hrr_rb_ssh 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/demo/server.rb +5 -97
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/public_key_blob.rb +30 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature.rb +27 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature_blob.rb +33 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss.rb +8 -31
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/public_key_blob.rb +28 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature.rb +27 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature_blob.rb +33 -0
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa.rb +8 -29
- data/lib/hrr_rb_ssh/codable.rb +64 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change/context.rb +50 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change.rb +33 -0
- data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type.rb +1 -0
- data/lib/hrr_rb_ssh/connection/request_handler/reference_env_request_handler.rb +21 -0
- data/lib/hrr_rb_ssh/connection/request_handler/reference_exec_request_handler.rb +28 -0
- data/lib/hrr_rb_ssh/connection/request_handler/reference_pty_req_request_handler.rb +32 -0
- data/lib/hrr_rb_ssh/connection/request_handler/reference_shell_request_handler.rb +81 -0
- data/lib/hrr_rb_ssh/connection/request_handler/reference_window_change_request_handler.rb +21 -0
- data/lib/hrr_rb_ssh/connection/request_handler.rb +6 -0
- data/lib/hrr_rb_ssh/message/001_ssh_msg_disconnect.rb +1 -1
- data/lib/hrr_rb_ssh/message/002_ssh_msg_ignore.rb +1 -1
- data/lib/hrr_rb_ssh/message/003_ssh_msg_unimplemented.rb +1 -1
- data/lib/hrr_rb_ssh/message/004_ssh_msg_debug.rb +1 -1
- data/lib/hrr_rb_ssh/message/005_ssh_msg_service_request.rb +1 -1
- data/lib/hrr_rb_ssh/message/006_ssh_msg_service_accept.rb +1 -1
- data/lib/hrr_rb_ssh/message/020_ssh_msg_kexinit.rb +1 -1
- data/lib/hrr_rb_ssh/message/021_ssh_msg_newkeys.rb +1 -1
- data/lib/hrr_rb_ssh/message/030_ssh_msg_kex_dh_gex_request_old.rb +24 -0
- data/lib/hrr_rb_ssh/message/030_ssh_msg_kexdh_init.rb +1 -1
- data/lib/hrr_rb_ssh/message/031_ssh_msg_kex_dh_gex_group.rb +25 -0
- data/lib/hrr_rb_ssh/message/031_ssh_msg_kexdh_reply.rb +1 -1
- data/lib/hrr_rb_ssh/message/032_ssh_msg_kex_dh_gex_init.rb +24 -0
- data/lib/hrr_rb_ssh/message/033_ssh_msg_kex_dh_gex_reply.rb +26 -0
- data/lib/hrr_rb_ssh/message/034_ssh_msg_kex_dh_gex_request.rb +26 -0
- data/lib/hrr_rb_ssh/message/050_ssh_msg_userauth_request.rb +1 -1
- data/lib/hrr_rb_ssh/message/051_ssh_msg_userauth_failure.rb +1 -1
- data/lib/hrr_rb_ssh/message/052_ssh_msg_userauth_success.rb +1 -1
- data/lib/hrr_rb_ssh/message/060_ssh_msg_userauth_pk_ok.rb +1 -1
- data/lib/hrr_rb_ssh/message/080_ssh_msg_global_request.rb +1 -1
- data/lib/hrr_rb_ssh/message/081_ssh_msg_request_success.rb +1 -1
- data/lib/hrr_rb_ssh/message/082_ssh_msg_request_failure.rb +1 -1
- data/lib/hrr_rb_ssh/message/090_ssh_msg_channel_open.rb +1 -1
- data/lib/hrr_rb_ssh/message/091_ssh_msg_channel_open_confirmation.rb +1 -1
- data/lib/hrr_rb_ssh/message/092_ssh_msg_channel_open_failure.rb +1 -1
- data/lib/hrr_rb_ssh/message/093_ssh_msg_channel_window_adjust.rb +1 -1
- data/lib/hrr_rb_ssh/message/094_ssh_msg_channel_data.rb +1 -1
- data/lib/hrr_rb_ssh/message/095_ssh_msg_channel_extended_data.rb +1 -1
- data/lib/hrr_rb_ssh/message/096_ssh_msg_channel_eof.rb +1 -1
- data/lib/hrr_rb_ssh/message/097_ssh_msg_channel_close.rb +1 -1
- data/lib/hrr_rb_ssh/message/098_ssh_msg_channel_request.rb +1 -1
- data/lib/hrr_rb_ssh/message/099_ssh_msg_channel_success.rb +1 -1
- data/lib/hrr_rb_ssh/message/100_ssh_msg_channel_failure.rb +1 -1
- data/lib/hrr_rb_ssh/message.rb +5 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman/h0.rb +29 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman.rb +28 -18
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group14_sha256.rb +35 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group15_sha512.rb +35 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group16_sha512.rb +41 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group17_sha512.rb +47 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group18_sha512.rb +62 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange/h0.rb +34 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange.rb +170 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha1.rb +17 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm/diffie_hellman_group_exchange_sha256.rb +17 -0
- data/lib/hrr_rb_ssh/transport/kex_algorithm.rb +7 -0
- data/lib/hrr_rb_ssh/transport/receiver.rb +16 -14
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/public_key_blob.rb +26 -0
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss/signature.rb +23 -0
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_dss.rb +11 -39
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/public_key_blob.rb +25 -0
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa/signature.rb +23 -0
- data/lib/hrr_rb_ssh/transport/server_host_key_algorithm/ssh_rsa.rb +11 -38
- data/lib/hrr_rb_ssh/transport.rb +9 -29
- data/lib/hrr_rb_ssh/version.rb +1 -1
- metadata +35 -4
- data/lib/hrr_rb_ssh/authentication/method/publickey/algorithm/codable.rb +0 -33
- data/lib/hrr_rb_ssh/message/codable.rb +0 -66
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5d27094a810417b60ee82692a67b937152a9840bd3612fd333d3ff78b8babdc8
|
4
|
+
data.tar.gz: 81a4410d0e71dd441d67c4e591b2007b024c0f447bf37d9ce6cca012e4e1205f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 40f52780040a121411281d571b486e3d0f4cc4a8f90d15c5ed996ad52dbcfa39fc42fcaa868a9effb0f3b2fabde4a1cc9140c873532607fcbcfa2e03d8e51bf9
|
7
|
+
data.tar.gz: 219acc3467eeb26a34534e29c1a85c9fb8945874ec4019549cbf7ba14235839f959f15c109117c973d7a1b8b0fd4ff6709c08dff2d156fb7c15f86005a12f34e
|
data/demo/server.rb
CHANGED
@@ -73,99 +73,6 @@ auth_password = HrrRbSsh::Authentication::Authenticator.new { |context|
|
|
73
73
|
}
|
74
74
|
}
|
75
75
|
|
76
|
-
conn_pty = HrrRbSsh::Connection::RequestHandler.new { |context|
|
77
|
-
ptm, pts = PTY.open
|
78
|
-
context.vars[:ptm] = ptm
|
79
|
-
context.vars[:pts] = pts
|
80
|
-
context.chain_proc { |chain|
|
81
|
-
begin
|
82
|
-
chain.call_next
|
83
|
-
ensure
|
84
|
-
context.vars[:ptm].close
|
85
|
-
context.vars[:pts].close
|
86
|
-
end
|
87
|
-
}
|
88
|
-
}
|
89
|
-
conn_env = HrrRbSsh::Connection::RequestHandler.new { |context|
|
90
|
-
context.vars[:env] ||= Hash.new
|
91
|
-
context.vars[:env][context.variable_name] = context.variable_value
|
92
|
-
}
|
93
|
-
conn_shell = HrrRbSsh::Connection::RequestHandler.new { |context|
|
94
|
-
ptm = context.vars[:ptm]
|
95
|
-
pts = context.vars[:pts]
|
96
|
-
|
97
|
-
context.chain_proc { |chain|
|
98
|
-
pid = fork do
|
99
|
-
ptm.close
|
100
|
-
Process.setsid
|
101
|
-
STDIN.reopen pts, 'r'
|
102
|
-
STDOUT.reopen pts, 'w'
|
103
|
-
STDERR.reopen pts, 'w'
|
104
|
-
pts.close
|
105
|
-
context.vars[:env] ||= Hash.new
|
106
|
-
exec context.vars[:env], 'login', '-f', context.username
|
107
|
-
end
|
108
|
-
|
109
|
-
pts.close
|
110
|
-
|
111
|
-
threads = []
|
112
|
-
threads.push Thread.start {
|
113
|
-
loop do
|
114
|
-
begin
|
115
|
-
context.io.write ptm.readpartial(1024)
|
116
|
-
rescue EOFError => e
|
117
|
-
context.logger.info("ptm is EOF")
|
118
|
-
break
|
119
|
-
rescue IOError => e
|
120
|
-
context.logger.warn("IO is closed")
|
121
|
-
break
|
122
|
-
rescue => e
|
123
|
-
context.logger.error(e.full_message)
|
124
|
-
break
|
125
|
-
end
|
126
|
-
end
|
127
|
-
}
|
128
|
-
threads.push Thread.start {
|
129
|
-
loop do
|
130
|
-
begin
|
131
|
-
ptm.write context.io.readpartial(1024)
|
132
|
-
rescue EOFError => e
|
133
|
-
context.logger.info("IO is EOF")
|
134
|
-
break
|
135
|
-
rescue IOError => e
|
136
|
-
context.logger.warn("IO is closed")
|
137
|
-
break
|
138
|
-
rescue => e
|
139
|
-
context.logger.error(e.full_message)
|
140
|
-
break
|
141
|
-
end
|
142
|
-
end
|
143
|
-
}
|
144
|
-
|
145
|
-
pid, status = Process.waitpid2 pid
|
146
|
-
threads.each do |t|
|
147
|
-
begin
|
148
|
-
t.exit
|
149
|
-
t.join
|
150
|
-
rescue => e
|
151
|
-
context.logger.error(e.full_message)
|
152
|
-
end
|
153
|
-
end
|
154
|
-
status.exitstatus
|
155
|
-
}
|
156
|
-
}
|
157
|
-
conn_exec = HrrRbSsh::Connection::RequestHandler.new { |context|
|
158
|
-
context.chain_proc { |chain|
|
159
|
-
pid = fork do
|
160
|
-
Process.setsid
|
161
|
-
context.vars[:env] ||= Hash.new
|
162
|
-
exec context.vars[:env], context.command, in: context.io, out: context.io, err: context.io
|
163
|
-
end
|
164
|
-
pid, status = Process.waitpid2 pid
|
165
|
-
status.exitstatus
|
166
|
-
}
|
167
|
-
}
|
168
|
-
|
169
76
|
|
170
77
|
options = {}
|
171
78
|
|
@@ -179,10 +86,11 @@ options['authentication_none_authenticator'] = auth_none
|
|
179
86
|
options['authentication_publickey_authenticator'] = auth_publickey
|
180
87
|
options['authentication_password_authenticator'] = auth_password
|
181
88
|
|
182
|
-
options['connection_channel_request_pty_req']
|
183
|
-
options['connection_channel_request_env']
|
184
|
-
options['connection_channel_request_shell']
|
185
|
-
options['connection_channel_request_exec']
|
89
|
+
options['connection_channel_request_pty_req'] = HrrRbSsh::Connection::RequestHandler::ReferencePtyReqRequestHandler.new
|
90
|
+
options['connection_channel_request_env'] = HrrRbSsh::Connection::RequestHandler::ReferenceEnvRequestHandler.new
|
91
|
+
options['connection_channel_request_shell'] = HrrRbSsh::Connection::RequestHandler::ReferenceShellRequestHandler.new
|
92
|
+
options['connection_channel_request_exec'] = HrrRbSsh::Connection::RequestHandler::ReferenceExecRequestHandler.new
|
93
|
+
options['connection_channel_request_window_change'] = HrrRbSsh::Connection::RequestHandler::ReferenceWindowChangeRequestHandler.new
|
186
94
|
|
187
95
|
|
188
96
|
server = TCPServer.new 10022
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/data_type'
|
5
|
+
require 'hrr_rb_ssh/codable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Authentication
|
9
|
+
class Method
|
10
|
+
class Publickey
|
11
|
+
class Algorithm
|
12
|
+
class SshDss
|
13
|
+
module PublicKeyBlob
|
14
|
+
class << self
|
15
|
+
include Codable
|
16
|
+
end
|
17
|
+
DEFINITION = [
|
18
|
+
[DataType::String, 'public key algorithm name'],
|
19
|
+
[DataType::Mpint, 'p'],
|
20
|
+
[DataType::Mpint, 'q'],
|
21
|
+
[DataType::Mpint, 'g'],
|
22
|
+
[DataType::Mpint, 'y'],
|
23
|
+
]
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/data_type'
|
5
|
+
require 'hrr_rb_ssh/codable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Authentication
|
9
|
+
class Method
|
10
|
+
class Publickey
|
11
|
+
class Algorithm
|
12
|
+
class SshDss
|
13
|
+
module Signature
|
14
|
+
class << self
|
15
|
+
include Codable
|
16
|
+
end
|
17
|
+
DEFINITION = [
|
18
|
+
[DataType::String, 'public key algorithm name'],
|
19
|
+
[DataType::String, 'signature blob'],
|
20
|
+
]
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/data_type'
|
5
|
+
require 'hrr_rb_ssh/codable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Authentication
|
9
|
+
class Method
|
10
|
+
class Publickey
|
11
|
+
class Algorithm
|
12
|
+
class SshDss
|
13
|
+
module SignatureBlob
|
14
|
+
class << self
|
15
|
+
include Codable
|
16
|
+
end
|
17
|
+
DEFINITION = [
|
18
|
+
[DataType::String, 'session identifier'],
|
19
|
+
[DataType::Byte, 'message number'],
|
20
|
+
[DataType::String, 'user name'],
|
21
|
+
[DataType::String, 'service name'],
|
22
|
+
[DataType::String, 'method name'],
|
23
|
+
[DataType::Boolean, 'with signature'],
|
24
|
+
[DataType::String, 'public key algorithm name'],
|
25
|
+
[DataType::String, 'public key blob'],
|
26
|
+
]
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -3,7 +3,6 @@
|
|
3
3
|
|
4
4
|
require 'hrr_rb_ssh/logger'
|
5
5
|
require 'hrr_rb_ssh/data_type'
|
6
|
-
require 'hrr_rb_ssh/authentication/method/publickey/algorithm/codable'
|
7
6
|
|
8
7
|
module HrrRbSsh
|
9
8
|
class Authentication
|
@@ -15,32 +14,6 @@ module HrrRbSsh
|
|
15
14
|
PREFERENCE = 10
|
16
15
|
DIGEST = 'sha1'
|
17
16
|
|
18
|
-
PUBLIC_KEY_BLOB_DEFINITION = [
|
19
|
-
[DataType::String, 'public key algorithm name'],
|
20
|
-
[DataType::Mpint, 'p'],
|
21
|
-
[DataType::Mpint, 'q'],
|
22
|
-
[DataType::Mpint, 'g'],
|
23
|
-
[DataType::Mpint, 'y'],
|
24
|
-
]
|
25
|
-
|
26
|
-
SIGNATURE_DEFINITION = [
|
27
|
-
[DataType::String, 'public key algorithm name'],
|
28
|
-
[DataType::String, 'signature blob'],
|
29
|
-
]
|
30
|
-
|
31
|
-
SIGNATURE_BLOB_DEFINITION = [
|
32
|
-
[DataType::String, 'session identifier'],
|
33
|
-
[DataType::Byte, 'message number'],
|
34
|
-
[DataType::String, 'user name'],
|
35
|
-
[DataType::String, 'service name'],
|
36
|
-
[DataType::String, 'method name'],
|
37
|
-
[DataType::Boolean, 'with signature'],
|
38
|
-
[DataType::String, 'public key algorithm name'],
|
39
|
-
[DataType::String, 'public key blob'],
|
40
|
-
]
|
41
|
-
|
42
|
-
include Codable
|
43
|
-
|
44
17
|
def initialize
|
45
18
|
@logger = HrrRbSsh::Logger.new(self.class.name)
|
46
19
|
end
|
@@ -61,15 +34,15 @@ module HrrRbSsh
|
|
61
34
|
'q' => public_key.q.to_i,
|
62
35
|
'y' => public_key.pub_key.to_i,
|
63
36
|
}
|
64
|
-
public_key_blob == encode(
|
37
|
+
public_key_blob == PublicKeyBlob.encode(public_key_message)
|
65
38
|
end
|
66
39
|
|
67
40
|
def verify_signature session_id, message
|
68
|
-
signature_message = decode
|
41
|
+
signature_message = Signature.decode message['signature']
|
69
42
|
signature_algorithm = signature_message['public key algorithm name']
|
70
43
|
signature_blob = signature_message['signature blob']
|
71
44
|
|
72
|
-
public_key = decode
|
45
|
+
public_key = PublicKeyBlob.decode message['public key blob']
|
73
46
|
algorithm = OpenSSL::PKey::DSA.new
|
74
47
|
if algorithm.respond_to?(:set_pqg)
|
75
48
|
algorithm.set_pqg public_key['p'], public_key['q'], public_key['g']
|
@@ -94,7 +67,7 @@ module HrrRbSsh
|
|
94
67
|
'public key algorithm name' => message['public key algorithm name'],
|
95
68
|
'public key blob' => message['public key blob'],
|
96
69
|
}
|
97
|
-
data_blob = encode
|
70
|
+
data_blob = SignatureBlob.encode data_message
|
98
71
|
|
99
72
|
hash = OpenSSL::Digest.digest(DIGEST, data_blob)
|
100
73
|
sign_r = signature_blob[ 0, 20]
|
@@ -114,3 +87,7 @@ module HrrRbSsh
|
|
114
87
|
end
|
115
88
|
end
|
116
89
|
end
|
90
|
+
|
91
|
+
require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/public_key_blob'
|
92
|
+
require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature_blob'
|
93
|
+
require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_dss/signature'
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/data_type'
|
5
|
+
require 'hrr_rb_ssh/codable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Authentication
|
9
|
+
class Method
|
10
|
+
class Publickey
|
11
|
+
class Algorithm
|
12
|
+
class SshRsa
|
13
|
+
module PublicKeyBlob
|
14
|
+
class << self
|
15
|
+
include Codable
|
16
|
+
end
|
17
|
+
DEFINITION = [
|
18
|
+
[DataType::String, 'public key algorithm name'],
|
19
|
+
[DataType::Mpint, 'e'],
|
20
|
+
[DataType::Mpint, 'n'],
|
21
|
+
]
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/data_type'
|
5
|
+
require 'hrr_rb_ssh/codable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Authentication
|
9
|
+
class Method
|
10
|
+
class Publickey
|
11
|
+
class Algorithm
|
12
|
+
class SshRsa
|
13
|
+
module Signature
|
14
|
+
class << self
|
15
|
+
include Codable
|
16
|
+
end
|
17
|
+
DEFINITION = [
|
18
|
+
[DataType::String, 'public key algorithm name'],
|
19
|
+
[DataType::String, 'signature blob'],
|
20
|
+
]
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/data_type'
|
5
|
+
require 'hrr_rb_ssh/codable'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Authentication
|
9
|
+
class Method
|
10
|
+
class Publickey
|
11
|
+
class Algorithm
|
12
|
+
class SshRsa
|
13
|
+
module SignatureBlob
|
14
|
+
class << self
|
15
|
+
include Codable
|
16
|
+
end
|
17
|
+
DEFINITION = [
|
18
|
+
[DataType::String, 'session identifier'],
|
19
|
+
[DataType::Byte, 'message number'],
|
20
|
+
[DataType::String, 'user name'],
|
21
|
+
[DataType::String, 'service name'],
|
22
|
+
[DataType::String, 'method name'],
|
23
|
+
[DataType::Boolean, 'with signature'],
|
24
|
+
[DataType::String, 'public key algorithm name'],
|
25
|
+
[DataType::String, 'public key blob'],
|
26
|
+
]
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -3,7 +3,6 @@
|
|
3
3
|
|
4
4
|
require 'hrr_rb_ssh/logger'
|
5
5
|
require 'hrr_rb_ssh/data_type'
|
6
|
-
require 'hrr_rb_ssh/authentication/method/publickey/algorithm/codable'
|
7
6
|
|
8
7
|
module HrrRbSsh
|
9
8
|
class Authentication
|
@@ -15,30 +14,6 @@ module HrrRbSsh
|
|
15
14
|
PREFERENCE = 20
|
16
15
|
DIGEST = 'sha1'
|
17
16
|
|
18
|
-
PUBLIC_KEY_BLOB_DEFINITION = [
|
19
|
-
[DataType::String, 'public key algorithm name'],
|
20
|
-
[DataType::Mpint, 'e'],
|
21
|
-
[DataType::Mpint, 'n'],
|
22
|
-
]
|
23
|
-
|
24
|
-
SIGNATURE_DEFINITION = [
|
25
|
-
[DataType::String, 'public key algorithm name'],
|
26
|
-
[DataType::String, 'signature blob'],
|
27
|
-
]
|
28
|
-
|
29
|
-
SIGNATURE_BLOB_DEFINITION = [
|
30
|
-
[DataType::String, 'session identifier'],
|
31
|
-
[DataType::Byte, 'message number'],
|
32
|
-
[DataType::String, 'user name'],
|
33
|
-
[DataType::String, 'service name'],
|
34
|
-
[DataType::String, 'method name'],
|
35
|
-
[DataType::Boolean, 'with signature'],
|
36
|
-
[DataType::String, 'public key algorithm name'],
|
37
|
-
[DataType::String, 'public key blob'],
|
38
|
-
]
|
39
|
-
|
40
|
-
include Codable
|
41
|
-
|
42
17
|
def initialize
|
43
18
|
@logger = HrrRbSsh::Logger.new(self.class.name)
|
44
19
|
end
|
@@ -57,15 +32,15 @@ module HrrRbSsh
|
|
57
32
|
'e' => public_key.e.to_i,
|
58
33
|
'n' => public_key.n.to_i,
|
59
34
|
}
|
60
|
-
public_key_blob == encode(
|
35
|
+
public_key_blob == PublicKeyBlob.encode(public_key_message)
|
61
36
|
end
|
62
37
|
|
63
38
|
def verify_signature session_id, message
|
64
|
-
signature_message = decode
|
39
|
+
signature_message = Signature.decode message['signature']
|
65
40
|
signature_algorithm = signature_message['public key algorithm name']
|
66
41
|
signature_blob = signature_message['signature blob']
|
67
42
|
|
68
|
-
public_key = decode
|
43
|
+
public_key = PublicKeyBlob.decode message['public key blob']
|
69
44
|
algorithm = OpenSSL::PKey::RSA.new
|
70
45
|
if algorithm.respond_to?(:set_key)
|
71
46
|
algorithm.set_key public_key['n'], public_key['e'], nil
|
@@ -84,7 +59,7 @@ module HrrRbSsh
|
|
84
59
|
'public key algorithm name' => message['public key algorithm name'],
|
85
60
|
'public key blob' => message['public key blob'],
|
86
61
|
}
|
87
|
-
data_blob = encode
|
62
|
+
data_blob = SignatureBlob.encode data_message
|
88
63
|
|
89
64
|
(signature_algorithm == message['public key algorithm name']) && algorithm.verify(DIGEST, signature_blob, data_blob)
|
90
65
|
end
|
@@ -94,3 +69,7 @@ module HrrRbSsh
|
|
94
69
|
end
|
95
70
|
end
|
96
71
|
end
|
72
|
+
|
73
|
+
require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/public_key_blob'
|
74
|
+
require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature_blob'
|
75
|
+
require 'hrr_rb_ssh/authentication/method/publickey/algorithm/ssh_rsa/signature'
|
@@ -0,0 +1,64 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
|
6
|
+
module HrrRbSsh
|
7
|
+
module Codable
|
8
|
+
def logger
|
9
|
+
@logger ||= HrrRbSsh::Logger.new self.name
|
10
|
+
end
|
11
|
+
|
12
|
+
def common_definition
|
13
|
+
self::DEFINITION
|
14
|
+
end
|
15
|
+
|
16
|
+
def conditional_definition message
|
17
|
+
message.inject([]){ |a, (k,v)|
|
18
|
+
field_name = k
|
19
|
+
field_value = if v.instance_of? ::Proc then v.call else v end
|
20
|
+
a + ((self::CONDITIONAL_DEFINITION rescue {}).fetch(field_name, {})[field_value] || [])
|
21
|
+
}
|
22
|
+
end
|
23
|
+
|
24
|
+
def encode message, complementary_message={}
|
25
|
+
logger.debug('encoding message: ' + message.inspect)
|
26
|
+
definition = common_definition + conditional_definition(message.merge complementary_message)
|
27
|
+
definition.map{ |data_type, field_name|
|
28
|
+
field_value = if message[field_name].instance_of? ::Proc then message[field_name].call else message[field_name] end
|
29
|
+
data_type.encode( field_value )
|
30
|
+
}.join
|
31
|
+
end
|
32
|
+
|
33
|
+
def decode payload, complementary_message={}
|
34
|
+
def decode_recursively payload_io, message=nil
|
35
|
+
if message.class == Array and message.size == 0
|
36
|
+
[]
|
37
|
+
else
|
38
|
+
definition = case message
|
39
|
+
when nil
|
40
|
+
common_definition
|
41
|
+
when Array
|
42
|
+
conditional_definition(message)
|
43
|
+
end
|
44
|
+
decoded_message = definition.map{ |data_type, field_name|
|
45
|
+
[
|
46
|
+
field_name,
|
47
|
+
data_type.decode( payload_io )
|
48
|
+
]
|
49
|
+
}
|
50
|
+
|
51
|
+
decoded_message + decode_recursively(payload_io, decoded_message)
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
payload_io = StringIO.new payload
|
56
|
+
decoded_message = decode_recursively(payload_io).to_h
|
57
|
+
if complementary_message.any?
|
58
|
+
decoded_message.merge! decode_recursively(payload_io, complementary_message.to_a).to_h
|
59
|
+
end
|
60
|
+
logger.debug('decoded message: ' + decoded_message.inspect)
|
61
|
+
decoded_message
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
data/lib/hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change/context.rb
ADDED
@@ -0,0 +1,50 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
|
6
|
+
module HrrRbSsh
|
7
|
+
class Connection
|
8
|
+
class Channel
|
9
|
+
class ChannelType
|
10
|
+
class Session
|
11
|
+
class RequestType
|
12
|
+
class WindowChange
|
13
|
+
class Context
|
14
|
+
attr_reader \
|
15
|
+
:logger,
|
16
|
+
:username,
|
17
|
+
:io,
|
18
|
+
:variables,
|
19
|
+
:vars,
|
20
|
+
:terminal_width_columns,
|
21
|
+
:terminal_height_rows,
|
22
|
+
:terminal_width_pixels,
|
23
|
+
:terminal_height_pixels
|
24
|
+
|
25
|
+
def initialize proc_chain, username, io, variables, message
|
26
|
+
@logger = HrrRbSsh::Logger.new self.class.name
|
27
|
+
|
28
|
+
@proc_chain = proc_chain
|
29
|
+
@username = username
|
30
|
+
@io = io
|
31
|
+
@variables = variables
|
32
|
+
@vars = variables
|
33
|
+
|
34
|
+
@terminal_width_columns = message['terminal width, columns']
|
35
|
+
@terminal_height_rows = message['terminal height, rows']
|
36
|
+
@terminal_width_pixels = message['terminal width, pixels']
|
37
|
+
@terminal_height_pixels = message['terminal height, pixels']
|
38
|
+
end
|
39
|
+
|
40
|
+
def chain_proc &block
|
41
|
+
@proc = block || @proc
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
require 'hrr_rb_ssh/connection/request_handler'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Connection
|
9
|
+
class Channel
|
10
|
+
class ChannelType
|
11
|
+
class Session
|
12
|
+
class RequestType
|
13
|
+
class WindowChange < RequestType
|
14
|
+
NAME = 'window-change'
|
15
|
+
|
16
|
+
def self.run proc_chain, username, io, variables, message, options
|
17
|
+
logger = HrrRbSsh::Logger.new self.class.name
|
18
|
+
|
19
|
+
context = Context.new proc_chain, username, io, variables, message
|
20
|
+
handler = options.fetch('connection_channel_request_window_change', RequestHandler.new {})
|
21
|
+
handler.run context
|
22
|
+
|
23
|
+
proc_chain.connect context.chain_proc
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
require 'hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change/context'
|
@@ -36,3 +36,4 @@ require 'hrr_rb_ssh/connection/channel/channel_type/session/request_type/env'
|
|
36
36
|
require 'hrr_rb_ssh/connection/channel/channel_type/session/request_type/shell'
|
37
37
|
require 'hrr_rb_ssh/connection/channel/channel_type/session/request_type/exec'
|
38
38
|
require 'hrr_rb_ssh/connection/channel/channel_type/session/request_type/subsystem'
|
39
|
+
require 'hrr_rb_ssh/connection/channel/channel_type/session/request_type/window_change'
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
require 'hrr_rb_ssh/connection/request_handler'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Connection
|
9
|
+
class RequestHandler
|
10
|
+
class ReferenceEnvRequestHandler < RequestHandler
|
11
|
+
def initialize
|
12
|
+
@logger = HrrRbSsh::Logger.new self.class.name
|
13
|
+
@proc = Proc.new { |context|
|
14
|
+
context.vars[:env] ||= Hash.new
|
15
|
+
context.vars[:env][context.variable_name] = context.variable_value
|
16
|
+
}
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
# vim: et ts=2 sw=2
|
3
|
+
|
4
|
+
require 'hrr_rb_ssh/logger'
|
5
|
+
require 'hrr_rb_ssh/connection/request_handler'
|
6
|
+
|
7
|
+
module HrrRbSsh
|
8
|
+
class Connection
|
9
|
+
class RequestHandler
|
10
|
+
class ReferenceExecRequestHandler < RequestHandler
|
11
|
+
def initialize
|
12
|
+
@logger = HrrRbSsh::Logger.new self.class.name
|
13
|
+
@proc = Proc.new { |context|
|
14
|
+
context.chain_proc { |chain|
|
15
|
+
pid = fork do
|
16
|
+
Process.setsid
|
17
|
+
context.vars[:env] ||= Hash.new
|
18
|
+
exec context.vars[:env], context.command, in: context.io, out: context.io, err: context.io
|
19
|
+
end
|
20
|
+
pid, status = Process.waitpid2 pid
|
21
|
+
status.exitstatus
|
22
|
+
}
|
23
|
+
}
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|