ['byte',      'message number'],
         ['string',    'channel type'],
         ['uint32',    'sender channel'],
         ['uint32',    'initial window size'],

data/lib/hrr_rb_ssh/message/091_ssh_msg_channel_open_confirmation.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_OPEN_CONFIRMATION'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
         ['uint32',    'sender channel'],
         ['uint32',    'initial window size'],

data/lib/hrr_rb_ssh/message/092_ssh_msg_channel_open_failure.rb

@@ -23,7 +23,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_OPEN_FAILURE'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
         ['uint32',    'reason code'],
         ['string',    'description'],

data/lib/hrr_rb_ssh/message/093_ssh_msg_channel_window_adjust.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_WINDOW_ADJUST'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
         ['uint32',    'bytes to add'],
       ]

data/lib/hrr_rb_ssh/message/094_ssh_msg_channel_data.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_DATA'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
         ['string',    'data'],
       ]

data/lib/hrr_rb_ssh/message/095_ssh_msg_channel_extended_data.rb

@@ -20,7 +20,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_EXTENDED_DATA'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
         ['uint32',    'data type code'],
         ['string',    'data'],

data/lib/hrr_rb_ssh/message/096_ssh_msg_channel_eof.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_EOF'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
       ]
     end

data/lib/hrr_rb_ssh/message/097_ssh_msg_channel_close.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_CLOSE'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
       ]
     end

data/lib/hrr_rb_ssh/message/098_ssh_msg_channel_request.rb

@@ -32,7 +32,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_REQUEST'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
         ['string',    'request type'],
         ['boolean',   'want reply'],

data/lib/hrr_rb_ssh/message/099_ssh_msg_channel_success.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_SUCCESS'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
       ]
     end

data/lib/hrr_rb_ssh/message/100_ssh_msg_channel_failure.rb

@@ -16,7 +16,7 @@ module HrrRbSsh
 
       DEFINITION = [
         # [Data Type, Field Name]
-        ['byte',      'SSH_MSG_CHANNEL_FAILURE'],
+        ['byte',      'message number'],
         ['uint32',    'recipient channel'],
       ]
     end

data/lib/hrr_rb_ssh/transport.rb

@@ -280,10 +280,10 @@ module HrrRbSsh
 
     def send_disconnect
       message = {
-        "SSH_MSG_DISCONNECT" => 1,
-        "reason code"        => HrrRbSsh::Message::SSH_MSG_DISCONNECT::ReasonCode::SSH_DISCONNECT_BY_APPLICATION,
-        "description"        => "disconnected by user",
-        "language tag"       => ""
+        'message number' => HrrRbSsh::Message::SSH_MSG_DISCONNECT::VALUE,
+        "reason code"    => HrrRbSsh::Message::SSH_MSG_DISCONNECT::ReasonCode::SSH_DISCONNECT_BY_APPLICATION,
+        "description"    => "disconnected by user",
+        "language tag"   => ""
       }
       payload = HrrRbSsh::Message::SSH_MSG_DISCONNECT.encode message
       @sender.send self, payload
@@ -291,7 +291,7 @@ module HrrRbSsh
 
     def send_kexinit
       message = {
-        'SSH_MSG_KEXINIT'                         => HrrRbSsh::Message::SSH_MSG_KEXINIT::VALUE,
+        'message number'                          => HrrRbSsh::Message::SSH_MSG_KEXINIT::VALUE,
         'cookie (random byte)'                    => lambda { rand(0x01_00) },
         'kex_algorithms'                          => @local_kex_algorithms,
         'server_host_key_algorithms'              => @local_server_host_key_algorithms,
@@ -343,7 +343,7 @@ module HrrRbSsh
 
     def send_kexdh_reply
         message = {
-          'SSH_MSG_KEXDH_REPLY'                           => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
+          'message number'                                => HrrRbSsh::Message::SSH_MSG_KEXDH_REPLY::VALUE,
           'server public host key and certificates (K_S)' => @server_host_key_algorithm.server_public_host_key,
           'f'                                             => @kex_algorithm.pub_key,
           'signature of H'                                => @kex_algorithm.sign(self),
@@ -354,7 +354,7 @@ module HrrRbSsh
 
     def send_newkeys
         message = {
-          'SSH_MSG_NEWKEYS' => HrrRbSsh::Message::SSH_MSG_NEWKEYS::VALUE,
+          'message number' => HrrRbSsh::Message::SSH_MSG_NEWKEYS::VALUE,
         }
         payload = HrrRbSsh::Message::SSH_MSG_NEWKEYS.encode message
         @sender.send self, payload
@@ -376,8 +376,8 @@ module HrrRbSsh
 
     def send_service_accept service_name
         message = {
-          'SSH_MSG_SERVICE_ACCEPT' => HrrRbSsh::Message::SSH_MSG_SERVICE_ACCEPT::VALUE,
-          'service name'           => service_name,
+          'message number' => HrrRbSsh::Message::SSH_MSG_SERVICE_ACCEPT::VALUE,
+          'service name'   => service_name,
         }
         payload = HrrRbSsh::Message::SSH_MSG_SERVICE_ACCEPT.encode message
         @sender.send self, payload

data/lib/hrr_rb_ssh/version.rb

@@ -2,5 +2,5 @@
 # vim: et ts=2 sw=2
 
 module HrrRbSsh
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: hrr_rb_ssh
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - hirura
 autorequire: 
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2018-04-01 00:00:00.000000000 Z
+date: 2018-04-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -66,7 +66,7 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.0.8
-description: SSH2 protocol implementation
+description: Pure Ruby SSH2 server implementation
 email:
 - hirura@gmail.com
 executables: []
@@ -81,8 +81,7 @@ files:
 - LICENSE
 - README.md
 - Rakefile
-- bin/console
-- bin/setup
+- demo/echo_server.rb
 - demo/server.rb
 - hrr_rb_ssh.gemspec
 - lib/hrr_rb_ssh.rb
@@ -93,6 +92,9 @@ files:
 - lib/hrr_rb_ssh/authentication/method/none/context.rb
 - lib/hrr_rb_ssh/authentication/method/password.rb
 - lib/hrr_rb_ssh/authentication/method/password/context.rb
+- lib/hrr_rb_ssh/authentication/method/publickey.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/context.rb
+- lib/hrr_rb_ssh/authentication/method/publickey/ssh_rsa.rb
 - lib/hrr_rb_ssh/closed_authentication_error.rb
 - lib/hrr_rb_ssh/closed_connection_error.rb
 - lib/hrr_rb_ssh/closed_transport_error.rb
@@ -168,7 +170,8 @@ files:
 - lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb
 - lib/hrr_rb_ssh/version.rb
 homepage: https://github.com/hirura/hrr_rb_ssh
-licenses: []
+licenses:
+- Apache-2.0
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -178,7 +181,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -189,5 +192,5 @@ rubyforge_project:
 rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
-summary: SSH2 protocol implementation
+summary: Pure Ruby SSH2 server implementation
 test_files: []

data/bin/console

@@ -1,14 +0,0 @@
-#!/usr/bin/env ruby
-
-require "bundler/setup"
-require "hrr_rb_ssh"
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require "irb"
-IRB.start(__FILE__)

data/bin/setup

@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install
-
-# Do any other automated setup that you need to do here